yankeeskid247

Members
  • Content count

    12
  • Joined

  • Last visited

About yankeeskid247

  • Rank
    New Member

Contact Methods

  • ICQ
    0
  1. hmmm, i ran the scan, but cannot seem to find a log report to post
  2. JavaRa 1.15 Removal Log. Report follows after line. ------------------------------------ The JavaRa removal process was started on Thu Aug 20 15:57:05 2009 Found and removed: C:\Documents and Settings\Brian\Application Data\Sun\Java\jre1.6.0_12 Found and removed: SOFTWARE\Classes\JavaPlugin.150_04 Found and removed: SOFTWARE\Classes\JavaPlugin.150_06 Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0 Found and removed: SOFTWARE\Classes\JavaPlugin.142_03 Found and removed: Software\Classes\JavaPlugin.160_05 Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\ ------------------------------------ Finished reporting.
  3. Here are the logs, and my cd drive still works DDS (Ver_09-07-30.01) - NTFSx86 Run by Brian at 15:19:00.71 on Wed 08/19/2009 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.160 [GMT -4:00] AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE svchost.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\common files\mcafee\mna\mcnasvc.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Dell Support Center\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\Explorer.EXE c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\SiteAdvisor\6172\SiteAdv.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\vsnp2std.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AIM\aim.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\Java\jre6\bin\jucheck.exe C:\Documents and Settings\Brian\Local Settings\Temporary Internet Files\Content.IE5\Y1VKRIYI\dds[1].scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.yahoo.com/ uInternet Settings,ProxyOverride = *.local BHO: {089fd14d-132b-48fc-8861-0048ae113215} - c:\program files\siteadvisor\6253\SiteAdv.dll BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll BHO: {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - No File BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\progra~1\mcafee\viruss~1\scriptsn.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: McAfee SiteAdvisor: {0bf43445-2f28-4351-9252-17fe6e806aa0} - c:\program files\siteadvisor\6253\SiteAdv.dll uRun: [AIM] c:\program files\aim\aim.exe -cnetwait.odl uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [OSCD_Creator] c:\dell\PreODM.EXE mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [intelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [igfxtray] c:\windows\system32\igfxtray.exe mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe mRun: [igfxpers] c:\windows\system32\igfxpers.exe mRun: [siteAdvisor] c:\program files\siteadvisor\6172\SiteAdv.exe mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe" mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [snp2std] c:\windows\vsnp2std.exe mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRunOnce: [OSCD_Creator] c:\dell\PreODM.EXE /2 dRun: [Windows Update Utility] \\?\globalroot\systemroot\system32\vfhr.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\nkbmon~1.lnk - c:\program files\nikon\pictureproject\NkbMonitor.exe dPolicies-explorer: NoSetActiveDesktop = 1 (0x1) dPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000 IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Risk/Images/stg_drm.ocx DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409 DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader3.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Risk/Images/armhelper.ocx DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - c:\program files\siteadvisor\6253\SiteAdv.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ============= SERVICES / DRIVERS =============== R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2007-2-15 214024] R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2007-2-15 359952] R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2007-2-15 144704] R3 Am772;AMD Alchemy Solutions Wireless 802.11 Adapter;c:\windows\system32\drivers\Am772.sys [2003-7-10 151894] R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2007-2-15 79880] R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2007-2-15 35272] S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2007-2-15 34216] S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2007-2-15 40552] S4 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2007-2-15 606736] =============== Created Last 30 ================ 2009-08-19 14:56 <DIR> --d----- c:\program files\CCleaner 2009-08-15 17:02 128,512 -------- c:\windows\system32\dllcache\dhtmled.ocx 2009-08-15 17:02 1,315,328 -------- c:\windows\system32\dllcache\msoe.dll 2009-08-15 16:17 <DIR> --d----- c:\docume~1\brian\applic~1\McAfee 2009-08-09 12:54 1,089,593 -------- c:\windows\system32\dllcache\ntprint.cat 2009-08-09 04:19 <DIR> --d----- c:\windows\system32\XPSViewer 2009-08-09 04:18 117,760 -------- c:\windows\system32\prntvpt.dll 2009-08-09 04:18 89,088 -------- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-08-09 04:18 <DIR> --d----- C:\22d06f0c895e0e6bf8fed5 2009-08-09 04:18 1,676,288 -------- c:\windows\system32\xpssvcs.dll 2009-08-09 04:18 1,676,288 -------- c:\windows\system32\dllcache\xpssvcs.dll 2009-08-09 04:18 597,504 -------- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-08-09 04:18 575,488 -------- c:\windows\system32\xpsshhdr.dll 2009-08-09 04:18 575,488 -------- c:\windows\system32\dllcache\xpsshhdr.dll 2009-08-05 05:01 204,800 -------- c:\windows\system32\dllcache\mswebdvd.dll 2009-07-25 19:11 664 a------- c:\windows\system32\d3d9caps.dat ==================== Find3M ==================== 2009-08-08 12:10 216,064 a------- c:\windows\PEV.exe 2009-08-05 05:01 204,800 a------- c:\windows\system32\mswebdvd.dll 2009-08-03 13:36 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-08-03 13:36 19,096 a------- c:\windows\system32\drivers\mbam.sys 2009-07-19 18:48 11,067,392 -------- c:\windows\system32\dllcache\ieframe.dll 2009-07-19 09:18 5,937,152 a------- c:\windows\system32\dllcache\cache\mshtml.dll 2009-07-19 09:18 5,937,152 -------- c:\windows\system32\dllcache\mshtml.dll 2009-07-17 15:01 58,880 a------- c:\windows\system32\atl.dll 2009-07-17 15:01 58,880 -------- c:\windows\system32\dllcache\atl.dll 2009-07-13 23:43 286,208 a------- c:\windows\system32\wmpdxm.dll 2009-07-13 23:43 286,208 a------- c:\windows\system32\dllcache\wmpdxm.dll 2009-07-13 23:43 10,841,088 -------- c:\windows\system32\dllcache\wmp.dll 2009-07-03 07:01 173,056 -------- c:\windows\system32\dllcache\ie4uinit.exe 2009-06-16 10:36 119,808 a------- c:\windows\system32\t2embed.dll 2009-06-16 10:36 81,920 a------- c:\windows\system32\fontsub.dll 2009-06-16 10:36 119,808 -------- c:\windows\system32\dllcache\t2embed.dll 2009-06-16 10:36 81,920 -------- c:\windows\system32\dllcache\fontsub.dll 2009-06-12 08:31 76,288 a------- c:\windows\system32\telnet.exe 2009-06-12 08:31 76,288 -------- c:\windows\system32\dllcache\telnet.exe 2009-06-10 10:13 84,992 a------- c:\windows\system32\avifil32.dll 2009-06-10 10:13 84,992 -------- c:\windows\system32\dllcache\avifil32.dll 2009-06-10 09:19 2,066,432 a------- c:\windows\system32\mstscax.dll 