Spywarefri Forum | Antivirusprogram vil ikke aktivere beskyttelse

2 af 3

Antivirusprogram vil ikke aktivere beskyttelse

[ Ignorer ] [ # 16 ] 2903jb
03.06.2012 11:20:10 Antal indlæg: 22	ComboFix 12-06-03.01 - Hellfire 03-06-2012 11:04:05.1.12 - x64 Kører fra: c:\users\Hellfire\Desktop\ComboFix.exe Kommandoer benyttet :: c:\users\Hellfire\Desktop\CFScript.txt * Dannede nyt systemgendannelsespunkt . FILE :: “c:\windows\System32\Drivers\81a40d87dc04e42d.sys” . . ((((((((((((((((((((((((((((((((((((((( Andet, der er slettet ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\Ironsource\searchya\1.5.13.0\bh\seARchya.dll c:\program files (x86)\Ironsource\searchya\1.5.13.0\seARchyatlbr.dll c:\users\Hellfire\AppData\Local\assembly\tmp c:\users\Hellfire\AppData\Local\Temp\jna8213670721788113487.dll c:\users\Hellfire\AppData\Local\Tempals_inst.exe c:\users\Hellfire\AppData\Roaming\Dyyno c:\users\Hellfire\AppData\Roaming\Dyyno\dgcsrv.xml c:\users\Hellfire\AppData\Roaming\Dyyno\dyyno.xml c:\users\Hellfire\AppData\Roaming\FFSJ c:\users\Hellfire\AppData\Roaming\FFSJ\FFSJ.cfg c:\windows\apppatch\AppLoc.exe c:\windows\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb c:\windows\SysWow64\avisynth.dll c:\windows\SysWow64\devil.dll F:\install.exe F:\setup.exe . . ((((((((((((((((((((((((((((((((((((((( Drivers/Tjenester ))))))))))))))))))))))))))))))))))))))))))))))))) . . ———-\Legacy_81A40D87DC04E42D ———-\Service_81a40d87dc04e42d . . ((((((((((((((((((((((((((((( Filer skabt fra 2012-05-03 til 2012-06-03 ))))))))))))))))))))))))))))))))))) . . 2012-06-03 09:08 . 2012-06-03 09:08 ———— d——-w- c:\users\UpdatusUser\AppData\Local\temp 2012-06-03 09:08 . 2012-06-03 09:08 ———— d——-w- c:\users\LogMeInRemoteUser\AppData\Local\temp 2012-06-03 09:08 . 2012-06-03 09:08 ———— d——-w- c:\users\Default\AppData\Local\temp 2012-06-03 08:59 . 2012-06-03 08:59 ———— d——-w- c:\program files (x86)\ERUNT 2012-06-02 15:33 . 2012-06-02 15:33 ———— d——-w- c:\users\Hellfire\AppData\Local\eSupport.com 2012-06-02 15:33 . 2012-06-02 15:33 21712 ——a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS 2012-06-02 15:15 . 2012-06-02 15:15 ———— d——-w- c:\program files (x86)\Unlocker 2012-06-02 15:14 . 2012-06-02 15:14 58 ——a-w- C:\user.js 2012-06-02 15:14 . 2012-06-02 15:14 ———— d——-w- c:\program files (x86)\Ironsource 2012-06-02 14:59 . 2012-06-02 14:59 ———— d——-w- c:\program files (x86)\CleanTree 2012-06-02 14:59 . 2012-06-02 14:59 ———— d——-w- c:\users\Hellfire\AppData\Local\AVG Secure Search 2012-06-02 14:59 . 2012-06-02 14:59 ———— d——-w- c:\programdata\AVG Secure Search 2012-06-02 14:59 . 2012-06-02 14:59 ———— d——-w- c:\program files (x86)\AVG Secure Search 2012-06-02 14:59 . 2012-06-02 14:59 ———— d——-w- c:\program files (x86)\Common Files\AVG Secure Search 2012-06-02 11:12 . 2012-06-02 11:15 910 ——a-w- C:\registrer.bat 2012-06-01 20:34 . 2012-06-01 20:34 ———— d——-w- c:\program files (x86)\Malwarebytes’ Anti-Malware 2012-06-01 20:34 . 2012-04-04 13:56 24904 ——a-w- c:\windows\system32\drivers\mbam.sys 2012-06-01 19:38 . 2012-06-01 19:38 ———— d——-w- c:\users\Hellfire\AppData\Roaming\f-secure 2012-06-01 16:15 . 2012-06-01 16:15 33408 ——a-w- c:\windows\SysWow64\drivers\fsbts.sys 2012-06-01 16:09 . 2012-06-01 19:27 ———— d——-w- c:\program files (x86)\Sikkerhedspakke 2012-06-01 16:09 . 2012-06-01 16:09 ———— d——-w- c:\programdata\fssg 2012-06-01 16:08 . 2012-06-01 18:52 ———— d——-w- c:\programdata\f-secure 2012-05-27 00:33 . 2009-07-14 01:52 24128 ——a-w- c:\windows\system32\drivers\atapi.sys 2012-05-27 00:33 . 2011-03-25 03:29 343040 ——a-w- c:\windows\system32\drivers\usbhub.sys 2012-05-27 00:33 . 2011-03-25 03:29 325120 ——a-w- c:\windows\system32\drivers\usbport.sys 2012-05-27 00:33 . 2011-03-25 03:29 52736 ——a-w- c:\windows\system32\drivers\usbehci.sys 2012-05-27 00:33 . 2011-03-25 03:28 7936 ——a-w- c:\windows\system32\drivers\usbd.sys 2012-05-27 00:33 . 2010-11-20 13:33 184704 ——a-w- c:\windows\system32\drivers\pci.sys 2012-05-27 00:33 . 2009-07-14 01:45 48720 ——a-w- c:\windows\system32\drivers\pciidex.sys 2012-05-27 00:33 . 2009-07-14 01:45 12352 ——a-w- c:\windows\system32\drivers\pciide.sys 2012-05-26 22:47 . 2012-03-06 23:15 258520 ——a-w- c:\windows\system32\aswBoot.exe 2012-05-26 22:47 . 2012-05-26 22:47 ———— d——-w- c:\program files\AVAST Software 2012-05-26 22:09 . 2012-06-01 16:01 ———— d——-w- c:\programdata\AVAST Software 2012-05-23 10:40 . 2012-05-23 10:40 ———— d——-w- c:\users\Hellfire\AppData\Roaming\Malwarebytes 2012-05-23 10:40 . 2012-05-23 10:40 ———— d——-w- c:\programdata\Malwarebytes 2012-05-23 10:04 . 2012-05-23 10:04 ———— d——-w- c:\program files (x86)\ESET 2012-05-23 09:57 . 2012-05-23 09:57 ———— d——-w- c:\program files\CCleaner 2012-05-23 09:49 . 2012-05-23 09:51 ———— d——-w- C:\hft 2012-05-19 15:55 . 2012-05-19 15:56 ———— d——-w- C:\bsnude 2012-05-19 15:45 . 2012-05-19 15:45 ———— d——-w- c:\users\Hellfire\AppData\Local\SKIDROW 2012-05-19 15:45 . 2012-05-19 15:54 ———— d——-w- c:\users\Hellfire\AppData\Local\BladesOfTime 2012-05-19 15:44 . 2012-05-19 15:44 ———— d——-w- c:\users\Hellfire\AppData\Roaming\uMod 2012-05-15 09:25 . 2012-05-15 09:25 ———— d——-w- c:\programdata\Battle.net 2012-05-10 22:33 . 2012-03-03 06:35 1544704 ——a-w- c:\windows\system32\DWrite.dll 2012-05-10 22:33 . 2012-03-03 05:31 1077248 ——a-w- c:\windows\SysWow64\DWrite.dll 2012-05-10 22:33 . 2012-03-31 06:05 5559664 ——a-w- c:\windows\system32\ntoskrnl.exe 2012-05-10 22:33 . 2012-03-31 04:39 3968368 ——a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-10 22:33 . 2012-03-31 03:10 3146240 ——a-w- c:\windows\system32\win32k.sys 2012-05-10 22:33 . 2012-03-31 04:39 3913072 ——a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-10 22:32 . 2012-03-17 07:58 75120 ——a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-10 22:32 . 2012-03-30 11:35 1918320 ——a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-10 22:32 . 2012-03-31 05:42 1732096 ——a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-05-10 22:32 . 2012-03-31 05:40 1367552 ——a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-10 22:32 . 2012-03-31 04:29 936960 ——a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-05-10 22:32 . 2012-03-31 05:40 1402880 ——a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-05-10 22:32 . 2012-03-31 05:40 1393664 ——a-w- c:\program files\Windows Journal\JNTFiltr.dll 2012-05-06 09:32 . 2012-05-06 09:34 ———— d——-w- C:\manga 2012-05-05 05:39 . 2012-05-05 05:40 ———— d——-w- c:\users\Hellfire\AppData\Local\Ubisoft Game Launcher 2012-05-05 05:24 . 2012-05-05 05:24 ———— d——-w- c:\program files (x86)\Ubisoft . . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-21 22:01 . 2010-11-09 19:10 87456 ——a-w- c:\windows\system32\LMIRfsClientNP.dll 2012-05-21 22:01 . 2010-11-09 19:10 34688 ——a-w- c:\windows\system32\LMIport.dll 2012-05-21 22:01 . 2010-11-09 19:10 80768 ——a-w- c:\windows\system32\LMIinit.dll 2012-05-04 19:46 . 2012-03-29 13:59 419488 ——a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-05-04 19:46 . 2011-05-27 18:22 70304 ——a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-04 19:46 . 2012-03-29 14:46 8744608 ——a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe . . ((((((((((((((((((((((((((((((((((( Start steder i reg.basen )))))))))))))))))))))))))))))))))))))))))))))))) . . Bemærk tomme linier & lovlige standard linier vises ikke REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-06-02 14:59 2068536 ——a-w- c:\program files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] “{95B7759C-8C7F-4BF1-B163-73684A933233}”= “c:\program files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll” [2012-06-02 2068536] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @=”{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ——a-w- c:\users\Hellfire\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @=”{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ——a-w- c:\users\Hellfire\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @=”{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ——a-w- c:\users\Hellfire\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @=”{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ——a-w- c:\users\Hellfire\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “SUPERAntiSpyware”=“c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe” [2012-06-01 4786048] “Skype”=“c:\program files (x86)\Skype\Phone\Skype.exe” [2011-10-13 17351304] “KPeerNexonEU”=“c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe” [2011-10-06 438272] “Akamai NetSession Interface”=“c:\users\Hellfire\AppData\Local\Akamai\netsession_win.exe” [2012-05-07 3331872] “Steam”=“e:\steam\Steam.exe” [2012-04-05 1242448] “swg”=“c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2010-08-19 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] “AsioThk32Reg”=“CTASIO.DLL” [2010-03-18 47104] “CTHelper”=“CTHELPER.EXE” [2010-03-18 19456] “AsioReg”=“CTASIO.DLL” [2010-03-18 47104] “SunJavaUpdateSched”=“c:\program files (x86)\Common Files\Java\Java Update\jusched.exe” [2011-09-30 252296] “Adobe Reader Speed Launcher”=“c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe” [2012-03-27 37296] “Adobe ARM”=“c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe” [2012-01-02 843712] “vProt”=“c:\program files (x86)\AVG Secure Search\vprot.exe” [2012-06-02 1104440] “UnlockerAssistant”=“c:\program files (x86)\Unlocker\UnlockerAssistant.exe” [2010-07-04 17408] . c:\users\Hellfire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ DesktopVideoPlayer.lnk - c:\users\Hellfire\AppData\Local\vghd\bin\vghd.exe [2011-4-3 1624576] Dropbox.lnk - c:\users\Hellfire\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2011-1-11 1207312] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] “ConsentPromptBehaviorAdmin”= 0 (0x0) “ConsentPromptBehaviorUser”= 3 (0x3) “EnableLUA”= 0 (0x0) “EnableUIADesktopToggle”= 0 (0x0) “PromptOnSecureDesktop”= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @=”“ . R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Tjenesten Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-19 136176] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes’ Anti-Malware\mbamservice.exe [2012-04-04 654408] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-04 257696] R3 ALSysIO;ALSysIO;c:\users\Hellfire\AppData\Local\Temp\ALSysIO64.sys [x] R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x] R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] R3 AtiIrRcvr;ATI Remote Receiver Service;c:\windows\system32\DRIVERS\aticir.sys [x] R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\System32\drivers\COMMONFX.SYS [x] R3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.SYS [x] R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-08-21 79360] R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\System32\drivers\CTAUDFX.SYS [x] R3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.SYS [x] R3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\System32\drivers\CTERFXFX.SYS [x] R3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.SYS [x] R3 ctgame;Game Port;c:\windows\system32\DRIVERS\ctgame.sys [x] R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\System32\drivers\CTSBLFX.SYS [x] R3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.SYS [x] R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-06-02 21712] R3 dump_wmimmc;dump_wmimmc;c:\gpotato\Rappelz\GameGuard\dump_wmimmc.sys [x] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x] R3 gupdatem;Google Update Tjeneste (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-19 136176] R3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys [x] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Tjenesten Windows Aktivering;c:\windows\system32\Wat\WatAdminSvc.exe [x] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-17 140672] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 Dyyno Launcher;Dyyno Service;c:\program files (x86)\Dyyno Broadcaster\launcherd.exe [2011-08-31 415072] S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-05-21 375176] S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2010-05-31 15928] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 2348352] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-09 382272] S2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [2012-06-02 935480] S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] . . —- Andre Services/Drivers i Hukommelsen—- . NewlyCreated - 81A40D87DC04E42D NewlyCreated - IPNAT Deregistered - 81a40d87dc04e42d . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . Indhold af mappen ‘Planlagte Opgaver’ . 2012-06-03 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 19:46] . 2012-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-19 20:07] . 2012-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-19 20:07] . . ————- x86-64—————- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @=”{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ——a-w- c:\users\Hellfire\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @=”{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ——a-w- c:\users\Hellfire\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @=”{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ——a-w- c:\users\Hellfire\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @=”{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ——a-w- c:\users\Hellfire\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “LogMeIn GUI”=“c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe” [2010-05-31 57928] “AdobeAAMUpdater-1.0”=“c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe” [2010-03-06 500208] “Kernel and Hardware Abstraction Layer”=“KHALMNPR.EXE” [2009-06-17 130576] “combofix”=“c:\combofix\CF32766.3XE” [2010-11-20 345088] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] “LoadAppInit_DLLs”=0x1 . ———- Yderligere scanning———- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.dk/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = 127.0.0.1:9421;.local;<local> Trusted Zone: jabcomix.com\www TCP: DhcpNameServer = 192.168.1.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll FF - ProfilePath - c:\users\Hellfire\AppData\Roaming\Mozilla\Firefox\Profiles\1153irh1.default\ FF - prefs.js: browser.startup.homepage - hxxp://searchya.com/?chnl=dcom-100&s=0&cr=797552488&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyCtDtB FF - prefs.js: browser.search.selectedEngine - SearchYa! FF - user.js: extensions.searchya_i.hmpg - true FF - user.js: extensions.searchya_i.hmpgUrl - hxxp://searchya.com/?chnl=dcom-100&s=0&cr=797552488&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyCtDtB FF - user.js: extensions.searchya_i.dfltSrch - true FF - user.js: extensions.searchya_i.srchPrvdr - SearchYa! FF - user.js: extensions.searchya_i.dnsErr - true FF - user.js: extensions.searchya_i.newTab - true FF - user.js: extensions.searchya_i.newTabUrl - hxxp://searchya.com/?chnl=dcom-100&s=2&cr=797552488&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyCtDtB FF - user.js: extensions.searchya_i.tlbrSrchUrl - hxxp://searchya.com/?chnl=dcom-100&s=3&cr=797552488&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyCtDtB&q= FF - user.js: extensions.searchya_i.id - ae18b16e0000000000001c6f6531833f FF - user.js: extensions.searchya_i.instlDay - 15493 FF - user.js: extensions.searchya_i.vrsn - 1.5.13.0 FF - user.js: extensions.searchya_i.vrsni - 1.5.13.0 FF - user.js: extensions.searchya_i.vrsnTs - 1.5.13.017:14 FF - user.js: extensions.searchya_i.prtnrId - ironsrc FF - user.js: extensions.searchya_i.prdct - searchya FF - user.js: extensions.searchya_i.aflt - dcom FF - user.js: extensions.searchya_i.smplGrp - none FF - user.js: extensions.searchya_i.tlbrId - base FF - user.js: extensions.searchya_i.instlRef - dcom-100 FF - user.js: extensions.searchya_i.dfltLng - FF - user.js: extensions.searchya_i.excTlbr - false . - - - - TOMME GENVEJE FJERNET - - - - . URLSearchHooks-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file) Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-PlayNC Launcher - (no file) SafeBoot-BsScanner Toolbar-Locked - (no file) WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-RapeLay - e:\illusion\RapeLay\uninstall.exe AddRemove-{C48AD49C-9BBF-4056-B756-846C8548507E}_is1 - c:\program files\Oxin’s Style!\Hentai3D 2\Binaries\unins000.exe AddRemove-Garrys Mod Update #1 - 0:\garrys mod final [digitalzone] 2010 edition\Uninstall.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai] “ServiceDll”=“c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll” . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc] “ImagePath”=“c:\windows\system32\GameMon.des -service” . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\81a40d87dc04e42d] “ImagePath”=”\SystemRoot\System32\Drivers\81a40d87dc04e42d.sys” . ——————————- LÅSTE REGISTRERINGS NØGLER——————————- . [HKEY_USERS\S-1-5-21-1274949929-1441606062-917859839-1001\Software\BlackRainbow\Ã* °`w0 ¬ ] “Path”=“c:\\Program Files\\BlackRainbow\\Ã–°Šw‰€” “Zipper”=hex:01 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @=“FlashBroker” “LocalizedString”=”@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] “Enabled”=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @=“Shockwave Flash Object” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx” “ThreadingModel”=“Apartment” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @=“0” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @=“ShockwaveFlash.ShockwaveFlash.11” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @=”{D27CDB6B-AE6D-11cf-96B8-444553540000}” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @=“1.0” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @=“ShockwaveFlash.ShockwaveFlash” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @=“Macromedia Flash Factory Object” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx” “ThreadingModel”=“Apartment” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @=“FlashFactory.FlashFactory.1” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @=”{D27CDB6B-AE6D-11cf-96B8-444553540000}” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @=“1.0” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @=“FlashFactory.FlashFactory” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @=“IFlashBroker4” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @=”{00020424-0000-0000-C000-000000000046}” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}” “Version”=“1.0” . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ————————————Andre kørende processer———————————— . c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Logitech\SetPoint\x86\SetPoint32.exe c:\users\Hellfire\AppData\Local\vghd\bin\VirtuaGirl_Downloader.exe . ************************************************************************** . Gennemført tid: 2012-06-03 11:16:12 - maskinen blev genstartet ComboFix-quarantined-files.txt 2012-06-03 09:16 . Pre-Kørsel: 608.689.139.712 byte ledig Post-Kørsel: 608.779.927.552 byte ledig . - - End Of File - - 016CD3064F7E2B980FBF0A2D8A56DEB9
[ Ignorer ] [ # 17 ] f-arn TeamSpywarefri
03.06.2012 12:54:39 Administrator Team Spywarefri Antal indlæg: 7045	Det virkede ikke som det skulle, så vi skal bruge en anden scanner. Men vil du godt først se her, og oversætte det der vises som mærkelige tegn. [ Rettet: 03.06.2012, 13:05 af f-arn TeamSpywarefri ] Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 18 ] 2903jb
03.06.2012 13:22:13 Antal indlæg: 22	De mærkelige tegn er japanske, det er et japansk spil, det skulle der ikke være problemer med er købt lovligt og hentet via j-list.com, det ene hedder Madoka Etoile på engelsk det andet Azathoth D ~ Demonbane Parody Game
[ Ignorer ] [ # 19 ] f-arn TeamSpywarefri
03.06.2012 14:19:30 Administrator Team Spywarefri Antal indlæg: 7045	Download OTL af OldTimer og gem den på dit skrivebord. Start OTL Vista og Windows 7 - højreklik på filen - Kør som Administrator. Øverst sætter du flueben i “Scan All Users” I nederste højre hjørne af det øverste panel, sæt fluben ved “LOP Check” og “Purity Check”. I boksen “Custom Scans/Fixes” kopierer du det fremhævede ind. netsvcs drivers32 msconfig safebootminimal safebootnetwork set /c /md5start iexplore.exe explorer.exe winlogon.exe userinit.exe svchost.exe services.exe wininit.exe 81a40d87dc04e42d.sys atapi.sys cdrom.sys afd.sys tdx.sys netbt.sys redbook.sys i8042prt.sys nv4_mini.sys mrxsmb.sys volsnap.sys sfc.dll´ consrv.dll hlp.dat /md5stop %SYSTEMDRIVE%\. %systemroot%\system32\.dll /lockedfiles %systemroot%\Tasks\.job /lockedfiles %systemroot%\system32\drivers\.sys /lockedfiles %systemroot%\. /rp /s %systemroot%\. /mp /s %USERPROFILE%\..\|smtmp;true;true;true /FP %systemroot%\System32\config\.sav %programfiles%\. %systemroot%\assembly\tmp\.* /S /MD5 %systemroot%\assembly\GAC_32\. /S /MD5 %systemroot%\assembly\GAC_64\. /S /MD5 %SystemRoot%\assembly\GAC_MSIL\. /S /MD5 CREATERESTOREPOINT DRIVES hklm\software\clients\startmenuinternet\|command /rs hklm\software\clients\startmenuinternet\|command /64 /rs HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\|LastSuccessTime /rs Luk alle åbne vinduer og klik på “Run Scan” øverst til venstre og lad programmet køre. Scanningen kan tage 5-10 minutter. Det vil give to logfiler på skrivebordet, OTL.txt og Extras.txt. Så kopier følgende ind i dit næste indlæg (i rækkefølge): Indholdet af OTL.txt Indholdet af Extras.txt Da de er forholdsvis lange, kan du blive nødt til at sende dem i flere indlæg. Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 20 ] 2903jb
03.06.2012 16:30:44 Antal indlæg: 22	OTL logfile created on: 03-06-2012 16:00:49 - Run 1 OTL by OldTimer - Version 3.2.45.0 Folder = C:\Users\Hellfire\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000406 \| Country: Danmark \| Language: DAN \| Date Format: dd-MM-yyyy 12,00 Gb Total Physical Memory \| 9,66 Gb Available Physical Memory \| 80,49% Memory free 24,00 Gb Paging File \| 21,60 Gb Available in Paging File \| 90,02% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files (x86) Drive C: \| 921,75 Gb Total Space \| 566,86 Gb Free Space \| 61,50% Space Free \| Partition Type: NTFS Drive D: \| 4,06 Gb Total Space \| 0,00 Gb Free Space \| 0,00% Space Free \| Partition Type: UDF Drive E: \| 931,51 Gb Total Space \| 252,31 Gb Free Space \| 27,09% Space Free \| Partition Type: NTFS Drive F: \| 931,51 Gb Total Space \| 178,15 Gb Free Space \| 19,12% Space Free \| Partition Type: NTFS Drive H: \| 465,76 Gb Total Space \| 74,28 Gb Free Space \| 15,95% Space Free \| Partition Type: NTFS Computer Name: HELLFIRE-PC \| User Name: Hellfire \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: All users \| Include 64bit Scans Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012-06-03 15:57:06 \| 001,064,960 \|——\| M] ()—C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe PRC - [2012-06-03 15:54:04 \| 000,595,968 \|——\| M] (OldTimer Tools)—C:\Users\Hellfire\Desktop\OTL.exe PRC - [2012-06-02 16:59:17 \| 000,935,480 \|——\| M] ()—C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe PRC - [2012-06-02 16:59:16 \| 001,104,440 \|——\| M] ()—C:\Program Files (x86)\AVG Secure Search\vprot.exe PRC - [2012-05-08 00:31:08 \| 003,331,872 \|——\| M] (Akamai Technologies, Inc)—C:\Users\Hellfire\AppData\Local\Akamai\netsession_win.exe PRC - [2012-04-06 00:01:25 \| 001,242,448 \|——\| M] (Valve Corporation)—E:\Steam\Steam.exe PRC - [2012-02-15 01:03:14 \| 024,246,216 \|——\| M] (Dropbox, Inc.)—C:\Users\Hellfire\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2012-02-10 06:13:00 \| 002,348,352 \|——\| M] (NVIDIA Corporation)—C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012-02-09 21:05:32 \| 000,382,272 \|——\| M] (NVIDIA Corporation)—C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011-11-18 17:24:40 \| 000,561,664 \|——\| M] (Totem Entertainment)—C:\Users\Hellfire\AppData\Local\vghd\bin\VirtuaGirl_Downloader.exe PRC - [2011-11-17 16:55:12 \| 001,624,576 \|——\| M] (Totem Entertainment)—C:\Users\Hellfire\AppData\Local\vghd\bin\vghd.exe PRC - [2011-10-01 09:30:22 \| 000,219,496 \|——\| M] (Microsoft Corporation)—C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011-10-01 09:30:18 \| 000,508,776 \|——\| M] (Microsoft Corporation)—C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011-08-31 20:20:38 \| 000,415,072 \|——\| M] ()—C:\Program Files (x86)\Dyyno Broadcaster\launcherd.exe PRC - [2010-07-04 21:51:26 \| 000,017,408 \|——\| M] ()—C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe PRC - [2010-03-18 19:17:48 \| 000,019,456 \|——\| M] (Creative Technology Ltd)—C:\Windows\SysWOW64\CtHelper.exe PRC - [2010-02-12 10:23:12 \| 000,286,720 \|——\| M] (Creative Technology Ltd)—C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe PRC - [2009-07-20 05:00:00 \| 000,077,824 \|——\| M] ()—C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe ========== Modules (No Company Name) ========== MOD - [2012-06-03 15:57:06 \| 001,064,960 \|——\| M] ()—C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe MOD - [2012-06-02 16:59:18 \| 000,132,664 \|——\| M] ()—C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll MOD - [2012-06-02 16:59:16 \| 001,104,440 \|——\| M] ()—C:\Program Files (x86)\AVG Secure Search\vprot.exe MOD - [2012-05-23 11:45:17 \| 020,313,384 \|——\| M] ()—E:\Steam\bin\libcef.dll MOD - [2012-05-23 11:45:16 \| 001,099,576 \|——\| M] ()—E:\Steam\bin\avcodec-53.dll MOD - [2012-05-23 11:45:16 \| 000,895,312 \|——\| M] ()—E:\Steam\bin\chromehtml.dll MOD - [2012-05-23 11:45:16 \| 000,190,776 \|——\| M] ()—E:\Steam\bin\avformat-53.dll MOD - [2012-05-23 11:45:16 \| 000,123,192 \|——\| M] ()—E:\Steam\bin\avutil-51.dll MOD - [2011-11-18 17:24:40 \| 000,073,216 \|——\| M] ()—C:\Users\Hellfire\AppData\Local\vghd\bin\System.dll MOD - [2011-11-16 15:33:10 \| 000,029,184 \|——\| M] ()—C:\Users\Hellfire\AppData\Local\vghd\bin\imageformats\qico4.dll MOD - [2011-11-16 15:33:08 \| 000,287,232 \|——\| M] ()—C:\Users\Hellfire\AppData\Local\vghd\bin\imageformats\qtiff4.dll MOD - [2011-11-16 15:32:56 \| 000,222,720 \|——\| M] ()—C:\Users\Hellfire\AppData\Local\vghd\bin\imageformats\qmng4.dll MOD - [2011-11-16 15:32:50 \| 000,026,624 \|——\| M] ()—C:\Users\Hellfire\AppData\Local\vghd\bin\imageformats\qgif4.dll MOD - [2011-11-16 15:32:46 \| 000,200,704 \|——\| M] ()—C:\Users\Hellfire\AppData\Local\vghd\bin\imageformats\qjpeg4.dll MOD - [2011-11-16 15:20:20 \| 011,159,552 \|——\| M] ()—C:\Users\Hellfire\AppData\Local\vghd\bin\QtWebKit4.dll MOD - [2011-11-16 14:18:30 \| 000,270,336 \|——\| M] ()—C:\Users\Hellfire\AppData\Local\vghd\bin\phonon4.dll MOD - [2011-11-16 14:12:28 \| 008,451,072 \|——\| M] ()—C:\Users\Hellfire\AppData\Local\vghd\bin\QtGui4.dll MOD - [2011-11-16 14:04:24 \| 000,860,160 \|——\| M] ()—C:\Users\Hellfire\AppData\Local\vghd\bin\QtNetwork4.dll MOD - [2011-11-16 14:03:36 \| 000,358,400 \|——\| M] ()—C:\Users\Hellfire\AppData\Local\vghd\bin\QtXml4.dll MOD - [2011-11-16 14:03:28 \| 002,349,056 \|——\| M] ()—C:\Users\Hellfire\AppData\Local\vghd\bin\QtCore4.dll MOD - [2011-10-27 17:49:34 \| 000,184,832 \|——\| M] ()—C:\Users\Hellfire\AppData\Local\vghd\bin\dxmodules.dll MOD - [2011-06-01 15:28:02 \| 000,045,056 \|——\| M] ()—C:\Users\Hellfire\AppData\Local\vghd\bin\Windows.dll MOD - [2011-06-01 15:27:48 \| 000,818,176 \|——\| M] ()—C:\Users\Hellfire\AppData\Local\vghd\bin\vhd.dll MOD - [2010-07-04 23:32:36 \| 000,004,608 \|——\| M] ()—C:\Program Files (x86)\Unlocker\UnlockerHook.dll MOD - [2010-07-04 21:51:26 \| 000,017,408 \|——\| M] ()—C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe MOD - [2009-07-20 05:00:00 \| 000,077,824 \|——\| M] ()—C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012-05-23 11:43:09 \| 000,077,784 \|——\| M] () [Unknown (-1) \| Unknown]—C:\Windows\SysNative\drivers\81a40d87dc04e42d.sys—(81a40d87dc04e42d) SRV:64bit: - [2011-08-17 18:47:07 \| 000,140,672 \|——\| M] (SUPERAntiSpyware.com) [Auto \| Running]—C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE—(!SASCORE) SRV:64bit: - [2010-11-20 15:26:50 \| 000,084,992 \|——\| M] (Microsoft