OTL.Txt

OTL logfile created on: 8/2/2012 11:05:58 PM - Run 1
OTL by OldTimer - Version 3.2.55.0     Folder = C:\Users\Tearsa\Downloads
 Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.94 Gb Total Physical Memory | 1.54 Gb Available Physical Memory | 52.38% Memory free
5.87 Gb Paging File | 3.93 Gb Available in Paging File | 66.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 454.82 Gb Total Space | 276.47 Gb Free Space | 60.79% Space Free | Partition Type: NTFS
Drive Q: | 9.77 Gb Total Space | 0.00 Gb Free Space | 0.02% Space Free | Partition Type: NTFS

Computer Name: TEARSA-THINK | User Name: Tearsa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012/08/02 23:04:29 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Tearsa\Downloads\OTL.exe
PRC - [2012/07/18 18:05:10 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012/07/18 18:05:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/07/18 18:04:51 | 000,468,472 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avscan.exe
PRC - [2012/07/18 18:04:51 | 000,304,120 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avnotify.exe
PRC - [2012/07/18 18:04:50 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/07/18 18:04:50 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/07/18 18:04:49 | 000,391,632 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
PRC - [2012/07/09 16:38:53 | 004,777,856 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2012/05/31 09:18:43 | 000,079,872 | ---- | M] (SanDisk Corporation) -- C:\Users\Tearsa\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
PRC - [2012/05/14 12:10:58 | 001,156,968 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
PRC - [2012/05/14 12:09:32 | 001,178,984 | ---- | M] (Intuit Inc.) -- C:\Program Files\Intuit\QuickBooks 2008\QBW32.EXE
PRC - [2012/05/14 11:07:42 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2012/05/08 15:14:30 | 000,185,856 | ---- | M] () -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
PRC - [2011/10/01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/08/11 16:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/07/25 23:18:46 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\System Update\SUService.exe
PRC - [2011/06/30 13:25:52 | 001,248,256 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
PRC - [2011/06/23 21:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 05:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/09/22 18:11:26 | 000,640,440 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2010/07/27 20:46:00 | 000,069,632 | ---- | M] (Primax Electronics Ltd.) -- C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.exe
PRC - [2010/06/01 01:41:38 | 000,155,648 | ---- | M] () -- C:\Program Files\Lenovo\Lenovo Mouse Suite\PelElvDm.exe
PRC - [2010/04/21 23:04:22 | 000,184,320 | ---- | M] () -- C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe
PRC - [2009/12/08 23:37:14 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/12/07 19:57:40 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/11/20 16:25:24 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009/11/20 16:25:22 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2009/10/16 02:07:06 | 000,064,064 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\ThinkPad\Utilities\SCHTASK.EXE
PRC - [2009/10/16 02:06:14 | 000,072,256 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
PRC - [2009/08/28 15:09:58 | 001,019,904 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
PRC - [2009/07/13 18:14:36 | 000,259,072 | ---- | M] () -- C:\Windows\System32\services.exe
PRC - [2009/05/27 23:09:36 | 000,049,976 | ---- | M] () -- C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
PRC - [2008/11/20 01:27:28 | 000,020,480 | ---- | M] () -- C:\Program Files\Lenovo\Lenovo Mouse Suite\FSRremoS.EXE
PRC - [2008/01/10 13:13:50 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012/08/02 22:54:46 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012/08/02 22:54:45 | 000,065,024 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012/07/18 18:05:02 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012/07/13 15:00:02 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2012/07/13 15:00:02 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2012/07/09 21:09:00 | 000,438,296 | ---- | M] () -- C:\Users\Tearsa\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppgooglenaclpluginchrome.dll
MOD - [2012/07/09 21:08:59 | 003,972,120 | ---- | M] () -- C:\Users\Tearsa\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
MOD - [2012/07/09 21:07:39 | 000,554,520 | ---- | M] () -- C:\Users\Tearsa\AppData\Local\Google\Chrome\Application\20.0.1132.57\libglesv2.dll
MOD - [2012/07/09 21:07:37 | 000,117,784 | ---- | M] () -- C:\Users\Tearsa\AppData\Local\Google\Chrome\Application\20.0.1132.57\libegl.dll
MOD - [2012/07/09 21:07:22 | 000,140,328 | ---- | M] () -- C:\Users\Tearsa\AppData\Local\Google\Chrome\Application\20.0.1132.57\avutil-51.dll
MOD - [2012/07/09 21:07:21 | 000,262,184 | ---- | M] () -- C:\Users\Tearsa\AppData\Local\Google\Chrome\Application\20.0.1132.57\avformat-54.dll
MOD - [2012/07/09 21:07:19 | 002,386,984 | ---- | M] () -- C:\Users\Tearsa\AppData\Local\Google\Chrome\Application\20.0.1132.57\avcodec-54.dll
MOD - [2012/06/18 08:34:01 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/18 08:33:56 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/05/14 12:10:26 | 000,125,800 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2008\QBMAPILibrary.dll
MOD - [2012/05/14 12:10:22 | 000,020,840 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2008\QBCompressor.DLL
MOD - [2012/05/14 12:10:10 | 000,042,344 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2008\mbpopup.dll
MOD - [2012/05/14 12:09:42 | 000,176,488 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2008\boost_serialization-vc90-mt-p-1_33.dll
MOD - [2012/05/14 12:09:40 | 000,268,648 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2008\boost_regex-vc90-mt-p-1_33.dll
MOD - [2012/05/14 12:09:38 | 000,348,008 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2008\BackupLib.dll
MOD - [2012/05/14 08:33:55 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/14 08:32:52 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/14 08:32:47 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/14 08:32:43 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/14 08:32:42 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/14 08:32:34 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/11/20 05:19:56 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.DLL
MOD - [2010/11/20 05:19:56 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll
MOD - [2009/09/21 10:01:00 | 000,028,672 | ---- | M] () -- C:\Program Files\ThinkPad\Utilities\US\PWMRT32V.DLL
MOD - [2009/05/27 23:09:36 | 000,049,976 | ---- | M] () -- C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
MOD - [2008/11/20 01:27:28 | 000,020,480 | ---- | M] () -- C:\Program Files\Lenovo\Lenovo Mouse Suite\FSRremoS.EXE
MOD - [2005/07/19 23:18:00 | 000,059,904 | ---- | M] () -- C:\Program Files\Intuit\QuickBooks 2008\zlib1.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- C:\Users\Tearsa\AppData\Local\Temp\YQGIHBHJ.exe -- (YQGIHBHJ)
SRV - File not found [On_Demand | Stopped] -- C:\Users\Tearsa\AppData\Local\Temp\WNM.exe -- (WNM)
SRV - File not found [On_Demand | Stopped] -- C:\Users\Tearsa\AppData\Local\Temp\WDLVERWEY.exe -- (WDLVERWEY)
SRV - File not found [Disabled | Stopped] -- C:\Users\Tearsa\AppData\Local\Temp\UENUOAUF.exe -- (UENUOAUF)
SRV - [2012/08/02 22:11:42 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/18 18:05:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/07/18 18:04:50 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/05/14 11:07:42 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2012/05/08 15:14:30 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV - [2011/10/01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/08/11 16:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011/07/25 23:18:46 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2011/06/30 13:25:52 | 001,248,256 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/13 16:25:19 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/04/11 14:25:34 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/04/21 23:04:22 | 000,184,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Lenovo\Lenovo Mouse Suite\PelService.exe -- (PelService)
SRV - [2009/12/08 23:37:14 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/12/07 19:57:40 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/11/20 16:25:24 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/10/16 02:06:14 | 000,072,256 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe -- (Power Manager DBC Service)
SRV - [2009/08/28 15:09:58 | 001,019,904 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe -- (ThinkVantage Registry Monitor Service)
SRV - [2009/07/23 21:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/07/13 18:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 18:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 18:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2008/01/10 13:13:50 | 000,061,440 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2CF81E7D-BF7F-470C-BA7C-11EBB8A46BCB}\MpKsl78787e14.sys -- (MpKsl78787e14)
DRV - File not found [Kernel | System | Stopped] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{2CF81E7D-BF7F-470C-BA7C-11EBB8A46BCB}\MpKsl3c55fdbe.sys -- (MpKsl3c55fdbe)
DRV - File not found [File_System | On_Demand | Stopped] -- C:\Windows\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/07/18 18:05:10 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/07/18 18:05:10 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/07/18 18:05:10 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/10/04 03:22:16 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2011/10/04 03:22:16 | 000,077,624 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2011/10/01 08:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2011/10/01 08:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2011/10/01 08:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2011/10/01 08:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2011/07/22 09:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/20 16:57:10 | 000,268,968 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1k6232.sys -- (e1kexpress)
DRV - [2011/07/12 14:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/11/20 05:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 05:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 05:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 03:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 02:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 02:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 02:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/06/17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/04/30 07:31:32 | 011,648,936 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/01/27 16:25:04 | 000,068,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2009/09/24 04:58:52 | 000,038,336 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tvti2c.sys -- (TVTI2C)
DRV - [2009/09/16 21:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
DRV - [2009/07/13 16:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009/07/13 15:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2009/07/01 19:16:16 | 000,033,088 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\psadd.sys -- (psadd)


[color=#E56717]========== Standard Registry (All) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{775ED5D4-765D-4320-996D-80A3247CA491}: "URL" = http://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)

IE - HKU\S-1-5-21-6944440-632405070-261029874-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
IE - HKU\S-1-5-21-6944440-632405070-261029874-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkcentre [binary data]
IE - HKU\S-1-5-21-6944440-632405070-261029874-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-6944440-632405070-261029874-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-6944440-632405070-261029874-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
IE - HKU\S-1-5-21-6944440-632405070-261029874-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-6944440-632405070-261029874-1000\..\SearchScopes,DefaultScope = {3412887C-01A2-4F24-9C03-1FF034F2DC6E}
IE - HKU\S-1-5-21-6944440-632405070-261029874-1000\..\SearchScopes\{3412887C-01A2-4F24-9C03-1FF034F2DC6E}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7GGHP_enUS437
IE - HKU\S-1-5-21-6944440-632405070-261029874-1000\..\SearchScopes\{8BD6DD22-50CB-41AE-930E-20D3B8A612D7}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=FADD1C3A-2812-4C10-9ADF-6B7CF8582812&apn_sauid=A3BD3DCC-E763-406F-8E35-5B91A6D7D2F0
IE - HKU\S-1-5-21-6944440-632405070-261029874-1000\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredimail.com/?search={searchTerms}&loc=search_box&a=ICeKcpnqR9
IE - HKU\S-1-5-21-6944440-632405070-261029874-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-6944440-632405070-261029874-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tearsa\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tearsa\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012/08/02 14:52:50 | 000,000,000 | ---D | M]


[color=#E56717]========== Chrome  ==========[/color]

CHR - homepage: http://msn.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://msn.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Tearsa\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Tearsa\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Tearsa\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Users\Tearsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.441_0\npbrowserext.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U32 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Tearsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Tearsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Web Assistant = C:\Users\Tearsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.441_0\
CHR - Extension: AdBlock = C:\Users\Tearsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.38_0\
CHR - Extension: Gmail = C:\Users\Tearsa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 14:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-6944440-632405070-261029874-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-6944440-632405070-261029874-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Daemon for Mouse Suite] C:\Program Files\Lenovo\Lenovo Mouse Suite\ICO.EXE (Primax Electronics Ltd.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IMSS] C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe ()
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe ()
O4 - HKLM..\Run: [Power Manager Power Agenda] C:\Program Files\ThinkPad\Utilities\DPMHost.EXE ()
O4 - HKLM..\Run: [PWMTRV] C:\Program Files\ThinkPad\Utilities\PWMTR32V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-6944440-632405070-261029874-1000..\Run: [Google Update] C:\Users\Tearsa\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKU\S-1-5-21-6944440-632405070-261029874-1000..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKU\S-1-5-21-6944440-632405070-261029874-1000..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-6944440-632405070-261029874-1000..\Run: [SansaDispatch] C:\Users\Tearsa\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
O4 - HKU\S-1-5-21-6944440-632405070-261029874-1000..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-6944440-632405070-261029874-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-6944440-632405070-261029874-1000\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-6944440-632405070-261029874-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKU\S-1-5-21-6944440-632405070-261029874-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_17-windows-i586.cab (Java Plug-in 1.5.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{132C5903-2B15-42A1-A81F-E8740892E0E6}: DhcpNameServer = 68.105.28.17 68.105.29.17
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1F102A4-B6DC-40BD-ACEA-AE937B30653D}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\intu-help-qb4 {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\qbwc {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - Unable to obtain root file information for disk Q:\
O33 - MountPoints2\{07b07916-6480-11e0-b0e2-1078d2cf3f57}\Shell - "" = AutoRun
O33 - MountPoints2\{07b07916-6480-11e0-b0e2-1078d2cf3f57}\Shell\AutoRun\command - "" = F:\LaunchU3.exe
O33 - MountPoints2\{18441f0a-4767-11e0-9199-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{18441f0a-4767-11e0-9199-806e6f6e6963}\Shell\AutoRun\command - "" = Q:\LenovoQDrive.exe -- [2009/08/10 14:01:24 | 000,267,576 | -HS- | M] (Lenovo Group Limited)
O33 - MountPoints2\{ec56bab8-f354-11e0-964a-1078d2cf3f57}\Shell - "" = AutoRun
O33 - MountPoints2\{ec56bab8-f354-11e0-964a-1078d2cf3f57}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: Sharedaccess -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: wuauserv -  File not found
NetSvcs: BITS -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found


SafeBootMin: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SafeBootNet: Base - Driver Group
SafeBootNet: BFE - Service
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MPSSvc - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SharedAccess -  File not found
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EE62A6B2-9032-0FD8-83F2-050A0BE0254C} - DirectX
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.mpegacm - C:\Program Files\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.ulmp3acm - C:\Program Files\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

[color=#E56717]========== Files/Folders - Created Within 90 Days ==========[/color]

[2012/08/02 22:52:54 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/08/02 22:37:00 | 002,136,664 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Tearsa\Desktop\e2xplorer.exe
[2012/08/02 21:54:51 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Roaming\Avira
[2012/08/02 21:53:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012/08/02 21:53:18 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012/08/02 21:53:17 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012/08/02 21:53:17 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012/08/02 21:53:17 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2012/08/02 21:53:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012/08/02 21:53:13 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012/08/02 21:52:55 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2012/08/02 21:47:25 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/08/02 21:31:43 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/08/02 21:28:46 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/08/02 20:50:25 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{A47E747C-3F31-43B0-9692-1D179082DCAE}
[2012/08/02 20:46:40 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{2104AF0A-BFA7-47CB-8B23-6CA17918481E}
[2012/08/02 17:35:33 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Roaming\Auslogics
[2012/08/02 17:03:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[2012/08/02 17:03:49 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2012/08/02 16:20:22 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{5C000073-0CCE-452E-84EC-29E28421C29E}
[2012/08/02 16:14:27 | 000,581,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinUSBCoInstaller.dll
[2012/08/02 16:14:26 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2012/08/02 16:14:25 | 000,181,432 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudmdm.sys
[2012/08/02 16:14:25 | 000,077,624 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudbus.sys
[2012/08/02 16:10:37 | 000,000,000 | ---D | C] -- C:\Program Files\SAMSUNG
[2012/08/02 16:09:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2012/08/02 15:37:58 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/08/02 15:29:44 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2012/08/02 15:29:42 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012/08/02 15:26:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/08/02 15:26:44 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/08/02 15:20:37 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/08/02 15:03:02 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{424B79DB-FEC8-4F52-84CB-689E70D48D74}
[2012/08/02 13:59:58 | 000,000,000 | -HSD | C] -- C:\found.000
[2012/07/30 08:37:35 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Roaming\Roaming
[2012/07/30 08:32:09 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{88C722E3-6809-4617-8D5E-90681221D1A9}
[2012/07/30 08:31:54 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{85F3153E-EB35-461B-9D0A-BA778892D478}
[2012/07/26 08:29:07 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{6D13D482-6198-453F-821C-C64D430FC4C4}
[2012/07/26 08:28:50 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{8C83E996-3AF9-4D69-8B15-76CD24A0B52D}
[2012/07/24 15:30:02 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{5B9440AE-90D3-47BC-95A1-B3F1A51D00FB}
[2012/07/24 14:02:10 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Roaming\Ryathe
[2012/07/24 14:02:10 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Roaming\Onen
[2012/07/24 14:02:10 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Roaming\Beymy
[2012/07/24 03:29:40 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{3FAF82A2-670F-4F72-A7A8-EDAB408B2454}
[2012/07/23 15:29:07 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{71665A2E-DAED-43DD-86C5-337B6047F1FF}
[2012/07/23 03:28:32 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{95A8EA5E-9920-4D01-A041-8E7CA56C3DDD}
[2012/07/22 15:28:09 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{41FA3C21-3D82-4832-B1EB-E9D2B59B2A56}
[2012/07/22 03:27:37 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{210915E9-C950-4154-B965-F42C8CF3909F}
[2012/07/21 15:27:03 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{C37E138A-A9C2-4CEA-AFBB-D6C363B1C986}
[2012/07/21 03:26:41 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{1B67803C-3937-49DA-BBC0-B24F9856135A}
[2012/07/20 15:26:07 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{91A9BBFE-CDDC-418A-9746-C151215CB5F8}
[2012/07/20 03:25:34 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{B2F4AD70-1FAC-422F-BFF8-8AC0F06E044E}
[2012/07/19 15:25:01 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{028EC005-0772-4B8C-8A59-6B35075A3C76}
[2012/07/19 03:24:26 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{A8FB93F2-4AE4-4000-B9C5-1254ED3D1E3D}
[2012/07/18 15:23:54 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{E8E1AB31-0318-4403-B9F2-53305EC8F3F2}
[2012/07/18 03:23:21 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{5295AE06-695C-4A91-839E-43110280B953}
[2012/07/17 15:22:59 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{501A8CFE-688A-4C1F-A13F-80C04E3DF916}
[2012/07/17 03:22:38 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{B3C71C99-5096-4170-BA7B-5D1B417ACA72}
[2012/07/16 15:22:04 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{84A49C33-0AE5-4613-9ED7-3FDDDFC4A230}
[2012/07/16 03:21:31 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{2D55B9C6-BED8-49D6-9F91-BE98EC900033}
[2012/07/15 15:20:59 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{1DDDD36A-D2FE-41E2-8AF9-143C0F16B195}
[2012/07/15 03:20:26 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{8E2365CC-37C2-45F5-9DCC-49E517251EC9}
[2012/07/14 15:19:54 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{9E96F3E3-CCED-44FD-9E72-12C55D9A6BE1}
[2012/07/14 03:19:04 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{FC1EDE45-C67C-444C-983F-9A80FB733370}
[2012/07/14 03:18:51 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{56EDFE6A-681B-4BCA-A124-221789E2E7FE}
[2012/07/13 15:09:06 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012/07/13 15:09:06 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012/07/13 14:59:26 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Roaming\SUPERAntiSpyware.com
[2012/07/13 14:59:10 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/07/13 14:49:41 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/07/13 14:31:45 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/07/13 14:31:44 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/07/13 14:31:44 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/07/13 14:31:44 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/07/13 14:31:43 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/07/13 14:31:43 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/07/13 14:31:43 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/07/13 14:22:12 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/07/12 11:38:10 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Recovery
[2012/07/12 08:35:34 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012/07/12 08:35:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2012/07/12 08:35:31 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2012/07/12 08:30:10 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{22819B63-1473-4420-846F-53AAB5940710}
[2012/07/12 08:29:59 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{BA616B46-8061-4C14-8887-134E20EE7D06}
[2012/07/09 08:40:10 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{23A78C4D-9235-4F1E-83FB-E7CE917165CB}
[2012/07/09 08:39:59 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{ACA0EE19-22E6-4D96-B8E0-54F97DE924F5}
[2012/07/05 08:35:27 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{8E5231EE-E402-44D2-AD4B-82AAFAE37017}
[2012/07/05 08:34:34 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{EDA03006-D9D8-4079-855A-F778D194AC36}
[2012/07/02 09:00:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/07/02 08:59:42 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/07/02 08:59:41 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/07/02 08:36:12 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{216BDD70-1293-42CD-8820-5FF7FD03F86A}
[2012/07/02 08:35:40 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{18F84E8F-7252-4905-BCF8-59EE27E3F1BA}
[2012/06/28 08:36:54 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{4A3A08CB-AD4C-4AC6-82E0-CB8C78FDC881}
[2012/06/28 08:36:43 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{23B0A6A2-0362-40B9-9792-B4312DEF7E0E}
[2012/06/25 08:38:51 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{5D078244-BF2A-4828-9513-5338221415E1}
[2012/06/25 08:38:39 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{F5D50A66-D753-4928-80B5-5CE3D2A437A1}
[2012/06/21 08:45:23 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/06/21 08:45:23 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/06/21 08:45:15 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/06/21 08:45:15 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/06/21 08:45:15 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/06/21 08:45:06 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/06/21 08:45:06 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/06/21 08:41:42 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{14BFDD49-6B73-4413-81D3-1FEC02F27B04}
[2012/06/21 08:40:58 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{CC9E109D-5D01-4AC1-ADBA-50C0E98FB331}
[2012/06/18 08:33:40 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{7A892945-4153-4565-98D7-147D7C83985D}
[2012/06/14 08:43:35 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012/06/14 08:43:35 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012/06/14 08:43:35 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012/06/14 08:36:19 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{E376D2FE-D634-4F99-8EFC-3B4BB8506558}
[2012/06/14 08:35:55 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{74567450-D70E-473D-AA55-DB1F551D89EA}
[2012/06/11 08:38:00 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{90F2CE56-DD72-4AC9-B2CE-1DC1371996AC}
[2012/06/11 08:37:48 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{E2C6AA36-FBC7-41EB-B3E8-3D7F13C646B5}
[2012/06/07 13:08:58 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\Documents\Goldfield Bunkhouse Project
[2012/06/07 08:35:32 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{66509255-7A4A-4B9C-BC56-4EBD813A3A35}
[2012/06/07 08:35:20 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{4E768FEF-B010-43AA-A1F0-D1EA497D8305}
[2012/06/06 12:50:03 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{7C758D3D-A8E8-466E-B108-EB097C0383C7}
[2012/06/06 12:49:22 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{EA9458A1-CD35-4923-9B5E-CF2FBD4513BA}
[2012/06/04 08:38:29 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{9397F35D-BA26-4005-9039-5B8DA6DC7F02}
[2012/06/04 08:37:55 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{453E1226-353F-4F31-AE69-1D701F2327D4}
[2012/05/31 09:18:50 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SanDisk
[2012/05/31 09:18:33 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Roaming\SanDisk
[2012/05/31 08:28:22 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{D873B82E-C213-42DE-BB39-44EF7ABE37CB}
[2012/05/31 08:28:11 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{622346F1-C1FF-47A2-B178-8F99798EEA2B}
[2012/05/30 12:55:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/05/30 12:55:07 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2012/05/30 12:41:29 | 000,000,000 | ---D | C] -- C:\Program Files\Web Assistant
[2012/05/30 12:40:53 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{867803D1-571D-4FD9-92F3-A8481540AE02}
[2012/05/30 12:40:42 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{DF2E0C08-CEE7-409A-9C4D-47080FC50818}
[2012/05/24 08:37:20 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{855CC742-E48F-4F53-B82D-1E8C66EB635E}
[2012/05/24 08:37:05 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{57472464-D00F-4C28-8C3B-1146EB269D64}
[2012/05/21 08:30:24 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{A5C7B67A-82C3-4721-81FE-8C4C5957AF9C}
[2012/05/21 08:29:50 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{6139019B-756E-4014-9E32-060FF2E95B26}
[2012/05/17 08:40:34 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{9854152F-92F3-46BB-BB8A-CCF2F101260B}
[2012/05/17 08:40:23 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{AF079636-B90C-4E21-9691-880708941CA8}
[2012/05/14 08:47:21 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{A3566462-396F-41BC-A3B1-0882ACE8B012}
[2012/05/14 08:47:07 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{50439B32-0207-44FE-9611-CE92B2839C4F}
[2012/05/14 08:42:54 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/05/14 08:32:48 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{FAB18949-CB6C-47DF-99B8-00C683E1A294}
[2012/05/14 08:32:24 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{B721C27A-30FA-46B8-B4E4-9BECBC97C7AD}
[2012/05/10 08:42:31 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/05/10 08:42:31 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/05/10 08:42:24 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012/05/10 08:37:27 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{9F01626D-098E-4B0E-9BBB-DD31E8528798}
[2012/05/10 08:37:04 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{7AEA6079-7FBB-4E07-974B-365B2DC1F468}
[2012/05/09 13:02:52 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{628F7CD2-6FD4-4FA1-8BA6-F45650F000EA}
[2012/05/09 13:02:06 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{5D3DAE42-C5EF-40A7-9E41-FA58F5026752}
[2012/05/07 08:31:18 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{BE29BEBB-FBAA-46F9-9CAD-7E1DAE32CCEB}
[2012/05/07 08:31:08 | 000,000,000 | ---D | C] -- C:\Users\Tearsa\AppData\Local\{EB806F1A-A3B4-41E9-935D-77A6555AAC76}