2009-06-10 09:19 2,066,432 a------- c:\windows\system32\dllcache\mstscax.dll 2009-06-10 02:14 132,096 a------- c:\windows\system32\wkssvc.dll 2009-06-10 02:14 132,096 -------- c:\windows\system32\dllcache\wkssvc.dll 2009-06-03 15:09 1,291,264 a------- c:\windows\system32\quartz.dll 2009-06-03 15:09 1,291,264 -------- c:\windows\system32\dllcache\quartz.dll 2009-04-05 19:57 0 a------- c:\docume~1\brian\applic~1\itunesoption.bin 2008-03-21 18:15 20 -c--h--- c:\docume~1\alluse~1\applic~1\PKP_DLds.DAT 2008-03-21 18:15 20 -c--h--- c:\docume~1\alluse~1\applic~1\PKP_DLec.DAT 2004-08-04 07:00 94,784 -c-sh--- c:\windows\TWAIN.DLL 2008-04-13 20:12 50,688 ---sh--- c:\windows\twain_32.dll 2005-03-28 16:33 900 ac-sh--- c:\windows\system32\KGyGaAvL.sys 2008-04-13 20:11 1,028,096 a--sh--- c:\windows\system32\mfc42.dll 2008-04-13 20:12 57,344 a--sh--- c:\windows\system32\msvcirt.dll 2008-04-13 20:12 413,696 a--sh--- c:\windows\system32\msvcp60.dll 2008-04-13 20:12 343,040 a--sh--- c:\windows\system32\msvcrt.dll 2008-04-13 20:12 551,936 a--sh--- c:\windows\system32\oleaut32.dll 2008-04-13 20:12 84,992 a--sh--- c:\windows\system32\olepro32.dll 2008-04-13 20:12 11,776 a--sh--- c:\windows\system32\regsvr32.exe 2004-11-09 03:51 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\application data\microsoft\feeds cache\index.dat 2004-11-09 03:51 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012004110920041110\index.dat ============= FINISH: 15:20:06.09 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-07-30.01) Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume2 Install Date: 12/31/2004 6:26:16 PM System Uptime: 8/19/2009 3:11:32 PM (0 hours ago) Motherboard: Dell Computer Corp. | | 0N6381 Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2793/533mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 72 GiB total, 32.737 GiB free. D: is CDROM (CDFS) ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP1592: 5/20/2009 6:31:25 PM - System Checkpoint RP1593: 5/21/2009 7:44:48 PM - System Checkpoint RP1594: 5/23/2009 10:55:59 AM - System Checkpoint RP1595: 5/24/2009 1:39:40 PM - System Checkpoint RP1596: 5/25/2009 2:28:34 PM - System Checkpoint RP1597: 5/26/2009 5:27:12 PM - System Checkpoint RP1598: 5/27/2009 6:09:13 PM - System Checkpoint RP1599: 5/28/2009 6:38:55 PM - System Checkpoint RP1600: 5/29/2009 7:27:41 PM - System Checkpoint RP1601: 5/30/2009 8:05:47 PM - System Checkpoint RP1602: 5/31/2009 10:43:29 PM - System Checkpoint RP1603: 6/1/2009 10:58:30 PM - System Checkpoint RP1604: 6/3/2009 7:57:28 AM - System Checkpoint RP1605: 6/4/2009 5:23:20 PM - System Checkpoint RP1606: 6/5/2009 9:39:11 PM - System Checkpoint RP1607: 6/7/2009 12:36:54 AM - System Checkpoint RP1608: 6/8/2009 9:01:47 AM - System Checkpoint RP1609: 6/9/2009 10:25:51 AM - System Checkpoint RP1610: 6/10/2009 4:00:33 AM - Software Distribution Service 3.0 RP1611: 6/11/2009 4:19:38 AM - System Checkpoint RP1612: 6/12/2009 6:07:43 AM - System Checkpoint RP1613: 6/12/2009 1:49:34 PM - Installed Microsoft Fix it 50027 RP1614: 6/12/2009 2:43:06 PM - Installed Microsoft Fix it 50027 RP1615: 6/12/2009 3:32:29 PM - Software Distribution Service 3.0 RP1616: 6/13/2009 4:11:53 PM - System Checkpoint RP1617: 6/14/2009 6:57:30 PM - System Checkpoint RP1618: 6/15/2009 11:34:59 PM - System Checkpoint RP1619: 6/17/2009 1:22:52 AM - System Checkpoint RP1620: 6/18/2009 7:47:19 AM - System Checkpoint RP1621: 6/19/2009 9:19:47 AM - System Checkpoint RP1622: 6/20/2009 10:23:49 AM - System Checkpoint RP1623: 6/21/2009 2:11:50 PM - System Checkpoint RP1624: 8/8/2009 7:44:10 PM - System Checkpoint RP1625: 8/9/2009 4:00:24 AM - Software Distribution Service 3.0 RP1626: 8/9/2009 4:32:34 AM - Printer Driver Microsoft XPS Document Writer Installed RP1627: 8/15/2009 5:01:08 PM - Software Distribution Service 3.0 RP1628: 8/15/2009 10:16:56 PM - Software Distribution Service 3.0 RP1629: 8/17/2009 8:16:27 PM - System Checkpoint ==== Installed Programs ====================== 1400 1400_Help 1400Trb Adobe Download Manager 2.0 (Remove Only) Adobe Flash Player 10 ActiveX Adobe Reader 7.0.5 Adobe Shockwave Player 11 AiO_Scan AiOSoftware AOL Instant Messenger Apple Mobile Device Support Apple Software Update Bonjour CCleaner (remove only) Critical Update for Windows Media Player 11 (KB959772) Dell Driver Reset Tool Dell Photo Printer 720 Dell Support Center (Support Software) DellSupport ESPN Java Check Fax GdiplusUpgrade HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) HP Product Assistant HP PSC & OfficeJet 4.7 HP Update Intel® 537EP V9x DF PCI Modem Intel® Extreme Graphics 2 Driver Intel® PRO Network Adapters and Drivers Intel® PROSet for Wired Connections Internet Explorer Default Page iPhone/iTouch/iPod to Computer Transfer 5.1.9 iPod for Windows 2005-09-23 iPod for Windows 2006-06-28 IrfanView (remove only) iTunes J2SE Runtime Environment 5.0 Update 4 J2SE Runtime Environment 5.0 Update 6 Java 2 Runtime Environment, SE v1.4.2_03 Java 6 Update 11 Java 6 Update 5 Malwarebytes' Anti-Malware McAfee SecurityCenter McAfee Shredder Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office Standard Edition 2003 Microsoft Plus! Digital Media Edition Installer Microsoft Plus! Photo Story 2 LE Microsoft Silverlight Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ Run Time Lib Setup Modem Event Monitor Modem Helper Modem On Hold MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 Parser and SDK Music Visualizer Library 1.4.00 My Way Search Assistant Net MD Simple Burner Network Play System (Patching) Nikon Message Center OpenMG Limited Patch 3.1-02-10-22-01 OpenMG Limited Patch 3.1-02-10-22-02 OpenMG Limited Patch 3.1-02-12-04-01 OpenMG Secure Module 3.1 PictureProject PictureProject In Touch Downloader 1.0 ProductContext QuickTime Readme RealPlayer Scan Security Update for Step By Step Interactive Training (KB898458) Security Update for Step By Step Interactive Training (KB923723) Security Update for Windows Internet Explorer 7 (KB928090) Security Update for Windows Internet Explorer 7 (KB929969) Security Update for Windows Internet Explorer 7 (KB931768) Security Update for Windows Internet Explorer 7 (KB933566) Security Update for Windows Internet Explorer 7 (KB937143) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB939653) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows Internet Explorer 8 (KB969897) Security Update for Windows Internet Explorer 8 (KB972260) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player 10 (KB911565) Security Update for Windows Media Player 10 (KB917734) Security Update for Windows Media Player 10 (KB936782) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Skype
