1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved Many Functions Going Haywire.

Discussion in 'Malware and Virus Removal Archive' started by dispatch trophy, 2012/07/24.

Page 2 of 3
  1. 2012/07/24
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    START COMBOFIX THIRD SECTION


    - 2012-01-14 21:00 . 2006-08-16 10:59 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstPL.dll
    + 2012-07-06 13:14 . 2006-08-16 10:59 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstPL.dll
    + 2012-07-06 13:14 . 2006-08-11 14:15 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstNL.dll
    - 2012-01-14 21:00 . 2006-08-11 14:15 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstNL.dll
    + 2012-07-06 13:14 . 2006-08-21 16:24 49152 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstKR.dll
    - 2012-01-14 21:00 . 2006-08-21 16:24 49152 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstKR.dll
    + 2012-07-06 13:14 . 2006-08-24 09:01 40960 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstJP.dll
    - 2012-01-14 21:00 . 2006-08-24 09:01 40960 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstJP.dll
    - 2012-01-14 21:00 . 2006-08-22 14:24 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstIT.dll
    + 2012-07-06 13:14 . 2006-08-22 14:24 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstIT.dll
    + 2012-07-06 13:14 . 2006-08-14 14:36 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstHU.dll
    - 2012-01-14 21:00 . 2006-08-14 14:36 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstHU.dll
    - 2012-01-14 21:00 . 2006-08-22 14:09 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstFR.dll
    + 2012-07-06 13:14 . 2006-08-22 14:09 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstFR.dll
    - 2012-01-14 21:00 . 2006-08-14 13:30 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstES.dll
    + 2012-07-06 13:14 . 2006-08-14 13:30 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstES.dll
    + 2012-07-06 13:14 . 2006-08-22 14:21 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstDE.dll
    - 2012-01-14 21:00 . 2006-08-22 14:21 57344 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstDE.dll
    - 2012-01-14 21:00 . 2006-08-14 14:07 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstCZ.dll
    + 2012-07-06 13:14 . 2006-08-14 14:07 53248 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstCZ.dll
    + 2012-07-06 13:14 . 2006-08-21 14:51 49152 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstCN.dll
    - 2012-01-14 21:00 . 2006-08-21 14:51 49152 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\RES\DLL\IJInstCN.dll
    + 2004-01-29 14:08 . 2004-01-29 14:08 32768 c:\windows\system32\ATHPRXY.DLL
    - 2001-01-22 11:25 . 2001-01-22 11:25 32768 c:\windows\system32\ATHPRXY.DLL
    + 2001-12-14 20:44 . 2002-02-18 18:23 46352 c:\windows\setdebug.exe
    - 2001-12-14 20:44 . 2001-01-13 02:04 46352 c:\windows\setdebug.exe
    + 2008-07-30 07:40 . 2008-07-30 07:40 70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    + 2008-07-30 07:40 . 2008-07-30 07:40 91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
    + 2008-07-30 07:40 . 2008-07-30 07:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll
    + 2008-07-30 07:40 . 2008-07-30 07:40 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe
    + 2008-07-30 07:40 . 2008-07-30 07:40 95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe
    + 2008-07-30 07:40 . 2008-07-30 07:40 78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe
    + 2008-07-30 07:40 . 2008-07-30 07:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe
    + 2008-07-30 07:40 . 2008-07-30 07:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe
    + 2008-07-30 07:40 . 2008-07-30 07:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe
    + 2008-07-30 05:10 . 2008-07-30 05:10 46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    + 2008-07-30 03:59 . 2008-07-30 03:59 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
    + 2008-07-30 05:10 . 2008-07-30 05:10 71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
    + 2008-07-30 03:32 . 2008-07-30 03:32 17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe
    + 2010-04-08 07:48 . 2010-04-08 07:48 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
    + 2008-07-30 03:16 . 2008-07-30 03:16 73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
    + 2008-07-30 03:16 . 2008-07-30 03:16 20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
    + 2008-07-30 03:16 . 2008-07-30 03:16 11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
    + 2008-07-25 19:17 . 2008-07-25 19:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
    + 2009-11-07 09:07 . 2009-11-07 09:07 13648 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
    + 2008-07-25 19:17 . 2008-07-25 19:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
    + 2008-07-25 19:17 . 2008-07-25 19:17 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
    + 2008-07-25 19:17 . 2008-07-25 19:17 88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    + 2008-07-25 19:16 . 2008-07-25 19:16 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
    + 2008-07-25 19:16 . 2008-07-25 19:16 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
    + 2008-07-25 19:17 . 2008-07-25 19:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
    + 2008-07-25 19:17 . 2008-07-25 19:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
    + 2008-07-25 19:17 . 2008-07-25 19:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
    + 2008-07-25 19:17 . 2008-07-25 19:17 89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
    + 2011-12-25 11:49 . 2011-12-25 11:49 31504 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
    + 2008-07-25 19:16 . 2008-07-25 19:16 34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
    + 2008-07-25 19:16 . 2008-07-25 19:16 33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
    + 2008-07-25 19:16 . 2008-07-25 19:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
    + 2008-07-25 19:16 . 2008-07-25 19:16 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
    + 2008-07-25 19:17 . 2008-07-25 19:17 58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
    + 2008-07-25 19:16 . 2008-07-25 19:16 98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
    + 2009-11-07 09:07 . 2009-11-07 09:07 13648 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
    + 2009-11-07 09:07 . 2009-11-07 09:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
    + 2009-11-07 09:07 . 2009-11-07 09:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
    + 2009-11-07 09:07 . 2009-11-07 09:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
    + 2009-11-07 09:07 . 2009-11-07 09:07 13664 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
    + 2009-11-07 09:07 . 2009-11-07 09:07 13688 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
    + 2009-11-07 09:07 . 2009-11-07 09:07 13664 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
    + 2009-11-07 09:07 . 2009-11-07 09:07 13696 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
    + 2009-11-07 09:07 . 2009-11-07 09:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
    + 2009-11-07 09:07 . 2009-11-07 09:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
    + 2009-11-07 09:07 . 2009-11-07 09:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
    + 2009-11-07 09:07 . 2009-11-07 09:07 13672 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
    + 2009-11-07 09:07 . 2009-11-07 09:07 13664 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
    + 2009-11-07 09:07 . 2009-11-07 09:07 86864 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
    + 2012-02-21 03:17 . 2012-02-21 03:17 79360 c:\windows\Installer\79703.msi
    + 2012-07-11 07:44 . 2012-07-11 07:44 22016 c:\windows\Installer\3542aae.msi
    + 2008-07-30 05:07 . 2008-07-30 05:07 23040 c:\windows\Installer\173de4.msp
    + 2012-02-21 03:31 . 2012-02-21 03:31 88576 c:\windows\Installer\10aac2.msi
    + 2012-04-03 02:03 . 2012-04-03 02:03 15086 c:\windows\Installer\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}\_CED7514058048D3B52F543.exe
    + 2012-04-03 02:03 . 2012-04-03 02:03 15086 c:\windows\Installer\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}\_6FEFF9B68218417F98F549.exe
    + 2012-04-03 02:03 . 2012-04-03 02:03 15086 c:\windows\Installer\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}\_5116F7A0A0E7EA8E6764D5.exe
    + 2011-12-03 23:01 . 2012-07-06 13:18 65536 c:\windows\Installer\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
    - 2011-12-03 23:01 . 2012-01-18 01:09 65536 c:\windows\Installer\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
    - 2011-12-03 23:01 . 2012-01-18 01:09 61440 c:\windows\Installer\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}\NewShortcut15_27BC537B086D42E19CB39D115FA043BF.exe
    + 2011-12-03 23:01 . 2012-07-06 13:18 61440 c:\windows\Installer\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}\NewShortcut15_27BC537B086D42E19CB39D115FA043BF.exe
    - 2011-12-03 23:01 . 2012-01-18 01:09 49152 c:\windows\Installer\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}\NewShortcut14_27BC537B086D42E19CB39D115FA043BF.exe
    + 2011-12-03 23:01 . 2012-07-06 13:18 49152 c:\windows\Installer\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}\NewShortcut14_27BC537B086D42E19CB39D115FA043BF.exe
    - 2011-12-01 00:38 . 2011-12-13 02:04 45056 c:\windows\Installer\{901B0409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
    + 2012-02-19 04:19 . 2012-07-04 05:23 45056 c:\windows\Installer\{901B0409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
    + 2012-02-19 04:19 . 2012-07-04 05:23 22528 c:\windows\Installer\{901B0409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
    - 2011-12-01 00:38 . 2011-12-13 02:04 22528 c:\windows\Installer\{901B0409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
    + 2012-02-19 04:19 . 2012-07-04 05:23 16384 c:\windows\Installer\{901B0409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
    - 2011-12-01 00:38 . 2011-12-13 02:04 16384 c:\windows\Installer\{901B0409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
    + 2011-12-01 00:38 . 2012-07-04 05:23 34304 c:\windows\Installer\{901B0409-6000-11D3-8CFE-0050048383C9}\misc.exe
    - 2011-12-01 00:38 . 2011-12-13 02:04 34304 c:\windows\Installer\{901B0409-6000-11D3-8CFE-0050048383C9}\misc.exe
    + 2012-06-29 10:02 . 2012-06-29 10:02 34632 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
    + 2011-06-06 19:55 . 2011-06-06 19:55 17304 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\ViewerPS.dll
    + 2011-06-06 19:55 . 2011-06-06 19:55 35736 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\reader_sl.exe
    + 2011-06-06 19:55 . 2011-06-06 19:55 88992 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\PDFPrevHndlr.dll
    + 2011-06-06 19:55 . 2011-06-06 19:55 94608 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\eula.exe
    + 2011-06-06 19:55 . 2011-06-06 19:55 49064 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\acrotextextractor.exe
    + 2011-06-06 19:55 . 2011-06-06 19:55 17824 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\AcroRd32Info.exe
    + 2011-06-06 19:55 . 2011-06-06 19:55 63912 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\acroiehelpershim.dll
    + 2011-06-06 19:55 . 2011-06-06 19:55 64928 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\AcroIEHelper.dll
    + 2011-06-06 19:55 . 2011-06-06 19:55 63384 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\Acrofx32.dll
    + 2009-02-26 18:43 . 2009-02-26 18:43 71520 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6612\XL12CNVP.DLL
    + 2009-02-26 17:45 . 2009-02-26 17:45 20808 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6612\WRD12EXE.EXE
    + 2009-02-26 13:06 . 2009-02-26 13:06 16712 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6612\PXBPROXY.DLL
    + 2009-02-26 13:06 . 2009-02-26 13:06 68488 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6612\PXBCOM.EXE
    + 2012-02-21 03:32 . 2008-07-06 12:06 89088 c:\windows\Driver Cache\i386\filterpipelineprintproc.dll
    + 2012-02-21 11:26 . 2012-02-21 11:26 77824 c:\windows\assembly\tmp\Y6CJPV28\IEHost.dll
    + 2012-02-21 11:48 . 2012-02-21 11:48 69120 c:\windows\assembly\tmp\T17EKRX3\CustomMarshalers.dll
    + 2012-02-21 12:09 . 2012-02-21 12:09 10752 c:\windows\assembly\tmp\QZ5CIOV1\Accessibility.dll
    + 2012-02-21 11:15 . 2012-02-21 11:15 12800 c:\windows\assembly\tmp\FNU18ELR\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
    + 2012-02-21 11:26 . 2012-02-21 11:26 32768 c:\windows\assembly\tmp\08FMSY4B\Microsoft.Vsa.dll
    + 2012-06-13 10:10 . 2012-06-13 10:10 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_cff27fc4\System.Drawing.Design.dll
    + 2012-04-12 10:16 . 2012-04-12 10:16 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_628c06c0\System.Drawing.Design.dll
    + 2012-05-09 10:22 . 2012-05-09 10:22 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\f121ccced1aa14badb316d8d9be5154d\UIAutomationProvider.ni.dll
    + 2012-05-09 10:29 . 2012-05-09 10:29 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\316e223f2ab8c69cd6a5a06de21650ec\System.Windows.Presentation.ni.dll
    + 2012-06-13 10:28 . 2012-06-13 10:28 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\3b34fc2c8c94ffe21f75168980b69dfe\System.Web.DynamicData.Design.ni.dll
    + 2012-05-09 10:26 . 2012-05-09 10:26 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\34c988dea48c291b4e648941207e83fb\System.ComponentModel.DataAnnotations.ni.dll
    + 2012-05-09 10:26 . 2012-05-09 10:26 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\7bb7e51275fa19f8b4894c772bdb1e10\System.AddIn.Contract.ni.dll
    + 2012-05-09 10:16 . 2012-05-09 10:16 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\f0c4a4528f130ef2ff1ae63dd7b39075\PresentationFontCache.ni.exe
    + 2012-05-09 10:13 . 2012-05-09 10:13 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\53931181e5a5e194da82605613cda6af\PresentationCFFRasterizer.ni.dll
    + 2012-05-09 10:28 . 2012-05-09 10:28 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\f2be3ad4cda6853d7959a84cec0414c5\Microsoft.Vsa.ni.dll
    + 2012-05-09 10:25 . 2012-05-09 10:25 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\8fab9cd28bbc860a34feec119512664d\Microsoft.Build.Framework.ni.dll
    + 2012-05-09 10:25 . 2012-05-09 10:25 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\0eac132c7c36f1c100ae23c956b379e7\Microsoft.Build.Framework.ni.dll
    + 2012-05-09 10:25 . 2012-05-09 10:25 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\d66bc03eb7eae89b4dde2d09eda1414f\dfsvc.ni.exe
    + 2012-05-09 10:25 . 2012-05-09 10:25 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
    + 2012-02-21 03:35 . 2012-02-21 03:35 94208 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
    + 2012-02-21 03:34 . 2012-02-21 03:34 98304 c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
    + 2012-02-21 03:34 . 2012-02-21 03:34 40960 c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 12288 c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
    + 2012-02-21 03:38 . 2012-02-21 03:38 61440 c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 32768 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 77824 c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
    + 2012-02-21 11:18 . 2012-02-21 11:18 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
    + 2012-02-21 03:34 . 2012-02-21 03:34 73728 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
    + 2012-06-13 10:19 . 2012-06-13 10:19 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 53248 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 57344 c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 45056 c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
    + 2012-02-21 03:35 . 2012-02-21 03:35 46104 c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
    + 2012-02-21 03:34 . 2012-02-21 03:34 32768 c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 41984 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 94208 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
    + 2012-02-24 03:50 . 2012-02-24 03:50 11264 c:\windows\assembly\GAC_MSIL\cli_basetypes\1.0.13.0__ce2cb7e279207b9e\cli_basetypes.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
    + 2012-02-24 03:51 . 2012-02-24 03:51 64000 c:\windows\assembly\GAC_32\cli_cppuhelper\1.0.16.0__ce2cb7e279207b9e\cli_cppuhelper.dll
    + 2012-02-17 07:08 . 2006-09-29 03:01 58368 c:\windows\$NtUninstallWudf01000$\spuninst\WudfCustom.dll
    + 2012-02-17 07:13 . 2008-04-14 00:12 73728 c:\windows\$NtUninstallwmp11$\wmplayer.exe
    + 2012-02-17 07:13 . 2008-04-14 00:12 98304 c:\windows\$NtUninstallwmp11$\wmpband.dll
    + 2012-02-17 07:10 . 2008-04-14 00:12 23552 c:\windows\$NtUninstallWMFDist11$\wmdmps.dll
    + 2012-02-17 07:10 . 2008-04-14 00:12 27136 c:\windows\$NtUninstallWMFDist11$\wmdmlog.dll
    + 2012-02-17 07:10 . 2009-02-03 04:01 13312 c:\windows\$NtUninstallWMFDist11$\spuninst\wpdinstallutil.dll
    + 2012-02-17 07:10 . 2008-04-14 00:12 52224 c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
    + 2012-06-13 10:15 . 2012-02-28 18:50 37888 c:\windows\$NtUninstallKB2699988$\url.dll
    + 2012-06-13 10:15 . 2012-02-28 18:50 81920 c:\windows\$NtUninstallKB2699988$\ieencode.dll
    + 2012-04-12 10:06 . 2011-12-19 08:53 37888 c:\windows\$NtUninstallKB2675157$\url.dll
    + 2012-04-12 10:06 . 2011-12-19 08:53 81920 c:\windows\$NtUninstallKB2675157$\ieencode.dll
    + 2012-02-15 11:02 . 2011-11-01 20:35 37888 c:\windows\$NtUninstallKB2647516$\url.dll

    END COMBOFIX THIRD SECTION
     
    Last edited: 2012/07/24
    dispatch trophy,
    #21
  2. 2012/07/24
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    START COMBOFIX FOURTH SECTION