[color=#E56717]========== Files - Modified Within 90 Days ==========[/color]

[2012/08/02 23:11:03 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/02 23:01:52 | 000,016,976 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/02 23:01:52 | 000,016,976 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/02 23:00:44 | 000,624,384 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/08/02 23:00:44 | 000,106,502 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/08/02 22:53:51 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/02 22:53:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/02 22:53:34 | 2364,284,928 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/02 22:37:40 | 002,136,664 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Tearsa\Desktop\e2xplorer.exe
[2012/08/02 22:14:01 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-6944440-632405070-261029874-1000UA.job
[2012/08/02 22:11:40 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/08/02 22:11:40 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/08/02 21:53:50 | 000,002,015 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012/08/02 21:40:29 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/08/02 21:31:45 | 000,000,968 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/02 21:22:03 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/02 21:08:51 | 148,420,633 | ---- | M] () -- C:\Windows\System32\XMWVTMH
[2012/08/02 17:03:50 | 000,001,207 | ---- | M] () -- C:\Users\Public\Desktop\Auslogics Disk Defrag.lnk
[2012/08/02 16:28:01 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2012/08/02 16:18:29 | 000,000,466 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012/08/02 15:29:44 | 000,002,969 | ---- | M] () -- C:\Users\Tearsa\Desktop\HiJackThis.lnk
[2012/08/02 15:26:49 | 000,001,964 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/08/02 15:26:08 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/02 14:00:51 | 000,003,472 | ---- | M] () -- C:\bootsqm.dat
[2012/07/22 02:14:01 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-6944440-632405070-261029874-1000Core.job
[2012/07/18 18:05:10 | 000,137,928 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012/07/18 18:05:10 | 000,083,392 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012/07/18 18:05:10 | 000,036,000 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2012/07/14 03:17:39 | 000,450,616 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/07/13 15:09:06 | 000,001,225 | ---- | M] () -- C:\Users\Tearsa\Desktop\Revo Uninstaller.lnk
[2012/07/13 14:54:58 | 000,002,325 | ---- | M] () -- C:\Users\Tearsa\Desktop\Google Chrome.lnk
[2012/07/13 14:45:49 | 000,075,106 | ---- | M] () -- C:\Windows\System32\6a40f1e0.exe
[2012/07/13 14:45:48 | 001,646,592 | ---- | M] () -- C:\Windows\System32\64be820e.dll
[2012/07/12 11:38:10 | 000,000,690 | ---- | M] () -- C:\Users\Tearsa\Application Data\Microsoft\Internet Explorer\Quick Launch\File_Recovery.lnk
[2012/07/05 08:34:02 | 000,000,528 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2012/07/02 11:31:13 | 000,232,629 | ---- | M] () -- C:\Users\Tearsa\Documents\UC-018-FF.pdf
[2012/07/02 09:00:36 | 000,001,764 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/06/11 19:40:48 | 002,345,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/06/11 14:14:56 | 002,867,230 | ---- | M] () -- C:\Users\Tearsa\Documents\Safety Material Invoices - SDO Shade & Sails Project.pdf
[2012/06/07 12:41:07 | 000,000,090 | ---- | M] () -- C:\Windows\QBChanUtil_Trigger.ini
[2012/06/06 15:03:34 | 000,612,709 | ---- | M] () -- C:\Users\Tearsa\Documents\Conspeco Company Safety Program Manual.pdf
[2012/06/06 14:54:20 | 000,686,545 | ---- | M] () -- C:\Users\Tearsa\Documents\EMC insurance questionnaire 6.6.12.pdf
[2012/06/05 22:03:06 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2012/06/02 15:19:42 | 000,171,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/06/02 15:19:33 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/06/02 15:19:32 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012/06/02 15:19:23 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012/06/02 15:12:32 | 002,422,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/06/02 15:12:20 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/06/02 15:12:13 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012/06/02 01:33:25 | 001,800,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/06/02 01:25:03 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/06/02 01:23:26 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/06/02 01:21:51 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/06/02 01:20:33 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/06/02 01:16:52 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/06/02 01:14:19 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/06/01 21:39:10 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012/05/31 12:25:14 | 000,237,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012/05/14 15:26:56 | 001,005,722 | ---- | M] () -- C:\Users\Tearsa\Documents\Conspeco AUDMLD - 2011.pdf
[2012/05/10 13:43:25 | 000,904,260 | ---- | M] () -- C:\Users\Tearsa\Documents\AAS Accounting Paraprofessional 12-13.pdf

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012/08/02 21:53:50 | 000,002,015 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012/08/02 21:47:29 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/02 21:31:45 | 000,000,968 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/02 21:01:25 | 148,420,633 | ---- | C] () -- C:\Windows\System32\XMWVTMH
[2012/08/02 17:03:55 | 000,001,207 | ---- | C] () -- C:\Users\Public\Desktop\Auslogics Disk Defrag.lnk
[2012/08/02 16:28:01 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2012/08/02 15:29:44 | 000,002,969 | ---- | C] () -- C:\Users\Tearsa\Desktop\HiJackThis.lnk
[2012/08/02 15:26:49 | 000,001,964 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/08/02 14:00:51 | 000,003,472 | ---- | C] () -- C:\bootsqm.dat
[2012/07/13 15:13:27 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/07/13 15:09:06 | 000,001,225 | ---- | C] () -- C:\Users\Tearsa\Desktop\Revo Uninstaller.lnk
[2012/07/13 14:49:50 | 000,002,325 | ---- | C] () -- C:\Users\Tearsa\Desktop\Google Chrome.lnk
[2012/07/13 14:49:08 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-6944440-632405070-261029874-1000UA.job
[2012/07/13 14:49:03 | 000,000,860 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-6944440-632405070-261029874-1000Core.job
[2012/07/13 14:45:49 | 000,075,106 | ---- | C] () -- C:\Windows\System32\6a40f1e0.exe
[2012/07/13 14:45:48 | 001,646,592 | ---- | C] () -- C:\Windows\System32\64be820e.dll
[2012/07/13 14:30:43 | 000,002,443 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012/07/13 14:30:43 | 000,002,403 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
[2012/07/13 14:30:43 | 000,002,202 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk
[2012/07/13 14:30:43 | 000,002,181 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012/07/13 14:30:43 | 000,002,080 | ---- | C] () -- C:\Users\Public\Desktop\QuickBooks Pro 2011.lnk
[2012/07/13 14:30:43 | 000,002,011 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk
[2012/07/13 14:30:43 | 000,001,764 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/07/13 14:30:43 | 000,001,515 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012/07/13 14:30:43 | 000,001,352 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[2012/07/13 14:30:43 | 000,001,331 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012/07/13 14:30:43 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[2012/07/13 14:30:43 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/07/13 14:30:43 | 000,001,262 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012/07/13 14:30:43 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[2012/07/13 14:30:43 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[2012/07/13 14:30:43 | 000,001,193 | ---- | C] () -- C:\Users\Public\Desktop\HP Officejet Pro 8500 A910 Scan.lnk
[2012/07/13 14:30:43 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/13 14:30:42 | 000,002,476 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools.lnk
[2012/07/13 14:30:41 | 000,000,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
[2012/07/13 14:30:35 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/07/13 14:30:35 | 000,002,507 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 9 Standard.lnk
[2012/07/13 14:30:35 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 9.lnk
[2012/07/13 14:30:35 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/07/13 14:30:34 | 000,001,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 5.0 Sprint.lnk
[2012/07/12 11:38:11 | 000,000,072 | ---- | C] () -- C:\ProgramData\-YpFDLDDFtjjXXyr
[2012/07/12 11:38:11 | 000,000,072 | ---- | C] () -- C:\ProgramData\-YpFDLDDFtjjXXy
[2012/07/12 11:38:10 | 000,000,690 | ---- | C] () -- C:\Users\Tearsa\Application Data\Microsoft\Internet Explorer\Quick Launch\File_Recovery.lnk
[2012/07/12 11:38:07 | 000,000,368 | ---- | C] () -- C:\ProgramData\YpFDLDDFtjjXXy
[2012/07/02 11:31:12 | 000,232,629 | ---- | C] () -- C:\Users\Tearsa\Documents\UC-018-FF.pdf
[2012/06/11 14:14:56 | 002,867,230 | ---- | C] () -- C:\Users\Tearsa\Documents\Safety Material Invoices - SDO Shade & Sails Project.pdf
[2012/06/06 15:03:33 | 000,612,709 | ---- | C] () -- C:\Users\Tearsa\Documents\Conspeco Company Safety Program Manual.pdf
[2012/06/06 14:54:20 | 000,686,545 | ---- | C] () -- C:\Users\Tearsa\Documents\EMC insurance questionnaire 6.6.12.pdf
[2012/05/14 15:26:56 | 001,005,722 | ---- | C] () -- C:\Users\Tearsa\Documents\Conspeco AUDMLD - 2011.pdf
[2012/05/10 13:43:25 | 000,904,260 | ---- | C] () -- C:\Users\Tearsa\Documents\AAS Accounting Paraprofessional 12-13.pdf
[2012/01/11 08:46:26 | 000,002,048 | -HS- | C] () -- C:\Users\Tearsa\AppData\Local\{3486c2c3-9ae0-4c01-05d4-c4332dd4f613}\@
[2011/04/29 09:51:59 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2011/04/22 12:30:42 | 000,008,704 | ---- | C] () -- C:\Users\Tearsa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/18 16:08:35 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/04/13 14:13:39 | 000,000,111 | ---- | C] () -- C:\Windows\EPSON Perfection 3170.ini

[color=#E56717]========== LOP Check ==========[/color]

[2012/08/02 17:35:33 | 000,000,000 | ---D | M] -- C:\Users\Tearsa\AppData\Roaming\Auslogics
[2012/07/24 16:48:28 | 000,000,000 | ---D | M] -- C:\Users\Tearsa\AppData\Roaming\Beymy
[2011/04/11 13:52:28 | 000,000,000 | ---D | M] -- C:\Users\Tearsa\AppData\Roaming\DesktopPwrMgr
[2011/04/13 14:20:57 | 000,000,000 | ---D | M] -- C:\Users\Tearsa\AppData\Roaming\Leadertech
[2012/07/24 16:57:17 | 000,000,000 | ---D | M] -- C:\Users\Tearsa\AppData\Roaming\Onen
[2011/06/15 12:51:32 | 000,000,000 | ---D | M] -- C:\Users\Tearsa\AppData\Roaming\PCDr
[2012/07/30 08:37:35 | 000,000,000 | ---D | M] -- C:\Users\Tearsa\AppData\Roaming\Roaming
[2012/07/24 14:02:10 | 000,000,000 | ---D | M] -- C:\Users\Tearsa\AppData\Roaming\Ryathe
[2012/08/02 14:53:08 | 000,000,000 | ---D | M] -- C:\Users\Tearsa\AppData\Roaming\SanDisk
[2012/07/05 16:31:34 | 000,000,000 | ---D | M] -- C:\Users\Tearsa\AppData\Roaming\SoftGrid Client
[2011/04/13 14:58:12 | 000,000,000 | ---D | M] -- C:\Users\Tearsa\AppData\Roaming\TP
[2012/08/02 14:26:03 | 000,000,000 | ---D | M] -- C:\Users\Tearsa\AppData\Roaming\Update
[2011/04/11 14:30:46 | 000,000,000 | ---D | M] -- C:\Users\Tearsa\AppData\Roaming\Windows Live Writer
[2012/07/05 08:34:02 | 000,000,528 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012/03/29 08:32:26 | 000,032,614 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/08/02 16:18:29 | 000,000,466 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job

[color=#E56717]========== Purity Check ==========[/color]


[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
[2009/06/10 14:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/07/13 18:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2009/07/20 23:20:38 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012/08/02 14:00:51 | 000,003,472 | ---- | M] () -- C:\bootsqm.dat
[2009/06/10 14:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
[2012/08/02 22:53:34 | 2364,284,928 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/05 13:36:56 | 000,000,086 | ---- | M] () -- C:\log.txt
[2012/08/02 22:53:38 | 3152,379,904 | -HS- | M] () -- C:\pagefile.sys
[2011/03/05 13:36:06 | 000,002,045 | ---- | M] () -- C:\RHDSetup.log
[2012/08/02 22:52:58 | 000,142,390 | ---- | M] () -- C:\TDSSKiller.2.7.48.0_02.08.2012_22.51.01_log.txt
[2012/08/02 22:58:37 | 000,268,370 | ---- | M] () -- C:\TDSSKiller.2.7.48.0_02.08.2012_22.55.13_log.txt

[color=#A23BEC]< %USERPROFILE%\*.* >[/color]
[2012/08/02 23:12:37 | 006,553,600 | -HS- | M] () -- C:\Users\Tearsa\ntuser.dat
[2012/08/02 05:48:44 | 000,001,024 | -H-- | M] () -- C:\Users\Tearsa\ntuser.dat.LOG
[2012/08/02 23:12:36 | 000,262,144 | -HS- | M] () -- C:\Users\Tearsa\ntuser.dat.LOG1
[2011/04/11 13:48:45 | 000,000,000 | -HS- | M] () -- C:\Users\Tearsa\ntuser.dat.LOG2
[2012/08/02 16:15:50 | 000,065,536 | -HS- | M] () -- C:\Users\Tearsa\ntuser.dat{0d8a7523-dce6-11e1-99bb-ee54977c0b0b}.TM.blf
[2012/08/02 16:15:50 | 000,524,288 | -HS- | M] () -- C:\Users\Tearsa\ntuser.dat{0d8a7523-dce6-11e1-99bb-ee54977c0b0b}.TMContainer00000000000000000001.regtrans-ms
[2012/08/02 16:15:50 | 000,524,288 | -HS- | M] () -- C:\Users\Tearsa\ntuser.dat{0d8a7523-dce6-11e1-99bb-ee54977c0b0b}.TMContainer00000000000000000002.regtrans-ms
[2011/04/11 14:09:11 | 000,065,536 | -HS- | M] () -- C:\Users\Tearsa\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2011/04/11 14:09:11 | 000,524,288 | -HS- | M] () -- C:\Users\Tearsa\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2011/04/11 14:09:11 | 000,524,288 | -HS- | M] () -- C:\Users\Tearsa\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2011/04/11 13:48:45 | 000,000,020 | -HS- | M] () -- C:\Users\Tearsa\ntuser.ini

[color=#A23BEC]< %USERPROFILE%\AppData\Local\*.* >[/color]
[2011/12/30 13:34:56 | 000,008,704 | ---- | M] () -- C:\Users\Tearsa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/18 12:38:44 | 000,127,256 | ---- | M] () -- C:\Users\Tearsa\AppData\Local\GDIPFONTCACHEV1.DAT

[color=#A23BEC]< %USERPROFILE%\AppData\Roaming\*.* >[/color]

[color=#A23BEC]< %ProgramData%\*.* >[/color]

[color=#A23BEC]< %CommonProgramFiles%\*.* >[/color]

[color=#A23BEC]< %CommonProgramFiles%\ComObjects*.* >[/color]

[color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
[2009/07/13 21:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

[color=#A23BEC]< %systemroot%\system32\config\systemprofile\AppData\Local\*.* >[/color]

[color=#A23BEC]< %systemroot%\system32\config\systemprofile\AppData\Roaming\*.* >[/color]

[color=#A23BEC]< %windir%\SysWOW64\config\systemprofile\AppData\Local\*.* >[/color]

[color=#A23BEC]< %windir%\SysWOW64\config\systemprofile\AppData\Roaming\*.* >[/color]

[color=#A23BEC]< %windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.* >[/color]

[color=#A23BEC]< %windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.* >[/color]