  4. here are the logs: ComboFix 09-08-10.06 - Brian 08/17/2009 21:55.4.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.236 [GMT -4:00] Running from: c:\documents and settings\Brian\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Brian\Desktop\CFscript.txt AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} FILE :: "c:\docume~1\emily\LOCALS~1\Temp\gkmixern.sys" "c:\windows\system32\drivers\zcohxi.sys" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_GKMIXERN -------\Legacy_VLTINUYVKADWS -------\Service_gkmixern -------\Service_vltinuyvkadws ((((((((((((((((((((((((( Files Created from 2009-07-18 to 2009-08-18 ))))))))))))))))))))))))))))))) . 2009-08-15 21:02 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll 2009-08-15 20:17 . 2009-08-15 20:17 -------- d-----w- c:\documents and settings\Brian\Application Data\McAfee 2009-08-09 08:19 . 2009-08-09 08:19 -------- d-----w- c:\windows\system32\XPSViewer 2009-08-09 08:19 . 2009-08-09 08:19 -------- d-----w- c:\program files\MSBuild 2009-08-09 08:19 . 2009-08-09 08:19 -------- d-----w- c:\program files\Reference Assemblies 2009-08-09 08:18 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-08-09 08:18 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll 2009-08-09 08:18 . 2009-08-09 08:18 -------- d-----w- C:\22d06f0c895e0e6bf8fed5 2009-08-09 08:18 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll 2009-08-09 08:18 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll 2009-08-09 08:18 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll 2009-08-09 08:18 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll 2009-08-09 08:18 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-08-05 09:01 . 2009-08-05 09:01 204800 ------w- c:\windows\system32\dllcache\mswebdvd.dll 2009-07-30 03:02 . 2009-07-30 03:02 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Apple Computer 2009-07-25 23:11 . 2009-08-10 20:25 664 ----a-w- c:\windows\system32\d3d9caps.dat 2009-07-21 19:53 . 2009-07-21 19:54 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-08-17 23:20 . 2008-08-25 01:19 -------- d-----w- c:\documents and settings\Brian\Application Data\skypePM 2009-08-15 21:35 . 2005-02-21 21:12 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee 2009-08-14 19:02 . 2004-11-09 10:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-08-14 19:02 . 2009-04-10 13:31 3942048 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-08-09 08:31 . 2005-01-23 03:14 -------- d-----w- c:\program files\McAfee 2009-08-05 09:01 . 2004-08-04 11:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-08-03 17:36 . 2004-11-09 10:23 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-08-03 17:36 . 2004-11-09 10:23 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-07-17 19:01 . 2004-08-04 11:00 58880 ----a-w- c:\windows\system32\atl.dll 2009-07-14 03:43 . 2004-08-04 11:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-03 17:09 . 2004-08-04 11:00 915456 ----a-w- c:\windows\system32\wininet.dll 2009-06-25 13:20 . 2009-06-25 13:20 -------- d-sh--w- c:\documents and settings\Guest\Application Data\lowsec 2009-06-24 01:34 . 2009-06-24 01:34 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2009-06-22 13:55 . 2008-08-13 20:01 -------- d-----w- c:\documents and settings\Brian\Application Data\SiteAdvisor 2009-06-16 14:36 . 2004-08-04 11:00 81920 ----a-w- c:\windows\system32\fontsub.dll 2009-06-16 14:36 . 2004-08-04 11:00 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-06-12 12:31 . 2004-08-04 11:00 76288 ----a-w- c:\windows\system32\telnet.exe 2009-06-10 14:13 . 2004-08-04 11:00 84992 ----a-w- c:\windows\system32\avifil32.dll 2009-06-10 13:19 . 2004-08-04 11:00 2066432 ----a-w- c:\windows\system32\mstscax.dll 2009-06-10 06:14 . 2004-08-04 11:00 132096 ----a-w- c:\windows\system32\wkssvc.dll 2009-06-03 19:09 . 2004-08-04 11:00 1291264 ----a-w- c:\windows\system32\quartz.dll 2004-08-04 11:00 . 2004-08-04 11:00 94784 -csh--w- c:\windows\TWAIN.DLL 2008-04-14 00:12 . 2004-08-04 11:00 50688 --sh--w- c:\windows\twain_32.dll 2005-03-28 20:33 . 2005-01-13 05:54 900 -csha-w- c:\windows\SYSTEM32\KGyGaAvL.sys 2008-04-14 00:11 . 2004-08-04 11:00 1028096 --sha-w- c:\windows\SYSTEM32\mfc42.dll 2008-04-14 00:12 . 2004-08-04 11:00 57344 --sha-w- c:\windows\SYSTEM32\msvcirt.dll 2008-04-14 00:12 . 2004-08-04 11:00 413696 --sha-w- c:\windows\SYSTEM32\msvcp60.dll 2008-04-14 00:12 . 2004-08-04 11:00 343040 --sha-w- c:\windows\SYSTEM32\msvcrt.dll 2008-04-14 00:12 . 2004-08-04 11:00 551936 --sha-w- c:\windows\SYSTEM32\oleaut32.dll 2008-04-14 00:12 . 2004-08-04 11:00 84992 --sha-w- c:\windows\SYSTEM32\olepro32.dll 2008-04-14 00:12 . 2004-08-04 11:00 11776 --sha-w- c:\windows\SYSTEM32\regsvr32.exe . ((((((((((((((((((((((((((((( SnapShot_2009-08-15_21.09.20 ))))))))))))))))))))))))))))))))))))))))) . + 2009-08-18 02:11 . 2009-08-18 02:11 16384 c:\windows\temp\Perflib_Perfdata_7f0.dat + 2009-06-12 12:31 . 2009-06-12 12:31 76288 c:\windows\SYSTEM32\DLLCACHE\telnet.exe + 2009-06-10 14:13 . 2009-06-10 14:13 84992 c:\windows\SYSTEM32\DLLCACHE\avifil32.dll + 2009-07-17 19:01 . 2009-07-17 19:01 58880 c:\windows\SYSTEM32\DLLCACHE\atl.dll + 2004-12-31 23:19 . 2009-08-17 23:29 49152 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\index.dat - 2004-12-31 23:19 . 2009-08-15 21:04 49152 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\index.dat + 2004-12-31 23:19 . 2009-08-17 23:29 49152 c:\windows\SYSTEM32\CONFIG\systemprofile\Cookies\index.dat - 2004-12-31 23:19 . 2009-08-15 21:04 49152 c:\windows\SYSTEM32\CONFIG\systemprofile\Cookies\index.dat - 2009-08-09 08:35 . 2009-08-09 08:35 60928 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationProvider\a715aa442ef87ae99b3ade185599249d\UIAutomationProvider.ni.dll + 2009-08-15 21:15 . 2009-08-15 21:15 60928 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationProvider\a715aa442ef87ae99b3ade185599249d\UIAutomationProvider.ni.dll - 2009-08-09 08:40 . 2009-08-09 08:40 37888 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Windows.Pres#\423f794d1f4ed6e120fbb02e436491cb\System.Windows.Presentation.ni.dll + 2009-08-15 22:06 . 2009-08-15 22:06 37888 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Windows.Pres#\423f794d1f4ed6e120fbb02e436491cb\System.Windows.Presentation.ni.dll - 2009-08-09 08:40 . 2009-08-09 08:40 36864 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.DynamicD#\19ca1747c1ea18a3b639b302bca8df93\System.Web.DynamicData.Design.ni.dll + 2009-08-15 22:06 . 2009-08-15 22:06 36864 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.DynamicD#\19ca1747c1ea18a3b639b302bca8df93\System.Web.DynamicData.Design.ni.dll - 2009-08-09 08:38 . 2009-08-09 08:38 94208 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ComponentMod#\532438e2acfcadc469a4d468c51f8451\System.ComponentModel.DataAnnotations.ni.dll + 2009-08-15 21:25 . 2009-08-15 21:25 94208 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ComponentMod#\532438e2acfcadc469a4d468c51f8451\System.ComponentModel.DataAnnotations.ni.dll - 2009-08-09 08:38 . 2009-08-09 08:38 82944 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.AddIn.Contra#\597b20e1b053d6a510cfe033c07a63e6\System.AddIn.Contract.ni.dll + 2009-08-15 21:25 . 2009-08-15 21:25 82944 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.AddIn.Contra#\597b20e1b053d6a510cfe033c07a63e6\System.AddIn.Contract.ni.dll + 2009-08-15 21:28 . 2009-08-15 21:28 55296 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Vsa\790cf1edb17ee41b59be62ecbd59613b\Microsoft.Vsa.ni.dll - 2009-08-09 08:40 . 2009-08-09 08:40 55296 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Vsa\790cf1edb17ee41b59be62ecbd59613b\Microsoft.Vsa.ni.dll + 2009-08-15 21:24 . 2009-08-15 21:24 65024 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e9aba2eab90d647356f65e66053da02b\Microsoft.Build.Framework.ni.dll - 2009-08-09 08:38 . 