    + 2012-02-15 11:02 . 2011-11-01 20:35 81920 c:\windows\$NtUninstallKB2647516$\ieencode.dll
    + 2012-04-21 23:20 . 2007-11-30 12:39 26488 c:\windows\$hf_mig$\KB961503\update\spcustom.dll
    + 2012-04-21 23:20 . 2007-11-30 12:39 17272 c:\windows\$hf_mig$\KB961503\spmsg.dll
    + 2012-06-05 10:01 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2718704\update\spcustom.dll
    + 2012-06-05 10:01 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2718704\spmsg.dll
    + 2012-06-13 10:01 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2709162\update\spcustom.dll
    + 2012-06-13 10:01 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2709162\spmsg.dll
    + 2012-06-13 10:22 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2707511\update\spcustom.dll
    + 2012-06-13 07:32 . 2012-05-05 03:16 16896 c:\windows\$hf_mig$\KB2707511\update\mpsyschk.dll
    + 2012-06-13 10:22 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2707511\spmsg.dll
    + 2012-06-13 10:15 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2699988\update\spcustom.dll
    + 2012-06-13 10:15 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2699988\spmsg.dll
    + 2012-04-20 19:28 . 2012-04-20 19:28 37888 c:\windows\$hf_mig$\KB2699988\SP3QFE\url.dll
    + 2012-04-20 19:28 . 2012-04-20 19:28 81920 c:\windows\$hf_mig$\KB2699988\SP3QFE\ieencode.dll
    + 2012-05-09 10:03 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2695962\update\spcustom.dll
    + 2012-05-09 10:03 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2695962\spmsg.dll
    + 2012-05-09 10:03 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2686509\update\spcustom.dll
    + 2012-05-09 10:03 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2686509\spmsg.dll
    + 2012-06-13 10:09 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2685939\update\spcustom.dll
    + 2012-06-13 10:09 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2685939\spmsg.dll
    + 2012-05-09 10:01 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2676562\update\spcustom.dll
    + 2012-05-09 05:12 . 2012-04-11 13:53 16896 c:\windows\$hf_mig$\KB2676562\update\mpsyschk.dll
    + 2012-05-09 10:01 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2676562\spmsg.dll
    + 2012-04-12 10:06 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2675157\update\spcustom.dll
    + 2012-04-12 10:06 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2675157\spmsg.dll
    + 2012-02-28 18:48 . 2012-02-28 18:48 37888 c:\windows\$hf_mig$\KB2675157\SP3QFE\url.dll
    + 2012-02-28 18:48 . 2012-02-28 18:48 81920 c:\windows\$hf_mig$\KB2675157\SP3QFE\ieencode.dll
    + 2012-02-15 11:02 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2661637\update\spcustom.dll
    + 2012-02-15 11:02 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2661637\spmsg.dll
    + 2012-02-15 11:02 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2660465\update\spcustom.dll
    + 2012-02-15 11:02 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2660465\spmsg.dll
    + 2012-04-12 10:01 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2653956\update\spcustom.dll
    + 2012-04-12 10:01 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2653956\spmsg.dll
    + 2012-03-14 10:01 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2647518\update\spcustom.dll
    + 2012-03-14 10:01 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2647518\spmsg.dll
    + 2012-02-15 11:02 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2647516\update\spcustom.dll
    + 2012-02-15 11:02 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2647516\spmsg.dll
    + 2012-02-15 09:32 . 2011-12-19 08:52 37888 c:\windows\$hf_mig$\KB2647516\SP3QFE\url.dll
    + 2012-02-15 09:32 . 2011-12-19 08:52 81920 c:\windows\$hf_mig$\KB2647516\SP3QFE\ieencode.dll
    + 2012-03-14 10:06 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2641653\update\spcustom.dll
    + 2012-03-14 10:06 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2641653\spmsg.dll
    + 2012-03-14 10:01 . 2010-07-05 13:15 26488 c:\windows\$hf_mig$\KB2621440\update\spcustom.dll
    + 2012-03-14 10:01 . 2010-07-05 13:15 17272 c:\windows\$hf_mig$\KB2621440\spmsg.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
    - 2012-01-14 21:00 . 2006-04-17 11:32 5377 c:\windows\twain_32\CNQ4802\CNQS4802.DAT
    + 2012-07-06 13:13 . 2006-04-17 11:32 5377 c:\windows\twain_32\CNQ4802\CNQS4802.DAT
    + 2011-12-10 10:33 . 2009-01-31 04:35 4096 c:\windows\system32\wmvdmoe2.dll
    + 2001-12-14 19:26 . 2009-01-31 04:35 4096 c:\windows\system32\wmvdmod.dll
    + 2009-01-31 04:34 . 2009-01-31 04:34 4096 c:\windows\system32\WMVADVE.DLL
    + 2009-01-31 04:34 . 2009-01-31 04:34 4096 c:\windows\system32\WMVADVD.dll
    + 2011-12-10 10:33 . 2009-01-31 04:34 4096 c:\windows\system32\wmsdmoe2.dll
    + 2001-12-14 19:26 . 2009-01-31 04:34 4096 c:\windows\system32\wmsdmod.dll
    + 2009-02-03 04:01 . 2009-02-03 04:01 8704 c:\windows\system32\wdfmgr.exe
    + 2009-01-31 04:34 . 2009-01-31 04:34 4096 c:\windows\system32\wdfapi.dll
    + 2009-02-03 04:01 . 2009-02-03 04:01 8704 c:\windows\system32\uwdf.exe
    + 2001-12-14 19:25 . 2009-01-31 04:33 4096 c:\windows\system32\MPG4DMOD.dll
    + 2011-12-10 10:33 . 2009-01-31 04:33 4096 c:\windows\system32\MP4SDMOD.dll
    + 2011-12-10 10:33 . 2009-01-31 04:33 4096 c:\windows\system32\MP43DMOD.dll
    + 2012-02-15 09:31 . 2012-01-11 19:06 3072 c:\windows\system32\iacenc.dll
    + 2012-02-16 02:38 . 2008-04-13 18:39 5504 c:\windows\system32\drivers\MSTEE.sys
    + 2012-02-27 14:35 . 2011-08-10 00:33 3840 c:\windows\system32\drivers\BANTExt.sys
    + 2011-12-10 13:16 . 2009-01-31 04:35 4096 c:\windows\system32\dllcache\wmvdmoe2.dll
    + 2011-12-10 13:16 . 2009-01-31 04:35 4096 c:\windows\system32\dllcache\wmvdmod.dll
    + 2011-12-10 13:16 . 2009-01-31 04:34 4096 c:\windows\system32\dllcache\wmsdmoe2.dll
    + 2011-12-10 13:16 . 2009-01-31 04:34 4096 c:\windows\system32\dllcache\wmsdmod.dll
    + 2012-02-16 02:38 . 2008-04-13 18:39 5504 c:\windows\system32\dllcache\mstee.sys
    + 2011-12-10 13:13 . 2009-01-31 04:33 4096 c:\windows\system32\dllcache\MPG4DMOD.dll
    + 2011-12-10 13:13 . 2009-01-31 04:33 4096 c:\windows\system32\dllcache\MP4SDMOD.dll
    + 2011-12-10 13:13 . 2009-01-31 04:33 4096 c:\windows\system32\dllcache\MP43DMOD.dll
    + 2012-02-15 09:31 . 2012-01-11 19:06 3072 c:\windows\system32\dllcache\iacenc.dll
    + 2011-12-10 13:11 . 2009-01-31 04:33 7168 c:\windows\system32\dllcache\asferror.dll
    - 2011-12-16 05:45 . 2012-02-05 03:07 1744 c:\windows\system32\d3d9caps.dat
    + 2011-12-16 05:45 . 2012-07-24 20:24 1744 c:\windows\system32\d3d9caps.dat
    - 2001-12-15 01:17 . 2012-01-22 07:16 1632 c:\windows\system32\d3d8caps.dat
    + 2001-12-15 01:17 . 2012-07-18 21:57 1632 c:\windows\system32\d3d8caps.dat
    + 2001-12-14 19:25 . 2009-01-31 04:33 7168 c:\windows\system32\asferror.dll
    + 2008-07-30 07:40 . 2008-07-30 07:40 5632 c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
    + 2008-07-25 19:16 . 2008-07-25 19:16 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
    + 2012-02-13 21:29 . 2012-02-13 21:29 3638 c:\windows\Installer\{DFC6573E-124D-4026-BFA4-B433C9D3FF21}\_2cd672ae.exe
    - 2011-12-03 23:01 . 2012-01-18 01:09 7406 c:\windows\Installer\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}\ARPPRODUCTICON.exe
    + 2011-12-03 23:01 . 2012-07-06 13:18 7406 c:\windows\Installer\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}\ARPPRODUCTICON.exe
    + 2012-02-19 04:19 . 2012-07-04 05:23 3584 c:\windows\Installer\{901B0409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
    - 2011-12-01 00:38 . 2011-12-13 02:04 3584 c:\windows\Installer\{901B0409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
    - 2011-12-01 00:38 . 2011-12-13 02:04 8192 c:\windows\Installer\{901B0409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
    + 2012-02-19 04:19 . 2012-07-04 05:23 8192 c:\windows\Installer\{901B0409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
    - 2011-12-01 00:38 . 2011-12-13 02:04 2560 c:\windows\Installer\{901B0409-6000-11D3-8CFE-0050048383C9}\cagicon.exe
    + 2012-02-19 04:19 . 2012-07-04 05:23 2560 c:\windows\Installer\{901B0409-6000-11D3-8CFE-0050048383C9}\cagicon.exe
    + 2012-07-07 02:53 . 2012-07-07 02:53 3774 c:\windows\Installer\{48FCCE4F-9D37-41BA-92C1-17BF5CFAA347}\Installer.exe
    + 2012-02-21 11:49 . 2012-02-21 11:49 6656 c:\windows\assembly\tmp\Z7EKRX3A\IIEHost.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 5632 c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
    + 2012-02-24 03:51 . 2012-02-24 03:51 3072 c:\windows\assembly\GAC_MSIL\policy.1.0.cli_uretypes\2.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_uretypes.dll
    + 2012-02-24 03:51 . 2012-02-24 03:51 3072 c:\windows\assembly\GAC_MSIL\policy.1.0.cli_ure\16.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_ure.dll
    + 2012-02-24 03:51 . 2012-02-24 03:51 3072 c:\windows\assembly\GAC_MSIL\policy.1.0.cli_oootypes\2.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_oootypes.dll
    + 2012-02-24 03:51 . 2012-02-24 03:51 3072 c:\windows\assembly\GAC_MSIL\policy.1.0.cli_basetypes\13.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_basetypes.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
    + 2012-02-24 03:51 . 2012-02-24 03:51 7680 c:\windows\assembly\GAC_MSIL\cli_ure\1.0.16.0__ce2cb7e279207b9e\cli_ure.dll
    + 2012-02-24 03:51 . 2012-02-24 03:51 3072 c:\windows\assembly\GAC_32\policy.1.0.cli_cppuhelper\16.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_cppuhelper.dll
    + 2012-02-17 07:13 . 2008-04-13 17:23 8192 c:\windows\$NtUninstallwmp11$\asferror.dll
    + 2012-02-17 07:10 . 2008-04-14 00:11 6656 c:\windows\$NtUninstallWMFDist11$\laprxy.dll
    + 2012-05-09 05:05 . 2012-04-19 11:26 8192 c:\windows\$hf_mig$\KB2686509\update\kblChecker.dll
    + 2012-02-15 09:31 . 2012-01-11 19:05 3072 c:\windows\$hf_mig$\KB2661637\SP3QFE\iacenc.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
    + 2011-04-19 05:51 . 2011-04-19 05:51 653136 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
    + 2011-04-19 05:51 . 2011-04-19 05:51 569680 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll
    + 2011-04-19 05:51 . 2011-04-19 05:51 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcm90.dll
    + 2007-11-07 09:19 . 2007-11-07 09:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
    + 2007-11-07 09:19 . 2007-11-07 09:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
    + 2007-11-07 04:23 . 2007-11-07 04:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
    + 2011-04-19 05:51 . 2011-04-19 05:51 159048 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_92453bb7\atl90.dll
    + 2006-12-02 05:54 . 2006-12-02 05:54 626688 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
    + 2006-12-02 05:54 . 2006-12-02 05:54 548864 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
    + 2006-12-02 05:54 . 2006-12-02 05:54 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
    + 2011-05-14 08:17 . 2011-05-14 08:17 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
    + 2011-05-14 08:12 . 2011-05-14 08:12 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
    + 2011-05-14 08:11 . 2011-05-14 08:11 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcm80.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
    - 2012-01-14 21:00 . 2006-01-26 17:47 253952 c:\windows\twain_32\CNQ4802\USIP.DLL
    + 2012-07-06 13:13 . 2006-01-26 17:47 253952 c:\windows\twain_32\CNQ4802\USIP.DLL
    + 2012-07-06 13:13 . 2006-09-11 16:32 462848 c:\windows\twain_32\CNQ4802\TPM.DLL
    - 2012-01-14 21:00 . 2006-09-11 16:32 462848 c:\windows\twain_32\CNQ4802\TPM.DLL
    - 2012-01-14 21:00 . 2006-07-19 13:05 942080 c:\windows\twain_32\CNQ4802\SGUI.DLL
    + 2012-07-06 13:13 . 2006-07-19 13:05 942080 c:\windows\twain_32\CNQ4802\SGUI.DLL
    - 2012-01-14 21:00 . 2005-02-03 13:26 114688 c:\windows\twain_32\CNQ4802\SCRPRMV.DLL
    + 2012-07-06 13:13 . 2005-02-03 13:26 114688 c:\windows\twain_32\CNQ4802\SCRPRMV.DLL
    - 2012-01-14 21:00 . 2006-07-19 13:04 118784 c:\windows\twain_32\CNQ4802\SCANINTF.DLL
    + 2012-07-06 13:13 . 2006-07-19 13:04 118784 c:\windows\twain_32\CNQ4802\SCANINTF.DLL
    + 2012-07-06 13:13 . 2006-03-24 13:34 118784 c:\windows\twain_32\CNQ4802\MC2.DLL
    - 2012-01-14 21:00 . 2006-03-24 13:34 118784 c:\windows\twain_32\CNQ4802\MC2.DLL
    - 2012-01-14 21:00 . 2004-06-07 12:58 290816 c:\windows\twain_32\CNQ4802\libBLC.dll
    + 2012-07-06 13:13 . 2004-06-07 12:58 290816 c:\windows\twain_32\CNQ4802\libBLC.dll
    - 2012-01-14 21:00 . 2004-08-26 17:07 114688 c:\windows\twain_32\CNQ4802\ITLIB32.DLL
    + 2012-07-06 13:13 . 2004-08-26 17:07 114688 c:\windows\twain_32\CNQ4802\ITLIB32.DLL
    + 2012-07-06 13:13 . 2006-07-19 13:05 110592 c:\windows\twain_32\CNQ4802\IPM.DLL
    - 2012-01-14 21:00 . 2006-07-19 13:05 110592 c:\windows\twain_32\CNQ4802\IPM.DLL
    + 2012-07-06 13:13 . 2006-07-19 13:04 143360 c:\windows\twain_32\CNQ4802\IOP.DLL
    - 2012-01-14 21:00 . 2006-07-19 13:04 143360 c:\windows\twain_32\CNQ4802\IOP.DLL
    - 2012-01-14 21:00 . 2006-04-28 09:31 122880 c:\windows\twain_32\CNQ4802\CNQS4802.DLL
    + 2012-07-06 13:13 . 2006-04-28 09:31 122880 c:\windows\twain_32\CNQ4802\CNQS4802.DLL
    + 2012-07-06 13:13 . 2005-08-24 15:51 126976 c:\windows\twain_32\CNQ4802\CFine2.dll
    - 2012-01-14 21:00 . 2005-08-24 15:51 126976 c:\windows\twain_32\CNQ4802\CFine2.dll
    + 2012-07-06 13:13 . 2006-06-22 20:55 122880 c:\windows\twain_32\CNQ4802\CAPS.DLL
    - 2012-01-14 21:00 . 2006-06-22 20:55 122880 c:\windows\twain_32\CNQ4802\CAPS.DLL
    + 2012-04-06 06:13 . 2012-04-06 06:13 299080 c:\windows\system32\XPSViewer\XPSViewer.exe
    + 2012-02-21 03:32 . 2008-07-06 12:06 575488 c:\windows\system32\xpsshhdr.dll
    + 2006-09-29 02:56 . 2006-09-29 02:56 316416 c:\windows\system32\WUDFx.dll
    + 2006-09-29 02:56 . 2006-09-29 02:56 165376 c:\windows\system32\WudfPlatform.dll
    + 2006-09-29 02:56 . 2006-09-29 02:56 146432 c:\windows\system32\WudfHost.exe
    + 2009-01-31 04:35 . 2009-01-31 04:35 356352 c:\windows\system32\wpdsp.dll
    + 2009-01-31 04:35 . 2009-01-31 04:35 133632 c:\windows\system32\WPDShServiceObj.dll
    + 2009-01-31 04:35 . 2009-01-31 04:35 154624 c:\windows\system32\wpdmtp.dll
    + 2009-01-31 04:35 . 2009-01-31 04:35 629760 c:\windows\system32\wpd_ci.dll
    + 2009-01-31 04:35 . 2009-01-31 04:35 656896 c:\windows\system32\WMVXENCD.dll
    + 2009-01-31 04:35 . 2009-01-31 04:35 767488 c:\windows\system32\WMVSENCD.dll
    + 2011-12-10 10:33 . 2009-04-02 07:02 604160 c:\windows\system32\wmspdmod.dll
    + 2009-01-31 04:34 . 2009-01-31 04:34 204288 c:\windows\system32\wmpsrcwp.dll
    + 2009-01-31 04:34 . 2009-01-31 04:34 130048 c:\windows\system32\wmpps.dll
    + 2012-02-17 07:14 . 2008-04-14 00:12 221184 c:\windows\system32\wmpns.dll
    + 2009-01-31 04:34 . 2009-01-31 04:34 613376 c:\windows\system32\wmpmde.dll
    + 2009-01-31 04:34 . 2009-01-31 04:34 295936 c:\windows\system32\wmpeffects.dll
    + 2011-12-10 10:33 . 2009-07-14 07:43 286208 c:\windows\system32\wmpdxm.dll
    + 2011-12-10 10:33 . 2009-01-31 04:34 211456 c:\windows\system32\wmpasf.dll
    + 2001-12-14 19:26 . 2009-01-31 04:34 938496 c:\windows\system32\WMNetMgr.dll
    + 2011-12-10 10:33 . 2009-01-31 04:34 157184 c:\windows\system32\wmidx.dll
    + 2011-12-10 10:33 . 2009-01-31 04:34 227328 c:\windows\system32\wmerror.dll
    + 2009-01-31 04:34 . 2009-01-31 04:34 535040 c:\windows\system32\wmdrmsdk.dll
    + 2009-01-31 04:34 . 2009-01-31 04:34 348672 c:\windows\system32\wmdrmnet.dll
    + 2009-01-31 04:34 . 2009-01-31 04:34 429056 c:\windows\system32\wmdrmdev.dll
    + 2001-12-14 19:26 . 2009-01-31 04:34 222208 c:\windows\system32\WMASF.dll
    + 2001-12-14 19:26 . 2009-01-31 04:34 757248 c:\windows\system32\WMADMOD.dll
    + 2001-12-14 20:44 . 2002-02-18 18:23 171792 c:\windows\system32\wjview.exe
    - 2001-12-14 20:44 . 2001-01-13 02:04 171792 c:\windows\system32\wjview.exe
    - 2001-12-14 19:26 . 2009-12-24 06:59 177664 c:\windows\system32\wintrust.dll
    + 2001-12-14 19:26 . 2012-02-29 14:10 177664 c:\windows\system32\wintrust.dll
    + 2001-12-14 20:44 . 2002-02-18 18:23 286992 c:\windows\system32\vmhelper.dll
    - 2001-12-14 20:44 . 2001-01-13 02:04 286992 c:\windows\system32\vmhelper.dll
    - 2002-08-29 15:14 . 2011-11-01 20:35 633344 c:\windows\system32\urlmon.dll
    + 2002-08-29 15:14 . 2012-04-20 19:29 633344 c:\windows\system32\urlmon.dll
    + 2012-02-21 03:33 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\mxdwdrv.dll
    + 2012-02-21 03:34 . 2008-07-06 12:06 765440 c:\windows\system32\spool\XPSEP\i386\i386\mxdwdrv.dll
    + 2012-02-21 03:33 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\mxdwdrv.dll
    + 2012-02-21 03:33 . 2008-07-06 12:06 748032 c:\windows\system32\spool\XPSEP\amd64\amd64\mxdwdrv.dll
    + 2012-02-21 03:34 . 2008-07-06 12:06 147456 c:\windows\system32\spool\prtprocs\x64\filterpipelineprintproc.dll
    + 2012-02-21 03:32 . 2008-07-06 10:50 597504 c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
    - 2012-01-02 16:27 . 2011-11-22 19:56 557392 c:\windows\system32\spool\drivers\w32x86\dopdfui7.dll
    + 2012-01-02 16:27 . 2011-11-22 18:56 557392 c:\windows\system32\spool\drivers\w32x86\dopdfui7.dll
    - 2012-01-02 16:27 . 2011-11-22 19:56 613712 c:\windows\system32\spool\drivers\w32x86\dopdfpr7.dll
    + 2012-01-02 16:27 . 2011-11-22 18:56 613712 c:\windows\system32\spool\drivers\w32x86\dopdfpr7.dll
    - 2012-01-02 16:27 . 2011-11-22 19:56 635216 c:\windows\system32\spool\drivers\w32x86\dopdfcl7.exe
    + 2012-01-02 16:27 . 2011-11-22 18:56 635216 c:\windows\system32\spool\drivers\w32x86\dopdfcl7.exe
    + 2011-11-30 23:01 . 2008-03-13 04:52 761344 c:\windows\system32\spool\drivers\w32x86\3\unires.dll
    - 2011-11-30 23:01 . 2007-05-15 08:08 761344 c:\windows\system32\spool\drivers\w32x86\3\unires.dll
    + 2011-11-30 23:01 . 2008-07-06 12:06 744960 c:\windows\system32\spool\drivers\w32x86\3\unidrvui.dll
    - 2011-11-30 23:01 . 2008-04-14 00:12 373248 c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
    + 2011-11-30 23:01 . 2008-07-06 12:06 373248 c:\windows\system32\spool\drivers\w32x86\3\unidrv.dll
    + 2012-02-21 03:32 . 2008-07-06 12:06 198656 c:\windows\system32\spool\drivers\w32x86\3\mxdwdui.dll
    + 2012-02-21 03:32 . 2008-07-06 12:06 765440 c:\windows\system32\spool\drivers\w32x86\3\mxdwdrv.dll
    - 2012-01-02 16:27 . 2011-11-22 19:56 557392 c:\windows\system32\spool\drivers\w32x86\3\dopdfui7.dll
    + 2012-01-02 16:27 . 2011-11-22 18:56 557392 c:\windows\system32\spool\drivers\w32x86\3\dopdfui7.dll
    + 2012-01-02 16:27 . 2011-11-22 18:56 613712 c:\windows\system32\spool\drivers\w32x86\3\dopdfpr7.dll
    - 2012-01-02 16:27 . 2011-11-22 19:56 613712 c:\windows\system32\spool\drivers\w32x86\3\dopdfpr7.dll
    + 2012-01-02 16:27 . 2011-11-22 18:56 635216 c:\windows\system32\spool\drivers\w32x86\3\dopdfcl7.exe
    - 2012-01-02 16:27 . 2011-11-22 19:56 635216 c:\windows\system32\spool\drivers\w32x86\3\dopdfcl7.exe
    + 2006-08-25 00:15 . 2006-08-25 00:15 150808 c:\windows\system32\rgb9rast_2.dll
    + 2012-02-04 11:00 . 2012-07-24 05:02 140748 c:\windows\system32\Restore\rstrlog.dat
    + 2012-02-23 14:58 . 2001-11-01 18:48 114688 c:\windows\system32\ReinstallBackups\0010\DriverFiles\nvqtwk.dll
    + 2012-02-23 14:58 . 2001-11-01 18:48 102400 c:\windows\system32\ReinstallBackups\0010\DriverFiles\nvdesk32.dll
    + 2012-02-23 14:58 . 2001-11-01 18:48 710105 c:\windows\system32\ReinstallBackups\0010\DriverFiles\nv4_mini.sys
    + 2001-12-14 19:25 . 2009-01-31 04:34 211456 c:\windows\system32\qasf.dll
    + 2012-02-21 03:32 . 2008-07-06 12:06 117760 c:\windows\system32\prntvpt.dll
    + 2008-07-30 03:59 . 2008-07-30 03:59 781344 c:\windows\system32\PresentationNative_v0300.dll
    + 2010-03-31 08:10 . 2010-03-31 08:10 295264 c:\windows\system32\PresentationHost.exe
    + 2008-07-30 03:59 . 2008-07-30 03:59 105016 c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
    + 2009-01-31 04:34 . 2009-01-31 04:34 199168 c:\windows\system32\PortableDeviceWMDRM.dll
    + 2009-01-31 04:34 . 2009-01-31 04:34 132096 c:\windows\system32\PortableDeviceWiaCompat.dll
    + 2009-01-31 04:34 . 2009-01-31 04:34 166912 c:\windows\system32\PortableDeviceTypes.dll
    + 2009-01-31 04:34 . 2009-01-31 04:34 101888 c:\windows\system32\PortableDeviceClassExtension.dll
    + 2009-01-31 04:34 . 2009-01-31 04:34 254976 c:\windows\system32\PortableDeviceApi.dll
    + 2001-12-14 19:25 . 2012-06-13 10:21 437070 c:\windows\system32\perfh009.dat
    + 2004-07-15 19:42 . 2004-07-15 19:42 843776 c:\windows\system32\nwiz.exe
    + 2012-02-23 14:58 . 2004-07-15 19:42 172032 c:\windows\system32\nvudisp.exe
    + 2001-12-19 22:12 . 2004-07-15 19:42 114755 c:\windows\system32\nvsvc32.exe
    + 2004-07-15 19:42 . 2004-07-15 19:42 454656 c:\windows\system32\nvshell.dll
    + 2004-07-15 19:42 . 2004-07-15 19:42 241664 c:\windows\system32\nvnt4cpl.dll
    + 2004-07-15 19:42 . 2004-07-15 19:42 438272 c:\windows\system32\nvappbar.exe
    + 2001-12-14 19:25 . 2009-01-31 04:33 321536 c:\windows\system32\mswmdm.dll
    + 2002-08-29 15:14 . 2012-04-20 19:29 532480 c:\windows\system32\mstime.dll
    - 2002-08-29 15:14 . 2011-11-01 20:35 532480 c:\windows\system32\mstime.dll
    + 2001-12-14 19:25 . 2009-01-31 04:33 414720 c:\windows\system32\msscp.dll
    + 2001-12-14 19:25 . 2009-01-31 04:33 175616 c:\windows\system32\mspmsp.dll
    + 2001-12-14 19:25 . 2009-01-31 04:33 179712 c:\windows\system32\msnetobj.dll
    + 2001-12-14 20:44 . 2002-02-18 18:23 945936 c:\windows\system32\msjava.dll
    + 2002-08-29 15:14 . 2012-04-20 19:29 449536 c:\windows\system32\mshtmled.dll
    - 2002-08-29 15:14 . 2011-11-01 20:35 449536 c:\windows\system32\mshtmled.dll
    + 2006-10-02 23:28 . 2006-10-02 23:28 312128 c:\windows\system32\msdelta.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 158720 c:\windows\system32\mscorier.dll
    + 2001-12-14 20:44 . 2002-02-18 18:23 154384 c:\windows\system32\msawt.dll
    + 2009-01-31 04:33 . 2009-01-31 04:33 259072 c:\windows\system32\MPG4DECD.dll
    + 2009-01-31 04:33 . 2010-03-30 20:24 317440 c:\windows\system32\mp4sdecd.dll
    + 2009-01-31 04:33 . 2009-01-31 04:33 259072 c:\windows\system32\MP43DECD.dll
    + 2009-01-31 04:33 . 2009-01-31 04:33 212992 c:\windows\system32\MFPLAT.dll
    + 2001-12-14 19:25 . 2009-01-31 01:37 100864 c:\windows\system32\logagent.exe
    + 2012-02-21 03:54 . 2010-12-13 22:37 636784 c:\windows\system32\LCCoin36.dll
    + 2004-07-15 19:42 . 2004-07-15 19:42 352256 c:\windows\system32\keystone.exe
    + 2001-12-14 20:44 . 2002-02-18 18:23 172304 c:\windows\system32\jview.exe
    - 2001-12-14 20:44 . 2001-01-13 02:04 172304 c:\windows\system32\jview.exe
    + 2001-12-14 20:44 . 2002-02-18 18:22 171280 c:\windows\system32\jit.dll
    - 2001-12-14 20:44 . 2001-01-13 02:04 171280 c:\windows\system32\jit.dll
    + 2012-07-14 13:23 . 2012-07-06 05:06 227760 c:\windows\system32\javaws.exe
    + 2012-07-14 13:23 . 2012-07-14 13:22 174064 c:\windows\system32\javaw.exe
    - 2001-12-14 20:44 . 2001-01-13 02:04 404752 c:\windows\system32\javart.dll
    + 2012-02-06 08:46 . 2002-02-18 18:22 404752 c:\windows\system32\javart.dll
    - 2001-12-14 20:44 . 2001-01-13 02:04 139536 c:\windows\system32\javaee.dll
    + 2012-02-06 08:46 . 2002-02-18 18:22 139536 c:\windows\system32\javaee.dll
    + 2001-12-14 20:44 . 2002-02-18 18:22 187152 c:\windows\system32\javacypt.dll
    - 2001-12-14 20:44 . 2001-01-13 02:04 187152 c:\windows\system32\javacypt.dll
    + 2012-07-14 13:23 . 2012-07-14 13:22 174064 c:\windows\system32\java.exe
    + 2001-12-14 19:25 . 2012-02-29 14:10 148480 c:\windows\system32\imagehlp.dll
    + 2002-08-29 15:14 . 2012-04-20 19:29 251904 c:\windows\system32\iepeers.dll
    - 2002-08-29 15:14 . 2011-11-01 20:35 251904 c:\windows\system32\iepeers.dll
    + 2008-07-30 03:24 . 2008-07-30 03:24 622080 c:\windows\system32\icardagt.exe
    + 2001-12-14 12:30 . 2012-07-11 10:24 196160 c:\windows\system32\FNTCACHE.DAT
    + 2008-07-30 05:10 . 2008-07-30 05:10 493048 c:\windows\system32\evr.dll
    + 2001-12-14 20:44 . 2002-02-18 15:34 313856 c:\windows\system32\dx3j.dll
    - 2001-12-14 20:44 . 2001-01-13 00:09 313856 c:\windows\system32\dx3j.dll
    + 2012-02-21 03:54 . 2010-12-13 22:37 636784 c:\windows\system32\DRVSTORE\nx6000_6D6850D7C713367D5BA36B75FE82F52D3E5A14A1\LCCoin36.dll
    + 2001-12-14 19:25 . 2009-01-31 04:33 991744 c:\windows\system32\drmv2clt.dll
    + 2009-01-31 01:23 . 2009-01-31 01:23 249856 c:\windows\system32\drmupgds.exe
    + 2009-01-31 04:35 . 2009-01-31 04:35 671232 c:\windows\system32\drivers\UMDF\wpdmtpdr.dll
    + 2012-02-17 15:16 . 2012-02-17 15:16 443448 c:\windows\system32\drivers\sptd.sys
    + 2012-02-21 03:32 . 2008-07-06 12:06 575488 c:\windows\system32\dllcache\xpsshhdr.dll
    + 2011-12-10 10:33 . 2012-06-02 22:19 210968 c:\windows\system32\dllcache\wuweb.dll
    + 2011-12-10 10:33 . 2012-06-02 22:19 329240 c:\windows\system32\dllcache\wucltui.dll
    + 2011-12-10 10:33 . 2012-06-02 22:19 577048 c:\windows\system32\dllcache\wuapi.dll
    + 2009-04-03 20:15 . 2009-04-02 07:02 604160 c:\windows\system32\dllcache\wmspdmod.dll
    + 2009-07-13 10:18 . 2009-07-14 07:43 286208 c:\windows\system32\dllcache\wmpdxm.dll
    + 2011-12-10 13:16 . 2009-01-31 04:34 211456 c:\windows\system32\dllcache\wmpasf.dll
    + 2008-06-11 02:18 . 2009-01-31 04:34 938496 c:\windows\system32\dllcache\WMNetMgr.dll
    + 2011-12-10 13:16 . 2009-01-31 04:34 157184 c:\windows\system32\dllcache\wmidx.dll
    + 2011-12-10 13:16 . 2009-01-31 04:34 227328 c:\windows\system32\dllcache\wmerror.dll
    + 2011-12-10 13:16 . 2009-01-31 04:34 222208 c:\windows\system32\dllcache\WMASF.dll
    + 2011-12-10 13:16 . 2009-01-31 04:34 757248 c:\windows\system32\dllcache\WMADMOD.dll
    - 2009-12-24 06:59 . 2009-12-24 06:59 177664 c:\windows\system32\dllcache\wintrust.dll
    + 2009-12-24 06:59 . 2012-02-29 14:10 177664 c:\windows\system32\dllcache\wintrust.dll
    + 2010-04-16 16:09 . 2012-05-16 07:58 667136 c:\windows\system32\dllcache\wininet.dll
    - 2010-04-16 16:09 . 2011-11-01 20:35 667136 c:\windows\system32\dllcache\wininet.dll
    + 2010-04-16 16:09 . 2012-04-20 19:29 633344 c:\windows\system32\dllcache\urlmon.dll
    - 2010-04-16 16:09 . 2011-11-01 20:35 633344 c:\windows\system32\dllcache\urlmon.dll
    + 2011-12-10 13:16 . 2009-01-31 01:40 317440 c:\windows\system32\dllcache\unregmp2.exe
    + 2008-12-05 06:54 . 2012-06-04 04:32 152576 c:\windows\system32\dllcache\schannel.dll
    - 2011-12-13 04:03 . 2011-06-24 14:10 139656 c:\windows\system32\dllcache\rdpwd.sys
    + 2011-12-13 04:03 . 2012-05-02 13:46 139656 c:\windows\system32\dllcache\rdpwd.sys
    + 2012-02-21 03:32 . 2008-07-06 10:50 597504 c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    + 2011-12-10 13:14 . 2009-01-31 04:33 321536 c:\windows\system32\dllcache\mswmdm.dll
    - 2011-09-05 13:56 . 2011-11-01 20:35 532480 c:\windows\system32\dllcache\mstime.dll
    + 2011-09-05 13:56 . 2012-04-20 19:29 532480 c:\windows\system32\dllcache\mstime.dll
    + 2011-12-10 13:14 . 2009-01-31 04:33 414720 c:\windows\system32\dllcache\msscp.dll
    + 2011-12-10 13:14 . 2009-01-31 04:33 175616 c:\windows\system32\dllcache\mspmsp.dll
    + 2011-12-10 13:14 . 2009-01-31 04:33 179712 c:\windows\system32\dllcache\msnetobj.dll
    + 2011-09-05 13:56 . 2012-04-20 19:29 449536 c:\windows\system32\dllcache\mshtmled.dll
    - 2011-09-05 13:56 . 2011-11-01 20:35 449536 c:\windows\system32\dllcache\mshtmled.dll
    + 2010-11-09 14:52 . 2012-05-28 18:16 536576 c:\windows\system32\dllcache\msado15.dll
    - 2010-11-09 14:52 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll
    + 2011-12-10 13:13 . 2009-01-31 04:33 243712 c:\windows\system32\dllcache\mpvis.dll
    + 2010-03-30 20:24 . 2010-03-30 20:24 317440 c:\windows\system32\dllcache\mp4sdecd.dll
    + 2008-06-10 09:31 . 2009-01-31 01:37 100864 c:\windows\system32\dllcache\logagent.exe
    + 2012-02-29 14:10 . 2012-02-29 14:10 148480 c:\windows\system32\dllcache\imagehlp.dll
    - 2010-04-16 16:09 . 2011-11-01 20:35 251904 c:\windows\system32\dllcache\iepeers.dll
    + 2010-04-16 16:09 . 2012-04-20 19:29 251904 c:\windows\system32\dllcache\iepeers.dll
    + 2011-12-10 13:12 . 2009-01-31 04:33 991744 c:\windows\system32\dllcache\drmv2clt.dll
    + 2011-09-28 07:06 . 2012-05-31 13:22 599040 c:\windows\system32\dllcache\crypt32.dll
    - 2011-09-28 07:06 . 2011-09-28 07:06 599040 c:\windows\system32\dllcache\crypt32.dll
    + 2011-12-10 13:11 . 2009-01-31 04:33 229376 c:\windows\system32\dllcache\cewmdm.dll
    + 2011-12-10 13:11 . 2009-01-31 04:33 542720 c:\windows\system32\dllcache\blackbox.dll
    + 2012-04-03 13:27 . 2012-04-03 13:27 262144 c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat
    + 2001-12-14 19:25 . 2009-01-31 04:33 229376 c:\windows\system32\cewmdm.dll
    - 2012-01-14 21:00 . 2006-08-25 18:35 702048 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\DelDrv.exe
    + 2012-07-06 13:14 . 2006-08-25 18:35 702048 c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4802\DelDrv.exe
    + 2001-12-14 19:25 . 2009-01-31 04:33 542720 c:\windows\system32\blackbox.dll
    + 2009-01-31 04:33 . 2009-01-31 04:33 276992 c:\windows\system32\audiodev.dll
    + 2012-07-24 04:43 . 2012-07-24 04:21 202962 c:\windows\PCHEALTH\HELPCTR\Config\Cache\Personal_32_1033.dat
    + 2008-07-30 07:40 . 2008-07-30 07:40 196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe
    + 2008-07-30 07:40 . 2008-07-30 07:40 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi
    + 2008-07-30 02:47 . 2008-07-30 02:47 110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
    + 2008-07-30 02:47 . 2008-07-30 02:47 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll
    + 2008-07-30 07:15 . 2008-07-30 07:15 225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat
    + 2008-07-30 07:40 . 2008-07-30 07:40 233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll
    + 2008-07-30 07:40 . 2008-07-30 07:40 168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll
    + 2008-07-30 04:35 . 2008-07-30 04:35 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
    + 2012-04-06 06:52 . 2012-04-06 06:52 131168 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
    + 2008-07-30 05:10 . 2008-07-30 05:10 806928 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll
    + 2008-07-30 03:16 . 2008-07-30 03:16 152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
    + 2010-04-08 07:48 . 2010-04-08 07:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
    + 2008-07-30 03:16 . 2008-07-30 03:16 132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    + 2010-04-08 07:48 . 2010-04-08 07:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
    + 2008-07-30 03:16 . 2008-07-30 03:16 156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
    + 2008-07-30 03:16 . 2008-07-30 03:16 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
    + 2008-07-30 03:16 . 2008-07-30 03:16 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
    + 2008-07-30 03:24 . 2008-07-30 03:24 881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    + 2008-07-30 03:16 . 2008-07-30 03:16 168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
    + 2011-12-25 11:49 . 2011-12-25 11:49 436496 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
    + 2010-02-09 20:22 . 2010-02-09 20:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
    + 2012-04-21 14:15 . 2012-04-21 14:15 630784 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
    + 2008-11-25 12:59 . 2008-11-25 12:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
    + 2011-12-25 10:50 . 2011-12-25 10:50 389888 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
    + 2008-07-25 19:17 . 2008-07-25 19:17 230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
    + 2011-12-25 10:50 . 2011-12-25 10:50 364816 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
    + 2011-12-25 10:50 . 2011-12-25 10:50 989968 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
    + 2008-07-25 19:17 . 2008-07-25 19:17 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
    + 2008-07-25 19:16 . 2008-07-25 19:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
    + 2008-07-25 19:17 . 2008-07-25 19:17 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
    + 2012-04-26 00:45 . 2012-04-26 00:45 471040 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
    + 2001-12-14 20:45 . 2001-08-08 21:48 306947 c:\windows\IsUninst.exe
    + 2012-04-22 04:55 . 2012-04-22 04:55 980480 c:\windows\Installer\fe78fd.msp
    + 2012-07-14 13:24 . 2012-07-14 13:24 176128 c:\windows\Installer\fd977a6.msi
    + 2012-07-14 13:23 . 2012-07-14 13:23 457216 c:\windows\Installer\fd97796.msi
    + 2012-07-14 13:22 . 2012-07-14 13:22 863744 c:\windows\Installer\fd97792.msi
    + 2012-04-03 13:28 . 2012-04-03 13:28 901120 c:\windows\Installer\c90f655.msi
    + 2012-02-03 06:56 . 2012-02-03 06:56 963584 c:\windows\Installer\a9ff6d0.msp

    END COMBOFIX FOURTH SECTION
    ================================================
     
    dispatch trophy,
    #22


  3. to hide this advert.