[color=#A23BEC]< %windir%\temp\*.* >[/color]
[2012/04/26 13:34:54 | 000,246,440 | ---- | M] (Ask.com) -- C:\Windows\temp\AskSLib.dll
[2011/04/15 16:08:09 | 000,546,834 | ---- | M] () -- C:\Windows\temp\dd_ATL80SP1_KB973923MSI5DC8.txt
[2011/04/15 16:08:09 | 000,018,980 | ---- | M] () -- C:\Windows\temp\dd_ATL80SP1_KB973923UI5DC8.txt
[2012/06/14 15:19:01 | 000,040,304 | ---- | M] () -- C:\Windows\temp\dd_clwireg.txt
[2011/04/13 15:07:08 | 000,001,388 | ---- | M] () -- C:\Windows\temp\dd_dotNetFx40_Client_x86_decompression_log.txt
[2011/04/13 15:06:53 | 000,000,660 | ---- | M] () -- C:\Windows\temp\dd_SetupUtility.txt
[2011/06/17 16:11:12 | 000,443,374 | ---- | M] () -- C:\Windows\temp\dd_vcredistMSI1A5B.txt
[2011/06/17 16:11:12 | 000,211,064 | ---- | M] () -- C:\Windows\temp\dd_vcredistUI1A5B.txt
[2011/03/05 13:33:48 | 000,000,140 | ---- | M] () -- C:\Windows\temp\fwtsqmfile00.sqm
[2011/03/05 13:36:22 | 000,000,140 | ---- | M] () -- C:\Windows\temp\fwtsqmfile01.sqm
[2011/03/05 13:36:24 | 000,000,140 | ---- | M] () -- C:\Windows\temp\fwtsqmfile02.sqm
[2011/04/18 16:12:00 | 000,000,140 | ---- | M] () -- C:\Windows\temp\fwtsqmfile03.sqm
[2011/04/18 16:12:07 | 000,000,140 | ---- | M] () -- C:\Windows\temp\fwtsqmfile04.sqm
[2011/09/12 14:03:48 | 000,000,140 | ---- | M] () -- C:\Windows\temp\fwtsqmfile05.sqm
[2011/09/12 14:03:50 | 000,000,140 | ---- | M] () -- C:\Windows\temp\fwtsqmfile06.sqm
[2012/08/02 16:44:06 | 000,000,608 | ---- | M] () -- C:\Windows\temp\fwtsqmfile09.sqm
[2012/08/02 21:47:09 | 000,000,140 | ---- | M] () -- C:\Windows\temp\fwtsqmfile10.sqm
[2012/07/30 08:33:24 | 000,047,061 | ---- | M] () -- C:\Windows\temp\GoogleToolbarInstaller1.log
[2012/03/19 14:13:07 | 000,933,887 | ---- | M] () -- C:\Windows\temp\GoogleToolbarInstaller2.log
[2011/04/15 16:10:43 | 004,201,036 | ---- | M] () -- C:\Windows\temp\KB2446708_20110415_160913231-Microsoft .NET Framework 4 Client Profile-MSP0.txt
[2011/04/15 16:10:57 | 000,054,594 | ---- | M] () -- C:\Windows\temp\KB2446708_20110415_160913231.html
[2011/06/22 16:26:39 | 004,936,776 | ---- | M] () -- C:\Windows\temp\KB2478663_20110622_162416182-Microsoft .NET Framework 4 Client Profile-MSP0.txt
[2011/06/22 16:26:53 | 000,054,814 | ---- | M] () -- C:\Windows\temp\KB2478663_20110622_162416182.html
[2011/06/22 16:23:51 | 004,640,126 | ---- | M] () -- C:\Windows\temp\KB2518870_20110622_162210929-Microsoft .NET Framework 4 Client Profile-MSP0.txt
[2011/06/22 16:24:04 | 000,056,048 | ---- | M] () -- C:\Windows\temp\KB2518870_20110622_162210929.html
[2011/08/12 16:25:57 | 005,230,996 | ---- | M] () -- C:\Windows\temp\KB2539636_20110812_162425333-Microsoft .NET Framework 4 Client Profile-MSP0.txt
[2011/08/12 16:26:11 | 000,054,814 | ---- | M] () -- C:\Windows\temp\KB2539636_20110812_162425333.html
[2011/10/14 15:05:56 | 006,642,532 | ---- | M] () -- C:\Windows\temp\KB2572078_20111014_150421542-Microsoft .NET Framework 4 Client Profile-MSP0.txt
[2011/10/14 15:06:09 | 000,056,204 | ---- | M] () -- C:\Windows\temp\KB2572078_20111014_150421542.html
[2012/03/21 16:34:40 | 007,861,842 | ---- | M] () -- C:\Windows\temp\KB2600217_20120321_163257345-Microsoft .NET Framework 4 Client Profile-MSP0.txt
[2012/03/21 16:34:40 | 000,059,812 | ---- | M] () -- C:\Windows\temp\KB2600217_20120321_163257345.html
[2012/05/10 15:44:59 | 011,266,228 | ---- | M] () -- C:\Windows\temp\KB2604121_20120510_154311955-Microsoft .NET Framework 4 Client Profile-MSP0.txt
[2012/05/10 15:44:59 | 000,059,476 | ---- | M] () -- C:\Windows\temp\KB2604121_20120510_154311955.html
[2012/02/15 16:36:55 | 007,411,260 | ---- | M] () -- C:\Windows\temp\KB2633870_20120215_163503575-Microsoft .NET Framework 4 Client Profile-MSP0.txt
[2012/02/15 16:37:10 | 000,058,780 | ---- | M] () -- C:\Windows\temp\KB2633870_20120215_163503575.html
[2012/01/11 11:26:44 | 007,026,464 | ---- | M] () -- C:\Windows\temp\KB2656351_20120111_112530781-Microsoft .NET Framework 4 Client Profile-MSP0.txt
[2012/01/11 11:26:44 | 000,058,784 | ---- | M] () -- C:\Windows\temp\KB2656351_20120111_112530781.html
[2012/06/14 15:17:28 | 012,366,050 | ---- | M] () -- C:\Windows\temp\KB2656368v2_20120614_151538270-Microsoft .NET Framework 4 Client Profile-MSP0.txt
[2012/06/14 15:17:28 | 000,058,632 | ---- | M] () -- C:\Windows\temp\KB2656368v2_20120614_151538270.html
[2012/04/12 15:28:27 | 010,552,690 | ---- | M] () -- C:\Windows\temp\KB2656368_20120412_152651419-Microsoft .NET Framework 4 Client Profile-MSP0.txt
[2012/04/12 15:28:27 | 000,058,952 | ---- | M] () -- C:\Windows\temp\KB2656368_20120412_152651419.html
[2012/05/10 15:47:00 | 011,748,520 | ---- | M] () -- C:\Windows\temp\KB2656405_20120510_154556587-Microsoft .NET Framework 4 Client Profile-MSP0.txt
[2012/05/10 15:47:00 | 000,058,852 | ---- | M] () -- C:\Windows\temp\KB2656405_20120510_154556587.html
[2012/06/14 15:20:00 | 012,932,424 | ---- | M] () -- C:\Windows\temp\KB2686827_20120614_151903588-Microsoft .NET Framework 4 Client Profile-MSP0.txt
[2012/06/14 15:20:00 | 000,058,536 | ---- | M] () -- C:\Windows\temp\KB2686827_20120614_151903588.html
[2012/02/15 16:38:23 | 000,023,276 | ---- | M] () -- C:\Windows\temp\mavcperf-setup.log
[2011/04/13 15:06:53 | 003,606,278 | ---- | M] () -- C:\Windows\temp\Microsoft .NET Framework 4 Client Profile Setup_20110413_150549098-MSI_netfx_Core_x86.msi.txt
[2011/04/13 15:07:08 | 000,576,820 | ---- | M] () -- C:\Windows\temp\Microsoft .NET Framework 4 Client Profile Setup_20110413_150549098.html
[2012/05/14 16:27:52 | 000,356,130 | ---- | M] () -- C:\Windows\temp\Microsoft Visual C++ 2010  x86 Redistributable Setup_20120514_162747102-Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219-MSP0.txt
[2012/05/14 16:27:53 | 000,077,948 | ---- | M] () -- C:\Windows\temp\Microsoft Visual C++ 2010  x86 Redistributable Setup_20120514_162747102.html
[2012/08/02 21:29:06 | 003,074,876 | ---- | M] () -- C:\Windows\temp\MpCmdRun.log
[2012/08/02 16:39:53 | 000,581,136 | ---- | M] () -- C:\Windows\temp\MpSigStub.log
[2012/05/10 15:42:28 | 000,002,272 | ---- | M] () -- C:\Windows\temp\Silverlight0.log
[2012/05/10 15:42:28 | 002,751,962 | ---- | M] () -- C:\Windows\temp\SilverlightMSI.log
[2011/05/13 08:45:58 | 000,524,288 | ---- | M] () -- C:\Windows\temp\TMP000000019E5B6FE1302606C1
[2012/05/14 08:43:52 | 000,524,288 | ---- | M] () -- C:\Windows\temp\TMP000000070D5247D9D09B40AB
[2012/08/02 20:52:43 | 000,524,288 | ---- | M] () -- C:\Windows\temp\TMP000000625ECF511985DF39B1
[2012/07/12 11:32:46 | 000,524,288 | ---- | M] () -- C:\Windows\temp\TMP0000047182AA77394ECC0212
[2012/07/12 11:34:55 | 000,524,288 | ---- | M] () -- C:\Windows\temp\TMP000004736426BD15A2395E73
[2012/06/28 15:14:25 | 000,524,288 | ---- | M] () -- C:\Windows\temp\TMP0000067039984969C8E80740
[2012/03/22 15:24:56 | 000,524,288 | ---- | M] () -- C:\Windows\temp\TMP00000760D93C7585DC1CF1FF
[2012/06/18 16:26:05 | 000,524,288 | ---- | M] () -- C:\Windows\temp\TMP000009BC2E1684E3BC6634B0
[2012/06/21 15:31:03 | 000,524,288 | ---- | M] () -- C:\Windows\temp\TMP000009EEB6ED90A3A1BFB90D
[2012/07/02 16:13:51 | 000,524,288 | ---- | M] () -- C:\Windows\temp\TMP00000C0D8B635771A060457B
[2011/08/05 15:22:44 | 000,524,288 | ---- | M] () -- C:\Windows\temp\TMP00001001E4ECADF9606EECE8
[2011/10/07 15:25:51 | 000,524,288 | ---- | M] () -- C:\Windows\temp\TMP000014A62E21E6F575D5EE1E
[2012/08/02 20:27:53 | 000,524,288 | ---- | M] () -- C:\Windows\temp\TMP000161276964E12FCD1BE43E
[2012/08/02 20:41:27 | 000,524,288 | ---- | M] () -- C:\Windows\temp\TMP0001621A3386CC554AEE640E
[2011/09/16 08:40:47 | 000,008,113 | ---- | M] () -- C:\Windows\temp\TVTCoreUtil.log
[30 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]

[color=#A23BEC]< %windir%\minidump\*.* >[/color]

[color=#A23BEC]< %windir%\*. >[/color]
[2012/08/02 14:55:20 | 000,000,000 | ---D | M] -- C:\Windows\addins
[2012/08/02 14:26:33 | 000,000,000 | ---D | M] -- C:\Windows\AppCompat
[2012/08/02 14:55:20 | 000,000,000 | ---D | M] -- C:\Windows\AppPatch
[2012/06/25 12:08:05 | 000,000,000 | R-SD | M] -- C:\Windows\assembly
[2009/07/13 21:52:30 | 000,000,000 | ---D | M] -- C:\Windows\Boot
[2009/07/13 21:52:30 | 000,000,000 | ---D | M] -- C:\Windows\Branding
[2011/03/05 13:29:05 | 000,000,000 | ---D | M] -- C:\Windows\CSC
[2009/07/13 21:52:31 | 000,000,000 | ---D | M] -- C:\Windows\Cursors
[2012/08/02 22:12:26 | 000,000,000 | ---D | M] -- C:\Windows\debug
[2012/08/02 14:53:14 | 000,000,000 | ---D | M] -- C:\Windows\delnis
[2012/08/02 14:27:40 | 000,000,000 | ---D | M] -- C:\Windows\diagnostics
[2009/07/13 21:56:48 | 000,000,000 | ---D | M] -- C:\Windows\DigitalLocker
[2012/08/02 14:53:14 | 000,000,000 | ---D | M] -- C:\Windows\Downloaded Installations
[2012/08/02 14:53:14 | 000,000,000 | ---D | M] -- C:\Windows\Downloaded Program Files
[2012/08/02 14:55:20 | 000,000,000 | ---D | M] -- C:\Windows\ehome
[2012/08/02 14:53:14 | 000,000,000 | ---D | M] -- C:\Windows\en
[2012/08/02 14:55:20 | 000,000,000 | ---D | M] -- C:\Windows\en-US
[2012/08/02 14:58:11 | 000,000,000 | R-SD | M] -- C:\Windows\Fonts
[2012/08/02 14:28:22 | 000,000,000 | ---D | M] -- C:\Windows\Globalization
[2012/08/02 14:53:16 | 000,000,000 | ---D | M] -- C:\Windows\Help
[2012/08/02 14:55:20 | 000,000,000 | ---D | M] -- C:\Windows\IME
[2012/08/02 23:05:16 | 000,000,000 | ---D | M] -- C:\Windows\inf
[2012/08/02 15:20:48 | 000,000,000 | -HSD | M] -- C:\Windows\Installer
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\Intuit
[2009/07/13 21:52:31 | 000,000,000 | ---D | M] -- C:\Windows\L2Schemas
[2009/07/13 19:03:55 | 000,000,000 | ---D | M] -- C:\Windows\LiveKernelReports
[2012/08/02 22:12:26 | 000,000,000 | ---D | M] -- C:\Windows\Logs
[2012/08/02 14:55:20 | 000,000,000 | R-SD | M] -- C:\Windows\Media
[2012/08/02 14:53:27 | 000,000,000 | ---D | M] -- C:\Windows\Microsoft.NET
[2009/07/13 19:04:03 | 000,000,000 | ---D | M] -- C:\Windows\ModemLogs
[2012/08/02 14:53:27 | 000,000,000 | ---D | M] -- C:\Windows\Offline Web Pages
[2012/08/02 22:12:32 | 000,000,000 | ---D | M] -- C:\Windows\Panther
[2011/03/05 13:59:07 | 000,000,000 | ---D | M] -- C:\Windows\PCHEALTH
[2009/07/13 21:52:30 | 000,000,000 | ---D | M] -- C:\Windows\Performance
[2009/07/13 19:37:07 | 000,000,000 | ---D | M] -- C:\Windows\PLA
[2012/08/02 14:55:20 | 000,000,000 | ---D | M] -- C:\Windows\PolicyDefinitions
[2012/08/02 22:56:04 | 000,000,000 | ---D | M] -- C:\Windows\Prefetch
[2012/08/02 14:47:51 | 000,000,000 | ---D | M] -- C:\Windows\registration
[2012/08/02 14:53:27 | 000,000,000 | ---D | M] -- C:\Windows\rescache
[2012/08/02 14:53:27 | 000,000,000 | ---D | M] -- C:\Windows\Resources
[2009/07/13 19:05:02 | 000,000,000 | ---D | M] -- C:\Windows\SchCache
[2012/08/02 14:53:27 | 000,000,000 | ---D | M] -- C:\Windows\schemas
[2012/08/02 14:53:27 | 000,000,000 | ---D | M] -- C:\Windows\security
[2012/08/02 14:32:48 | 000,000,000 | ---D | M] -- C:\Windows\ServiceProfiles
[2012/08/02 14:55:20 | 000,000,000 | ---D | M] -- C:\Windows\servicing
[2012/08/02 14:53:37 | 000,000,000 | ---D | M] -- C:\Windows\Setup
[2012/08/02 14:53:37 | 000,000,000 | ---D | M] -- C:\Windows\ShellNew
[2012/08/02 22:12:26 | 000,000,000 | ---D | M] -- C:\Windows\SoftwareDistribution
[2012/08/02 14:33:40 | 000,000,000 | ---D | M] -- C:\Windows\Speech
[2011/08/29 11:48:27 | 000,000,000 | ---D | M] -- C:\Windows\Sun
[2012/08/02 14:55:36 | 000,000,000 | ---D | M] -- C:\Windows\system
[2012/08/02 23:00:44 | 000,000,000 | ---D | M] -- C:\Windows\System32
[2012/08/02 14:53:41 | 000,000,000 | ---D | M] -- C:\Windows\TAPI
[2012/08/02 21:47:29 | 000,000,000 | ---D | M] -- C:\Windows\Tasks
[2012/08/02 23:11:51 | 000,000,000 | ---D | M] -- C:\Windows\Temp
[2009/07/13 19:04:02 | 000,000,000 | ---D | M] -- C:\Windows\tracing
[2012/08/02 14:55:36 | 000,000,000 | ---D | M] -- C:\Windows\twain_32
[2012/08/02 14:38:07 | 000,000,000 | ---D | M] -- C:\Windows\Vss
[2012/08/02 14:38:07 | 000,000,000 | ---D | M] -- C:\Windows\Web
[2012/08/02 14:55:20 | 000,000,000 | ---D | M] -- C:\Windows\winsxs

[color=#A23BEC]< %windir%\installer\*. >[/color]
[2011/03/05 13:50:35 | 000,000,000 | -HSD | M] -- C:\Windows\installer\$PatchCache$
[2012/08/02 14:53:23 | 000,000,000 | ---D | M] -- C:\Windows\installer\{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}
[2012/08/02 14:53:23 | 000,000,000 | ---D | M] -- C:\Windows\installer\{0E64B098-8018-4256-BA23-C316A43AD9B0}
[2012/08/02 21:40:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{0F842B77-56EA-4AAF-8295-81A022350B5E}
[2012/08/02 14:53:23 | 000,000,000 | ---D | M] -- C:\Windows\installer\{122ADF8C-DDA1-480C-9936-C88F2825B265}
[2012/08/02 14:53:23 | 000,000,000 | ---D | M] -- C:\Windows\installer\{16FCDD97-AE09-476B-88CD-261D852BD34C}
[2012/08/02 14:58:10 | 000,000,000 | ---D | M] -- C:\Windows\installer\{18DB3375-0649-4EA3-959A-44F1ACD278BA}
[2012/08/02 14:58:10 | 000,000,000 | ---D | M] -- C:\Windows\installer\{1D70AABC-CB59-4700-A708-EA56D1CA07B0}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{25C64847-B900-48AD-A164-1B4F9B774650}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{26A24AE4-039D-4CA4-87B4-2F83216032FF}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{3248F0A8-6813-11D6-A77B-00B0D0150170}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{3759CC1E-8259-4B0D-862A-078EABFFD97F}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{394B0F33-CB58-4E46-A101-4A9B81298D39}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{3AE5A1B4-D6AE-48D4-A07F-46A806CD53E6}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{4A74A56A-1855-4828-AC68-FB4A2E785A21}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{50F68032-B5B7-4513-9116-C978DBD8F27A}
[2012/08/02 14:58:10 | 000,000,000 | ---D | M] -- C:\Windows\installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{716E0306-8318-4364-8B8F-0CC4E9376BAC}
[2011/04/11 14:00:43 | 000,000,000 | ---D | M] -- C:\Windows\installer\{788A0222-5690-4212-AA9C-C48FD0E1C9AE}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{79155F2B-9895-49D7-8612-D92580E0DE5B}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{90120000-006E-0409-0000-0000000FF1CE}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{90140000-006D-0409-0000-0000000FF1CE}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{91120000-00CA-0000-0000-0000000FF1CE}
[2011/03/05 14:02:41 | 000,000,000 | ---D | M] -- C:\Windows\installer\{95140000-0070-0000-0000-0000000FF1CE}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{A3BE3F1E-2472-4211-8735-E8239BE49D9F}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{A726AE06-AAA3-43D1-87E3-70F510314F04}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{AC76BA86-1033-F400-BA7E-000000000004}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{AC76BA86-7AD7-1033-7B44-AA1000000001}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{B383F243-0ABC-4E56-AA30-923B8D85076E}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{D1696920-9794-4BBC-8A30-7A88763DE5A2}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{DA97BDF9-BC72-46FD-8E76-427F2BB951EE}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{DECDCB7C-58CC-4865-91AF-627F9798FE48}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
[2011/03/05 13:59:40 | 000,000,000 | ---D | M] -- C:\Windows\installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
[2011/03/05 13:50:40 | 000,000,000 | ---D | M] -- C:\Windows\installer\{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
[2012/08/02 14:53:24 | 000,000,000 | ---D | M] -- C:\Windows\installer\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}