2009-08-09 08:38 65024 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e9aba2eab90d647356f65e66053da02b\Microsoft.Build.Framework.ni.dll - 2009-08-09 08:38 . 2009-08-09 08:38 74752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\28343d470d992f169ca0e7cdb3cc3117\Microsoft.Build.Framework.ni.dll + 2009-08-15 21:23 . 2009-08-15 21:23 74752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\28343d470d992f169ca0e7cdb3cc3117\Microsoft.Build.Framework.ni.dll + 2009-08-15 21:23 . 2009-08-15 21:23 14336 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\dfsvc\f4e38208e88cb4cc314a1d6543b9fcc6\dfsvc.ni.exe - 2009-08-09 08:38 . 2009-08-09 08:38 14336 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\dfsvc\f4e38208e88cb4cc314a1d6543b9fcc6\dfsvc.ni.exe - 2009-08-09 08:37 . 2009-08-09 08:37 25600 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll + 2009-08-15 21:23 . 2009-08-15 21:23 25600 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll - 2009-08-15 20:58 . 2009-08-15 20:58 8192 c:\windows\ERDNT\subs\Users\00000004\UsrClass.dat + 2009-08-18 02:09 . 2009-08-18 02:09 8192 c:\windows\ERDNT\subs\Users\00000004\UsrClass.dat - 2009-08-15 20:58 . 2009-08-15 20:58 8192 c:\windows\ERDNT\subs\Users\00000002\UsrClass.dat + 2009-08-18 02:09 . 2009-08-18 02:09 8192 c:\windows\ERDNT\subs\Users\00000002\UsrClass.dat + 2004-08-04 11:00 . 2009-07-14 03:43 286208 c:\windows\SYSTEM32\DLLCACHE\wmpdxm.dll + 2009-06-10 06:14 . 2009-06-10 06:14 132096 c:\windows\SYSTEM32\DLLCACHE\wkssvc.dll + 2004-12-31 23:19 . 2009-08-17 23:29 933888 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2004-12-31 23:19 . 2009-08-15 21:04 933888 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2009-08-18 02:09 . 2009-08-18 02:09 184320 c:\windows\ERDNT\subs\Users\00000006\UsrClass.dat - 2009-08-15 20:58 . 2009-08-15 20:58 184320 c:\windows\ERDNT\subs\Users\00000006\UsrClass.dat + 2009-08-18 02:09 . 2009-08-18 02:09 237568 c:\windows\ERDNT\subs\Users\00000003\NTUSER.DAT - 2009-08-15 20:58 . 2009-08-15 20:58 237568 c:\windows\ERDNT\subs\Users\00000003\NTUSER.DAT - 2009-08-15 20:58 . 2009-08-15 20:58 237568 c:\windows\ERDNT\subs\Users\00000001\NTUSER.DAT + 2009-08-18 02:09 . 2009-08-18 02:09 237568 c:\windows\ERDNT\subs\Users\00000001\NTUSER.DAT - 2009-08-09 08:37 . 2009-08-09 08:37 321536 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\WsatConfig\2ef5bc3a2edd7570bb23886a4f32294a\WsatConfig.ni.exe + 2009-08-15 21:22 . 2009-08-15 21:22 321536 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\WsatConfig\2ef5bc3a2edd7570bb23886a4f32294a\WsatConfig.ni.exe + 2009-08-15 21:17 . 2009-08-15 21:17 240128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\6a818099f0386e2356ae94f886a2196f\WindowsFormsIntegration.ni.dll - 2009-08-09 08:35 . 2009-08-09 08:35 240128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\6a818099f0386e2356ae94f886a2196f\WindowsFormsIntegration.ni.dll - 2009-08-09 08:35 . 2009-08-09 08:35 187904 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationTypes\a6d9503962d47c722231c1478f180695\UIAutomationTypes.ni.dll + 2009-08-15 21:15 . 2009-08-15 21:15 187904 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationTypes\a6d9503962d47c722231c1478f180695\UIAutomationTypes.ni.dll + 2009-08-15 21:15 . 2009-08-15 21:15 447488 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationClient\5c028c3d8db6c0f0277673ea4a2d89fb\UIAutomationClient.ni.dll - 2009-08-09 08:35 . 2009-08-09 08:35 447488 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationClient\5c028c3d8db6c0f0277673ea4a2d89fb\UIAutomationClient.ni.dll + 2009-08-15 22:07 . 2009-08-15 22:07 400896 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Xml.Linq\c338a470b14851ce5987bb0f0869c310\System.Xml.Linq.ni.dll - 2009-08-09 08:41 . 2009-08-09 08:41 400896 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Xml.Linq\c338a470b14851ce5987bb0f0869c310\System.Xml.Linq.ni.dll - 2009-08-09 08:40 . 2009-08-09 08:40 129536 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Routing\bb77ea11f46ab438b2b7ed7c180011a1\System.Web.Routing.ni.dll + 2009-08-15 21:30 . 2009-08-15 21:30 129536 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Routing\bb77ea11f46ab438b2b7ed7c180011a1\System.Web.Routing.ni.dll + 2009-08-15 22:06 . 2009-08-15 22:06 202240 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.RegularE#\6ee255220d90dcbe80c990e443051cc5\System.Web.RegularExpressions.ni.dll - 2009-08-09 08:40 . 2009-08-09 08:40 202240 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.RegularE#\6ee255220d90dcbe80c990e443051cc5\System.Web.RegularExpressions.ni.dll + 2009-08-15 22:06 . 2009-08-15 22:06 859648 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Extensio#\58f62044fa702ea6f936071aa5520baa\System.Web.Extensions.Design.ni.dll - 2009-08-09 08:40 . 2009-08-09 08:40 859648 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Extensio#\58f62044fa702ea6f936071aa5520baa\System.Web.Extensions.Design.ni.dll + 2009-08-15 22:06 . 2009-08-15 22:06 328704 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Entity\79c29ac85dd57dd485ab60118ac292ff\System.Web.Entity.ni.dll - 2009-08-09 08:40 . 2009-08-09 08:40 328704 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Entity\79c29ac85dd57dd485ab60118ac292ff\System.Web.Entity.ni.dll - 2009-08-09 08:40 . 2009-08-09 08:40 301056 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d3d65e34fa60f0b6c72ca0d12ec89933\System.Web.Entity.Design.ni.dll + 2009-08-15 22:06 . 2009-08-15 22:06 301056 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d3d65e34fa60f0b6c72ca0d12ec89933\System.Web.Entity.Design.ni.dll - 2009-08-09 08:40 . 2009-08-09 08:40 547328 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.DynamicD#\b7891f5659db299dbd1b3c72db7edb9f\System.Web.DynamicData.ni.dll + 2009-08-15 22:06 . 2009-08-15 22:06 547328 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.DynamicD#\b7891f5659db299dbd1b3c72db7edb9f\System.Web.DynamicData.ni.dll + 2009-08-15 21:30 . 2009-08-15 21:30 141312 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Abstract#\00ec08741a765c707bd9169346064a81\System.Web.Abstractions.ni.dll - 2009-08-09 08:40 . 2009-08-09 08:40 141312 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Abstract#\00ec08741a765c707bd9169346064a81\System.Web.Abstractions.ni.dll - 2009-08-09 08:40 . 2009-08-09 08:40 627200 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Transactions\5a555c9ae6984c40157cf940bb519f7c\System.Transactions.ni.dll + 2009-08-15 21:29 . 2009-08-15 21:29 627200 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Transactions\5a555c9ae6984c40157cf940bb519f7c\System.Transactions.ni.dll + 2009-08-15 21:29 . 2009-08-15 21:29 212992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll - 2009-08-09 08:40 . 2009-08-09 08:40 212992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll + 2009-08-15 21:24 . 2009-08-15 21:24 676352 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Security\1c8df2da33222c048d683017f2095f04\System.Security.ni.dll - 2009-08-09 08:38 . 2009-08-09 08:38 676352 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Security\1c8df2da33222c048d683017f2095f04\System.Security.ni.dll - 2009-08-09 08:39 . 