  4. 2012/07/24
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    START COMBOFIX FIFTH SECTION

    + 2012-04-03 02:03 . 2012-04-03 02:03 225280 c:\windows\Installer\a1e562d.msi
    + 2009-04-20 21:59 . 2009-04-20 21:59 219648 c:\windows\Installer\75e739b.msp
    + 2009-11-05 21:21 . 2009-11-05 21:21 537600 c:\windows\Installer\75e736d.msp
    + 2010-11-16 19:54 . 2010-11-16 19:54 906240 c:\windows\Installer\75e728f.msp
    + 2011-12-22 23:50 . 2011-12-22 23:50 256000 c:\windows\Installer\59e046e7.msp
    + 2002-04-26 16:25 . 2002-04-26 16:25 865280 c:\windows\Installer\55868.msi
    + 2012-07-07 02:53 . 2012-07-07 02:53 865280 c:\windows\Installer\4d729.msi
    + 2012-04-21 09:41 . 2012-04-21 09:41 301056 c:\windows\Installer\2e307464.msi
    + 2012-02-13 21:29 . 2012-02-13 21:29 133632 c:\windows\Installer\22396fe.msi
    + 2012-04-21 23:21 . 2012-04-21 23:21 223744 c:\windows\Installer\21a80c7.msi
    + 2012-04-21 23:19 . 2012-04-21 23:19 470528 c:\windows\Installer\21a80c0.msi
    + 2012-04-21 23:16 . 2012-04-21 23:16 467456 c:\windows\Installer\21a807c.msi
    + 2012-02-21 03:38 . 2012-02-21 03:38 648192 c:\windows\Installer\19ff0e.msi
    + 2008-12-13 17:58 . 2008-12-13 17:58 754688 c:\windows\Installer\180ae2f.msp
    + 2011-12-25 13:40 . 2011-12-25 13:40 819200 c:\windows\Installer\180ae0f.msp
    + 2009-03-20 19:48 . 2009-03-20 19:48 183808 c:\windows\Installer\180ade1.msp
    + 2010-02-25 08:14 . 2010-02-25 08:14 543232 c:\windows\Installer\180adaf.msp
    + 2008-07-30 05:23 . 2008-07-30 05:23 250880 c:\windows\Installer\173ded.msp
    + 2008-07-30 05:28 . 2008-07-30 05:28 278016 c:\windows\Installer\173deb.msp
    + 2008-07-30 03:40 . 2008-07-30 03:40 291840 c:\windows\Installer\173de9.msp
    + 2012-02-21 03:35 . 2012-02-21 03:35 137728 c:\windows\Installer\173de3.msi
    + 2008-07-30 01:35 . 2008-07-30 01:35 553472 c:\windows\Installer\10aac7.msp
    + 2008-07-30 01:33 . 2008-07-30 01:33 506368 c:\windows\Installer\10aac5.msp
    + 2008-07-30 01:37 . 2008-07-30 01:37 911360 c:\windows\Installer\10aac4.msp
    + 2012-06-28 15:02 . 2012-06-28 15:02 381440 c:\windows\Installer\1035de79.msi
    + 2012-07-20 02:19 . 2012-07-20 02:19 371272 c:\windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe
    + 2011-06-06 19:55 . 2011-06-06 19:55 249232 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\sqlite.dll
    + 2011-06-06 19:55 . 2011-06-06 19:55 394136 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\pdfshell.dll
    + 2011-06-06 19:55 . 2011-06-06 19:55 103848 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\PDFPrevHndlrShim.exe
    + 2011-06-06 19:55 . 2011-06-06 19:55 183696 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\nppdf32.dll
    + 2011-06-06 19:55 . 2011-06-06 19:55 104344 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\AiodLite.dll
    + 2011-06-06 19:55 . 2011-06-06 19:55 937920 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\adobearm.exe
    + 2011-06-06 19:55 . 2011-06-06 19:55 102808 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\AcroRdIF.dll
    + 2011-06-06 19:55 . 2011-06-06 19:55 755088 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\AcroPDF.dll
    + 2011-06-06 19:55 . 2011-06-06 19:55 296344 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\acrobroker.exe
    + 2011-06-06 19:55 . 2011-06-06 19:55 205720 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\a3dutils.dll
    + 2009-02-26 17:45 . 2009-02-26 17:45 509256 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6612\WRD12CVR.DLL
    + 2009-02-25 22:27 . 2009-02-25 22:27 843680 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6612\OICE.EXE
    + 2009-02-26 17:07 . 2009-02-26 17:07 395624 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6612\MOC.EXE
    + 2001-12-14 19:26 . 2009-01-31 01:40 317440 c:\windows\inf\unregmp2.exe
    + 2012-02-21 03:32 . 2008-03-13 04:52 761344 c:\windows\Driver Cache\i386\unires.dll
    + 2012-02-21 03:32 . 2008-07-06 12:06 744960 c:\windows\Driver Cache\i386\unidrvui.dll
    + 2012-02-21 03:32 . 2008-07-06 12:06 373248 c:\windows\Driver Cache\i386\unidrv.dll
    + 2012-02-21 03:32 . 2008-07-06 12:06 198656 c:\windows\Driver Cache\i386\mxdwdui.dll
    + 2012-02-21 03:32 . 2008-07-06 12:06 765440 c:\windows\Driver Cache\i386\mxdwdrv.dll
    + 2012-02-21 11:37 . 2012-02-21 11:37 970752 c:\windows\assembly\tmp\X5CIOV18\System.Deployment.dll
    + 2012-02-21 11:15 . 2012-02-21 11:15 110592 c:\windows\assembly\tmp\LU07DKQX\Microsoft.VisualBasic.Compatibility.Data.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 261632 c:\windows\assembly\tmp\FOV29GNU\System.Transactions.dll
    + 2012-02-21 11:26 . 2012-02-21 11:26 113664 c:\windows\assembly\tmp\AIOV17EK\System.EnterpriseServices.Wrapper.dll
    + 2012-02-21 11:26 . 2012-02-21 11:26 258048 c:\windows\assembly\tmp\AIOV17EK\System.EnterpriseServices.dll
    + 2012-02-21 11:49 . 2012-02-21 11:49 110592 c:\windows\assembly\tmp\4CJPV28F\Microsoft.VisualBasic.Compatibility.Data.dll
    + 2012-02-21 11:36 . 2012-02-21 11:36 114688 c:\windows\assembly\tmp\4CJPV28E\System.ServiceProcess.dll
    + 2012-04-12 10:18 . 2012-04-12 10:18 843776 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_dcf4d9e0\System.Drawing.dll
    + 2012-06-13 10:11 . 2012-06-13 10:11 843776 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_944cbfd4\System.Drawing.dll
    + 2012-06-13 10:12 . 2012-06-13 10:12 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_c0104e4b\System.Drawing.Design.dll
    + 2012-04-12 10:19 . 2012-04-12 10:19 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_7efb58b0\System.Drawing.Design.dll
    + 2012-04-12 10:19 . 2012-04-12 10:19 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_51929d09\CustomMarshalers.dll
    + 2012-05-09 10:25 . 2012-05-09 10:25 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\ac4fc3032c19946f9b2729468888206d\WsatConfig.ni.exe
    + 2012-06-13 10:25 . 2012-06-13 10:25 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\86e11a59f02b2dda27ec2e7cba351744\WindowsFormsIntegration.ni.dll
    + 2012-05-09 10:22 . 2012-05-09 10:22 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\be27ab5913cec2b292a019c2a13ec701\UIAutomationTypes.ni.dll
    + 2012-05-09 10:21 . 2012-05-09 10:21 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\04e5e2be34a70ee7f4c87550238095a0\UIAutomationClient.ni.dll
    + 2012-05-09 10:30 . 2012-05-09 10:30 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\1c13b08593e99d6f5bef49ae7939c78b\System.Xml.Linq.ni.dll
    + 2012-06-13 10:28 . 2012-06-13 10:28 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\698c2093d7ac57af935b399d1c0b1790\System.Web.Routing.ni.dll
    + 2012-05-09 10:29 . 2012-05-09 10:29 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\6c7765c10516d375e9ddedad2dbab848\System.Web.RegularExpressions.ni.dll
    + 2012-06-13 10:28 . 2012-06-13 10:28 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\75248baf640115daeb0e580f1c5ff98b\System.Web.Extensions.Design.ni.dll
    + 2012-06-13 10:28 . 2012-06-13 10:28 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\40c3b61ac38613e2b4b0f196e86185eb\System.Web.Entity.ni.dll
    + 2012-06-13 10:28 . 2012-06-13 10:28 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\39cc9a830f7f08fd9f397be452fd78b0\System.Web.Entity.Design.ni.dll
    + 2012-06-13 10:28 . 2012-06-13 10:28 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\88b1fd4792e7b698b788594d8e5e3c09\System.Web.DynamicData.ni.dll
    + 2012-06-13 10:28 . 2012-06-13 10:28 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\6333d22a2ea347432d46c40d93194c68\System.Web.Abstractions.ni.dll
    + 2012-05-09 10:28 . 2012-05-09 10:28 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\41f6f6dd0c8427d4a8e6fd3915505a6b\System.Transactions.ni.dll
    + 2012-06-13 10:27 . 2012-06-13 10:27 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
    + 2012-05-09 10:25 . 2012-05-09 10:25 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\129b15861e200613ff78ae15581f9093\System.Security.ni.dll
    + 2012-05-09 10:28 . 2012-05-09 10:28 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a644ec04e18202b60f9d828bc207972b\System.Runtime.Serialization.Formatters.Soap.ni.dll
    + 2012-05-09 10:28 . 2012-05-09 10:28 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\4a9eb43005a041959ddc5c7e586ab746\System.Net.ni.dll
    + 2012-05-09 10:28 . 2012-05-09 10:28 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
    + 2012-05-09 10:28 . 2012-05-09 10:28 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\3182a049ba953010dec649cf290a9e90\System.Management.Instrumentation.ni.dll
    + 2012-05-09 10:23 . 2012-05-09 10:23 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\8991f21d4b3676bf6f779110db8d4ac9\System.IO.Log.ni.dll
    + 2012-05-09 10:25 . 2012-05-09 10:25 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\cd9c60a35d4958e94d2e3dd2f778e2e9\System.IdentityModel.Selectors.ni.dll
    + 2012-05-09 10:27 . 2012-05-09 10:27 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\29bce0113d611084a9329349e33528ac\System.EnterpriseServices.Wrapper.dll
    + 2012-05-09 10:27 . 2012-05-09 10:27 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\29bce0113d611084a9329349e33528ac\System.EnterpriseServices.ni.dll
    + 2012-06-13 10:25 . 2012-06-13 10:25 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\96a3fc1f74a00b618b70bd1701600408\System.Drawing.Design.ni.dll
    + 2012-05-09 10:27 . 2012-05-09 10:27 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\ca484772955bc4db03b5dcb611c09423\System.DirectoryServices.Protocols.ni.dll
    + 2012-05-09 10:27 . 2012-05-09 10:27 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\8ba5e68dddfd3279a8469d39eded48f3\System.DirectoryServices.AccountManagement.ni.dll
    + 2012-05-09 10:27 . 2012-05-09 10:27 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\a0109fce606a3110a5e7f9a4773f517e\System.Data.Services.Design.ni.dll
    + 2012-05-09 10:27 . 2012-05-09 10:27 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3a68d0441f509ffa6f8f0fb9cfcc5780\System.Data.Services.Client.ni.dll
    + 2012-05-09 10:27 . 2012-05-09 10:27 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\04440b3dd5d822da4973a525ee04b05d\System.Data.Entity.Design.ni.dll
    + 2012-05-09 10:26 . 2012-05-09 10:26 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\7bbb5d9e3b161b4d4b968e590442d3ae\System.Data.DataSetExtensions.ni.dll
    + 2012-05-09 10:25 . 2012-05-09 10:25 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
    + 2012-06-13 10:27 . 2012-06-13 10:27 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\badd66e1d2b8416e9bb868ad059203c6\System.Configuration.Install.ni.dll
    + 2012-05-09 10:26 . 2012-05-09 10:26 634368 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\931a2bece4668863db4f852401c828cf\System.AddIn.ni.dll
    + 2012-05-09 10:24 . 2012-05-09 10:24 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\6762f1ee780fa9c0b4ef66b285c64844\SMSvcHost.ni.exe
    + 2012-05-09 10:24 . 2012-05-09 10:24 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\660c4d6dd69ef22bc05587e1998cd135\SMDiagnostics.ni.dll
    + 2012-05-09 10:24 . 2012-05-09 10:24 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\47ed5bc9f42ea0054ce9acfde5e640b8\ServiceModelReg.ni.exe
    + 2012-05-09 10:19 . 2012-05-09 10:19 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a4706b850df9a3483f2fc439b6abe616\PresentationFramework.Royale.ni.dll
    + 2012-05-09 10:19 . 2012-05-09 10:19 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8b873631a0855fb6aa0ad25f1d9de7fe\PresentationFramework.Luna.ni.dll
    + 2012-05-09 10:19 . 2012-05-09 10:19 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7416fe825e6e49a87fa8ff60c8971813\PresentationFramework.Classic.ni.dll
    + 2012-05-09 10:19 . 2012-05-09 10:19 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\186c27fbd7b38b5551889274f6fa2ccd\PresentationFramework.Aero.ni.dll
    + 2012-05-09 10:25 . 2012-05-09 10:25 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5a121969a115d11b6256eb960c145686\MSBuild.ni.exe
    + 2012-05-09 10:24 . 2012-05-09 10:24 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\97c613d3899b320a6765793bdf490272\Microsoft.Transactions.Bridge.Dtc.ni.dll
    + 2012-05-09 10:25 . 2012-05-09 10:25 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\dec22fb7d6b8929a41380e5359741a07\Microsoft.Build.Utilities.v3.5.ni.dll
    + 2012-05-09 10:25 . 2012-05-09 10:25 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\1009b31c86a1b798fffa9e0127cec29c\Microsoft.Build.Utilities.ni.dll
    + 2012-05-09 10:25 . 2012-05-09 10:25 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\21d88631ef629715d3eecdd08e62e0b8\Microsoft.Build.Engine.ni.dll
    + 2012-05-09 10:25 . 2012-05-09 10:25 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\a0f38c6478cca8297fb160291346c1c9\Microsoft.Build.Conversion.v3.5.ni.dll
    + 2012-05-09 10:25 . 2012-05-09 10:25 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\bb26dd100d656605c576881a1a823667\CustomMarshalers.ni.dll
    + 2012-05-09 10:24 . 2012-05-09 10:24 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\9869c02d18825fdd32e64135a3e7246b\ComSvcConfig.ni.exe
    + 2012-06-13 10:26 . 2012-06-13 10:26 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\c0045c1c7c29c7e7cc7bd60001b729a7\AspNetMMCExt.ni.dll
    + 2012-02-21 03:35 . 2012-02-21 03:35 385024 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
    + 2012-02-21 03:35 . 2012-02-21 03:35 167936 c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 139264 c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 507904 c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
    + 2012-02-21 03:35 . 2012-02-21 03:35 540672 c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
    + 2012-06-13 10:19 . 2012-06-13 10:19 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
    + 2012-02-21 03:38 . 2012-02-21 03:38 335872 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
    + 2012-02-21 11:53 . 2012-02-21 11:53 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 131072 c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
    + 2012-02-21 11:53 . 2012-02-21 11:53 229376 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
    + 2012-02-21 03:35 . 2012-02-21 03:35 688128 c:\windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 569344 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
    + 2012-02-21 11:18 . 2012-02-21 11:18 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 233472 c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 143360 c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
    + 2012-02-21 03:34 . 2012-02-21 03:34 131072 c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
    + 2012-02-21 11:18 . 2012-02-21 11:18 438272 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
    + 2012-02-21 03:35 . 2012-02-21 03:35 126976 c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 630784 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 286720 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
    + 2012-02-21 11:53 . 2012-02-21 11:53 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 114688 c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
    + 2012-02-21 11:53 . 2012-02-21 11:53 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 684032 c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 229376 c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 667648 c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
    + 2012-05-09 10:16 . 2012-05-09 10:16 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
    + 2012-02-21 11:18 . 2012-02-21 11:18 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
    + 2012-05-09 10:02 . 2012-05-09 10:02 532480 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
    + 2012-02-21 03:35 . 2012-02-21 03:35 864256 c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
    + 2012-02-21 03:35 . 2012-02-21 03:35 163840 c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
    + 2012-02-21 03:35 . 2012-02-21 03:35 397312 c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
    + 2012-02-21 03:35 . 2012-02-21 03:35 139264 c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
    + 2012-02-21 03:35 . 2012-02-21 03:35 196608 c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
    + 2012-02-21 03:35 . 2012-02-21 03:35 598016 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
    + 2012-02-21 03:34 . 2012-02-21 03:34 397312 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 802816 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 733184 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 106496 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
    + 2012-02-24 03:51 . 2012-02-24 03:51 114688 c:\windows\assembly\GAC_MSIL\cli_uretypes\1.0.2.0__ce2cb7e279207b9e\cli_uretypes.dll
    + 2012-02-24 03:51 . 2012-02-24 03:51 839680 c:\windows\assembly\GAC_MSIL\cli_oootypes\1.0.2.0__ce2cb7e279207b9e\cli_oootypes.dll
    + 2012-06-13 10:19 . 2012-06-13 10:19 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
    + 2012-05-09 10:02 . 2012-05-09 10:02 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
    + 2012-02-21 03:34 . 2012-02-21 03:34 163840 c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
    + 2012-06-13 10:09 . 2012-06-13 10:09 471040 c:\windows\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
    + 2012-02-17 07:08 . 2006-09-16 09:05 379184 c:\windows\$NtUninstallWudf01000$\spuninst\updspapi.dll
    + 2012-02-17 07:08 . 2006-09-16 09:05 221488 c:\windows\$NtUninstallWudf01000$\spuninst\spuninst.exe
    + 2012-02-17 07:13 . 2008-04-14 00:12 102400 c:\windows\$NtUninstallwmp11$\wmpshell.dll
    + 2012-02-17 07:13 . 2009-07-12 20:21 233472 c:\windows\$NtUninstallwmp11$\wmpdxm.dll
    + 2012-02-17 07:13 . 2008-04-14 00:12 114688 c:\windows\$NtUninstallwmp11$\wmpasf.dll
    + 2012-02-17 07:13 . 2008-04-13 17:23 168448 c:\windows\$NtUninstallwmp11$\wmerror.dll
    + 2012-02-17 07:13 . 2008-04-14 00:12 208896 c:\windows\$NtUninstallwmp11$\unregmp2.exe
    + 2012-02-17 07:13 . 2008-02-13 20:52 371424 c:\windows\$NtUninstallwmp11$\spuninst\updspapi.dll
    + 2012-02-17 07:13 . 2008-02-13 20:52 213216 c:\windows\$NtUninstallwmp11$\spuninst\spuninst.exe
    + 2012-02-17 07:13 . 2008-04-14 00:12 774144 c:\windows\$NtUninstallwmp11$\setup_wm.exe
    + 2012-02-17 07:13 . 2008-04-14 00:11 368640 c:\windows\$NtUninstallwmp11$\mpvis.dll
    + 2012-02-17 07:10 . 2008-04-14 00:12 809984 c:\windows\$NtUninstallWMFDist11$\wmvdmod.dll
    + 2012-02-17 07:10 . 2008-04-14 00:12 897024 c:\windows\$NtUninstallWMFDist11$\wmspdmoe.dll
    + 2012-02-17 07:10 . 2009-04-03 20:15 485376 c:\windows\$NtUninstallWMFDist11$\wmspdmod.dll
    + 2012-02-17 07:10 . 2008-04-14 00:12 759296 c:\windows\$NtUninstallWMFDist11$\wmsdmod.dll
    + 2012-02-17 07:10 . 2008-04-14 00:12 151552 c:\windows\$NtUninstallWMFDist11$\wmidx.dll
    + 2012-02-17 07:10 . 2008-04-14 00:12 230912 c:\windows\$NtUninstallWMFDist11$\wmasf.dll
    + 2012-02-17 07:10 . 2008-04-14 00:12 670720 c:\windows\$NtUninstallWMFDist11$\wmadmoe.dll
    + 2012-02-17 07:10 . 2008-04-14 00:12 408064 c:\windows\$NtUninstallWMFDist11$\wmadmod.dll
    + 2012-02-17 07:10 . 2008-02-13 20:52 371424 c:\windows\$NtUninstallWMFDist11$\spuninst\updspapi.dll
    + 2012-02-17 07:10 . 2008-02-13 20:52 213216 c:\windows\$NtUninstallWMFDist11$\spuninst\spuninst.exe
    + 2012-02-17 07:10 . 2008-04-14 00:12 237568 c:\windows\$NtUninstallWMFDist11$\qasf.dll
    + 2012-02-17 07:10 . 2008-04-14 00:12 245760 c:\windows\$NtUninstallWMFDist11$\mswmdm.dll
    + 2012-02-17 07:10 . 2008-04-14 00:12 356352 c:\windows\$NtUninstallWMFDist11$\msscp.dll
    + 2012-02-17 07:10 . 2008-04-14 00:12 201728 c:\windows\$NtUninstallWMFDist11$\mspmsp.dll
    + 2012-02-17 07:10 . 2008-04-14 00:12 259072 c:\windows\$NtUninstallWMFDist11$\msnetobj.dll
    + 2012-02-17 07:10 . 2008-04-14 00:11 240640 c:\windows\$NtUninstallWMFDist11$\mpg4dmod.dll
    + 2012-02-17 07:10 . 2010-04-05 19:54 384512 c:\windows\$NtUninstallWMFDist11$\mp4sdmod.dll
    + 2012-02-17 07:10 . 2008-04-14 00:11 310272 c:\windows\$NtUninstallWMFDist11$\mp43dmod.dll
    + 2012-02-17 07:10 . 2008-06-10 11:11 103936 c:\windows\$NtUninstallWMFDist11$\logagent.exe
    + 2012-02-17 07:10 . 2008-04-14 00:12 695808 c:\windows\$NtUninstallWMFDist11$\drmv2clt.dll
    + 2012-02-17 07:10 . 2008-04-14 00:11 159232 c:\windows\$NtUninstallWMFDist11$\cewmdm.dll
    + 2012-02-17 07:10 . 2008-04-14 00:11 286720 c:\windows\$NtUninstallWMFDist11$\blackbox.dll
    + 2012-02-17 07:15 . 2006-09-26 01:58 379184 c:\windows\$NtUninstallMSCompPackV1$\spuninst\updspapi.dll
    + 2012-02-17 07:15 . 2006-09-26 01:58 221488 c:\windows\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe
    + 2012-04-21 23:20 . 2007-11-30 12:39 382840 c:\windows\$NtUninstallKB961503$\spuninst\updspapi.dll
    + 2012-04-21 23:20 . 2007-11-30 12:39 231288 c:\windows\$NtUninstallKB961503$\spuninst\spuninst.exe
    + 2012-02-21 11:55 . 2007-11-30 11:18 382840 c:\windows\$NtUninstallKB961118$\spuninst\updspapi.dll
    + 2012-02-21 11:55 . 2007-11-30 11:18 231288 c:\windows\$NtUninstallKB961118$\spuninst\spuninst.exe
    + 2012-06-05 10:01 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2718704$\spuninst\updspapi.dll
    + 2012-06-05 10:01 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2718704$\spuninst\spuninst.exe
    + 2012-06-05 10:01 . 2011-09-28 07:06 599040 c:\windows\$NtUninstallKB2718704$\crypt32.dll
    + 2012-06-13 10:01 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2709162$\spuninst\updspapi.dll
    + 2012-06-13 10:01 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2709162$\spuninst\spuninst.exe
    + 2012-06-13 10:22 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2707511$\spuninst\updspapi.dll
    + 2012-06-13 10:22 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2707511$\spuninst\spuninst.exe
    + 2012-06-13 10:15 . 2012-02-28 18:50 667136 c:\windows\$NtUninstallKB2699988$\wininet.dll
    + 2012-06-13 10:15 . 2012-02-28 18:50 633344 c:\windows\$NtUninstallKB2699988$\urlmon.dll
    + 2012-06-13 10:15 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2699988$\spuninst\updspapi.dll
    + 2012-06-13 10:15 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2699988$\spuninst\spuninst.exe
    + 2012-06-13 10:15 . 2012-02-28 18:50 532480 c:\windows\$NtUninstallKB2699988$\mstime.dll
    + 2012-06-13 10:15 . 2012-02-28 18:50 449536 c:\windows\$NtUninstallKB2699988$\mshtmled.dll
    + 2012-06-13 10:15 . 2012-02-28 18:50 251904 c:\windows\$NtUninstallKB2699988$\iepeers.dll
    + 2012-05-09 10:03 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2695962$\spuninst\updspapi.dll
    + 2012-05-09 10:03 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2695962$\spuninst\spuninst.exe
    + 2012-05-09 10:03 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2686509$\spuninst\updspapi.dll
    + 2012-05-09 10:03 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2686509$\spuninst\spuninst.exe
    + 2012-06-13 10:09 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2685939$\spuninst\updspapi.dll
    + 2012-06-13 10:09 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2685939$\spuninst\spuninst.exe
    + 2012-06-13 10:09 . 2012-01-09 16:20 139784 c:\windows\$NtUninstallKB2685939$\rdpwd.sys
    + 2012-05-09 10:01 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2676562$\spuninst\updspapi.dll
    + 2012-05-09 10:01 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2676562$\spuninst\spuninst.exe
    + 2012-04-12 10:06 . 2011-12-19 08:53 667136 c:\windows\$NtUninstallKB2675157$\wininet.dll
    + 2012-04-12 10:06 . 2011-12-19 08:53 633344 c:\windows\$NtUninstallKB2675157$\urlmon.dll
    + 2012-04-12 10:06 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2675157$\spuninst\updspapi.dll
    + 2012-04-12 10:06 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2675157$\spuninst\spuninst.exe
    + 2012-04-12 10:06 . 2011-12-19 08:53 532480 c:\windows\$NtUninstallKB2675157$\mstime.dll
    + 2012-04-12 10:06 . 2011-12-19 08:53 449536 c:\windows\$NtUninstallKB2675157$\mshtmled.dll
    + 2012-04-12 10:06 . 2011-12-19 08:53 251904 c:\windows\$NtUninstallKB2675157$\iepeers.dll
    + 2012-02-15 11:01 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2661637$\spuninst\updspapi.dll
    + 2012-02-15 11:01 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2661637$\spuninst\spuninst.exe
    + 2012-02-15 11:02 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2660465$\spuninst\updspapi.dll
    + 2012-02-15 11:02 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2660465$\spuninst\spuninst.exe
    + 2012-05-09 10:18 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2659262$\spuninst\updspapi.dll
    + 2012-05-09 10:18 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2659262$\spuninst\spuninst.exe
    + 2012-04-12 10:01 . 2009-12-24 06:59 177664 c:\windows\$NtUninstallKB2653956$\wintrust.dll
    + 2012-04-12 10:01 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2653956$\spuninst\updspapi.dll
    + 2012-04-12 10:01 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2653956$\spuninst\spuninst.exe
    + 2012-04-12 10:01 . 2008-04-14 00:11 144384 c:\windows\$NtUninstallKB2653956$\imagehlp.dll
    + 2012-03-14 10:01 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2647518$\spuninst\updspapi.dll
    + 2012-03-14 10:01 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2647518$\spuninst\spuninst.exe
    + 2012-02-15 11:02 . 2011-11-01 20:35 667136 c:\windows\$NtUninstallKB2647516$\wininet.dll
    + 2012-02-15 11:02 . 2011-11-01 20:35 633344 c:\windows\$NtUninstallKB2647516$\urlmon.dll
    + 2012-02-15 11:02 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2647516$\spuninst\updspapi.dll
    + 2012-02-15 11:02 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2647516$\spuninst\spuninst.exe
    + 2012-02-15 11:02 . 2011-11-01 20:35 532480 c:\windows\$NtUninstallKB2647516$\mstime.dll
    + 2012-02-15 11:02 . 2011-11-01 20:35 449536 c:\windows\$NtUninstallKB2647516$\mshtmled.dll
    + 2012-02-15 11:02 . 2011-11-01 20:35 251904 c:\windows\$NtUninstallKB2647516$\iepeers.dll
    + 2012-03-14 10:06 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2641653$\spuninst\updspapi.dll
    + 2012-03-14 10:06 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2641653$\spuninst\spuninst.exe
    + 2012-03-14 10:01 . 2010-07-05 13:16 382840 c:\windows\$NtUninstallKB2621440$\spuninst\updspapi.dll
    + 2012-03-14 10:01 . 2010-07-05 13:15 231288 c:\windows\$NtUninstallKB2621440$\spuninst\spuninst.exe
    + 2012-03-14 10:01 . 2011-06-24 14:10 139656 c:\windows\$NtUninstallKB2621440$\rdpwd.sys
    + 2012-04-21 23:20 . 2007-11-30 12:39 382840 c:\windows\$hf_mig$\KB961503\update\updspapi.dll
    + 2012-04-21 23:20 . 2007-11-30 12:39 755576 c:\windows\$hf_mig$\KB961503\update\update.exe
    + 2012-04-21 23:20 . 2007-11-30 12:39 231288 c:\windows\$hf_mig$\KB961503\spuninst.exe
    + 2012-06-05 10:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2718704\update\updspapi.dll
    + 2012-06-05 10:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2718704\update\update.exe
    + 2012-06-05 10:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2718704\spuninst.exe
    + 2012-05-31 13:19 . 2012-05-31 13:19 599552 c:\windows\$hf_mig$\KB2718704\SP3QFE\crypt32.dll
    + 2012-06-13 10:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2709162\update\updspapi.dll
    + 2012-06-13 10:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2709162\update\update.exe
    + 2012-06-13 10:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2709162\spuninst.exe
    + 2012-06-13 10:22 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2707511\update\updspapi.dll
    + 2012-06-13 10:22 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2707511\update\update.exe
    + 2012-06-13 10:22 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2707511\spuninst.exe
    + 2012-06-13 10:15 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2699988\update\updspapi.dll
    + 2012-06-13 10:15 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2699988\update\update.exe
    + 2012-06-13 10:15 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2699988\spuninst.exe
    + 2012-05-16 07:43 . 2012-05-16 07:43 668672 c:\windows\$hf_mig$\KB2699988\SP3QFE\wininet.dll
    + 2012-04-20 19:28 . 2012-04-20 19:28 633856 c:\windows\$hf_mig$\KB2699988\SP3QFE\urlmon.dll
    + 2012-04-20 19:28 . 2012-04-20 19:28 532480 c:\windows\$hf_mig$\KB2699988\SP3QFE\mstime.dll
    + 2012-04-20 19:28 . 2012-04-20 19:28 449536 c:\windows\$hf_mig$\KB2699988\SP3QFE\mshtmled.dll
    + 2012-04-20 19:28 . 2012-04-20 19:28 251904 c:\windows\$hf_mig$\KB2699988\SP3QFE\iepeers.dll
    + 2012-05-09 10:03 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2695962\update\updspapi.dll
    + 2012-05-09 10:03 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2695962\update\update.exe
    + 2012-05-09 10:03 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2695962\spuninst.exe
    + 2012-05-09 10:03 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2686509\update\updspapi.dll
    + 2012-05-09 10:03 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2686509\update\update.exe
    + 2012-05-09 10:03 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2686509\spuninst.exe
    + 2012-06-13 10:09 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2685939\update\updspapi.dll
    + 2012-06-13 10:09 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2685939\update\update.exe
    + 2012-06-13 10:09 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2685939\spuninst.exe
    + 2012-06-13 07:29 . 2012-05-02 13:45 139656 c:\windows\$hf_mig$\KB2685939\SP3QFE\rdpwd.sys
    + 2012-05-09 10:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2676562\update\updspapi.dll
    + 2012-05-09 10:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2676562\update\update.exe
    + 2012-05-09 10:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2676562\spuninst.exe
    + 2012-04-12 10:06 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2675157\update\updspapi.dll
    + 2012-04-12 10:06 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2675157\update\update.exe
    + 2012-04-12 10:06 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2675157\spuninst.exe
    + 2012-02-28 18:48 . 2012-02-28 18:48 668672 c:\windows\$hf_mig$\KB2675157\SP3QFE\wininet.dll
    + 2012-02-28 18:48 . 2012-02-28 18:48 633856 c:\windows\$hf_mig$\KB2675157\SP3QFE\urlmon.dll
    + 2012-02-28 18:48 . 2012-02-28 18:48 532480 c:\windows\$hf_mig$\KB2675157\SP3QFE\mstime.dll
    + 2012-02-28 18:48 . 2012-02-28 18:48 449536 c:\windows\$hf_mig$\KB2675157\SP3QFE\mshtmled.dll
    + 2012-02-28 18:48 . 2012-02-28 18:48 251904 c:\windows\$hf_mig$\KB2675157\SP3QFE\iepeers.dll
    + 2012-02-15 11:02 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2661637\update\updspapi.dll
    + 2012-02-15 11:02 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2661637\update\update.exe
    + 2012-02-15 11:02 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2661637\spuninst.exe
    + 2012-02-15 11:02 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2660465\update\updspapi.dll
    + 2012-02-15 11:02 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2660465\update\update.exe
    + 2012-02-15 11:02 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2660465\spuninst.exe
    + 2012-04-12 10:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2653956\update\updspapi.dll
    + 2012-04-12 10:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2653956\update\update.exe
    + 2012-04-12 10:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2653956\spuninst.exe
    + 2012-02-29 14:08 . 2012-02-29 14:08 178176 c:\windows\$hf_mig$\KB2653956\SP3QFE\wintrust.dll
    + 2012-02-29 14:08 . 2012-02-29 14:08 148480 c:\windows\$hf_mig$\KB2653956\SP3QFE\imagehlp.dll
    + 2012-03-14 10:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2647518\update\updspapi.dll
    + 2012-03-14 10:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2647518\update\update.exe
    + 2012-03-14 10:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2647518\spuninst.exe
    + 2012-02-15 11:02 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2647516\update\updspapi.dll
    + 2012-02-15 11:02 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2647516\update\update.exe
    + 2012-02-15 11:02 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2647516\spuninst.exe
    + 2012-02-15 09:32 . 2011-12-19 08:52 668672 c:\windows\$hf_mig$\KB2647516\SP3QFE\wininet.dll
    + 2012-02-15 09:32 . 2011-12-19 08:52 633856 c:\windows\$hf_mig$\KB2647516\SP3QFE\urlmon.dll
    + 2012-02-15 09:32 . 2011-12-19 08:52 532480 c:\windows\$hf_mig$\KB2647516\SP3QFE\mstime.dll
    + 2012-02-15 09:32 . 2011-12-19 08:52 449536 c:\windows\$hf_mig$\KB2647516\SP3QFE\mshtmled.dll
    + 2012-02-15 09:32 . 2011-12-19 08:52 251904 c:\windows\$hf_mig$\KB2647516\SP3QFE\iepeers.dll
    + 2012-03-14 10:06 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2641653\update\updspapi.dll
    + 2012-03-14 10:06 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2641653\update\update.exe
    + 2012-03-14 10:06 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2641653\spuninst.exe
    + 2012-03-14 10:01 . 2010-07-05 13:16 382840 c:\windows\$hf_mig$\KB2621440\update\updspapi.dll