Corporation) [Disabled \| Stopped]—C:\Windows\SysNative\Mcx2Svc.dll—(Mcx2Svc) SRV:64bit: - [2010-05-05 04:15:10 \| 000,202,752 \|——\| M] (AMD) [Auto \| Running]—C:\Windows\SysNative\atiesrxx.exe—(AMD External Events Utility) SRV:64bit: - [2009-07-20 13:36:14 \| 000,160,784 \|——\| M] (Logitech, Inc.) [On_Demand \| Stopped]—C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe—(LBTServ) SRV:64bit: - [2009-07-14 03:41:27 \| 001,011,712 \|——\| M] (Microsoft Corporation) [Auto \| Running]—C:\Program Files\Windows Defender\MpSvc.dll—(WinDefend) SRV:64bit: - [2009-07-14 03:41:27 \| 000,097,792 \|——\| M] (Microsoft Corporation) [Disabled \| Stopped]—C:\Windows\SysNative\mprdim.dll—(RemoteAccess) SRV:64bit: - [2009-07-14 03:40:01 \| 000,193,536 \|——\| M] (Microsoft Corporation) [On_Demand \| Stopped]—C:\Windows\SysNative\appmgmts.dll—(AppMgmt) SRV - [2012-06-02 16:59:17 \| 000,935,480 \|——\| M] () [Auto \| Running]—C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe—(vToolbarUpdater11.1.0) SRV - [2012-06-01 17:59:04 \| 003,417,376 \|——\| M] () [Auto \| Running]—c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll—(Akamai) SRV - [2012-05-22 00:01:22 \| 000,147,336 \|——\| M] (LogMeIn, Inc.) [Auto \| Running]—C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe—(LMIMaint) SRV - [2012-05-22 00:01:14 \| 000,375,176 \|——\| M] (LogMeIn, Inc.) [Auto \| Running]—C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe—(LMIGuardianSvc) SRV - [2012-05-04 21:46:28 \| 000,257,696 \|——\| M] (Adobe Systems Incorporated) [On_Demand \| Stopped]—C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe—(AdobeFlashPlayerUpdateSvc) SRV - [2012-04-04 15:56:40 \| 000,654,408 \|——\| M] (Malwarebytes Corporation) [Auto \| Stopped]—C:\Program Files (x86)\Malwarebytes’ Anti-Malware\mbamservice.exe—(MBAMService) SRV - [2012-02-10 06:13:00 \| 002,348,352 \|——\| M] (NVIDIA Corporation) [Auto \| Running]—C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe—(nvUpdatusService) SRV - [2012-02-09 21:05:32 \| 000,382,272 \|——\| M] (NVIDIA Corporation) [Auto \| Running]—C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe—(Stereo Service) SRV - [2011-10-01 09:30:22 \| 000,219,496 \|——\| M] (Microsoft Corporation) [On_Demand \| Running]—C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe—(sftvsa) SRV - [2011-10-01 09:30:18 \| 000,508,776 \|——\| M] (Microsoft Corporation) [Auto \| Running]—C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe—(sftlist) SRV - [2011-08-31 20:20:38 \| 000,415,072 \|——\| M] () [Auto \| Running]—C:\Program Files (x86)\Dyyno Broadcaster\launcherd.exe—(Dyyno Launcher) SRV - [2011-03-16 10:42:06 \| 000,407,336 \|——\| M] (Valve Corporation) [On_Demand \| Stopped]—C:\Program Files (x86)\Common Files\Steam\SteamService.exe—(Steam Client Service) SRV - [2010-12-16 18:57:16 \| 000,407,424 \|——\| M] (LogMeIn, Inc.) [Auto \| Running]—C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe—(LogMeIn) SRV - [2010-08-21 09:16:30 \| 000,079,360 \|——\| M] (Creative Labs) [On_Demand \| Stopped]—C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe—(Creative Audio Engine Licensing Service) SRV - [2010-06-07 21:22:00 \| 003,549,224 \|——\| M] (INCA Internet Co., Ltd.) [On_Demand \| Stopped]—C:\Windows\SysWOW64\GameMon.des—(npggsvc) SRV - [2010-03-18 13:16:28 \| 000,130,384 \|——\| M] (Microsoft Corporation) [Auto \| Stopped]—C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe—(clr_optimization_v4.0.30319_32) SRV - [2010-02-12 10:23:12 \| 000,286,720 \|——\| M] (Creative Technology Ltd) [Auto \| Running]—C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe—(CTAudSvcService) SRV - [2009-07-14 03:15:41 \| 000,075,264 \|——\| M] (Microsoft Corporation) [Disabled \| Stopped]—C:\Windows\SysWOW64\mprdim.dll—(RemoteAccess) SRV - [2009-06-10 23:23:09 \| 000,066,384 \|——\| M] (Microsoft Corporation) [Disabled \| Stopped]—C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe—(clr_optimization_v2.0.50727_32) SRV - [2009-06-10 22:39:58 \| 000,089,920 \|——\| M] (Microsoft Corporation) [Disabled \| Stopped]—C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe—(clr_optimization_v2.0.50727_64) ========== Driver Services (SafeList) ========== DRV:64bit: - [File Corrupted - Detail Data unreadable] [Kernel \| Boot \| Running]—C:\Windows\SysNative\drivers\amdxata.sys—(amdxata) DRV:64bit: - [2012-05-23 11:43:09 \| 000,077,784 \|——\| M] () [Unknown (-1) \| Unknown (-1) \| Unknown]—C:\Windows\SysNative\drivers\81a40d87dc04e42d.sys—(81a40d87dc04e42d) DRV:64bit: - [2012-05-22 00:01:14 \| 000,087,456 \|——\| M] (LogMeIn, Inc.) [File_System \| Disabled \| Stopped]—C:\Windows\SysNative\LMIRfsClientNP.dll—(LMIRfsClientNP) DRV:64bit: - [2012-04-04 15:56:40 \| 000,024,904 \|——\| M] (Malwarebytes Corporation) [File_System \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\mbam.sys—(MBAMProtector) DRV:64bit: - [2012-03-01 08:46:16 \| 000,023,408 \|——\| M] () [Recognizer \| Boot \| Unknown]—C:\Windows\SysNative\drivers\fs_rec.sys—(Fs_Rec) DRV:64bit: - [2012-01-17 14:45:56 \| 000,188,224 \|——\| M] () [Kernel \| On_Demand \| Running]—C:\Windows\SysNative\drivers\nvhda64v.sys—(NVHDA) DRV:64bit: - [2011-10-01 09:30:22 \| 000,022,376 \|——\| M] () [Kernel \| On_Demand \| Running]—C:\Windows\SysNative\DRIVERS\Sftvollh.sys—(Sftvol) DRV:64bit: - [2011-10-01 09:30:18 \| 000,268,648 \|——\| M] () [Kernel \| On_Demand \| Running]—C:\Windows\SysNative\DRIVERS\Sftplaylh.sys—(Sftplay) DRV:64bit: - [2011-10-01 09:30:18 \| 000,025,960 \|——\| M] () [File_System \| On_Demand \| Running]—C:\Windows\SysNative\DRIVERS\Sftredirlh.sys—(Sftredir) DRV:64bit: - [2011-10-01 09:30:10 \| 000,764,264 \|——\| M] () [Kernel \| On_Demand \| Running]—C:\Windows\SysNative\DRIVERS\Sftfslh.sys—(Sftfs) DRV:64bit: - [2011-07-22 18:26:56 \| 000,014,928 \|——\| M] () [Kernel \| System \| Running]—C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS—(SASDIFSV) DRV:64bit: - [2011-07-12 23:55:18 \| 000,012,368 \|——\| M] () [Kernel \| System \| Running]—C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS—(SASKUTIL) DRV:64bit: - [2011-05-10 08:06:08 \| 000,051,712 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\Drivers\usbaapl64.sys—(USBAAPL64) DRV:64bit: - [2011-03-11 08:41:12 \| 000,107,904 \|——\| M] (Advanced Micro Devices) [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\amdsata.sys—(amdsata) DRV:64bit: - [2010-11-20 15:34:02 \| 000,360,832 \|——\| M] () [Kernel \| System \| Running]—C:\Windows\SysNative\drivers\vpcvmm.sys—(vpcvmm) DRV:64bit: - [2010-11-20 15:34:02 \| 000,194,944 \|——\| M] () [Kernel \| On_Demand \| Running]—C:\Windows\SysNative\DRIVERS\vpchbus.sys—(vpcbus) DRV:64bit: - [2010-11-20 15:33:35 \| 000,078,720 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\HpSAMD.sys—(HpSAMD) DRV:64bit: - [2010-11-20 13:35:32 \| 000,095,232 \|——\| M] () [Kernel \| On_Demand \| Running]—C:\Windows\SysNative\DRIVERS\vpcusb.sys—(vpcusb) DRV:64bit: - [2010-11-20 13:35:20 \| 000,059,392 \|——\| M] () [Kernel \| System \| Running]—C:\Windows\SysNative\DRIVERS\vpcnfltr.sys—(vpcnfltr) DRV:64bit: - [2010-11-20 13:07:05 \| 000,059,392 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\tsusbflt.sys—(TsUsbFlt) DRV:64bit: - [2010-11-20 13:03:42 \| 000,020,992 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\rdpvideominiport.sys—(RdpVideoMiniport) DRV:64bit: - [2010-08-21 10:55:08 \| 000,834,544 \|——\| M] () [Kernel \| Boot \| Stopped]—C:\Windows\SysNative\Drivers\sptd.sys—(sptd) DRV:64bit: - [2010-05-31 12:31:10 \| 000,072,216 \|——\| M] () [File_System \| Auto \| Running]—C:\Windows\SysNative\drivers\LMIRfsDriver.sys—(LMIRfsDriver) DRV:64bit: - [2010-05-31 12:30:44 \| 000,011,552 \|——\| M] () [Kernel \| On_Demand \| Running]—C:\Windows\SysNative\DRIVERS\lmimirr.sys—(lmimirr) DRV:64bit: - [2010-05-05 04:47:08 \| 006,789,632 \|——\| M] (ATI Technologies Inc.) [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\atikmdag.sys—(amdkmdag) DRV:64bit: - [2010-05-05 03:23:24 \| 000,221,184 \|——\| M] (Advanced Micro Devices, Inc.) [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\atikmpag.sys—(amdkmdap) DRV:64bit: - [2010-03-18 20:52:18 \| 000,295,000 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\hap17v2k.sys—(hap17v2k) DRV:64bit: - [2010-03-18 20:52:10 \| 000,259,672 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\hap16v2k.sys—(hap16v2k) DRV:64bit: - [2010-03-18 20:52:02 \| 001,360,984 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\ha10kx2k.sys—(ha10kx2k) DRV:64bit: - [2010-03-18 20:51:50 \| 000,147,544 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\emupia2k.sys—(emupia) DRV:64bit: - [2010-03-18 20:51:34 \| 000,290,392 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\ctsfm2k.sys—(ctsfm2k) DRV:64bit: - [2010-03-18 20:51:26 \| 000,016,984 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\ctprxy2k.sys—(ctprxy2k) DRV:64bit: - [2010-03-18 20:51:18 \| 000,221,272 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\ctoss2k.sys—(ossrv) DRV:64bit: - [2010-03-18 20:51:00 \| 000,026,328 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\DRIVERS\ctgame.sys—(ctgame) DRV:64bit: - [2010-03-18 20:50:52 \| 000,866,264 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\ctaud2k.sys—(ctaud2k) Creative Audio Driver (WDM) DRV:64bit: - [2010-03-18 20:50:42 \| 000,580,696 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\ctac32k.sys—(ctac32k) DRV:64bit: - [2010-03-18 20:40:10 \| 000,141,912 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\CTERFXFX.SYS—(CTERFXFX.SYS) DRV:64bit: - [2010-03-18 20:40:10 \| 000,141,912 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\CTERFXFX.SYS—(CTERFXFX) DRV:64bit: - [2010-03-18 20:40:02 \| 000,681,048 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\CTSBLFX.SYS—(CTSBLFX.SYS) DRV:64bit: - [2010-03-18 20:40:02 \| 000,681,048 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\CTSBLFX.SYS—(CTSBLFX) DRV:64bit: - [2010-03-18 20:39:54 \| 000,706,648 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\CTAUDFX.SYS—(CTAUDFX.SYS) DRV:64bit: - [2010-03-18 20:39:54 \| 000,706,648 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\CTAUDFX.SYS—(CTAUDFX) DRV:64bit: - [2010-03-18 20:39:44 \| 000,158,808 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\COMMONFX.SYS—(COMMONFX.SYS) DRV:64bit: - [2010-03-18 20:39:44 \| 000,158,808 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\COMMONFX.SYS—(COMMONFX) DRV:64bit: - [2010-03-09 12:21:42 \| 000,123,408 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\AtiHdmi.sys—(AtiHdmiService) DRV:64bit: - [2010-02-26 16:32:14 \| 000,158,976 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\DRIVERS\Impcd.sys—(Impcd) DRV:64bit: - [2010-02-03 15:56:56 \| 000,033,856 \| -H—\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\DRIVERS\hamachi.sys—(hamachi) DRV:64bit: - [2009-11-27 18:45:06 \| 000,295,424 \|——\| M] () [Kernel \| On_Demand \| Running]—C:\Windows\SysNative\DRIVERS\Rt64win7.sys—(RTL8167) DRV:64bit: - [2009-11-04 16:12:52 \| 000,026,496 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\DRIVERS\aticir.sys—(AtiIrRcvr) DRV:64bit: - [2009-09-25 16:58:32 \| 000,178,688 \|——\| M] () [Kernel \| On_Demand \| Running]—C:\Windows\SysNative\DRIVERS\nusb3xhc.sys—(nusb3xhc) DRV:64bit: - [2009-09-25 16:58:24 \| 000,073,728 \|——\| M] () [Kernel \| On_Demand \| Running]—C:\Windows\SysNative\DRIVERS\nusb3hub.sys—(nusb3hub) DRV:64bit: - [2009-09-17 13:54:54 \| 000,056,344 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\DRIVERS\HECIx64.sys—(HECIx64) Intel(R) DRV:64bit: - [2009-08-06 08:24:16 \| 000,061,280 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\DRIVERS\fssfltr.sys—(fssfltr) DRV:64bit: - [2009-07-14 03:52:20 \| 000,194,128 \|——\| M] (AMD Technologies Inc.) [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\amdsbs.sys—(amdsbs) DRV:64bit: - [2009-07-14 03:48:04 \| 000,065,600 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\DRIVERS\lsi_sas2.sys—(LSI_SAS2) DRV:64bit: - [2009-07-14 03:47:48 \| 000,024,144 \|——\| M] () [Kernel \| Disabled \| Stopped]—C:\Windows\SysNative\DRIVERS\crcdisk.sys—(crcdisk) DRV:64bit: - [2009-07-14 03:45:55 \| 000,024,656 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\DRIVERS\stexstor.sys—(stexstor) DRV:64bit: - [2009-07-14 01:19:47 \| 000,092,160 \|——\| M] () [File_System \| Disabled \| Stopped]—C:\Windows\SysNative\DRIVERS\cdfs.sys—(cdfs) DRV:64bit: - [2009-06-17 18:54:46 \| 000,040,976 \|——\| M] () [Kernel \| On_Demand \| Running]—C:\Windows\SysNative\Drivers\LUsbFilt.Sys—(LUsbFilt) DRV:64bit: - [2009-06-17 18:54:38 \| 000,112,144 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\DRIVERS\LMouKE.Sys—(LMouKE) DRV:64bit: - [2009-06-17 18:54:30 \| 000,057,872 \|——\| M] () [Kernel \| On_Demand \| Running]—C:\Windows\SysNative\DRIVERS\LMouFilt.Sys—(LMouFilt) DRV:64bit: - [2009-06-17 18:54:22 \| 000,055,312 \|——\| M] () [Kernel \| On_Demand \| Running]—C:\Windows\SysNative\DRIVERS\LHidFilt.Sys—(LHidFilt) DRV:64bit: - [2009-06-17 18:53:42 \| 000,089,616 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\DRIVERS\L8042mou.Sys—(L8042mou) DRV:64bit: - [2009-06-17 18:53:34 \| 000,030,736 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\DRIVERS\L8042Kbd.sys—(L8042Kbd) DRV:64bit: - [2009-06-10 22:34:33 \| 003,286,016 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\DRIVERS\evbda.sys—(ebdrv) DRV:64bit: - [2009-06-10 22:34:28 \| 000,468,480 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\DRIVERS\bxvbda.sys—(b06bdrv) DRV:64bit: - [2009-06-10 22:34:23 \| 000,270,848 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\DRIVERS\b57nd60a.sys—(b57nd60a) DRV:64bit: - [2009-06-10 22:31:59 \| 000,031,232 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\drivers\hcw85cir.sys—(hcw85cir) DRV:64bit: - [2009-06-04 19:54:36 \| 000,408,600 \|——\| M] () [Kernel \| Boot \| Running]—C:\Windows\SysNative\DRIVERS\iaStor.sys—(iaStor) DRV:64bit: - [2009-05-18 13:17:08 \| 000,034,152 \|——\| M] () [Kernel \| On_Demand \| Running]—C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys—(GEARAspiWDM) DRV:64bit: - [2008-03-13 09:46:00 \| 000,027,136 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\DRIVERS\ManyCam_x64.sys—(ManyCam) DRV:64bit: - [2008-01-21 18:45:00 \| 000,008,192 \|——\| M] () [Kernel \| On_Demand \| Stopped]—C:\Windows\SysNative\DRIVERS\ASACPI.sys—(MTsensor) DRV - [2012-06-02 17:33:17 \| 000,021,712 \|——\| M] (Phoenix Technologies) [Kernel \| On_Demand \| Stopped]—C:\Windows\SysWOW64\drivers\DrvAgent64.SYS—(DrvAgent64) DRV - [2009-07-14 03:19:10 \| 000,019,008 \|——\| M] (Microsoft Corporation) [File_System \| On_Demand \| Stopped]—C:\Windows\SysWOW64\drivers\wimmount.sys—(WIMMount) DRV - [2005-01-03 17:43:08 \| 000,004,682 \|——\| M] (INCA Internet Co., Ltd.) [Kernel \| On_Demand \| Stopped]—C:\Windows\SysWOW64\npptNT2.sys—(NPPTNT2) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{011675C9-3047-4A9E-879E-E485C6F96600}: “URL” = http://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: “URL” = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie;={inputEncoding}&oe;={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKLM\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{58926F8C-7F5D-4347-B932-AC3431A33182}: “URL” = http://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: “URL” = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie;={inputEncoding}&oe;={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyOverride” = <local> IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyOverride” = <local> IE - HKU\S-1-5-21-1274949929-1441606062-917859839-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/ IE - HKU\S-1-5-21-1274949929-1441606062-917859839-1001\..\SearchScopes,DefaultScope = {45EA68EE-F59D-4DD3-A029-778508A02A1C} IE - HKU\S-1-5-21-1274949929-1441606062-917859839-1001\..\SearchScopes\{4009D611-D17C-44CC-B93C-2715AA28246B}: “URL” = http://searchya.com/?chnl=dcom-100&s=1&cr=797552488&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyCtDtB&q={searchTerms} IE - HKU\S-1-5-21-1274949929-1441606062-917859839-1001\..\SearchScopes\{45EA68EE-F59D-4DD3-A029-778508A02A1C}: “URL” = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie;={inputEncoding?}&oe;={outputEncoding?}&rlz=1I7GGLL_daDK393 IE - HKU\S-1-5-21-1274949929-1441606062-917859839-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: “URL” = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie;={inputEncoding}&oe;={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-1274949929-1441606062-917859839-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: “URL” = http://isearch.avg.com/search?cid={0468FE1E-BDAB-43A8-8BB7-AAC52E7AE276}&mid=d862e4b7433346cbad359e72de2fe603-10a778331c8bc3c3eaaa320bfac98879b8564bac&lang=en&ds=pl011&pr=sa&d=2012-06-02 16:59:20&v=11.1.0.7&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-1274949929-1441606062-917859839-1001\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: “URL” = http://www.bigseekpro.com/search/browser/solidyoutube/{5D3FEF13-98C7-49F8-8D0E-73BC3E21990B}?q={searchTerms} IE - HKU\S-1-5-21-1274949929-1441606062-917859839-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyEnable” = 0 IE - HKU\S-1-5-21-1274949929-1441606062-917859839-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: “ProxyOverride” = 127.0.0.1:9421;.local;<local> ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: .:3.3.3.2 FF - prefs.js..extensions.enabledItems: {88c7f2aa-f93f-432c-8f0e-b7d85967a527}:3.3.3.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.7 FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442 FF - prefs.js..extensions.enabledItems: {75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.8 FF - prefs.js..extensions.enabledItems: .:1.0.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27 FF - prefs.js..extensions.enabledItems: .:7.0.1426 FF - prefs.js..browser.startup.homepage: “http://searchya.com/?chnl=dcom-100&s=0&cr=797552488&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyCtDtB” FF - prefs.js..browser.search.selectedEngine: “SearchYa!” FF:64bit:* - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Hellfire\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2011-07-14 20:42:52 \| 000,000,000 \|—-D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.7\ [2012-06-02 16:59:21 \| 000,000,000 \|—-D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-08-22 19:02:03 \| 000,000,000 \|—-D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012-06-02 10:41:15 \| 000,000,000 \|—-D \| M] [2010-09-12 10:39:05 \| 000,000,000 \|—-D \| M] (No name found)—C:\Users\Hellfire\AppData\Roaming\mozilla\Extensions [2012-06-02 17:14:44 \| 000,000,000 \|—-D \| M] (No name found)—C:\Users\Hellfire\AppData\Roaming\mozilla\Firefox\Profiles\1153irh1.default\extensions [2011-07-14 19:46:06 \| 000,000,000 \|—-D \| M] (Solid YouTube Downloader and Converter DB Toolbar)—C:\Users\Hellfire\AppData\Roaming\mozilla\Firefox\Profiles\1153irh1.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC} [2011-08-13 23:18:21 \| 000,000,000 \|—-D \| M] (BitTorrentBar Community Toolbar)—C:\Users\Hellfire\AppData\Roaming\mozilla\Firefox\Profiles\1153irh1.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} [2011-08-13 23:18:22 \| 000,000,000 \|—-D \| M] (Greasemonkey)—C:\Users\Hellfire\AppData\Roaming\mozilla\Firefox\Profiles\1153irh1.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2011-08-13 23:18:20 \| 000,000,000 \|—-D \| M] (Conduit Engine)—C:\Users\Hellfire\AppData\Roaming\mozilla\Firefox\Profiles\1153irh1.default\extensions\engine@conduit.com [2012-06-02 17:14:44 \| 000,000,000 \|—-D \| M] (searchya.com)—C:\Users\Hellfire\AppData\Roaming\mozilla\Firefox\Profiles\1153irh1.default\extensions\ffxtlbr@searchya.com [2011-07-20 19:27:17 \| 000,002,382 \|——\| M] ()—C:\Users\Hellfire\AppData\Roaming\Mozilla\Firefox\Profiles\1153irh1.default\searchplugins\search.xml [2012-06-02 17:14:43 \| 000,001,464 \|——\| M] ()—C:\Users\Hellfire\AppData\Roaming\Mozilla\Firefox\Profiles\1153irh1.default\searchplugins\searchya.xml [2012-05-27 17:25:21 \| 000,000,000 \|—-D \| M] (No name found)—C:\Program Files (x86)\mozilla firefox\extensions [2011-10-22 12:55:05 \| 000,000,000 \|—-D \| M] (Skype Click to Call)—C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2010-08-20 22:31:50 \| 000,000,000 \|—-D \| M] (Java Console)—C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2011-04-20 19:09:07 \| 000,000,000 \|—-D \| M] (Java Console)—C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-09-18 12:14:54 \| 000,000,000 \|—-D \| M] (Java Console)—C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [2011-07-14 20:42:52 \| 000,000,000 \|—-D \| M] (Freemake Video Converter Plugin)—C:\PROGRAM FILES (X86)\FREEMAKE\FREEMAKE VIDEO CONVERTER\BROWSERPLUGIN\FIREFOX File not found (No name found)—C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2010-07-12 18:33:56 \| 000,012,800 \|——\| M] (Nullsoft, Inc.)—C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011-08-22 19:02:02 \| 000,001,525 \|——\| M] ()—C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-co-uk.xml [2012-06-02 16:59:16 \| 000,003,749 \|——\| M] ()—C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2011-08-22 19:02:02 \| 000,001,178 \|——\| M] ()—C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-da.xml [2011-08-22 19:02:02 \| 000,001,102 \|——\| M] ()—C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-dk.xml O1 HOSTS File: ([2012-06-03 11:11:09 \| 000,000,027 \|——\| M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll () O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\19.0.1084.52\npchrome_frame.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1274949929-1441606062-917859839-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3:64bit: - HKU\S-1-5-21-1274949929-1441606062-917859839-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.) O4 - HKLM..\Run: [AsioReg] C:\Windows\SysWow64\ctasio.dll (Creative Technology Ltd) O4 - HKLM..\Run: [AsioThk32Reg] C:\Windows\SysWow64\ctasio.dll (Creative Technology Ltd) O4 - HKLM..\Run: [CTHelper] C:\Windows\SysWow64\CtHelper.exe (Creative Technology Ltd) O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe () O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe () O4 - HKU\S-1-5-21-1274949929-1441606062-917859839-1001..\Run: [Akamai NetSession Interface] C:\Users\Hellfire\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) O4 - HKU\S-1-5-21-1274949929-1441606062-917859839-1001..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.) O4 - HKU\S-1-5-21-1274949929-1441606062-917859839-1001..\Run: [Steam] E:\Steam\Steam.exe (Valve Corporation) O4 - HKU\S-1-5-21-1274949929-1441606062-917859839-1001..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) O4 - HKU\S-1-5-21-1274949929-1441606062-917859839-1005..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1274949929-1441606062-917859839-1005..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Hellfire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopVideoPlayer.lnk = C:\Users\Hellfire\AppData\Local\vghd\bin\vghd.exe (Totem Entertainment) O4 - Startup: C:\Users\Hellfire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Hellfire\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1274949929-1441606062-917859839-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1274949929-1441606062-917859839-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1274949929-1441606062-917859839-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-1274949929-1441606062-917859839-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra ‘Tools’ menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\PrxerNsp.dll (Initex Software) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKU\S-1-5-21-1274949929-1441606062-917859839-1001\..Trusted Domains: jabcomix.com ([www] http in Pålidelige websteder) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=724 (Performance Viewer Activex Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{05906625-BB0B-41F0-ACF2-0A07DB8974D7}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\gcf - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\19.0.1084.52\npchrome_frame.dll (Google Inc.