2009-08-09 08:39 311296 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16d8c3589cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2009-08-15 21:28 . 2009-08-15 21:28 311296 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16d8c3589cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2009-08-15 21:28 . 2009-08-15 21:28 621056 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Net\519d9c618341b136f9b963ffb7495308\System.Net.ni.dll - 2009-08-09 08:40 . 2009-08-09 08:40 621056 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Net\519d9c618341b136f9b963ffb7495308\System.Net.ni.dll - 2009-08-09 08:40 . 2009-08-09 08:40 998400 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll + 2009-08-15 21:28 . 2009-08-15 21:28 998400 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll - 2009-08-09 08:39 . 2009-08-09 08:39 330752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Management.I#\1d3fbbd23ce1e8637ef4f40a8d23cd32\System.Management.Instrumentation.ni.dll + 2009-08-15 21:28 . 2009-08-15 21:28 330752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Management.I#\1d3fbbd23ce1e8637ef4f40a8d23cd32\System.Management.Instrumentation.ni.dll - 2009-08-09 08:36 . 2009-08-09 08:36 381440 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IO.Log\7c367a96b10d626ec8cbf8149272d845\System.IO.Log.ni.dll + 2009-08-15 21:19 . 2009-08-15 21:19 381440 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IO.Log\7c367a96b10d626ec8cbf8149272d845\System.IO.Log.ni.dll + 2009-08-15 21:19 . 2009-08-15 21:19 212992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IdentityMode#\68e71147704ef0d34d9a4bece7767fc5\System.IdentityModel.Selectors.ni.dll - 2009-08-09 08:36 . 2009-08-09 08:36 212992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IdentityMode#\68e71147704ef0d34d9a4bece7767fc5\System.IdentityModel.Selectors.ni.dll + 2009-08-15 21:28 . 2009-08-15 21:28 280064 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.Wrapper.dll - 2009-08-09 08:39 . 2009-08-09 08:39 280064 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.Wrapper.dll - 2009-08-09 08:39 . 2009-08-09 08:39 627712 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.ni.dll + 2009-08-15 21:28 . 2009-08-15 21:28 627712 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.ni.dll - 2009-08-09 08:39 . 2009-08-09 08:39 455680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\c434a07332ce490711c27fd0edb7562f\System.DirectoryServices.Protocols.ni.dll + 2009-08-15 21:28 . 2009-08-15 21:28 455680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\c434a07332ce490711c27fd0edb7562f\System.DirectoryServices.Protocols.ni.dll + 2009-08-15 21:28 . 2009-08-15 21:28 881152 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\8b3bb7a2c2f3ffe94c866283f1cd5957\System.DirectoryServices.AccountManagement.ni.dll - 2009-08-09 08:39 . 2009-08-09 08:39 881152 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\8b3bb7a2c2f3ffe94c866283f1cd5957\System.DirectoryServices.AccountManagement.ni.dll + 2009-08-15 21:27 . 2009-08-15 21:27 939008 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Service#\a4b887f476fa4b8746a93a9fc2208560\System.Data.Services.Client.ni.dll - 2009-08-09 08:39 . 2009-08-09 08:39 939008 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Service#\a4b887f476fa4b8746a93a9fc2208560\System.Data.Services.Client.ni.dll + 2009-08-15 21:28 . 2009-08-15 21:28 354816 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Service#\1cf3acad6553d6c59df576794f4e8bd6\System.Data.Services.Design.ni.dll - 2009-08-09 08:39 . 2009-08-09 08:39 354816 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Service#\1cf3acad6553d6c59df576794f4e8bd6\System.Data.Services.Design.ni.dll - 2009-08-09 08:39 . 2009-08-09 08:39 756736 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Entity.#\392de34573f9f8ec885714f2f3e7f07f\System.Data.Entity.Design.ni.dll + 2009-08-15 21:27 . 2009-08-15 21:27 756736 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Entity.#\392de34573f9f8ec885714f2f3e7f07f\System.Data.Entity.Design.ni.dll + 2009-08-15 21:25 . 2009-08-15 21:25 135680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.DataSet#\1db495ff00bbd14df4af6680c4de0653\System.Data.DataSetExtensions.ni.dll - 2009-08-09 08:38 . 2009-08-09 08:38 135680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.DataSet#\1db495ff00bbd14df4af6680c4de0653\System.Data.DataSetExtensions.ni.dll - 2009-08-09 08:38 . 2009-08-09 08:38 971264 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll + 2009-08-15 21:24 . 2009-08-15 21:24 971264 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll + 2009-08-15 21:28 . 2009-08-15 21:28 141312 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Configuratio#\de514e484e49b04b016949d57ffac03e\System.Configuration.Install.ni.dll - 2009-08-09 08:39 . 2009-08-09 08:39 141312 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Configuratio#\de514e484e49b04b016949d57ffac03e\System.Configuration.Install.ni.dll + 2009-08-15 21:25 . 2009-08-15 21:25 633856 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.AddIn\ce984d754e3c0b6be4504b785cc43574\System.AddIn.ni.dll - 2009-08-09 08:38 . 2009-08-09 08:38 633856 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.AddIn\ce984d754e3c0b6be4504b785cc43574\System.AddIn.ni.dll - 2009-08-09 08:37 . 2009-08-09 08:37 366080 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\SMSvcHost\045dd501b7257b1cc26083538ae69045\SMSvcHost.ni.exe + 2009-08-15 21:22 . 2009-08-15 21:22 366080 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\SMSvcHost\045dd501b7257b1cc26083538ae69045\SMSvcHost.ni.exe - 2009-08-09 08:37 . 2009-08-09 08:37 256000 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\SMDiagnostics\9790551187e294b4ed3aaa1c221891c7\SMDiagnostics.ni.dll + 2009-08-15 21:22 . 2009-08-15 21:22 256000 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\SMDiagnostics\9790551187e294b4ed3aaa1c221891c7\SMDiagnostics.ni.dll - 2009-08-09 08:37 . 2009-08-09 08:37 320512 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\ServiceModelReg\10a0c9707876fc1f65e64b811a28b020\ServiceModelReg.ni.exe + 2009-08-15 21:22 . 2009-08-15 21:22 320512 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\ServiceModelReg\10a0c9707876fc1f65e64b811a28b020\ServiceModelReg.ni.exe + 2009-08-15 21:23 . 2009-08-15 21:23 133632 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\MSBuild\6d38e317128608bc4516ea46ab94590e\MSBuild.ni.exe - 2009-08-09 08:38 . 2009-08-09 08:38 133632 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\MSBuild\6d38e317128608bc4516ea46ab94590e\MSBuild.ni.exe + 2009-08-15 21:22 . 2009-08-15 21:22 386560 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1820d6a012fc0e16c3e1d29d973cd2d0\Microsoft.Transactions.Bridge.Dtc.ni.dll - 2009-08-09 08:37 . 2009-08-09 08:37 386560 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1820d6a012fc0e16c3e1d29d973cd2d0\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2009-08-15 21:25 . 2009-08-15 21:25 144384 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\55b9eff9e23359faed4351386c062238\Microsoft.Build.Utilities.ni.dll - 2009-08-09 08:38 . 2009-08-09 08:38 144384 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\55b9eff9e23359faed4351386c062238\Microsoft.Build.Utilities.ni.dll + 2009-08-15 21:25 . 