    END COMBOFIX FIFTH SECTION
    ===================================================
     
    dispatch trophy,
    #23
  5. 2012/07/24
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    START COMBOFIX SIXTH SECTION

    + 2012-03-14 10:01 . 2010-07-05 13:15 755576 c:\windows\$hf_mig$\KB2621440\update\update.exe
    + 2012-03-14 10:01 . 2010-07-05 13:15 231288 c:\windows\$hf_mig$\KB2621440\spuninst.exe
    + 2012-03-14 09:32 . 2012-01-09 16:19 139784 c:\windows\$hf_mig$\KB2621440\SP3QFE\rdpwd.sys
    + 2012-05-09 05:12 . 2012-02-09 15:43 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
    + 2011-04-19 05:51 . 2011-04-19 05:51 3781960 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll
    + 2011-04-19 05:51 . 2011-04-19 05:51 3766600 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90.dll
    + 2011-05-14 03:04 . 2011-05-14 03:04 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80u.dll
    + 2011-05-14 03:04 . 2011-05-14 03:04 1101824 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\mfc80.dll
    - 2012-01-14 21:00 . 2006-07-19 13:04 1101824 c:\windows\twain_32\CNQ4802\SGRES_US.DLL
    + 2012-07-06 13:13 . 2006-07-19 13:04 1101824 c:\windows\twain_32\CNQ4802\SGRES_US.DLL
    - 2012-01-14 21:00 . 2006-06-30 09:38 1110016 c:\windows\twain_32\CNQ4802\SGRES_RU.DLL
    + 2012-07-06 13:13 . 2006-06-30 09:38 1110016 c:\windows\twain_32\CNQ4802\SGRES_RU.DLL
    - 2012-01-14 21:00 . 2006-06-16 15:15 1110016 c:\windows\twain_32\CNQ4802\SGRES_PT.DLL
    + 2012-07-06 13:13 . 2006-06-16 15:15 1110016 c:\windows\twain_32\CNQ4802\SGRES_PT.DLL
    - 2012-01-14 21:00 . 2006-06-16 15:15 1110016 c:\windows\twain_32\CNQ4802\SGRES_PL.DLL
    + 2012-07-06 13:13 . 2006-06-16 15:15 1110016 c:\windows\twain_32\CNQ4802\SGRES_PL.DLL
    - 2012-01-14 21:00 . 2006-06-16 15:15 1118208 c:\windows\twain_32\CNQ4802\SGRES_NL.DLL
    + 2012-07-06 13:13 . 2006-06-16 15:15 1118208 c:\windows\twain_32\CNQ4802\SGRES_NL.DLL
    - 2012-01-14 21:00 . 2006-06-26 13:27 1101824 c:\windows\twain_32\CNQ4802\SGRES_KR.DLL
    + 2012-07-06 13:13 . 2006-06-26 13:27 1101824 c:\windows\twain_32\CNQ4802\SGRES_KR.DLL
    + 2012-07-06 13:13 . 2006-07-19 13:04 1073152 c:\windows\twain_32\CNQ4802\SGRES_JP.DLL
    - 2012-01-14 21:00 . 2006-07-19 13:04 1073152 c:\windows\twain_32\CNQ4802\SGRES_JP.DLL
    - 2012-01-14 21:00 . 2006-06-16 15:15 1118208 c:\windows\twain_32\CNQ4802\SGRES_IT.DLL
    + 2012-07-06 13:13 . 2006-06-16 15:15 1118208 c:\windows\twain_32\CNQ4802\SGRES_IT.DLL
    + 2012-07-06 13:13 . 2006-06-16 15:15 1110016 c:\windows\twain_32\CNQ4802\SGRES_HU.DLL
    - 2012-01-14 21:00 . 2006-06-16 15:15 1110016 c:\windows\twain_32\CNQ4802\SGRES_HU.DLL
    + 2012-07-06 13:13 . 2006-06-16 15:15 1118208 c:\windows\twain_32\CNQ4802\SGRES_FR.DLL
    - 2012-01-14 21:00 . 2006-06-16 15:15 1118208 c:\windows\twain_32\CNQ4802\SGRES_FR.DLL
    + 2012-07-06 13:13 . 2006-06-16 15:15 1118208 c:\windows\twain_32\CNQ4802\SGRES_ES.DLL
    - 2012-01-14 21:00 . 2006-06-16 15:15 1118208 c:\windows\twain_32\CNQ4802\SGRES_ES.DLL
    - 2012-01-14 21:00 . 2006-06-16 15:15 1114112 c:\windows\twain_32\CNQ4802\SGRES_DE.DLL
    + 2012-07-06 13:13 . 2006-06-16 15:15 1114112 c:\windows\twain_32\CNQ4802\SGRES_DE.DLL
    - 2012-01-14 21:00 . 2006-06-16 15:15 1105920 c:\windows\twain_32\CNQ4802\SGRES_CZ.DLL
    + 2012-07-06 13:13 . 2006-06-16 15:15 1105920 c:\windows\twain_32\CNQ4802\SGRES_CZ.DLL
    - 2012-01-14 21:00 . 2006-06-20 10:12 1101824 c:\windows\twain_32\CNQ4802\SGRES_CN.DLL
    + 2012-07-06 13:13 . 2006-06-20 10:12 1101824 c:\windows\twain_32\CNQ4802\SGRES_CN.DLL
    + 2012-07-06 13:13 . 2006-07-03 17:32 1146880 c:\windows\twain_32\CNQ4802\SGCFLTR.DLL
    - 2012-01-14 21:00 . 2006-07-03 17:32 1146880 c:\windows\twain_32\CNQ4802\SGCFLTR.DLL
    - 2012-01-14 21:00 . 2006-04-03 11:34 2668368 c:\windows\twain_32\CNQ4802\CNQ4802.DAT
    + 2012-07-06 13:13 . 2006-04-03 11:34 2668368 c:\windows\twain_32\CNQ4802\CNQ4802.DAT
    + 2012-02-21 03:32 . 2008-07-06 12:06 1676288 c:\windows\system32\xpssvcs.dll
    + 2009-01-31 04:35 . 2009-01-31 04:35 2603008 c:\windows\system32\WpdShext.dll
    + 2009-01-31 04:35 . 2009-01-31 04:35 1382912 c:\windows\system32\WMVSDECD.dll
    + 2009-01-31 04:35 . 2009-01-31 04:35 1575424 c:\windows\system32\WMVENCOD.dll
    + 2009-01-31 04:35 . 2009-01-31 04:35 1543680 c:\windows\system32\WMVDECOD.dll
    + 2001-12-14 19:26 . 2010-04-06 12:52 2462720 c:\windows\system32\WMVCore.dll
    + 2011-12-10 10:33 . 2009-01-31 04:34 1329152 c:\windows\system32\WMSPDMOE.dll
    + 2001-12-14 19:26 . 2009-01-31 04:34 8231936 c:\windows\system32\wmploc.dll
    + 2009-01-31 04:34 . 2009-01-31 04:34 1661952 c:\windows\system32\wmpencen.dll
    + 2001-12-14 19:26 . 2009-01-31 04:34 1117696 c:\windows\system32\WMADMOE.dll
    + 2012-02-21 03:33 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\xpssvcs.dll
    + 2012-02-21 03:34 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\XPSEP\i386\i386\xpssvcs.dll
    + 2012-02-21 03:33 . 2008-07-07 01:36 2936832 c:\windows\system32\spool\XPSEP\amd64\xpssvcs.dll
    + 2012-02-21 03:33 . 2008-07-07 01:36 2936832 c:\windows\system32\spool\XPSEP\amd64\amd64\xpssvcs.dll
    + 2012-02-21 03:32 . 2008-07-06 12:06 1676288 c:\windows\system32\spool\drivers\w32x86\3\XpsSvcs.dll
    + 2001-12-14 19:25 . 2012-06-08 14:26 8462848 c:\windows\system32\shell32.dll
    + 2002-08-29 15:14 . 2012-04-20 19:29 1510400 c:\windows\system32\shdocvw.dll
    - 2002-08-29 15:14 . 2011-11-01 20:35 1510400 c:\windows\system32\shdocvw.dll
    + 2012-02-23 14:58 . 2001-11-01 18:48 2498560 c:\windows\system32\ReinstallBackups\0010\DriverFiles\nvoglnt.dll
    + 2012-02-23 14:58 . 2001-11-01 18:48 1449984 c:\windows\system32\ReinstallBackups\0010\DriverFiles\nvcpl.dll
    + 2012-02-23 14:58 . 2001-11-01 18:48 2004617 c:\windows\system32\ReinstallBackups\0010\DriverFiles\nv4_disp.dll
    + 2004-07-15 19:42 . 2004-07-15 19:42 1019904 c:\windows\system32\nvwimg.dll
    + 2004-07-15 19:42 . 2004-07-15 19:42 1642496 c:\windows\system32\nvwdmcpl.dll
    + 2001-12-19 22:12 . 2004-07-15 19:42 5222400 c:\windows\system32\nvoglnt.dll
    + 2004-07-15 19:42 . 2004-07-15 19:42 1363968 c:\windows\system32\nview.dll
    + 2004-07-15 19:42 . 2004-07-15 19:42 1110016 c:\windows\system32\nvdspsch.exe
    + 2001-12-19 22:12 . 2004-07-15 19:42 4112384 c:\windows\system32\nvcpl.dll
    + 2001-12-19 22:12 . 2004-07-15 19:42 3740032 c:\windows\system32\nv4_disp.dll
    + 2002-08-29 15:14 . 2012-04-20 19:29 3088384 c:\windows\system32\mshtml.dll
    + 2008-03-21 02:06 . 2008-03-21 02:06 1480232 c:\windows\system32\LegitCheckControl.dll
    + 2009-08-20 22:09 . 2009-08-20 22:09 1193832 c:\windows\system32\FM20.DLL
    + 2001-12-19 22:12 . 2004-07-15 19:42 2459712 c:\windows\system32\drivers\nv4_mini.sys
    + 2012-02-21 03:32 . 2008-07-06 12:06 1676288 c:\windows\system32\dllcache\xpssvcs.dll
    + 2001-12-14 20:35 . 2012-06-02 22:19 1933848 c:\windows\system32\dllcache\wuaueng.dll
    + 2010-04-08 21:53 . 2010-04-06 12:52 2462720 c:\windows\system32\dllcache\WMVCore.dll
    + 2011-12-10 13:16 . 2009-01-31 04:34 1329152 c:\windows\system32\dllcache\WMSPDMOE.dll
    + 2011-12-10 13:16 . 2009-01-31 04:34 8231936 c:\windows\system32\dllcache\wmploc.dll
    + 2011-12-10 13:16 . 2009-01-31 04:34 1117696 c:\windows\system32\dllcache\WMADMOE.dll
    + 2010-05-02 05:22 . 2012-06-13 13:19 1866112 c:\windows\system32\dllcache\win32k.sys
    + 2008-06-17 19:02 . 2012-06-08 14:26 8462848 c:\windows\system32\dllcache\shell32.dll
    - 2010-04-16 16:09 . 2011-11-01 20:35 1510400 c:\windows\system32\dllcache\shdocvw.dll
    + 2010-04-16 16:09 . 2012-04-20 19:29 1510400 c:\windows\system32\dllcache\shdocvw.dll
    + 2011-12-10 13:15 . 2009-01-31 01:40 1669632 c:\windows\system32\dllcache\setup_wm.exe
    + 2011-12-10 11:43 . 2012-05-04 13:12 2192640 c:\windows\system32\dllcache\ntoskrnl.exe
    + 2011-12-10 11:43 . 2012-05-04 12:32 2026496 c:\windows\system32\dllcache\ntkrpamp.exe
    + 2009-02-08 03:02 . 2012-05-04 12:32 2069120 c:\windows\system32\dllcache\ntkrnlpa.exe
    + 2011-12-10 11:43 . 2012-05-04 13:16 2148352 c:\windows\system32\dllcache\ntkrnlmp.exe
    + 2011-12-10 13:14 . 2012-06-05 15:50 1372672 c:\windows\system32\dllcache\msxml6.dll
    - 2011-12-10 13:14 . 2009-07-31 18:05 1372672 c:\windows\system32\dllcache\msxml6.dll
    + 2011-12-10 11:32 . 2012-06-05 15:50 1172480 c:\windows\system32\dllcache\msxml3.dll
    - 2011-12-10 11:32 . 2010-06-14 07:41 1172480 c:\windows\system32\dllcache\msxml3.dll
    + 2010-04-16 16:09 . 2012-04-20 19:29 3088384 c:\windows\system32\dllcache\mshtml.dll
    + 2010-04-16 16:09 . 2012-04-20 19:29 1025024 c:\windows\system32\dllcache\browseui.dll
    - 2010-04-16 16:09 . 2011-11-01 20:35 1025024 c:\windows\system32\dllcache\browseui.dll
    + 2009-11-07 09:06 . 2009-11-07 09:06 1130824 c:\windows\system32\dfshim.dll
    + 2012-02-21 03:53 . 2009-09-05 01:29 1892184 c:\windows\system32\D3DX9_42.dll
    + 2012-02-21 03:53 . 2009-09-05 01:29 1974616 c:\windows\system32\D3DCompiler_42.dll
    - 2002-08-29 15:14 . 2011-11-01 20:35 1025024 c:\windows\system32\browseui.dll
    + 2002-08-29 15:14 . 2012-04-20 19:29 1025024 c:\windows\system32\browseui.dll
    + 2008-07-30 07:40 . 2008-07-30 07:40 1720824 c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe
    + 2008-07-30 02:47 . 2008-07-30 02:47 1054208 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 1364992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll
    + 2008-07-30 02:47 . 2008-07-30 02:47 1064448 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll
    + 2008-07-30 07:40 . 2008-07-30 07:40 1548280 c:\windows\Microsoft.NET\Framework\v3.5\csc.exe
    + 2008-12-06 03:35 . 2008-12-06 03:35 1736528 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
    + 2008-07-30 05:10 . 2008-07-30 05:10 2637840 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll
    + 2008-07-30 05:10 . 2008-07-30 05:10 4883464 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll
    + 2010-04-08 07:48 . 2010-04-08 07:48 5967872 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
    + 2008-11-25 12:59 . 2008-11-25 12:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
    + 2012-03-20 12:23 . 2012-03-20 12:23 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
    + 2011-12-25 11:50 . 2011-12-25 11:50 5246976 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
    + 2011-12-25 10:50 . 2011-12-25 10:50 3186688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
    + 2012-03-20 12:23 . 2012-03-20 12:23 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
    + 2008-07-25 19:17 . 2008-07-25 19:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
    + 2011-12-25 10:50 . 2011-12-25 10:50 5913360 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
    + 2011-12-25 10:50 . 2011-12-25 10:50 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
    + 2008-07-25 19:16 . 2008-07-25 19:16 1163768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
    + 2012-04-26 09:32 . 2012-04-26 09:32 6385664 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp
    + 2012-04-26 02:32 . 2012-04-26 02:32 7069184 c:\windows\Installer\fe78f6.msp
    + 2012-03-21 06:57 . 2012-03-21 06:57 6188544 c:\windows\Installer\fe78ec.msp
    + 2002-07-18 02:46 . 2002-07-18 02:46 5742416 c:\windows\Installer\f5e2da.msp
    + 2012-02-19 04:19 . 2012-02-19 04:19 2250752 c:\windows\Installer\f5e2c8.msi
    + 2012-01-31 03:46 . 2012-01-31 03:46 7069184 c:\windows\Installer\a9ff6d9.msp
    + 2008-09-04 22:52 . 2008-09-04 22:52 4337664 c:\windows\Installer\75e738c.msp
    + 2010-08-09 23:44 . 2010-08-09 23:44 3778048 c:\windows\Installer\75e737d.msp
    + 2010-01-11 23:35 . 2010-01-11 23:35 4480000 c:\windows\Installer\75e735d.msp
    + 2006-02-27 23:31 . 2006-02-27 23:31 1269248 c:\windows\Installer\75e734d.msp
    + 2010-10-04 20:59 . 2010-10-04 20:59 8300032 c:\windows\Installer\75e733e.msp
    + 2006-03-28 22:37 . 2006-03-28 22:37 6956032 c:\windows\Installer\75e732f.msp
    + 2006-08-30 00:50 . 2006-08-30 00:50 3210240 c:\windows\Installer\75e731d.msp
    + 2004-03-10 16:13 . 2004-03-10 16:13 2602496 c:\windows\Installer\75e730d.msp
    + 2010-08-18 17:19 . 2010-08-18 17:19 8400896 c:\windows\Installer\75e72fe.msp
    + 2004-09-13 07:35 . 2004-09-13 07:35 1452544 c:\windows\Installer\75e72ee.msp
    + 2009-08-20 22:27 . 2009-08-20 22:27 3622400 c:\windows\Installer\75e729f.msp
    + 2011-02-25 21:25 . 2011-02-25 21:25 7968256 c:\windows\Installer\75e727a.msp
    + 2012-07-20 02:19 . 2012-07-20 02:19 1648640 c:\windows\Installer\430e6a0.msi
    + 2012-07-07 16:03 . 2012-07-07 16:03 2295808 c:\windows\Installer\26f501.msi
    + 2011-10-31 06:54 . 2011-10-31 06:54 2748416 c:\windows\Installer\180ae42.msp
    + 2008-12-13 17:57 . 2008-12-13 17:57 8397824 c:\windows\Installer\180ae1c.msp
    + 2009-11-09 08:25 . 2009-11-09 08:25 1935360 c:\windows\Installer\180adfa.msp
    + 2011-12-26 17:59 . 2011-12-26 17:59 4368896 c:\windows\Installer\180add6.msp
    + 2010-04-12 06:17 . 2010-04-12 06:17 2607104 c:\windows\Installer\180adbc.msp
    + 2010-04-12 06:17 . 2010-04-12 06:17 4210688 c:\windows\Installer\180adbb.msp
    + 2008-07-30 03:26 . 2008-07-30 03:26 1043456 c:\windows\Installer\173dec.msp
    + 2008-07-30 04:37 . 2008-07-30 04:37 2679808 c:\windows\Installer\173dea.msp
    + 2008-07-30 05:15 . 2008-07-30 05:15 3697664 c:\windows\Installer\173de8.msp
    + 2008-07-30 03:34 . 2008-07-30 03:34 1448448 c:\windows\Installer\173de7.msp
    + 2008-07-30 04:22 . 2008-07-30 04:22 4137984 c:\windows\Installer\173de6.msp
    + 2008-07-30 03:18 . 2008-07-30 03:18 3376640 c:\windows\Installer\173de5.msp
    + 2012-02-24 03:52 . 2012-02-24 03:52 9811968 c:\windows\Installer\146185.msi
    + 2012-02-24 03:49 . 2012-02-24 03:49 1633792 c:\windows\Installer\14617f.msi
    + 2011-11-01 20:34 . 2011-11-01 20:34 1552384 c:\windows\Installer\14486c6d.msp
    + 2012-04-05 05:38 . 2012-04-05 05:38 2831360 c:\windows\Installer\14486c64.msp
    + 2012-04-05 05:38 . 2012-04-05 05:38 3620864 c:\windows\Installer\14486c5b.msp
    + 2011-11-01 20:34 . 2011-11-01 20:34 2531840 c:\windows\Installer\14486c41.msp
    + 2012-04-29 04:43 . 2012-04-29 04:43 8459264 c:\windows\Installer\14486c38.msp
    + 2008-07-30 01:45 . 2008-07-30 01:45 2543616 c:\windows\Installer\10aacb.msp
    + 2008-07-30 01:29 . 2008-07-30 01:29 2926080 c:\windows\Installer\10aaca.msp
    + 2008-07-30 01:41 . 2008-07-30 01:41 6487040 c:\windows\Installer\10aac9.msp
    + 2008-07-30 01:39 . 2008-07-30 01:39 3403264 c:\windows\Installer\10aac8.msp
    + 2008-07-30 01:43 . 2008-07-30 01:43 1013248 c:\windows\Installer\10aac6.msp
    + 2008-07-30 01:31 . 2008-07-30 01:31 6083072 c:\windows\Installer\10aac3.msp
    + 2012-02-24 03:52 . 2012-02-24 03:52 7424000 c:\windows\Installer\{E6B87DC4-2B3D-4483-ADFF-E483BF718991}\soffice.exe
    + 2011-06-06 19:55 . 2011-06-06 19:55 2215312 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\rt3d.dll
    + 2011-06-06 19:55 . 2011-06-06 19:55 1189004 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\JSByteCodeWin.bin
    + 2011-06-06 19:55 . 2011-06-06 19:55 6543768 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\authplay.dll
    + 2011-06-06 19:55 . 2011-06-06 19:55 1240992 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\AdobeCollabSync.exe
    + 2011-06-06 19:55 . 2011-06-06 19:55 1480600 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\AcroRd32.exe
    + 2011-08-17 16:49 . 2011-08-17 16:49 4683624 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6612\WRD12CNV.DLL
    + 2011-07-27 11:44 . 2011-07-27 11:44 1791824 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6612\PPCNV.DLL
    + 2011-07-07 09:58 . 2011-07-07 09:58 1616240 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6612\OGL.DLL
    + 2009-08-20 01:04 . 2009-08-20 01:04 4542296 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6514\WRD12CNV.DLL
    + 2009-08-17 22:32 . 2009-08-17 22:32 1787728 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6514\PPCNV.DLL
    + 2009-06-13 01:15 . 2009-06-13 01:15 1661792 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6514\OGL.DLL
    + 2009-08-18 00:38 . 2009-08-18 00:38 8554872 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6514\OARTCONV.DLL
    + 2011-12-10 11:43 . 2012-05-04 13:12 2192640 c:\windows\Driver Cache\i386\ntoskrnl.exe
    + 2011-12-10 11:43 . 2012-05-04 12:32 2026496 c:\windows\Driver Cache\i386\ntkrpamp.exe
    + 2009-02-08 03:02 . 2012-05-04 12:32 2069120 c:\windows\Driver Cache\i386\ntkrnlpa.exe
    + 2011-12-10 11:43 . 2012-05-04 13:16 2148352 c:\windows\Driver Cache\i386\ntkrnlmp.exe
    + 2012-02-21 12:18 . 2012-02-21 12:18 5062656 c:\windows\assembly\tmp\PY5CIPV2\System.Design.dll
    + 2012-06-13 10:05 . 2012-06-13 10:05 5025792 c:\windows\assembly\tmp\DMSZ5CIP\System.Windows.Forms.dll
    + 2012-04-12 10:19 . 2012-04-12 10:19 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_0a0b2237\System.dll
    + 2012-04-12 10:19 . 2012-04-12 10:19 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_45ed349d\System.Xml.dll
    + 2012-04-12 10:17 . 2012-04-12 10:17 3035136 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_9bea18e7\System.Windows.Forms.dll
    + 2012-06-13 10:10 . 2012-06-13 10:10 3035136 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_8e26461f\System.Windows.Forms.dll
    + 2012-04-12 10:19 . 2012-04-12 10:19 7917568 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_86734b8d\System.Windows.Forms.dll
    + 2012-06-13 10:13 . 2012-06-13 10:13 7917568 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_67d84f64\System.Windows.Forms.dll
    + 2012-04-12 10:19 . 2012-04-12 10:19 2248704 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_470e133c\System.Drawing.dll
    + 2012-06-13 10:13 . 2012-06-13 10:13 2252800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_24e35d9b\System.Drawing.dll
    + 2012-04-12 10:19 . 2012-04-12 10:19 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_d7d2ebb9\System.Design.dll
    + 2012-06-13 10:13 . 2012-06-13 10:13 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_733261e6\System.Design.dll
    + 2012-04-12 10:18 . 2012-04-12 10:18 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_666edfec\System.Design.dll
    + 2012-06-13 10:11 . 2012-06-13 10:11 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_4b004079\System.Design.dll
    + 2012-04-12 10:19 . 2012-04-12 10:19 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_3caaba5a\mscorlib.dll
    + 2012-05-09 10:14 . 2012-05-09 10:14 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6d8bef0d008389874e55c0308f0c18e5\WindowsBase.ni.dll
    + 2012-05-09 10:22 . 2012-05-09 10:22 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\41a81b97625c113b591ed082c95276e2\UIAutomationClientsideProviders.ni.dll
    + 2012-02-21 11:54 . 2012-02-21 11:54 7676928 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5B8.tmp\System.dll
    + 2012-05-09 10:12 . 2012-05-09 10:12 7953408 c:\windows\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
    + 2012-05-09 10:21 . 2012-05-09 10:21 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
    + 2012-06-13 10:29 . 2012-06-13 10:29 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\bd5bd406670d483b82bd51249eee59e3\System.WorkflowServices.ni.dll
    + 2012-06-13 10:29 . 2012-06-13 10:29 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\77361ebe9ad8ff77cc9a8d7f8363eb05\System.Workflow.Runtime.ni.dll