[color=#A23BEC]< %windir%\system32\*. >[/color]
[2012/08/02 21:52:55 | 000,000,000 | -HSD | M] -- C:\Windows\system32\%APPDATA%
[2009/07/13 21:56:48 | 000,000,000 | ---D | M] -- C:\Windows\system32\0409
[2012/08/02 14:55:20 | 000,000,000 | ---D | M] -- C:\Windows\system32\AdvancedInstallers
[2012/08/02 14:55:20 | 000,000,000 | ---D | M] -- C:\Windows\system32\ar-SA
[2012/08/02 14:55:20 | 000,000,000 | ---D | M] -- C:\Windows\system32\bg-BG
[2012/08/02 14:55:20 | 000,000,000 | ---D | M] -- C:\Windows\system32\Boot
[2012/08/02 22:53:00 | 000,000,000 | ---D | M] -- C:\Windows\system32\catroot
[2012/08/02 16:13:31 | 000,000,000 | ---D | M] -- C:\Windows\system32\catroot2
[2012/08/02 14:55:20 | 000,000,000 | ---D | M] -- C:\Windows\system32\CodeIntegrity
[2012/08/02 14:55:20 | 000,000,000 | ---D | M] -- C:\Windows\system32\com
[2012/08/02 20:43:26 | 000,000,000 | ---D | M] -- C:\Windows\system32\config
[2012/08/02 14:55:20 | 000,000,000 | ---D | M] -- C:\Windows\system32\cs-CZ
[2012/08/02 14:55:20 | 000,000,000 | ---D | M] -- C:\Windows\system32\da-DK
[2012/08/02 14:55:20 | 000,000,000 | ---D | M] -- C:\Windows\system32\de-DE
[2012/08/02 14:55:20 | 000,000,000 | ---D | M] -- C:\Windows\system32\Dism
[2012/08/02 22:55:24 | 000,000,000 | ---D | M] -- C:\Windows\system32\drivers
[2012/08/02 16:15:05 | 000,000,000 | ---D | M] -- C:\Windows\system32\DriverStore
[2012/08/02 14:53:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\DRVSTORE
[2012/08/02 14:55:21 | 000,000,000 | ---D | M] -- C:\Windows\system32\el-GR
[2012/08/02 14:55:21 | 000,000,000 | ---D | M] -- C:\Windows\system32\en
[2012/08/02 14:58:14 | 000,000,000 | ---D | M] -- C:\Windows\system32\en-US
[2012/08/02 14:55:21 | 000,000,000 | ---D | M] -- C:\Windows\system32\es-ES
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\et-EE
[2012/08/02 14:53:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\EventProviders
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\fi-FI
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\fr-FR
[2011/11/16 10:20:19 | 000,000,000 | ---D | M] -- C:\Windows\system32\FxsTmp
[2009/07/13 19:03:57 | 000,000,000 | ---D | M] -- C:\Windows\system32\GroupPolicy
[2009/07/13 19:03:57 | 000,000,000 | ---D | M] -- C:\Windows\system32\GroupPolicyUsers
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\he-IL
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\hr-HR
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\hu-HU
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\ias
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\icsxml
[2012/08/02 14:53:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\IME
[2009/07/13 19:05:45 | 000,000,000 | ---D | M] -- C:\Windows\system32\inetsrv
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\it-IT
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\ja-JP
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\ko-KR
[2011/04/22 12:17:42 | 000,000,000 | ---D | M] -- C:\Windows\system32\LogFiles
[2011/03/05 13:55:44 | 000,000,000 | ---D | M] -- C:\Windows\system32\logs
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\lt-LT
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\lv-LV
[2012/08/02 14:53:39 | 000,000,000 | ---D | M] -- C:\Windows\system32\Macromed
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\manifeststore
[2012/08/02 14:36:29 | 000,000,000 | --SD | M] -- C:\Windows\system32\Microsoft
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\migration
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\migwiz
[2012/08/02 14:53:40 | 000,000,000 | ---D | M] -- C:\Windows\system32\Msdtc
[2012/08/02 14:53:40 | 000,000,000 | ---D | M] -- C:\Windows\system32\MUI
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\nb-NO
[2012/08/02 14:53:40 | 000,000,000 | ---D | M] -- C:\Windows\system32\NDF
[2012/08/02 14:53:40 | 000,000,000 | ---D | M] -- C:\Windows\system32\NetworkList
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\nl-NL
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\oobe
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\pl-PL
[2012/08/02 14:53:40 | 000,000,000 | ---D | M] -- C:\Windows\system32\Printing_Admin_Scripts
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\pt-BR
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\pt-PT
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\ras
[2011/03/05 13:35:26 | 000,000,000 | ---D | M] -- C:\Windows\system32\Recovery
[2012/08/02 14:53:40 | 000,000,000 | ---D | M] -- C:\Windows\system32\restore
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\ro-RO
[2011/03/05 13:36:03 | 000,000,000 | ---D | M] -- C:\Windows\system32\RTCOM
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\ru-RU
[2012/08/02 14:55:35 | 000,000,000 | ---D | M] -- C:\Windows\system32\Setup
[2009/07/13 19:37:09 | 000,000,000 | ---D | M] -- C:\Windows\system32\sk-SK
[2009/07/13 19:37:09 | 000,000,000 | ---D | M] -- C:\Windows\system32\sl-SI
[2009/07/13 21:56:48 | 000,000,000 | ---D | M] -- C:\Windows\system32\slmgr
[2009/07/13 19:37:09 | 000,000,000 | ---D | M] -- C:\Windows\system32\SMI
[2012/08/02 14:53:40 | 000,000,000 | ---D | M] -- C:\Windows\system32\Speech
[2012/08/02 14:53:40 | 000,000,000 | ---D | M] -- C:\Windows\system32\spool
[2012/08/02 14:53:40 | 000,000,000 | ---D | M] -- C:\Windows\system32\spp
[2012/08/02 14:55:36 | 000,000,000 | ---D | M] -- C:\Windows\system32\sppui
[2012/08/02 14:53:41 | 000,000,000 | ---D | M] -- C:\Windows\system32\SPReview
[2012/08/02 14:55:36 | 000,000,000 | ---D | M] -- C:\Windows\system32\sr-Latn-CS
[2012/08/02 14:55:36 | 000,000,000 | ---D | M] -- C:\Windows\system32\sv-SE
[2012/08/02 14:55:36 | 000,000,000 | ---D | M] -- C:\Windows\system32\sysprep
[2012/08/02 21:47:29 | 000,000,000 | ---D | M] -- C:\Windows\system32\Tasks
[2012/08/02 14:55:36 | 000,000,000 | ---D | M] -- C:\Windows\system32\th-TH
[2012/08/02 14:55:36 | 000,000,000 | ---D | M] -- C:\Windows\system32\tr-TR
[2012/08/02 14:55:36 | 000,000,000 | ---D | M] -- C:\Windows\system32\uk-UA
[2012/08/02 14:53:41 | 000,000,000 | ---D | M] -- C:\Windows\system32\Wat
[2012/08/02 14:58:15 | 000,000,000 | ---D | M] -- C:\Windows\system32\wbem
[2012/08/02 14:53:41 | 000,000,000 | ---D | M] -- C:\Windows\system32\WCN
[2012/08/02 14:37:52 | 000,000,000 | ---D | M] -- C:\Windows\system32\wdi
[2012/08/02 14:53:41 | 000,000,000 | ---D | M] -- C:\Windows\system32\wfp
[2009/07/13 21:52:30 | 000,000,000 | ---D | M] -- C:\Windows\system32\WinBioDatabase
[2012/08/02 14:55:36 | 000,000,000 | ---D | M] -- C:\Windows\system32\WinBioPlugIns
[2012/08/02 14:37:56 | 000,000,000 | ---D | M] -- C:\Windows\system32\WindowsPowerShell
[2009/07/13 19:37:09 | 000,000,000 | ---D | M] -- C:\Windows\system32\winevt
[2012/08/02 14:53:41 | 000,000,000 | ---D | M] -- C:\Windows\system32\winrm
[2012/08/02 14:55:36 | 000,000,000 | ---D | M] -- C:\Windows\system32\zh-CN
[2009/07/13 19:37:10 | 000,000,000 | ---D | M] -- C:\Windows\system32\zh-HK
[2012/08/02 14:55:36 | 000,000,000 | ---D | M] -- C:\Windows\system32\zh-TW

[color=#A23BEC]< %windir%\sysnative\*. >[/color]

[color=#A23BEC]< %Temp%\smtmp\1\*.* >[/color]

[color=#A23BEC]< %Temp%\smtmp\2\*.* >[/color]

[color=#A23BEC]< %Temp%\smtmp\3\*.* >[/color]

[color=#A23BEC]< %Temp%\smtmp\4\*.* >[/color]
[2009/07/13 21:41:57 | 000,000,174 | -HS- | M] () -- C:\Users\Tearsa\AppData\Local\Temp\smtmp\4\desktop.ini

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2012/07/13 14:45:48 | 001,646,592 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\system32\64be820e.dll

[color=#A23BEC]< %systemroot%\syswow64\*.dll /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /90 >[/color]
[2012/07/18 18:05:10 | 000,083,392 | ---- | M] (Avira GmbH) -- C:\Windows\system32\drivers\avgntflt.sys
[2012/07/18 18:05:10 | 000,137,928 | ---- | M] (Avira GmbH) -- C:\Windows\system32\drivers\avipbb.sys
[2012/07/18 18:05:10 | 000,036,000 | ---- | M] (Avira GmbH) -- C:\Windows\system32\drivers\avkmgr.sys
[2012/06/01 21:40:59 | 000,369,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\cng.sys
[2012/06/01 21:45:04 | 000,067,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ksecdd.sys
[2012/06/01 21:45:03 | 000,134,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\ksecpkg.sys

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\syswow64\drivers\*.sys /90 >[/color]

[color=#A23BEC]< %systemroot%\syswow64\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >[/color]
[2009/07/13 18:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\jnwppr.dll
[2010/11/20 05:21:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\winprint.dll

[color=#A23BEC]< %systemroot%\*. /rp /s >[/color]

[color=#A23BEC]< %systemroot%\assembly\tmp\*.* /S /MD5 >[/color]

[color=#A23BEC]< %systemroot%\assembly\temp\*.* /S /MD5 >[/color]

[color=#A23BEC]< %systemroot%\assembly\GAC\*.* /S /MD5 >[/color]
[2012/08/02 22:54:34 | 000,005,120 | -HS- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\assembly\GAC\Desktop.ini
[2011/04/29 12:23:35 | 000,110,592 | ---- | M] () MD5=7ECB661F50F34A941A44DAC7241F7D08 -- C:\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\adodb.dll
[2011/04/29 12:24:16 | 000,000,196 | ---- | M] () MD5=44300D5320DA9FE1A79F85D3CC8369AB -- C:\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2011/04/29 12:23:37 | 000,004,608 | ---- | M] () MD5=74C8987F1B2549E1DF3EB3874B68ECAC -- C:\Windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\extensibility.dll
[2011/04/29 12:24:16 | 000,000,204 | ---- | M] () MD5=B020031BAAF51236A37136B9198E0ECC -- C:\Windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2011/04/29 09:53:03 | 000,077,824 | ---- | M] () MD5=C970EC8865AEAABC8BB32006647BBBAD -- C:\Windows\assembly\GAC\IEProtocol\2.0.0.139__82cc56431f1a971d\IEProtocol.dll
[2011/04/29 09:53:53 | 000,000,200 | ---- | M] () MD5=5355334F8DDD863AD54F5DADE02A9B10 -- C:\Windows\assembly\GAC\IEProtocol\2.0.0.139__82cc56431f1a971d\__AssemblyInfo__.ini
[2011/04/29 09:53:02 | 000,011,296 | ---- | M] () MD5=FDDE93A958DFCF10F3699850938C169F -- C:\Windows\assembly\GAC\Interop.QBPOSXMLRPLIB\2.0.0.32__31d8aec643e18259\Interop.QBPOSXMLRPLIB.dll
[2011/04/29 09:53:53 | 000,000,210 | ---- | M] () MD5=E994EAD1C5800ED96B8A85AD5049BEC5 -- C:\Windows\assembly\GAC\Interop.QBPOSXMLRPLIB\2.0.0.32__31d8aec643e18259\__AssemblyInfo__.ini
[2011/04/29 09:52:24 | 000,010,752 | ---- | M] () MD5=6FE3AFAC99CB6FEB1D67004642B91BFF -- C:\Windows\assembly\GAC\Interop.QBXMLRP2\8.0.0.249__31d8aec643e18259\Interop.QBXMLRP2.dll
[2011/04/29 09:53:45 | 000,000,206 | ---- | M] () MD5=5B461CD17D2978028BF333B8A7A12D43 -- C:\Windows\assembly\GAC\Interop.QBXMLRP2\8.0.0.249__31d8aec643e18259\__AssemblyInfo__.ini
[2011/03/05 13:48:42 | 000,053,248 | ---- | M] () MD5=75933586AFD94EA24C5ACD3DBC89A272 -- C:\Windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
[2011/03/05 13:48:42 | 000,000,329 | ---- | M] () MD5=82E140E8933ECCCA15DD2641519DC056 -- C:\Windows\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2011/03/05 13:48:43 | 000,012,800 | ---- | M] () MD5=C0843F0F45EDEEF233B1E581AE75E3BB -- C:\Windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
[2011/03/05 13:48:43 | 000,000,315 | ---- | M] () MD5=E531D8816128F0254F8A1F3E4DB33619 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2011/03/05 13:48:43 | 000,473,600 | ---- | M] () MD5=7AD4D9FABD109432EED91B359CEAE430 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
[2011/03/05 13:48:43 | 000,000,309 | ---- | M] () MD5=48D40626A98240B96C84C322D2925A11 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2011/03/05 13:48:42 | 002,676,224 | ---- | M] () MD5=A73E7421449CCA62B0561BAD4C8EF23D -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2011/03/05 13:48:42 | 000,000,311 | ---- | M] () MD5=C6F518D75B729E17AF0589D9D6F3B32B -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2011/03/05 13:48:42 | 002,846,720 | ---- | M] () MD5=5E2B8B8A5ED016468716B9FF82A1806F -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2011/03/05 13:48:42 | 000,000,311 | ---- | M] () MD5=E5D2AAB8D604B9354AD29B94D6228221 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2011/03/05 13:48:42 | 000,563,712 | ---- | M] () MD5=D3F1922325BE8E7E1C72BFD8179454CE -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2011/03/05 13:48:42 | 000,000,311 | ---- | M] () MD5=DE38FD2457215E438789E63F2F7EC84A -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2011/03/05 13:48:42 | 000,567,296 | ---- | M] () MD5=FB3BC0754921873A65F5FBDCA845E6EE -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2011/03/05 13:48:42 | 000,000,311 | ---- | M] () MD5=F43D5D3FE35318701556B60CEC7620F5 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2011/03/05 13:48:42 | 000,576,000 | ---- | M] () MD5=AFCF5F50C632F3A5598ABC28F196D77C -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2011/03/05 13:48:42 | 000,000,311 | ---- | M] () MD5=0F56C0CB0E21989C30599796CF80FC9E -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2011/03/05 13:48:42 | 000,577,024 | ---- | M] () MD5=CCD53738DF4FA27849B6BB05DD67D10D -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2011/03/05 13:48:42 | 000,000,311 | ---- | M] () MD5=052A38F554DEAFECD5801CB1293E005F -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2011/03/05 13:48:42 | 000,577,536 | ---- | M] () MD5=43C280C3B15CEB2472AB560D09629664 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2011/03/05 13:48:42 | 000,000,311 | ---- | M] () MD5=66DC12BBB93C3031CDA98A38302C851F -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2011/03/05 13:48:42 | 000,577,536 | ---- | M] () MD5=490807C150B7D8BE44BDE871F4DF8C56 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2011/03/05 13:48:42 | 000,000,311 | ---- | M] () MD5=6220941EE18AC934EA2007745D6BBD12 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2011/03/05 13:48:42 | 000,578,560 | ---- | M] () MD5=933085360527DE1B4947289CA468184E -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2011/03/05 13:48:42 | 000,000,311 | ---- | M] () MD5=E87C726ABEBB4DA20BFE64C6C19F0B02 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2011/03/05 13:48:43 | 000,578,560 | ---- | M] () MD5=25C76C1E29D3E8E7398F0901F558A629 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
[2011/03/05 13:48:43 | 000,000,311 | ---- | M] () MD5=23C16B867B5F0430F68E072F2A6DBA79 -- C:\Windows\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2011/03/05 13:48:43 | 000,145,920 | ---- | M] () MD5=D9824A9DD107E598575112B4FF897292 -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
[2011/03/05 13:48:43 | 000,000,313 | ---- | M] () MD5=A22DD0A8A4FAAFAD56DEC352F57CAADC -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2011/03/05 13:48:43 | 000,159,232 | ---- | M] () MD5=CEBD995DDEAB2C525A5C4E95789BC961 -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
[2011/03/05 13:48:43 | 000,000,315 | ---- | M] () MD5=1FC62D426CF0D2D2AD032A0FF0EB736F -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2011/03/05 13:48:43 | 000,364,544 | ---- | M] () MD5=46F26E2BAFD44960E7F13B2EF80AA0BC -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
[2011/03/05 13:48:43 | 000,000,313 | ---- | M] () MD5=1401BB69C58F6CFC043DB6092041EB6E -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2011/03/05 13:48:43 | 000,178,176 | ---- | M] () MD5=D035348EC8968861AF585B7132FE4C7B -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
[2011/03/05 13:48:43 | 000,000,315 | ---- | M] () MD5=2E752C10313C50CB59E115D7C261ECB6 -- C:\Windows\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2011/03/05 13:48:42 | 000,223,232 | ---- | M] () MD5=0C453970E89DB1C1EB9DE087E6EAB5BA -- C:\Windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
[2011/03/05 13:48:42 | 000,000,291 | ---- | M] () MD5=84E0708429BDDD1FF459171B6647E479 -- C:\Windows\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2009/07/13 21:42:34 | 000,356,352 | ---- | M] () MD5=DD2EB5E64619613C4C108CFB192F4950 -- C:\Windows\assembly\GAC\Microsoft.Ink\1.0.2201.0__31bf3856ad364e35\Microsoft.Ink.dll
[2009/07/13 21:42:34 | 000,000,325 | ---- | M] () MD5=3A74C27634435F509DC024FEEBE670E5 -- C:\Windows\assembly\GAC\Microsoft.Ink\1.0.2201.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2009/07/13 21:42:34 | 000,516,096 | ---- | M] () MD5=A02EE61542CAAE25F8A44C9428D30247 -- C:\Windows\assembly\GAC\Microsoft.Ink\1.7.2600.2180__31bf3856ad364e35\Microsoft.Ink.dll
[2009/07/13 21:42:34 | 000,000,328 | ---- | M] () MD5=FAF707724A740277714E33A65F4995BF -- C:\Windows\assembly\GAC\Microsoft.Ink\1.7.2600.2180__31bf3856ad364e35\__AssemblyInfo__.ini
[2011/04/29 09:52:15 | 008,013,088 | ---- | M] () MD5=0F9385A7A2E9EE464A298B46586F1E55 -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
[2011/04/29 09:53:45 | 000,000,207 | ---- | M] () MD5=1FF29DC2A2197D5984E5D418C904D3DF -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2011/04/29 12:23:05 | 000,080,696 | ---- | M] () MD5=54582B7054EAD1EFBF9F0A8218B61C4B -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Access.Dao\12.0.0.0__71e9bce111e9429c\Microsoft.Office.interop.access.dao.dll
[2011/04/29 12:24:21 | 000,000,224 | ---- | M] () MD5=553A1D17C8B2C73D599EC156ACA6CB7D -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Access.Dao\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/11/21 14:57:15 | 001,279,864 | ---- | M] () MD5=A30331358FA33B3C7FDB972D802F57C4 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
[2011/11/21 14:57:54 | 000,000,219 | ---- | M] () MD5=1F7EE91CD8AE8A1CBF71624227DB3D63 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/11/21 14:57:06 | 000,149,368 | ---- | M] () MD5=3AF754C16AF954DB7367FB39C3739387 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Graph.dll
[2011/11/21 14:57:55 | 000,000,219 | ---- | M] () MD5=2E0B0F90BA89FA1EDCC289688BF58A7B -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/04/29 12:23:19 | 000,920,376 | ---- | M] () MD5=5CBE57423C5CAFAA11B50E5C25DAE19D -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll
[2011/04/29 12:24:20 | 000,000,221 | ---- | M] () MD5=6B6872FAF93931EA6EB4F2E1E30A37D4 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/11/21 14:57:19 | 000,034,696 | ---- | M] () MD5=7E181C30E192223908BBF509AB827B41 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.OutlookViewCtl.dll
[2011/11/21 14:57:55 | 000,000,228 | ---- | M] () MD5=2C6E214F297382A5343D10D8D8ED62C6 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/11/21 14:57:23 | 000,350,080 | ---- | M] () MD5=5C62BA3A0FEE2D763BB79F858204D09D -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
[2011/11/21 14:57:55 | 000,000,224 | ---- | M] () MD5=EF446200B015C1662F07955E95322DCE -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/04/29 12:23:19 | 000,232,248 | ---- | M] () MD5=0944C6C65C258A4BE89605D666DE5880 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Publisher.dll
[2011/04/29 12:24:21 | 000,000,223 | ---- | M] () MD5=89274E3F135691355EBD73770EAFF34D -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/05/02 10:46:59 | 000,019,320 | ---- | M] () MD5=3CC99DCCB5B9F51483AF7532A6D65F92 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.SmartTag.dll
[2011/05/02 10:47:35 | 000,000,222 | ---- | M] () MD5=3C3CC20ADA56EB38EAF363E7A6BEEE93 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/11/21 14:57:21 | 000,870,256 | ---- | M] () MD5=54719FDC6A752DC78B364A3980DBC2E9 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
[2011/11/21 14:57:55 | 000,000,218 | ---- | M] () MD5=2A6411671028D5A543646989CB01DBD8 -- C:\Windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/04/29 12:23:35 | 000,013,312 | ---- | M] () MD5=D80746B2F94A3A28E380735D4B8A9EA3 -- C:\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll
[2011/04/29 12:24:16 | 000,000,210 | ---- | M] () MD5=A57C6028DAE8D855FFC2BBC2D6E57246 -- C:\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2011/04/29 12:23:19 | 000,371,496 | ---- | M] () MD5=BA4FB255E3887A039CB74A5870192220 -- C:\Windows\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll
[2011/04/29 12:24:21 | 000,000,216 | ---- | M] () MD5=E9A3D4644D3B7C20C5EE60970BC5681C -- C:\Windows\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/11/21 14:57:07 | 000,063,336 | ---- | M] () MD5=B60C87E3CD3ACFA71DAD8145C66D6E9C -- C:\Windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
[2011/11/21 14:57:55 | 000,000,210 | ---- | M] () MD5=F4663120ABF3E8FF67D7AAF33BD68EDF -- C:\Windows\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/04/29 12:23:35 | 000,229,376 | ---- | M] () MD5=FDA48714F6A291E25A1A219E89D59D9B -- C:\Windows\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\MSCOMCTL.DLL
[2011/04/29 12:24:21 | 000,000,200 | ---- | M] () MD5=481E504FBEA25FBF5408DB65F44FA5FA -- C:\Windows\assembly\GAC\mscomctl\10.0.4504.0__31bf3856ad364e35\__AssemblyInfo__.ini
[2011/04/29 12:23:35 | 000,004,096 | ---- | M] () MD5=AAA2E20588E154A10747BF1B31B55125 -- C:\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\msdatasrc.dll
[2011/04/29 12:24:16 | 000,000,200 | ---- | M] () MD5=C1F5FADD74964959FC4394832BBC3E59 -- C:\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini
[2011/05/02 10:46:59 | 000,423,784 | ---- | M] () MD5=DF7CBCD2DB89880A8A92EA134611B038 -- C:\Windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL
[2011/05/02 10:47:34 | 000,000,195 | ---- | M] () MD5=7C4A765B5AC30DBD8B53CD071B73840C -- C:\Windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/05/02 10:47:12 | 000,000,898 | ---- | M] () MD5=DCC5E6E13187570656FB60EBB51751A8 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.config
[2011/05/02 10:47:12 | 000,011,144 | ---- | M] () MD5=AA14986D717AF25CF6362C69BFA13359 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Excel.dll
[2011/05/02 10:47:33 | 000,000,231 | ---- | M] () MD5=4B9F522E4B403A5B090681600D9070C2 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/05/02 10:46:59 | 000,000,898 | ---- | M] () MD5=CC9313747F69E39B66D6B7EFE22FD328 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.config
[2011/05/02 10:46:59 | 000,011,128 | ---- | M] () MD5=CE0EDD4D644A7C624FA79E1B14B00323 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Graph.dll
[2011/05/02 10:47:35 | 000,000,231 | ---- | M] () MD5=69CD87BB9C6DA0537CE63A53E7092F32 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Graph\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/04/29 12:23:31 | 000,000,902 | ---- | M] () MD5=E2724C2DF4C312D34E4A7BCABBDD5AB6 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Outlook.config
[2011/04/29 12:23:30 | 000,012,104 | ---- | M] () MD5=2EE2F1AD6A3B6317D045D2C31F6FEF65 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Outlook.dll
[2011/04/29 12:24:21 | 000,000,233 | ---- | M] () MD5=A1C0A9578F9D8E0FCA9A4440070F31B0 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/04/29 12:23:29 | 000,000,916 | ---- | M] () MD5=DA6AC9B205A7A7FF0AB028049FD3AEA1 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl.config
[2011/04/29 12:23:29 | 000,012,632 | ---- | M] () MD5=DB1CC715650EC69FA2B20042B2DC6B5B -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl.dll
[2011/04/29 12:24:21 | 000,000,240 | ---- | M] () MD5=47440CFB37970DEFA6E164D85EE5491B -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.OutlookViewCtl\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/05/02 10:47:19 | 000,000,908 | ---- | M] () MD5=49E684EE5FF535D8FF08056769A9F9E6 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.config
[2011/05/02 10:47:19 | 000,011,152 | ---- | M] () MD5=445F0A07EAE252BE0464273767B22453 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll
[2011/05/02 10:47:35 | 000,000,236 | ---- | M] () MD5=CC90EB2A26912AB4C5102CDEF753E91F -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/04/29 12:23:33 | 000,000,906 | ---- | M] () MD5=1B1C62C31CB95E0E1D20FF7F4EE99A34 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Publisher.config
[2011/04/29 12:23:32 | 000,012,104 | ---- | M] () MD5=554DA52E16EAB6C18D003C0157BE0DD3 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Publisher.dll
[2011/04/29 12:24:21 | 000,000,235 | ---- | M] () MD5=B3B78A70350941D7D6992D5142275669 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Publisher\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/05/02 10:46:59 | 000,000,904 | ---- | M] () MD5=AC1B446DC4969CE1D3F605D9CE098DDB -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.config
[2011/05/02 10:46:59 | 000,011,136 | ---- | M] () MD5=C2F8D5E1D25BCAE6516E88AA0342FB6E -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll
[2011/05/02 10:47:35 | 000,000,234 | ---- | M] () MD5=79D81B7149BDC2CD7CB5B48D05D75F37 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.SmartTag\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/11/21 14:57:20 | 000,000,896 | ---- | M] () MD5=33324BF6E22A322816FD4C1C58BB032C -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.config
[2011/11/21 14:57:20 | 000,011,144 | ---- | M] () MD5=2CE989B779144889EA1F30A046DF13CB -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Word.dll
[2011/11/21 14:57:56 | 000,000,230 | ---- | M] () MD5=314847472C40A8C3574130C873856447 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/05/02 10:46:59 | 000,000,880 | ---- | M] () MD5=AEEFC22DA8D1EBBA43AC2E8B0599DFE3 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.config
[2011/05/02 10:46:59 | 000,011,112 | ---- | M] () MD5=FFD49049DE84727DE54922181E0AFBA5 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll
[2011/05/02 10:47:34 | 000,000,222 | ---- | M] () MD5=122F7F6C517CFA276B874A7F20A796B4 -- C:\Windows\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/05/02 10:46:59 | 000,000,850 | ---- | M] () MD5=5717939AB3C1CFFDF93DDC9A14856755 -- C:\Windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.office.config
[2011/05/02 10:46:59 | 000,010,576 | ---- | M] () MD5=B6C7C64CB13A418DF859A018EC93727B -- C:\Windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll
[2011/05/02 10:47:34 | 000,000,207 | ---- | M] () MD5=E7E59ABBFF65ED4C142D4006A6197E0E -- C:\Windows\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\__AssemblyInfo__.ini
[2011/04/29 09:53:03 | 000,016,384 | ---- | M] () MD5=5830CFB9D412F14333EC0C61BCBFA93E -- C:\Windows\assembly\GAC\QBWCInterfaces\2.0.0.139__82cc56431f1a971d\QBWCInterfaces.dll
[2011/04/29 09:53:53 | 000,000,204 | ---- | M] () MD5=DF3153BD410C7D58A0BFFC76E122737D -- C:\Windows\assembly\GAC\QBWCInterfaces\2.0.0.139__82cc56431f1a971d\__AssemblyInfo__.ini
[2011/04/29 12:23:35 | 000,016,384 | ---- | M] () MD5=E1EEB7E26AB04075EECC7275239B20B3 -- C:\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll
[2011/04/29 12:24:16 | 000,000,197 | ---- | M] () MD5=FC75E46DA5B9F9263B958C7B027ACBFC -- C:\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\__AssemblyInfo__.ini