2009-08-15 21:25 175104 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4217124db1ea5de5f1a1f3eea75e8d32\Microsoft.Build.Utilities.v3.5.ni.dll - 2009-08-09 08:38 . 2009-08-09 08:38 175104 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4217124db1ea5de5f1a1f3eea75e8d32\Microsoft.Build.Utilities.v3.5.ni.dll + 2009-08-15 21:24 . 2009-08-15 21:24 839680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\96825c34d7e1f7df1923ff2123bed8da\Microsoft.Build.Engine.ni.dll - 2009-08-09 08:38 . 2009-08-09 08:38 839680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\96825c34d7e1f7df1923ff2123bed8da\Microsoft.Build.Engine.ni.dll + 2009-08-15 21:24 . 2009-08-15 21:24 222720 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\9b321ebf67587237f576df6104a32588\Microsoft.Build.Conversion.v3.5.ni.dll - 2009-08-09 08:38 . 2009-08-09 08:38 222720 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\9b321ebf67587237f576df6104a32588\Microsoft.Build.Conversion.v3.5.ni.dll - 2009-08-09 08:38 . 2009-08-09 08:38 220672 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\CustomMarshalers\9bea05938bee3555c5aa8763d89a68f9\CustomMarshalers.ni.dll + 2009-08-15 21:24 . 2009-08-15 21:24 220672 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\CustomMarshalers\9bea05938bee3555c5aa8763d89a68f9\CustomMarshalers.ni.dll + 2009-08-15 21:22 . 2009-08-15 21:22 410112 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\ComSvcConfig\12629e2f3e315459bee67cbbaac85cb2\ComSvcConfig.ni.exe - 2009-08-09 08:37 . 2009-08-09 08:37 410112 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\ComSvcConfig\12629e2f3e315459bee67cbbaac85cb2\ComSvcConfig.ni.exe - 2009-08-09 08:37 . 2009-08-09 08:37 842240 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\AspNetMMCExt\b5b2feadc3943e3976daebc0bcd2b5e2\AspNetMMCExt.ni.dll + 2009-08-15 21:23 . 2009-08-15 21:23 842240 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\AspNetMMCExt\b5b2feadc3943e3976daebc0bcd2b5e2\AspNetMMCExt.ni.dll + 2004-08-04 11:00 . 2009-06-10 13:19 2066432 c:\windows\SYSTEM32\DLLCACHE\mstscax.dll + 2009-08-18 02:09 . 2009-08-18 02:09 3784704 c:\windows\ERDNT\subs\Users\00000005\NTUSER.DAT + 2009-08-15 21:15 . 2009-08-15 21:15 1049600 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationClients#\f3c7957351aec85f526a3350c9718b1e\UIAutomationClientsideProviders.ni.dll - 2009-08-09 08:35 . 2009-08-09 08:35 1049600 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationClients#\f3c7957351aec85f526a3350c9718b1e\UIAutomationClientsideProviders.ni.dll + 2009-08-15 21:14 . 2009-08-15 21:14 5450752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll - 2009-08-09 08:35 . 2009-08-09 08:35 5450752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll + 2009-08-15 22:07 . 2009-08-15 22:07 1356288 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.WorkflowServ#\ac1750e78d79520dcf19195772eff1b6\System.WorkflowServices.ni.dll - 2009-08-09 08:41 . 2009-08-09 08:41 1356288 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.WorkflowServ#\ac1750e78d79520dcf19195772eff1b6\System.WorkflowServices.ni.dll - 2009-08-09 08:41 . 2009-08-09 08:41 1908224 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Run#\d265da36954fcb4cb7ad5adc693ea0f2\System.Workflow.Runtime.ni.dll + 2009-08-15 22:07 . 2009-08-15 22:07 1908224 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Run#\d265da36954fcb4cb7ad5adc693ea0f2\System.Workflow.Runtime.ni.dll - 2009-08-09 08:41 . 2009-08-09 08:41 4514304 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Com#\693a8fbe6f7ad6e4e429052da4317e59\System.Workflow.ComponentModel.ni.dll + 2009-08-15 22:07 . 2009-08-15 22:07 4514304 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Com#\693a8fbe6f7ad6e4e429052da4317e59\System.Workflow.ComponentModel.ni.dll + 2009-08-15 22:06 . 2009-08-15 22:06 2992640 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Act#\cc99fbbac0b6e4e9ca62093e49b0c16b\System.Workflow.Activities.ni.dll - 2009-08-09 08:41 . 2009-08-09 08:41 2992640 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Act#\cc99fbbac0b6e4e9ca62093e49b0c16b\System.Workflow.Activities.ni.dll - 2009-08-09 08:40 . 2009-08-09 08:40 1840640 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Services\b57bb002a655920cbfa2bee29d1e22b7\System.Web.Services.ni.dll + 2009-08-15 22:06 . 2009-08-15 22:06 1840640 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Services\b57bb002a655920cbfa2bee29d1e22b7\System.Web.Services.ni.dll + 2009-08-15 22:06 . 2009-08-15 22:06 2209280 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Mobile\81197e32ec931f439b3114e9031b65d6\System.Web.Mobile.ni.dll - 2009-08-09 08:40 . 2009-08-09 08:40 2209280 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Mobile\81197e32ec931f439b3114e9031b65d6\System.Web.Mobile.ni.dll + 2009-08-15 22:06 . 2009-08-15 22:06 2403328 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Extensio#\7f64c9d25471b72e1e957bdfe67947c8\System.Web.Extensions.ni.dll - 2009-08-09 08:40 . 2009-08-09 08:40 2403328 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Extensio#\7f64c9d25471b72e1e957bdfe67947c8\System.Web.Extensions.ni.dll - 2009-08-09 08:35 . 2009-08-09 08:35 1917440 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Speech\63cf639b6e0a3c25c1643c85016e7422\System.Speech.ni.dll + 2009-08-15 21:12 . 2009-08-15 21:12 1917440 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Speech\63cf639b6e0a3c25c1643c85016e7422\System.Speech.ni.dll + 2009-08-15 21:29 . 2009-08-15 21:29 1706496 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceModel#\340cad17fe57947eacbc8fa2cea780da\System.ServiceModel.Web.ni.dll - 2009-08-09 08:40 . 2009-08-09 08:40 1706496 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceModel#\340cad17fe57947eacbc8fa2cea780da\System.ServiceModel.Web.ni.dll - 2009-08-09 08:37 . 2009-08-09 08:37 2338304 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Runtime.Seri#\034c91b133dee73d452652c52767b5ea\System.Runtime.Serialization.ni.dll + 2009-08-15 21:19 . 2009-08-15 21:19 2338304 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Runtime.Seri#\034c91b133dee73d452652c52767b5ea\System.Runtime.Serialization.ni.dll - 2009-08-09 08:35 . 2009-08-09 08:35 1035264 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Printing\646ab52eef343380aa002c220dc31e13\System.Printing.ni.dll + 2009-08-15 21:11 . 2009-08-15 21:11 1035264 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Printing\646ab52eef343380aa002c220dc31e13\System.Printing.ni.dll - 2009-08-09 08:36 . 2009-08-09 08:36 1056768 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IdentityModel\c2de8479e54852f56996f79bc93acb13\System.IdentityModel.ni.dll + 2009-08-15 21:19 . 2009-08-15 21:19 1056768 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IdentityModel\c2de8479e54852f56996f79bc93acb13\System.IdentityModel.ni.dll - 2009-08-09 08:39 . 2009-08-09 08:39 1116672 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\543aced762f6b0c3f8e037955941afc6\System.DirectoryServices.ni.dll + 2009-08-15 21:28 . 2009-08-15 21:28 1116672 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\543aced762f6b0c3f8e037955941afc6\System.DirectoryServices.ni.dll + 2009-08-15 21:28 . 