    + 2012-06-13 10:29 . 2012-06-13 10:29 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\1c12dfa7826b331b243b7b45daf9904d\System.Workflow.ComponentModel.ni.dll
    + 2012-06-13 10:29 . 2012-06-13 10:29 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\514bf0e69e2c9fc8509cd23236057356\System.Workflow.Activities.ni.dll
    + 2012-06-13 10:28 . 2012-06-13 10:28 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e70343406253e43964f9fe1f42cfbd7c\System.Web.Services.ni.dll
    + 2012-06-13 10:28 . 2012-06-13 10:28 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\77f8cde07b131839f1841be702837e8e\System.Web.Mobile.ni.dll
    + 2012-06-13 10:28 . 2012-06-13 10:28 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\242b168aaca18197eca371ec269e23ac\System.Web.Extensions.ni.dll
    + 2012-05-09 10:21 . 2012-05-09 10:21 1917440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\5efb50c91f3c5e49be2079f625d933b7\System.Speech.ni.dll
    + 2012-05-09 10:28 . 2012-05-09 10:28 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\97d635f5c656ae43d94b55e67fc4ab50\System.ServiceModel.Web.ni.dll
    + 2012-05-09 10:23 . 2012-05-09 10:23 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\505e12638acd6fdb22e1fd2d4c6fc232\System.Runtime.Serialization.ni.dll
    + 2012-06-13 10:25 . 2012-06-13 10:25 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\d380f1813e27c2a086e62f0218669d67\System.Printing.ni.dll
    + 2012-05-09 10:23 . 2012-05-09 10:23 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\e09496ddb2bf6f3b69707924f2e6b5ff\System.IdentityModel.ni.dll
    + 2012-06-13 10:24 . 2012-06-13 10:24 1592320 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
    + 2012-05-09 10:27 . 2012-05-09 10:27 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\b55887436d2cfbe1fb32dd18d554185b\System.DirectoryServices.ni.dll
    + 2012-06-13 10:27 . 2012-06-13 10:27 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\7a53d68ad544f8e9edfdbd5a90a48fd3\System.Deployment.ni.dll
    + 2012-05-09 10:20 . 2012-05-09 10:20 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\12c6fe8d4dd78f9bddf847d3b2821c03\System.Data.ni.dll
    + 2012-05-09 10:25 . 2012-05-09 10:25 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\982b508698278c6ffb3d143bbe1e8bb8\System.Data.SqlXml.ni.dll
    + 2012-05-09 10:27 . 2012-05-09 10:27 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\2de7666b1cd0a1bc363726c9553dc39c\System.Data.Services.ni.dll
    + 2012-05-09 10:20 . 2012-05-09 10:20 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\44a5fc9e7c71b1fe1e2c79b03ecc3bc7\System.Data.Linq.ni.dll
    + 2012-05-09 10:27 . 2012-05-09 10:27 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\772c94f595cd87b7fa187d592ef46fcf\System.Data.Entity.ni.dll
    + 2012-05-09 10:20 . 2012-05-09 10:20 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\38d07a5ac34b99d94fd14f42e779f625\System.Core.ni.dll
    + 2012-06-13 10:24 . 2012-06-13 10:24 2146304 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\443dd7f0b84c3de54b1a72be655e307c\ReachFramework.ni.dll
    + 2012-06-13 10:24 . 2012-06-13 10:24 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\48ddcafff1a5603fb3289e90330275c0\PresentationUI.ni.dll
    + 2012-05-09 10:12 . 2012-05-09 10:12 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\8c509044eea2ab22689ea43926b30108\PresentationBuildTasks.ni.dll
    + 2012-06-13 10:27 . 2012-06-13 10:27 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\359fd69eb60e9844ffd497e92345178c\Microsoft.VisualBasic.ni.dll
    + 2012-05-09 10:24 . 2012-05-09 10:24 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\42145ebf75f77cabad442f0801a81c64\Microsoft.Transactions.Bridge.ni.dll
    + 2012-05-09 10:28 . 2012-05-09 10:28 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\cfe15312373b4668398404b5822bab7d\Microsoft.JScript.ni.dll
    + 2012-06-13 10:27 . 2012-06-13 10:27 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\4e463dcf2a03c71913a61b44c32e2389\Microsoft.Build.Tasks.ni.dll
    + 2012-06-13 10:27 . 2012-06-13 10:27 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\395b4a85c7941ac4dd9d1c6f5eb444c7\Microsoft.Build.Tasks.v3.5.ni.dll
    + 2012-05-09 10:25 . 2012-05-09 10:25 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\5aa63a1cb41e3a5e1e8ed17072e60ec3\Microsoft.Build.Engine.ni.dll
    + 2012-05-09 10:02 . 2012-05-09 10:02 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 3186688 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
    + 2012-02-21 03:35 . 2012-02-21 03:35 1630208 c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
    + 2012-02-21 03:35 . 2012-02-21 03:35 1138688 c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
    + 2012-06-13 10:19 . 2012-06-13 10:19 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
    + 2012-02-21 11:43 . 2012-02-21 11:43 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
    + 2012-02-21 11:18 . 2012-02-21 11:18 5967872 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
    + 2012-06-13 10:19 . 2012-06-13 10:19 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
    + 2012-02-21 03:37 . 2012-02-21 03:37 2879488 c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
    + 2012-05-09 10:02 . 2012-05-09 10:02 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
    + 2012-06-13 10:19 . 2012-06-13 10:19 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
    + 2012-05-09 10:02 . 2012-05-09 10:02 4214784 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
    + 2012-06-13 10:20 . 2012-06-13 10:20 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
    + 2012-02-17 07:13 . 2008-04-13 17:28 2940928 c:\windows\$NtUninstallwmp11$\wmploc.dll
    + 2012-02-17 07:13 . 2010-08-27 01:16 4886528 c:\windows\$NtUninstallwmp11$\wmp.dll
    + 2012-02-17 07:10 . 2008-04-14 00:12 1001472 c:\windows\$NtUninstallWMFDist11$\wmvdmoe2.dll
    + 2012-02-17 07:10 . 2010-04-08 22:03 2113536 c:\windows\$NtUninstallWMFDist11$\wmvcore.dll
    + 2012-02-17 07:10 . 2008-04-14 00:12 1119744 c:\windows\$NtUninstallWMFDist11$\wmsdmoe2.dll
    + 2012-02-17 07:10 . 2008-06-10 14:11 1053696 c:\windows\$NtUninstallWMFDist11$\wmnetmgr.dll
    + 2012-06-13 10:01 . 2012-04-11 13:12 1862272 c:\windows\$NtUninstallKB2709162$\win32k.sys
    + 2012-06-13 10:22 . 2012-04-11 13:10 2192640 c:\windows\$NtUninstallKB2707511$\ntoskrnl.exe
    + 2012-06-13 10:22 . 2012-04-11 12:35 2026496 c:\windows\$NtUninstallKB2707511$\ntkrpamp.exe
    + 2012-06-13 10:22 . 2012-04-11 12:35 2069120 c:\windows\$NtUninstallKB2707511$\ntkrnlpa.exe
    + 2012-06-13 10:22 . 2012-04-11 13:14 2148352 c:\windows\$NtUninstallKB2707511$\ntkrnlmp.exe
    + 2012-06-13 10:15 . 2012-02-28 18:50 1510400 c:\windows\$NtUninstallKB2699988$\shdocvw.dll
    + 2012-06-13 10:15 . 2012-02-28 18:50 3087872 c:\windows\$NtUninstallKB2699988$\mshtml.dll
    + 2012-06-13 10:15 . 2012-02-28 18:50 1025024 c:\windows\$NtUninstallKB2699988$\browseui.dll
    + 2012-05-09 10:01 . 2012-02-03 09:22 1860096 c:\windows\$NtUninstallKB2676562$\win32k.sys
    + 2012-05-09 10:01 . 2011-10-25 13:33 2192768 c:\windows\$NtUninstallKB2676562$\ntoskrnl.exe
    + 2012-05-09 10:01 . 2011-10-25 12:52 2027008 c:\windows\$NtUninstallKB2676562$\ntkrpamp.exe
    + 2012-05-09 10:01 . 2011-10-25 12:52 2069376 c:\windows\$NtUninstallKB2676562$\ntkrnlpa.exe
    + 2012-05-09 10:01 . 2011-10-25 13:37 2148864 c:\windows\$NtUninstallKB2676562$\ntkrnlmp.exe
    + 2012-04-12 10:06 . 2011-12-19 08:53 1510400 c:\windows\$NtUninstallKB2675157$\shdocvw.dll
    + 2012-04-12 10:06 . 2011-12-19 08:53 3087360 c:\windows\$NtUninstallKB2675157$\mshtml.dll
    + 2012-04-12 10:06 . 2011-12-19 08:53 1025024 c:\windows\$NtUninstallKB2675157$\browseui.dll
    + 2012-02-15 11:02 . 2011-11-23 13:25 1859584 c:\windows\$NtUninstallKB2660465$\win32k.sys
    + 2012-02-15 11:02 . 2011-11-01 20:35 1510400 c:\windows\$NtUninstallKB2647516$\shdocvw.dll
    + 2012-02-15 11:02 . 2011-11-03 15:51 3087360 c:\windows\$NtUninstallKB2647516$\mshtml.dll
    + 2012-02-15 11:02 . 2011-11-01 20:35 1025024 c:\windows\$NtUninstallKB2647516$\browseui.dll
    + 2012-03-14 10:06 . 2012-01-12 16:53 1859968 c:\windows\$NtUninstallKB2641653$\win32k.sys
    + 2012-05-15 13:27 . 2012-05-15 13:27 1872128 c:\windows\$hf_mig$\KB2709162\SP3QFE\win32k.sys
    + 2012-05-04 13:20 . 2012-05-04 13:20 2192640 c:\windows\$hf_mig$\KB2707511\SP3QFE\ntoskrnl.exe
    + 2012-05-04 12:41 . 2012-05-04 12:41 2026496 c:\windows\$hf_mig$\KB2707511\SP3QFE\ntkrpamp.exe
    + 2012-05-04 12:41 . 2012-05-04 12:41 2069120 c:\windows\$hf_mig$\KB2707511\SP3QFE\ntkrnlpa.exe
    + 2012-05-04 13:24 . 2012-05-04 13:24 2148352 c:\windows\$hf_mig$\KB2707511\SP3QFE\ntkrnlmp.exe
    + 2012-04-20 19:28 . 2012-04-20 19:28 1510400 c:\windows\$hf_mig$\KB2699988\SP3QFE\shdocvw.dll
    + 2012-04-20 19:28 . 2012-04-20 19:28 3088896 c:\windows\$hf_mig$\KB2699988\SP3QFE\mshtml.dll
    + 2012-04-20 19:28 . 2012-04-20 19:28 1025024 c:\windows\$hf_mig$\KB2699988\SP3QFE\browseui.dll
    + 2012-04-11 13:23 . 2012-04-11 13:23 1871360 c:\windows\$hf_mig$\KB2676562\SP3QFE\win32k.sys
    + 2012-04-11 13:22 . 2012-04-11 13:22 2192640 c:\windows\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe
    + 2012-04-11 12:42 . 2012-04-11 12:42 2026496 c:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrpamp.exe
    + 2012-04-11 12:42 . 2012-04-11 12:42 2069120 c:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe
    + 2012-04-11 13:26 . 2012-04-11 13:26 2148352 c:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrnlmp.exe
    + 2012-02-28 18:48 . 2012-02-28 18:48 1510400 c:\windows\$hf_mig$\KB2675157\SP3QFE\shdocvw.dll
    + 2012-02-28 18:48 . 2012-02-28 18:48 3088384 c:\windows\$hf_mig$\KB2675157\SP3QFE\mshtml.dll
    + 2012-02-28 18:48 . 2012-02-28 18:48 1025024 c:\windows\$hf_mig$\KB2675157\SP3QFE\browseui.dll
    + 2012-01-12 16:54 . 2012-01-12 16:54 1869056 c:\windows\$hf_mig$\KB2660465\SP3QFE\win32k.sys
    + 2012-02-15 09:32 . 2011-12-19 08:52 1510400 c:\windows\$hf_mig$\KB2647516\SP3QFE\shdocvw.dll
    + 2011-12-19 22:22 . 2011-12-19 22:22 3087872 c:\windows\$hf_mig$\KB2647516\SP3QFE\mshtml.dll
    + 2012-02-15 09:32 . 2011-12-19 08:52 1025024 c:\windows\$hf_mig$\KB2647516\SP3QFE\browseui.dll
    + 2012-03-14 09:33 . 2012-02-03 09:26 1869184 c:\windows\$hf_mig$\KB2641653\SP3QFE\win32k.sys
    + 2011-12-10 10:33 . 2010-08-26 07:36 10841088 c:\windows\system32\wmp.dll
    + 2011-12-10 14:45 . 2012-07-11 10:01 57442464 c:\windows\system32\MRT.exe
    + 2009-07-13 10:18 . 2010-08-26 07:36 10841088 c:\windows\system32\dllcache\wmp.dll
    + 2012-04-06 09:12 . 2012-04-06 09:12 15709696 c:\windows\Installer\59e046ef.msp
    + 2012-01-04 09:25 . 2012-01-04 09:25 17751552 c:\windows\Installer\59e046df.msp
    + 2012-04-06 10:13 . 2012-04-06 10:13 16527872 c:\windows\Installer\59e046d1.msp
    + 2012-04-04 11:17 . 2012-04-04 11:17 16613376 c:\windows\Installer\26f502.msp
    + 2004-01-30 10:19 . 2004-01-30 10:19 56269996 c:\windows\Installer\21a80b9.msp
    + 2011-03-28 11:27 . 2011-03-28 11:27 15456256 c:\windows\Installer\180ae4b.msp
    + 2011-07-12 04:43 . 2011-07-12 04:43 11641344 c:\windows\Installer\180ae3a.msp
    + 2008-12-13 18:21 . 2008-12-13 18:21 10473472 c:\windows\Installer\180ae24.msp
    + 2010-03-31 09:23 . 2010-03-31 09:23 15638528 c:\windows\Installer\180ae07.msp
    + 2010-04-12 06:17 . 2010-04-12 06:17 14599680 c:\windows\Installer\180adcb.msp
    + 2011-09-16 01:37 . 2011-09-16 01:37 38176256 c:\windows\Installer\14486c52.msp
    + 2011-06-06 19:55 . 2011-06-06 19:55 24731544 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\AcroRd32.dll
    + 2009-08-18 00:39 . 2009-08-18 00:39 15119720 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6514\XL12CNV.EXE
    + 2009-08-17 23:40 . 2009-08-17 23:40 17309040 c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6514\MSO.DLL
    + 2012-06-13 10:25 . 2012-06-13 10:25 12433920 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
    + 2012-06-13 10:28 . 2012-06-13 10:28 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
    + 2012-05-09 10:24 . 2012-05-09 10:24 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\bc254d2fa26664898ae21d45643bc194\System.ServiceModel.ni.dll
    + 2012-06-13 10:24 . 2012-06-13 10:24 10682368 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\f73a8455f384e90f6925309336fece24\System.Design.ni.dll
    + 2012-06-13 10:24 . 2012-06-13 10:24 14329856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e4ecfaaf5417aceecb7fa8abddf06113\PresentationFramework.ni.dll
    + 2012-06-13 10:23 . 2012-06-13 10:23 12218368 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f33e2a4d9b385234406fa2d662f78875\PresentationCore.ni.dll
    + 2012-05-09 10:11 . 2012-05-09 10:11 11492352 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{f8d96645-337c-419b-8792-b6c126145811} "= "c:\program files\verizontb\verizonDx.dll" [2011-04-29 86696]
    .
    [HKEY_CLASSES_ROOT\clsid\{f8d96645-337c-419b-8792-b6c126145811}]
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{96673559-e653-4cdc-8923-f89347a952c0}]
    2011-04-29 19:56 262312 ----a-w- c:\program files\verizontb\auxi\verizonAu.dll
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{f8d96645-337c-419b-8792-b6c126145811}]
    2011-04-29 19:56 86696 ----a-w- c:\program files\verizontb\verizonDx.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{f8d96645-337c-419b-8792-b6c126145811} "= "c:\program files\verizontb\verizonDx.dll" [2011-04-29 86696]
    .
    [HKEY_CLASSES_ROOT\clsid\{f8d96645-337c-419b-8792-b6c126145811}]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
    @= "{472083B0-C522-11CF-8763-00608CC02F24} "
    [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
    2012-07-03 16:21 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Scan Buttons "= "c:\program files\Pmsb.exe" [2006-10-11 147456]
    "OM2_Monitor "= "c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-04-17 95536]
    "ooVoo.exe "= "c:\program files\ooVoo\oovoo.exe" [2012-02-08 22465104]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ZTgServerSwitch "= "c:\program files\support.com\client\lserver\server.vbs" [2001-04-26 2220]
    "NvCplDaemon "= "c:\windows\system32\NvCpl.dll" [2004-07-15 4112384]
    "Share-to-Web Namespace Daemon "= "c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2001-07-03 57344]
    "SSBkgdUpdate "= "c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
    "OpwareSE4 "= "c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
    "WrtMon.exe "= "c:\windows\System32\spool\drivers\w32x86\3\WrtMon.exe" [2006-09-20 20480]
    "Malwarebytes' Anti-Malware "= "c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
    "OM2_Monitor "= "c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2009-04-17 54576]
    "avast "= "c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
    "nwiz "= "nwiz.exe" [2004-07-15 843776]
    "NvMediaCenter "= "c:\windows\system32\NvMcTray.dll" [2004-07-15 81920]
    "Adobe ARM "= "c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-04-04 843712]
    "SunJavaUpdateSched "= "c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
    .
    c:\documents and settings\user account\Start Menu\Programs\Startup\
    OpenOffice.org 3.1.lnk - d:\openoffice\OpenOffice.org 3\program\quickstart.exe [2009-4-16 384000]
    .
    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
    VAIO Action Setup (Server).lnk - c:\program files\Sony\VAIO Action Setup\VAServ.exe [2001-12-19 40960]
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall "= 0 (0x0)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe "=
    "c:\\Program Files\\support.com\\client\\bin\\tgcmd.exe "=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe "=
    "c:\\Program Files\\Opera\\opera.exe "=
    "c:\\WINDOWS\\system32\\dpvsetup.exe "=
    "c:\\WINDOWS\\system32\\dpnsvr.exe "=
    "c:\\WINDOWS\\system32\\dxdiag.exe "=
    "c:\\Program Files\\NetGroup.exe "=
    "c:\\Program Files\\ooVoo\\ooVoo.exe "=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe "=
    "c:\\Program Files\\Opera\\pluginwrapper\\opera_plugin_wrapper.exe "=
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "443:TCP "= 443:TCP:eek:oVoo TCP port 443
    "443:UDP "= 443:UDP:eek:oVoo UDP port 443
    "37674:TCP "= 37674:TCP:eek:oVoo TCP port 37674
    "37674:UDP "= 37674:UDP:eek:oVoo UDP port 37674
    "37675:UDP "= 37675:UDP:eek:oVoo UDP port 37675
    .
    R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2/4/2012 7:31 AM 721000]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2/4/2012 7:32 AM 353688]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2/4/2012 7:32 AM 21256]
    R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12/18/2011 2:37 AM 655944]
    R2 SonyFKC;FAN and Keyboard Control Service;c:\windows\system32\drivers\SonyFKC.sys [12/19/2001 7:18 AM 12032]
    R2 V7;V7;c:\windows\system32\drivers\V7.SYS [11/30/2011 4:12 PM 7196]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12/18/2011 2:37 AM 22344]
    S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/8/2012 11:18 PM 136176]
    S3 BCM42XX;Broadcom iLine10(tm) Network Adapter Driver;c:\windows\system32\drivers\bcm42xx5.sys [12/14/2001 5:55 PM 54271]
    S3 cpuz134;cpuz134;\??\c:\docume~1\USERAC~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys --> c:\docume~1\USERAC~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [?]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [1/8/2012 11:18 PM 136176]
    S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [2/20/2012 8:54 PM 30576]
    S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2/4/2012 8:11 AM 27064]
    S3 SMBE;Sony MPEG2 Encoder Board (WDM);c:\windows\system32\drivers\Smbe.sys [12/14/2001 12:26 PM 593000]
    S4 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [6/7/2012 7:12 PM 160944]
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - TRUESIGHT
    *Deregistered* - aswMBR
    *Deregistered* - kfacrkog
    *Deregistered* - TrueSight
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-07-24 c:\windows\Tasks\avast! Emergency Update.job
    - c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-06-29 16:21]
    .
    2012-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2012-01-09 06:17]
    .
    2012-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2012-01-09 06:17]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.ask.com/?l=dis&o=14597
    uInternet Settings,ProxyServer = hxxp://proxify.com/proxy.pac:81
    TCP: DhcpNameServer = 192.168.1.1
    DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
    FF - ProfilePath - c:\documents and settings\user account\Application Data\Mozilla\Firefox\Profiles\kw863eum.default\
    FF - prefs.js: browser.startup.homepage - inbox.com
    FF - prefs.js: network.proxy.type - 4
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
    .
    - - - - ORPHANS REMOVED - - - -
    .
    WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2012-07-24 15:56
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\S-1-5-21-602162358-308236825-1801674531-1004\Software\Microsoft\SystemCertificates\AddressBook*]
    @Allowed: (Read) (RestrictedCode)
    @Allowed: (Read) (RestrictedCode)
    .
    Completion time: 2012-07-24 16:02:33
    ComboFix-quarantined-files.txt 2012-07-24 23:02
    .
    Pre-Run: 11,216,957,440 bytes free
    Post-Run: 12,119,662,592 bytes free
    .
    - - End Of File - - 90246B22C8AEE97FD668A747C1CA9D73