[color=#A23BEC]< %systemroot%\assembly\GAC_32\*.* /S /MD5 >[/color]
[2009/07/13 18:19:59 | 000,004,608 | ---- | M] () MD5=2CBEAFED3233C20DF11B88DF909CD74F -- C:\Windows\assembly\GAC_32\AuditPolicyGPManagedStubs.Interop\6.1.0.0__31bf3856ad364e35\AuditPolicyGPManagedStubs.Interop.dll
[2010/11/20 05:32:20 | 000,238,080 | ---- | M] () MD5=D6D26A698BCCD17AB0761E6221C5F3C4 -- C:\Windows\assembly\GAC_32\BDATunePIA\6.1.0.0__31bf3856ad364e35\BDATunePIA.dll
[2010/11/04 18:57:39 | 000,069,120 | ---- | M] () MD5=C80DA476BFBAD97D874A0EFE037D7113 -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
[2011/03/05 13:46:59 | 000,018,232 | ---- | M] () MD5=4957FD170FC0775DC0A0AF1C4623F34B -- C:\Windows\assembly\GAC_32\DecompressionAddIn\1.0.0.0__bf27967c8fc25779\DecompressionAddIn.dll
[2011/03/05 13:46:59 | 000,106,296 | ---- | M] () MD5=E4EBE6C6BA379766DAD4EBA04F6A763E -- C:\Windows\assembly\GAC_32\Engine\1.0.0.0__bf27967c8fc25779\Engine.dll
[2011/03/05 13:46:59 | 000,013,112 | ---- | M] () MD5=9EE8044C3FB01D773AB208DDAFB5F340 -- C:\Windows\assembly\GAC_32\HostServices\1.0.0.0__bf27967c8fc25779\HostServices.dll
[2010/11/04 18:57:43 | 000,072,192 | ---- | M] () MD5=D58D4E4AA8D6146D838BE02500F50B27 -- C:\Windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
[2011/03/05 13:46:59 | 000,012,088 | ---- | M] () MD5=35278CCAF0F611D0FC572FFABDA28241 -- C:\Windows\assembly\GAC_32\Lenovo.TVT.Core.File\1.0.0.0__b04ebfc38422c91a\Lenovo.TVT.Core.File.dll
[2011/03/05 13:46:59 | 000,023,352 | ---- | M] () MD5=608FE4CFEAD9A2A9A07D98D70981CD56 -- C:\Windows\assembly\GAC_32\Lenovo.TVT.Core.Logging\1.0.0.0__b04ebfc38422c91a\Lenovo.TVT.Core.Logging.dll
[2011/03/05 13:46:59 | 000,022,328 | ---- | M] () MD5=9AED4DD18D0ACB838DEBF6F006C44628 -- C:\Windows\assembly\GAC_32\Lenovo.TVT.Core.System\1.0.0.0__b04ebfc38422c91a\Lenovo.TVT.Core.System.dll
[2010/11/20 05:32:22 | 000,134,656 | ---- | M] () MD5=7D8676EC6A6ABCF57E1F6CA5372E56EE -- C:\Windows\assembly\GAC_32\mcstoredb\6.1.0.0__31bf3856ad364e35\mcstoredb.dll
[2010/11/20 05:32:22 | 000,186,368 | ---- | M] () MD5=F65CFF843B6E073A4F8188E19EC538D2 -- C:\Windows\assembly\GAC_32\mcupdate\6.1.0.0__31bf3856ad364e35\mcupdate.exe
[2010/11/20 05:32:22 | 000,121,856 | ---- | M] () MD5=6B35B443F4EF4AA695487BC83EADAEC6 -- C:\Windows\assembly\GAC_32\Mcx2Dvcs\6.1.0.0__31bf3856ad364e35\Mcx2Dvcs.dll
[2009/07/13 19:12:54 | 000,090,112 | ---- | M] () MD5=7643FE2D5D8DC339868BD4D952E0F385 -- C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.Resources.dll
[2010/11/20 05:35:58 | 000,189,952 | ---- | M] () MD5=38D88B9F15909C5EB12543B9ADD60665 -- C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\6.1.0.0__31bf3856ad364e35\Microsoft.GroupPolicy.AdmTmplEditor.dll
[2010/11/20 05:35:58 | 000,145,920 | ---- | M] () MD5=7473DCFFD01F73BA2B2621555B02E09A -- C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.Interop\2.0.0.0__31bf3856ad364e35\Microsoft.GroupPolicy.Interop.dll
[2009/07/13 18:24:14 | 000,507,904 | ---- | M] () MD5=269691AFEE6C44C52CDCA23C24BDBB0C -- C:\Windows\assembly\GAC_32\Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Microsoft.Ink.dll
[2009/07/13 18:24:28 | 000,077,824 | ---- | M] () MD5=BB2BB7BFE455562249E922A7AA4493A5 -- C:\Windows\assembly\GAC_32\Microsoft.Interop.Security.AzRoles\2.0.0.0__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.dll
[2011/08/16 21:28:53 | 000,280,576 | ---- | M] () MD5=6A700621ECF04A54DB76EE9D1ADC79B7 -- C:\Windows\assembly\GAC_32\Microsoft.MediaCenter.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Interop.dll
[2010/11/20 05:35:58 | 000,129,536 | ---- | M] () MD5=796046D31F7CEEFFF6243A98FABA290B -- C:\Windows\assembly\GAC_32\Microsoft.MediaCenter.iTV.Media\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.iTV.Media.dll
[2010/11/20 05:35:58 | 000,053,248 | ---- | M] () MD5=700A8CF1409EBEEAD7D20B704C338C57 -- C:\Windows\assembly\GAC_32\Microsoft.MediaCenter.Mheg\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Mheg.dll
[2010/11/20 05:35:59 | 000,139,264 | ---- | M] () MD5=3B3D543F595910584AC45C75186CD3DA -- C:\Windows\assembly\GAC_32\Microsoft.MediaCenter.Playback\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Playback.dll
[2010/11/20 05:35:58 | 000,307,712 | ---- | M] () MD5=C6F74E2405934514BB0434B7FCF7B7ED -- C:\Windows\assembly\GAC_32\Microsoft.MediaCenter.TV.Tuners.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.TV.Tuners.Interop.dll
[2009/07/13 18:23:55 | 000,008,192 | ---- | M] () MD5=79D7E7A3CB56C91FE9030C5EFE2DC13C -- C:\Windows\assembly\GAC_32\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop\6.1.0.0__31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.PolicyEngineApi.Interop.dll
[2010/11/04 18:52:36 | 000,163,840 | ---- | M] () MD5=059B857CCA35C20F06B5DEBD51C4FB38 -- C:\Windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
[2009/07/13 18:26:31 | 000,008,192 | ---- | M] () MD5=FA44A672F1C12791984D9ECAB7DC3177 -- C:\Windows\assembly\GAC_32\Microsoft.Windows.Diagnosis.SDEngine\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDEngine.dll
[2010/11/20 05:32:22 | 000,019,968 | ---- | M] () MD5=36D6B6EFE1AFD20700DB4C4E20F400A7 -- C:\Windows\assembly\GAC_32\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop\6.1.0.0__31bf3856ad364e35\Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.dll
[2009/06/10 14:14:52 | 000,087,888 | ---- | M] () MD5=2E5F1CF69F92392F8829FC9C9263AE9B -- C:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\MSBuild.exe
[2009/06/10 14:14:53 | 000,001,581 | ---- | M] () MD5=1EA3E30080C0E256C2EF0C621E91C345 -- C:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\msbuild.exe.config
[2009/06/10 14:22:47 | 000,066,728 | ---- | M] () MD5=C01B81BB10AD14DBC5C4ECD350638096 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\big5.nlp
[2009/06/10 14:22:47 | 000,082,172 | ---- | M] () MD5=EE1F60F8774D74BED8B13498F3FE737A -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\bopomofo.nlp
[2009/06/10 14:22:58 | 000,116,756 | ---- | M] () MD5=F6DFDA5A31162D848634504565F6D321 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\ksc.nlp
[2012/01/03 19:50:59 | 004,550,656 | ---- | M] () MD5=C850A6041F5AEDE21C53514BBE9AB09D -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
[2009/06/10 14:23:13 | 000,059,342 | ---- | M] () MD5=DA5748A89E22A3932387E65694B25BBB -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normidna.nlp
[2009/06/10 14:23:13 | 000,045,794 | ---- | M] () MD5=3831A5E217D6FA828CCE1011DA26E677 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfc.nlp
[2009/06/10 14:23:13 | 000,039,284 | ---- | M] () MD5=DBDE664E0BA4BACD0A6A04AE2232B205 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfd.nlp
[2009/06/10 14:23:13 | 000,066,384 | ---- | M] () MD5=C9B88B759FE81D59CE8EBF5A0A8EB75A -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkc.nlp
[2009/06/10 14:23:13 | 000,060,294 | ---- | M] () MD5=3CAB6AB66759FCDF73B61EE262C9ACF4 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\normnfkd.nlp
[2009/06/10 14:23:14 | 000,083,748 | ---- | M] () MD5=54144F43EDF5AA8F504A30E7C1D1A7B5 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prc.nlp
[2009/06/10 14:23:14 | 000,083,748 | ---- | M] () MD5=901863C68E6523336CAC602FE9320ABC -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\prcp.nlp
[2009/06/10 14:23:17 | 000,262,148 | ---- | M] () MD5=FB59D247F7143C3B9683A547E808A88B -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sortkey.nlp
[2009/06/10 14:23:17 | 000,020,320 | ---- | M] () MD5=FF13BA175F0013D2311827E0D438C60B -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\sorttbls.nlp
[2009/06/10 14:23:23 | 000,028,288 | ---- | M] () MD5=09E420F90A329BDA68477FA4AF43CB28 -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\xjis.nlp
[2010/11/20 05:36:00 | 000,046,080 | ---- | M] () MD5=93C4029DABC19166076BE347283AB969 -- C:\Windows\assembly\GAC_32\napcrypt\6.1.0.0__31bf3856ad364e35\NAPCRYPT.DLL
[2010/11/20 05:36:00 | 000,107,008 | ---- | M] () MD5=E9CFC1884D1E579E82073103827FA62B -- C:\Windows\assembly\GAC_32\naphlpr\6.1.0.0__31bf3856ad364e35\NAPHLPR.DLL
[2009/07/13 15:04:07 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.0.Microsoft.Ink.config
[2009/07/13 18:25:25 | 000,005,632 | ---- | M] () MD5=608232474C33C71F863B0866E5165C1C -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.0.Microsoft.Ink.dll
[2009/06/10 14:32:22 | 000,000,494 | ---- | M] () MD5=453626B1A59F62F9A141AC62F4E44E75 -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.config
[2009/07/13 18:26:15 | 000,005,632 | ---- | M] () MD5=2641880E8C12BEE37DDC2813908A2A0F -- C:\Windows\assembly\GAC_32\Policy.1.0.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.0.Microsoft.Interop.Security.AzRoles.dll
[2009/06/10 14:32:22 | 000,000,494 | ---- | M] () MD5=453626B1A59F62F9A141AC62F4E44E75 -- C:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.config
[2009/07/13 18:23:30 | 000,005,632 | ---- | M] () MD5=D6C077082EAA747911C212A9EB64A813 -- C:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.1.7600.16385__31bf3856ad364e35\Policy.1.2.Microsoft.Interop.Security.AzRoles.dll
[2009/07/13 15:04:07 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- C:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.7.Microsoft.Ink.config
[2009/07/13 18:22:54 | 000,005,632 | ---- | M] () MD5=331021DA8B00A9ADCDD54B5782943204 -- C:\Windows\assembly\GAC_32\Policy.1.7.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.1.7.Microsoft.Ink.dll
[2009/07/13 15:04:08 | 000,000,442 | ---- | M] () MD5=13E4BF7A255D57592EEDBD04A500C09B -- C:\Windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.Ink.config
[2009/07/13 18:23:04 | 000,005,632 | ---- | M] () MD5=B3DB67C90DBBB75BFE110A86E951C2EC -- C:\Windows\assembly\GAC_32\Policy.6.0.Microsoft.Ink\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.Ink.dll
[2012/02/10 16:31:40 | 004,218,880 | ---- | M] () MD5=AEDDFD540E3E6BECDB14C30D1F12B78A -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
[2009/06/10 14:14:51 | 000,000,161 | ---- | M] () MD5=C0856EC51C8C75B8FDF02C1BBCFE7B93 -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe.config
[2012/02/10 16:31:42 | 001,737,496 | ---- | M] () MD5=DDFBFD8959F32AC0CF3947F36BAC3081 -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll
[2011/04/29 09:53:03 | 000,024,576 | ---- | M] () MD5=58449F4059F8A63EAD53BDA2B545C45E -- C:\Windows\assembly\GAC_32\QBWCCommon\2.0.0.139__82cc56431f1a971d\QBWCCommon.dll
[2010/11/04 18:58:05 | 000,486,400 | ---- | M] () MD5=ED40D020A6A82748394F1653CE324CE4 -- C:\Windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
[2010/11/04 18:58:05 | 002,927,616 | ---- | M] () MD5=35CAB7CF3754C41AEB69DCE1D5ACA5A4 -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
[2010/11/04 18:58:08 | 000,258,048 | ---- | M] () MD5=6DB969DF540BC71722848940D180AC08 -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
[2010/11/19 21:12:59 | 000,113,664 | ---- | M] () MD5=C865DC05ADE0B41A9E14DD585E0CDF94 -- C:\Windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
[2012/02/10 16:31:41 | 000,372,736 | ---- | M] () MD5=A151947AD131A883870A6174CACF423B -- C:\Windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
[2009/06/10 14:23:19 | 000,261,632 | ---- | M] () MD5=5F3F1BF5F5B43293953FC915845910C4 -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
[2011/12/25 13:42:15 | 005,255,168 | ---- | M] () MD5=7D2B8E2CE3EF2DC633689F1E1F4A7504 -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll

[color=#A23BEC]< %systemroot%\assembly\GAC_64\*.* /S /MD5 >[/color]