2009-08-15 21:28 1801216 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Deployment\a6b58624486714fa71e5e35186850ff0\System.Deployment.ni.dll - 2009-08-09 08:39 . 2009-08-09 08:39 1801216 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Deployment\a6b58624486714fa71e5e35186850ff0\System.Deployment.ni.dll - 2009-08-09 08:38 . 2009-08-09 08:38 2510336 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.SqlXml\826b09ab0d0e36f4d631b4cd335df511\System.Data.SqlXml.ni.dll + 2009-08-15 21:24 . 2009-08-15 21:24 2510336 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.SqlXml\826b09ab0d0e36f4d631b4cd335df511\System.Data.SqlXml.ni.dll + 2009-08-15 21:27 . 2009-08-15 21:27 1328128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Services\956a513dcbd44d5a6801840ef2b0b47b\System.Data.Services.ni.dll - 2009-08-09 08:39 . 2009-08-09 08:39 1328128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Services\956a513dcbd44d5a6801840ef2b0b47b\System.Data.Services.ni.dll + 2009-08-15 21:27 . 2009-08-15 21:27 9924096 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Entity\6479f975b105808a8d9e7a7fdc762551\System.Data.Entity.ni.dll - 2009-08-09 08:39 . 2009-08-09 08:39 9924096 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Entity\6479f975b105808a8d9e7a7fdc762551\System.Data.Entity.ni.dll + 2009-08-15 21:25 . 2009-08-15 21:25 1712128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll - 2009-08-09 08:38 . 2009-08-09 08:38 1712128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll - 2009-08-09 08:37 . 2009-08-09 08:37 1093120 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Transacti#\6b2f62f5e981913fce1d223f645d9ddf\Microsoft.Transactions.Bridge.ni.dll + 2009-08-15 21:22 . 2009-08-15 21:22 1093120 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Transacti#\6b2f62f5e981913fce1d223f645d9ddf\Microsoft.Transactions.Bridge.ni.dll - 2009-08-09 08:40 . 2009-08-09 08:40 2332160 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.JScript\b261961046545831aa60963e84905968\Microsoft.JScript.ni.dll + 2009-08-15 21:28 . 2009-08-15 21:28 2332160 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.JScript\b261961046545831aa60963e84905968\Microsoft.JScript.ni.dll + 2009-08-15 21:24 . 2009-08-15 21:24 1620992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\bd241492d96db39f20e758c13c845033\Microsoft.Build.Tasks.ni.dll - 2009-08-09 08:38 . 2009-08-09 08:38 1620992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\bd241492d96db39f20e758c13c845033\Microsoft.Build.Tasks.ni.dll + 2009-08-15 21:25 . 2009-08-15 21:25 1966080 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\a47100d8f4574bed2d49d83d0ab8964e\Microsoft.Build.Tasks.v3.5.ni.dll - 2009-08-09 08:38 . 2009-08-09 08:38 1966080 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\a47100d8f4574bed2d49d83d0ab8964e\Microsoft.Build.Tasks.v3.5.ni.dll - 2009-08-09 08:38 . 2009-08-09 08:38 1888768 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6cfe582681724965fb817e8ece5f0909\Microsoft.Build.Engine.ni.dll + 2009-08-15 21:23 . 2009-08-15 21:23 1888768 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6cfe582681724965fb817e8ece5f0909\Microsoft.Build.Engine.ni.dll + 2004-08-04 11:00 . 2009-07-14 03:43 10841088 c:\windows\SYSTEM32\wmp.dll + 2009-03-30 03:10 . 2009-07-30 00:49 24281536 c:\windows\SYSTEM32\MRT.exe + 2009-07-14 03:43 . 2009-07-14 03:43 10841088 c:\windows\SYSTEM32\DLLCACHE\wmp.dll + 2009-08-15 21:13 . 2009-08-15 21:13 12430848 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll - 2009-08-09 08:35 . 2009-08-09 08:35 12430848 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll - 2009-08-09 08:40 . 2009-08-09 08:40 11796992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll + 2009-08-15 21:29 . 2009-08-15 21:29 11796992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll - 2009-08-09 08:37 . 2009-08-09 08:37 17317888 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceModel\4146033013edebd7e0cb604e504ebfee\System.ServiceModel.ni.dll + 2009-08-15 21:21 . 2009-08-15 21:21 17317888 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceModel\4146033013edebd7e0cb604e504ebfee\System.ServiceModel.ni.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AIM"="c:\program files\AIM\aim.exe" [2005-08-05 67160] "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-08-12 21741864] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OSCD_Creator"="c:\dell\PreODM.EXE" [2004-10-31 408576] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-02 136600] "IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2005-05-12 180269] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688] "SiteAdvisor"="c:\program files\SiteAdvisor\6172\SiteAdv.exe" [2007-02-09 36904] "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-01-09 645328] "dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928] "snp2std"="c:\windows\vsnp2std.exe" [2006-09-15 675840] "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "OSCD_Creator"="c:\dell\PreODM.EXE" [2004-10-31 408576] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Update Utility"="\\?\globalroot\systemroot\system32\vfhr.exe" [?] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696] NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2007-5-19 118784] [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSetActiveDesktop"= 1 (0x1) "NoActiveDesktopChanges"= 1 (0x1) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"= "c:\\Program Files\\AIM\\aim.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\SYSTEM32\\LEXPPS.EXE"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"= "c:\\Program Files\\McAfee\\MPF\\MpfSrv.exe"= "c:\\Program Files\\Dell Support Center\\bin\\sprtsvc.exe"= R3 Am772;AMD Alchemy Solutions Wireless 802.11 Adapter;c:\windows\SYSTEM32\DRIVERS\Am772.sys [7/10/2003 6:47 PM 151894] S0 $sys$cor;$sys$cor;c:\windows\system32\Drivers\$sys$cor.sys --> c:\windows\system32\Drivers\$sys$cor.sys [?] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Contents of the 'Scheduled Tasks' folder 2009-06-26 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 16:34] 2009-06-15 c:\windows\Tasks\McDefragTask.job - c:\program files\mcafee\mqc\QcConsol.exe [2007-02-15 15:53] 2009-06-01 c:\windows\Tasks\McQcTask.job - c:\program files\mcafee\mqc\QcConsol.exe [2007-02-15 15:53] 2009-08-17 c:\windows\Tasks\User_Feed_Synchronization-{DF4C93FD-E010-495E-BE2B-9D30E0F32456}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 08:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com/ uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-08-17 22:12 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce OSCD_Creator = c:\dell\PreODM.EXE /2?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(1464) c:\windows\system32\WININET.dll c:\program files\SiteAdvisor\6172\saHook.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\SYSTEM32\LEXBCES.EXE c:\windows\SYSTEM32\LEXPPS.EXE c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\progra~1\McAfee\MSC\mcmscsvc.exe c:\program files\Common Files\McAfee\MNA\McNASvc.exe c:\progra~1\COMMON~1\McAfee\McProxy\McProxy.exe c:\progra~1\McAfee\VIRUSS~1\Mcshield.exe c:\program files\McAfee\MSK\msksrver.exe c:\windows\SYSTEM32\HPZipm12.exe c:\program files\Dell Support Center\bin\sprtsvc.exe c:\progra~1\McAfee.com\Agent\mcagent.exe c:\windows\SYSTEM32\wscntfy.