    END COMBOFIX SIXTH SECTION
    END COMBOFIX REPORT
     
    dispatch trophy,
    #24
  6. 2012/07/24
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    I assume that I did not need to run RKILL because there was no problem running Combofix the first time.
     
    dispatch trophy,
    #25
  7. 2012/07/24
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Correct.

    What are the current issues?
     
    broni,
    #26
  8. 2012/07/24
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    Do you mean I should check the things that did not work before and see if they have been fixed?

    The original issues were Restore Point, malfunctions internet radio program called screamer-radio. Also I was unable to delete certain files during an avast boot scan.

    Also, should I run Rogue Killer again and see if still tells me to delete the two registry files?
     
    dispatch trophy,
    #27
  9. 2012/07/24
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    We'll check this little bit later.

    Subject to a different forum.

    No.

    If nothing else we'll go on with next scans.

    Download OTL to your Desktop.
    Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Scan All Users checkbox.
    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
     
    broni,
    #28
  10. 2012/07/25
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    START SECTION #1 OTL.TXT


    OTL logfile created on: 7/25/2012 4:01:29 AM - Run 2
    OTL by OldTimer - Version 3.2.54.1 Folder = C:\Documents and Settings\user account\Desktop\JULY SCANS
    Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 6.0.2900.5512)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1023.53 Mb Total Physical Memory | 502.65 Mb Available Physical Memory | 49.11% Memory free
    1.65 Gb Paging File | 1.36 Gb Available in Paging File | 82.38% Paging File free
    Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 28.00 Gb Total Space | 11.94 Gb Free Space | 42.66% Space Free | Partition Type: NTFS
    Drive D: | 48.33 Gb Total Space | 46.03 Gb Free Space | 95.24% Space Free | Partition Type: NTFS

    Computer Name: VALUED-7B9600FA | User Name: user account | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/07/25 03:59:10 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\user account\Desktop\JULY SCANS\OTL.exe
    PRC - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
    PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    PRC - [2012/07/03 09:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
    PRC - [2012/07/03 09:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2012/02/07 19:01:50 | 022,465,104 | ---- | M] (ooVoo LLC) -- C:\Program Files\ooVoo\ooVoo.exe
    PRC - [2009/04/23 07:29:18 | 007,418,368 | ---- | M] (OpenOffice.org) -- D:\OPENOFFICE\OpenOffice.org 3\program\soffice.bin
    PRC - [2009/04/23 07:29:14 | 007,424,000 | ---- | M] (OpenOffice.org) -- D:\OPENOFFICE\OpenOffice.org 3\program\soffice.exe
    PRC - [2009/04/17 15:33:36 | 000,095,536 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
    PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
    PRC - [2006/10/11 13:45:12 | 000,075,304 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
    PRC - [2006/09/20 09:35:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
    PRC - [2006/09/19 17:05:32 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
    PRC - [2001/11/19 04:40:58 | 001,413,120 | ---- | M] (Support.com, Inc.) -- c:\Program Files\support.com\client\bin\tgcmd.exe
    PRC - [2001/11/05 02:04:00 | 000,040,960 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Action Setup\VAServ.exe
    PRC - [2001/07/03 09:11:52 | 000,057,344 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe


    ========== Modules (No Company Name) ==========

    MOD - [2012/07/24 23:01:37 | 001,787,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12072500\algo.dll
    MOD - [2009/04/16 14:02:16 | 000,970,752 | ---- | M] () -- D:\OPENOFFICE\OpenOffice.org 3\program\libxml2.dll
    MOD - [2008/04/13 17:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
    MOD - [2006/09/20 09:35:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
    MOD - [2006/09/19 17:05:32 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
    MOD - [2001/11/15 04:41:56 | 000,516,096 | ---- | M] () -- c:\Program Files\support.com\client\bin\sdcmon.dll
    MOD - [2001/07/03 10:17:06 | 000,024,576 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [On_Demand | Stopped] -- D:\ubuntu\ImapiHelper.exe -- (Imapi Helper)
    SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
    SRV - [2012/07/05 22:07:00 | 000,161,704 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe -- (JavaQuickStarterService)
    SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2012/07/03 09:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2012/06/07 19:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
    SRV - [2001/09/27 23:26:40 | 000,065,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
    DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
    DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
    DRV - File not found [Kernel | On_Demand | Unknown] -- C:\ComboFix\mbr.sys -- (mbr)
    DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
    DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\USERAC~1\LOCALS~1\Temp\kfacrkog.sys -- (kfacrkog)
    DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\USERAC~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)
    DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
    DRV - File not found [Kernel | On_Demand | Running] -- C:\DOCUME~1\USERAC~1\LOCALS~1\Temp\catchme.sys -- (catchme)
    DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\USERAC~1\LOCALS~1\Temp\aswMBR.sys -- (aswMBR)
    DRV - [2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
    DRV - [2012/07/03 09:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2012/07/03 09:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
    DRV - [2012/07/03 09:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
    DRV - [2012/07/03 09:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
    DRV - [2012/07/03 09:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
    DRV - [2012/07/03 09:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2012/07/03 09:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
    DRV - [2012/02/17 08:16:01 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
    DRV - [2011/08/09 17:33:58 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BANTExt.sys -- (BANTExt)
    DRV - [2010/12/13 15:37:46 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
    DRV - [2009/12/30 11:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
    DRV - [2004/08/03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139)
    DRV - [2001/12/06 02:49:44 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\SonyFKC.sys -- (SonyFKC)
    DRV - [2001/11/12 23:26:32 | 000,029,702 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SonyWBMS.sys -- (SONYWBMS)
    DRV - [2001/09/21 17:16:46 | 000,593,000 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Smbe.sys -- (SMBE)
    DRV - [2001/08/17 14:28:00 | 000,871,388 | ---- | M] (BCM) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMDM.sys -- (BCMModem)
    DRV - [2001/08/17 13:50:26 | 000,731,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4.sys -- (nv4)
    DRV - [2001/08/17 13:11:26 | 000,054,271 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcm42xx5.sys -- (BCM42XX)
    DRV - [2001/05/08 18:57:20 | 000,467,985 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ltmdmnt.sys -- (ltmodem5)
    DRV - [2000/12/05 17:18:02 | 000,003,952 | R--- | M] (Sony Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\DMICall.sys -- (DMICall)
    DRV - [2000/03/09 12:24:42 | 000,007,196 | ---- | M] (IBM Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\V7.SYS -- (V7)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
    IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
    IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-21-602162358-308236825-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = http://www.sony.com/vaiopeople
    IE - HKU\S-1-5-21-602162358-308236825-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com
    IE - HKU\S-1-5-21-602162358-308236825-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.msn.com
    IE - HKU\S-1-5-21-602162358-308236825-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sony.com/vaiopeople
    IE - HKU\S-1-5-21-602162358-308236825-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-21-602162358-308236825-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?l=dis&o=14597
    IE - HKU\S-1-5-21-602162358-308236825-1801674531-1004\..\URLSearchHook: {f8d96645-337c-419b-8792-b6c126145811} - C:\Program Files\verizontb\verizonDx.dll ()
    IE - HKU\S-1-5-21-602162358-308236825-1801674531-1004\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
    IE - HKU\S-1-5-21-602162358-308236825-1801674531-1004\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=FF&o=14594&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=FV&apn_dtid=YYYYYYYYUS&apn_uid=dd33aadf-f0ba-4dcd-ae2a-5085652406b8&apn_sauid=05D61ABA-CCD6-4C2B-B9B5-3DB75B728879
    IE - HKU\S-1-5-21-602162358-308236825-1801674531-1004\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://searchservices.verizon.com/search/ws.portal?&_nfpb=true&_pageLabel=google_results&rs=&web_search_type=basic&sc=web&clientid=vz-cnsmr-tlbr&channel=Brwsr-v6IE&q={searchTerms}
    IE - HKU\S-1-5-21-602162358-308236825-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-602162358-308236825-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http://proxify.com/proxy.pac:81

    ========== FireFox ==========

    FF - prefs.js..browser.startup.homepage: "inbox.com "
    FF - prefs.js..extensions.enabledItems: wrc@avast.com:7.0.1456
    FF - prefs.js..network.proxy.autoconfig_url: "http://proxify.com/proxy.pac "
    FF - prefs.js..network.proxy.type: 4
    FF - user.js - File not found

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\System32\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/04 18:22:35 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/07/18 17:25:04 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/07/18 17:25:04 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: D:\components [2012/02/04 04:09:28 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: D:\plugins
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: D:\components [2012/02/04 04:09:28 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: D:\plugins

    [2012/06/12 22:51:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user account\Application Data\Mozilla\Extensions
    [2012/06/30 21:15:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\user account\Application Data\Mozilla\Firefox\Profiles\kw863eum.default\extensions
    [2012/06/30 21:14:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2012/07/04 18:22:35 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

    ========== Chrome ==========

    CHR - homepage: https://us2.startpage.com/eng/
    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:eek:riginalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
    CHR - homepage: https://us2.startpage.com/eng/
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\pdf.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
    CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\user account\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\System32\Macromed\Flash\NPSWF32.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = D:\bin\plugin2\npjp2.dll
    CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
    CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
    CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
    CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
    CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    CHR - Extension: YouTube = C:\Documents and Settings\user account\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
    CHR - Extension: Google Search = C:\Documents and Settings\user account\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
    CHR - Extension: avast! WebRep = C:\Documents and Settings\user account\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
    CHR - Extension: Gmail = C:\Documents and Settings\user account\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2012/07/24 15:56:24 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Updater For Verizon Toolbar) - {96673559-e653-4cdc-8923-f89347a952c0} - C:\Program Files\verizontb\auxi\verizonAu.dll (Visicom Media)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (Verizon Toolbar) - {f8d96645-337c-419b-8792-b6c126145811} - C:\Program Files\verizontb\verizonDx.dll ()
    O3 - HKLM\..\Toolbar: (Verizon Toolbar) - {f8d96645-337c-419b-8792-b6c126145811} - C:\Program Files\verizontb\verizonDx.dll ()
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
    O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
    O4 - HKLM..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.)
    O4 - HKLM..\Run: [OpwareSE4] C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe (ScanSoft, Inc.)
    O4 - HKLM..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
    O4 - HKLM..\Run: [WrtMon.exe] C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe ()
    O4 - HKLM..\Run: [ZTgServerSwitch] c:\Program Files\support.com\client\lserver\Server.vbs ()
    O4 - HKU\S-1-5-21-602162358-308236825-1801674531-1004..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
    O4 - HKU\S-1-5-21-602162358-308236825-1801674531-1004..\Run: [ooVoo.exe] C:\Program Files\ooVoo\oovoo.exe (ooVoo LLC)
    O4 - HKU\S-1-5-21-602162358-308236825-1801674531-1004..\Run: [Scan Buttons] C:\Program Files\Pmsb.exe (NewSoft Technology Corporation)
    O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\VAIO Action Setup (Server).lnk = C:\Program Files\Sony\VAIO Action Setup\VAServ.exe (Sony Corporation)
    O4 - Startup: C:\Documents and Settings\user account\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = D:\OPENOFFICE\OpenOffice.org 3\program\quickstart.exe ()
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-602162358-308236825-1801674531-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-602162358-308236825-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-602162358-308236825-1801674531-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-602162358-308236825-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
    O7 - HKU\S-1-5-21-602162358-308236825-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
    O7 - HKU\S-1-5-21-602162358-308236825-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
    O15 - HKU\S-1-5-21-602162358-308236825-1801674531-1004\..Trusted Domains: ([]msn in My Computer)
    O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://support.microsoft.com/Dcode/ActiveX/MSDcode.cab (Microsoft Data Collection Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
    O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
    O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DB6DB53C-CC9A-49DE-AC6D-62A5F9FBDEAB}: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
    O24 - Desktop WallPaper: C:\WINDOWS\VAIO Serenus Wallpaper TrueColor 1024x768.bmp
    O24 - Desktop BackupWallPaper: C:\WINDOWS\VAIO Serenus Wallpaper TrueColor 1024x768.bmp
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2011/12/02 12:02:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
    O32 - AutoRun File - [2011/12/01 20:04:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.CAM -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/07/24 22:40:40 | 000,000,000 | -HSD | C] -- C:\RECYCLER
    [2012/07/24 01:26:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user account\Desktop\JULY SCANS
    [2012/07/18 12:58:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user account\Local Settings\Application Data\Sun
    [2012/07/14 23:52:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user account\Desktop\STEADYCAM
    [2012/07/14 06:23:37 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
    [2012/07/14 06:23:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user account\Application Data\Oracle
    [2012/07/14 05:29:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
    [2012/07/13 02:41:57 | 000,000,000 | ---D | C] -- C:\MappedFiles
    [2012/07/07 09:09:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user account\Local Settings\Application Data\Temp
    [2012/07/07 09:09:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user account\Local Settings\Application Data\Adobe
    [2012/07/07 08:59:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
    [2012/07/07 04:14:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user account\Application Data\AdobeUM
    [2012/07/06 23:18:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cache
    [2012/07/06 19:53:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Hewlett-Packard
    [2012/07/06 19:51:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\HP PhotoSmart
    [2012/07/06 19:41:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\AiOTemp
    [2012/07/06 06:14:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Canon Utilities
    [2012/07/06 06:14:00 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\CanonIJ Uninstaller Information
    [2012/07/06 06:14:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CanoScan LiDE 600F
    [2012/07/06 06:13:53 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
    [2012/06/29 05:30:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
    [2012/06/28 08:01:31 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
    [2012/06/28 06:49:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user account\Desktop\ARAB STUFF
    [2012/06/27 22:36:06 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\user account\Recent
    [2012/06/27 22:08:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\user account\Desktop\TIME CONVERSION
    [2012/05/30 13:58:09 | 074,982,768 | ---- | C] (Apple Inc.) -- C:\Program Files\iTunesSetup.exe
    [2012/02/23 07:54:35 | 012,631,561 | ---- | C] (NVIDIA Corporation) -- C:\Program Files\61.77_win2kxp_english.exe
    [2012/02/05 18:35:11 | 000,316,480 | ---- | C] (Softonic) -- C:\Program Files\FIREFOX.exe
    [2012/02/04 07:15:04 | 003,587,688 | ---- | C] (Piriform Ltd) -- C:\Program Files\ccsetup315.exe
    [2011/12/03 16:06:54 | 000,565,760 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcp50.dll
    [2011/12/03 16:06:53 | 000,933,888 | ---- | C] (Microsoft Corporation) -- C:\Program Files\MFC40.DLL
    [2011/12/03 16:06:53 | 000,077,878 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcirt.dll
    [2011/12/03 16:06:44 | 000,303,104 | ---- | C] (NewSoft) -- C:\Program Files\PrintFun.exe
    [2011/12/03 16:06:44 | 000,024,576 | ---- | C] (newsoft) -- C:\Program Files\AvalonPage.dll
    [2011/12/03 16:06:43 | 000,323,584 | ---- | C] (NewSoft Technology Corporation) -- C:\Program Files\iConvert16.dll
    [2011/12/03 16:06:43 | 000,241,664 | ---- | C] (NewSoft) -- C:\Program Files\PShow.exe
    [2011/12/03 16:06:43 | 000,045,056 | ---- | C] (NewSoft ) -- C:\Program Files\RestoreFile.exe
    [2011/12/03 16:06:43 | 000,045,056 | ---- | C] ( NewSoft Technology Corporation) -- C:\Program Files\BurnRes.dll
    [2011/12/03 16:06:42 | 000,245,760 | ---- | C] (NewSoft) -- C:\Program Files\PSaver.scr
    [2011/12/03 16:06:42 | 000,077,824 | ---- | C] (NewSoft Technology Corporation) -- C:\Program Files\NetGroup.exe
    [2011/12/03 16:06:25 | 000,360,448 | ---- | C] (NewSoft Technology Corporation) -- C:\Program Files\AviToMpeg2.dll
    [2011/12/03 16:06:25 | 000,249,856 | ---- | C] (NewSoft) -- C:\Program Files\Avi2Mpeg1.dll
    [2011/12/03 16:06:08 | 001,073,664 | ---- | C] (ABBYY (BIT Software)) -- C:\Program Files\SCANMAN.DRV
    [2011/12/03 16:06:08 | 000,091,136 | ---- | C] (ABBYY (BIT Software)) -- C:\Program Files\ENGINE6.DLL
    [2011/12/03 16:06:08 | 000,089,088 | ---- | C] (ABBYY (BIT Software)) -- C:\Program Files\ENGINE7.DLL
    [2011/12/03 16:06:07 | 000,098,816 | ---- | C] (ABBYY (BIT Software)) -- C:\Program Files\ENGINE20.DLL
    [2011/12/03 16:06:07 | 000,092,672 | ---- | C] (ABBYY (BIT Software)) -- C:\Program Files\ENGINE2.DLL
    [2011/12/03 16:06:07 | 000,092,160 | ---- | C] (ABBYY (BIT Software)) -- C:\Program Files\ENGINE3.DLL
    [2011/12/03 16:06:07 | 000,090,112 | ---- | C] (ABBYY (BIT Software)) -- C:\Program Files\ENGINE5.DLL
    [2011/12/03 16:06:07 | 000,088,576 | ---- | C] (ABBYY (BIT Software)) -- C:\Program Files\ENGINE23.DLL
    [2011/12/03 16:06:06 | 000,093,184 | ---- | C] (ABBYY (BIT Software)) -- C:\Program Files\ENGINE1.DLL
    [2011/12/03 16:06:06 | 000,089,600 | ---- | C] (ABBYY (BIT Software)) -- C:\Program Files\ENGINE15.DLL
    [2011/12/03 16:06:06 | 000,089,088 | ---- | C] (ABBYY (BIT Software)) -- C:\Program Files\ENGINE13.DLL
    [2011/12/03 16:05:44 | 000,036,864 | ---- | C] (newsoftinc) -- C:\Program Files\fiopct32.dll
    [2011/12/03 16:05:43 | 000,303,104 | ---- | C] (newsoftinc) -- C:\Program Files\Fiotif32.dll
    [2011/12/03 16:05:43 | 000,114,688 | ---- | C] (newsoftinc) -- C:\Program Files\Fioall32.dll
    [2011/12/03 16:05:39 | 001,699,840 | ---- | C] (ABBYY (BIT Software)) -- C:\Program Files\RECPAGE.DLL
    [2011/12/03 16:05:33 | 001,122,816 | ---- | C] (ABBYY (BIT Software)) -- C:\Program Files\LCSPELL.DLL
    [2011/12/03 16:05:32 | 000,644,096 | ---- | C] (ABBYY (BIT Software)) -- C:\Program Files\IMAGE.DLL
    [2011/12/03 16:05:31 | 000,619,008 | ---- | C] (ABBYY (BIT Software)) -- C:\Program Files\GRINF11.DLL
    [2011/12/03 16:05:29 | 000,381,440 | ---- | C] (ABBYY (BIT Software)) -- C:\Program Files\FineOCREngine.dll
    [2011/12/03 16:05:28 | 002,033,664 | ---- | C] (ABBYY Software House (BIT Software)) -- C:\Program Files\FOBJ420.DLL
    [2011/12/03 16:05:25 | 000,794,624 | ---- | C] (ABBYY (BIT Software)) -- C:\Program Files\EXPORT.DLL
    [2011/12/03 16:05:25 | 000,090,624 | ---- | C] (ABBYY (BIT Software)) -- C:\Program Files\ENGINE0.DLL
    [2011/12/03 16:05:21 | 002,918,400 | ---- | C] (ABBYY (BIT Software)) -- C:\Program Files\DA.DLL
    [2011/12/03 16:05:13 | 000,221,184 | ---- | C] (newsoftinc) -- C:\Program Files\fiopng32.dll
    [2011/12/03 16:05:13 | 000,151,552 | ---- | C] (newsoftinc) -- C:\Program Files\UciJpg32.dll
    [2011/12/03 16:05:13 | 000,135,168 | ---- | C] (newsoftinc) -- C:\Program Files\fiogif32.dll
    [2011/12/03 16:05:12 | 000,172,032 | ---- | C] (newsoftinc) -- C:\Program Files\UciG3432.dll
    [2011/12/03 16:05:12 | 000,053,248 | ---- | C] (NewSoft Technology Corporation) -- C:\Program Files\Tcm.dll
    [2011/12/03 16:05:12 | 000,036,864 | ---- | C] (NewSoft Technology Corporation) -- C:\Program Files\ScrBase.dll
    [2011/12/03 16:05:11 | 000,061,440 | ---- | C] (NewSoft Technology Corporation) -- C:\Program Files\IsmDraw.dll
    [2011/12/03 16:05:10 | 000,143,360 | ---- | C] (newsoftinc) -- C:\Program Files\FioTga32.dll
    [2011/12/03 16:05:10 | 000,032,768 | ---- | C] (NewSoft Technology Corporation) -- C:\Program Files\FioThumb.dll
    [2011/12/03 16:05:10 | 000,028,672 | ---- | C] (newsoftinc) -- C:\Program Files\FioWmf32.dll
    [2011/12/03 16:05:09 | 000,135,248 | ---- | C] (newsoftinc) -- C:\Program Files\FioPof32.dll
    [2011/12/03 16:05:09 | 000,135,168 | ---- | C] (newsoftinc) -- C:\Program Files\FioPcd32.dll
    [2011/12/03 16:05:09 | 000,032,768 | ---- | C] (newsoftinc) -- C:\Program Files\FioPsd32.dll
    [2011/12/03 16:05:09 | 000,032,768 | ---- | C] (newsoftinc) -- C:\Program Files\FioPcx32.dll
    [2011/12/03 16:05:08 | 000,159,744 | ---- | C] (newsoftinc) -- C:\Program Files\FioFpx32.dll
    [2011/12/03 16:05:08 | 000,139,264 | ---- | C] (newsoftinc) -- C:\Program Files\FioJpg32.dll
    [2011/12/03 16:05:08 | 000,032,768 | ---- | C] (newsoftinc) -- C:\Program Files\FioBmp32.dll
    [2011/12/03 16:05:05 | 000,135,168 | ---- | C] (Info-ZIP) -- C:\Program Files\zip32.dll
    [2011/12/03 16:05:04 | 000,098,304 | ---- | C] (Info-ZIP) -- C:\Program Files\unzip32.dll
    [2011/12/03 16:05:03 | 000,397,312 | ---- | C] (NewSoft) -- C:\Program Files\pmtwain.dll
    [2011/12/03 16:05:03 | 000,028,672 | ---- | C] (NewSoft Technology Corporation) -- C:\Program Files\pmVideo.dll
    [2011/12/03 16:05:02 | 001,239,616 | ---- | C] (PDFlib GmbH) -- C:\Program Files\pdflib.dll
    [2011/12/03 16:05:02 | 000,295,000 | ---- | C] (Microsoft Corporation) -- C:\Program Files\msvcrt.dll
    [2011/12/03 16:05:01 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\Program Files\lzexpand.dlx
    [2011/12/03 16:05:00 | 001,706,800 | ---- | C] (Microsoft Corporation) -- C:\Program Files\gdiplus.dll
    [2011/12/03 16:05:00 | 000,352,256 | ---- | C] (Intel Corporation) -- C:\Program Files\ijl15.dll
    [2011/12/03 16:04:57 | 000,229,376 | ---- | C] (WebStorage Corporation) -- C:\Program Files\WebSyncEx.dll
    [2011/12/03 16:04:55 | 000,028,944 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Psapi.dll
    [2011/12/03 16:04:54 | 004,022,272 | ---- | C] (NEWSOFT) -- C:\Program Files\Prestopm.exe
    [2011/12/03 16:04:53 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Program Files\PCDLIB32.DLL
    [2011/12/03 16:04:53 | 000,147,456 | ---- | C] (NewSoft Technology Corporation) -- C:\Program Files\Pmsb.exe
    [2011/12/03 16:04:51 | 000,274,516 | ---- | C] (NewSoft Technology Corporation.) -- C:\Program Files\PMToApp.dll
    [2011/12/03 16:04:50 | 000,024,576 | ---- | C] (NewSoft Technology Corporation.) -- C:\Program Files\PMMKView.dll
    [2011/12/03 16:04:47 | 000,557,056 | ---- | C] (NewSoft Technology Corporation) -- C:\Program Files\OSmScan.exe
    [2011/12/03 16:04:44 | 000,077,824 | ---- | C] (NewSoft Technology Corporation) -- C:\Program Files\NSCDVD.dll
    [2011/12/03 16:04:43 | 000,995,383 | ---- | C] (Microsoft Corporation) -- C:\Program Files\MFC42.DLL
    [2011/12/03 16:04:43 | 000,401,462 | ---- | C] (Microsoft Corporation) -- C:\Program Files\MSVCP60.DLL
    [2011/12/03 16:04:42 | 000,159,744 | ---- | C] (NewSoft Technology Corporation) -- C:\Program Files\Ism.dll
    [2011/12/03 16:04:42 | 000,031,744 | ---- | C] (Newsoft) -- C:\Program Files\JpgLib.dll
    [2011/12/03 16:04:41 | 000,167,936 | ---- | C] (NewSoft Technology Corporation) -- C:\Program Files\AudioData.dll
    [2011/12/03 16:04:41 | 000,159,744 | ---- | C] (NewSoft Technology Corporation) -- C:\Program Files\Burn.dll
    [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    END SECTION 1 OTL.TXT
    ====================================================
     
    dispatch trophy,
    #29
  11. 2012/07/25
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    START SECTION #2 OTL.TXT