[color=#A23BEC]< %SystemRoot%\assembly\GAC_MSIL\*.* /S /MD5 >[/color]
[2009/06/10 14:22:40 | 000,010,752 | ---- | M] () MD5=7E8C840853FB6EBD5CC16D3C10C7C127 -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
[2009/06/10 14:22:47 | 000,507,904 | ---- | M] () MD5=11B30A8447A724C6E9FBF6261AC0DA6E -- C:\Windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
[2010/11/04 18:52:35 | 000,165,720 | ---- | M] () MD5=501E961FEEBBDE040FB836CB5DE122C2 -- C:\Windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe
[2009/06/10 14:22:50 | 000,013,312 | ---- | M] () MD5=AAD128271C76C6596E69CFA81D765C2C -- C:\Windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
[2009/06/10 14:22:50 | 000,005,120 | ---- | M] () MD5=BA86FDE9C3B5BD2FF5EA7A99BF648E82 -- C:\Windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe
[2010/11/20 05:32:20 | 000,094,208 | ---- | M] () MD5=3AC3967EB34A432332FF4E2D971397E8 -- C:\Windows\assembly\GAC_MSIL\ehCIR\6.1.0.0__31bf3856ad364e35\ehCIR.dll
[2010/11/20 05:32:20 | 000,143,360 | ---- | M] () MD5=7F404ED2BAD3365F1A6452DBE40024FD -- C:\Windows\assembly\GAC_MSIL\ehexthost\6.1.0.0__31bf3856ad364e35\ehexthost.exe
[2009/07/13 14:04:37 | 000,002,274 | ---- | M] () MD5=C343B566A3B8DA7743C30796BE0A54D7 -- C:\Windows\assembly\GAC_MSIL\ehexthost\6.1.0.0__31bf3856ad364e35\ehexthost.exe.config
[2009/07/13 18:20:19 | 000,015,872 | ---- | M] () MD5=8C0473A82FF7D19D19B8F3E120B3BB3A -- C:\Windows\assembly\GAC_MSIL\ehiActivScp\6.1.0.0__31bf3856ad364e35\ehiActivScp.dll
[2009/07/13 18:22:13 | 000,011,776 | ---- | M] () MD5=49D389CC7E7DC17C507F4B5AD6203AD3 -- C:\Windows\assembly\GAC_MSIL\ehiBmlDataCarousel\6.1.0.0__31bf3856ad364e35\ehiBmlDataCarousel.dll
[2009/07/13 18:20:15 | 000,077,824 | ---- | M] () MD5=598383C42098DF7D0FFD61F459B6CBAF -- C:\Windows\assembly\GAC_MSIL\ehiExtens\6.1.0.0__31bf3856ad364e35\ehiExtens.dll
[2009/07/13 18:20:46 | 000,040,960 | ---- | M] () MD5=0DBF6B6DEBD8C1F3F810C17AF4A18CE5 -- C:\Windows\assembly\GAC_MSIL\ehiiTV\6.1.0.0__31bf3856ad364e35\ehiiTV.dll
[2010/11/20 05:32:20 | 000,172,032 | ---- | M] () MD5=3B813FB741DF5CD45EB4EA36AE0F83B3 -- C:\Windows\assembly\GAC_MSIL\ehiProxy\6.1.0.0__31bf3856ad364e35\ehiProxy.dll
[2009/07/13 18:20:56 | 000,086,016 | ---- | M] () MD5=2CC68F809DAF4D4FAC0E66B35A4EB9BE -- C:\Windows\assembly\GAC_MSIL\ehiTVMSMusic\6.1.0.0__31bf3856ad364e35\ehiTVMSMusic.dll
[2009/07/13 18:20:37 | 000,006,144 | ---- | M] () MD5=A924F87D32D7D28D58D3CBDB8B103E6F -- C:\Windows\assembly\GAC_MSIL\ehiUPnP\6.1.0.0__31bf3856ad364e35\ehiUPnP.dll
[2009/07/13 18:20:38 | 000,032,768 | ---- | M] () MD5=62F20E48B43B44D9C6E9B4CF08FB120D -- C:\Windows\assembly\GAC_MSIL\ehiUserXp\6.1.0.0__31bf3856ad364e35\ehiUserXp.dll
[2009/07/13 18:20:51 | 000,335,872 | ---- | M] () MD5=DB2189BF0B4D192F70605F50EC30037B -- C:\Windows\assembly\GAC_MSIL\ehiVidCtl\6.1.0.0__31bf3856ad364e35\ehiVidCtl.dll
[2009/07/13 18:21:00 | 000,143,360 | ---- | M] () MD5=391EF4FF1EF376B4408C0DEFE2041DBF -- C:\Windows\assembly\GAC_MSIL\ehiwmp\6.1.0.0__31bf3856ad364e35\ehiwmp.dll
[2009/07/13 18:22:59 | 000,086,016 | ---- | M] () MD5=82A5798BD1A2FE8678A51CC9CE493F7F -- C:\Windows\assembly\GAC_MSIL\ehiWUapi\6.1.0.0__31bf3856ad364e35\ehiWUapi.dll
[2010/11/20 05:32:21 | 000,196,608 | ---- | M] () MD5=641443B48D34539ED0F58C1FC3A379F0 -- C:\Windows\assembly\GAC_MSIL\ehRecObj\6.1.0.0__31bf3856ad364e35\ehRecObj.dll
[2010/11/20 05:32:21 | 006,307,840 | ---- | M] () MD5=89AFF2261ECF21647B126E596675E302 -- C:\Windows\assembly\GAC_MSIL\ehshell\6.1.0.0__31bf3856ad364e35\ehshell.dll
[2010/11/20 05:19:48 | 000,008,192 | ---- | M] () MD5=D7081D68005C975549685E8BF129794E -- C:\Windows\assembly\GAC_MSIL\EventViewer.Resources\6.1.0.0_en_31bf3856ad364e35\EventViewer.resources.dll
[2010/11/20 05:32:20 | 000,368,640 | ---- | M] () MD5=F046EB4BBFC631D178C6DF20819C1DE5 -- C:\Windows\assembly\GAC_MSIL\EventViewer\6.1.0.0__31bf3856ad364e35\EventViewer.dll
[2009/06/10 14:22:54 | 000,008,192 | ---- | M] () MD5=96D9E7E468D537443DE037A7E15CB804 -- C:\Windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
[2009/06/10 14:22:55 | 000,077,824 | ---- | M] () MD5=AF29AA7F2F613951A9E913B4290B2ECE -- C:\Windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
[2009/06/10 14:22:55 | 000,006,656 | ---- | M] () MD5=D051642D0ED61E2886FD8917E8B6FAFD -- C:\Windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
[2011/04/29 09:52:59 | 000,024,328 | ---- | M] () MD5=357E7F466CA0C2C889CF540F2300DCA4 -- C:\Windows\assembly\GAC_MSIL\Interop.QBInstanceFinder\21.0.0.0__5b3f47ba29970ccb\Interop.QBInstanceFinder.dll
[2011/04/11 15:17:02 | 000,061,440 | ---- | M] () MD5=BAB30D2799754F6EA22F0B9076311793 -- C:\Windows\assembly\GAC_MSIL\Intuit.QuickBooks.FCS\1.2.0.2__5b3f47ba29970ccb\Intuit.QuickBooks.FCS.exe
[2011/04/29 09:52:39 | 000,061,440 | ---- | M] () MD5=6BEE1814470DC12FA20C53DFC3C97EBB -- C:\Windows\assembly\GAC_MSIL\Intuit.QuickBooks.FCS\1.3.0.0__5b3f47ba29970ccb\Intuit.QuickBooks.FCS.exe
[2011/04/11 15:17:02 | 000,028,672 | ---- | M] () MD5=486E625601EDE9A2B51AD7B4CC0B1861 -- C:\Windows\assembly\GAC_MSIL\Intuit.QuickBooks.XmlDigitalSignature\1.2.0.0__5b3f47ba29970ccb\Intuit.QuickBooks.XMLDigitalSignature.dll
[2011/04/29 09:52:44 | 000,397,312 | ---- | M] () MD5=E24995E094690F6A314A994B7FC91336 -- C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.3rdParty.Lucene\5.0.6.0__7ce6deabcb36a8ea\Intuit.Spc.Map.3rdParty.Lucene.dll
[2011/04/29 09:52:44 | 000,053,248 | ---- | M] () MD5=A09F0ED1822E11BDF14E503D08EFC7E9 -- C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.3rdParty.MajesticHTMLParser\5.0.6.0__7ce6deabcb36a8ea\Intuit.Spc.Map.3rdParty.MajesticHTMLParser.dll
[2011/04/29 09:52:44 | 000,047,104 | ---- | M] () MD5=09274F4E30B9139E99C7552E4DAF67C0 -- C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.3rdParty.ObjectBuilder\5.0.6.0__7ce6deabcb36a8ea\Intuit.Spc.Map.3rdParty.ObjectBuilder.dll
[2011/04/29 09:52:45 | 000,176,128 | ---- | M] () MD5=3AE48953D13EC1999079E0E5F80862F5 -- C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.3rdParty.SharpZipLib\5.0.6.0__7ce6deabcb36a8ea\Intuit.Spc.Map.3rdParty.SharpZipLib.dll
[2011/04/29 09:52:44 | 000,160,768 | ---- | M] () MD5=513E88352AAE4AF392BE929A9214F595 -- C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Core.Plugin\5.0.6.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Core.Plugin.dll
[2011/04/29 09:52:44 | 000,086,016 | ---- | M] () MD5=12AFA24373A3268095257B370D2B2295 -- C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Core\5.0.6.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Core.dll
[2011/04/29 09:52:45 | 000,229,376 | ---- | M] () MD5=342B28473BAB871560F2A3F6358033C3 -- C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.EntitlementClient.Api\6.0.0.0__7ce6deabcb36a8ea\Intuit.Spc.Map.EntitlementClient.Api.dll
[2011/04/29 09:52:46 | 002,228,224 | ---- | M] () MD5=DD100DC94899DD848E0B1FF54DDFA603 -- C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.EntitlementClient.Common\6.0.0.0__7ce6deabcb36a8ea\Intuit.Spc.Map.EntitlementClient.Common.dll
[2011/04/29 09:52:46 | 000,057,344 | ---- | M] () MD5=84CF16EB3AD1FB5D541E16EC9E96BE7F -- C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.EntitlementClient.WinInet\6.0.0.0__7ce6deabcb36a8ea\Intuit.Spc.Map.EntitlementClient.WinInet.dll
[2011/04/29 09:52:44 | 000,471,040 | ---- | M] () MD5=3E85CD4C148994DFF38B1CD26D93A7E8 -- C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.6.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
[2011/04/29 09:52:45 | 000,108,544 | ---- | M] () MD5=0540EA9DCA59697234B8332A5E862147 -- C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.Search\5.0.6.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Search.dll
[2011/04/29 09:52:45 | 000,016,384 | ---- | M] () MD5=2A22BE39F733BB4A7473DA499BA36D41 -- C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.SharedUIToolkit\5.0.6.0__7ce6deabcb36a8ea\Intuit.Spc.Map.SharedUIToolkit.dll
[2011/04/29 09:52:45 | 000,418,304 | ---- | M] () MD5=0C191A5DE18EEE6EAA8ED3C1EBEFC6EF -- C:\Windows\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.6.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
[2009/07/13 18:23:32 | 000,106,496 | ---- | M] () MD5=967047584598B8EA09A742328872C06D -- C:\Windows\assembly\GAC_MSIL\loadmxf\6.1.0.0__31bf3856ad364e35\loadmxf.exe
[2010/11/20 05:32:22 | 000,942,080 | ---- | M] () MD5=95738FEDB3C23753C20CBCF7D772E259 -- C:\Windows\assembly\GAC_MSIL\mcepg\6.1.0.0__31bf3856ad364e35\mcepg.dll
[2009/07/13 18:19:48 | 000,053,248 | ---- | M] () MD5=F499B89A60548AF6B4E8EE715C6599B0 -- C:\Windows\assembly\GAC_MSIL\MCESidebarCtrl\6.1.0.0__31bf3856ad364e35\MCESidebarCtrl.dll
[2010/11/20 05:32:22 | 000,122,880 | ---- | M] () MD5=8E8ADA64942CF38625A557C026059AC3 -- C:\Windows\assembly\GAC_MSIL\mcglidhostobj\6.1.0.0__31bf3856ad364e35\mcglidhostobj.dll
[2010/11/20 05:32:22 | 000,171,520 | ---- | M] () MD5=C6FB5599850922CE6B440899C078A2CF -- C:\Windows\assembly\GAC_MSIL\mcplayerinterop\6.1.0.0__31bf3856ad364e35\mcplayerinterop.dll
[2010/11/20 05:32:22 | 000,638,976 | ---- | M] () MD5=F338EC894AA0CE005156B4AB2FF77CCC -- C:\Windows\assembly\GAC_MSIL\mcstore\6.1.0.0__31bf3856ad364e35\mcstore.dll
[2010/11/20 05:19:49 | 000,012,800 | ---- | M] () MD5=C12656D5CC114BD6DE1A858AAFE2E6AB -- C:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.Framework.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.ApplicationId.Framework.Resources.dll
[2010/11/20 05:32:22 | 000,126,976 | ---- | M] () MD5=FAFD132B02E237B578DC83DA5A413C4D -- C:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.Framework\6.1.0.0__31bf3856ad364e35\Microsoft.ApplicationId.Framework.dll
[2009/07/13 19:12:44 | 000,221,184 | ---- | M] () MD5=DAD90E47F68C2EAD48A0038E8A048384 -- C:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.RuleWizard.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.ApplicationId.RuleWizard.Resources.dll
[2010/11/20 05:32:22 | 000,339,968 | ---- | M] () MD5=6F13266F31A5D3F5178010FD5BB6E32A -- C:\Windows\assembly\GAC_MSIL\Microsoft.ApplicationId.RuleWizard\6.1.0.0__31bf3856ad364e35\Microsoft.ApplicationId.RuleWizard.dll
[2009/07/13 19:12:50 | 000,007,168 | ---- | M] () MD5=FCA8AC8ABBCE37458663CCA33E7F71F7 -- C:\Windows\assembly\GAC_MSIL\Microsoft.BackgroundIntelligentTransfer.Management.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.BackgroundIntelligentTransfer.Management.resources.dll
[2009/07/13 18:20:28 | 000,057,344 | ---- | M] () MD5=D16F569EB4264641241465BEFA107BD0 -- C:\Windows\assembly\GAC_MSIL\Microsoft.BackgroundIntelligentTransfer.Management\1.0.0.0__31bf3856ad364e35\Microsoft.BackgroundIntelligentTransfer.Management.dll
[2009/06/10 14:14:36 | 000,106,496 | ---- | M] () MD5=550E75434C424A17A1E06669D8335C26 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
[2010/11/04 18:57:44 | 000,348,160 | ---- | M] () MD5=24FDCD95121E59D39DCB1585EC8C5901 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
[2010/11/04 18:53:30 | 000,733,184 | ---- | M] () MD5=DC6476726F4A15BF5BC8CF2C235B17C6 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
[2010/11/04 18:57:44 | 000,036,864 | ---- | M] () MD5=4B177641BEBC8965220EC474D65981A3 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
[2009/06/10 14:14:40 | 000,036,864 | ---- | M] () MD5=80F89EC03B39E5A6700C9CA5A5545230 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
[2010/11/04 18:53:36 | 000,802,816 | ---- | M] () MD5=9EBE67131D1776B86410B56FFC95A5BF -- C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
[2010/11/04 18:57:45 | 000,655,360 | ---- | M] () MD5=5B5AEB3CEB1FC6D77E57821E6A42DE72 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
[2010/11/04 18:53:30 | 000,094,208 | ---- | M] () MD5=B6EF0B4C1898D03FC7814B890FCE9B72 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
[2010/11/04 18:57:45 | 000,077,824 | ---- | M] () MD5=D7A537839EAB83BAD8F3C053098198E8 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
[2010/11/20 05:19:49 | 000,471,040 | ---- | M] () MD5=C00F50A3A8D15F2F050A0A9838D99E97 -- C:\Windows\assembly\GAC_MSIL\Microsoft.GroupPolicy.Reporting.Resources\2.0.0.0_en_31bf3856ad364e35\Microsoft.GroupPolicy.Reporting.Resources.dll
[2010/11/20 05:35:58 | 001,851,392 | ---- | M] () MD5=C21EB170F553EAD23D02B519A338F03B -- C:\Windows\assembly\GAC_MSIL\Microsoft.GroupPolicy.Reporting\2.0.0.0__31bf3856ad364e35\Microsoft.GroupPolicy.Reporting.dll
[2009/07/13 19:13:02 | 000,036,864 | ---- | M] () MD5=3576E621125C0ECE94313B85CCE6F8B6 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Ink.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.Ink.Resources.dll
[2009/06/10 14:23:03 | 000,749,568 | ---- | M] () MD5=3CF65928E67E362D5B25424EBCC27B12 -- C:\Windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
[2009/07/13 19:13:00 | 000,016,384 | ---- | M] () MD5=4D9D34F0204D5DF8EF1DBBD704735EEB -- C:\Windows\assembly\GAC_MSIL\Microsoft.ManagementConsole.Resources\3.0.0.0_en_31bf3856ad364e35\Microsoft.ManagementConsole.Resources.dll
[2009/07/13 18:21:42 | 000,188,416 | ---- | M] () MD5=F8B72BFD1D8C36E1A2C98E25C9CF2504 -- C:\Windows\assembly\GAC_MSIL\Microsoft.ManagementConsole\3.0.0.0__31bf3856ad364e35\Microsoft.ManagementConsole.dll
[2009/07/13 18:22:44 | 001,159,168 | ---- | M] () MD5=2D994989944FA2E9D2AD7450953523A9 -- C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Bml\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Bml.dll
[2009/07/13 18:22:09 | 000,024,576 | ---- | M] () MD5=97D4AC2BAD43C5D5C8C42EDB71B2E532 -- C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.iTv.Hosting\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.iTv.Hosting.dll
[2010/11/20 05:35:58 | 000,086,016 | ---- | M] () MD5=083B692697B5974B0A5ED59BF4D3147C -- C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.iTV\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.iTV.dll
[2010/11/20 05:35:58 | 000,045,056 | ---- | M] () MD5=A9D673D4B371B9D918875386640113BA -- C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.ITVVM\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.ITVVM.dll
[2010/11/20 05:35:58 | 001,572,864 | ---- | M] () MD5=0CFCDCFB9D28CE7AFC3F1823250ABE71 -- C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Shell\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Shell.dll
[2010/11/20 05:35:58 | 000,241,664 | ---- | M] () MD5=3E1A7D201A38D73F14FFE90909B38A86 -- C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Sports\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.Sports.dll
[2010/11/20 05:35:59 | 002,596,864 | ---- | M] () MD5=732807787D6FA99791370D934360AE4C -- C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter.UI\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.UI.dll
[2010/11/20 05:35:59 | 000,385,024 | ---- | M] () MD5=2F4797433A371756FE937CE802C2F313 -- C:\Windows\assembly\GAC_MSIL\Microsoft.MediaCenter\6.1.0.0__31bf3856ad364e35\Microsoft.MediaCenter.dll
[2009/07/13 19:13:04 | 000,010,752 | ---- | M] () MD5=65B27C38DBD68EFEC636665FDBF4D1FF -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Diagnostics.resources.dll
[2010/11/20 05:35:58 | 000,102,400 | ---- | M] () MD5=2E86EDB34D366FCC9425B1A4654FC543 -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Diagnostics\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Diagnostics.dll
[2009/07/13 19:13:06 | 000,036,864 | ---- | M] () MD5=10C9C4380C4B403B95D757C4517AFD5B -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.Resources.dll
[2010/11/20 05:35:58 | 000,290,816 | ---- | M] () MD5=33C0200ED261F9738AB90A58C97E2E52 -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll
[2010/11/20 05:19:49 | 000,049,152 | ---- | M] () MD5=28AF2A12179398B90A6F18E451010209 -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.Resources.dll
[2010/11/20 05:35:59 | 000,667,648 | ---- | M] () MD5=C23ACC08CB8049A8DDC7D8CD84280096 -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Utility\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Utility.dll
[2010/11/20 05:19:49 | 000,040,960 | ---- | M] () MD5=42CDE70A57616C7D54694E881C5F84A9 -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.Resources.dll
[2009/07/13 18:23:47 | 000,200,704 | ---- | M] () MD5=61408B3CF77B787A753B6F4F4A6840B1 -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.ConsoleHost\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.ConsoleHost.dll
[2009/07/13 19:13:04 | 000,069,632 | ---- | M] () MD5=DF60F16CB3FA971EBD1CB6B1FA346AF6 -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Editor.Resources.dll
[2010/11/20 05:35:59 | 000,991,232 | ---- | M] () MD5=7E6557381C8CF162A4ED0D9A581F870B -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Editor\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Editor.dll
[2009/07/13 19:13:06 | 000,040,960 | ---- | M] () MD5=41888D6ED40E49C4DAED8E412BB18B90 -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.GPowerShell.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Gpowershell.resources.dll
[2009/07/13 18:22:04 | 000,651,264 | ---- | M] () MD5=E66B1EEE2AB24DE9F3D5189A1FC8D4BF -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.GPowerShell\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.GPowerShell.dll
[2009/07/13 19:13:06 | 000,016,896 | ---- | M] () MD5=E848EEBF463086883E026AAD11C24F1A -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.GraphicalHost.Resources.dll
[2009/07/13 18:20:38 | 000,278,528 | ---- | M] () MD5=3EAB4DBDC290EDC4D53FE77F1FDB9E59 -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.GraphicalHost\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.GraphicalHost.dll
[2009/07/13 19:11:48 | 000,009,216 | ---- | M] () MD5=462D0B841E939094840CFA61C990410F -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.PowerShell.Security.Resources.dll
[2010/11/20 05:35:58 | 000,077,824 | ---- | M] () MD5=B1282FC909517D890C61F7F3313134EF -- C:\Windows\assembly\GAC_MSIL\Microsoft.PowerShell.Security\1.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Security.dll
[2009/07/13 19:02:52 | 000,082,011 | ---- | M] () MD5=AF07B8B898E6D6E01EC6ECAD383C5CD0 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.dll-Help.xml
[2009/07/13 19:13:04 | 000,005,632 | ---- | M] () MD5=B6B1A93999D480F0892C96D11E4CAEF8 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.Resources.dll
[2009/06/10 14:31:47 | 000,000,652 | ---- | M] () MD5=2B16AAD4E01313F505F21AF056730BFE -- C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets\6.1.0.0__31bf3856ad364e35\AppLocker.psd1
[2009/07/13 18:23:53 | 000,040,960 | ---- | M] () MD5=6AF8A638441BE7A62571166717B1CE0D -- C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets\6.1.0.0__31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets.dll
[2009/07/13 19:13:06 | 000,006,656 | ---- | M] () MD5=410B5C44C9C972B8E38E52458550B0F5 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.Resources.dll
[2009/07/13 18:24:08 | 000,045,056 | ---- | M] () MD5=3A6C04FD597605557BD35FA3C5D4B9E8 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager\6.1.0.0__31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.PolicyManager.dll
[2009/07/13 19:13:06 | 000,006,656 | ---- | M] () MD5=7201CD781551B27CE752BEB15D21BB93 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.Resources.dll
[2009/07/13 18:24:16 | 000,061,440 | ---- | M] () MD5=E78A62A1A783212133C6B0618D9B72BF -- C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel\6.1.0.0__31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.PolicyModel.dll
[2009/07/13 18:24:27 | 000,012,800 | ---- | M] () MD5=F2051076DF423BF3F29E47D4FFAB13D4 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.PolicyManagement.XmlHelper\6.1.0.0__31bf3856ad364e35\Microsoft.Security.ApplicationId.PolicyManagement.XmlHelper.dll
[2009/07/13 19:13:06 | 000,159,744 | ---- | M] () MD5=7A800C3D1330FC8331D3176EAD8026EB -- C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.resources.dll
[2010/11/20 05:35:59 | 000,679,936 | ---- | M] () MD5=CCD2EDF7E01C9D037DC18B322FA33DD9 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard\6.1.0.0__31bf3856ad364e35\Microsoft.Security.ApplicationId.Wizards.AutomaticRuleGenerationWizard.dll
[2009/07/13 19:13:06 | 000,073,728 | ---- | M] () MD5=67F68317A9F346A32039F9651C7EAC46 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Tpm.Resources\6.1.0.0_en_31bf3856ad364e35\microsoft.tpm.resources.dll
[2009/07/13 18:24:19 | 000,192,512 | ---- | M] () MD5=466761E68D1AAED81DFD5E43B168D2F0 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Tpm\6.1.0.0__31bf3856ad364e35\Microsoft.Tpm.dll
[2009/06/10 14:14:03 | 000,397,312 | ---- | M] () MD5=130FF58B6245F78097E7619EFB61CDD2 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
[2009/06/10 14:23:03 | 000,110,592 | ---- | M] () MD5=A070FD9509392CEB84A3ED8F8A42A504 -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
[2010/11/04 18:57:46 | 000,372,736 | ---- | M] () MD5=B424A0AF636B1D3DAE3A664285EF9795 -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