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\HmelyoffLabs\VHToolkit\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll () O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-07-14 13:46:12 \| 000,000,043 \| R—- \| M] () - D:\autorun.inf—[ UDF ] O34 - HKLM BootExecute: (autocheck autochk ) O35:64bit:* - HKLM\..comfile [open]—“%1” %* O35:64bit: - HKLM\..exefile [open]—“%1” %* O35 - HKLM\..comfile [open]—“%1” %* O35 - HKLM\..exefile [open]—“%1” %* O37:64bit: - HKLM\...com [@ = ComFile]—“%1” %* O37:64bit: - HKLM\...exe [@ = exefile]—“%1” %* O37 - HKLM\...com [@ = ComFile]—“%1” %* O37 - HKLM\...exe [@ = exefile]—“%1” %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) Drivers32:64bit: msacm.ac3filter - ac3filter64.acm () Drivers32:64bit: msacm.bdmpeg - bdmpega64.acm () Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32:64bit: vidc.mjpg - bdmjpeg64.dll () Drivers32:64bit: vidc.mpeg - bdmpegv64.dll () Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm () Drivers32: msacm.bdmpeg - C:\Windows\SysWow64\bdmpega.acm () Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) Drivers32: VIDC.FFDS - C:\PROGRA~2\COMBIN~1\Filters\FFDShow\ff_vfw.dll () Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation) Drivers32: vidc.mjpg - C:\Windows\SysWow64\bdmjpeg.dll () Drivers32: vidc.mpeg - C:\Windows\SysWow64\bdmpegv.dll () Drivers32: VIDC.WMV3 - C:\Windows\SysWow64\wmv9vcm.dll (Microsoft Corporation) MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) MsConfig:64bit - StartUpReg: Dyyno Launcher - hkey= - key= - C:\Program Files (x86)\Dyyno Broadcaster\dyyno_launcher.exe () MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) MsConfig:64bit - StartUpReg: ManyCam - hkey= - key= - File not found MsConfig:64bit - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.) MsConfig:64bit - State: “startup” - Reg Error: Key error. MsConfig:64bit - State: “bootini” - Reg Error: Key error. SafeBootMin:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com) SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com) SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices CREATERESTOREPOINT System Restore Service not available. ========== Files/Folders - Created Within 30 Days ========== [2012-06-03 15:54:03 \| 000,595,968 \|——\| C] (OldTimer Tools)—C:\Users\Hellfire\Desktop\OTL.exe [2012-06-03 11:16:14 \| 000,000,000 \|—-D \| C]—C:\Windows\temp [2012-06-03 11:02:46 \| 000,518,144 \|——\| C] (SteelWerX)—C:\Windows\SWREG.exe [2012-06-03 11:02:46 \| 000,406,528 \|——\| C] (SteelWerX)—C:\Windows\SWSC.exe [2012-06-03 11:02:46 \| 000,060,416 \|——\| C] (NirSoft)—C:\Windows\NIRCMD.exe [2012-06-03 11:02:42 \| 000,000,000 \|—-D \| C]—C:\ComboFix [2012-06-03 11:02:41 \| 000,000,000 \|—-D \| C]—C:\Qoobox [2012-06-03 11:00:31 \| 004,535,659 \| R—- \| C] (Swearware)—C:\Users\Hellfire\Desktop\ComboFix.exe [2012-06-03 11:00:13 \| 000,000,000 \|—-D \| C]—C:\Windows\ERDNT [2012-06-03 10:59:15 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT [2012-06-03 10:59:15 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\ERUNT [2012-06-03 10:57:58 \| 000,791,393 \|——\| C] (Lars Hederer )—C:\Users\Hellfire\Desktop\erunt-setup.exe [2012-06-02 22:51:12 \| 000,000,000 \|—-D \| C]—C:\Users\Hellfire\Desktop\RK_Quarantine [2012-06-02 17:44:25 \| 004,731,392 \|——\| C] (AVAST Software)—C:\Users\Hellfire\Desktop\aswMBR.exe [2012-06-02 17:39:50 \| 000,000,000 \|—-D \| C]—C:\Users\Hellfire\Desktop\tdsskiller [2012-06-02 17:33:17 \| 000,021,712 \|——\| C] (Phoenix Technologies)—C:\Windows\SysWow64\drivers\DrvAgent64.SYS [2012-06-02 17:33:17 \| 000,000,000 \|—-D \| C]—C:\Users\Hellfire\AppData\Local\eSupport.com [2012-06-02 17:15:15 \| 000,000,000 \|—-D \| C]—C:\Users\Hellfire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker [2012-06-02 17:15:15 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Unlocker [2012-06-02 17:14:44 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Ironsource [2012-06-02 16:59:33 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CleanTree [2012-06-02 16:59:33 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\CleanTree [2012-06-02 16:59:23 \| 000,000,000 \|—-D \| C]—C:\Users\Hellfire\AppData\Local\AVG Secure Search [2012-06-02 16:59:18 \| 000,000,000 \|—-D \| C]—C:\ProgramData\AVG Secure Search [2012-06-02 16:59:16 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Common Files\AVG Secure Search [2012-06-02 16:59:16 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\AVG Secure Search [2012-06-02 15:52:37 \| 000,000,000 \|—-D \| C]—C:\Windows\pss [2012-06-02 09:06:37 \| 000,607,260 \| R—- \| C] (Swearware)—C:\Users\Hellfire\Desktop\dds.scr [2012-06-01 22:34:55 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes’ Anti-Malware [2012-06-01 22:34:54 \| 000,024,904 \|——\| C] (Malwarebytes Corporation)—C:\Windows\SysNative\drivers\mbam.sys [2012-06-01 22:34:54 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Malwarebytes’ Anti-Malware [2012-06-01 21:38:51 \| 000,000,000 \|—-D \| C]—C:\Users\Hellfire\AppData\Roaming\f-secure [2012-06-01 21:22:23 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Trend Micro [2012-06-01 21:22:23 \| 000,000,000 \|—-D \| C]—C:\Users\Hellfire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2012-06-01 18:09:49 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Sikkerhedspakke [2012-06-01 18:09:21 \| 000,000,000 \|—-D \| C]—C:\ProgramData\fssg [2012-06-01 18:08:38 \| 000,000,000 \|—-D \| C]—C:\ProgramData\f-secure [2012-05-27 00:47:37 \| 000,258,520 \|——\| C] (AVAST Software)—C:\Windows\SysNative\aswBoot.exe [2012-05-27 00:47:16 \| 000,000,000 \|—-D \| C]—C:\Program Files\AVAST Software [2012-05-27 00:32:33 \| 000,324,880 \|——\| C] (AVAST Software)—C:\Users\Hellfire\Desktop\aswclear.exe [2012-05-27 00:09:24 \| 000,000,000 \|—-D \| C]—C:\ProgramData\AVAST Software [2012-05-23 12:40:56 \| 000,000,000 \|—-D \| C]—C:\Users\Hellfire\AppData\Roaming\Malwarebytes [2012-05-23 12:40:44 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Malwarebytes [2012-05-23 12:05:33 \| 000,000,000 \|—-D \| C]—C:\Users\Hellfire\Desktop\SWF [2012-05-23 12:04:34 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\ESET [2012-05-23 11:57:11 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012-05-23 11:57:11 \| 000,000,000 \|—-D \| C]—C:\Program Files\CCleaner [2012-05-23 11:49:26 \| 000,000,000 \|—-D \| C]—C:\hft [2012-05-21 19:05:53 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012-05-19 17:58:51 \| 000,000,000 \|—-D \| C]—C:\Users\Hellfire\Desktop\Texmod [2012-05-19 17:55:56 \| 000,000,000 \|—-D \| C]—C:\bsnude [2012-05-19 17:45:18 \| 000,000,000 \|—-D \| C]—C:\Users\Hellfire\AppData\Local\SKIDROW [2012-05-19 17:45:17 \| 000,000,000 \|—-D \| C]—C:\Users\Hellfire\AppData\Local\BladesOfTime [2012-05-19 17:44:43 \| 000,000,000 \|—-D \| C]—C:\Users\Hellfire\AppData\Roaming\uMod [2012-05-19 17:43:54 \| 000,000,000 \|—-D \| C]—C:\Users\Hellfire\Desktop\208_BoT2-nm [2012-05-19 17:27:56 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Konami [2012-05-19 15:55:41 \| 000,000,000 \|—-D \| C]—C:\Users\Hellfire\Desktop\uMod_v1_r44 [2012-05-15 13:10:27 \| 000,000,000 \|—-D \| C]—C:\Users\Hellfire\Documents\Diablo III [2012-05-15 11:40:49 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III [2012-05-15 11:25:20 \| 000,000,000 \|—-D \| C]—C:\ProgramData\Battle.net [2012-05-11 00:33:29 \| 001,544,704 \|——\| C] (Microsoft Corporation)—C:\Windows\SysNative\DWrite.dll [2012-05-11 00:33:22 \| 003,968,368 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\ntkrnlpa.exe [2012-05-11 00:33:21 \| 003,913,072 \|——\| C] (Microsoft Corporation)—C:\Windows\SysWow64\ntoskrnl.exe [2012-05-08 10:02:51 \| 000,000,000 \|—-D \| C]—C:\Users\Hellfire\Desktop\dfhack-0.34.07-r2-Windows [2012-05-07 13:54:49 \| 000,000,000 \|—-D \| C]—C:\Users\Hellfire\Desktop\EFT2.14.8 [2012-05-06 11:32:10 \| 000,000,000 \|—-D \| C]—C:\manga [2012-05-05 07:39:45 \| 000,000,000 \|—-D \| C]—C:\Users\Hellfire\AppData\Local\Ubisoft Game Launcher [2012-05-05 07:39:45 \| 000,000,000 \|—-D \| C]—C:\Users\Hellfire\Documents\Might & Magic Heroes VI [2012-05-05 07:24:04 \| 000,000,000 \|—-D \| C]—C:\Program Files (x86)\Ubisoft ========== Files - Modified Within 30 Days ========== [2012-06-03 16:04:15 \| 000,019,104 \| -H—\| M] ()—C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012-06-03 16:04:15 \| 000,019,104 \| -H—\| M] ()—C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456
[ Ignorer ] [ # 21 ] 2903jb
03.06.2012 16:32:26 Antal indlæg: 22	< MD5 for: EXPLORER.EXE > [2011-02-26 08:23:14 \| 002,870,272 \|——\| M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93—C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe [2011-02-26 07:19:21 \| 002,616,320 \|——\| M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746—C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2009-07-14 03:14:20 \| 002,613,248 \|——\| M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F—C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2011-02-26 07:51:13 \| 002,614,784 \|——\| M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8—C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe [2009-10-31 07:45:39 \| 002,614,272 \|——\| M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727—C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2011-02-26 07:33:07 \| 002,614,784 \|——\| M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF—C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe [2011-02-25 08:19:30 \| 002,871,808 \|——\| M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3—C:\Windows\ERDNT\cache86\explorer.exe [2011-02-25 08:19:30 \| 002,871,808 \|——\| M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3—C:\Windows\explorer.exe [2011-02-25 08:19:30 \| 002,871,808 \|——\| M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3—C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011-02-26 08:14:34 \| 002,871,808 \|——\| M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48—C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010-11-20 14:17:09 \| 002,616,320 \|——\| M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493—C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2009-08-03 08:19:07 \| 002,868,224 \|——\| M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6—C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2011-02-25 07:30:54 \| 002,616,320 \|——\| M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E—C:\Windows\SysWOW64\explorer.exe [2011-02-25 07:30:54 \| 002,616,320 \|——\| M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E—C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2009-08-03 07:49:47 \| 002,613,248 \|——\| M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D—C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2009-10-31 08:34:59 \| 002,870,272 \|——\| M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE—C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2010-11-20 15:24:45 \| 002,872,320 \|——\| M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24—C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe [2009-10-31 08:38:38 \| 002,870,272 \|——\| M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F—C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009-08-03 07:35:50 \| 002,613,248 \|——\| M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047—C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009-07-14 03:39:10 \| 002,868,224 \|——\| M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64—C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009-10-31 08:00:51 \| 002,614,272 \|——\| M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917—C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2011-02-26 08:26:45 \| 002,870,784 \|——\| M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D—C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe [2009-08-03 08:17:37 \| 002,868,224 \|——\| M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799—C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: I8042PRT.SYS > [2009-07-14 01:19:57 \| 000,105,472 \|——\| M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3—C:\Windows\SysNative\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\i8042prt.sys [2009-07-14 01:19:57 \| 000,105,472 \|——\| M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3—C:\Windows\SysNative\DriverStore\FileRepository\msmouse.inf_amd64_neutral_7a5f47d3150cc0eb\i8042prt.sys [2009-07-14 01:19:57 \| 000,105,472 \|——\| M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3—C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7600.16385_none_f3435f7ff2a9f325\i8042prt.sys [2009-07-14 01:19:57 \| 000,105,472 \|——\| M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3—C:\Windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\i8042prt.sys [2009-07-14 01:19:57 \| 000,105,472 \|——\| M] (Microsoft Corporation) MD5=FA55C73D4AFFA7EE23AC4BE53B4592D3—C:\Windows\winsxs\amd64_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_aa28fd23ec0c39f9\i8042prt.sys [2009-07-14 01:19:57 \| 000,105,472 \|——\| M] () Unable to obtain MD5—C:\Windows\SysNative\drivers\i8042prt.sys < MD5 for: IEXPLORE.EXE > [2012-04-04 15:56:38 \| 000,199,240 \|——\| M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D—C:\Program Files (x86)\Malwarebytes’ Anti-Malware\Chameleon\iexplore.exe [2010-09-08 06:36:39 \| 000,673,040 \|——\| M] (Microsoft Corporation) MD5=14803EA3E5DD7CB37CB446C74CFDA38F—C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20795_none_1a39121b8bff3c23\iexplore.exe [2009-07-14 03:17:29 \| 000,673,048 \|——\| M] (Microsoft Corporation) MD5=2C32E3E596CFE660353753EABEFB0540—C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16385_none_19ba3f8a72d988f3\iexplore.exe [2010-09-08 07:37:57 \| 000,696,592 \|——\| M] (Microsoft Corporation) MD5=4879CB864E290BED38C5BDB641144B1B—C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20795_none_0fe467c9579e7a28\iexplore.exe [2010-09-08 07:49:01 \| 000,696,592 \|——\| M] (Microsoft Corporation) MD5=498035ABCCF1ED47AE6791D239187587—C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16671_none_0f6c69ae3e743d20\iexplore.exe [2010-11-04 07:54:54 \| 000,673,040 \|——\| M] (Microsoft Corporation) MD5=58CF468D3FF4CF830339FE5E45356355—C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16700_none_1a0bc510729d1f54\iexplore.exe [2010-09-08 06:31:24 \| 000,673,040 \|——\| M] (Microsoft Corporation) MD5=61EDBCE47ADF3E52AB0B9F49EE4AEBB8—C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16671_none_19c1140072d4ff1b\iexplore.exe [2010-11-04 07:54:59 \| 000,673,040 \|——\| M] (Microsoft Corporation) MD5=6B2258FF6D2332073FE9E90122FA4168—C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20831_none_1a75f2618bd22c48\iexplore.exe [2010-12-18 08:17:48 \| 000,696,592 \|——\| M] (Microsoft Corporation) MD5=700B40EA39DFB25517A81032F03D6D20—C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16722_none_0fa37b7a3e4ac7e9\iexplore.exe [2010-11-20 15:28:25 \| 000,695,056 \|——\| M] (Microsoft Corporation) MD5=86257731DDB311FBC283534CC0091634—C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1196a9003b674a92\iexplore.exe [2010-12-18 08:11:10 \| 000,696,592 \|——\| M] (Microsoft Corporation) MD5=8C6C32E4AF8A3D7155656F5897C504E0—C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20861_none_1000d84b5789be20\iexplore.exe [2011-06-04 11:57:37 \| 000,748,336 \|——\| M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639—C:\Program Files (x86)\Internet Explorer\iexplore.exe [2011-06-04 11:57:37 \| 000,748,336 \|——\| M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639—C:\Windows\ERDNT\cache86\iexplore.exe [2011-06-04 11:57:37 \| 000,748,336 \|——\| M] (Microsoft Corporation) MD5=904E13BA41AF2E353A32CF351CA53639—C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16421_none_17a944edb4ca4c7a\iexplore.exe [2010-12-18 07:32:25 \| 000,673,040 \|——\| M] (Microsoft Corporation) MD5=9321CF0D023528C71E3645F8433C86C8—C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20861_none_1a55829d8bea801b\iexplore.exe [2011-02-24 07:45:11 \| 000,673,040 \|——\| M] (Microsoft Corporation) MD5=AB2BB40A5FE49AD236791AC22BD08869—C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20908_none_1a9d66118bb386fd\iexplore.exe [2011-02-24 08:29:19 \| 000,696,592 \|——\| M] (Microsoft Corporation) MD5=B4881B8F6EDB48CABD44BCC9FB5475C4—C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20908_none_1048bbbf5752c502\iexplore.exe [2010-11-20 14:22:51 \| 000,673,040 \|——\| M] (Microsoft Corporation) MD5=C613E69C3B191BB02C7A191741A1D024—C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1beb53526fc80c8d\iexplore.exe [2011-02-24 07:32:52 \| 000,673,040 \|——\| M] (Microsoft Corporation) MD5=C6697A46554E36541E81182B258A19D6—C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16766_none_19d0e74472c85f04\iexplore.exe [2010-11-04 08:37:41 \| 000,696,592 \|——\| M] (Microsoft Corporation) MD5=D8E00EA671A1EFE95C69C7566C505AD4—C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16700_none_0fb71abe3e3c5d59\iexplore.exe [2011-02-24 08:32:09 \| 000,696,592 \|——\| M] (Microsoft Corporation) MD5=E1BBDE0F187194D4B08335234A4B9FC7—C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16766_none_0f7c3cf23e679d09\iexplore.exe [2010-11-04 08:42:22 \| 000,696,592 \|——\| M] (Microsoft Corporation) MD5=E220FB009F54AAF649C6A278A5156764—C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.20831_none_1021480f57716a4d\iexplore.exe [2011-06-04 11:57:37 \| 000,754,480 \|——\| M] (Microsoft Corporation) MD5=F1424C1B9B1813BF825E45DF3790BC8A—C:\Program Files\Internet Explorer\iexplore.exe [2011-06-04 11:57:37 \| 000,754,480 \|——\| M] (Microsoft Corporation) MD5=F1424C1B9B1813BF825E45DF3790BC8A—C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16421_none_0d549a9b80698a7f\iexplore.exe [2009-07-14 03:43:43 \| 000,696,600 \|——\| M] (Microsoft Corporation) MD5=F2B0D41E1D08D0B2006DF5AA2E74C81E—C:\Windows\winsxs\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16385_none_0f6595383e78c6f8\iexplore.exe [2010-12-18 07:33:54 \| 000,673,040 \|——\| M] (Microsoft Corporation) MD5=AA08B68EF4E35EFA170CF85A44B23B70—C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7600.16722_none_19f825cc72ab89e4\iexplore.exe < MD5 for: MRXSMB.SYS > [2011-05-04 04:51:08 \| 000,157,696 \|——\| M] (Microsoft Corporation) MD5=040D62A9D8AD28922632137ACDD984F2—C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.16808_none_dbdfe8986a8ad40a\mrxsmb.sys [2011-05-04 04:41:47 \| 000,158,208 \|——\| M] (Microsoft Corporation) MD5=629086CABFDFBE0AF7253CB6A494E35A—C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.20959_none_dc34761183d018e0\mrxsmb.sys [2010-02-27 09:52:22 \| 000,157,696 \|——\| M] (Microsoft Corporation) MD5=767A4C3BCF9410C286CED15A2DB17108—C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.16539_none_dbc0736c6aa249bf\mrxsmb.sys [2011-04-27 04:31:57 \| 000,158,208 \|——\| M] (Microsoft Corporation) MD5=8D841161A355809EF86819FD3C6361D3—C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.21714_none_de41115580da9655\mrxsmb.sys [2010-02-27 09:52:14 \| 000,157,696 \|——\| M] (Microsoft Corporation) MD5=968613CC6C0F7427FAC62ACED6F7B8C5—C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.20655_none_dc306f3783d3bc0f\mrxsmb.sys [2011-04-27 04:40:40 \| 000,158,208 \|——\| M] (Microsoft Corporation) MD5=A5D9106A73DC88564C825D317CAC68AC—C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.17605_none_ddc344c067b3f3f1\mrxsmb.sys [2011-02-23 07:15:27 \| 000,157,696 \|——\| M] (Microsoft Corporation) MD5=B7F3D2C40BDF8FFB73EBFB19C77734E2—C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.16765_none_db9c064c6abe3284\mrxsmb.sys [2011-02-23 05:47:58 \| 000,158,208 \|——\| M] (Microsoft Corporation) MD5=BE3A495095CD3307DE152EFDAC946C2A—C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.20907_none_dc68851983a95a7d\mrxsmb.sys [2011-02-23 06:56:31 \| 000,158,208 \|——\| M] (Microsoft Corporation) MD5=C2B4651001A867FF3F8865863B592991—C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.17565_none_dd82635267e49e70\mrxsmb.sys [2011-02-23 05:32:17 \| 000,158,208 \|——\| M] (Microsoft Corporation) MD5=CD291E3C21C61E17972DFAF8E2E2E5DA—C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.21666_none_de0d006781015791\mrxsmb.sys [2009-07-14 01:24:00 \| 000,157,184 \|——\| M] (Microsoft Corporation) MD5=CFDCD8CA87C2A657DEBC150AC35B5E08—C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7600.16385_none_db865edc6ace75ca\mrxsmb.sys [2010-11-20 11:27:43 \| 000,158,208 \|——\| M] (Microsoft Corporation) MD5=FAF015B07E3A2874A790A39B7D2C579F—C:\Windows\winsxs\amd64_microsoft-windows-smbminirdr_31bf3856ad364e35_6.1.7601.17514_none_ddb772a467bcf964\mrxsmb.sys [2011-04-27 04:40:40 \| 000,158,208 \|——\| M] () Unable to obtain MD5—C:\Windows\SysNative\drivers\mrxsmb.sys < MD5 for: NETBT.SYS > [2010-11-20 11:23:20 \| 000,261,632 \|——\| M] (Microsoft Corporation) MD5=09594D1089C523423B32A4229263F068—C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_be8acdd10de3b1a6\netbt.sys [2009-07-14 01:21:29 \| 000,259,072 \|——\| M] (Microsoft Corporation) MD5=9162B273A44AB9DCE5B44362731D062A—C:\Windows\winsxs\amd64_microsoft-windows-netbt_31bf3856ad364e35_6.1.7600.16385_none_bc59ba0910f52e0c\netbt.sys [2010-11-20 11:23:20 \| 000,261,632 \|——\| M] () Unable to obtain MD5—C:\Windows\SysNative\drivers\netbt.sys < MD5 for: SERVICES.EXE > [2009-07-14 03:39:37 \| 000,328,704 \|——\| M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB—C:\Windows\ERDNT\cache64\services.exe [2009-07-14 03:39:37 \| 000,328,704 \|——\| M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB—C:\Windows\SysNative\services.exe [2009-07-14 03:39:37 \| 000,328,704 \|——\| M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB—C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe < MD5 for: SVCHOST.EXE > [2012-04-04 15:56:38 \| 000,199,240 \|——\| M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D—C:\Program Files (x86)\Malwarebytes’ Anti-Malware\Chameleon\svchost.exe [2009-07-14 03:14:41 \| 000,020,992 \|——\| M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866—C:\Windows\ERDNT\cache86\svchost.exe [2009-07-14 03:14:41 \| 000,020,992 \|——\| M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866—C:\Windows\SysWOW64\svchost.exe [2009-07-14 03:14:41 \| 000,020,992 \|——\| M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866—C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe [2009-07-14 03:39:46 \| 000,027,136 \|——\| M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D—C:\Windows\ERDNT\cache64\svchost.exe [2009-07-14 03:39:46 \| 000,027,136 \|——\| M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D—C:\Windows\SysNative\svchost.exe [2009-07-14 03:39:46 \| 000,027,136 \|——\| M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D—C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe < MD5 for: TDX.SYS > [2009-07-14 01:21:15 \| 000,099,840 \|——\| M] (Microsoft Corporation) MD5=079125C4B17B01FCAEEBCE0BCB290C0F—C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_4632b9f2f5c6af5e\tdx.sys [2010-11-20 11:21:56 \| 000,119,296 \|——\| M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806—C:\Windows\ERDNT\cache64\tdx.sys [2010-11-20 11:21:56 \| 000,119,296 \|——\| M] (Microsoft Corporation) MD5=DDAD5A7AB24D8B65F8D724F5C20FD806—C:\Windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys [2010-11-20 11:21:56 \| 000,119,296 \|——\| M] () Unable to obtain MD5—C:\Windows\SysNative\drivers\tdx.sys < MD5 for: USERINIT.EXE > [2010-11-20 14:17:48 \| 000,026,624 \|——\| M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223—C:\Windows\ERDNT\cache86\userinit.exe [2010-11-20 14:17:48 \| 000,026,624 \|——\| M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223—C:\Windows\SysWOW64\userinit.exe [2010-11-20 14:17:48 \| 000,026,624 \|——\| M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223—C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009-07-14 03:14:43 \| 000,026,112 \|——\| M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175—C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009-07-14 03:39:48 \| 000,030,208 \|——\| M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE—C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010-11-20 15:25:24 \| 000,030,720 \|——\| M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53—C:\Windows\ERDNT\cache64\userinit.exe [2010-11-20 15:25:24 \| 000,030,720 \|——\| M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53—C:\Windows\SysNative\userinit.exe [2010-11-20 15:25:24 \| 000,030,720 \|——\| M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53—C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: VOLSNAP.SYS > [2010-11-20 15:34:02 \| 000,295,808 \|——\| M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639—C:\Windows\SysNative\DriverStore\FileRepository\volume.inf_amd64_neutral_df8bea40ac96ca21\volsnap.sys [2010-11-20 15:34:02 \| 000,295,808 \|——\| M] (Microsoft Corporation) MD5=0D08D2F3B3FF84E433346669B5E0F639—C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_73dcbcf012b4850e\volsnap.sys [2009-07-14 03:45:55 \| 000,294,992 \|——\| M] (Microsoft Corporation) MD5=58F82EED8CA24B461441F9C3E4F0BF5C—C:\Windows\winsxs\amd64_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_71aba92815c60174\volsnap.sys [2010-11-20 15:34:02 \| 000,295,808 \|——\| M] () Unable to obtain MD5—C:\Windows\SysNative\drivers\volsnap.sys < MD5 for: WININIT.EXE > [2009-07-14 03:39:52 \| 000,129,024 \|——\| M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA—C:\Windows\ERDNT\cache64\wininit.exe [2009-07-14 03:39:52 \| 000,129,024 \|——\| M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA—C:\Windows\SysNative\wininit.exe [2009-07-14 03:39:52 \| 000,129,024 \|——\| M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA—C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009-07-14 03:14:45 \| 000,096,256 \|——\| M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665—C:\Windows\ERDNT\cache86\wininit.exe [2009-07-14 03:14:45 \| 000,096,256 \|——\| M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665—C:\Windows\SysWOW64\wininit.exe [2009-07-14 03:14:45 \| 000,096,256 \|——\| M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665—C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2012-04-04 15:56:38 \| 000,199,240 \|——\| M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D—C:\Program Files (x86)\Malwarebytes’ Anti-Malware\Chameleon\winlogon.exe [2010-11-20 15:25:30 \| 000,390,656 \|——\| M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457—C:\Windows\ERDNT\cache64\winlogon.exe [2010-11-20 15:25:30 \| 000,390,656 \|——\| M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457—C:\Windows\SysNative\winlogon.exe [2010-11-20 15:25:30 \| 000,390,656 \|——\| M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457—C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009-07-14 03:39:52 \| 000,389,120 \|——\| M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A—C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009-10-28 09:01:57 \| 000,389,632 \|——\| M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE—C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009-10-28 08:24:40 \| 000,389,632 \|——\| M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A—C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < %SYSTEMDRIVE%\. > [2010-11-09 21:10:54 \| 000,001,024 \|——\| M] ()—C:\.rnd [2010-11-20 14:40:07 \| 000,383,786 \| RHS- \| M] ()—C:\bootmgr [2010-08-18 13:10:23 \| 000,008,192 \| RHS- \| M] ()—C:\BOOTSECT.BAK [2012-06-03 11:16:13 \| 000,027,942 \|——\| M] ()—C:\ComboFix.txt [2011-10-02 13:36:41 \| 000,118,068 \|——\| M] ()—C:\fmle_session_20111002_133243.log [2011-10-02 13:54:21 \| 000,001,556 \|——\| M] ()—C:\fmle_session_20111002_135038.log [2011-10-02 19:56:27 \| 000,288,092 \|——\| M] ()—C:\fmle_session_20111002_143753.log [2011-10-02 20:07:40 \| 000,001,528 \|——\| M] ()—C:\fmle_session_20111002_200740.log [2012-06-03 15:56:44 \| 1072,549,886 \| -HS- \| M] ()—C:\hiberfil.sys [2012-06-03 15:56:45 \| 4293,378,046 \| -HS- \| M] ()—C:\pagefile.sys [2011-05-31 15:18:49 \| 040,232,291 \|——\| M] ()—C:\Plants vs. Zombies.zip [2012-06-02 13:15:13 \| 000,000,910 \|——\| M] ()—C:\registrer.bat [2012-06-01 20:18:01 \| 000,000,653 \|——\| M] ()—C:\rkill.log [2012-06-02 17:40:41 \| 000,006,002 \|——\| M] ()—C:\TDSSKiller.2.7.36.0_02.06.2012_17.40.17_log.txt [2012-06-02 17:44:11 \| 000,726,104 \|——\| M] ()—C:\TDSSKiller.2.7.36.0_02.06.2012_17.40.46_log.txt [2012-06-02 18:17:31 \| 000,006,002 \|——\| M] ()—C:\TDSSKiller.2.7.36.0_02.06.2012_18.17.24_log.txt [2012-06-02 18:17:42 \| 000,006,002 \|——\| M] ()—C:\TDSSKiller.2.7.36.0_02.06.2012_18.17.38_log.txt [2012-06-02 20:56:50 \| 000,006,002 \|——\| M] ()—C:\TDSSKiller.2.7.36.0_02.06.2012_20.56.45_log.txt [2010-08-21 12:38:37 \| 003,401,920 \|——\| M] ()—C:\ufoenemyunknown.zip [2012-06-02 17:14:44 \| 000,000,058 \|——\| M] ()—C:\user.js [2010-08-21 15:34:55 \| 000,690,428 \|——\| M] ()—C:\Win7DSFilterTweaker.zip < %systemroot%\system32\.dll /lockedfiles > [2009-07-14 03:15:21 \| 000,462,848 \|——\| M] (Microsoft Corporation) Unable to obtain MD5—C:\Windows\system32\FirewallAPI.dll < %systemroot%\Tasks\.job /lockedfiles > < %systemroot%\system32\drivers\.sys /lockedfiles > < %systemroot%\. /rp /s > < %systemroot%\. /mp /s > < %USERPROFILE%\..