    ========== Files - Modified Within 30 Days ==========

    [2012/07/25 03:44:00 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
    [2012/07/25 00:44:01 | 000,000,894 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
    [2012/07/24 21:11:00 | 000,001,744 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2012/07/24 18:22:01 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
    [2012/07/24 15:56:24 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
    [2012/07/23 22:20:26 | 000,004,452 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
    [2012/07/23 22:19:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2012/07/23 22:19:28 | 1073,319,936 | -HS- | M] () -- C:\hiberfil.sys
    [2012/07/23 22:17:59 | 000,000,802 | ---- | M] () -- C:\Documents and Settings\user account\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
    [2012/07/23 22:17:59 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/07/23 21:24:25 | 000,000,943 | ---- | M] () -- C:\Documents and Settings\user account\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk
    [2012/07/23 21:24:25 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Revo Uninstaller Pro.lnk
    [2012/07/20 21:29:59 | 000,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
    [2012/07/18 14:57:27 | 000,001,632 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
    [2012/07/14 20:36:37 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\user account\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2012/07/14 20:36:37 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
    [2012/07/14 19:47:10 | 000,002,071 | ---- | M] () -- C:\Program Files\pm.ini
    [2012/07/13 02:43:46 | 000,000,062 | ---- | M] () -- C:\WINDOWS\pcvcdbr.INI
    [2012/07/13 02:43:45 | 000,000,000 | ---- | M] () -- C:\WINDOWS\pcvcdvw.INI
    [2012/07/11 03:24:24 | 000,196,160 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
    [2012/07/11 03:06:11 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    [2012/07/10 05:28:07 | 000,761,113 | ---- | M] () -- C:\Documents and Settings\user account\Desktop\LEARNING GUIDE TO PRAJNA PARAMITA.pdf
    [2012/07/07 09:02:30 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
    [2012/07/06 20:14:04 | 000,000,173 | ---- | M] () -- C:\WINDOWS\HPothb07.INI
    [2012/07/06 19:53:23 | 000,000,020 | ---- | M] () -- C:\WINDOWS\Hposcv07.INI
    [2012/07/06 18:45:41 | 000,000,614 | ---- | M] () -- C:\WINDOWS\photoprn.ini
    [2012/07/06 06:21:24 | 000,000,256 | ---- | M] () -- C:\WINDOWS\setup.iss
    [2012/07/06 06:12:37 | 000,010,593 | ---- | M] () -- C:\WINDOWS\CSTBox.INI
    [2012/07/04 18:22:39 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
    [2012/07/03 22:23:49 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
    [2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
    [2012/07/03 09:21:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
    [2012/07/03 09:21:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
    [2012/07/03 09:21:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
    [2012/07/03 09:21:53 | 000,097,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
    [2012/07/03 09:21:53 | 000,089,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
    [2012/07/03 09:21:53 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
    [2012/07/03 09:21:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
    [2012/07/03 09:21:52 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
    [2012/07/03 09:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
    [2012/07/03 09:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
    [2012/07/02 17:24:07 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
    [2012/06/27 22:33:59 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
    [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2012/07/13 02:43:46 | 000,000,062 | ---- | C] () -- C:\WINDOWS\pcvcdbr.INI
    [2012/07/13 02:43:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pcvcdvw.INI
    [2012/07/11 03:01:19 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
    [2012/07/10 05:28:07 | 000,761,113 | ---- | C] () -- C:\Documents and Settings\user account\Desktop\LEARNING GUIDE TO PRAJNA PARAMITA.pdf
    [2012/07/07 09:02:30 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
    [2012/07/07 09:02:30 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
    [2012/07/06 20:13:46 | 000,000,173 | ---- | C] () -- C:\WINDOWS\HPothb07.INI
    [2012/07/04 18:22:38 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
    [2012/06/30 21:14:44 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\user account\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2012/06/30 21:14:44 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
    [2012/05/30 16:49:29 | 000,035,440 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
    [2012/05/26 19:32:26 | 000,000,077 | ---- | C] () -- C:\WINDOWS\PicEdit.INI
    [2012/05/18 22:55:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
    [2012/03/04 22:40:40 | 000,000,230 | ---- | C] () -- C:\Program Files\NsNetScan.ini
    [2012/03/04 22:40:40 | 000,000,095 | ---- | C] () -- C:\WINDOWS\NsNetScanEntry.INI
    [2012/02/27 07:35:32 | 000,003,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\BANTExt.sys
    [2012/02/15 02:31:24 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
    [2012/02/08 09:37:59 | 000,096,768 | ---- | C] () -- C:\Program Files\NGRMPTG.DLL
    [2012/02/08 09:37:59 | 000,059,392 | ---- | C] () -- C:\Program Files\NGRMSPN.DLL
    [2012/02/08 09:37:59 | 000,040,960 | ---- | C] () -- C:\Program Files\NGRMSWE.DLL
    [2012/02/08 09:37:59 | 000,034,816 | ---- | C] () -- C:\Program Files\NGRMRUS.DLL
    [2012/02/08 09:37:59 | 000,034,816 | ---- | C] () -- C:\Program Files\NGRMNOR.DLL
    [2012/02/08 09:37:59 | 000,034,816 | ---- | C] () -- C:\Program Files\NGRMNON.DLL
    [2012/02/08 09:37:58 | 000,059,392 | ---- | C] () -- C:\Program Files\NGRMPLK.DLL
    [2012/02/08 09:37:58 | 000,054,784 | ---- | C] () -- C:\Program Files\NGRMTRK.DLL
    [2012/02/08 09:37:58 | 000,054,784 | ---- | C] () -- C:\Program Files\NGRMITA.DLL
    [2012/02/08 07:36:28 | 000,024,576 | ---- | C] () -- C:\Program Files\NTSTHK16.DLL
    [2012/02/07 12:28:19 | 000,000,286 | ---- | C] () -- C:\WINDOWS\reimage.ini
    [2012/02/04 07:21:06 | 064,207,032 | ---- | C] () -- C:\Program Files\AVAST SETUP.exe
    [2012/02/04 07:12:33 | 000,182,828 | ---- | C] () -- C:\Program Files\cc_20120204_061204.reg
    [2012/01/28 08:33:19 | 000,001,566 | ---- | C] () -- C:\Documents and Settings\user account\.recently-used.xbel
    [2012/01/24 01:43:20 | 000,024,576 | ---- | C] () -- C:\Program Files\codecvt.dll
    [2012/01/17 20:36:59 | 000,120,320 | ---- | C] () -- C:\Program Files\pack.dll
    [2012/01/17 20:36:59 | 000,112,128 | ---- | C] () -- C:\Program Files\UNPACK.DLL
    [2012/01/17 20:36:59 | 000,049,152 | ---- | C] () -- C:\Program Files\VideoData.dll
    [2012/01/17 20:36:59 | 000,037,376 | ---- | C] () -- C:\Program Files\ExeBud32.dll
    [2012/01/17 20:36:47 | 000,172,032 | ---- | C] () -- C:\Program Files\post.dll
    [2012/01/17 20:36:46 | 000,331,776 | ---- | C] () -- C:\Program Files\imgtool.dll
    [2012/01/17 20:36:46 | 000,327,680 | ---- | C] () -- C:\Program Files\Segment.dll
    [2012/01/17 20:36:46 | 000,245,760 | ---- | C] () -- C:\Program Files\pccrsdk.dll
    [2012/01/17 20:36:46 | 000,167,995 | ---- | C] () -- C:\Program Files\fid.dll
    [2012/01/17 20:36:46 | 000,122,880 | ---- | C] () -- C:\Program Files\dcexport.dll
    [2012/01/17 20:36:46 | 000,065,536 | ---- | C] () -- C:\Program Files\dcfr.dll
    [2012/01/17 20:36:45 | 000,331,776 | ---- | C] () -- C:\Program Files\Recogn.dll
    [2012/01/17 20:36:45 | 000,126,976 | ---- | C] () -- C:\Program Files\OCRUtil.dll
    [2012/01/17 20:36:17 | 000,130,560 | ---- | C] () -- C:\Program Files\FioExt32.dll
    [2012/01/17 20:36:13 | 000,063,488 | ---- | C] () -- C:\Program Files\NGRMFRA.DLL
    [2012/01/17 20:36:13 | 000,061,440 | ---- | C] () -- C:\Program Files\NGRMDUT.DLL
    [2012/01/17 20:36:13 | 000,040,960 | ---- | C] () -- C:\Program Files\NGRMGRE.DLL
    [2012/01/17 20:36:13 | 000,039,424 | ---- | C] () -- C:\Program Files\NGRMGER.DLL
    [2012/01/17 20:36:13 | 000,037,888 | ---- | C] () -- C:\Program Files\NGRMDAN.DLL
    [2012/01/17 20:36:13 | 000,027,136 | ---- | C] () -- C:\Program Files\NGRMFIN.DLL
    [2012/01/17 20:36:13 | 000,025,088 | ---- | C] () -- C:\Program Files\NGRMENG.DLL
    [2012/01/17 20:36:12 | 000,122,368 | ---- | C] () -- C:\Program Files\NGRMCSY.DLL
    [2012/01/17 20:35:55 | 000,168,448 | ---- | C] () -- C:\Program Files\OLDPNG32.DLL
    [2012/01/17 20:35:53 | 000,270,848 | ---- | C] () -- C:\Program Files\Fioall.dll
    [2012/01/17 20:35:48 | 000,057,344 | ---- | C] () -- C:\Program Files\umxnts32.dll
    [2012/01/17 20:35:47 | 000,045,056 | ---- | C] () -- C:\Program Files\pmdata.dll
    [2012/01/17 20:35:46 | 000,114,739 | ---- | C] () -- C:\Program Files\nextpwd.dll
    [2012/01/17 20:35:45 | 001,933,312 | ---- | C] () -- C:\Program Files\lcppn22.dll
    [2012/01/17 20:35:45 | 000,040,448 | ---- | C] () -- C:\Program Files\memio.dll
    [2012/01/17 20:35:43 | 000,032,768 | ---- | C] () -- C:\Program Files\ccmllnk.dll
    [2012/01/17 20:35:43 | 000,031,744 | ---- | C] () -- C:\Program Files\XpsCreator.dll
    [2012/01/17 20:35:41 | 000,046,592 | ---- | C] () -- C:\Program Files\UXFSE.DLL
    [2012/01/17 20:35:39 | 000,053,248 | ---- | C] () -- C:\Program Files\PrnDrvSetup.dll
    [2012/01/17 20:35:36 | 000,040,448 | ---- | C] () -- C:\Program Files\PMXpsView.dll
    [2012/01/17 20:35:33 | 000,045,056 | ---- | C] () -- C:\Program Files\PMExeBud.dll
    [2012/01/17 20:35:29 | 000,061,440 | ---- | C] () -- C:\Program Files\NsFip.dll
    [2012/01/17 20:35:28 | 000,018,944 | ---- | C] () -- C:\Program Files\NTSTHK32.DLL
    [2012/01/17 20:35:24 | 000,110,592 | ---- | C] () -- C:\Program Files\AutoCrop.dll
    [2012/01/17 20:34:56 | 000,060,416 | ---- | C] () -- C:\Program Files\UFSE.DLL
    [2011/12/22 21:02:20 | 000,010,593 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
    [2011/12/15 22:45:45 | 000,001,744 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
    [2011/12/09 03:20:33 | 000,155,648 | ---- | C] () -- C:\Program Files\PMCommon.dll
    [2011/12/03 22:31:06 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
    [2011/12/03 22:31:06 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
    [2011/12/03 22:31:06 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
    [2011/12/03 22:31:06 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
    [2011/12/03 22:31:06 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
    [2011/12/03 16:08:27 | 000,000,065 | ---- | C] () -- C:\Program Files\Execute.ini
    [2011/12/03 16:08:27 | 000,000,064 | ---- | C] () -- C:\Program Files\GetPhotoPath.ini
    [2011/12/03 16:08:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\IPPCPUID.DLL
    [2011/12/03 16:08:26 | 000,000,164 | ---- | C] () -- C:\Program Files\LUTRAY.ini
    [2011/12/03 16:07:02 | 000,045,056 | ---- | C] () -- C:\Program Files\WriteDriver2Pdf.dll
    [2011/12/03 16:06:54 | 000,126,976 | ---- | C] () -- C:\Program Files\LiveUpdate.dll
    [2011/12/03 16:06:54 | 000,000,442 | ---- | C] () -- C:\Program Files\PMPDFView.str
    [2011/12/03 16:06:54 | 000,000,160 | ---- | C] () -- C:\Program Files\LUTRAYMSG.ini
    [2011/12/03 16:06:53 | 000,409,600 | ---- | C] () -- C:\Program Files\LiveUpdateTray.exe
    [2011/12/03 16:06:53 | 000,090,112 | ---- | C] () -- C:\Program Files\Pm60DB.dll
    [2011/12/03 16:06:52 | 000,122,880 | ---- | C] () -- C:\Program Files\ImportOldDB.exe
    [2011/12/03 16:06:52 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\pmsbfn32.dll
    [2011/12/03 16:06:43 | 000,285,367 | ---- | C] () -- C:\Program Files\PMVIEW.EX_
    [2011/12/03 16:06:43 | 000,270,336 | ---- | C] () -- C:\Program Files\EzBres.dll
    [2011/12/03 16:06:43 | 000,049,152 | ---- | C] () -- C:\Program Files\expvw.exe
    [2011/12/03 16:06:43 | 000,001,676 | ---- | C] () -- C:\Program Files\Paper.lst
    [2011/12/03 16:06:43 | 000,001,353 | ---- | C] () -- C:\Program Files\NetScan_Strings.ini
    [2011/12/03 16:06:43 | 000,000,918 | ---- | C] () -- C:\Program Files\Print.str
    [2011/12/03 16:06:43 | 000,000,234 | ---- | C] () -- C:\Program Files\pmsavepdf.str
    [2011/12/03 16:06:43 | 000,000,210 | ---- | C] () -- C:\Program Files\pmset.ini
    [2011/12/03 16:06:43 | 000,000,180 | ---- | C] () -- C:\Program Files\2003MSG.ini
    [2011/12/03 16:06:43 | 000,000,064 | ---- | C] () -- C:\Program Files\ocr.str
    [2011/12/03 16:06:42 | 000,139,264 | ---- | C] () -- C:\Program Files\Convert.exe
    [2011/12/03 16:06:42 | 000,048,866 | ---- | C] () -- C:\Program Files\prestopm.str
    [2011/12/03 16:06:42 | 000,000,890 | ---- | C] () -- C:\Program Files\pmsb.str
    [2011/12/03 16:06:42 | 000,000,786 | ---- | C] () -- C:\Program Files\pmNotes.str
    [2011/12/03 16:06:42 | 000,000,331 | ---- | C] () -- C:\Program Files\ScanModule.str
    [2011/12/03 16:06:42 | 000,000,153 | ---- | C] () -- C:\Program Files\PMDrvStr.ini
    [2011/12/03 16:06:27 | 000,000,297 | ---- | C] () -- C:\Program Files\Vcd_PAL
    [2011/12/03 16:06:27 | 000,000,297 | ---- | C] () -- C:\Program Files\Vcd_NTSC
    [2011/12/03 16:06:26 | 000,036,864 | ---- | C] () -- C:\Program Files\EXPupk32.EXE
    [2011/12/03 16:06:26 | 000,028,672 | ---- | C] () -- C:\Program Files\ImgToAviExe.dll
    [2011/12/03 16:06:26 | 000,024,576 | ---- | C] () -- C:\Program Files\RegSession.dll
    [2011/12/03 16:06:26 | 000,000,297 | ---- | C] () -- C:\Program Files\Mpg1
    [2011/12/03 16:06:26 | 000,000,026 | ---- | C] () -- C:\Program Files\Function.ini
    [2011/12/03 16:06:09 | 000,008,781 | ---- | C] () -- C:\Program Files\SCANNERS.DAT
    [2011/12/03 16:06:08 | 000,028,672 | ---- | C] () -- C:\Program Files\OCRLang.dll
    [2011/12/03 16:06:08 | 000,000,329 | ---- | C] () -- C:\Program Files\FontTok.ini
    [2011/12/03 16:06:06 | 000,000,000 | ---- | C] () -- C:\Program Files\BITSOFT.DIR
    [2011/12/03 16:05:43 | 000,036,864 | ---- | C] () -- C:\Program Files\Palette.map
    [2011/12/03 16:05:42 | 000,493,316 | ---- | C] () -- C:\Program Files\UNDERLIN.PAT
    [2011/12/03 16:05:41 | 001,388,424 | ---- | C] () -- C:\Program Files\TURKISH.LCD
    [2011/12/03 16:05:41 | 000,326,738 | ---- | C] () -- C:\Program Files\TYPEWRIT.PAT
    [2011/12/03 16:05:41 | 000,241,073 | ---- | C] () -- C:\Program Files\TURKISH.LMD
    [2011/12/03 16:05:41 | 000,227,468 | ---- | C] () -- C:\Program Files\TYPEWRIT.PTS
    [2011/12/03 16:05:41 | 000,086,680 | ---- | C] () -- C:\Program Files\SWEDISH.LMD
    [2011/12/03 16:05:40 | 001,862,662 | ---- | C] () -- C:\Program Files\SWEDISH.LCD
    [2011/12/03 16:05:40 | 001,489,272 | ---- | C] () -- C:\Program Files\SPANISH.LCD
    [2011/12/03 16:05:40 | 000,226,690 | ---- | C] () -- C:\Program Files\SPANISH.LMD
    [2011/12/03 16:05:40 | 000,000,004 | ---- | C] () -- C:\Program Files\RPR371.JRT
    [2011/12/03 16:05:39 | 000,101,600 | ---- | C] () -- C:\Program Files\PORTUG.LMD
    [2011/12/03 16:05:38 | 001,596,307 | ---- | C] () -- C:\Program Files\NORWNYN.LCD
    [2011/12/03 16:05:38 | 001,094,057 | ---- | C] () -- C:\Program Files\POLISH.LCD
    [2011/12/03 16:05:38 | 000,798,902 | ---- | C] () -- C:\Program Files\PORTUG.LCD
    [2011/12/03 16:05:38 | 000,155,990 | ---- | C] () -- C:\Program Files\POLISH.LMD
    [2011/12/03 16:05:38 | 000,055,900 | ---- | C] () -- C:\Program Files\PART.PAT
    [2011/12/03 16:05:38 | 000,055,721 | ---- | C] () -- C:\Program Files\NORWBOK.LMD
    [2011/12/03 16:05:38 | 000,042,851 | ---- | C] () -- C:\Program Files\NORWNYN.LMD
    [2011/12/03 16:05:38 | 000,026,384 | ---- | C] () -- C:\Program Files\PART.PTS
    [2011/12/03 16:05:37 | 002,475,240 | ---- | C] () -- C:\Program Files\NORWBOK.LCD
    [2011/12/03 16:05:37 | 000,652,596 | ---- | C] () -- C:\Program Files\NORMAL.PAT
    [2011/12/03 16:05:37 | 000,443,488 | ---- | C] () -- C:\Program Files\NORMAL.PTS
    [2011/12/03 16:05:34 | 000,439,460 | ---- | C] () -- C:\Program Files\MATRIX.PAT
    [2011/12/03 16:05:34 | 000,233,828 | ---- | C] () -- C:\Program Files\MATRIX.PTS
    [2011/12/03 16:05:33 | 000,536,146 | ---- | C] () -- C:\Program Files\ITALIC.PAT
    [2011/12/03 16:05:33 | 000,272,324 | ---- | C] () -- C:\Program Files\ITALIC.PTS
    [2011/12/03 16:05:32 | 002,511,811 | ---- | C] () -- C:\Program Files\ITALIAN.LCD
    [2011/12/03 16:05:32 | 000,247,882 | ---- | C] () -- C:\Program Files\ITALIAN.LMD
    [2011/12/03 16:05:31 | 000,000,001 | ---- | C] () -- C:\Program Files\HUNGAR.LCD
    [2011/12/03 16:05:30 | 002,298,037 | ---- | C] () -- C:\Program Files\GREEK.LCD
    [2011/12/03 16:05:30 | 000,290,211 | ---- | C] () -- C:\Program Files\GERMAN.LMD
    [2011/12/03 16:05:30 | 000,078,353 | ---- | C] () -- C:\Program Files\GREEK.LMD
    [2011/12/03 16:05:29 | 001,996,754 | ---- | C] () -- C:\Program Files\GERMAN.LCD
    [2011/12/03 16:05:29 | 000,854,976 | ---- | C] () -- C:\Program Files\FRENCH.LCD
    [2011/12/03 16:05:29 | 000,107,075 | ---- | C] () -- C:\Program Files\FRENCH.LMD
    [2011/12/03 16:05:28 | 001,078,711 | ---- | C] () -- C:\Program Files\FINNISH.LMD
    [2011/12/03 16:05:26 | 004,525,579 | ---- | C] () -- C:\Program Files\FINNISH.LCD
    [2011/12/03 16:05:25 | 000,940,312 | ---- | C] () -- C:\Program Files\ENGLISH.LCD
    [2011/12/03 16:05:25 | 000,089,337 | ---- | C] () -- C:\Program Files\DUTCH.LMD
    [2011/12/03 16:05:25 | 000,085,986 | ---- | C] () -- C:\Program Files\ENGLISH.LMD
    [2011/12/03 16:05:23 | 003,059,143 | ---- | C] () -- C:\Program Files\DUTCH.LCD
    [2011/12/03 16:05:23 | 000,054,823 | ---- | C] () -- C:\Program Files\DANISH.LMD
    [2011/12/03 16:05:22 | 002,317,496 | ---- | C] () -- C:\Program Files\DANISH.LCD
    [2011/12/03 16:05:21 | 000,111,817 | ---- | C] () -- C:\Program Files\CZECH.LMD
    [2011/12/03 16:05:20 | 002,249,060 | ---- | C] () -- C:\Program Files\CZECH.LCD
    [2011/12/03 16:05:20 | 000,463,542 | ---- | C] () -- C:\Program Files\BOLD.PAT
    [2011/12/03 16:05:12 | 000,098,304 | ---- | C] () -- C:\Program Files\Qem.dll
    [2011/12/03 16:05:11 | 000,049,152 | ---- | C] () -- C:\Program Files\Lpm.dll
    [2011/12/03 16:05:11 | 000,000,024 | ---- | C] () -- C:\Program Files\Fioall.ini
    [2011/12/03 16:05:08 | 000,000,494 | ---- | C] () -- C:\Program Files\Default.rec
    [2011/12/03 16:05:05 | 000,002,336 | ---- | C] () -- C:\Program Files\xpdfrc
    [2011/12/03 16:05:04 | 000,036,864 | ---- | C] () -- C:\Program Files\unregapp.exe
    [2011/12/03 16:05:04 | 000,028,672 | ---- | C] () -- C:\Program Files\sosalnk.dll
    [2011/12/03 16:05:04 | 000,024,576 | ---- | C] () -- C:\Program Files\regapp.exe
    [2011/12/03 16:05:04 | 000,024,576 | ---- | C] () -- C:\Program Files\printlnk.dll
    [2011/12/03 16:05:04 | 000,021,180 | ---- | C] () -- C:\Program Files\search.avi
    [2011/12/03 16:05:03 | 000,045,056 | ---- | C] () -- C:\Program Files\pmsb_CN.exe
    [2011/12/03 16:05:03 | 000,001,723 | ---- | C] () -- C:\Program Files\pmsb.ini
    [2011/12/03 16:05:03 | 000,000,325 | ---- | C] () -- C:\Program Files\pmsetap.ini
    [2011/12/03 16:05:02 | 000,323,584 | ---- | C] () -- C:\Program Files\nsfpx.dll
    [2011/12/03 16:05:01 | 000,028,672 | ---- | C] () -- C:\Program Files\mapilnk.dll
    [2011/12/03 16:05:00 | 000,028,672 | ---- | C] () -- C:\Program Files\hookdll.dll
    [2011/12/03 16:04:59 | 000,368,640 | ---- | C] () -- C:\Program Files\fpxlib.dll
    [2011/12/03 16:04:59 | 000,028,672 | ---- | C] () -- C:\Program Files\foldrlnk.dll
    [2011/12/03 16:04:59 | 000,024,576 | ---- | C] () -- C:\Program Files\faxlnk.dll
    [2011/12/03 16:04:58 | 000,483,328 | ---- | C] () -- C:\Program Files\WpdfViewer.exe
    [2011/12/03 16:04:58 | 000,057,344 | ---- | C] () -- C:\Program Files\WriteData2Pdf.dll
    [2011/12/03 16:04:58 | 000,045,056 | ---- | C] () -- C:\Program Files\WriteIfo2Pdf.dll
    [2011/12/03 16:04:58 | 000,040,960 | ---- | C] () -- C:\Program Files\WriteOcr2Pdf.dll
    [2011/12/03 16:04:58 | 000,036,864 | ---- | C] () -- C:\Program Files\WordVBA.dll
    [2011/12/03 16:04:58 | 000,036,864 | ---- | C] () -- C:\Program Files\cmdlnk.dll
    [2011/12/03 16:04:58 | 000,024,576 | ---- | C] () -- C:\Program Files\WriteTxt2Pdf.dll
    [2011/12/03 16:04:58 | 000,004,288 | ---- | C] () -- C:\Program Files\WpdfViewer.tlb
    [2011/12/03 16:04:57 | 000,110,592 | ---- | C] () -- C:\Program Files\Wait.exe
    [2011/12/03 16:04:57 | 000,028,672 | ---- | C] () -- C:\Program Files\TestImage2Pdf.dll
    [2011/12/03 16:04:57 | 000,024,576 | ---- | C] () -- C:\Program Files\VisioVBA.dll
    [2011/12/03 16:04:57 | 000,024,576 | ---- | C] () -- C:\Program Files\UFioDll.dll
    [2011/12/03 16:04:57 | 000,000,462 | ---- | C] () -- C:\Program Files\WEBSYNC.INI
    [2011/12/03 16:04:56 | 000,868,352 | ---- | C] () -- C:\Program Files\SlideBarDLL.dll
    [2011/12/03 16:04:56 | 000,094,208 | ---- | C] () -- C:\Program Files\ScanModule.dll
    [2011/12/03 16:04:56 | 000,032,768 | ---- | C] () -- C:\Program Files\Restore.dll
    [2011/12/03 16:04:56 | 000,032,768 | ---- | C] () -- C:\Program Files\ReadFileData.dll
    [2011/12/03 16:04:56 | 000,028,672 | ---- | C] () -- C:\Program Files\SaveToJpg.dll
    [2011/12/03 16:04:56 | 000,028,672 | ---- | C] () -- C:\Program Files\ReadTxtInfo.dll
    [2011/12/03 16:04:55 | 000,208,896 | ---- | C] () -- C:\Program Files\RapDocImg.dll
    [2011/12/03 16:04:55 | 000,049,152 | ---- | C] () -- C:\Program Files\Print.dll
    [2011/12/03 16:04:55 | 000,045,056 | ---- | C] () -- C:\Program Files\PrintHook.dll
    [2011/12/03 16:04:55 | 000,040,960 | ---- | C] () -- C:\Program Files\Prestopm_CN.exe
    [2011/12/03 16:04:55 | 000,032,768 | ---- | C] () -- C:\Program Files\PrintFunLnk.dll
    [2011/12/03 16:04:55 | 000,000,702 | ---- | C] () -- C:\Program Files\PrnSetup.ini
    [2011/12/03 16:04:54 | 000,028,672 | ---- | C] () -- C:\Program Files\PowerTVBA.dll
    [2011/12/03 16:04:53 | 000,165,888 | ---- | C] () -- C:\Program Files\PTLIB.dll
    [2011/12/03 16:04:53 | 000,051,136 | ---- | C] () -- C:\Program Files\Pmapps.ini
    [2011/12/03 16:04:53 | 000,045,056 | ---- | C] () -- C:\Program Files\PerformOcr.dll
    [2011/12/03 16:04:53 | 000,024,576 | ---- | C] () -- C:\Program Files\PMXpsHostView.dll
    [2011/12/03 16:04:53 | 000,002,071 | ---- | C] () -- C:\Program Files\pm.ini
    [2011/12/03 16:04:52 | 001,171,456 | ---- | C] () -- C:\Program Files\PMView.dll
    [2011/12/03 16:04:52 | 000,366,888 | ---- | C] () -- C:\Program Files\PMToApp.ilk
    [2011/12/03 16:04:52 | 000,253,952 | ---- | C] () -- C:\Program Files\PMTree.dll
    [2011/12/03 16:04:52 | 000,098,304 | ---- | C] () -- C:\Program Files\PMVLink.dll
    [2011/12/03 16:04:52 | 000,040,960 | ---- | C] () -- C:\Program Files\PMVoice.dll
    [2011/12/03 16:04:52 | 000,032,768 | ---- | C] () -- C:\Program Files\PMXpsCreator.dll
    [2011/12/03 16:04:51 | 000,180,224 | ---- | C] () -- C:\Program Files\PMScnSet.dll
    [2011/12/03 16:04:51 | 000,151,552 | ---- | C] () -- C:\Program Files\PMSearch.dll
    [2011/12/03 16:04:51 | 000,081,920 | ---- | C] () -- C:\Program Files\PMSave.dll
    [2011/12/03 16:04:51 | 000,057,344 | ---- | C] () -- C:\Program Files\PMStatus.dll
    [2011/12/03 16:04:51 | 000,049,152 | ---- | C] () -- C:\Program Files\PMSet.dll
    [2011/12/03 16:04:51 | 000,036,864 | ---- | C] () -- C:\Program Files\PMSavePdf.dll
    [2011/12/03 16:04:51 | 000,032,768 | ---- | C] () -- C:\Program Files\PMSaveXPS.dll
    [2011/12/03 16:04:50 | 000,290,816 | ---- | C] () -- C:\Program Files\PMPageVW.dll
    [2011/12/03 16:04:50 | 000,176,128 | ---- | C] () -- C:\Program Files\PMImgVW.dll
    [2011/12/03 16:04:50 | 000,086,016 | ---- | C] () -- C:\Program Files\PMProp.dll
    [2011/12/03 16:04:50 | 000,073,728 | ---- | C] () -- C:\Program Files\PMNotes.exe
    [2011/12/03 16:04:50 | 000,036,864 | ---- | C] () -- C:\Program Files\PMPDFView.dll
    [2011/12/03 16:04:50 | 000,005,056 | ---- | C] () -- C:\Program Files\PMMAIL.EXE
    [2011/12/03 16:04:49 | 000,294,912 | ---- | C] () -- C:\Program Files\PMAppBar.dll
    [2011/12/03 16:04:49 | 000,249,856 | ---- | C] () -- C:\Program Files\PMDB.dll
    [2011/12/03 16:04:49 | 000,180,307 | ---- | C] () -- C:\Program Files\PMINSO.dll
    [2011/12/03 16:04:49 | 000,094,208 | ---- | C] () -- C:\Program Files\PMDocVW.dll
    [2011/12/03 16:04:49 | 000,057,344 | ---- | C] () -- C:\Program Files\PMISM.dll
    [2011/12/03 16:04:49 | 000,040,960 | ---- | C] () -- C:\Program Files\PMIEVW.dll
    [2011/12/03 16:04:48 | 000,315,392 | ---- | C] () -- C:\Program Files\PMAnoSet.dll
    [2011/12/03 16:04:48 | 000,131,072 | ---- | C] () -- C:\Program Files\PMANO.dll
    [2011/12/03 16:04:48 | 000,110,592 | ---- | C] () -- C:\Program Files\PDFWriter.dll
    [2011/12/03 16:04:48 | 000,102,400 | ---- | C] () -- C:\Program Files\PMApSet.dll
    [2011/12/03 16:04:48 | 000,069,632 | ---- | C] () -- C:\Program Files\PHooKDlg.dll
    [2011/12/03 16:04:48 | 000,040,960 | ---- | C] () -- C:\Program Files\PDFWDLL.dll
    [2011/12/03 16:04:48 | 000,028,672 | ---- | C] () -- C:\Program Files\OutlookVBA.dll
    [2011/12/03 16:04:48 | 000,001,879 | ---- | C] () -- C:\Program Files\PMAPPU.INI
    [2011/12/03 16:04:47 | 000,126,976 | ---- | C] () -- C:\Program Files\OCR.dll
    [2011/12/03 16:04:47 | 000,040,960 | ---- | C] () -- C:\Program Files\NsWaitApp.exe
    [2011/12/03 16:04:47 | 000,000,603 | ---- | C] () -- C:\Program Files\OCRLang.ini
    [2011/12/03 16:04:46 | 000,098,304 | ---- | C] () -- C:\Program Files\NsScan.dll
    [2011/12/03 16:04:46 | 000,069,632 | ---- | C] () -- C:\Program Files\NsSavePdf.exe
    [2011/12/03 16:04:46 | 000,061,440 | ---- | C] () -- C:\Program Files\NsScanToPdf.exe
    [2011/12/03 16:04:46 | 000,036,864 | ---- | C] () -- C:\Program Files\NsScanToOcr.exe
    [2011/12/03 16:04:45 | 000,557,056 | ---- | C] () -- C:\Program Files\NsPdf.dll
    [2011/12/03 16:04:45 | 000,527,624 | ---- | C] () -- C:\Program Files\Netsearch.avi
    [2011/12/03 16:04:45 | 000,040,960 | ---- | C] () -- C:\Program Files\NetFun98.dll
    [2011/12/03 16:04:45 | 000,040,960 | ---- | C] () -- C:\Program Files\NetFun2K.dll
    [2011/12/03 16:04:45 | 000,036,864 | ---- | C] () -- C:\Program Files\Noteslnk.DLL
    [2011/12/03 16:04:45 | 000,032,768 | ---- | C] () -- C:\Program Files\NsOEMKey.dll
    [2011/12/03 16:04:45 | 000,032,768 | ---- | C] () -- C:\Program Files\NewsoftLink.dll
    [2011/12/03 16:04:45 | 000,028,672 | ---- | C] () -- C:\Program Files\NetScanDll.dll
    [2011/12/03 16:04:45 | 000,028,672 | ---- | C] () -- C:\Program Files\NetGroupDll.dll
    [2011/12/03 16:04:45 | 000,002,538 | ---- | C] () -- C:\Program Files\NetScanDll.lib
    [2011/12/03 16:04:45 | 000,000,666 | ---- | C] () -- C:\Program Files\NsFunTable.DB
    [2011/12/03 16:04:45 | 000,000,398 | ---- | C] () -- C:\Program Files\NsKeyTable.DB
    [2011/12/03 16:04:44 | 000,049,152 | ---- | C] () -- C:\Program Files\NSWia.dll
    [2011/12/03 16:04:44 | 000,049,152 | ---- | C] () -- C:\Program Files\NSMEM.dll
    [2011/12/03 16:04:44 | 000,028,672 | ---- | C] () -- C:\Program Files\NSWinZip.dll
    [2011/12/03 16:04:44 | 000,028,672 | ---- | C] () -- C:\Program Files\NetDll.dll
    [2011/12/03 16:04:44 | 000,020,480 | ---- | C] () -- C:\Program Files\MsMail.exe
    [2011/12/03 16:04:44 | 000,009,606 | ---- | C] () -- C:\Program Files\NEWSOFT
    [2011/12/03 16:04:43 | 000,507,904 | ---- | C] () -- C:\Program Files\MergePDF.dll
    [2011/12/03 16:04:42 | 000,114,688 | ---- | C] () -- C:\Program Files\jpeglib.dll
    [2011/12/03 16:04:42 | 000,098,304 | ---- | C] () -- C:\Program Files\ComClass.dll
    [2011/12/03 16:04:42 | 000,069,632 | ---- | C] () -- C:\Program Files\DibToMpeg.dll
    [2011/12/03 16:04:42 | 000,040,960 | ---- | C] () -- C:\Program Files\ExcelVBA.dll
    [2011/12/03 16:04:42 | 000,028,672 | ---- | C] () -- C:\Program Files\Import.dll
    [2011/12/03 16:04:42 | 000,028,672 | ---- | C] () -- C:\Program Files\GetPhotoPath.dll
    [2011/12/03 16:04:42 | 000,024,576 | ---- | C] () -- C:\Program Files\InitCtrl.dll
    [2011/12/03 16:04:41 | 000,028,672 | ---- | C] () -- C:\Program Files\CloseNetGroup.exe
    [2011/12/03 16:04:41 | 000,024,576 | ---- | C] () -- C:\Program Files\AutmnXls.dll
    [2011/12/03 16:04:41 | 000,024,576 | ---- | C] () -- C:\Program Files\AutmnPpt.dll
    [2011/12/03 16:04:41 | 000,024,576 | ---- | C] () -- C:\Program Files\AutmnDoc.dll
    [2011/12/03 16:04:41 | 000,000,037 | ---- | C] () -- C:\Program Files\AppClassName.ini
    [2011/12/03 16:01:52 | 000,000,416 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
    [2011/11/30 17:38:41 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
    [2011/11/30 16:56:34 | 000,000,020 | ---- | C] () -- C:\WINDOWS\Hposcv07.INI
    [2011/11/30 16:12:22 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MPLAYER.INI
    [2011/11/30 16:12:21 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\macrovsn.dll
    [2011/11/30 16:12:21 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\MMDVDROM.dll
    [2011/11/30 16:12:21 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\getregn.exe
    [2011/11/30 16:01:14 | 000,005,632 | ---- | C] () -- C:\Documents and Settings\user account\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