[2009/06/10 14:23:04 | 000,028,672 | ---- | M] () MD5=A5B5F03020C0A01276801CF2C807FF8C -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
[2010/11/04 18:57:46 | 000,610,304 | ---- | M] () MD5=DF1F3AFE18D254F759BB1A000B811C15 -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
[2009/06/10 14:14:40 | 000,041,984 | ---- | M] () MD5=DD26812B72AF01116F7A1DDD4FA21E49 -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
[2009/06/10 14:23:04 | 000,005,632 | ---- | M] () MD5=BBAEF0C6E310A25D3BCCAA2ADC538F82 -- C:\Windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
[2009/06/10 14:23:04 | 000,012,800 | ---- | M] () MD5=71C2F1A0F8FFD6D017F039AC023DE81C -- C:\Windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
[2009/06/10 14:23:04 | 000,032,768 | ---- | M] () MD5=45F2E4914DDCDA6F468D99FAA91911F2 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
[2009/07/13 19:13:08 | 000,004,096 | ---- | M] () MD5=04D3E891B3256A1EBD36FA7B6F984920 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.resources.dll
[2009/07/13 18:25:15 | 000,009,728 | ---- | M] () MD5=96F718F03F4D8782D7EB11954AC0E914 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.GetDiagInput\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.dll
[2009/07/13 19:13:08 | 000,004,096 | ---- | M] () MD5=ADD629AFA64864C8519B2485F6F61554 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.resources.dll
[2009/07/13 18:26:39 | 000,010,752 | ---- | M] () MD5=78EF40CE03E23CB6702391D919F95436 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.dll
[2009/07/13 19:13:08 | 000,004,096 | ---- | M] () MD5=84AA3A80B726C6DCCDAA38A879862D6D -- C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.resources.dll
[2009/07/13 18:25:40 | 000,009,216 | ---- | M] () MD5=EE5B0505F2E8E8305748DD270A7AD929 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.dll
[2009/07/13 19:13:08 | 000,004,096 | ---- | M] () MD5=BEBFDDCB2DB36E9302A4358878C8CFD4 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.resources.dll
[2009/07/13 18:25:32 | 000,008,192 | ---- | M] () MD5=7FBCA94271448B41DB000C98C9615312 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.dll
[2010/11/20 05:19:49 | 000,004,096 | ---- | M] () MD5=B8E015AD059FFAFCE9CB40DF775B11E0 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.SDHost.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDHost.resources.dll
[2009/07/13 18:25:35 | 000,024,576 | ---- | M] () MD5=915BBFA6BBF105C0C51398A3398D19CB -- C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.SDHost\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.SDHost.dll
[2009/07/13 19:13:08 | 000,006,656 | ---- | M] () MD5=FC66A5034B5B6A7C09FCE86C47BBF4ED -- C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.TroubleshootingPack.Resources\6.1.0.0_en_31bf3856ad364e35\Microsoft.Windows.Diagnosis.TroubleshootingPack.resources.dll
[2009/07/13 18:26:37 | 000,049,152 | ---- | M] () MD5=4BB0FF1D72803CC075D92CE2FBDCA2B3 -- C:\Windows\assembly\GAC_MSIL\Microsoft.Windows.Diagnosis.TroubleshootingPack\6.1.0.0__31bf3856ad364e35\Microsoft.Windows.Diagnosis.TroubleshootingPack.dll
[2010/11/20 05:19:49 | 000,013,824 | ---- | M] () MD5=C58C7003380F76221AB9B5BBB4AE4452 -- C:\Windows\assembly\GAC_MSIL\Microsoft.WSMan.Management.Resources\1.0.0.0_en_31bf3856ad364e35\Microsoft.WSMan.Management.resources.dll
[2010/11/20 05:36:00 | 000,286,720 | ---- | M] () MD5=64C192235DF8F704412F0D66BAF5C1B1 -- C:\Windows\assembly\GAC_MSIL\Microsoft.WSMan.Management\1.0.0.0__31bf3856ad364e35\Microsoft.WSMan.Management.dll
[2009/07/13 18:22:00 | 000,007,168 | ---- | M] () MD5=D5F86545FAF811ED2CCF3C6117B0EC44 -- C:\Windows\assembly\GAC_MSIL\Microsoft.WSMan.Runtime\1.0.0.0__31bf3856ad364e35\Microsoft.WSMan.Runtime.dll
[2009/06/10 14:23:04 | 000,007,168 | ---- | M] () MD5=E5640EF09DA87B03E78F18F850CFF728 -- C:\Windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
[2009/07/13 19:13:12 | 001,552,384 | ---- | M] () MD5=5D85FA66189E6832466C8DEE97CA8C3F -- C:\Windows\assembly\GAC_MSIL\MiguiControls.Resources\1.0.0.0_en_31bf3856ad364e35\MIGUIControls.resources.dll
[2010/11/20 05:36:00 | 003,416,064 | ---- | M] () MD5=CD35B1936F50990D1FCEAE31E2D1553F -- C:\Windows\assembly\GAC_MSIL\MiguiControls\1.0.0.0__31bf3856ad364e35\MIGUIControls.dll
[2010/11/20 05:19:49 | 000,036,864 | ---- | M] () MD5=E5956455F8A07B174CF146247EC6315E -- C:\Windows\assembly\GAC_MSIL\MMCEx.Resources\3.0.0.0_en_31bf3856ad364e35\MMCEx.Resources.dll
[2009/07/13 18:26:50 | 000,421,888 | ---- | M] () MD5=A9D4275CE5EA165C267AE05A6821CB54 -- C:\Windows\assembly\GAC_MSIL\MMCEx\3.0.0.0__31bf3856ad364e35\MMCEx.dll
[2010/11/20 05:19:49 | 000,004,096 | ---- | M] () MD5=930887F063E075C31E38E435F9C3D94C -- C:\Windows\assembly\GAC_MSIL\MMCFxCommon.Resources\3.0.0.0_en_31bf3856ad364e35\MMCFxCommon.Resources.dll
[2009/07/13 18:26:07 | 000,110,592 | ---- | M] () MD5=E72BF459A519312B4FF7F3FA8A85BA13 -- C:\Windows\assembly\GAC_MSIL\MMCFxCommon\3.0.0.0__31bf3856ad364e35\MMCFxCommon.dll
[2010/11/20 05:19:49 | 000,049,152 | ---- | M] () MD5=B0F301AA13B7E4F227F6964856739530 -- C:\Windows\assembly\GAC_MSIL\napinit.resources\6.1.0.0_en_31bf3856ad364e35\napinit.Resources.dll
[2009/07/13 18:22:44 | 000,073,728 | ---- | M] () MD5=0E2E919A5255D305CF1B3AE9B9D452F1 -- C:\Windows\assembly\GAC_MSIL\napinit\6.1.0.0__31bf3856ad364e35\NAPINIT.DLL
[2009/07/13 19:12:16 | 000,233,472 | ---- | M] () MD5=804C49310D2EA3B1A2E3809CE3C93B47 -- C:\Windows\assembly\GAC_MSIL\napsnap.resources\6.1.0.0_en_31bf3856ad364e35\napsnap.resources.dll
[2009/07/13 18:25:01 | 000,454,656 | ---- | M] () MD5=FC35785CC6FD225A4E504A23DE13D085 -- C:\Windows\assembly\GAC_MSIL\napsnap\6.1.0.0__31bf3856ad364e35\NAPSNAP.DLL
[2010/11/20 05:36:00 | 001,077,248 | ---- | M] () MD5=95DE3CF54E0A360EED766DBDDF152F0D -- C:\Windows\assembly\GAC_MSIL\Narrator\6.1.0.0__31bf3856ad364e35\Narrator.exe
[2009/07/21 04:04:10 | 000,000,815 | ---- | M] () MD5=0A33273323603FCBD8DDD74758163161 -- C:\Windows\assembly\GAC_MSIL\Policy.6.0.ehRecObj\6.1.0.0__31bf3856ad364e35\Policy.6.0.ehRecObj.config
[2009/07/21 04:04:10 | 000,005,632 | ---- | M] () MD5=841736FAB112AC493646E4399E684D38 -- C:\Windows\assembly\GAC_MSIL\Policy.6.0.ehRecObj\6.1.0.0__31bf3856ad364e35\Policy.6.0.ehRecObj.dll
[2009/07/21 04:04:11 | 000,000,831 | ---- | M] () MD5=A9C1035129544B3867E06A8F02874FE4 -- C:\Windows\assembly\GAC_MSIL\Policy.6.0.Microsoft.MediaCenter.UI\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.MediaCenter.UI.config
[2009/07/21 04:04:11 | 000,005,632 | ---- | M] () MD5=1A49D09BD80C023A771214DA826FF6B6 -- C:\Windows\assembly\GAC_MSIL\Policy.6.0.Microsoft.MediaCenter.UI\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.MediaCenter.UI.dll
[2009/07/21 04:04:11 | 000,000,828 | ---- | M] () MD5=52B88C0916FAFF34E0174CD718980AC4 -- C:\Windows\assembly\GAC_MSIL\Policy.6.0.Microsoft.MediaCenter\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.MediaCenter.config
[2009/07/21 04:04:11 | 000,005,632 | ---- | M] () MD5=0C8F794B0C057EB421569A4E5B8E98C5 -- C:\Windows\assembly\GAC_MSIL\Policy.6.0.Microsoft.MediaCenter\6.1.0.0__31bf3856ad364e35\Policy.6.0.Microsoft.MediaCenter.dll
[2010/11/04 18:53:21 | 000,598,016 | ---- | M] () MD5=AEFD96A1A087027A7EDC21F83F1B4727 -- C:\Windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
[2009/06/10 14:14:50 | 000,032,768 | ---- | M] () MD5=24F02A6A94DC8AE6F2ACDA7950CBEEB3 -- C:\Windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
[2009/06/10 14:14:51 | 000,042,856 | ---- | M] () MD5=E56F39F6B7FDA0AC77A79B0FD3DE1A2F -- C:\Windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
[2009/06/10 14:14:43 | 000,196,608 | ---- | M] () MD5=C9DF30B6F5D99C8147C528528B9CC498 -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
[2009/06/10 14:14:44 | 000,139,264 | ---- | M] () MD5=98F2493B40E00061B4A4369E63790293 -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
[2010/11/04 18:53:23 | 000,397,312 | ---- | M] () MD5=4E9FDA223530F931AC1F03ABB58E4DA5 -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
[2009/06/10 14:14:44 | 000,163,840 | ---- | M] () MD5=13E8EC241CA1402C923DF3A1DA9CAF70 -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
[2012/02/10 16:31:41 | 005,283,840 | ---- | M] () MD5=530DFD580E4C341B267ED4E2A56B8233 -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
[2009/06/10 14:14:52 | 000,864,256 | ---- | M] () MD5=0F8242348EBA698FF93193A6BDC55362 -- C:\Windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
[2012/02/10 16:31:41 | 000,532,480 | ---- | M] () MD5=93CF6C96CDBFC1834A28F835B769E8BA -- C:\Windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
[2009/07/13 19:12:22 | 000,011,776 | ---- | M] () MD5=5C9AF8FF40A8EE3758294468FD1BF8F3 -- C:\Windows\assembly\GAC_MSIL\SecurityAuditPoliciesSnapIn.resources\6.1.0.0_en_31bf3856ad364e35\SecurityAuditPoliciesSnapIn.resources.dll
[2010/11/20 05:36:00 | 000,167,936 | ---- | M] () MD5=5C8718A23AEAF5092AB84167FD829090 -- C:\Windows\assembly\GAC_MSIL\SecurityAuditPoliciesSnapIn\6.1.0.0__31bf3856ad364e35\SecurityAuditPoliciesSnapIn.dll
[2009/06/10 14:15:18 | 000,005,632 | ---- | M] () MD5=AA7004ABA8C37DDCA200E16F1570EF62 -- C:\Windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
[2010/11/04 18:52:39 | 000,110,592 | ---- | M] () MD5=6F145DEF09821EB6614C501430CB838C -- C:\Windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
[2010/11/04 18:52:39 | 000,128,848 | ---- | M] () MD5=F476EC40033CDB91EFBE73EB99B8362D -- C:\Windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe
[2009/07/13 18:25:09 | 000,086,016 | ---- | M] () MD5=46107610B0BDFA104BDF859664DB1654 -- C:\Windows\assembly\GAC_MSIL\SonicMCEBurnEngine\6.1.0.0__31bf3856ad364e35\SonicMCEBurnEngine.dll
[2010/11/20 05:19:49 | 000,200,704 | ---- | M] () MD5=FE0B4C26FB53631B50265BB182CA9734 -- C:\Windows\assembly\GAC_MSIL\SrpUxSnapIn.resources\6.1.0.0_en_31bf3856ad364e35\SrpUxSnapIn.resources.dll
[2010/11/20 05:36:01 | 001,048,576 | ---- | M] () MD5=7C872B1C076B85D23A4AA7799BD53BF8 -- C:\Windows\assembly\GAC_MSIL\SrpUxSnapIn\6.1.0.0__31bf3856ad364e35\SrpUxSnapIn.dll
[2009/06/10 14:23:17 | 000,110,592 | ---- | M] () MD5=3C8AF820562CC8E3A1CF82650518F66C -- C:\Windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
[2010/11/04 18:53:30 | 000,045,056 | ---- | M] () MD5=6D593E9AE74E39A62F8184515B27DF28 -- C:\Windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
[2012/01/03 19:50:53 | 000,163,840 | ---- | M] () MD5=C2EC2AD05B97F9124399E1DA1D1386C2 -- C:\Windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
[2010/11/04 18:53:30 | 000,057,344 | ---- | M] () MD5=27E76A55FA5C3586297C2D42986304AC -- C:\Windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
[2010/11/04 18:58:04 | 000,081,920 | ---- | M] () MD5=ED2D3B032733BFC7A68FCE05BC7F93B4 -- C:\Windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
[2010/11/04 18:58:04 | 000,425,984 | ---- | M] () MD5=5A7A33F7F9DFC0C0A8B8E000F4D9D898 -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
[2010/11/04 18:53:30 | 000,667,648 | ---- | M] () MD5=FC114C6C8AB34F1A357069AD3E4477F8 -- C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
[2010/11/04 18:53:31 | 000,053,248 | ---- | M] () MD5=82D34DEB3105E63981A0306B03C10A07 -- C:\Windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
[2010/11/04 18:53:31 | 000,229,376 | ---- | M] () MD5=02B81AAEB463E966372AF6A1C0B6038E -- C:\Windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
[2010/11/04 18:53:31 | 002,879,488 | ---- | M] () MD5=EEDCBC7607D2852BBF74409B49A8D1C1 -- C:\Windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
[2010/11/04 18:53:31 | 000,684,032 | ---- | M] () MD5=8AB40EB71BB5D5F4641AA5895712B981 -- C:\Windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
[2010/11/04 18:53:32 | 000,462,848 | ---- | M] () MD5=606ACF1553423BFDD3CABEBA3DF264B9 -- C:\Windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
[2010/11/04 18:53:32 | 000,163,840 | ---- | M] () MD5=0ACA904F87E674CF3CB6746D9D3AB321 -- C:\Windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
[2010/11/04 18:53:32 | 000,692,224 | ---- | M] () MD5=4BA482E447D6096E8D4348AAE306CE1B -- C:\Windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
[2011/03/05 13:59:40 | 000,236,392 | ---- | M] () MD5=A200E7209B42BAA18F438695CE45B0B9 -- C:\Windows\assembly\GAC_MSIL\System.Data.SqlServerCe\9.0.242.0__89845dcd8080cc91\System.Data.SqlServerCe.dll
[2010/11/04 18:58:05 | 000,745,472 | ---- | M] () MD5=800484A3335EACDAA9600120385CCBDC -- C:\Windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
[2010/11/04 18:58:05 | 000,970,752 | ---- | M] () MD5=418EC83A2FC441A3D40F3FDCDA851392 -- C:\Windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
[2012/03/21 15:32:36 | 004,927,488 | ---- | M] () MD5=93B68EBA6B5BB6AC877441C8BE9E40C0 -- C:\Windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
[2010/11/04 18:53:32 | 000,290,816 | ---- | M] () MD5=CD86BDCB5E115635E6AB7DFE77FC1D11 -- C:\Windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
[2009/06/10 14:23:18 | 000,188,416 | ---- | M] () MD5=EE1DCDAA3EA8F53DA56116875CD01653 -- C:\Windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
[2010/11/04 18:58:06 | 000,401,408 | ---- | M] () MD5=AF1F47FBADABB9134002359970F5FD1C -- C:\Windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
[2009/06/10 14:23:18 | 000,081,920 | ---- | M] () MD5=D195A195E3D16A867FD4382D786313B8 -- C:\Windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
[2012/04/23 15:35:09 | 000,630,784 | ---- | M] () MD5=1312BDEE8EC4F13CBB25BDBB359768A0 -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
[2010/11/04 18:52:27 | 000,126,976 | ---- | M] () MD5=DF7FEE2563BF2D59926B786FBF636510 -- C:\Windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
[2010/11/04 18:52:27 | 000,442,368 | ---- | M] () MD5=9638C20A92962CAFC45E8F48AE6238F5 -- C:\Windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
[2009/06/10 14:13:54 | 000,131,072 | ---- | M] () MD5=AC45DB17E166ECEBD320D4FA2820C1B6 -- C:\Windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
[2010/11/20 05:19:49 | 000,253,952 | ---- | M] () MD5=53998D919FABB0F5EF2BD7C38533D2B7 -- C:\Windows\assembly\GAC_MSIL\System.Management.Automation.Resources\1.0.0.0_en_31bf3856ad364e35\System.Management.Automation.Resources.dll
[2010/11/20 05:36:01 | 003,010,560 | ---- | M] () MD5=4214698AD147EA8E83CC0E7DCF883DB3 -- C:\Windows\assembly\GAC_MSIL\System.Management.Automation\1.0.0.0__31bf3856ad364e35\System.Management.Automation.dll
[2010/11/04 18:53:32 | 000,143,360 | ---- | M] () MD5=BCD4761D6E2290B490498126C67A35D0 -- C:\Windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
[2010/11/04 18:58:09 | 000,385,024 | ---- | M] () MD5=52C875E8F96E4F9E69914A538C129C6E -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
[2010/11/04 18:58:09 | 000,258,048 | ---- | M] () MD5=3035497DE3B9208633BC7F3604D781FB -- C:\Windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
[2010/11/04 18:53:32 | 000,237,568 | ---- | M] () MD5=74446FB0C54CB43A279E735F9C335752 -- C:\Windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
[2010/11/04 18:58:10 | 000,303,104 | ---- | M] () MD5=1D4DA021B0AD837B35AFB772CC7C636D -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
[2009/06/10 14:23:19 | 000,131,072 | ---- | M] () MD5=C9781DA4EE6A5BBAE271CC0AC4B25D7C -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/04 18:52:27 | 000,970,752 | ---- | M] () MD5=01D4E1005C901889517EED7F438DB501 -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2010/11/04 18:58:10 | 000,258,048 | ---- | M] () MD5=A15491BE2D672FCDBFEB250E9594D7ED -- C:\Windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
[2010/11/04 18:52:40 | 000,073,728 | ---- | M] () MD5=4E0883AF9D5B4F2AAFD19F6663CBAF5F -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
[2010/11/04 18:52:41 | 000,032,768 | ---- | M] () MD5=9A9827B4F896F40607DF8103B9C438C0 -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
[2010/11/04 18:52:44 | 000,569,344 | ---- | M] () MD5=EA5213E7090668C917EEB947FDC3CD46 -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
[2010/11/04 18:52:30 | 005,988,352 | ---- | M] () MD5=196D093057DE9D765FF8DDFA24215D3B -- C:\Windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
[2010/11/04 18:58:10 | 000,114,688 | ---- | M] () MD5=F68CAFF425A9F37E498193BDDC5CC652 -- C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
[2009/06/10 14:14:45 | 000,688,128 | ---- | M] () MD5=31588B867657A7DF046AC1908550D73C -- C:\Windows\assembly\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
[2010/11/04 18:53:32 | 000,077,824 | ---- | M] () MD5=DE8831D65E92BC50304F37CC75EC31D5 -- C:\Windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
[2010/11/04 18:53:32 | 000,032,768 | ---- | M] () MD5=4A1EF32D7C394D8400870C73B40CA2A4 -- C:\Windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
[2010/11/04 18:53:32 | 000,229,376 | ---- | M] () MD5=054F8B86C1258EDDB833A38B54155CF7 -- C:\Windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
[2010/11/04 18:53:32 | 000,131,072 | ---- | M] () MD5=A282147F21B0DB24DB3B3566E828A8AE -- C:\Windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
[2010/11/04 18:53:33 | 000,139,264 | ---- | M] () MD5=A5722B31B8454EE1CC50753C93CFDB4E -- C:\Windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
[2010/11/04 18:53:33 | 000,335,872 | ---- | M] () MD5=C935E89C6F71F188282632F35A04D0C1 -- C:\Windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
[2011/12/25 13:42:15 | 001,277,952 | ---- | M] () MD5=58AD1FECFBAEE633D6326377D8E0982E -- C:\Windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
[2010/11/04 18:58:11 | 000,835,584 | ---- | M] () MD5=18FDA35C607C486C0D5B91D7DD06CD17 -- C:\Windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
[2009/06/10 14:23:20 | 000,077,824 | ---- | M] () MD5=1CDB3B55F1330F85A674B0B5927399F4 -- C:\Windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
[2010/11/04 18:53:33 | 000,061,440 | ---- | M] () MD5=6D138BD2348457A5097F2772C78FE094 -- C:\Windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
[2010/11/04 18:58:12 | 000,839,680 | ---- | M] () MD5=8C0B098B41A27B08D58CAE7A61A3BA19 -- C:\Windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
[2012/03/21 15:32:36 | 005,025,792 | ---- | M] () MD5=68CE18072E9CDFE63DD2E083868C7433 -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
[2009/06/10 14:15:18 | 000,012,288 | ---- | M] () MD5=1CCEE8037C8EF9A08DD0ADB7E3E38D78 -- C:\Windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
[2010/11/04 18:53:45 | 001,142,784 | ---- | M] () MD5=A422312AE61E44B166FAC615786296A1 -- C:\Windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
[2010/11/04 18:53:46 | 001,630,208 | ---- | M] () MD5=BD0B0F768E7E74C5CD7A34B8B4BCC81D -- C:\Windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
[2010/11/04 18:53:46 | 000,540,672 | ---- | M] () MD5=32FF0E945F51F5147A8304026B5C19EA -- C:\Windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
[2010/11/04 18:52:45 | 000,507,904 | ---- | M] () MD5=CC3B424ED10A8E477B5D466188531F26 -- C:\Windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
[2010/11/04 18:53:34 | 000,139,264 | ---- | M] () MD5=EF6CEBC989FBDAEEB83E5662F1499FC0 -- C:\Windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
[2010/11/04 18:58:14 | 002,048,000 | ---- | M] () MD5=5B3FA17E1CD6FBBDF41AC34DAEECC256 -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
[2012/01/03 19:51:03 | 003,190,784 | ---- | M] () MD5=5259AD96BE93F3DC9B649759DAC05B7A -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
[2009/07/13 19:12:46 | 000,007,168 | ---- | M] () MD5=ABBF43F681EF160CAAB7C41BC289DA06 -- C:\Windows\assembly\GAC_MSIL\TaskScheduler.Resources\6.1.0.0_en_31bf3856ad364e35\TaskScheduler.resources.dll
[2010/11/20 05:36:00 | 000,167,936 | ---- | M] () MD5=1D264989FFABEF36745304F5DD216DC7 -- C:\Windows\assembly\GAC_MSIL\TaskScheduler\6.1.0.0__31bf3856ad364e35\TaskScheduler.dll
[2009/06/10 14:14:45 | 000,172,032 | ---- | M] () MD5=3F47DB8D603A84FBF1154901AAC177CD -- C:\Windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
[2009/06/10 14:14:46 | 000,380,928 | ---- | M] () MD5=32D7B8CC805D2DA70D01DA89982DCE1D -- C:\Windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
[2009/06/10 14:14:46 | 000,040,960 | ---- | M] () MD5=0D2A84FF4383B4F41EDA8B4DE2D45D6C -- C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
[2009/06/10 14:14:46 | 000,098,304 | ---- | M] () MD5=62DF8C1D169752DF885E44D21309F7E6 -- C:\Windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
[2012/02/10 16:31:42 | 001,253,376 | ---- | M] () MD5=9F668404AB36B97B0FF5C4B140A1F1FE -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
[2009/06/10 14:14:47 | 000,094,208 | ---- | M] () MD5=D9673C241B14E5526A81B3ABAD3FD3BA -- C:\Windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
[2010/11/04 18:52:42 | 000,149,328 | ---- | M] () MD5=8AB248DD85018CC3232D2F20E45A30E7 -- C:\Windows\assembly\GAC_MSIL\WsatConfig\3.0.0.0__b03f5f7f11d50a3a\WsatConfig.exe