\|smtmp;true;true;true /FP > < %systemroot%\System32\config\.sav > < %programfiles%\. > [2010-08-31 20:32:38 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\1C Company [2010-08-21 09:48:35 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\7-Zip [2010-08-21 09:47:50 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\AC3Filter [2011-10-02 12:07:09 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Adobe [2010-11-12 00:39:02 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Adobe Media Player [2010-10-24 11:11:34 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\AG3DBC [2012-03-21 07:13:28 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Apple Software Update [2012-06-02 09:18:09 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\ASlave [2012-06-02 16:59:21 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\AVG Secure Search [2010-08-21 15:44:30 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\AviSynth 2.5 [2011-07-14 19:56:21 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\AVS4YOU [2011-10-06 20:09:13 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\BandiMPEG1 [2010-08-21 09:47:41 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Bass Audio Decoder [2011-05-26 19:36:56 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Bethesda Softworks [2012-06-02 09:19:03 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\BitTorrentBar [2012-03-21 07:15:40 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Bonjour [2010-10-06 17:24:20 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\BoxKing [2012-01-08 15:11:16 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\CCP [2010-08-21 09:48:16 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\CD Audio Reader Filter [2012-06-02 16:59:33 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\CleanTree [2010-12-05 22:19:12 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Combined Community Codec Pack [2011-10-02 13:46:26 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\CombiTech [2012-06-03 11:06:32 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Common Files [2010-09-07 22:58:06 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Conduit [2010-11-27 18:30:28 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\ConduitEngine [2010-09-07 22:52:14 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\coolpro2 [2010-08-21 09:16:13 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Creative [2010-08-21 09:48:37 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\DCoder Image Source [2011-08-04 22:48:50 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\DComSoft [2010-12-07 21:44:12 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\DirectVobSub [2012-05-05 14:30:39 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\DOSBox-0.74 [2011-07-14 19:46:03 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Dream Video Converter Ultimate [2010-08-21 09:47:54 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\DScaler5 [2010-09-07 22:42:45 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\DVDVideoSoft [2010-09-08 00:31:13 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\DVDVideoSoftTB [2011-10-02 12:15:01 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Dyyno [2011-10-02 14:13:29 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Dyyno Broadcaster [2010-09-30 19:25:13 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Edelweiss [2010-08-22 15:46:17 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Enterbrain [2012-06-03 10:59:25 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\ERUNT [2012-05-23 12:04:34 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\ESET [2012-04-08 01:45:30 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\EVEMon [2010-08-21 09:48:31 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\FFMPEG Core Files [2010-09-02 22:31:59 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Firaxis Games [2011-04-23 11:48:17 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Folding@home [2011-07-14 20:42:50 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Freemake [2012-06-02 09:15:09 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\G-Collections [2010-08-21 09:48:14 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Gabest MPEG Splitter [2010-08-28 12:06:13 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\GlobFX [2011-12-03 13:25:07 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Google [2010-08-21 16:02:23 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Haali [2012-06-02 09:13:22 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\HentHighschool [2011-10-02 14:38:57 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\HmelyoffLabs [2011-01-30 15:43:36 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Hotmail & MSN Password Recovery [2010-09-11 19:58:17 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\IDM Computer Solutions [2012-06-02 09:18:42 \| 000,000,000 \| -H-D \| M]—C:\Program Files (x86)\InstallShield Installation Information [2012-04-13 07:22:05 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Internet Explorer [2012-06-02 17:14:44 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Ironsource [2012-03-21 07:17:25 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\iTunes [2012-02-05 18:05:00 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Java [2012-05-14 18:25:09 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\JDownloader [2011-12-08 16:05:08 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\KabodOnline [2012-05-22 00:01:43 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\LogMeIn [2012-06-01 22:34:55 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Malwarebytes’ Anti-Malware [2012-06-01 18:12:47 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\ManyCam [2012-06-01 18:21:13 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Microsoft [2012-02-16 07:19:58 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Microsoft Application Virtualization Client [2010-08-31 20:01:39 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Microsoft Games for Windows - LIVE [2010-09-06 21:09:07 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Microsoft Office [2012-05-11 03:25:16 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Microsoft Silverlight [2010-06-09 21:40:17 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2010-06-09 21:41:11 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Microsoft Sync Framework [2010-08-20 22:35:20 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Microsoft.NET [2010-11-21 12:44:19 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\mIRC [2010-08-21 09:48:18 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\MONOGRAM AMR SplitterDecoder [2012-05-27 17:35:20 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Mozilla Firefox [2009-07-14 07:32:38 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\MSBuild [2011-09-15 06:13:11 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\MSI Afterburner [2010-08-22 08:40:17 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\NCSoft [2010-09-18 02:18:13 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\NeoDownloader [2012-02-23 20:16:42 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Nvidia Corporation [2010-09-11 19:21:16 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Open XML Editor 1.6 [2010-08-21 09:15:56 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\OpenAL [2010-08-21 09:48:15 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\OpenSource AVI Splitter [2010-08-21 09:48:12 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\OpenSource DTSAC3DD+ Source Filter [2010-10-06 17:24:20 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\OPTI [2012-06-02 13:46:18 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Pando Networks [2011-02-17 10:42:53 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Proxifier [2010-08-21 16:03:12 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\PS3 Media Server [2010-08-21 14:46:55 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\PS3 Media Server2 [2010-10-09 10:57:38 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\PS3 Media Server3 [2012-06-03 11:24:47 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\PS3 Media Server3 c [2011-04-30 22:21:47 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\QuickTime [2011-07-14 19:08:43 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\RADVideo [2010-08-21 09:48:11 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\RealMedia [2009-07-14 07:32:38 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Reference Assemblies [2011-04-03 20:06:26 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\RIFT Game [2011-07-07 20:02:21 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Sengoku Rance English [2010-08-21 09:48:19 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\SHOUTcast Source [2012-06-01 21:27:40 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Sikkerhedspakke [2011-10-22 12:55:01 \| 000,000,000 \| R—D \| M]—C:\Program Files (x86)\Skype [2010-12-05 23:01:14 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\SMPlayer [2012-05-23 11:52:16 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Solid YouTube Downloader and Converter DB Toolbar [2011-06-23 20:07:42 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\SpeedFan [2010-09-05 20:41:18 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\SquareEnix [2011-10-22 10:40:38 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\StarCraft II [2010-10-03 11:44:37 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Strategy First [2011-10-28 21:23:20 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Studio e.go! [2010-11-10 16:55:13 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\studioŽ×—ö [2010-12-23 21:50:23 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\TeamViewer Manager 6 [2012-06-01 21:22:23 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Trend Micro [2012-05-05 07:24:04 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Ubisoft [2011-08-30 11:19:30 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Unigine [2012-06-02 17:15:15 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Unlocker [2011-10-02 14:05:37 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Ustream [2010-12-04 11:41:49 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\vghd [2010-10-08 21:38:45 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\VideoLAN [2010-09-07 23:05:05 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Winamp [2010-09-07 23:02:55 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Winamp Detect [2010-08-19 22:13:59 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Windows Defender [2011-12-19 20:06:37 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Windows Live [2010-09-30 19:45:32 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Windows Live Safety Center [2010-06-09 21:39:19 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Windows Live SkyDrive [2011-06-04 12:44:26 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Windows Mail [2011-06-04 12:44:26 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Windows Media Player [2009-07-14 07:32:38 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Windows NT [2011-06-04 12:44:26 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Windows Photo Viewer [2011-06-04 12:44:26 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Windows Portable Devices [2011-06-04 12:44:26 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Windows Sidebar [2010-08-21 12:58:01 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Windows Virtual PC [2010-09-28 19:02:05 \| 000,000,000 \|—-D \| M]—C:\Program Files (x86)\Zoom Player < %systemroot%\assembly\tmp\.* /S /MD5 > < %systemroot%\assembly\GAC_32\. /S /MD5 > [2009-07-14 03:19:59 \| 000,004,608 \|——\| M] () MD5=2CBEAFED3233C20DF11B88DF909CD74F—C:\Windows\assembly\GAC_32\AuditPolicyGPManagedStubs.Interop\6.1.0.0__31bf3856ad364e35\AuditPolicyGPManagedStubs.Interop.dll [2010-11-20 14:32:20 \| 000,238,080 \|——\| M] () MD5=D6D26A698BCCD17AB0761E6221C5F3C4—C:\Windows\assembly\GAC_32\BDATunePIA\6.1.0.0__31bf3856ad364e35\BDATunePIA.dll [2010-11-05 03:57:39 \| 000,069,120 \|——\| M] () MD5=C80DA476BFBAD97D874A0EFE037D7113—C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll [2009-07-14 03:22:13 \| 000,139,264 \|——\| M] () MD5=3723B29BBFE648380ED9B70B164E33A2—C:\Windows\assembly\GAC_32\ehexthost32\6.1.0.0__31bf3856ad364e35\ehexthost32.exe [2009-07-13 23:04:37 \| 000,002,274 \|——\| M] () MD5=C343B566A3B8DA7743C30796BE0A54D7—C:\Windows\assembly\GAC_32\ehexthost32\6.1.0.0__31bf3856ad364e35\ehexthost32.exe.config [2010-11-05 03:57:43 \| 000,072,192 \|——\| M] () MD5=D58D4E4AA8D6146D838BE02500F50B27—C:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll [2010-11-20 14:32:22 \| 000,134,656 \|——\| M] () MD5=7D8676EC6A6ABCF57E1F6CA5372E56EE—C:\Windows\assembly\GAC_32\mcstoredb\6.1.0.0__31bf3856ad364e35\mcstoredb.dll [2009-07-14 09:34:06 \| 000,090,112 \|——\| M] () MD5=103B28283BE4E4A198352623E6A801D3—C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_da_31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.Resources.dll [2010-02-23 12:44:39 \| 000,090,112 \|——\| M] () MD5=7643FE2D5D8DC339868BD4D952E0F385—C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.Resources.dll [2009-07-13 20:46:44 \| 000,090,112 \|——\| M] () MD5=60249CE413EEAFE81D5BF2362AC425DF—C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_ja_31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.Resources.dll [2010-11-20 14:35:58 \| 000,189,952 \|——\| M] () MD5=38D88B9F15909C5EB12543B9ADD60665—C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\6.1.0.0__31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.dll [2010-11-20 14:35:58 \| 000,145,920 \|——\| M] () MD5=7473DCFFD01F73BA2B2621555B02E09A—C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.Interop\2.0.0.0__31bf3856ad364e35\Microsoft.GroupPolicy.Interop.dll [2009-07-14 03:24:14 \| 000,507,904 \|——\| M] () MD5=269691AFEE6C44C52CDCA23C24BDBB0C—C:\Windows\assembly\GAC_32\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Microsoft.Ink.dll [2009-07-14 03:24:28 \| 000,077,824 \|——\| M] () MD5=BB2BB7BFE455562249E922A7AA4493A5—C:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.dll [2009-07-14 03:23:55 \| 000,008,192 \|——\| M] () MD5=79D7E7A3CB56C91FE9030C5EFE2DC13C—C:\Windows\assembly\GAC_32\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop.dll [2010-11-05 03:52:36 \| 000,163,840 \|——\| M] () MD5=059B857CCA35C20F06B5DEBD51C4FB38—C:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll [2009-07-14 03:26:31 \| 000,008,192 \|——\| M] () MD5=FA44A672F1C12791984D9ECAB7DC3177—C:\Windows\assembly\GAC_32\Microsoft.Windows.Diagnosis.SDEngine\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDEngine.dll [2009-06-10 23:14:52 \| 000,087,888 \|——\| M] () MD5=2E5F1CF69F92392F8829FC9C9263AE9B—C:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\MSBuild.exe [2009-06-10 23:14:53 \| 000,001,581 \|——\| M] () MD5=1EA3E30080C0E256C2EF0C621E91C345—C:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\msbuild.exe.config [2009-06-10 23:22:47 \| 000,066,728 \|——\| M] () MD5=C01B81BB10AD14DBC5C4ECD350638096—C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\big5.nlp [2009-06-10 23:22:47 \| 000,082,172 \|——\| M] () MD5=EE1F60F8774D74BED8B13498F3FE737A—C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\bopomofo.nlp [2009-06-10 23:22:58 \| 000,116,756 \|——\| M] () MD5=F6DFDA5A31162D848634504565F6D321—C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\ksc.nlp [2012-01-04 04:50:59 \| 004,550,656 \|——\| M] () MD5=C850A6041F5AEDE21C53514BBE9AB09D—C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll [2009-06-10 23:23:13 \| 000,059,342 \|——\| M] () MD5=DA5748A89E22A3932387E65694B25BBB—C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normidna.nlp [2009-06-10 23:23:13 \| 000,045,794 \|——\| M] () MD5=3831A5E217D6FA828CCE1011DA26E677—C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfc.nlp [2009-06-10 23:23:13 \| 000,039,284 \|——\| M] () MD5=DBDE664E0BA4BACD0A6A04AE2232B205—C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfd.nlp [2009-06-10 23:23:13 \| 000,066,384 \|——\| M] () MD5=C9B88B759FE81D59CE8EBF5A0A8EB75A—C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkc.nlp [2009-06-10 23:23:13 \| 000,060,294 \|——\| M] () MD5=3CAB6AB66759FCDF73B61EE262C9ACF4—C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkd.nlp [2009-06-10 23:23:14 \| 000,083,748 \|——\| M] () MD5=54144F43EDF5AA8F504A30E7C1D1A7B5—C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prc.nlp [2009-06-10 23:23:14 \| 000,083,748 \|——\| M] () MD5=901863C68E6523336CAC602FE9320ABC—C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prcp.nlp [2009-06-10 23:23:17 \| 000,262,148 \|——\| M] () MD5=FB59D247F7143C3B9683A547E808A88B—C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp [2009-06-10 23:23:17 \| 000,020,320 \|——\| M] () MD5=FF13BA175F0013D2311827E0D438C60B—C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp [2009-06-10 23:23:23 \| 000,028,288 \|——\| M] () MD5=09E420F90A329BDA68477FA4AF43CB28—C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\xjis.nlp [2010-11-20 14:36:00 \| 000,046,080 \|——\| M] () MD5=93C4029DABC19166076BE347283AB969—C:\Windows\assembly\GAC_32\napcrypt\6.1.0.0__31bf3856ad364e35\NAPCRYPT.DLL [2010-11-20 14:36:00 \| 000,107,008 \|——\| M] () MD5=E9CFC1884D1E579E82073103827FA62B—C:\Windows\assembly\GAC_32\naphlpr\6.1.0.0__31bf3856ad364e35\NAPHLPR.DLL [2009-07-14 00:04:07 \| 000,000,442 \|——\| M] () MD5=13E4BF7A255D57592EEDBD04A500C09B—C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.0.Microsoft.Ink.config [2009-07-14 03:25:25 \| 000,005,632 \|——\| M] () MD5=608232474C33C71F863B0866E5165C1C—C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.0.Microsoft.Ink.dll [2009-06-10 23:32:22 \| 000,000,494 \|——\| M] () MD5=453626B1A59F62F9A141AC62F4E44E75—C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.config [2009-07-14 03:26:15 \| 000,005,632 \|——\| M] () MD5=2641880E8C12BEE37DDC2813908A2A0F—C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.0.Microsoft.Interop.Security.AzRoles.dll [2009-06-10 23:32:22 \| 000,000,494 \|——\| M] () MD5=453626B1A59F62F9A141AC62F4E44E75—C:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.config [2009-07-14 03:23:30 \| 000,005,632 \|——\| M] () MD5=D6C077082EAA747911C212A9EB64A813—C:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.dll [2009-07-14 00:04:07 \| 000,000,442 \|——\| M] () MD5=13E4BF7A255D57592EEDBD04A500C09B—C:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.7.Microsoft.Ink.config [2009-07-14 03:22:54 \| 000,005,632 \|——\| M] () MD5=331021DA8B00A9ADCDD54B5782943204—C:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.7.Microsoft.Ink.dll [2009-07-14 00:04:08 \| 000,000,442 \|——\| M] () MD5=13E4BF7A255D57592EEDBD04A500C09B—C:\Windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.Ink.config [2009-07-14 03:23:04 \| 000,005,632 \|——\| M] () MD5=B3DB67C90DBBB75BFE110A86E951C2EC—C:\Windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.Ink.dll [2012-02-11 01:31:40 \| 004,218,880 \|——\| M] () MD5=AEDDFD540E3E6BECDB14C30D1F12B78A—C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll [2009-06-10 23:14:51 \| 000,000,161 \|——\| M] () MD5=C0856EC51C8C75B8FDF02C1BBCFE7B93—C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe.config [2012-02-11 01:31:42 \| 001,737,496 \|——\| M] () MD5=DDFBFD8959F32AC0CF3947F36BAC3081—C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll [2010-11-05 03:58:05 \| 000,486,400 \|——\| M] () MD5=ED40D020A6A82748394F1653CE324CE4—C:\Windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll [2010-11-05 03:58:05 \| 002,927,616 \|——\| M] () MD5=35CAB7CF3754C41AEB69DCE1D5ACA5A4—C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll [2010-11-05 03:58:08 \| 000,258,048 \|——\| M] () MD5=6DB969DF540BC71722848940D180AC08—C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll [2010-11-20 06:12:59 \| 000,113,664 \|——\| M] () MD5=C865DC05ADE0B41A9E14DD585E0CDF94—C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll [2012-02-11 01:31:41 \| 000,372,736 \|——\| M] () MD5=A151947AD131A883870A6174CACF423B—C:\Windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll [2009-06-10 23:23:19 \| 000,261,632 \|——\| M] () MD5=5F3F1BF5F5B43293953FC915845910C4—C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll [2011-12-25 22:42:15 \| 005,255,168 \|——\| M] () MD5=7D2B8E2CE3EF2DC633689F1E1F4A7504—C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll < %systemroot%\assembly\GAC_64\. /S /MD5 > [2009-07-14 03:46:07 \| 000,004,608 \|——\| M] () MD5=72A9C3F3B78CA92C93E78A46B3D73A7B—C:\Windows\assembly\GAC_64\AuditPolicyGPManagedStubs.Interop\6.1.0.0__31bf3856ad364e35\AuditPolicyGPManagedStubs.Interop.dll [2010-11-20 15:39:41 \| 000,249,344 \|——\| M] () MD5=0EB9F2F8649FC0DE0DB55AFF18093E1C—C:\Windows\assembly\GAC_64\BDATunePIA\6.1.0.0__31bf3856ad364e35\BDATunePIA.dll [2010-11-05 03:56:37 \| 000,080,896 \|——\| M] () MD5=28D0AAEB2F5D05629B287E3534FCAFB3—C:\Windows\assembly\GAC_64\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll [2010-11-05 03:56:43 \| 000,089,600 \|——\| M] () MD5=8658D501224F8EAA18BCF8104F07AA29—C:\Windows\assembly\GAC_64\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll [2010-11-20 15:44:11 \| 000,139,264 \|——\| M] () MD5=D32088C67317F5B64C13352E6EB5FFB1—C:\Windows\assembly\GAC_64\mcstoredb\6.1.0.0__31bf3856ad364e35\mcstoredb.dll [2010-11-20 15:44:11 \| 000,198,656 \|——\| M] () MD5=073C37CEFEB4D5CD86646171C5D999F2—C:\Windows\assembly\GAC_64\mcupdate\6.1.0.0__31bf3856ad364e35\mcupdate.exe [2010-11-20 15:44:11 \| 000,133,120 \|——\| M] () MD5=948ECE6043513473FF26B6A43DCD67C8—C:\Windows\assembly\GAC_64\Mcx2Dvcs\6.1.0.0__31bf3856ad364e35\Mcx2Dvcs.dll [2009-07-14 09:34:06 \| 000,090,112 \|——\| M] () MD5=46335DAD18719B1E83937397228FBB4F—C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_da_31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.Resources.dll [2010-02-23 12:44:39 \| 000,090,112 \|——\| M] () MD5=36FC4413674DEE77D586535E7075ACB4—C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.Resources.dll [2009-07-13 19:23:00 \| 000,090,112 \|——\| M] () MD5=2FBBC5E37B3EB4EB88924124FB9A66BB—C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_ja_31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.Resources.dll [2010-11-20 15:44:11 \| 000,196,096 \|——\| M] () MD5=6E1F814CEEFC54E14DDBA66415823CFE—C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor\6.1.0.0__31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.dll [2010-11-20 15:44:11 \| 000,151,040 \|——\| M] () MD5=63A87E4AEF8F906BABEF2612C2A00586—C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.Interop\2.0.0.0__31bf3856ad364e35\Microsoft.GroupPolicy.Interop.dll [2009-07-14 03:51:37 \| 000,507,904 \|——\| M] () MD5=80BC35C4CA953CCACFECEE0EDBA14F5A—C:\Windows\assembly\GAC_64\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Microsoft.Ink.dll [2009-07-14 03:51:13 \| 000,077,824 \|——\| M] () MD5=ADE7BDD9DFFFB5A965DF204114F36951—C:\Windows\assembly\GAC_64\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.dll [2011-08-17 07:28:23 \| 000,315,392 \|——\| M] () MD5=063FDD306A93B988CBEC9C6987EB2960—C:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Interop.dll [2010-11-20 15:44:11 \| 000,147,968 \|——\| M] () MD5=9453A71711D51C31DD607EC19CA604B0—C:\Windows\assembly\GAC_64\Microsoft.MediaCenter.iTV.Media\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.iTV.Media.dll [2010-11-20 15:44:11 \| 000,056,320 \|——\| M] () MD5=6B365422C9E1417C9C99FD1234C42F48—C:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Mheg\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Mheg.dll [2010-11-20 15:44:11 \| 000,114,688 \|——\| M] () MD5=2920CBCE0700F34AC9E27423CBD87798—C:\Windows\assembly\GAC_64\Microsoft.MediaCenter.Playback\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Playback.dll [2010-11-20 15:44:12 \| 000,327,168 \|——\| M] () MD5=2288CBDEBF5D78E0CB9158D251DE4016—C:\Windows\assembly\GAC_64\Microsoft.MediaCenter.TV.Tuners.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.TV.Tuners.Interop.dll [2009-07-14 03:48:19 \| 000,008,192 \|——\| M] () MD5=0B61293239545BDB5CF2EF7208F225DA—C:\Windows\assembly\GAC_64\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop.dll [2010-11-05 03:52:15 \| 000,163,840 \|——\| M] () MD5=DAC8353CA6D1919C7FF87C00672FBF2E—C:\Windows\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll [2009-07-14 03:49:27 \| 000,008,192 \|——\| M] () MD5=6790FBD2C832CBB26A694E1046F7F2BA—C:\Windows\assembly\GAC_64\Microsoft.Windows.Diagnosis.SDEngine\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDEngine.dll [2010-11-20 15:39:46 \| 000,019,968 \|——\| M] () MD5=DBE659C5CE6689D009D9414CB27FD110—C:\Windows\assembly\GAC_64\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop\6.1.0.0__31bf3856ad364e35\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.dll [2010-11-05 03:53:34 \| 000,083,792 \|——\| M] () MD5=15885A86E87CC4291EF628E4F8A9BD6D—C:\Windows\assembly\GAC_64\MSBuild\3.5.0.0__b03f5f7f11d50a3a\MSBuild.exe [2009-06-10 22:31:02 \| 000,001,581 \|——\| M] () MD5=1EA3E30080C0E256C2EF0C621E91C345—C:\Windows\assembly\GAC_64\MSBuild\3.5.0.0__b03f5f7f11d50a3a\msbuild.exe.config [2009-06-10 22:39:44 \| 000,066,728 \|——\| M] () MD5=C01B81BB10AD14DBC5C4ECD350638096—C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\big5.nlp [2009-06-10 22:39:44 \| 000,082,172 \|——\| M] () MD5=EE1F60F8774D74BED8B13498F3FE737A—C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\bopomofo.nlp [2009-06-10 22:39:54 \| 000,116,756 \|——\| M] () MD5=F6DFDA5A31162D848634504565F6D321—C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\ksc.nlp [2012-01-04 05:34:35 \| 004,567,040 \|——\| M] () MD5=12E5EDB59F4FE680B7AD9ADC8E2C17D3—C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll [2009-06-10 22:40:01 \| 000,059,342 \|——\| M] () MD5=DA5748A89E22A3932387E65694B25BBB—C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\normidna.nlp [2009-06-10 22:40:01 \| 000,045,794 \|——\| M] () MD5=3831A5E217D6FA828CCE1011DA26E677—C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\normnfc.nlp [2009-06-10 22:40:01 \| 000,039,284 \|——\| M] () MD5=DBDE664E0BA4BACD0A6A04AE2232B205—C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\normnfd.nlp [2009-06-10 22:40:01 \| 000,066,384 \|——\| M] () MD5=C9B88B759FE81D59CE8EBF5A0A8EB75A—C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\normnfkc.nlp [2009-06-10 22:40:01 \| 000,060,294 \|——\| M] () MD5=3CAB6AB66759FCDF73B61EE262C9ACF4—C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\normnfkd.nlp [2009-06-10 22:40:01 \| 000,083,748 \|——\| M] () MD5=54144F43EDF5AA8F504A30E7C1D1A7B5—C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\prc.nlp [2009-06-10 22:40:01 \| 000,083,748 \|——\| M] () MD5=901863C68E6523336CAC602FE9320ABC—C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\prcp.nlp [2009-06-10 22:40:02 \| 000,262,148 \|——\| M] () MD5=FB59D247F7143C3B9683A547E808A88B—C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp [2009-06-10 22:40:02 \| 000,020,320 \|——\| M] () MD5=FF13BA175F0013D2311827E0D438C60B—C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp [2009-06-10 22:40:10 \| 000,028,288 \|——\| M] () MD5=09E420F90A329BDA68477FA4AF43CB28—C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\xjis.nlp [2010-11-20 15:44:12 \| 000,050,176 \|——\| M] () MD5=E0773633E4193B183FB396192581BD86—C:\Windows\assembly\GAC_64\napcrypt\6.1.0.0__31bf3856ad364e35\NAPCRYPT.DLL [2010-11-20 15:44:13 \| 000,133,632 \|——\| M] () MD5=A302DA1404664CEF1D416ED4DE49EA2B—C:\Windows\assembly\GAC_64\naphlpr\6.1.0.0__31bf3856ad364e35\NAPHLPR.DLL [2009-06-10 22:51:13 \| 000,000,494 \|——\| M] () MD5=453626B1A59F62F9A141AC62F4E44E75—C:\Windows\assembly\GAC_64\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.config [2009-07-14 03:52:10 \| 000,005,120 \|——\| M] () MD5=C3554C9F9650380CD6A292CD5E7F02C6—C:\Windows\assembly\GAC_64\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.0.Microsoft.Interop.Security.AzRoles.dll [2009-06-10 22:51:13 \| 000,000,494 \|——\| M] () MD5=453626B1A59F62F9A141AC62F4E44E75—C:\Windows\assembly\GAC_64\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.config [2009-07-14 03:50:32 \| 000,005,120 \|——\| M] () MD5=265830B968EC5512E923C5482A5F5EEB—C:\Windows\assembly\GAC_64\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.dll [2009-07-13 23:54:48 \| 000,000,442 \|——\| M] () MD5=13E4BF7A255D57592EEDBD04A500C09B—C:\Windows\assembly\GAC_64\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.Ink.config [2009-07-14 03:50:49 \| 000,005,120 \|——\| M] () MD5=6162FCE93CE4C29318C179E457CFE656—C:\Windows\assembly\GAC_64\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.Ink.dll [2012-02-11 01:29:43 \| 003,998,208 \|——\| M] () MD5=C264145F107437CBD3B30303733AEE4F—C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll [2009-06-10 22:30:59 \| 000,000,161 \|——\| M] () MD5=C0856EC51C8C75B8FDF02C1BBCFE7B93—C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe.config [2012-02-11 01:29:45 \| 002,256,152 \|——\| M] () MD5=C8541AECCCA9260DE93C85F214110FA8—C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll [2010-11-05 03:56:58 \| 000,502,272 \|——\| M] () MD5=2D8090F04B14059E23FE68F9FF3E318C—C:\Windows\assembly\GAC_64\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll [2010-11-05 03:56:58 \| 003,095,552 \|——\| M] () MD5=98D53BB2DB8E11762D30C3CF41FA140B—C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll [2010-11-05 03:57:00 \| 000,245,760 \|——\| M] () MD5=B395F8BE6E578FAB80A1D568911857D7—C:\Windows\assembly\GAC_64\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll [2010-11-05 03:57:02 \| 000,133,120 \|——\| M] () MD5=D9C192B9CD25DC5C9C05DF98C945E3F1—C:\Windows\assembly\GAC_64\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll [2012-02-11 01:29:44 \| 000,358,912 \|——\| M] () MD5=02DD476B37E663BBBB81C47F4AF45C78—C:\Windows\assembly\GAC_64\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll [2009-06-10 22:40:06 \| 000,283,136 \|——\| M] () MD5=E4806AC8BE2D890193252D4BEE7EA95C—C:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll [2011-12-25 22:40:47 \| 005,263,360 \|——\| M] () MD5=5566D4BABE2900CDB906F470F098188B—C:\Windows\assembly\GAC_64\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll < %SystemRoot%\assembly\GAC_MSIL\. /S /MD5 > [2009-06-10 23:22:40 \| 000,010,752 \|——\| M] () MD5=7E8C840853FB6EBD5CC16D3C10C7C127—C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll [2010-11-05 03:52:35 \| 000,165,720 \|——\| M] () MD5=501E961FEEBBDE040FB836CB5DE122C2—C:\Windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe [2009-06-10 23:22:50 \| 000,013,312 \|——\| M] () MD5=AAD128271C76C6596E69CFA81D765C2C—C:\Windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll [2009-06-10 23:22:50 \| 000,005,120 \|——\| M] () MD5=BA86FDE9C3B5BD2FF5EA7A99BF648E82—C:\Windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe [2010-11-20 14:32:20 \| 000,094,208 \|——\| M] () MD5=3AC3967EB34A432332FF4E2D971397E8—C:\Windows\assembly\GAC_MSIL\ehCIR\6.1.0.0__31bf3856ad364e35\ehCIR.dll [2010-11-20 14:32:20 \| 000,143,360 \|——\| M] () MD5=7F404ED2BAD3365F1A6452DBE40024FD—C:\Windows\assembly\GAC_MSIL\ehexthost\6.1.0.0__31bf3856ad364e35\ehexthost.exe [2009-07-13 23:04:37 \| 000,002,274 \|——\| M] () MD5=C343B566A3B8DA7743C30796BE0A54D7—C:\Windows\assembly\GAC_MSIL\ehexthost\6.1.0.0__31bf3856ad364e35\ehexthost.exe.config [2009-07-14 03:46:13 \| 000,015,872 \|——\| M] () MD5=CC471B699BEF83A45837119601B70B78—C:\Windows\assembly\GAC_MSIL\ehiActivScp\6.1.0.0__31bf3856ad364e35\ehiActivScp.dll [2009-07-14 03:46:13 \| 000,011,776 \|——\| M] () MD5=357EB8AECD2A0F8BD6DB22485DDDE5B9—C:\Windows\assembly\GAC_MSIL\ehiBmlDataCarousel\6.1.0.0__31bf3856ad364e35\ehiBmlDataCarousel.dll [2009-07-14 03:20:15 \| 000,077,824 \|——\| M] () MD5=598383C42098DF7D0FFD61F459B6CBAF—C:\Windows\assembly\GAC_MSIL\ehiExtens\6.1.0.0__31bf3856ad364e35\ehiExtens.dll [2009-07-14 03:46:06 \| 000,040,960 \|——\| M] () MD5=7CDDCF15C57641475340FEDEE86D69DE—C:\Windows\assembly\GAC_MSIL\ehiiTV\6.1.0.0__31bf3856ad364e35\ehiiTV.dll [2010-11-20 14:32:20 \| 000,172,032 \|——\| M] () MD5=3B813FB741DF5CD45EB4EA36AE0F83B3—C:\Windows\assembly\GAC_MSIL\ehiProxy\6.1.0.0__31bf3856ad364e35\ehiProxy.dll [2009-07-14 03:46:06 \| 000,086,016 \|——\| M] () MD5=712FF5DB0DAC5697ABCA9AC6472EAC8B—C:\Windows\assembly\GAC_MSIL\ehiTVMSMusic\6.1.0.0__31bf3856ad364e35\ehiTVMSMusic.dll [2009-07-14 03:46:06 \| 000,006,144 \|——\| M] () MD5=7F93BA47D13A831EBC7AE6EA6B7C7EFF—C:\Windows\assembly\GAC_MSIL\ehiUPnP\6.1.0.0__31bf3856ad364e35\ehiUPnP.dll [2009-07-14 03:20:38 \| 000,032,768 \|——\| M] () MD5=62F20E48B43B44D9C6E9B4CF08FB120D—C:\Windows\assembly\GAC_MSIL\ehiUserXp\6.1.0.0__31bf3856ad364e35\ehiUserXp.dll [2009-07-14 03:20:51 \| 000,335,872 \|——\| M] () MD5=DB2189BF0B4D192F70605F50EC30037B—C:\Windows\assembly\GAC_MSIL\ehiVidCtl\6.1.0.0__31bf3856ad364e35\ehiVidCtl.dll [2009-07-14 03:21:00 \| 000,143,360 \|——\| M] () MD5=391EF4FF1EF376B4408C0DEFE2041DBF—C:\Windows\assembly\GAC_MSIL\ehiwmp\6.1.0.0__31bf3856ad364e35\ehiwmp.dll [2009-07-14 03:22:59 \| 000,086,016 \|——\| M] () MD5=82A5798BD1A2FE8678A51CC9CE493F7F—C:\Windows\assembly\GAC_MSIL\ehiWUapi\6.1.0.0__31bf3856ad364e35\ehiWUapi.dll [2010-11-20 14:32:21 \| 000,196,608 \|——\| M] () MD5=641443B48D34539ED0F58C1FC3A379F0—C:\Windows\assembly\GAC_MSIL\ehRecObj\6.1.0.0__31bf3856ad364e35\ehRecObj.dll [2010-11-20 14:32:21 \| 006,307,840 \|——\| M] () MD5=89AFF2261ECF21647B126E596675E302—C:\Windows\assembly\GAC_MSIL\ehshell\6.1.0.0__31bf3856ad364e35\ehshell.dll [2009-07-14 09:33:45 \| 000,008,704 \|——\| M] () MD5=1A3830615313C3728A7B322316E9F6F7—C:\Windows\assembly\GAC_MSIL\EventViewer.Resources\6.1.0.0_da_31bf3856ad364e35\EventViewer.resources.dll [2010-11-20 14:19:48 \| 000,008,192 \|——\| M] () MD5=D7081D68005C975549685E8BF129794E—C:\Windows\assembly\GAC_MSIL\EventViewer.Resources\6.1.0.0_en_31bf3856ad364e35\EventViewer.resources.dll [2010-11-20 14:14:19 \| 000,009,728 \|——\| M] () MD5=965D170E7198E4A6B20FF61B663C2E0F—C:\Windows\assembly\GAC_MSIL\EventViewer.Resources\6.1.0.0_ja_31bf3856ad364e35\EventViewer.resources.dll [2010-11-20 14:32:20 \| 000,368,640 \|——\| M] () MD5=F046EB4BBFC631D178C6DF20819C1DE5—C:\Windows\assembly\GAC_MSIL\EventViewer\6.1.0.0__31bf3856ad364e35\EventViewer.dll [2009-06-10 23:22:54 \| 000,008,192 \|——\| M] () MD5=96D9E7E468D537443DE037A7E15CB804—C:\Windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll [2009-06-10 23:22:55 \| 000,077,824 \|——\| M] () MD5=AF29AA7F2F613951A9E913B4290B2ECE—C:\Windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll [2009-06-10 23:22:55 \| 000,006,656 \|——\| M] () MD5=D051642D0ED61E2886FD8917E8B6FAFD—C:\Windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll [2009-07-14 03:50:20 \| 000,106,496 \|——\| M] () MD5=F76D606A61706863C800159442F3E9DA—C:\Windows\assembly\GAC_MSIL\loadmxf\6.1.0.0__31bf3856ad364e35\loadmxf.exe [2010-11-20 15:44:11 \| 000,741,376 \|——\| M] () MD5=F3A7B22F00F8E2F9383338BF4FF4F786—C:\Windows\assembly\GAC_MSIL\mcepg\6.1.0.0__31bf3856ad364e35\mcepg.dll [2009-07-14 03:47:33 \| 000,053,248 \|——\| M] () MD5=49F7D995FB172163A378CFAD66296694—C:\Windows\assembly\GAC_MSIL\MCESidebarCtrl\6.1.0.0__31bf3856ad364e35\MCESidebarCtrl.dll [2009-07-14 03:47:44 \| 000,118,784 \|——\| M] () MD5=32169C979FCC2937779F1299C26FFE0A—C:\Windows\assembly\GAC_MSIL\mcglidhostobj\6.1.0.0__31bf3856ad364e35\mcglidhostobj.dll [2010-11-20 15:44:11 \| 000,207,872 \|——\| M] () MD5=C97FCB65C600CBE7A78C409DC10736FE—C:\Windows\assembly\GAC_MSIL\mcplayerinterop\6.1.0.0__31bf3856ad364e35\mcplayerinterop.dll [2010-11-20 14:32:22 \| 000,638,976 \|——\| M] () MD5=F338EC894AA0CE005156B4AB2FF77CCC—C:\Windows\assembly\GAC_MSIL\mcstore\6.1.0.0__31bf3856ad364e35\mcstore.dll [2009-07-14 09:34:06 \| 000,012,800 \|——\| M] () MD5=39FC8C6500AB3B226A42C070E6017479—C:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.Framework.Resources\6.1.0.0_da_31bf3856ad364e35\Microsoft.ApplicationId.Framework.Resources.dll [2010-11-20 15:16:44 \| 000,012,800 \|——\| M] () MD5=FB004F165A205E4B26EB1D71B4F22A95—C:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.Framework.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.ApplicationId.Framework.Resources.dll [2009-07-13 19:22:50 \| 000,024,576 \|——\| M] () MD5=5FEE4FBE23D660478E9A669612895143—C:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.Framework.Resources\6.1.0.0_ja_31bf3856ad364e35\Microsoft.ApplicationId.Framework.Resources.dll [2010-11-20 15:44:11 \| 000,126,976 \|——\| M] () MD5=2BBAE1D2218F1AC0C0EE39157AEE76CB -
[ Ignorer ] [ # 22 ] 2903jb
03.06.2012 16:32:49 Antal indlæg: 22	[2010-11-20 15:16:44 \| 000,006,656 \|——\| M] () MD5=4EE82A35CC556EEDB20A06868A09BE68—C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.Resources.dll [2009-07-13 19:23:04 \| 000,007,168 \|——\| M] () MD5=52D2EACAB512E24B081BCCB79F1A69DD—C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.Resources\6.1.0.0_ja_31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.Resources.dll [2009-07-14 03:48:10 \| 000,061,440 \|——\| M] () MD5=DDB5C74320B6C49006CC96FF07766B56—C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel\6.1.0.0__31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.dll [2009-07-14 03:48:16 \| 000,012,800 \|——\| M] () MD5=1BE953940BFFF10AC6D90410E05EE274—C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.XmlHelper\6.1.0.0__31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.XmlHelper.dll [2009-07-14 09:34:06 \| 000,159,744 \|——\| M] () MD5=FB394ADEE51EE06B1DD89ED0AD05CEAC—C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.resources\6.1.0.0_da_31bf3856ad364e35\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.resources.dll [2010-02-23 12:44:39 \| 000,159,744 \|——\| M] () MD5=AB1789BD3E34FC06B60B9E048D411763—C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.resources.dll [2010-11-20 15:14:52 \| 000,159,744 \|——\| M] () MD5=3B6DAB6CC2AE48875DCBE4169F883950—C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.resources\6.1.0.0_ja_31bf3856ad364e35\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.resources.dll [2010-11-20 15:44:12 \| 000,679,936 \|——\| M] () MD5=7BF39A90FD550D68E7704ADE65924D51—C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard\6.1.0.0__31bf3856ad364e35\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.dll [2009-07-14 09:33:52 \| 000,073,728 \|——\| M] () MD5=071F79D50305F4303F672467AFC59774—C:\Windows\assembly\GAC_MSIL\Microsoft.Tpm.Resources\6.1.0.0_da_31bf3856ad364e35\microsoft.tpm.resources.dll [2010-02-23 12:44:30 \| 000,073,728 \|——\| M] () MD5=AD97A4CA111C67B9CC070DD073776B3B—C:\Windows\assembly\GAC_MSIL\Microsoft.Tpm.Resources\6.1.0.0_en_31bf3856ad364e35\microsoft.tpm.resources.dll [2009-07-13 19:23:04 \| 000,081,920 \|——\| M] () MD5=0188DDD1B1219CA88F4261924FC3442A—C:\Windows\assembly\GAC_MSIL\Microsoft.Tpm.Resources\6.1.0.0_ja_31bf3856ad364e35\microsoft.tpm.resources.dll [2009-07-14 03:48:24 \| 000,192,512 \|——\| M] () MD5=05DD252C92F92A1CFCFF84903D0225B6—C:\Windows\assembly\GAC_MSIL\Microsoft.Tpm\6.1.0.0__31bf3856ad364e35\Microsoft.Tpm.dll [2009-07-14 09:34:02 \| 000,005,120 \|——\| M] () MD5=6E74DF62AE1E5DBF942FC8A30BB77AA0—C:\Windows\assembly\GAC_MSIL\microsoft.transactions.bridge.dtc.resources\3.0.0.0_da_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll [2009-06-08 10:39:42 \| 000,005,120 \|——\| M] () MD5=76FDA702A53E405541482679A47EEF1E—C:\Windows\assembly\GAC_MSIL\microsoft.transactions.bridge.dtc.resources\3.0.0.0_ja_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.Resources.dll [2009-07-14 09:34:02 \| 000,028,672 \|——\| M] () MD5=2B4C6767C76D9F407673945630EDDB7B—C:\Windows\assembly\GAC_MSIL\microsoft.transactions.bridge.resources\3.0.0.0_da_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll [2010-11-05 04:00:16 \| 000,032,768 \|——\| M] () MD5=A94C92C04F3CDE3D7B1C8F3799E57C74—C:\Windows\assembly\GAC_MSIL\microsoft.transactions.bridge.resources\3.0.0.0_ja_b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Resources.dll [2009-06-10 23:14:03 \| 000,397,312 \|——\| M] () MD5=130FF58B6245F78097E7619EFB61CDD2—C:\Windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll [2009-07-14 09:33:44 \| 000,008,704 \|——\| M] () MD5=0153FC86AA5045F1BB14791A5DAB3007—C:\Windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_da_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll [2009-06-10 14:14:58 \| 000,009,728 \|——\| M] () MD5=0DF76AB56F674BBBE19ECC267D27A252—C:\Windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.data.resources\8.0.0.0_ja_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.resources.dll [2009-06-10 23:23:03 \| 000,110,592 \|——\| M] () MD5=A070FD9509392CEB84A3ED8F8A42A504—C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll [2009-07-14 09:33:48 \| 000,009,216 \|——\| M] () MD5=3A3AD3AB0D4A2F645E6DA84FCAD5C3D7—C:\Windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_da_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll [2009-06-10 14:14:58 \| 000,010,240 \|——\| M] () MD5=4BDD23805480FAA8FBBAA216CED2CC4E—C:\Windows\assembly\GAC_MSIL\microsoft.visualbasic.compatibility.resources\8.0.0.0_ja_b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.resources.dll [2010-11-05 03:57:46 \| 000,372,736 \|——\| M] () MD5=B424A0AF636B1D3DAE3A664285EF9795—C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll [2009-07-14 09:33:45 \| 000,057,344 \|——\| M] () MD5=5F11AB5A7BEE941540F9E985C6FC7ACA—C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_da_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll [2009-06-10 14:11:14 \| 000,065,536 \|——\| M] () MD5=877EA0582FE0C994F21530F9E126C179—C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.resources\8.0.0.0_ja_b03f5f7f11d50a3a\Microsoft.VisualBasic.resources.dll [2009-06-10 23:23:04 \| 000,028,672 \|——\| M] () MD5=A5B5F03020C0A01276801CF2C807FF8C—C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll [2010-11-05 03:57:46 \| 000,610,304 \|——\| M] () MD5=DF1F3AFE18D254F759BB1A000B811C15—C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll [2009-06-10 23:14:40 \| 000,041,984 \|——\| M] () MD5=DD26812B72AF01116F7A1DDD4FA21E49—C:\Windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll [2009-06-10 23:23:04 \| 000,005,632 \|——\| M] () MD5=BBAEF0C6E310A25D3BCCAA2ADC538F82—C:\Windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll [2009-06-10 23:23:04 \| 000,012,800 \|——\| M] () MD5=71C2F1A0F8FFD6D017F039AC023DE81C—C:\Windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll [2009-06-10 23:23:04 \| 000,032,768 \|——\| M] () MD5=45F2E4914DDCDA6F468D99FAA91911F2—C:\Windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll [2009-07-14 09:33:59 \| 000,004,096 \|——\| M] () MD5=E935C47D0C44352C7D6525A1325ABED3—C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.resources.dll [2010-11-20 15:14:52 \| 000,004,096 \|——\| M] () MD5=E7788F7A9D183CA1F5C70BF950418479—C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.Resources\1.0.0.0_ja_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.resources.dll [2009-07-14 03:51:58 \| 000,009,728 \|——\| M] () MD5=4D851ACFD99800153B512F98DE8EE53F—C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.GetDiagInput\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.dll [2009-07-14 09:33:59 \| 000,004,096 \|——\| M] () MD5=3CC03A1C2E1969B4EF4659D07A955BD5—C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.resources.dll [2010-11-20 15:14:52 \| 000,004,096 \|——\| M] () MD5=2316C7315906E39A5399B1957BBC3E2A—C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.Resources\1.0.0.0_ja_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.resources.dll [2009-07-14 03:49:05 \| 000,010,752 \|——\| M] () MD5=22C1F179C2141626AF5AA4EE3B466F70—C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.dll [2009-07-14 09:33:59 \| 000,004,096 \|——\| M] () MD5=83CB16FC8537B2D0A47A0D7728074CF7—C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.resources.dll [2009-07-13 19:23:06 \| 000,004,096 \|——\| M] () MD5=BF96E8FD6853DD89FE55F87C79495236—C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.Resources\1.0.0.0_ja_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.resources.dll [2009-07-14 03:49:19 \| 000,009,216 \|——\| M] () MD5=3E54B66D932C3B9ACF9A85DCBCB9012A—C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.dll [2009-07-14 09:33:59 \| 000,004,096 \|——\| M] () MD5=C7B89E6373CAA6563CC190AF83AB8189—C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.resources.dll [2010-11-20 15:14:52 \| 000,004,096 \|——\| M] () MD5=04B0107B50FDB0D179CDCA833D4575A5—C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.Resources\1.0.0.0_ja_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.resources.dll [2009-07-14 03:49:36 \| 000,008,192 \|——\| M] () MD5=46F52892AE2A9F422A992E67109C26B3—C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.dll [2010-11-20 15:42:17 \| 000,004,096 \|——\| M] () MD5=D85C9F0CC640F5634CE1C574C8FE7980—C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.SDHost.Resources\1.0.0.0_da_31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDHost.resources.dll [2010-11-20 15:16:44 \| 000,004,096 \|——\| M] () MD5=4F99E7FCEBE740F038392F993D910CAE—C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.SDHost.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDHost.resources.dll [2010-11-20 15:14:52 \| 000,004,096 \|——\| M] () MD5=5A5732BD361A86177E8A136620360F70—C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.SDHost.Resources\1.0.0.0_ja_31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDHost.resources.dll [2009-07-14 03:49:35 \| 000,024,576 \|——\| M] () MD5=D63EFE70138DD63ED305547E154185DB—C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.SDHost\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDHost.dll [2009-07-14 09:33:59 \| 000,006,656 \|——\| M] () MD5=332AB4925318F2B2CA3E6D31D69BBA74—C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.TroubleshootingPack.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.Windows.Diagnosis.TroubleshootingPack.resources.dll [2010-11-20 15:14:52 \| 000,007,168 \|——\| M] () MD5=B2F6F4A5D6ABED576A382041BFD7F015—C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.TroubleshootingPack.Resources\6.1.0.0_ja_31bf3856ad364e35\Microsoft.Windows.Diagnosis.TroubleshootingPack.resources.dll [2009-07-14 03:49:35 \| 000,049,152 \|——\| M] () MD5=C7266BF807067847FE533B5130F3476E—C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.TroubleshootingPack\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.TroubleshootingPack.dll [2009-07-14 09:33:59 \| 000,013,824 \|——\| M] () MD5=DD6902F80F16E9EBDC289FFB376F921A—C:\Windows\assembly\GAC_MSIL\Microsoft.WSMan.Management.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.WSMan.Management.resources.dll [2010-11-20 15:14:53 \| 000,016,896 \|——\| M] () MD5=29312FD245BD1B53D2B41B9D546F237F—C:\Windows\assembly\GAC_MSIL\Microsoft.WSMan.Management.Resources\1.0.0.0_ja_31bf3856ad364e35\Microsoft.WSMan.Management.resources.dll [2010-11-20 15:44:12 \| 000,286,720 \|——\| M] () MD5=045923382F35E9C922AC8693F1240645—C:\Windows\assembly\GAC_MSIL\Microsoft.WSMan.Management\1.0.0.0__31bf3856ad364e35\Microsoft.WSMan.Management.dll [2009-07-14 03:49:51 \| 000,007,168 \|——\| M] () MD5=FD9DC207646A40F715B2E3FA12FF8B2F—C:\Windows\assembly\GAC_MSIL\Microsoft.WSMan.Runtime\1.0.0.0__31bf3856ad364e35\Microsoft.WSMan.Runtime.dll [2009-06-10 23:23:04 \| 000,007,168 \|——\| M] () MD5=E5640EF09DA87B03E78F18F850CFF728—C:\Windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll [2009-07-14 09:33:52 \| 001,556,480 \|——\| M] () MD5=FB5A76620E88AF0C1260DE1C33A8B3D2—C:\Windows\assembly\GAC_MSIL\MiguiControls.Resources\1.0.0.0_da_31bf3856ad364e35\MIGUIControls.resources.dll [2010-02-23 12:44:30 \| 001,552,384 \|——\| M] () MD5=5D85FA66189E6832466C8DEE97CA8C3F—C:\Windows\assembly\GAC_MSIL\MiguiControls.Resources\1.0.0.0_en_31bf3856ad364e35\MIGUIControls.resources.dll [2009-07-13 20:47:04 \| 001,724,416 \|——\| M] () MD5=7409E059A518B1BC82480817081CF8CD—C:\Windows\assembly\GAC_MSIL\MiguiControls.Resources\1.0.0.0_ja_31bf3856ad364e35\MIGUIControls.resources.dll [2010-11-20 14:36:00 \| 003,416,064 \|——\| M] () MD5=CD35B1936F50990D1FCEAE31E2D1553F—C:\Windows\assembly\GAC_MSIL\MiguiControls\1.0.0.0__31bf3856ad364e35\MIGUIControls.dll [2009-07-14 09:33:47 \| 000,036,864 \|——\| M] () MD5=71216C4974A358E91FC2B0C5DD5D9E56—C:\Windows\assembly\GAC_MSIL\MMCEx.Resources\3.0.0.0_da_31bf3856ad364e35\MMCEx.Resources.dll [2010-11-20 14:19:49 \| 000,036,864 \|——\| M] () MD5=E5956455F8A07B174CF146247EC6315E—C:\Windows\assembly\GAC_MSIL\MMCEx.Resources\3.0.0.0_en_31bf3856ad364e35\MMCEx.Resources.dll [2010-11-20 14:14:19 \| 000,040,960 \|——\| M] () MD5=58F4461D14CA48DE37D7ECBDDF67AA9D—C:\Windows\assembly\GAC_MSIL\MMCEx.Resources\3.0.0.0_ja_31bf3856ad364e35\MMCEx.Resources.dll [2009-07-14 03:26:50 \| 000,421,888 \|——\| M] () MD5=A9D4275CE5EA165C267AE05A6821CB54—C:\Windows\assembly\GAC_MSIL\MMCEx\3.0.0.0__31bf3856ad364e35\MMCEx.dll [2010-11-20 14:54:26 \| 000,004,096 \|——\| M] () MD5=B94763A1FC4F66A83C2D2156C8A16557—C:\Windows\assembly\GAC_MSIL\MMCFxCommon.Resources\3.0.0.0_da_31bf3856ad364e35\MMCFxCommon.Resources.dll [2010-11-20 14:19:49 \| 000,004,096 \|——\| M] () MD5=930887F063E075C31E38E435F9C3D94C—C:\Windows\assembly\GAC_MSIL\MMCFxCommon.Resources\3.0.0.0_en_31bf3856ad364e35\MMCFxCommon.Resources.dll [2009-07-13 20:46:54 \| 000,004,608 \|——\| M] () MD5=A3D1EC4137C8951243A01AEDF6541926—C:\Windows\assembly\GAC_MSIL\MMCFxCommon.Resources\3.0.0.0_ja_31bf3856ad364e35\MMCFxCommon.Resources.dll [2009-07-14 03:26:07 \| 000,110,592 \|——\| M] () MD5=E72BF459A519312B4FF7F3FA8A85BA13—C:\Windows\assembly\GAC_MSIL\MMCFxCommon\3.0.0.0__31bf3856ad364e35\MMCFxCommon.dll [2010-11-13 04:03:52 \| 000,299,008 \|——\| M] () MD5=A53068B1D0C39B46F53C03F1A06A2541—C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_da_b77a5c561934e089\mscorlib.resources.dll [2010-11-13 02:00:19 \| 000,348,160 \|——\| M] () MD5=857B3456C2FE53BCA1E9B66656597734—C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_ja_b77a5c561934e089\mscorlib.resources.dll [2009-07-14 09:33:45 \| 000,049,152 \|——\| M] () MD5=404D41999F76E7174629451AF7458267—C:\Windows\assembly\GAC_MSIL\napinit.resources\6.1.0.0_da_31bf3856ad364e35\napinit.Resources.dll [2010-02-23 12:44:26 \| 000,049,152 \|——\| M] () MD5=341507487E1AD54BE8079C7637810C9E—C:\Windows\assembly\GAC_MSIL\napinit.resources\6.1.0.0_en_31bf3856ad364e35\napinit.Resources.dll [2009-07-13 19:22:28 \| 000,049,152 \|——\| M] () MD5=4C6901BA175FAA179B40B4A85DCCE1AF—C:\Windows\assembly\GAC_MSIL\napinit.resources\6.1.0.0_ja_31bf3856ad364e35\napinit.Resources.dll [2009-07-14 03:50:10 \| 000,073,728 \|——\| M] () MD5=2E112025F72F2BF1302D8D5AA9014977—C:\Windows\assembly\GAC_MSIL\napinit\6.1.0.0__31bf3856ad364e35\NAPINIT.DLL [2009-07-14 09:33:47 \| 000,237,568 \|——\| M] () MD5=B3A36E24CAD8A4975C34A779B4BDCB7E—C:\Windows\assembly\GAC_MSIL\napsnap.resources\6.1.0.0_da_31bf3856ad364e35\napsnap.resources.dll [2010-02-23 12:44:27 \| 000,233,472 \|——\| M] () MD5=6B24C82334B7A52A1349E6E5BB162D88—C:\Windows\assembly\GAC_MSIL\napsnap.resources\6.1.0.0_en_31bf3856ad364e35\napsnap.resources.dll [2009-07-13 19:22:28 \| 000,237,568 \|——\| M] () MD5=EB5604E8BA4937AE5A15703742C2603C—C:\Windows\assembly\GAC_MSIL\napsnap.resources\6.1.0.0_ja_31bf3856ad364e35\napsnap.resources.dll [2009-07-14 03:50:24 \| 000,454,656 \|——\| M] () MD5=6F6170493DADDBAE1AFF0A2E2FABAE34—C:\Windows\assembly\GAC_MSIL\napsnap\6.1.0.0__31bf3856ad364e35\NAPSNAP.DLL [2010-11-20 15:44:13 \| 001,077,248 \|——\| M] () MD5=AFA10DB13B9A0537297AEEF2CD66352F—C:\Windows\assembly\GAC_MSIL\Narrator\6.1.0.0__31bf3856ad364e35\Narrator.exe [2010-06-09 21:31:41 \| 000,000,815 \|——\| M] () MD5=0A33273323603FCBD8DDD74758163161—C:\Windows\assembly\GAC_MSIL\Policy.6.0.ehRecObj\6.1.0.0__31bf3856ad364e35\Policy.6.0.ehRecObj.config [2010-06-09 21:31:41 \| 000,005,632 \|——\| M] () MD5=841736FAB112AC493646E4399E684D38—C:\Windows\assembly\GAC_MSIL\Policy.6.0.ehRecObj\6.1.0.0__31bf3856ad364e35\Policy.6.0.ehRecObj.dll [2010-06-09 21:31:41 \| 000,000,831 \|——\| M] () MD5=A9C1035129544B3867E06A8F02874FE4—C:\Windows\assembly\GAC_MSIL\Policy.6.0.Microsoft.MediaCenter.UI\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.MediaCenter.UI.config [2010-06-09 21:31:41 \| 000,005,632 \|——\| M] () MD5=1A49D09BD80C023A771214DA826FF6B6—C:\Windows\assembly\GAC_MSIL\Policy.6.0.Microsoft.MediaCenter.UI\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.MediaCenter.UI.dll [2010-06-09 21:31:41 \| 000,000,828 \|——\| M] () MD5=52B88C0916FAFF34E0174CD718980AC4—C:\Windows\assembly\GAC_MSIL\Policy.6.0.Microsoft.MediaCenter\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.MediaCenter.config [2010-06-09 21:31:41 \| 000,005,632 \|——\| M] () MD5=0C8F794B0C057EB421569A4E5B8E98C5—C:\Windows\assembly\GAC_MSIL\Policy.6.0.Microsoft.MediaCenter\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.MediaCenter.dll [2009-07-14 09:34:02 \| 000,049,152 \|——\| M] () MD5=3ED5C7E7BD76DE23F4E7445E4C3BD06E—C:\Windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_da_31bf3856ad364e35\PresentationBuildTasks.resources.dll [2009-06-08 10:39:44 \| 000,057,344 \|——\| M] () MD5=052452DE31A90529F4F90945CBD97508—C:\Windows\assembly\GAC_MSIL\PresentationBuildTasks.resources\3.0.0.0_ja_31bf3856ad364e35\PresentationBuildTasks.resources.dll [2010-11-05 03:53:21 \| 000,598,016 \|——\| M] () MD5=AEFD96A1A087027A7EDC21F83F1B4727—C:\Windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll [2009-06-10 23:14:50 \| 000,032,768 \|——\| M] () MD5=24F02A6A94DC8AE6F2ACDA7950CBEEB3—C:\Windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll [2010-11-05 03:53:41 \| 000,106,496 \|——\| M] () MD5=B9F6E49AA1FA607F44900281E4E1C45E—C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_da_31bf3856ad364e35\PresentationCore.resources.dll [2009-06-08 10:39:44 \| 000,118,784 \|——\| M] () MD5=974ED6E38EED86721C4D8873762E38D4—C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_ja_31bf3856ad364e35\PresentationCore.resources.dll [2009-06-10 23:14:51 \| 000,042,856 \|——\| M] () MD5=E56F39F6B7FDA0AC77A79B0FD3DE1A2F—C:\Windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe [2009-06-10 23:14:43 \| 000,196,608 \|——\| M] () MD5=C9DF30B6F5D99C8147C528528B9CC498—C:\Windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll [2009-06-10 23:14:44 \| 000,139,264 \|——\| M] () MD5=98F2493B40E00061B4A4369E63790293—C:\Windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll [2010-11-05 03:53:23 \| 000,397,312 \|——\| M] () MD5=4E9FDA223530F931AC1F03ABB58E4DA5—C:\Windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll [2010-11-05 03:53:41 \| 000,237,568 \|——\| M] () MD5=82278AE061AF321C0161528799C24F51—C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_da_31bf3856ad364e35\PresentationFramework.resources.dll [2009-06-08 10:39:44 \| 000,262,144 \|——\| M] () MD5=DD190E8AF680990ED98F9C9E8FA7C6DC—C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_ja_31bf3856ad364e35\PresentationFramework.resources.dll [2009-06-10 23:14:44 \| 000,163,840 \|——\| M] () MD5=13E8EC241CA1402C923DF3A1DA9CAF70—C:\Windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll [2012-02-11 01:31:41 \| 005,283,840 \|——\| M] () MD5=530DFD580E4C341B267ED4E2A56B8233—C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll [2009-07-14 09:34:02 \| 000,368,640 \|——\| M] () MD5=F86AE440AB70FA468414E277F620E07E—C:\Windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_da_31bf3856ad364e35\PresentationUI.resources.dll [2009-06-08 10:39:44 \| 000,372,736 \|——\| M] () MD5=DB8726CB3F472E30390051398DE5CF8F—C:\Windows\assembly\GAC_MSIL\PresentationUI.resources\3.0.0.0_ja_31bf3856ad364e35\PresentationUI.resources.dll [2009-06-10 23:14:52 \| 000,864,256 \|——\| M] () MD5=0F8242348EBA698FF93193A6BDC55362—C:\Windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll [2009-07-14 09:34:02 \| 000,040,960 \|——\| M] () MD5=DB9916B51C4F59907212B5F54C80437B—C:\Windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_da_31bf3856ad364e35\ReachFramework.resources.dll [2009-06-08 10:39:44 \| 000,040,960 \|——\| M] () MD5=614CA80EF1CCB54B9CE0A3FE77675D0E—C:\Windows\assembly\GAC_MSIL\ReachFramework.resources\3.0.0.0_ja_31bf3856ad364e35\ReachFramework.resources.dll [2012-02-11 01:31:41 \| 000,532,480 \|——\| M] () MD5=93CF6C96CDBFC1834A28F835B769E8BA—C:\Windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll [2009-07-14 09:34:06 \| 000,012,800 \|——\| M] () MD5=E4832984E6ABD09F3F844AB278F80D17—C:\Windows\assembly\GAC_MSIL\SecurityAuditPoliciesSnapIn.resources\6.1.0.0_da_31bf3856ad364e35\SecurityAuditPoliciesSnapIn.resources.dll [2010-02-23 12:44:39 \| 000,011,776 \|——\| M] () MD5=563E82907227A5BD275FA0CA79922780—C:\Windows\assembly\GAC_MSIL\SecurityAuditPoliciesSnapIn.resources\6.1.0.0_en_31bf3856ad364e35\SecurityAuditPoliciesSnapIn.resources.dll [2009-07-13 19:22:34 \| 000,024,576 \|——\| M] () MD5=C05C58229221675AD3B25C89829BADD0—C:\Windows\assembly\GAC_MSIL\SecurityAuditPoliciesSnapIn.resources\6.1.0.0_ja_31bf3856ad364e35\SecurityAuditPoliciesSnapIn.resources.dll [2010-11-20 15:44:13 \| 000,167,936 \|——\| M] () MD5=855B4DFFC8F42403FBE247B9D7A85714—C:\Windows\assembly\GAC_MSIL\SecurityAuditPoliciesSnapIn\6.1.0.0__31bf3856ad364e35\SecurityAuditPoliciesSnapIn.dll [2009-06-10 23:15:18 \| 000,005,632 \|——\| M] () MD5=AA7004ABA8C37DDCA200E16F1570EF62—C:\Windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll [2009-07-14 09:34:02 \| 000,005,120 \|——\| M] () MD5=A5DDB51D6DADD3E3A503AFE975F182C9—C:\Windows\assembly\GAC_MSIL\smdiagnostics.resources\3.0.0.0_da_b77a5c561934e089\SMDiagnostics.resources.dll [2009-06-08 10:39:42 \| 000,005,120 \|——\| M] () MD5=38E2654415004EB997302F8982328C0A—C:\Windows\assembly\GAC_MSIL\smdiagnostics.resources\3.0.0.0_ja_b77a5c561934e089\SMDiagnostics.resources.dll [2010-11-05 03:52:39 \| 000,110,592 \|——\| M] () MD5=6F145DEF09821EB6614C501430CB838C—C:\Windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll [2010-11-05 03:52:39 \| 000,128,848 \|——\| M] () MD5=F476EC40033CDB91EFBE73EB99B8362D—C:\Windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe [2009-07-14 03:48:50 \| 000,086,016 \|——\| M] () MD5=6B16E2A529A703956915122B895DA5F6—C:\Windows\assembly\GAC_MSIL\SonicMCEBurnEngine\6.1.0.0__31bf3856ad364e35\SonicMCEBurnEngine.dll [2010-11-20 15:42:17 \| 000,200,704 \|——\| M] () MD5=A16BAADAAF9D8409057F76B8B501E4B7—C:\Windows\assembly\GAC_MSIL\SrpUxSnapIn.resources\6.1.0.0_da_31bf3856ad364e35\SrpUxSnapIn.resources.dll [2010-11-20 15:16:44 \| 000,200,704 \|——\| M] () MD5=78052FFCCC12E3ED35F809A3BB6F5CD3—C:\Windows\assembly\GAC_MSIL\SrpUxSnapIn.resources\6.1.0.0_en_31bf3856ad364e35\SrpUxSnapIn.resources.dll [2010-11-20 15:14:53 \| 000,200,704 \|——\| M] () MD5=AFD7C4B80DD8715AA20858D770506703—C:\Windows\assembly\GAC_MSIL\SrpUxSnapIn.resources\6.1.0.0_ja_31bf3856ad364e35\SrpUxSnapIn.resources.dll [2010-11-20 15:44:13 \| 001,048,576 \|——\| M] () MD5=8199754E88A0F37965D468C8E280ACF6—C:\Windows\assembly\GAC_MSIL\SrpUxSnapIn\6.1.0.0__31bf3856ad364e35\SrpUxSnapIn.dll [2009-07-14 09:33:45 \| 000,010,240 \|——\| M] () MD5=B9A787A1211D93CCBAFF4B55A75E9C5F—C:\Windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_da_b03f5f7f11d50a3a\sysglobl.resources.dll [2010-11-05 03:59:30 \| 000,011,776 \|——\| M] () MD5=CDD6ECA70C0AB4567843A36FE214A374—C:\Windows\assembly\GAC_MSIL\sysglobl.resources\2.0.0.0_ja_b03f5f7f11d50a3a\sysglobl.resources.dll [2009-06-10 23:23:17 \| 000,110,592 \|——\| M] () MD5=3C8AF820562CC8E3A1CF82650518F66C—C:\Windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll [2010-11-05 03:53:30 \| 000,045,056 \|——\| M] () MD5=6D593E9AE74E39A62F8184515B27DF28—C:\Windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll [2012-01-04 04:50:53 \| 000,163,840 \|——\| M] () MD5=C2EC2AD05B97F9124399E1DA1D1386C2—C:\Windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll [2009-07-14 09:34:02 \| 000,007,680 \|——\| M] () MD5=72C0BE5F0F7EE7F129E230E9F1469BE1—C:\Windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations.resources\3.5.0.0_da_31bf3856ad364e35\System.ComponentModel.DataAnnotations.Resources.dll [2009-06-08 10:39:42 \| 000,008,704 \|——\| M] () MD5=2DB2DFE14C4BA24F102A2CAC614CFE64—C:\Windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations.resources\3.5.0.0_ja_31bf3856ad364e35\System.ComponentModel.DataAnnotations.Resources.dll [2010-11-05 03:53:30 \| 000,057,344 \|——\| M] () MD5=27E76A55FA5C3586297C2D42986304AC—C:\Windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll [2009-07-14 09:33:52 \| 000,028,672 \|——\| M] () MD5=D1CC1A01F0E98440BAEF23B1723F22F2—C:\Windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_da_b03f5f7f11d50a3a\System.Configuration.Install.resources.dll [2009-06-10 14:11:14 \| 000,032,768 \|——\| M] () MD5=E9C9B2FBCAD22AEC9B3F63F092FE2410—C:\Windows\assembly\GAC_MSIL\System.Configuration.Install.resources\2.0.0.0_ja_b03f5f7f11d50a3a\System.Configuration.Install.Resources.dll [2010-11-05 03:58:04 \| 000,081,920 \|——\| M] () MD5=ED2D3B032733BFC7A68FCE05BC7F93B4—C:\Windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll [2009-07-14 09:33:51 \| 000,049,152 \|——\| M] () MD5=DC9D3388DB1903AA3698A2B5A71A6D27—C:\Windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_da_b03f5f7f11d50a3a\System.Configuration.resources.dll [2009-06-10 14:11:14 \| 000,053,248 \|——\| M] () MD5=D9D9B06A86A761C653C838170B3BFF75—C:\Windows\assembly\GAC_MSIL\system.configuration.resources\2.0.0.0_ja_b03f5f7f11d50a3a\System.Configuration.resources.dll [2010-11-05 03:58:04 \| 000,425,984 \|——\| M] () MD5=5A7A33F7F9DFC0C0A8B8E000F4D9D898—C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll [2009-07-14 09:34:02 \| 000,057,344 \|——\| M] () MD5=F8BE83123F6483AE462866F12373E8F1—C:\Windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_da_b77a5c561934e089\System.Core.Resources.dll [2009-06-08 10:39:42 \| 000,065,536 \|——\| M] () MD5=FCCC97D0D399128CAEE54AA137C4841C—C:\Windows\assembly\GAC_MSIL\System.Core.resources\3.5.0.0_ja_b77a5c561934e089\System.Core.Resources.dll [2010-11-05 03:53:30 \| 000,667,648 \|——\| M] () MD5=FC114C6C8AB34F1A357069AD3E4477F8—C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll [2010-11-05 03:53:31 \| 000,053,248 \|——\| M] () MD5=82D34DEB3105E63981A0306B03C10A07—C:\Windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll [2010-11-05 03:53:39 \| 000,015,360 \|——\| M] () MD5=36CB441AD8739161804CFB4BFB8B4401—C:\Windows\assembly\GAC_MSIL\System.Data.Entity.Design.resources\3.5.0.0_da_b77a5c561934e089\System.Data.Entity.Design.Resources.dll [2010-11-05 04:00:01 \| 000,028,672 \|——\| M] () MD5=DAFB31384570535ECE0B8709D8B04B52—C:\Windows\assembly\GAC_MSIL\System.Data.Entity.Design.resources\3.5.0.0_ja_b77a5c561934e089\System.Data.Entity.Design.Resources.dll [2010-11-05 03:53:31 \| 000,229,376 \|——\| M] () MD5=02B81AAEB463E966372AF6A1C0B6038E—C:\Windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll [2009-07-14 09:34:02 \| 000,389,120 \|——\| M] () MD5=3C1B7653FD8CE8E0ED699C3B0779F4C0—C:\Windows\assembly\GAC_MSIL\System.Data.Entity.resources\3.5.0.0_da_b77a5c561934e089\System.Data.Entity.Resources.dll [2009-06-08 10:39:42 \| 000,425,984 \|——\| M] () MD5=66A31965FCF3A2C615622FE31CA8110D—C:\Windows\assembly\GAC_MSIL\System.Data.Entity.resources\3.5.0.0_ja_b77a5c561934e089\System.Data.Entity.Resources.dll [2010-11-05 03:53:31 \| 002,879,488 \|——\| M] () MD5=EEDCBC7607D2852BBF74409B49A8D1C1—C:\Windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll [2009-07-14 09:34:02 \| 000,053,248 \|——\| M] () MD5=DB2F2116AE2A7B6C71C2F9CC44EAACFF—C:\Windows\assembly\GAC_MSIL\System.Data.Linq.resources\3.5.0.0_da_b77a5c561934e089\System.Data.Linq.Resources.dll [2009-06-08 10:39:42 \| 000,061,440 \|——\| M] () MD5=EE2AE12FD88B207B103929A70FC38276—C:\Windows\assembly\GAC_MSIL\System.Data.Linq.resources\3.5.0.0_ja_b77a5c561934e089\System.Data.Linq.Resources.dll [2010-11-05 03:53:31 \| 000,684,032 \|——\| M] () MD5=8AB40EB71BB5D5F4641AA5895712B981—C:\Windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll [2010-11-05 03:53:38 \| 000,110,592 \|——\| M] () MD5=149F29EB7D45F330D71FEB421AF93510—C:\Windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_da_b77a5c561934e089\System.Data.OracleClient.resources.dll [2009-06-10 14:11:14 \| 000,114,688 \|——\| M] () MD5=8C46ED1018200FFD5C8BC58C69AEC387—C:\Windows\assembly\GAC_MSIL\System.Data.OracleClient.resources\2.0.0.0_ja_b77a5c561934e089\System.Data.OracleClient.resources.dll [2009-07-14 09:33:50 \| 000,344,064 \|——\| M] () MD5=8A77BBDD87E502EE9A7EB7FB5A2B1DCE—C:\Windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_da_b77a5c561934e089\System.Data.resources.dll [2009-06-10 14:11:14 \| 000,368,640 \|——\| M] () MD5=5D451F992A773E591580193379B97033—C:\Windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_ja_b77a5c561934e089\System.Data.Resources.dll [2010-11-05 03:53:39 \| 000,049,152 \|——\| M] () MD5=947E13BDBAE0FDD0A0B5F96EC24EEB61—C:\Windows\assembly\GAC_MSIL\System.Data.Services.Client.resources\3.5.0.0_da_b77a5c561934e089\System.Data.Services.Client.resources.dll [2010-11-05 04:00:01 \| 000,057,344 \|——\| M] () MD5=00CDADBFAB2D5D3C0C6222F99B72CE92—C:\Windows\assembly\GAC_MSIL\System.Data.Services.Client.resources\3.5.0.0_ja_b77a5c561934e089\System.Data.Services.Client.resources.dll [2010-11-05 03:53:32 \| 000,462,848 \|——\| M] () MD5=606ACF1553423BFDD3CABEBA3DF264B9—C:\Windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll [2010-11-05 03:53:39 \| 000,011,264 \|——\| M] () MD5=6F954BBDBEB98CDC75664F810B645A3C—C:\Windows\assembly\GAC_MSIL\System.Data.Services.Design.resources\3.5.0.0_da_b77a5c561934e089\System.Data.Services.Design.resources.dll [2010-11-05 04:00:01 \| 000,012,800 \|——\| M] () MD5=981600B41F769A2481161BD0EF080A74—C:\Windows\assembly\GAC_MSIL\System.Data.Services.Design.resources\3.5.0.0_ja_b77a5c561934e089\System.Data.Services.Design.resources.dll [2010-11-05 03:53:32 \| 000,163,840 \|——\| M] () MD5=0ACA904F87E674CF3CB6746D9D3AB321—C:\Windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll [2010-11-05 03:53:39 \| 000,090,112 \|——\| M] () MD5=0F78B24C5C95D170109396B3C69F1B41—C:\Windows\assembly\GAC_MSIL\System.Data.Services.resources\3.5.0.0_da_b77a5c561934e089\System.Data.Services.resources.dll [2010-11-05 04:00:01 \| 000,106,496 \|——\| M] () MD5=EF512199AE198B9F930405270E0123A7—C:\Windows\assembly\GAC_MSIL\System.Data.Services.resources\3.5.0.0_ja_b77a5c561934e089\System.Data.Services.resources.dll [2010-11-05 03:53:32 \| 000,692,224 \|——\| M] () MD5=4BA482E447D6096E8D4348AAE306CE1B—C:\Windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll [2010-06-09 21:40:17 \| 000,236,392 \|——\| M] () MD5=A200E7209B42BAA18F438695CE45B0B9—C:\Windows\assembly\GAC_MSIL\System.Data.SqlServerCe\9.0.242.0__89845dcd8080cc91\System.Data.SqlServerCe.dll [2009-07-14 09:33:44 \| 000,036,864 \|——\| M] () MD5=C68C81719087AD1CE54551DA494E8786—C:\Windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_da_b77a5c561934e089\system.data.sqlxml.resources.dll [2009-06-10 14:11:14 \| 000,040,960 \|——\| M] () MD5=07A4EF4ED2AB323057C44652AEE5094F—C:\Windows\assembly\GAC_MSIL\System.Data.SqlXml.resources\2.0.0.0_ja_b77a5c561934e089\system.data.sqlxml.resources.dll [2010-11-05 03:58:05 \| 000,745,472 \|——\| M] () MD5=800484A3335EACDAA9600120385CCBDC—C:\Windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll [2009-07-14 09:33:53 \| 000,393,216 \|——\| M] () MD5=34EC8DDDBD86EF89551C36085050605C—C:\Windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_da_b03f5f7f11d50a3a\System.Deployment.resources.dll [2009-06-10 14:11:14 \| 000,405,504 \|——\| M] () MD5=BFA983645B9FF7F243A9F88CEB153ED4—C:\Windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_ja_b03f5f7f11d50a3a\System.Deployment.resources.dll [2010-11-05 03:58:05 \| 000,970,752 \|——\| M] () MD5=418EC83A2FC441A3D40F3FDCDA851392—C:\Windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll [2009-07-14 09:33:50 \| 000,536,576 \|——\| M] () MD5=AAE04B7875EBA91E402C05EACA2D2B07—C:\Windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_da_b03f5f7f11d50a3a\System.Design.resources.dll [2009-06-10 14:11:14 \| 000,561,152 \|——\| M] () MD5=1F37CF67646FBF12BE04B73D043227CB—C:\Windows\assembly\GAC_MSIL\System.Design.resources\2.0.0.0_ja_b03f5f7f11d50a3a\System.Design.Resources.dll [2010-11-05 03:58:06 \| 004,927,488 \|——\| M] () MD5=2D7D124DCC4E7643F2B8AB4592150950—C:\Windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll [2009-06-08 10:39:42 \| 000,040,960 \|——\| M] () MD5=47B465B77294FF812564041FA8A204AD—C:\Windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement.resources\3.5.0.0_ja_b77a5c561934e089\System.DirectoryServices.AccountManagement.resources.dll [2010-11-05 03:53:32 \| 000,290,816 \|——\| M] () MD5=CD86BDCB5E115635E6AB7DFE77FC1D11—C:\Windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll [2009-07-14 09:33:45 \| 000,016,896 \|——\| M] () MD5=85B5D5744B04F5DF755A2F0A7C9BF389—C:\Windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_da_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll [2009-06-10 14:11:14 \| 000,028,672 \|——\| M] () MD5=EFE8B0324EB549FC5C9EC57E1AE8A75E—C:\Windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols.resources\2.0.0.0_ja_b03f5f7f11d50a3a\System.DirectoryServices.Protocols.resources.dll [2009-06-10 23:23:18 \| 000,188,416 \|——\| M] () MD5=EE1DCDAA3EA8F53DA56116875CD01653—C:\Windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll [2009-07-14 09:33:47 \| 000,040,960 \|——\| M] () MD5=1EB1856CD503239C75F59E01C592C31A—C:\Windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_da_b03f5f7f11d50a3a\System.DirectoryServices.resources.dll [2009-06-10 14:11:14 \| 000,045,056 \|——\| M] () MD5=80D07376BFA4A22C659F130FEAD4F6AD—C:\Windows\assembly\GAC_MSIL\System.DirectoryServices.resources\2.0.0.0_ja_b03f5f7f11d50a3a\System.DirectoryServices.Resources.dll [2010-11-05 03:58:06 \| 000,401,408 \|——\| M] () MD5=AF1F47FBADABB9134002359970F5FD1C—C:\Windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll [2009-07-14 09:33:47 \| 000,006,144 \|——\| M] () MD5=AD0F24D3C6C8E3C80AD1ECC829EB0C2F—C:\Windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_da_b03f5f7f11d50a3a\System.Drawing.Design.resources.dll [2009-06-10 14:11:14 \| 000,006,144 \|——\| M] () MD5=21382168A768DFC7D55DC2FC1A624956—C:\Windows\assembly\GAC_MSIL\System.Drawing.Design.resources\2.0.0.0_ja_b03f5f7f11d50a3a\System.Drawing.Design.Resources.dll [2009-06-10 23:23:18 \| 000,081,920 \|——\| M] () MD5=D195A195E3D16A867FD4382D786313B8—C:\Windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll [2010-11-13 03:22:23 \| 000,024,576 \|——\| M] () MD5=D85709797BDDA6EA6A7C9BAC30E9359C—C:\Windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_da_b03f5f7f11d50a3a\System.Drawing.resources.dll [2010-11-13 01:18:15 \| 000,016,896 \|——\| M] () MD5=1E154FB1AC7F0B97B01155A7C666863F—C:\Windows\assembly\GAC_MSIL\System.Drawing.resources\2.0.0.0_ja_b03f5f7f11d50a3a\System.Drawing.Resources.dll [2012-01-27 01:33:25 \| 000,630,784 \|——\| M] () MD5=25279D7FAF0F1BE97EA477EB939A1469—C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll [2009-07-14 09:33:50 \| 000,032,768 \|——\| M] () MD5=9121237AE57ABD1AE3083FBB4F2A9EA6—C:\Windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_da_b03f5f7f11d50a3a\System.EnterpriseServices.resources.dll [2009-06-10 14:11:14 \| 000,036,864 \|——\| M] () MD5=14615A5A43FCA0892CBD1FF36CAD9E8B—C:\Windows\assembly\GAC_MSIL\System.EnterpriseServices.resources\2.0.0.0_ja_b03f5f7f11d50a3a\System.EnterpriseServices.Resources.dll [2009-07-14 09:34:02 \| 000,061,440 \|——\| M] () MD5=BF7E31C4E0BDAB9E833D092047BDC0E2—C:\Windows\assembly\GAC_MSIL\system.identitymodel.resources\3.0.0.0_da_b77a5c561934e089\System.IdentityModel.Resources.dll [2009-06-08 10:39:42 \| 000,069,632 \|——\| M] () MD5=FDBF94D7EDC576C3DD6292E2BE46319C—C:\Windows\assembly\GAC_MSIL\system.identitymodel.resources\3.0.0.0_ja_b77a5c561934e089\System.IdentityModel.Resources.dll [2009-07-14 09:34:02 \| 000,053,248 \|——\| M] () MD5=38F9AE9FAABF2936B58E43DFCE1AA15F—C:\Windows\assembly\GAC_MSIL\system.identitymodel.selectors.resources\3.0.0.0_da_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll [2009-06-08 10:39:42 \| 000,057,344 \|——\| M] () MD5=F4FC4F6901EF461C1EDC3CF6E79F6598—C:\Windows\assembly\GAC_MSIL\system.identitymodel.selectors.resources\3.0.0.0_ja_b77a5c561934e089\System.IdentityModel.Selectors.Resources.dll [2010-11-05 03:52:27 \| 000,126,976 \|——\| M] () MD5=DF7FEE2563BF2D59926B786FBF636510—C:\Windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll [2010-11-05 03:52:27 \| 000,442,368 \|——\| M] () MD5=9638C20A92962CAFC45E8F48AE6238F5—C:\Windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll [2009-07-14 09:34:02 \| 000,020,480 \|——\| M] () MD5=C6CA941ECD74E6D902119D75277A1DBF—C:\Windows\assembly\GAC_MSIL\system.io.log.resources\3.0.0.0_da_b03f5f7f11d50a3a\System.IO.Log.Resources.dll [2009-06-08 10:39:42 \| 000,012,800 \|——\| M] () MD5=39F555C5190C9AB5390C1F4B4AA622A7—C:\Windows\assembly\GAC_MSIL\system.io.log.resources\3.0.0.0_ja_b03f5f7f11d50a3a\System.IO.Log.Resources.dll [2009-06-10 23:13:54 \| 000,131,072 \|——\| M] () MD5=AC45DB17E166ECEBD320D4FA2820C1B6—C:\Windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll [2009-07-14 09:34:00 \| 000,253,952 \|——\| M] () MD5=49D669DD9F8F3D4D8600D94EFB46EDF8—C:\Windows\assembly\GAC_MSIL\System.Management.Automation.Resources\1.0.0.0_en_31bf3856ad364e35\System.Management.Automation.Resources.dll [2009-07-13 19:22:52 \| 000,311,296 \|——\| M] () MD5=7417E98487C116B869C769E10BE2A0E6—C:\Windows\assembly\GAC_MSIL\System.Management.Automation.Resources\1.0.0.0_ja_31bf3856ad364e35\System.Management.Automation.Resources.dll [2010-11-20 15:44:13 \| 003,010,560 \|——\| M] () MD5=54ECF49D6A42B61AA582216AAEB9657D—C:\Windows\assembly\GAC_MSIL\System.Management.Automation\1.0.0.0__31bf3856ad364e35\System.Management.Automation.dll [2010-11-05 03:53:32 \| 000,143,360 \|——\| M] () MD5=BCD4761D6E2290B490498126C67A35D0—C:\Windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll [2009-07-14 09:33:46 \| 000,012,800 \|——\| M] () MD5=6E8E37D172B2D9E145557F9331A35BE1—C:\Windows\assembly\GAC_MSIL\system.management.resources\2.0.0.0_da_b03f5f7f11d50a3a\System.Management.resources.dll [2009-06-10 14:11:14 \| 000,024,576 \|——\| M] () MD5=5056B789926BB8E37C1DC1E6AA0E08C3—C:\Windows\assembly\GAC_MSIL\system.management.resources\2.0.0.0_ja_b03f5f7f11d50a3a\System.Management.Resources.dll [2010-11-05 03:58:09 \| 000,385,024 \|——\| M] () MD5=52C875E8F96E4F9E69914A538C129C6E—C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll [2009-07-14 09:33:51 \| 000,077,824 \|——\| M] () MD5=F925640DEAA14C6B395BDFB1DB69F7D8—C:\Windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_da_b03f5f7f11d50a3a\System.Messaging.resources.dll [2009-06-10 14:11:14 \| 000,086,016 \|——\| M] () MD5=B6335C39572A7370936D0E7940016DB0—C:\Windows\assembly\GAC_MSIL\System.Messaging.resources\2.0.0.0_ja_b03f5f7f11d50a3a\System.Messaging.Resources.dll [2010-11-05 03:58:09 \| 000,258,048 \|——\| M] () MD5=3035497DE3B9208633BC7F3604D781FB—C:\Windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll [2010-11-05 03:53:32 \| 000,237,568 \|——\| M] () MD5=74446FB0C54CB43A279E735F9C335752—C:\Windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll [2009-07-14 09:34:02 \| 000,028,672 \|——\| M] () MD5=86AC8B88EE7F1B2FDD06D6AAF93B793B—C:\Windows\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_da_31bf3856ad364e35\System.Printing.resources.dll [2009-06-08 10:39:44 \| 000,028,672 \|——\| M] () MD5=C74AAB43C204BCCB7EAC55819BE0E9D5—C:\Windows\assembly\GAC_MSIL\System.Printing.resources\3.0.0.0_ja_31bf3856ad364e35\System.Printing.resources.dll [2010-11-05 03:53:38 \| 000,200,704 \|——\| M] () MD5=91300ECB63C978CACEA963832E7A1D89—C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_da_b77a5c561934e089\system.resources.dll [2010-11-05 03:59:31 \| 000,233,472 \|——\| M] () MD5=DFC48634C300A3E97602082EDD03CB20—C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_ja_b77a5c561934e089\system.resources.dll [2009-07-14 09:33:45 \| 000,032,768 \|——\| M] () MD5=F31DE738E6E30659B61C5EA76140D08A—C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_da_b77a5c561934e089\System.Runtime.Remoting.resources.dll [2009-06-10 14:11:14 \| 000,032,768 \|——\| M] () MD5=E0E9E198C9FBF698591BA5D6638132AC—C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_ja_b77a5c561934e089\System.Runtime.Remoting.Resources.dll [2010-11-05 03:58:10 \| 000,303,104 \|——\| M] () MD5=1D4DA021B0AD837B35AFB772CC7C636D—C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll [2009-07-14 09:33:54 \| 000,011,264 \|——\| M] () MD5=36FAF2BF3C0348EADB4CED48737E8CAC—C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_da_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll [2009-06-10 14:11:14 \| 000,012,800 \|——\| M] () MD5=E2DE56EEEB0805EDCFD3BD99AB81C148—C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_ja_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.Resources.dll [2009-06-10 23:23:19 \| 000,131,072 \|——\| M] () MD5=C9781DA4EE6A5BBAE271CC0AC4B25D7C—C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll [2009-07-14 09:34:02 \| 000,094,208 \|——\| M] () MD5=F3107F7453E8462366C0F7BEC99DA596—C:\Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_da_b77a5c561934e089\System.RunTime.Serialization.Resources.dll [2009-06-08 10:39:42 \| 000,110,592 \|——\| M] () MD5=819B1A9E4EDF2D1242735B01CD9FA34C—C:\Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_ja_b77a5c561934e089\System.RunTime.Serialization.Resources.dll [2010-11-05 03:52:27 \| 000,970,752 \|——\| M] () MD5=01D4E1005C901889517EED7F438DB501—C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll [2009-07-14 09:33:44 \| 000,028,672 \|——\| M] () MD5=026D373889BAEBEC16A6040373F98CA6—C:\Windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_da_b03f5f7f11d50a3a\System.Security.resources.dll [2009-06-10 14:11:14 \| 000,028,672 \|——\| M] () MD5=7CBCC2D8E62C37F2C27FAEB9D40FE7B4—C:\Windows\assembly\GAC_MSIL\System.Security.resources\2.0.0.0_ja_b03f5f7f11d50a3a\System.Security.Resources.dll [2010-11-05 03:58:10 \| 000,258,048 \|——\| M] () MD5=A15491BE2D672FCDBFEB250E9594D7ED—C:\Windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll [2009-07-14 09:34:02 \| 000,032,768 \|——\| M] () MD5=63D73A4F639E541C7EA992AC65286C2C—C:\Windows\assembly\GAC_MSIL\system.servicemodel.install.resources\3.0.0.0_da_b77a5c561934e089\System.ServiceModel.Install.Resources.dll [2009-06-08 10:39:42 \| 000,036,864 \|——\| M] () MD5=7E652EEA36A8EAE802F826B8EB6213EC—C:\Windows\assembly\GAC_MSIL\system.servicemodel.install.resources\3.0.0.0_ja_b77a5c561934e089\System.ServiceModel.Install.Resources.dll [2010-11-05 03:52:40 \| 000,073,728 \|——\| M] () MD5=4E0883AF9D5B4F2AAFD19F6663CBAF5F—C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll [2010-11-05 03:53:40 \| 000,454,656 \|——\| M] () MD5=A878C6E46768221F32778990BC26F22A—C:\Windows\assembly\GAC_MSIL\system.servicemodel.resources\3.0.0.0_da_b77a5c561934e089\System.ServiceModel.Resources.dll [2010-11-05 04:00:15 \| 000,548,864 \|——\| M] () MD5=A185C092324135422320D6C1DAAC083D—C:\Windows\assembly\GAC_MSIL\system.servicemodel.resources\3.0.0.0_ja_b77a5c561934e089\System.ServiceModel.Resources.dll [2010-11-05 03:52:41 \| 000,032,768 \|——\| M] () MD5=9A9827B4F896F40607DF8103B9C438C0—C:\Windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll [2010-11-05 03:53:39 \| 000,069,632 \|——\| M] () MD5=F4D6691B6F3C67A1B442E1DE5E0528D3—C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web.resources\3.5.0.0_da_31bf3856ad364e35\System.ServiceModel.Web.resources.dll [2009-06-08 10:39:42 \| 000,077,824 \|——\| M] () MD5=B467DB4F24170A437EEBF3C8D37AFB55—C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web.resources\3.5.0.0_ja_31bf3856ad364e35\System.ServiceModel.Web.resources.dll [2010-11-05 03:52:44 \| 000,569,344 \|——\| M] () MD5=EA5213E7090668C917EEB947FDC3CD46—C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll [2010-11-05 03:52:30 \| 005,988,352 \|——\| M] () MD5=196D093057DE9D765FF8DDFA24215D3B—C:\Windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll [2009-07-14 09:33:44 \| 000,040,960 \|——\| M] () MD5=E68C6718997134E3B11054F5E47BAFC9—C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_da_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll [2009-06-10 14:11:14 \| 000,040,960 \|——\| M] () MD5=0D685E37E503B2DC245D7A0EF4F6D6CE—C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_ja_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll [2010-11-05 03:58:10 \| 000,114,688 \|——\| M] () MD5=F68CAFF425A9F37E498193BDDC5CC652—C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll [2009-07-14 09:34:02 \| 000,061,440 \|——\| M] () MD5=954FB0BBFF86241B754E0BA2E78890AB—C:\Windows\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_da_31bf3856ad364e35\System.Speech.resources.dll [2009-06-08 10:39:44 \| 000,069,632 \|——\| M] () MD5=BCA99143A2C6BF858568A85B40654254—C:\Windows\assembly\GAC_MSIL\System.Speech.resources\3.0.0.0_ja_31bf3856ad364e35\System.Speech.resources.dll [2009-06-10 23:14:45 \| 000,688,128 \|——\| M] () MD5=31588B867657A7DF046AC1908550D73C—C:\Windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll [2009-07-14 09:33:51 \| 000,016,384 \|——\| M] () MD5=8C615E947F3278106FB836B208BDF1BA—C:\Windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_da_b77a5c561934e089\System.Transactions.resources.dll [2009-06-10 14:11:14 \| 000,028,672 \|——\| M] () MD5=E92E8029DDF110EE59FC991AFCE2BD4B—C:\Windows\assembly\GAC_MSIL\System.Transactions.resources\2.0.0.0_ja_b77a5c561934e089\System.Transactions.resources.dll [2009-07-14 09:34:02 \| 000,003,584 \|——\| M] () MD5=8620C257205FB7652DBE96B9CDD43232—C:\Windows\assembly\GAC_MSIL\System.Web.Abstractions.resources\3.5.0.0_da_31bf3856ad364e35\System.Web.Abstractions.Resources.dll [2009-06-08 10:39:42 \| 000,003,584 \|——\| M] () MD5=006465FAF3CE98B06F85D19B7DE38299—C:\Windows\assembly\GAC_MSIL\System.Web.Abstractions.resources\3.5.0.0_ja_31bf3856ad364e35\System.Web.Abstractions.Resources.dll [2010-11-05 03:53:32 \| 000,077,824 \|——\| M] () MD5=DE8831D65E92BC50304F37CC75EC31D5—C:\Windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll [2010-11-05 03:53:39 \| 000,004,096 \|——\| M] () MD5=47D1707AAA7AC3BB37CD88D2694FB062—C:\Windows\assembly\GAC_MSIL\System.Web.DynamicData.Design.resources\3.5.0.0_da_31bf3856ad364e35\System.Web.DynamicData.Design.Resources.dll [2009-06-08 10:39:42 \| 000,004,096 \|——\| M] () MD5=1DFC17D16B4075EEC6CBA45B8816A71A—C:\Windows\assembly\GAC_MSIL\System.Web.DynamicData.Design.resources\3.5.0.0_ja_31bf3856ad364e35\System.Web.DynamicData.Design.Resources.dll [2010-11-05 03:53:32 \| 000,032,768 \|——\| M] () MD5=4A1EF32D7C394D8400870C73B40CA2A4—C:\Windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll [2009-07-14 09:34:02 \| 000,015,872 \|——\| M] () MD5=469BB0AB9604459BB48C14C0E8A090A5—C:\Windows\assembly\GAC_MSIL\System.Web.DynamicData.resources\3.5.0.0_da_31bf3856ad364e35\System.Web.DynamicData.Resources.dll [2009-06-08 10:39:42 \| 000,028,672 \|——\| M] () MD5=7BE173D361C94D025FE0E1F4935AD241—C:\Windows\assembly\GAC_MSIL\System.Web.DynamicData.resources\3.5.0.0_ja_31bf3856ad364e35\System.Web.DynamicData.Resources.dll [2010-11-05 03:53:32 \| 000,229,376 \|——\| M] () MD5=054F8B86C1258EDDB833A38B54155CF7—C:\Windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll [2009-07-14 09:34:02 \| 000,020,480 \|——\| M] () MD5=E2171CE57122698015A3316127176B18—C:\Windows\assembly\GAC_MSIL\System.Web.Entity.Design.resources\3.5.0.0_da_b77a5c561934e089\System.Web.Entity.Design.Resources.dll [2009-06-08 10:39:42 \| 000,011,264 \|——\| M] () MD5=1BF3E4FF7C040860C30AE78ADF777A65—C:\Windows\assembly\GAC_MSIL\System.Web.Entity.Design.resources\3.5.0.0_ja_b77a5c561934e089\System.Web.Entity.Design.Resources.dll [2010-11-05 03:53:32 \| 000,131,072 \|——\| M] () MD5=A282147F21B0DB24DB3B3566E828A8AE—C:\Windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll [2010-11-05 03:53:39 \| 000,024,576 \|——\| M] () MD5=124AF491E08A433991FB860EA5127786—C:\Windows\assembly\GAC_MSIL\System.Web.Entity.resources\3.5.0.0_da_b77a5c561934e089\System.Web.Entity.Resources.dll [2010-11-05 04:00:02 \| 000,016,384 \|——\| M] () MD5=22D85EE40E979D210311CC3A728ADE7A—C:\Windows\assembly\GAC_MSIL\System.Web.Entity.resources\3.5.0.0_ja_b77a5c561934e089\System.Web.Entity.Resources.dll [2010-11-05 03:53:33 \| 000,139,264 \|——\| M] () MD5=A5722B31B8454EE1CC50753C93CFDB4E—C:\Windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll [2009-07-14 09:34:02 \| 000,045,056 \|——\| M] () MD5=2F2F5B9826563163B5266A6D1A5858E9—C:\Windows\assembly\GAC_MSIL\System.Web.Extensions.Design.resources\3.5.0.0_da_31bf3856ad364e35\System.Web.Extensions.Design.Resources.dll [2009-06-08 10:39:42 \| 000,049,152 \|——\| M] () MD5=7AD6287F57058241BE8E0AA013C49C31—C:\Windows\assembly\GAC_MSIL\System.Web.Extensions.Design.resources\3.5.0.0_ja_31bf3856ad364e35\System.Web.Extensions.Design.Resources.dll [2010-11-05 03:53:33 \| 000,335,872 \|——\| M] () MD5=C935E89C6F71F188282632F35A04D0C1—C:\Windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll [2009-07-14 09:34:02 \| 000,626,688 \|——\| M] () MD5=66A4B3D9B59F42A0023BFCC875170F3F—C:\Windows\assembly\GAC_MSIL\System.Web.Extensions.resources\3.5.0.0_da_31bf3856ad364e35\System.Web.Extensions.Resources.dll [2009-06-08 10:39:42 \| 000,643,072 \|——\| M] () MD5=82508D3E628204C4CF0AB181748D1555—C:\Windows\assembly\GAC_MSIL\System.Web.Extensions.resources\3.5.0.0_ja_31bf3856ad364e35\System.Web.Extensions.Resources.dll [2011-12-25 22:42:15 \| 001,277,952 \|——\| M] () MD5=58AD1FECFBAEE633D6326377D8E0982E—C:\Windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll [2010-11-05 03:53:38 \| 000,036,864 \|——\| M] () MD5=20A38C79D80113F279F47918A7587C13—C:\Windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_da_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll [2009-06-10 14:11:14 \| 000,086,016 \|——\| M] () MD5=7AB36ECA1B6292EB0C8229C7BAF7E8CE—C:\Windows\assembly\GAC_MSIL\System.Web.Mobile.resources\2.0.0.0_ja_b03f5f7f11d50a3a\System.Web.Mobile.resources.dll [2010-11-05 03:58:11 \| 000,835,584 \|——\| M] () MD5=18FDA35C607C486C0D5B91D7DD06CD17—C:\Windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll [2009-06-10 23:23:20 \| 000,077,824 \|——\| M] () MD5=1CDB3B55F1330F85A674B0B5927399F4—C:\Windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll [2010-11-13 03:22:26 \| 000,593,920 \|——\| M] () MD5=39ED0D83E8055D99D5E453F3789E6480—C:\Windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_da_b03f5f7f11d50a3a\System.Web.resources.dll [2010-11-13 01:18:15 \| 000,671,744 \|——\| M] () MD5=D8E45BA77C82E87E89BC7C1219A92216—C:\Windows\assembly\GAC_MSIL\System.Web.resources\2.0.0.0_ja_b03f5f7f11d50a3a\System.Web.Resources.dll [2009-07-14 09:34:02 \| 000,007,168 \|——\| M] () MD5=9F10B200662474DA672971739B9B793B—C:\Windows\assembly\GAC_MSIL\System.Web.Routing.resources\3.5.0.0_da_31bf3856ad364e35\System.Web.Routing.Resources.dll [2009-06-08 10:39:42 \| 000,007,680 \|——\| M] () MD5=E7703D5118B99437F2012B277721CE78—C:\Windows\assembly\GAC_MSIL\System.Web.Routing.resources\3.5.0.0_ja_31bf3856ad364e35\System.Web.Routing.Resources.dll [2010-11-05 03:53:33 \| 000,061,440 \|——\| M] () MD5=6D138BD2348457A5097F2772C78FE094—C:\Windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll [2009-07-14 09:33:47 \| 000,081,920 \|——\| M] () MD5=69921DDF1E1E4F1F103E4689627D6701—C:\Windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_da_b03f5f7f11d50a3a\System.Web.Services.resources.dll [2009-06-10 14:11:14 \| 000,090,112 \|——\| M] () MD5=F1445CFD197945C56C89F382E0647140—C:\Windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_ja_b03f5f7f11d50a3a\System.Web.Services.Resources.dll [2010-11-05 03:58:12 \| 000,839,680 \|——\| M] () MD5=8C0B098B41A27B08D58CAE7A61A3BA19—C:\Windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll [2010-11-13 04:04:01 \| 000,409,600 \|——\| M] () MD5=19B010EBB9F473730EC3A68F6799A138—C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_da_b77a5c561934e089\System.Windows.Forms.resources.dll [2010-11-13 02:00:20 \| 000,466,944 \|——\| M] () MD5=F0761C461B7EEFAF9FE68858C0EA4933—C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_ja_b77a5c561934e089\System.Windows.Forms.Resources.dll [2012-01-04 04:51:04 \| 005,025,792 \|——\| M] () MD5=33994DFF03481DB13CA3E37DB920E1B2—C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll [2009-06-08 10:39:42 \| 000,003,584 \|——\| M] () MD5=E5D703B08882E3A5B0DF7556F2000FB5—C:\Windows\assembly\GAC_MSIL\System.Windows.Presentation.resources\3.5.0.0_ja_b77a5c561934e089\System.Windows.Presentation.resources.dll [2009-06-10 23:15:18 \| 000,012,288 \|——\| M] () MD5=1CCEE8037C8EF9A08DD0ADB7E3E38D78—C:\Windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll [2009-07-14 09:34:02 \| 000,180,224 \|——\| M] () MD5=6CBA4F61F00D47070856CF7EBDFF85F0—C:\Windows\assembly\GAC_MSIL\system.workflow.activities.resources\3.0.0.0_da_31bf3856ad364e35\System.Workflow.Activities.resources.dll [2009-06-08 10:39:44 \| 000,192,512 \|——\| M] () MD5=95CF3D581F11EC9757CE5B973D93DC9D—C:\Windows\assembly\GAC_MSIL\system.workflow.activities.resources\3.0.0.0_ja_31bf3856ad364e35\System.Workflow.Activities.resources.dll [2010-11-05 03:53:45 \| 001,142,784 \|——\| M] () MD5=A422312AE61E44B166FAC615786296A1—C:\Windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll [2009-07-14 09:34:02 \| 000,307,200 \|——\| M] () MD5=6A8F26685DD3530CE0C022E9917C7055—C:\Windows\assembly\GAC_MSIL\system.workflow.componentmodel.resources\3.0.0.0_da_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll [2009-06-08 10:39:44 \| 000,323,584 \|——\| M] () MD5=513B42767E1768302F669936658F8365—C:\Windows\assembly\GAC_MSIL\system.workflow.componentmodel.resources\3.0.0.0_ja_31bf3856ad364e35\System.Workflow.ComponentModel.resources.dll [2010-11-05 03:53:46 \| 001,630,208 \|——\| M] () MD5=BD0B0F768E7E74C5CD7A34B8B4BCC81D—C:\Windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll [2010-11-05 03:53:41 \| 000,036,864 \|——\| M] () MD5=7A4B0E0B03B6C7BEB4A390350969BEA7—C:\Windows\assembly\GAC_MSIL\system.workflow.runtime.resources\3.0.0.0_da_31bf3856ad364e35\System.Workflow.Runtime.resources.dll [2010-11-05 04:00:34 \| 000,036,864 \|——\| M] () MD5=9BEC98C1A5986B985FBDD73D07F245B5—C:\Windows\assembly\GAC_MSIL\system.workflow.runtime.resources\3.0.0.0_ja_31bf3856ad364e35\System.Workflow.Runtime.resources.dll [2010-11-05 03:53:46 \| 000,540,672 \|——\| M] () MD5=32FF0E945F51F5147A8304026B5C19EA—C:\Windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll [2009-07-14 09:34:02 \| 000,102,400 \|——\| M] () MD5=EF9C647C8A0509647E95B0EDC7537C69—C:\Windows\assembly\GAC_MSIL\System.WorkflowServices.resources\3.5.0.0_da_31bf3856ad364e35\System.WorkflowServices.resources.dll [2009-06-08 10:39:42 \| 000,106,496 \|——\| M] () MD5=450049C48DAABC99D6150F191509E765—C:\Windows\assembly\GAC_MSIL\System.WorkflowServices.resources\3.5.0.0_ja_31bf3856ad364e35\System.WorkflowServices.resources.dll [2010-11-05 03:52:45 \| 000,507,904 \|——\| M] () MD5=CC3B424ED10A8E477B5D466188531F26—C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll [2010-11-05 03:53:34 \| 000,139,264 \|——\| M] () MD5=EF6CEBC989FBDAEEB83E5662F1499FC0—C:\Windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll [2009-07-14 09:33:51 \| 000,155,648 \|——\| M] () MD5=BE2D55BC1CFBB985E10EE9FAAAEA38FB—C:\Windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_da_b77a5c561934e089\System.xml.resources.dll [2009-06-10 14:11:14 \| 000,184,320 \|——\| M] () MD5=C379DA49BE50FE01D9CF4A133E7D3DA8—C:\Windows\assembly\GAC_MSIL\System.XML.resources\2.0.0.0_ja_b77a5c561934e089\System.xml.Resources.dll [2010-11-05 03:58:14 \| 002,048,000 \|——\| M] () MD5=5B3FA17E1CD6FBBDF41AC34DAEECC256—C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll [2012-01-04 04:51:03 \| 003,190,784 \|——\| M] () MD5=5259AD96BE93F3DC9B649759DAC05B7A—C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll [2009-07-14 09:33:44 \| 000,007,680 \|——\| M] () MD5=33EB23CCB41FB7F1A08D064395B302B8—C:\Windows\assembly\GAC_MSIL\TaskScheduler.Resources\6.1.0.0_da_31bf3856ad364e35\TaskScheduler.resources.dll [2010-02-23 12:44:31 \| 000,007,168 \|——\| M] () MD5=ABBF43F681EF160CAAB7C41BC289DA06—C:\Windows\assembly\GAC_MSIL\TaskScheduler.Resources\6.1.0.0_en_31bf3856ad364e35\TaskScheduler.resources.dll [2010-11-20 14:14:19 \| 000,007,680 \|——\| M] () MD5=1764D29E823A9976FCCF29293C7A8C33—C:\Windows\assembly\GAC_MSIL\TaskScheduler.Resources\6.1.0.0_ja_31bf3856ad364e35\TaskScheduler.resources.dll [2010-11-20 14:36:00 \| 000,167,936 \|——\| M] () MD5=1D264989FFABEF36745304F5DD216DC7—C:\Windows\assembly\GAC_MSIL\TaskScheduler\6.1.0.0__31bf3856ad364e35\TaskScheduler.dll [2009-07-14 09:34:02 \| 000,004,096 \|——\| M] () MD5=6D3DE095B2083CB881E44D88B182DDA9—C:\Windows\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_da_31bf3856ad364e35\UIAutomationClient.resources.dll [2009-06-08 10:39:44 \| 000,004,096 \|——\| M] () MD5=2F7DBB0B571226691B43658C7E15C166—C:\Windows\assembly\GAC_MSIL\UIAutomationClient.resources\3.0.0.0_ja_31bf3856ad364e35\UIAutomationClient.resources.dll [2009-06-10 23:14:45 \| 000,172,032 \|——\| M] () MD5=3F47DB8D603A84FBF1154901AAC177CD—C:\Windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll [2009-07-14 09:34:02 \| 000,008,192 \|——\| M] () MD5=98EE5EBDA385A75725CFB43553A5AFB1—C:\Windows\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_da_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll [2009-06-08 10:39:44 \| 000,008,192 \|——\| M] () MD5=5BDAE3AE842C9976B98C1ABB2D3B2C7D—C:\Windows\assembly\GAC_MSIL\UIAutomationClientsideProviders.resources\3.0.0.0_ja_31bf3856ad364e35\UIAutomationClientsideProviders.resources.dll [2009-06-10 23:14:46 \| 000,380,928 \|——\| M] () MD5=32D7B8CC805D2DA70D01DA89982DCE1D—C:\Windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll [2009-07-14 09:34:02 \| 000,004,096 \|——\| M] () MD5=85930AFBAD3FD0DB2991A26F7CB4269B—C:\Windows\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_da_31bf3856ad364e35\UIAutomationProvider.resources.dll [2009-06-08 10:39:44 \| 000,004,096 \|——\| M] () MD5=4C0755FB40BAC9353C07233307BE343A—C:\Windows\assembly\GAC_MSIL\UIAutomationProvider.resources\3.0.0.0_ja_31bf3856ad364e35\UIAutomationProvider.resources.dll [2009-06-10 23:14:46 \| 000,040,960 \|——\| M] () MD5=0D2A84FF4383B4F41EDA8B4DE2D45D6C—C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll [2010-11-05 03:53:41 \| 000,007,168 \|——\| M] () MD5=E815EB4DC7969261A2A455825807DE6D—C:\Windows\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_da_31bf3856ad364e35\UIAutomationTypes.resources.dll [2009-06-08 10:39:44 \| 000,007,168 \|——\| M] () MD5=D76F42ED35D16D83682ED4B2D6730306—C:\Windows\assembly\GAC_MSIL\UIAutomationTypes.resources\3.0.0.0_ja_31bf3856ad364e35\UIAutomationTypes.resources.dll [2009-06-10 23:14:46 \| 000,098,304 \|——\| M] () MD5=62DF8C1D169752DF885E44D21309F7E6—C:\Windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll [2010-11-05 03:53:41 \| 000,086,016 \|——\| M] () MD5=99D60D7EAB2BFF5B14E3FB1E3181BE67—C:\Windows\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_da_31b
[ Ignorer ] [ # 23 ] 2903jb
03.06.2012 16:33:15 Antal indlæg: 22	OTL Extras logfile created on: 03-06-2012 16:00:49 - Run 1 OTL by OldTimer - Version 3.2.45.0 Folder = C:\Users\Hellfire\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000406 \| Country: Danmark \| Language: DAN \| Date Format: dd-MM-yyyy 12,00 Gb Total Physical Memory \| 9,66 Gb Available Physical Memory \| 80,49% Memory free 24,00 Gb Paging File \| 21,60 Gb Available in Paging File \| 90,02% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files (x86) Drive C: \| 921,75 Gb Total Space \| 566,86 Gb Free Space \| 61,50% Space Free \| Partition Type: NTFS Drive D: \| 4,06 Gb Total Space \| 0,00 Gb Free Space \| 0,00% Space Free \| Partition Type: UDF Drive E: \| 931,51 Gb Total Space \| 252,31 Gb Free Space \| 27,09% Space Free \| Partition Type: NTFS Drive F: \| 931,51 Gb Total Space \| 178,15 Gb Free Space \| 19,12% Space Free \| Partition Type: NTFS Drive H: \| 465,76 Gb Total Space \| 74,28 Gb Free Space \| 15,95% Space Free \| Partition Type: NTFS Computer Name: HELLFIRE-PC \| User Name: Hellfire \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: All users \| Include 64bit Scans Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut]—C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile]—C:\Windows\SysWow64\control.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open]—“%1” %* cmdfile [open]—“%1” %* comfile [open]—“%1” %* exefile [open]—“%1” %* helpfile [open]—Reg Error: Key error. htmlfile [edit]—Reg Error: Key error. htmlfile [print]—rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML “%1” (Microsoft Corporation) inffile [install]—%SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) InternetShortcut [open]—“C:\Windows\System32\rundll32.exe” “C:\Windows\System32\ieframe.dll”,OpenURL %l (Microsoft Corporation) InternetShortcut [print]—“C:\Windows\System32\rundll32.exe” “C:\Windows\System32\mshtml.dll”,PrintHTML “%1” (Microsoft Corporation) piffile [open]—“%1” %* regfile [merge]—Reg Error: Key error. scrfile [config]—“%1” scrfile [install]—rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open]—“%1” /S txtfile [edit]—Reg Error: Key error. Unknown [openas]—%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC]—“C:\Program Files (x86)\VideoLAN\VLC\vlc.exe”—started-from-file—playlist-enqueue “%1” () Directory [cmd]—cmd.exe /s /k pushd “%V” (Microsoft Corporation) Directory [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC]—“C:\Program Files (x86)\VideoLAN\VLC\vlc.exe”—started-from-file—no-playlist-enqueue “%1” () Directory [Winamp.Bookmark]—“C:\Program Files (x86)\Winamp\winamp.exe” /BOOKMARK “%1” (Nullsoft, Inc.) Directory [Winamp.Enqueue]—“C:\Program Files (x86)\Winamp\winamp.exe” /ADD “%1” (Nullsoft, Inc.) Directory [Winamp.Play]—“C:\Program Files (x86)\Winamp\winamp.exe” “%1” (Nullsoft, Inc.) Folder [open]—%SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore]—Reg Error: Value error. Drive [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open]—“%1” %* cmdfile [open]—“%1” %* comfile [open]—“%1” %* cplfile [cplopen]—%SystemRoot%\System32\control.exe “%1”,%* (Microsoft Corporation) exefile [open]—“%1” %* helpfile [open]—Reg Error: Key error. htmlfile [edit]—Reg Error: Key error. piffile [open]—“%1” %* regfile [merge]—Reg Error: Key error. scrfile [config]—“%1” scrfile [install]—rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open]—“%1” /S txtfile [edit]—Reg Error: Key error. Unknown [openas]—%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC]—“C:\Program Files (x86)\VideoLAN\VLC\vlc.exe”—started-from-file—playlist-enqueue “%1” () Directory [cmd]—cmd.exe /s /k pushd “%V” (Microsoft Corporation) Directory [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC]—“C:\Program Files (x86)\VideoLAN\VLC\vlc.exe”—started-from-file—no-playlist-enqueue “%1” () Directory [Winamp.Bookmark]—“C:\Program Files (x86)\Winamp\winamp.exe” /BOOKMARK “%1” (Nullsoft, Inc.) Directory [Winamp.Enqueue]—“C:\Program Files (x86)\Winamp\winamp.exe” /ADD “%1” (Nullsoft, Inc.) Directory [Winamp.Play]—“C:\Program Files (x86)\Winamp\winamp.exe” “%1” (Nullsoft, Inc.) Folder [open]—%SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore]—Reg Error: Value error. Drive [find]—%SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] “cval” = 1 “FirewallDisableNotify” = 0 “AntiVirusDisableNotify” = 0 “UpdatesDisableNotify” = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] “VistaSp1” = 28 4D B2 76 41 04 CA 01 [binary data] “AntiVirusOverride” = 0 “AntiSpywareOverride” = 0 “FirewallOverride” = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] “FirewallDisableNotify” = 0 “AntiVirusDisableNotify” = 0 “UpdatesDisableNotify” = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] “DisableSR” = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] “DisableNotifications” = 0 “EnableFirewall” = 1 “DoNotAllowExceptions” = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] “DisableNotifications” = 0 “EnableFirewall” = 1 “DoNotAllowExceptions” = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] “DisableNotifications” = 0 “EnableFirewall” = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] “C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe” = [String data over 1000 bytes] “C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe” = [String data over 1000 bytes] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] “{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}” = rport=445 \| protocol=6 \| dir=out \| app=system \| “{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}” = lport=138 \| protocol=17 \| dir=in \| app=system \| “{08E024BB-596A-4DFF-A430-159062EB67CE}” = lport=10243 \| protocol=6 \| dir=in \| app=system \| “{1489B330-3BDA-4342-8ADA-12C9AE30A468}” = lport=49180 \| protocol=6 \| dir=in \| name=akamai netsession interface \| “{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}” = lport=2177 \| protocol=6 \| dir=in \| svc=qwave \| app=%systemroot%\system32\svchost.exe \| “{25B9D31D-64EC-44F5-900B-17177C3E5D3C}” = rport=1900 \| protocol=17 \| dir=out \| svc=ssdpsrv \| app=%systemroot%\system32\svchost.exe \| “{295EF879-34FC-4A05-A484-51AA1443280E}” = lport=445 \| protocol=6 \| dir=in \| app=system \| “{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}” = rport=2177 \| protocol=6 \| dir=out \| svc=qwave \| app=%systemroot%\system32\svchost.exe \| “{4084E937-EAAA-47EE-9520-7BE7CE434C09}” = lport=rpc \| protocol=6 \| dir=in \| svc=spooler \| app=%systemroot%\system32\spoolsv.exe \| “{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}” = lport=rpc-epmap \| protocol=6 \| dir=in \| svc=rpcss \| name=@firewallapi.dll,-28539 \| “{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}” = lport=139 \| protocol=6 \| dir=in \| app=system \| “{6364B77A-8796-4078-B3CC-5963A3E70B4F}” = rport=139 \| protocol=6 \| dir=out \| app=system \| “{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}” = lport=5355 \| protocol=17 \| dir=in \| svc=dnscache \| app=%systemroot%\system32\svchost.exe \| “{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}” = rport=138 \| protocol=17 \| dir=out \| app=system \| “{86444BB3-291D-4D31-A046-BB4AA3243C28}” = rport=5355 \| protocol=17 \| dir=out \| svc=dnscache \| app=%systemroot%\system32\svchost.exe \| “{AF8150A9-8B4A-4262-900E-D368942052B3}” = lport=2869 \| protocol=6 \| dir=in \| app=system \| “{BE10AB93-C4A6-464B-BE93-069E778BFF99}” = rport=10243 \| protocol=6 \| dir=out \| app=system \| “{C232D951-55E7-4D04-9346-F88A07FC0B22}” = lport=137 \| protocol=17 \| dir=in \| app=system \| “{C428A183-FD79-40B5-990D-895328F43AC8}” = lport=1900 \| protocol=17 \| dir=in \| svc=ssdpsrv \| app=%systemroot%\system32\svchost.exe \| “{C9CB94CA-8D02-4B77-B11F-541ABBA576CF}” = lport=5000 \| protocol=17 \| dir=in \| name=akamai netsession interface \| “{CF0676E6-E2EC-438A-9741-7029DEBD00CE}” = rport=2177 \| protocol=17 \| dir=out \| svc=qwave \| app=%systemroot%\system32\svchost.exe \| “{ED1E9AF1-601B-49FF-98C9-4DABBC4C1627}” = lport=5000 \| protocol=17 \| dir=in \| name=akamai netsession interface \| “{F2F1284A-2DC4-4BAD-BDF8-3D8BB1C8FE6D}” = lport=1900 \| protocol=17 \| dir=in \| svc=ssdpsrv \| app=c:\windows\system32\svchost.exe \| “{F534D21D-02A4-4E48-A237-A3745ED5E6D3}” = rport=137 \| protocol=17 \| dir=out \| app=system \| “{F8B05589-6F60-4C5F-92E1-4AE7AC1B37B7}” = lport=49174 \| protocol=6 \| dir=in \| name=akamai netsession interface \| “{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}” = lport=2177 \| protocol=17 \| dir=in \| svc=qwave \| app=%systemroot%\system32\svchost.exe \| ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] “{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}” = protocol=58 \| dir=in \| name=@firewallapi.dll,-28545 \| “{02A4D600-582A-4C14-ADFE-C125CF0CB18F}” = protocol=17 \| dir=in \| app=%programfiles%\windows media player\wmpnetwk.exe \| “{1473D86F-6F04-46A3-9153-CD04272511DC}” = protocol=6 \| dir=out \| svc=upnphost \| app=%systemroot%\system32\svchost.exe \| “{2934B932-0E7E-47C3-A394-471BF72F83AD}” = protocol=6 \| dir=in \| app=c:\users\hellfire\appdata\local\vghd\bin\virtuagirl_downloader.exe \| “{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}” = protocol=1 \| dir=in \| name=@firewallapi.dll,-28543 \| “{56E808A1-BFD0-4B79-B567-B9FA848D697F}” = protocol=1 \| dir=out \| name=@firewallapi.dll,-28544 \| “{5EF123C8-3B87-4D6F-895C-E0D68098A36F}” = protocol=17 \| dir=in \| app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe \| “{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}” = protocol=17 \| dir=in \| app=%programfiles%\windows media player\wmplayer.exe \| “{62F27534-2769-4D2F-B42F-E96E62F64F44}” = protocol=17 \| dir=in \| app=%programfiles%\windows media player\wmplayer.exe \| “{65901CFC-D156-4C8F-90EA-C26D256CA195}” = protocol=17 \| dir=out \| app=%programfiles%\windows media player\wmplayer.exe \| “{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}” = protocol=6 \| dir=in \| app=%programfiles%\windows media player\wmpnetwk.exe \| “{8592BCFB-71C8-43CF-8073-891F62E7351B}” = protocol=6 \| dir=in \| app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe \| “{8642AF85-31DC-4BB3-8E9D-1E478C224084}” = protocol=6 \| dir=out \| app=%programfiles%\windows media player\wmplayer.exe \| “{8ECD3587-D0BF-4318-9878-9BA14253CC4B}” = protocol=17 \| dir=in \| app=c:\users\hellfire\appdata\local\vghd\bin\virtuagirl_downloader.exe \| “{A5589677-56C4-46C1-A86B-1F0B5425786F}” = protocol=6 \| dir=out \| app=%programfiles%\windows media player\wmplayer.exe \| “{AB3FBA72-52C3-4476-9A38-230DBE05659B}” = protocol=17 \| dir=in \| app=%programfiles(x86)%\windows media player\wmplayer.exe \| “{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}” = protocol=6 \| dir=out \| app=system \| “{CE504808-152F-4073-8BB9-0F8E7C4D30C6}” = protocol=17 \| dir=out \| app=%programfiles(x86)%\windows media player\wmplayer.exe \| “{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}” = protocol=17 \| dir=out \| app=%programfiles%\windows media player\wmplayer.exe \| “{E8715BB0-E132-4617-B344-62E03BFE2C1C}” = protocol=58 \| dir=out \| name=@firewallapi.dll,-28546 \| “{E926E57D-011D-4F63-BCC5-FFCFDC28D091}” = protocol=6 \| dir=out \| app=%programfiles(x86)%\windows media player\wmplayer.exe \| “{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}” = protocol=6 \| dir=out \| app=%programfiles%\windows media player\wmpnetwk.exe \| “{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}” = protocol=17 \| dir=out \| app=%programfiles%\windows media player\wmpnetwk.exe \| “TCP Query User{524706CD-3904-43C7-9938-C9BD884B67EE}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe” = protocol=6 \| dir=in \| app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe \| “TCP Query User{D45DC2C0-D75B-44EA-BBAA-9DCD7B72AD3F}C:\users\hellfire\appdata\local\akamai\netsession_win.exe” = protocol=6 \| dir=in \| app=c:\users\hellfire\appdata\local\akamai\netsession_win.exe \| “UDP Query User{7FBF4D2E-066C-4422-83D8-4397BD18F559}C:\users\hellfire\appdata\local\akamai\netsession_win.exe” = protocol=17 \| dir=in \| app=c:\users\hellfire\appdata\local\akamai\netsession_win.exe \| “UDP Query User{A6B07301-4535-4509-A1D7-9F2DD69EB742}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe” = protocol=17 \| dir=in \| app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe \| ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] “{071c9b48-7c32-4621-a0ac-3f809523288f}” = Microsoft Visual C++ 2005 Redistributable (x64) “{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1” = Core Temp version 0.99.7 “{0C826C5B-B131-423A-A229-C71B3CACCD6A}” = CDDRV_Installer “{1374CC63-B520-4f3f-98E8-E9020BF01CFF}” = Windows XP Mode “{1E9FC118-651D-4934-97BE-E53CAE5C7D45}” = Microsoft_VC80_MFCLOC_x86_x64 “{26A24AE4-039D-4CA4-87B4-2F86416027FF}” = Java(TM) 6 Update 27 (64-bit) “{2eeef4d9-e5f4-4fb8-b67f-fe3e9ebb2efb}.sdb” = Kabod “{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}” = Microsoft_VC80_CRT_x86_x64 “{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}” = iTunes “{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}” = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 “{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}” = Bonjour “{8220EEFE-38CD-377E-8595-13398D740ACE}” = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 “{8557397C-A42D-486F-97B3-A2CBC2372593}” = Microsoft_VC90_ATL_x86_x64 “{8E34682C-8118-31F1-BC4C-98CD9675E1C2}” = Microsoft .NET Framework 4 Extended “{90140000-006D-0406-1000-0000000FF1CE}” = Microsoft Office Klik og kør 2010 “{925D058B-564A-443A-B4B2-7E90C6432E55}” = Microsoft_VC80_ATL_x86_x64 “{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}” = Microsoft_VC90_CRT_x86_x64 “{95120000-00B9-0409-1000-0000000FF1CE}” = Microsoft Application Error Reporting “{99830F57-829F-3185-99EF-B364AA00A216}” = Microsoft .NET Framework 4 Extended DAN Language Pack “{9B48B0AC-C813-4174-9042-476A887592C7}” = Tilmeldingsassistent til Windows Live ID “{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}” = Microsoft_VC90_MFC_x86_x64 “{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}” = Microsoft Visual C++ 2005 Redistributable (x64) “{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision” = NVIDIA 3D Vision-driver 295.73 “{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel” = NVIDIA Kontrolpanel 295.73 “{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver” = NVIDIA Grafikdriver 295.73 “{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB” = NVIDIA 3D Vision Controllerdriver 295.73 “{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX” = NVIDIA PhysX-systemsoftware 9.12.0209 “{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update” = NVIDIA Opdateringer 1.7.11 “{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver” = NVIDIA HD-lyddriver 1.3.12.0 “{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer” = NVIDIA Install Application “{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update” = NVIDIA Update Components “{B6E3757B-5E77-3915-866A-CCFC4B8D194C}” = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 “{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}” = Apple Mobile Device Support “{BCD70DD0-A083-4306-A7DE-E8C2064D1938}” = Windows Live Family Safety “{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}” = Microsoft_VC80_MFC_x86_x64 “{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}” = SUPERAntiSpyware “{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}” = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 “{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb” = Microsoft Windows Application Compatibility Database “{EE936C7A-EA40-31D5-9B65-8E3E089C3828}” = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 “{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}” = Ventrilo Client for Windows x64 “{F3F18612-7B5D-4C05-86C9-AB50F6F71727}” = KhalInstallWrapper “{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}” = Microsoft .NET Framework 4 Client Profile “{F83E9BF0-B8D8-3D68-9E07-7505290C2202}” = Microsoft .NET Framework 4 Client Profile DAN Language Pack “Adobe Flash Player ActiveX” = Adobe Flash Player 11 ActiveX 64-bit “Adobe Flash Player Plugin” = Adobe Flash Player 11 Plugin 64-bit “CCleaner” = CCleaner “DriverAgent.exe” = DriverAgent by eSupport.com “MediaInfo” = MediaInfo 0.7.37 “Microsoft .NET Framework 4 Client Profile” = Microsoft .NET Framework 4 Client Profile “Microsoft .NET Framework 4 Client Profile DAN Language Pack” = Microsoft .NET Framework 4 Client Profile DAN sprogpakke “Microsoft .NET Framework 4 Extended” = Microsoft .NET Framework 4 Extended “Microsoft .NET Framework 4 Extended DAN Language Pack” = Microsoft .NET Framework 4 Extended DAN sprogpakke “Recuva” = Recuva “TeamSpeak 3 Client” = TeamSpeak 3 Client “WinRAR archiver” = WinRAR arkivering [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] “{0059ECD1-BB50-41CF-B729-0958A120F152}” = Windows Live Messenger “{02B8DBC1-7312-43AF-8BA7-9F29CDD6B348}” = Windows Live Sync “{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}” = Microsoft_VC90_ATL_x86 “{048298C9-A4D3-490B-9FF9-AB023A9238F3}” = Steam “{08D2E121-7F6A-43EB-97FD-629B44903403}” = Microsoft_VC90_CRT_x86 “{0B8FE30C-D5B2-4453-B26B-E9BED2D11423}” = OTB “{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}” = Adobe Community Help “{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}” = Microsoft_VC80_ATL_x86 “{18455581-E099-4BA8-BC6B-F34B2F06600C}” = Google Toolbar for Internet Explorer “{19B5CAAF-3E36-40F4-83F2-45E0D258000C}” = 神採りアルケミーマイスター Append02 “{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 “{205C6BDD-7B73-42DE-8505-9A093F35A238}” = Overførselsværktøj til Windows Live “{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}” = MSVCRT “{2318C2B1-4965-11d4-9B18-009027A5CD4F}” = Google Toolbar for Internet Explorer “{26A24AE4-039D-4CA4-87B4-2F83216012FF}” = Java(TM) 6 Update 27 “{26A24AE4-039D-4CA4-87B4-2F83217002FF}” = Java(TM) 7 Update 2 “{28511D89-C359-46F3-ACAD-A97F129D0DE7}” = Windows Live Photo Gallery “{289AC7E0-0AEE-4a7b-913C-709D9803D23E}” = Nexon Game Manager “{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}” = Windows Live Communications Platform “{32E4F0D2-C135-475E-A841-1D59A0D22989}” = Sid Meier’s Civilization 4 - Beyond the Sword “{35CB6715-41F8-4F99-8881-6FC75BF054B0}” = Oblivion “{37491A3D-B2A6-402D-898E-5C4EF3984C29}” = Adobe Flash Media Live Encoder 3.1 “{38468127-9E6F-4FC9-B5F7-42D4AD437D96}” = Unigine Heaven Benchmark v2.1 “{394BE3D9-7F57-4638-A8D1-1D88671913B7}” = piaip AppLocale “{3E4B349F-10B5-4586-9D99-489A90A8B228}” = Sid Meier’s Civilization 4 - Warlords “{41810510-3CE0-425B-BE07-B9793731737F}” = 神採りアルケミーマイスター “{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}” = Sid Meier’s Civilization 4 “{45A66726-69BC-466B-A7A4-12FCBA4883D7}” = HiJackThis “{4A03706F-666A-4037-7777-5F2748764D10}” = Java Auto Updater “{4CB0307C-565E-4441-86BE-0DF2E4FB828C}” = Microsoft Games for Windows Marketplace “{4EAE665D-957A-4D04-9679-3AD582008877}” = NVIDIA PhysX “{5569C99B-129C-426E-920A-FD1F0DC01FDC}” = Dawn “{57752979-A1C9-4C02-856B-FBB27AC4E02C}” = QuickTime “{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}” = RGSS-RTP Standard “{5D112C61-C8D0-4718-8DD7-B9115EB9AF90}” = LogMeIn “{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}” = NCsoft Launcher “{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}” = Microsoft_VC90_MFC_x86 “{66712EEE-ECBC-4CA6-A474-dream-video-converter}_is1” = Dream Video Converter Ultimate 3.8.5 “{681F447D-49EC-4D5D-AE0A-145A8AA4E239}” = Nalu “{6AC9C43D-7117-48AE-A22F-C7CDCF08C046}” = Windows Live Movie Maker “{6B755EC3-C709-4F5C-BC58-BC0D3967B6B6}” = Folding@home-x86 “{6F7A9C3D-4A5A-4C56-B156-364F2CB418F0}” = Ustream Producer “{7067E219-F48C-4AC6-AD2F-F90CB23C3616}” = UltraEdit 16.10 “{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}” = Microsoft Visual C++ 2005 Redistributable “{770657D0-A123-3C07-8E44-1C83EC895118}” = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 “{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}” = Apple Software Update “{800F3931-0773-4BF2-ACF3-DF0A9CF2528D}” = Koihime_Musou “{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}” = Microsoft Games for Windows - LIVE Redistributable “{888F1505-C2B3-4FDE-835D-36353EBD4754}” = Ubisoft Game Launcher “{88E16899-9A4E-4AEE-AB5C-20E318E4D3D0}” = らぶデス４ “{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}” = Microsoft Silverlight “{8A74E887-8F0F-4017-AF53-CBA42211AAA5}” = Microsoft Sync Framework Runtime Native v1.0 (x86) “{8E5233E1-7495-44FB-8DEB-4BE906D59619}” = Junk Mail filter update “{90140011-0066-0406-0000-0000000FF1CE}” = Microsoft Office Starter 2010 - dansk “{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}” = Microsoft_VC80_CRT_x86 “{95140000-0070-0000-0000-0000000FF1CE}” = Microsoft Office 2010 “{97D23E68-AF01-4B69-B31E-7DFC209D01F3}” = Open XML Editor “{9A25302D-30C0-39D9-BD6F-21E6EC160475}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 “{9B34CAC6-738F-4A20-B428-A115C3E3474C}” = RPGXP “{9BE518E6-ECC6-35A9-88E4-87755C07200F}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 “{9C1BB613-F398-49B7-B346-5DEBA8ABBF38}” = FINAL FANTASY XIV Beta Version “{A2BCA9F1-566C-4805-97D1-7FDC93386723}” = Adobe AIR “{A2S166A0-F031-4E27-A057-C69733219434}_is1” = TERA “{A498D9EB-927B-459B-85D6-DD6EF8C2C564}” = erLT “{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}” = Google Update Helper “{AC522CE8-8970-4B8C-B916-694A84B8721D}_is1” = Escalation ADV version Escalation ADV v1.0 “{AC76BA86-7AD7-1030-7B44-A95000000001}” = Adobe Reader 9.5.1 - Dansk “{AF1C5EE9-1C87-44F5-B342-18BB3B745EEF}” = Aion “{B6CF2967-C81E-40C0-9815-C05774FEF120}” = Skype Click to Call “{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}” = Microsoft Sync Framework Services Native v1.0 (x86) “{BFD09E5B-6D40-4CAD-A349-103BFEF1C574}” = Windows Live Mail “{C48AD49C-9BBF-4056-B756-846C8548507E}_is1” = Oxin’s Style! Hentai3D 2.056.001 “{C7B5C8A0-CE3F-4645-A0B6-B5515794076D}” = 神採りアルケミーマイスター Ver2.00 Update “{CA57F104-ECEC-4B31-AD58-DACACF85B4F4}_is1” = Escalation Yukkuri Panic! version 1.0 “{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}” = Sid Meier’s Civilization 4 “{D1A19B02-817E-4296-A45B-07853FD74D57}” = Microsoft_VC80_MFC_x86 “{D203AE01-C8EB-43D8-A5C5-DCF891446FEA}” = Windows Live Essentials “{D33821BB-7E4D-4F8B-BC7E-BDC7451DB627}” = Dusk With Help “{D7A0A22A-C132-4B6F-8D68-67B95117DE93}” = RIFT “{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}” = Microsoft_VC80_MFCLOC_x86 “{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}” = Adobe Media Player “{E76CDDCE-EFC0-4FE5-9972-9489CE49AA55}_is1” = NeoDownloader 2.3c “{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}” = Nexon Game Manager “{EAD475E8-14E5-4854-8AF5-CE6B4024237C}_is1” = Rappelz_US “{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}” = Apple Application Support “{EFE563B0-DDDB-45AF-B49A-C109C93E5F35}” = 神採りアルケミーマイスター Append01 “{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}” = Microsoft SQL Server 2005 Compact Edition [ENU] “{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}” = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 “{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}” = Microsoft Choice Guard “{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}” = Logitech SetPoint “{F5616601-3B5C-4C7D-8EFE-0CF5245868DF}” = メンアットワーク！２　ハンターアカデミーへようこそ “{FC0C6E54-BCD4-42C5-BEAA-4FFFEC499EE0}” = Windows Live Writer “{FE0646A7-19D0-41B4-A2BB-2C35D644270D}” = Windows Live OneCare safety scanner “{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}” = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 “{AA59DDE4-B672-4621-A016-4C248204957A}” = Skype™ 5.5 “7-Zip” = 7-Zip 4.65 “AC3Filter_is1” = AC3Filter 1.63b “Adobe AIR” = Adobe AIR “Adobe Shockwave Player” = Adobe Shockwave Player 11.5 “Afterburner” = MSI Afterburner 1.6.1 “Akamai” = Akamai NetSession Interface Service “AudioCS” = Creative Audio Console “AVG Secure Search” = AVG Security Toolbar “AviSynth” = AviSynth 2.5 “AVS Update Manager_is1” = AVS Update Manager 1.0 “AVS4YOU Software Navigator_is1” = AVS4YOU Software Navigator 1.4 “AVS4YOU Video Converter 7_is1” = AVS Video Converter 8 “BandiMPEG1” = Bandisoft MPEG-1 Decoder “Bass Audio Decoder” = Bass Audio Decoder (remove only) “BitTorrentBar Toolbar” = BitTorrentBar Toolbar “Blades of Time_is1” = Blades of Time “CD Audio Reader Filter” = CD Audio Reader Filter (remove only) “chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1” = Adobe Community Help “com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1” = Adobe Media Player “Combined Community Codec Pack_is1” = Combined Community Codec Pack 2010-10-10 “conduitEngine” = Conduit Engine “Cool Edit Pro 2.0” = Cool Edit Pro 2.0 “Creative Software AutoUpdate” = Creative Software AutoUpdate “DCoder Image Source” = DCoder Image Source (remove only) “Diablo III” = Diablo III “DirectVobSub” = DirectVobSub (remove only) “Dragonica(EN)” = Dragonica(EN) “DScaler 5 Mpeg Decoders_is1” = DScaler 5 Mpeg Decoders “Dyyno Broadcaster” = Dyyno Broadcaster “Edelweiss_is1” = Edelweiss “ERUNT_is1” = ERUNT 1.1j “ESET Online Scanner” = ESET Online Scanner v3 “EVE” = EVE Online (remove only) “EVEMon” = EVEMon “ffdshow_is1” = ffdshow [rev 3124] [2009-11-03] “FFMPEG Core Files” = FFMPEG Core Files (remove only) “ƒJƒXƒ^ƒ€ƒƒCƒh3D” = ƒJƒXƒ^ƒ€ƒƒCƒh3D “Free YouTube Download_is1” = Free YouTube Download 2.9 “Freemake Video Converter_is1” = Freemake Video Converter version 2.3.0 “Gabest MPEG Splitter” = Gabest MPEG Splitter (remove only) “Google Chrome” = Google Chrome “Google Chrome Frame” = Google Chrome Frame “Grand Fantasia” = Grand Fantasia “Hotmail & MSN Password Recovery” = Hotmail & MSN Password Recovery “HaaliMkx” = Haali Media Splitter “InFlac” = InFlac 1.1.1 “InstallShield_{19B5CAAF-3E36-40F4-83F2-45E0D258000C}” = 神採りアルケミーマイスター Append02 “InstallShield_{41810510-3CE0-425B-BE07-B9793731737F}” = 神採りアルケミーマイスター “InstallShield_{C7B5C8A0-CE3F-4645-A0B6-B5515794076D}” = 神採りアルケミーマイスター Ver2.00 Update “InstallShield_{D33821BB-7E4D-4F8B-BC7E-BDC7451DB627}” = Dusk With Help “InstallShield_{D7A0A22A-C132-4B6F-8D68-67B95117DE93}” = RIFT “InstallShield_{EFE563B0-DDDB-45AF-B49A-C109C93E5F35}” = 神採りアルケミーマイスター Append01 “InstallShield_{F5616601-3B5C-4C7D-8EFE-0CF5245868DF}” = メンアットワーク！２　ハンターアカデミーへようこそ “Jagged Alliance 2 Gold Pack” = Jagged Alliance 2 Gold Pack “JDownloader” = JDownloader “KabodOnline” = KabodOnline “Kings Bounty Armored Princess_is1” = Kings Bounty Armored Princess “Malwarebytes’ Anti-Malware_is1” = Malwarebytes Anti-Malware version 1.61.0.1400 “MONOGRAM AMR Splitter/Decoder” = MONOGRAM AMR Splitter/Decoder (remove only) “Mozilla Firefox (3.6.18)” = Mozilla Firefox (3.6.18) “Nvidia Girls Nude Patch BETA1.5” = Nvidia Girls Nude Patch BETA “NVIDIA StereoUSB Driver” = NVIDIA 3D Vision Controller Driver “NVIDIAStereo” = NVIDIA Stereoscopic 3D Driver “Oblivion mod manager_is1” = Oblivion mod manager 1.1.12 “Office14.Click2Run” = Microsoft Office Klik og kør 2010 “Open XML Editor” = Open XML Editor “OpenAL” = OpenAL “OpenSource AVI Splitter” = OpenSource AVI Splitter (remove only) “OpenSource DTS/AC3/DD+ Source Filter” = OpenSource DTS/AC3/DD+ Source Filter (remove only) “OpenTTD” = OpenTTD 1.0.5 “Proxifier_is1” = Proxifier version 2.91 “PS3 Media Server” = PS3 Media Server “PsylonCleanTree” = CleanTree - Psylon “RADVideo” = RAD Video Tools “RapeLay” = RapeLay (remove only) “RealMedia” = RealMedia (remove only) “RPG Maker VX RTP_is1” = RPG Maker VX RTP “searchya” = SearchYa Toolbar on IE and Chrome “Sengoku Rance English_is1” = Sengoku Rance English v1.01 “SHOUTcast Source” = SHOUTcast Source (remove only) “SMPlayer” = SMPlayer 0.6.8 “Solid YouTube Downloader and Converter DB Toolbar” = Solid YouTube Downloader and Converter DB Toolbar “soushin3” = ‘€Sp‚R “SpeedFan” = SpeedFan (remove only) “StarCraft II” = StarCraft II “Steam App 70400” = Recettear: An Item Shop’s Tale “Swiff Player_is1” = Swiff Player 1.7 “TeamViewer Manager 6” = TeamViewer Manager 6 “Uninstall_is1” = Uninstall 1.0.0.1 “Unlocker” = Unlocker 1.9.1 “VH Toolkit_is1” = VH Toolkit 1.0.44.0 “Vindictus” = Vindictus “Vindictus EU” = Vindictus EU “VLC media player” = VLC media player 2.0.1 “Winamp” = Winamp “Windows Live OneCare safety scanner” = Windows Live OneCare safety scanner “WinLiveSuite_Wave3” = Windows Live Essentials “WMV9_VCM” = Microsoft Windows Media Video 9 VCM “ZoomPlayer” = Zoom Player (remove only) ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1274949929-1441606062-917859839-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] “Akamai” = Akamai NetSession Interface “Dropbox” = Dropbox “UnityWebPlayer” = Unity Web Player “VidBlaster” = VidBlaster “VirtuaGirl_is1” = VirtuaGirl version 1.0.6.99 “Winamp Detect” = Winamp Detector Plug-in ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 28-11-2011 19:33:32 \| Computer Name = Hellfire-Pc \| Source = SideBySide \| ID = 16842787 Description = Aktiveringskontekstgenereringen mislykkedes for “c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe”. Der er en fejl i manifestet eller politikfilen “c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL” i linje 8. Den komponentidentitet, der blev fundet i manifestet, stemmer ikke overens med den anmodede komponents identitet. Reference er WLMFDS,processorArchitecture=“AMD64”,type=“win32”,version=“1.0.0.1”. Definition er WLMFDS,processorArchitecture=“x86”,type=“win32”,version=“1.0.0.1”. Anvend sxstrace.exe til detaljeret diagnose. Error - 28-11-2011 19:34:34 \| Computer Name = Hellfire-Pc \| Source = SideBySide \| ID = 16842811 Description = Aktiveringskontekstgenereringen mislykkedes for “c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll”. Der er en fejl i manifestet eller politikfilen “c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll” i linje 2. Ugyldig Xml-syntaks. Error - 29-11-2011 19:30:34 \| Computer Name = Hellfire-Pc \| Source = SideBySide \| ID = 16842827 Description = Aktiveringskontekstgenereringen mislykkedes for “C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe”. Der er en fejl i manifestet eller politikfilen “C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe” i linje 2. Flere requestedPrivileges-elementer er ikke tilladt i manifest. Error - 29-11-2011 19:31:48 \| Computer Name = Hellfire-Pc \| Source = SideBySide \| ID = 16842815 Description = Aktiveringskontekstgenereringen mislykkedes for “C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll”. Der er en fejl i manifestet eller politikfilen “C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll” i linje 3. Værdien “MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR” for attributten “version” i elementet “assemblyIdentity” er ugyldig. Error - 29-11-2011 19:33:42 \| Computer Name = Hellfire-Pc \| Source = SideBySide \| ID = 16842787 Description = Aktiveringskontekstgenereringen mislykkedes for “c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe”. Der er en fejl i manifestet eller politikfilen “c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL” i linje 8. Den komponentidentitet, der blev fundet i manifestet, stemmer ikke overens med den anmodede komponents identitet. Reference er WLMFDS,processorArchitecture=“AMD64”,type=“win32”,version=“1.0.0.1”. Definition er WLMFDS,processorArchitecture=“x86”,type=“win32”,version=“1.0.0.1”. Anvend sxstrace.exe til detaljeret diagnose. Error - 29-11-2011 19:34:46 \| Computer Name = Hellfire-Pc \| Source = SideBySide \| ID = 16842811 Description = Aktiveringskontekstgenereringen mislykkedes for “c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll”. Der er en fejl i manifestet eller politikfilen “c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll” i linje 2. Ugyldig Xml-syntaks. Error - 30-11-2011 19:30:43 \| Computer Name = Hellfire-Pc \| Source = SideBySide \| ID = 16842827 Description = Aktiveringskontekstgenereringen mislykkedes for “C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe”. Der er en fejl i manifestet eller politikfilen “C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe” i linje 2. Flere requestedPrivileges-elementer er ikke tilladt i manifest. Error - 30-11-2011 19:31:35 \| Computer Name = Hellfire-Pc \| Source = SideBySide \| ID = 16842815 Description = Aktiveringskontekstgenereringen mislykkedes for “C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll”. Der er en fejl i manifestet eller politikfilen “C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll” i linje 3. Værdien “MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR” for attributten “version” i elementet “assemblyIdentity” er ugyldig. Error - 30-11-2011 19:33:17 \| Computer Name = Hellfire-Pc \| Source = SideBySide \| ID = 16842787 Description = Aktiveringskontekstgenereringen mislykkedes for “c:\program files (x86)\windows live\photo gallery\MovieMaker.Exe”. Der er en fejl i manifestet eller politikfilen “c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL” i linje 8. Den komponentidentitet, der blev fundet i manifestet, stemmer ikke overens med den anmodede komponents identitet. Reference er WLMFDS,processorArchitecture=“AMD64”,type=“win32”,version=“1.0.0.1”. Definition er WLMFDS,processorArchitecture=“x86”,type=“win32”,version=“1.0.0.1”. Anvend sxstrace.exe til detaljeret diagnose. Error - 30-11-2011 19:34:20 \| Computer Name = Hellfire-Pc \| Source = SideBySide \| ID = 16842811 Description = Aktiveringskontekstgenereringen mislykkedes for “c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll”. Der er en fejl i manifestet eller politikfilen “c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll” i linje 2. Ugyldig Xml-syntaks. [ Media Center Events ] Error - 25-08-2010 21:14:58 \| Computer Name = Hellfire-Pc \| Source = MCUpdate \| ID = 0 Description = 03:14:58 - Fejl under oprettelse af forbindelse til internettet. 03:14:58 - Der kunne ikke oprettes forbindelse til serveren.. Error - 25-08-2010 22:15:03 \| Computer Name = Hellfire-Pc \| Source = MCUpdate \| ID = 0 Description = 04:15:03 - Fejl under oprettelse af forbindelse til internettet. 04:15:03 - Der kunne ikke oprettes forbindelse til serveren.. Error - 25-08-2010 22:15:08 \| Computer Name = Hellfire-Pc \| Source = MCUpdate \| ID = 0 Description = 04:15:08 - Fejl under oprettelse af forbindelse til internettet. 04:15:08 - Der kunne ikke oprettes forbindelse til serveren.. Error - 25-08-2010 23:15:13 \| Computer Name = Hellfire-Pc \| Source = MCUpdate \| ID = 0 Description = 05:15:13 - Fejl under oprettelse af forbindelse til internettet. 05:15:13 - Der kunne ikke oprettes forbindelse til serveren.. Error - 25-08-2010 23:15:18 \| Computer Name = Hellfire-Pc \| Source = MCUpdate \| ID = 0 Description = 05:15:18 - Fejl under oprettelse af forbindelse til internettet. 05:15:18 - Der kunne ikke oprettes forbindelse til serveren.. Error - 26-08-2010 00:15:23 \| Computer Name = Hellfire-Pc \| Source = MCUpdate \| ID = 0 Description = 06:15:23 - Fejl under oprettelse af forbindelse til internettet. 06:15:23 - Der kunne ikke oprettes forbindelse til serveren.. Error - 26-08-2010 00:15:29 \| Computer Name = Hellfire-Pc \| Source = MCUpdate \| ID = 0 Description = 06:15:28 - Fejl under oprettelse af forbindelse til internettet. 06:15:28 - Der kunne ikke oprettes forbindelse til serveren.. Error - 26-08-2010 12:00:26 \| Computer Name = Hellfire-Pc \| Source = MCUpdate \| ID = 0 Description = 18:00:26 - Fejl under oprettelse af forbindelse til internettet. 18:00:26 - Der kunne ikke oprettes forbindelse til serveren.. Error - 26-08-2010 12:00:34 \| Computer Name = Hellfire-Pc \| Source = MCUpdate \| ID = 0 Description = 18:00:32 - Fejl under oprettelse af forbindelse til internettet. 18:00:32 - Der kunne ikke oprettes forbindelse til serveren.. Error - 16-09-2010 00:07:01 \| Computer Name = Hellfire-Pc \| Source = MCUpdate \| ID = 0 Description = 06:07:01 - Det lykkedes ikke at hente Directory. Fejl: Der kunne ikke oprettes forbindelse til fjernserveren [ System Events ] Error - 03-06-2012 10:12:11 \| Computer Name = Hellfire-Pc \| Source = Ntfs \| ID = 262199 Description = Error - 03-06-2012 10:12:11 \| Computer Name = Hellfire-Pc \| Source = Ntfs \| ID = 262199 Description = Error - 03-06-2012 10:12:11 \| Computer Name = Hellfire-Pc \| Source = Ntfs \| ID = 262199 Description = Error - 03-06-2012 10:12:11 \| Computer Name = Hellfire-Pc \| Source = Ntfs \| ID = 262199 Description = Error - 03-06-2012 10:12:11 \| Computer Name = Hellfire-Pc \| Source = Ntfs \| ID = 262199 Description = Error - 03-06-2012 10:12:11 \| Computer Name = Hellfire-Pc \| Source = Ntfs \| ID = 262199 Description = Error - 03-06-2012 10:12:11 \| Computer Name = Hellfire-Pc \| Source = Ntfs \| ID = 262199 Description = Error - 03-06-2012 10:12:11 \| Computer Name = Hellfire-Pc \| Source = Ntfs \| ID = 262199 Description = Error - 03-06-2012 10:12:11 \| Computer Name = Hellfire-Pc \| Source = Ntfs \| ID = 262199 Description = Error - 03-06-2012 10:12:11 \| Computer Name = Hellfire-Pc \| Source = Ntfs \| ID = 262199 Description = < End of report >
[ Ignorer ] [ # 24 ] f-arn TeamSpywarefri
03.06.2012 17:27:18 Administrator Team Spywarefri Antal indlæg: 7045	Vil du godt vedhæfte OTL.txt, da du ikke fik det hele med. Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 25 ] 2903jb
03.06.2012 17:39:24 Antal indlæg: 22	Her er filen Vedhæftede filer OTL.txt (Filstørrelse: 498 - Downloads: 53)
[ Ignorer ] [ # 26 ] f-arn TeamSpywarefri
04.06.2012 21:13:39 Administrator Team Spywarefri Antal indlæg: 7045	Jeg vil gerne ha’ sat et navn på den infektion, for jeg kan ikke li’ det, den laver ved dine driver filer. Jeg kan godt set du har kørt den før, men vil du godt køre den igen. Deaktiver dit antivirus-program, kør en online scanning med ESET Online Scanner: http://www.eset.com/home/products/online-scanner/ Du skal acceptere betingelserne for brug, og klik på Start. Efter ActiveX Control er indlæst, vil det tage et par minutter for scanneren at blive klar. Dernæst skal du sætte flueben i følgende felter: (kun dem) Den må ikke fjerne noget. <- Vigtigt Scan archives under advanced settings Scan for potentialy unwanted applications Scan for potentially unsafe applications Enable anti-stealth technology Klik på Start. Denne scanning kan tage et stykke tid, så vær tålmodig. En log vil åbne, når scanningen er færdig. (hvis ikke, skal du gå til C:\Programmer\EsetOnlineScanner\ og åbne filen Log.txt). Kopier den herind i næste svar. Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 27 ] 2903jb
05.06.2012 17:33:47 Antal indlæg: 22	Her er det den skrev den fandt, jeg tror dog en del af dem er falske positiv, i hvert fald den der har med agth at gøre da det er et oversættelsesværktøj C:\AGTH\agth.dll probably a variant of Win32/AGTH.A application C:\Program Files (x86)\Dream Video Converter Ultimate\Toolbar\solidyoutube-hybrid.exe Win32/Somoto application C:\Program Files (x86)\Solid YouTube Downloader and Converter DB Toolbar\UninstallToolbar.exe Win32/Somoto application C:\Users\Hellfire\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3\14e17f43-4c686a4e a variant of Java/Exploit.CVE-2012-0507.AH trojan C:\Users\Hellfire\AppData\LocalLow\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\UninstallToolbar.exe Win32/Somoto application C:\Users\Hellfire\Desktop\koihimemusou_2_of_2.zip a variant of Win32/Packed.Themida application C:\Users\Hellfire\Desktop\koihimemusou_1_of_2\Koihime_Musou\Data2.cab a variant of Win32/Packed.Themida application C:\Users\Hellfire\Documents\agth\1- AGTH GUIDE.rar probably a variant of Win32/AGTH.A application C:\Users\Hellfire\Documents\agth\AGTH TUTORIAL\agth.rar probably a variant of Win32/AGTH.A application C:\Users\Hellfire\Documents\translation guide\1- AGTH GUIDE.rar probably a variant of Win32/AGTH.A application C:\Users\Hellfire\Documents\translation guide\6- AGTH LATEST VERSION.rar probably a variant of Win32/AGTH.A application C:\Users\Hellfire\Documents\translation guide\Translation Aggregator 0.4.4c.rar probably a variant of Win32/AGTH.A application C:\Users\Hellfire\Documents\translation guide\1- AGTH GUIDE\AGTH TUTORIAL\agth.dll probably a variant of Win32/AGTH.A application C:\Users\Hellfire\Documents\translation guide\1- AGTH GUIDE\AGTH TUTORIAL\agth.rar probably a variant of Win32/AGTH.A application C:\Users\Hellfire\Documents\translation guide\6- AGTH LATEST VERSION\agth.dll probably a variant of Win32/AGTH.A application C:\Users\Hellfire\Documents\translation guide\Translation Aggregator 0.4.4c\agth.dll probably a variant of Win32/AGTH.A application C:\Users\Hellfire\Downloads\Unlocker1.9.1.exe a variant of Win32/Toolbar.Babylon application E:\ntleac.rar a variant of Win32/FlyStudio application E:\Baseson\koihime\lcsebody.exe a variant of Win32/Packed.Themida application E:\ntleac\ntleac\neko.dll a variant of Win32/FlyStudio application F:\hent\Utahime_Yuunan_no_Yuuutsu_2.rar Win32/Sality.NAR virus F:\hent\Utahime Yuunan no Yuuutsu 2\SLASH\trzEEFF.tmp Win32/Sality.NAR virus
[ Ignorer ] [ # 28 ] f-arn TeamSpywarefri
05.06.2012 20:02:02 Administrator Team Spywarefri Antal indlæg: 7045	Jeg ville helt klart vælge at formatere og geninstallere den PC. Der er flere tegn på, at den er ramt af en polymorfisk fil infektion (Sality). Desværre, er det næsten umuligt at rense for en sådan, da infektionen hele tiden “ændrer udseende”. Der er også sket “noget” med nedenstående filer, for de skal ikke fremstå på den måde i loggen fra OTL [2012-06-01 21:22:21 \| 000,273,792 \|——\| C] ()—C:\Windows\SysNative\drivers\msiscsi.sys [2012-06-01 21:22:21 \| 000,215,936 \|——\| C] ()—C:\Windows\SysNative\drivers\vhdmp.sys [2012-06-01 21:22:21 \| 000,194,944 \|——\| C] ()—C:\Windows\SysNative\drivers\vpchbus.sys [2012-06-01 21:22:21 \| 000,155,008 \|——\| C] ()—C:\Windows\SysNative\drivers\mpio.sys [2012-06-01 21:22:21 \| 000,140,672 \|——\| C] ()—C:\Windows\SysNative\drivers\msdsm.sys [2012-06-01 21:22:21 \| 000,095,232 \|——\| C] ()—C:\Windows\SysNative\drivers\vpcusb.sys [2012-06-01 21:22:21 \| 000,091,648 \|——\| C] ()—C:\Windows\SysNative\drivers\USBSTOR.SYS [2012-06-01 21:22:21 \| 000,072,832 \|——\| C] ()—C:\Windows\SysNative\drivers\ohci1394.sys [2012-06-01 21:22:21 \| 000,068,096 \|——\| C] ()—C:\Windows\SysNative\drivers\1394bus.sys [2012-06-01 21:22:21 \| 000,061,008 \|——\| C] ()—C:\Windows\SysNative\drivers\AGP440.sys [2012-06-01 21:22:21 \| 000,041,984 \|——\| C] ()—C:\Windows\SysNative\drivers\winusb.sys [2012-06-01 21:22:21 \| 000,033,280 \|——\| C] ()—C:\Windows\SysNative\drivers\kbdhid.sys [2012-06-01 21:22:21 \| 000,031,232 \|——\| C] ()—C:\Windows\SysNative\drivers\mouhid.sys [2012-06-01 21:22:21 \| 000,030,208 \|——\| C] ()—C:\Windows\SysNative\drivers\monitor.sys [2012-06-01 21:22:21 \| 000,025,600 \|——\| C] ()—C:\Windows\SysNative\drivers\usbohci.sys [2012-06-01 21:22:21 \| 000,025,088 \|——\| C] ()—C:\Windows\SysNative\drivers\usbprint.sys [2012-06-01 21:22:21 \| 000,024,064 \|——\| C] ()—C:\Windows\SysNative\drivers\rdpbus.sys [2012-06-01 21:22:21 \| 000,020,544 \|——\| C] ()—C:\Windows\SysNative\drivers\isapnp.sys [2012-06-01 21:22:21 \| 000,014,336 \|——\| C] ()—C:\Windows\SysNative\drivers\sffp_sd.sys [2012-06-01 21:22:21 \| 000,014,336 \|——\| C] ()—C:\Windows\SysNative\drivers\sffdisk.sys [2012-06-01 21:22:21 \| 000,013,824 \|——\| C] ()—C:\Windows\SysNative\drivers\sffp_mmc.sys [2012-06-01 21:22:21 \| 000,009,728 \|——\| C] ()—C:\Windows\SysNative\drivers\errdev.sys [2012-06-01 21:22:20 \| 000,230,400 \|——\| C] ()—C:\Windows\SysNative\drivers\portcls.sys [2012-06-01 21:22:20 \| 000,229,888 \|——\| C] ()—C:\Windows\SysNative\drivers\1394ohci.sys [2012-06-01 21:22:20 \| 000,147,456 \|——\| C] ()—C:\Windows\SysNative\drivers\cdrom.sys [2012-06-01 21:22:20 \| 000,116,224 \|——\| C] ()—C:\Windows\SysNative\drivers\drmk.sys [2012-06-01 21:22:20 \| 000,073,280 \|——\| C] ()—C:\Windows\SysNative\drivers\disk.sys [2012-06-01 21:22:20 \| 000,005,632 \|——\| C] ()—C:\Windows\SysNative\drivers\drmkaud.sys [2012-06-01 21:22:19 \| 000,350,208 \|——\| C] ()—C:\Windows\SysNative\drivers\HdAudio.sys [2012-06-01 21:22:19 \| 000,334,208 \|——\| C] ()—C:\Windows\SysNative\drivers\acpi.sys [2012-06-01 21:22:19 \| 000,295,808 \|——\| C] ()—C:\Windows\SysNative\drivers\volsnap.sys [2012-06-01 21:22:19 \| 000,155,520 \|——\| C] ()—C:\Windows\SysNative\drivers\ataport.sys [2012-06-01 21:22:19 \| 000,122,368 \|——\| C] ()—C:\Windows\SysNative\drivers\hdaudbus.sys [2012-06-01 21:22:19 \| 000,105,472 \|——\| C] ()—C:\Windows\SysNative\drivers\i8042prt.sys [2012-06-01 21:22:19 \| 000,071,552 \|——\| C] ()—C:\Windows\SysNative\drivers\volmgr.sys [2012-06-01 21:22:19 \| 000,063,360 \|——\| C] ()—C:\Windows\SysNative\drivers\termdd.sys [2012-06-01 21:22:19 \| 000,062,464 \|——\| C] ()—C:\Windows\SysNative\drivers\intelppm.sys [2012-06-01 21:22:19 \| 000,050,768 \|——\| C] ()—C:\Windows\SysNative\drivers\kbdclass.sys [2012-06-01 21:22:19 \| 000,049,216 \|——\| C] ()—C:\Windows\SysNative\drivers\mouclass.sys [2012-06-01 21:22:19 \| 000,048,640 \|——\| C] ()—C:\Windows\SysNative\drivers\umbus.sys [2012-06-01 21:22:19 \| 000,038,912 \|——\| C] ()—C:\Windows\SysNative\drivers\CompositeBus.sys [2012-06-01 21:22:19 \| 000,036,432 \|——\| C] ()—C:\Windows\SysNative\drivers\vdrvroot.sys [2012-06-01 21:22:19 \| 000,032,320 \|——\| C] ()—C:\Windows\SysNative\drivers\mssmbios.sys [2012-06-01 21:22:19 \| 000,030,720 \|——\| C] ()—C:\Windows\SysNative\drivers\usbuhci.sys [2012-06-01 21:22:19 \| 000,026,624 \|——\| C] ()—C:\Windows\SysNative\drivers\sermouse.sys [2012-06-01 21:22:19 \| 000,015,424 \|——\| C] ()—C:\Windows\SysNative\drivers\msisadrv.sys [2012-06-01 21:22:19 \| 000,014,336 \|——\| C] ()—C:\Windows\SysNative\drivers\wmiacpi.sys [2012-06-01 18:15:11 \| 000,033,408 \|——\| C] ()—C:\Windows\SysWow64\drivers\fsbts.sys [2012-05-27 02:33:19 \| 000,024,128 \|——\| C] ()—C:\Windows\SysNative\drivers\atapi.sys [2012-05-27 02:33:18 \| 000,343,040 \|——\| C] ()—C:\Windows\SysNative\drivers\usbhub.sys [2012-05-27 02:33:18 \| 000,325,120 \|——\| C] ()—C:\Windows\SysNative\drivers\usbport.sys [2012-05-27 02:33:18 \| 000,184,704 \|——\| C] ()—C:\Windows\SysNative\drivers\pci.sys [2012-05-27 02:33:18 \| 000,052,736 \|——\| C] ()—C:\Windows\SysNative\drivers\usbehci.sys [2012-05-27 02:33:18 \| 000,048,720 \|——\| C] ()—C:\Windows\SysNative\drivers\pciidex.sys [2012-05-27 02:33:18 \| 000,012,352 \|——\| C] ()—C:\Windows\SysNative\drivers\pciide.sys [2012-05-27 02:33:18 \| 000,007,936 \|——\| C] ()—C:\Windows\SysNative\drivers\usbd.sys Las mig vide hvad du beslutter dig til Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 29 ] 2903jb
05.06.2012 20:43:36 Antal indlæg: 22	Tror jeg er det bedste jeg takker dog for hjælpen får den formateret når jeg kommer hjem
[ Ignorer ] [ # 30 ] f-arn TeamSpywarefri
05.06.2012 22:28:09 Administrator Team Spywarefri Antal indlæg: 7045	Jeg beklager - men med den type infektion, er det den bedste udvej. Hvis du har spørgsmål - er du velkommen til at stille dem nu, da tråden ellers vil blive lukket om få dage. Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !

2 af 3

Forrige

Næste