    ========== LOP Check ==========

    [2012/02/04 07:30:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
    [2011/12/03 16:01:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
    [2012/05/30 16:39:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
    [2001/12/14 15:00:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\InterTrust
    [2012/01/02 09:27:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Softland
    [2001/12/14 15:00:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Owner\Application Data\InterTrust
    [2012/07/06 06:41:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user account\Application Data\Canon
    [2012/01/24 05:09:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user account\Application Data\COWON
    [2012/04/30 19:20:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user account\Application Data\Foxit Software
    [2012/02/04 04:05:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user account\Application Data\Freenet
    [2012/01/28 08:33:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user account\Application Data\gtk-2.0
    [2012/03/16 23:20:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user account\Application Data\ImgBurn
    [2001/12/14 15:00:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user account\Application Data\InterTrust
    [2012/02/21 11:14:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user account\Application Data\NewSoft
    [2012/04/02 19:15:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user account\Application Data\ooVoo Details
    [2012/02/23 20:56:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user account\Application Data\OpenOffice.org
    [2011/12/11 04:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user account\Application Data\Opera
    [2011/12/07 04:58:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user account\Application Data\OpswatLogs
    [2012/07/14 06:23:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user account\Application Data\Oracle
    [2011/12/03 16:01:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user account\Application Data\ScanSoft
    [2012/02/17 08:16:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user account\Application Data\Softland
    [2012/02/23 07:50:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\user account\Application Data\SystemRequirementsLab
    [2012/07/24 18:22:01 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job

    ========== Purity Check ==========



    < End of report >
     
    dispatch trophy,
    #30
  12. 2012/07/25
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    There was no "extras.txt" file produced by OTL.
     
    dispatch trophy,
    #31
  13. 2012/07/25
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Run OTL
    • Under the [color= "#0000FF"]Custom Scans/Fixes[/color] box at the bottom, paste in the following

      Code:
      :OTL
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\USERAC~1\LOCALS~1\Temp\kfacrkog.sys -- (kfacrkog)
IE - HKU\S-1-5-21-602162358-308236825-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings:  "ProxyServer" = http://proxify.com/proxy.pac:81
IE - HKU\S-1-5-21-602162358-308236825-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?l=dis&o=14597
IE - HKU\S-1-5-21-602162358-308236825-1801674531-1004\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}:  "URL" = http://websearch.ask.com/redirect?client=ie&tb=FF&o=14594&src=crm&q={searchTerms}&locale=en_US&apn_p tnrs=FV&apn_dtid=YYYYYYYYUS&apn_uid=dd33aadf-f0ba-4dcd-ae2a-5085652406b8&apn_sauid=05D61ABA-CCD6-4C2B-B9B5-3DB75B728879
O15 - HKU\S-1-5-21-602162358-308236825-1801674531-1004\..Trusted Domains: ([]msn in My Computer)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]
    • Then click the [color= "#FF0000"]Run Fix[/color] button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • You will get a log that shows the results of the fix. Please post it.

    =====================================

    Last scans...

    1. Download Security Check from HERE, and save it to your Desktop.
    • Double-click SecurityCheck.exe
    • Follow the onscreen instructions inside of the black box.
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

      NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

    2. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
    • Make sure the following options are checked:
      • Internet Services
      • Windows Firewall
      • System Restore
      • Security Center
      • Windows Update
      • Windows Defender
    • Press "Scan ".
    • It will create a log (FSS.txt) in the same directory the tool is run.
    • Please copy and paste the log to your reply.


    3. Download Temp File Cleaner (TFC)
    Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
    • Double click on TFC.exe to run the program.
    • Click on Start button to begin cleaning process.
    • TFC will close all running programs, and it may ask you to restart computer.


    4. Please run a free online scan with the ESET Online Scanner

    • Disable your antivirus program
    • Tick the box next to YES, I accept the Terms of Use
    • Click Start
    • Accept any security warnings from your browser.
    • Check Scan archives
    • Click Start
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click on List of found threats
    • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • NOTE. If Eset won't find any threats, it won't produce any log.
     
    broni,
    #32
  14. 2012/07/25
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    OTL SCAN REPORT

    All processes killed
    Error: Unable to interpret <Code:> in the current context!
    ========== OTL ==========
    Error: No service named kfacrkog was found to stop!
    Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kfacrkog deleted successfully.
    File C:\DOCUME~1\USERAC~1\LOCALS~1\Temp\kfacrkog.sys not found.
    HKU\S-1-5-21-602162358-308236825-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
    HKU\S-1-5-21-602162358-308236825-1801674531-1004\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
    Registry key HKEY_USERS\S-1-5-21-602162358-308236825-1801674531-1004\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
    Registry value HKEY_USERS\S-1-5-21-602162358-308236825-1801674531-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\\ deleted successfully.
    File oft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab not found.
    Starting removal of ActiveX control Microsoft XML Parser for Java
    Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\DownloadInformation\\INF .
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Microsoft XML Parser for Java\ deleted successfully.
    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Microsoft XML Parser for Java\ not found.
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: LocalService
    ->Temp folder emptied: 65536 bytes
    ->Temporary Internet Files folder emptied: 32902 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Owner
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: user account
    ->Temp folder emptied: 255206 bytes
    ->Temporary Internet Files folder emptied: 1511936 bytes
    ->Java cache emptied: 45823 bytes
    ->FireFox cache emptied: 57254812 bytes
    ->Google Chrome cache emptied: 254228938 bytes
    ->Opera cache emptied: 240 bytes
    ->Flash cache emptied: 1323 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 39097 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
    RecycleBin emptied: 873974 bytes

    Total Files Cleaned = 300.00 mb


    [EMPTYJAVA]

    User: All Users

    User: Default User

    User: LocalService

    User: NetworkService

    User: Owner

    User: user account
    ->Java cache emptied: 0 bytes

    Total Java Files Cleaned = 0.00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default User

    User: LocalService

    User: NetworkService

    User: Owner

    User: user account
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0.00 mb


    OTL by OldTimer - Version 3.2.54.1 log created on 07252012_153853

    Files\Folders moved on Reboot...
    File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

    PendingFileRenameOperations files...
    [2012/07/25 15:44:42 | 000,000,000 | ---- | M] () C:\WINDOWS\temp\_avast_\Webshlock.txt : Unable to obtain MD5

    Registry entries deleted on Reboot...
     
    dispatch trophy,
    #33
  15. 2012/07/25
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    checkup.txt

    Results of screen317's Security Check version 0.99.24
    Windows XP Service Pack 3 x86
    Internet Explorer 6 Out of date!
    ``````````````````````````````
    Antivirus/Firewall Check:
    Windows Firewall Enabled!
    avast! Free Antivirus
    ```````````````````````````````
    Anti-malware/Other Utilities Check:
    CCleaner
    JavaFX 2.1.1
    Java(TM) 6 Update 13
    Java(TM) 6 Update 31
    Java(TM) 7 Update 5
    Out of date Java installed!
    Adobe Flash Player 11.1.102.55
    Adobe Reader X (10.1.3)
    Mozilla Firefox (3.5.19) Firefox Out of Date!
    ````````````````````````````````
    Process Check:
    objlist.exe by Laurent
    Malwarebytes' Anti-Malware mbamservice.exe
    AVAST Software Avast AvastSvc.exe
    AVAST Software Avast avastUI.exe
    ``````````End of Log````````````
     
    dispatch trophy,
    #34
  16. 2012/07/25
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    there were two other txt documents produced by OTL in a folder called "Moved Files."

    However, OTL only produced one txt document on the desktop after its report.

    Are those other files important?
     
    dispatch trophy,
    #35
  17. 2012/07/25
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    FARBAR REPORT

    Farbar Service Scanner Version: 22-07-2012
    Ran by user account (administrator) on 25-07-2012 at 16:21:55
    Running from "C:\Documents and Settings\user account\Desktop\JULY SCANS "
    Microsoft Windows XP Home Edition Service Pack 3 (X86)
    Boot Mode: Normal
    ****************************************************************

    Internet Services:
    ============

    Connection Status:
    ==============
    Localhost is accessible.
    LAN connected.
    Google IP is accessible.
    Google.com is accessible.
    Yahoo IP is accessible.
    Yahoo.com is accessible.


    Windows Firewall:
    =============

    Firewall Disabled Policy:
    ==================
    ATTENTION!=====> Unable to retrieve HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\\EnableFirewall value. The value does not exist.


    System Restore:
    ============

    System Restore Disabled Policy:
    ========================


    Security Center:
    ============

    Windows Update:
    ============

    Windows Autoupdate Disabled Policy:
    ============================


    File Check:
    ========
    C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
    C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
    C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
    C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
    C:\WINDOWS\system32\netman.dll => MD5 is legit
    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\WINDOWS\system32\srsvc.dll => MD5 is legit
    C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
    C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
    C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
    C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
    C:\WINDOWS\system32\qmgr.dll => MD5 is legit
    C:\WINDOWS\system32\es.dll => MD5 is legit
    C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
    C:\WINDOWS\system32\svchost.exe => MD5 is legit
    C:\WINDOWS\system32\rpcss.dll => MD5 is legit
    C:\WINDOWS\system32\services.exe => MD5 is legit

    Extra List:
    =======
    aswTdi(8) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
    0x080000000400000001000000020000000300000008000000050000000600000007000000
    IpSec Tag value is correct.

    **** End of log ****
     
    dispatch trophy,
    #36
  18. 2012/07/25
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    TFC has been run.
    No report was generated.

    The computer, which is the older computer with XP, is running slower after the scans. For example it is taking 8-10 seconds to open a folder and 10-20 seconds to open a browser.

    Next scan will be ESET
     
    dispatch trophy,
    #37
  19. 2012/07/25
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    ESETScan.txt

    C:\Program Files\FIREFOX.exe Win32/SoftonicDownloader.C application cleaned by deleting - quarantined
    C:\System Volume Information\_restore{B6441411-87B0-4BDA-9E4A-8AC5B81921CD}\RP306\A0073118.exe Win32/SoftonicDownloader.C application cleaned by deleting - quarantined


    ESET also quarantined some files and give the option to restore them.
     
    dispatch trophy,
    #38
  20. 2012/07/25
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Uninstall:
    JavaFX 2.1.1
    Java(TM) 6 Update 13
    Java(TM) 6 Update 31

    =====================================

    Your computer is clean [​IMG]

    1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

    Run OTL

    • Under the Custom Scans/Fixes box at the bottom, paste in the following:

    Code:
    :OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[emptyjava]
[CLEARALLRESTOREPOINTS]
[Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • Post resulting log.

    2. Now, we'll remove all tools, we used during our cleaning process

    Clean up with OTL:

    • Double-click OTL.exe to start the program.
    • Close all other programs apart from OTL as this step will require a reboot
    • On the OTL main screen, press the CLEANUP button
    • Say Yes to the prompt and then allow the program to reboot your computer.

    If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

    3. Make sure, Windows Updates are current.

    4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

    5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

    6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

    7. Run Temporary File Cleaner (TFC) weekly.

    8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

    9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
    The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

    10. (Windows XP only) Run defrag at your convenience.

    11. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

    12. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

    13. Please, let me know, how your computer is doing.
     
    broni,
    #39
  21. 2012/07/26
    dispatch trophy Contributing Member

    dispatch trophy Inactive Thread Starter

    Joined:
    2011/09/30
    Messages:
    402
    Likes Received:
    0
    I reset a restore point before I did the second OTL scan and that others.

    Because I had run avast twice and it came up clean. I suppose I should delete this restore point.

    I suppose this OTL scan will take care of that.

    RESTORE POINT OTL REPORT:


    All processes killed
    Error: Unable to interpret <Code:> in the current context!
    ========== OTL ==========
    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default User
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: LocalService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: NetworkService
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Owner
    ->Temp folder emptied: 0 bytes
    ->Temporary Internet Files folder emptied: 0 bytes

    User: user account
    ->Temp folder emptied: 13627 bytes
    ->Temporary Internet Files folder emptied: 1355522 bytes
    ->Java cache emptied: 0 bytes
    ->FireFox cache emptied: 13352075 bytes
    ->Google Chrome cache emptied: 7795325 bytes
    ->Opera cache emptied: 0 bytes
    ->Flash cache emptied: 492 bytes

    %systemdrive% .tmp files removed: 0 bytes
    %systemroot% .tmp files removed: 0 bytes
    %systemroot%\System32 .tmp files removed: 0 bytes
    %systemroot%\System32\dllcache .tmp files removed: 0 bytes
    %systemroot%\System32\drivers .tmp files removed: 0 bytes
    Windows Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 22.00 mb


    [EMPTYFLASH]

    User: All Users

    User: Default User

    User: LocalService

    User: NetworkService

    User: Owner

    User: user account
    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0.00 mb


    [EMPTYJAVA]

    User: All Users

    User: Default User

    User: LocalService

    User: NetworkService

    User: Owner

    User: user account
    ->Java cache emptied: 0 bytes

    Total Java Files Cleaned = 0.00 mb

    Error creating restore point.

    OTL by OldTimer - Version 3.2.54.1 log created on 07252012_231154

    Files\Folders moved on Reboot...
    File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

    PendingFileRenameOperations files...
    [2012/07/25 23:16:33 | 000,000,000 | ---- | M] () C:\WINDOWS\temp\_avast_\Webshlock.txt : Unable to obtain MD5

    Registry entries deleted on Reboot...
     
    Last edited: 2012/07/26
    dispatch trophy,
    #40
Page 2 of 3

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...