[color=#A23BEC]< HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s >[/color]
"" = Microsoft WBEM New Event Subsystem
[HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 18:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#A23BEC]< HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s >[/color]
[HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32]
"ThreadingModel" = Both
"" = C:\Users\Tearsa\AppData\Local\{3486c2c3-9ae0-4c01-05d4-c4332dd4f613}\n.

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s >[/color]
"" = Microsoft WBEM New Event Subsystem
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 18:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s >[/color]
"" = MruPidlList
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 21:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8} /s >[/color]
"" = Start Menu Pin
"ImplementsVerbs" = startpin;startunpin
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 21:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24} /s >[/color]
"" = PSFactoryBuffer
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemsvc.dll -- [2009/07/13 18:16:17 | 000,047,616 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#A23BEC]< HKEY_CURRENT_USER\Software\MSOLoad /s >[/color]

[color=#A23BEC]< c:|Babylon;true;true;true; /FP >[/color]

[color=#A23BEC]< c:|Fun4IM;true;true;true; /FP >[/color]

[color=#A23BEC]< c:|Bandoo;true;true;true; /FP >[/color]

[color=#A23BEC]< c:|ZangoSearch;true;true;true; /FP >[/color]

[color=#A23BEC]< c:|Searchn;true;true;true; /FP >[/color]

[color=#A23BEC]< c:|Searchq;true;true;true; /FP >[/color]

[color=#A23BEC]< c:|searchqu;true;true;true; /FP >[/color]

[color=#A23BEC]< c:|datamngr;true;true;true; /FP >[/color]

[color=#A23BEC]< c:|iLivid;true;true;true; /FP >[/color]

[color=#A23BEC]< c:|whitesmoke;true;true;true; /FP >[/color]

[color=#A23BEC]< c:|MyWebSearch;true;true;true; /FP >[/color]

[color=#A23BEC]< bcdedit /enum all /v >C:\boot.txt /c >[/color]
Windows Boot Manager
--------------------
identifier              {9dea862c-5cdd-4e70-acc1-f32b344d4795}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  en-US
inherit                 {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
extendedinput           Yes
default                 {57625cd9-476d-11e0-b1d0-1078d2cf3f57}
resumeobject            {57625cd8-476d-11e0-b1d0-1078d2cf3f57}
displayorder            {57625cd9-476d-11e0-b1d0-1078d2cf3f57}
toolsdisplayorder       {b2721d73-1db4-4c62-bf78-c548a880142d}
timeout                 0
customactions           0x10000ba000001
                        0x54000001
custom:54000001         {572bcd55-ffa7-11d9-aae0-0007e994107d}
Windows Boot Loader
-------------------
identifier              {1370f3e2-647d-11e0-9659-1078d2cf3f57}
device                  ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{1370f3e3-647d-11e0-9659-1078d2cf3f57}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
osdevice                ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{1370f3e3-647d-11e0-9659-1078d2cf3f57}
systemroot              \windows
nx                      OptIn
winpe                   Yes
custom:46000010         Yes
Windows Boot Loader
-------------------
identifier              {572bcd55-ffa7-11d9-aae0-0007e994107d}
device                  ramdisk=[boot]\tvtos\winpe.wim,{ae5534e0-a924-466c-b836-758539a3ee3a}
path                    \windows\system32\boot\winload.exe
description             WinPE
bootems                 Yes
osdevice                ramdisk=[boot]\tvtos\winpe.wim,{ae5534e0-a924-466c-b836-758539a3ee3a}
systemroot              \windows
nx                      OptIn
detecthal               Yes
Windows Boot Loader
-------------------
identifier              {57625cd9-476d-11e0-b1d0-1078d2cf3f57}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
recoverysequence        {1370f3e2-647d-11e0-9659-1078d2cf3f57}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {57625cd8-476d-11e0-b1d0-1078d2cf3f57}
nx                      OptIn
Resume from Hibernate
---------------------
identifier              {57625cd8-476d-11e0-b1d0-1078d2cf3f57}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {1afa9c49-16ab-4a5c-901b-212802da9460}
filedevice              partition=C:
filepath                \hiberfil.sys
pae                     Yes
debugoptionenabled      No
Windows Memory Tester
---------------------
identifier              {b2721d73-1db4-4c62-bf78-c548a880142d}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
badmemoryaccess         Yes
EMS Settings
------------
identifier              {0ce4991b-e6b3-4b16-b23c-5e0d9250e5d9}
bootems                 Yes
Debugger Settings
-----------------
identifier              {4636856e-540f-4170-a130-a84776f4c654}
debugtype               Serial
debugport               1
baudrate                115200
RAM Defects
-----------
identifier              {5189b25c-5558-4bf2-bca4-289b11bd29e2}
Global Settings
---------------
identifier              {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
inherit                 {4636856e-540f-4170-a130-a84776f4c654}
                        {0ce4991b-e6b3-4b16-b23c-5e0d9250e5d9}
                        {5189b25c-5558-4bf2-bca4-289b11bd29e2}
Boot Loader Settings
--------------------
identifier              {6efb52bf-1766-41db-a6b3-0ee5eff72bd7}
inherit                 {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
                        {7ff607e0-4395-11db-b0de-0800200c9a66}
Hypervisor Settings
-------------------
identifier              {7ff607e0-4395-11db-b0de-0800200c9a66}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
Resume Loader Settings
----------------------
identifier              {1afa9c49-16ab-4a5c-901b-212802da9460}
inherit                 {7ea2e1ac-2e61-4728-aaa3-896d9d0a9f0e}
Device options
--------------
identifier              {1370f3e3-647d-11e0-9659-1078d2cf3f57}
description             Ramdisk Options
ramdisksdidevice        partition=\Device\HarddiskVolume1
ramdisksdipath          \Recovery\WindowsRE\boot.sdi
Setup Ramdisk Options
---------------------
identifier              {ae5534e0-a924-466c-b836-758539a3ee3a}
description             Ramdisk options
ramdisksdidevice        boot
ramdisksdipath          \boot\boot.sdi

[color=#A23BEC]< echo list vol > C:\commands.txt | diskpart /s C:\commands.txt > C:\DiskReport.txt /c >[/color]
Microsoft DiskPart version 6.1.7601
Copyright (C) 1999-2008 Microsoft Corporation.
On computer: TEARSA-THINK
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
  Volume 0     D                       DVD-ROM         0 B  No Media
  Volume 1         SYSTEM_DRV   NTFS   Partition   1200 MB  Healthy    System
  Volume 2     C   Windows7_OS  NTFS   Partition    454 GB  Healthy    Boot
  Volume 3     Q   Lenovo_Reco  NTFS   Partition      9 GB  Healthy

[color=#A23BEC]< MD5 for: AFD.SYS  >[/color]
[2011/04/24 19:35:40 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=0DB7A48388D54D154EBEC120461A0FCD -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16802_none_d81220b5bf827af7\afd.sys
[2010/11/20 01:40:03 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=1151FD4FB0216CFED887BFDE29EBD516 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_d9efac7dbcaf385b\afd.sys
[2011/04/24 19:18:03 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=9EBBBA55060F786F0FCAA3893BFA2806 -- C:\Windows\System32\drivers\afd.sys
[2011/04/24 19:18:03 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=9EBBBA55060F786F0FCAA3893BFA2806 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_d9f97e05bca8003a\afd.sys
[2011/04/24 19:27:23 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=C114AB7A1550D42EA1700FFD4179CF5A -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.20951_none_d864ad9ad8c98d1f\afd.sys
[2011/04/24 20:24:09 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=C427F91A748CD342A2B3F9278D9FD6A5 -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_da774a9ad5cea29e\afd.sys
[2009/07/13 16:12:38 | 000,338,944 | ---- | M] (Microsoft Corporation) MD5=DDC040FDB01EF1712A6B13E52AFB104C -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_d7be98b5bfc0b4c1\afd.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2009/07/13 18:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/13 18:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/13 18:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/13 18:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

[color=#A23BEC]< MD5 for: CSC.SYS  >[/color]
[2009/07/13 16:15:13 | 000,387,584 | ---- | M] (Microsoft Corporation) MD5=27C9490BDD0AE48911AB8CF1932591ED -- C:\Windows\winsxs\x86_microsoft-windows-offlinefiles-core_31bf3856ad364e35_6.1.7600.16385_none_9e1e9f0abd3adf87\csc.sys
[2010/11/20 01:44:36 | 000,388,096 | ---- | M] (Microsoft Corporation) MD5=3C2177A897B4CA2788C6FB0C3FD81D4B -- C:\Windows\System32\drivers\csc.sys
[2010/11/20 01:44:36 | 000,388,096 | ---- | M] (Microsoft Corporation) MD5=3C2177A897B4CA2788C6FB0C3FD81D4B -- C:\Windows\winsxs\x86_microsoft-windows-offlinefiles-core_31bf3856ad364e35_6.1.7601.17514_none_a04fb2d2ba296321\csc.sys

[color=#A23BEC]< MD5 for: DFSC.SYS  >[/color]
[2009/07/13 16:14:17 | 000,078,336 | ---- | M] (Microsoft Corporation) MD5=8E09E52EE2E3CEB199EF3DD99CF9E3FB -- C:\Windows\winsxs\x86_microsoft-windows-dfsclient_31bf3856ad364e35_6.1.7600.16385_none_87708401476f7a4f\dfsc.sys
[2010/11/20 01:42:32 | 000,078,336 | ---- | M] (Microsoft Corporation) MD5=F024449C97EC1E464AAFFDA18593DB88 -- C:\Windows\System32\drivers\dfsc.sys
[2010/11/20 01:42:32 | 000,078,336 | ---- | M] (Microsoft Corporation) MD5=F024449C97EC1E464AAFFDA18593DB88 -- C:\Windows\winsxs\x86_microsoft-windows-dfsclient_31bf3856ad364e35_6.1.7601.17514_none_89a197c9445dfde9\dfsc.sys

[color=#A23BEC]< MD5 for: DISK.SYS  >[/color]
[2009/07/13 18:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\drivers\disk.sys
[2009/07/13 18:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_neutral_b431b61a11f8df6c\disk.sys
[2009/07/13 18:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_f99cd807d58018cb\disk.sys

[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2011/02/25 22:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/13 18:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/25 22:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2011/03/05 14:23:48 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/25 22:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 05:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2011/03/05 14:23:10 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2011/03/05 14:23:10 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2011/03/05 14:23:48 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

[color=#A23BEC]< MD5 for: I8042PRT.SYS  >[/color]
[2009/07/13 16:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\System32\drivers\i8042prt.sys
[2009/07/13 16:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\System32\DriverStore\FileRepository\keyboard.inf_x86_neutral_50ad659974198591\i8042prt.sys
[2009/07/13 16:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\System32\DriverStore\FileRepository\msmouse.inf_x86_neutral_7a9084e0177406eb\i8042prt.sys
[2009/07/13 16:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.1.7600.16385_none_9724c3fc3a4c81ef\i8042prt.sys
[2009/07/13 16:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\winsxs\x86_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_9955d7c4373b0589\i8042prt.sys
[2009/07/13 16:11:24 | 000,080,896 | ---- | M] (Microsoft Corporation) MD5=F151F0BDC47F4A28B1B20A0818EA36D6 -- C:\Windows\winsxs\x86_msmouse.inf_31bf3856ad364e35_6.1.7600.16385_none_4e0a61a033aec8c3\i8042prt.sys

[color=#A23BEC]< MD5 for: IASTOR.SYS  >[/color]
[2009/11/20 15:59:26 | 000,432,664 | ---- | M] (Intel Corporation) MD5=EDF5ECC965FAAA533D35E02F47B9132E -- C:\Windows\System32\drivers\iaStor.sys
[2009/11/20 15:59:26 | 000,432,664 | ---- | M] (Intel Corporation) MD5=EDF5ECC965FAAA533D35E02F47B9132E -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_a3da184953a37ce8\iaStor.sys

[color=#A23BEC]< MD5 for: LSASS.EXE  >[/color]
[2011/11/17 00:09:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=05F38CB7CAB3CE8E9A1812D517DA93EF -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21092_none_a69c8e86d7476262\lsass.exe
[2011/11/16 22:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\System32\lsass.exe
[2011/11/16 22:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_a84828d7bb1480d7\lsass.exe
[2011/11/16 22:29:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=81951F51E318AECC2D68559E47485CC4 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_a828bb43bb2beb28\lsass.exe
[2012/06/01 21:40:31 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=A6034689ACF9D14973F8384AD5A5451E -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.21225_none_a6eb42a4d70be51e\lsass.exe
[2011/11/16 22:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16915_none_a66c9bbdbde5f8fa\lsass.exe
[2011/11/16 22:36:26 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=C2243FF9E9AAD0C30E8B1A0914DA15B6 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.17035_none_a656d407bdf6641e\lsass.exe
[2009/07/13 18:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009/07/13 18:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009/07/13 18:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe
[2009/07/13 18:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_a851f4adbb0d5141\lsass.exe
[2012/06/01 21:51:22 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FA7B950E4CA6AA260C4EABA19E03644D -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_a8d76e24d42eb666\lsass.exe
[2011/11/16 22:24:04 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FBCB2DFA40862DAA7B1534C9538208A5 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_a8a284cad4562b09\lsass.exe

[color=#A23BEC]< MD5 for: NETBT.SYS  >[/color]
[2010/11/20 01:39:44 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=280122DDCF04B378EDD1AD54D71C1E54 -- C:\Windows\System32\drivers\netbt.sys
[2010/11/20 01:39:44 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=280122DDCF04B378EDD1AD54D71C1E54 -- C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.1.7601.17514_none_626c324d55864070\netbt.sys
[2009/07/13 16:12:21 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=DD52A733BF4CA5AF84562A5E2F963B91 -- C:\Windows\winsxs\x86_microsoft-windows-netbt_31bf3856ad364e35_6.1.7600.16385_none_603b1e855897bcd6\netbt.sys

[color=#A23BEC]< MD5 for: SERIAL.SYS  >[/color]
[2009/07/13 16:45:33 | 000,083,456 | ---- | M] (Microsoft Corporation) MD5=5FB7FCEA0490D821F26F39CC5EA3D1E2 -- C:\Windows\System32\drivers\serial.sys
[2009/07/13 16:45:33 | 000,083,456 | ---- | M] (Microsoft Corporation) MD5=5FB7FCEA0490D821F26F39CC5EA3D1E2 -- C:\Windows\System32\DriverStore\FileRepository\msports.inf_x86_neutral_c1a802e06677f73f\serial.sys
[2009/07/13 16:45:33 | 000,083,456 | ---- | M] (Microsoft Corporation) MD5=5FB7FCEA0490D821F26F39CC5EA3D1E2 -- C:\Windows\winsxs\x86_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_f86e06d519b1d9a4\serial.sys

[color=#A23BEC]< MD5 for: SERVICES.EXE  >[/color]
[2009/07/13 18:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
[2009/07/13 18:14:36 | 000,259,072 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\System32\services.exe

[color=#A23BEC]< MD5 for: SVCHOST.EXE  >[/color]
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

[color=#A23BEC]< MD5 for: TCPIP.SYS  >[/color]
[2011/04/24 21:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/06/20 22:34:23 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=04E4A7D53A7ACE02E8C55B17A498F631 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_b513df73c4b4f466\tcpip.sys
[2011/09/29 09:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2011/04/24 21:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/13 18:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010/11/20 05:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011/09/29 09:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2012/03/30 03:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011/09/29 08:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2011/09/29 09:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2011/04/24 23:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2012/03/30 03:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\System32\drivers\tcpip.sys
[2012/03/30 03:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011/04/24 21:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012/03/30 02:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2011/06/20 22:30:45 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=93C444D118B184452132357C322124CD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20992_none_b3703df4e0e237e0\tcpip.sys
[2011/03/05 14:24:11 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2011/03/05 14:24:11 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys
[2011/06/20 22:39:53 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=C2DAAEB48F3A47C410B041A0D2382EE1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16839_none_b32e82b7c78da1d1\tcpip.sys
[2011/06/20 23:54:00 | 001,303,424 | ---- | M] (Microsoft Corporation) MD5=DEC4940487050AE13C60C86F40E07E75 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_b583db3edde666b6\tcpip.sys
[2012/03/30 03:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys

[color=#A23BEC]< MD5 for: USERINIT.EXE  >[/color]
[2010/11/20 05:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 05:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 18:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

[color=#A23BEC]< MD5 for: VOLSNAP.SYS  >[/color]
[2009/07/13 18:19:10 | 000,245,328 | ---- | M] (Microsoft Corporation) MD5=58DF9D2481A56EDDE167E51B334D44FD -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7600.16385_none_158d0da45d68903e\volsnap.sys
[2010/11/20 05:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\drivers\volsnap.sys
[2010/11/20 05:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\System32\DriverStore\FileRepository\volume.inf_x86_neutral_6dee0205881d1a1d\volsnap.sys
[2010/11/20 05:30:16 | 000,245,632 | ---- | M] (Microsoft Corporation) MD5=F497F67932C6FA693D7DE2780631CFE7 -- C:\Windows\winsxs\x86_volume.inf_31bf3856ad364e35_6.1.7601.17514_none_17be216c5a5713d8\volsnap.sys

[color=#A23BEC]< MD5 for: WININIT.EXE  >[/color]
[2009/07/13 18:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009/07/13 18:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2011/03/05 14:23:48 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2011/03/05 14:23:48 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 05:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 05:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2012/07/03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/07/13 18:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< End of report >