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Skype\Plugin Manager\skypePM.exe c:\program files\McAfee\MPF\MpfSrv.exe c:\program files\Java\jre6\bin\jucheck.exe . ************************************************************************** . Completion time: 2009-08-18 22:23 - machine was rebooted ComboFix-quarantined-files.txt 2009-08-18 02:23 ComboFix2.txt 2009-08-15 21:40 ComboFix3.txt 2009-06-24 15:05 Pre-Run: 34,695,454,720 bytes free Post-Run: 34,904,555,520 bytes free 402 --- E O F --- 2009-08-16 02:24 Malwarebytes' Anti-Malware 1.40 Database version: 2650 Windows 5.1.2600 Service Pack 3 8/18/2009 3:22:41 PM mbam-log-2009-08-18 (15-22-41).txt Scan type: Quick Scan Objects scanned: 120573 Time elapsed: 6 minute(s), 33 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:24:51 PM, on 8/18/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\common files\mcafee\mna\mcnasvc.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Dell Support Center\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\SiteAdvisor\6172\SiteAdv.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\vsnp2std.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AIM\aim.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\Java\jre6\bin\jucheck.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O4 - HKLM\..\Run: [OSCD_Creator] c:\Dell\PreODM.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [intelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [OSCD_Creator] C:\Dell\PreODM.EXE /2 O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [Windows Update Utility] \\?\globalroot\systemroot\system32\vfhr.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Windows Update Utility] \\?\globalroot\systemroot\system32\vfhr.exe (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Risk/Images/stg_drm.ocx O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409 O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Risk/Images/armhelper.ocx O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe -- End of file - 9878 bytes
  5. this is the hijack this log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 5:43:49 PM, on 8/15/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\common files\mcafee\mna\mcnasvc.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Dell Support Center\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\WINDOWS\system32\wscntfy.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\SiteAdvisor\6172\SiteAdv.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\AIM\aim.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Nikon\PictureProject\NkbMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Java\jre6\bin\jucheck.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O4 - HKLM\..\Run: [OSCD_Creator] c:\Dell\PreODM.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [intelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [OSCD_Creator] C:\Dell\PreODM.EXE /2 O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-18\..\Run: [Windows Update Utility] \\?\globalroot\systemroot\system32\vfhr.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Windows Update Utility] \\?\globalroot\systemroot\system32\vfhr.exe (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Risk/Images/stg_drm.ocx O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409 O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Risk/Images/armhelper.ocx O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe -- End of file - 9964 bytes
  6. + 2008-07-25 15:17 . 2008-07-25 15:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll + 2008-07-25 15:16 . 2008-07-25 15:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll + 2008-07-25 15:16 . 2008-07-25 15:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll + 2008-07-25 15:16 . 2008-07-25 15:16 96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll + 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll + 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll + 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll + 2008-07-25 15:16 . 2008-07-25 15:16 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll + 2008-07-25 15:16 . 2008-07-25 15:16 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe + 2009-03-20 01:50 . 2009-03-20 01:50 51712 c:\windows\Installer\84b23a2.msi + 2004-12-22 03:13 . 2004-12-22 03:13 72704 c:\windows\Installer\83f5.msi + 2009-06-02 01:41 . 2009-06-02 01:41 99328 c:\windows\Installer\5e50e31.msi + 2008-07-30 01:07 . 2008-07-30 01:07 23040 c:\windows\Installer\1f588f1.msp + 2009-08-09 08:16 . 2009-08-09 08:16 88576 c:\windows\Installer\1f014ed.msi + 2009-08-09 08:10 . 2009-04-30 21:22 12800 c:\windows\ie8updates\KB972260-IE8\xpshims.dll + 2009-08-09 08:10 . 2009-03-08 08:31 55296 c:\windows\ie8updates\KB972260-IE8\msfeedsbs.dll + 2009-08-09 08:10 . 2009-04-30 21:22 25600 c:\windows\ie8updates\KB972260-IE8\jsproxy.dll + 2009-08-09 08:18 . 2008-07-06 12:06 89088 c:\windows\Driver Cache\I386\filterpipelineprintproc.dll + 2009-08-09 08:35 . 2009-08-09 08:35 60928 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationProvider\a715aa442ef87ae99b3ade185599249d\UIAutomationProvider.ni.dll + 2009-08-09 08:40 . 2009-08-09 08:40 37888 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Windows.Pres#\423f794d1f4ed6e120fbb02e436491cb\System.Windows.Presentation.ni.dll + 2009-08-09 08:40 . 2009-08-09 08:40 36864 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.DynamicD#\19ca1747c1ea18a3b639b302bca8df93\System.Web.DynamicData.Design.ni.dll + 2009-08-09 08:38 . 2009-08-09 08:38 94208 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ComponentMod#\532438e2acfcadc469a4d468c51f8451\System.ComponentModel.DataAnnotations.ni.dll + 2009-08-09 08:38 . 2009-08-09 08:38 82944 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.AddIn.Contra#\597b20e1b053d6a510cfe033c07a63e6\System.AddIn.Contract.ni.dll + 2009-08-15 21:03 . 2009-08-15 21:03 47104 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFontCac#\2d7408a0232f2e2efd0d7adf5dfa733a\PresentationFontCache.ni.exe + 2009-08-09 08:28 . 2009-08-09 08:28 39424 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationCFFRast#\c8fd2d9233f8ea3031fb16f697635231\PresentationCFFRasterizer.ni.dll + 2009-08-09 08:40 . 2009-08-09 08:40 55296 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Vsa\790cf1edb17ee41b59be62ecbd59613b\Microsoft.Vsa.ni.dll + 2009-08-09 08:38 . 2009-08-09 08:38 65024 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e9aba2eab90d647356f65e66053da02b\Microsoft.Build.Framework.ni.dll + 2009-08-09 08:38 . 2009-08-09 08:38 74752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\28343d470d992f169ca0e7cdb3cc3117\Microsoft.Build.Framework.ni.dll + 2009-08-09 08:38 . 2009-08-09 08:38 14336 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\dfsvc\f4e38208e88cb4cc314a1d6543b9fcc6\dfsvc.ni.exe + 2009-08-09 08:37 . 2009-08-09 08:37 25600 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll + 2009-08-09 08:19 . 2009-08-09 08:19 94208 c:\windows\ASSEMBLY\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll + 2009-08-09 08:19 . 2009-08-09 08:19 98304 c:\windows\ASSEMBLY\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll + 2009-08-09 08:19 . 2009-08-09 08:19 40960 c:\windows\ASSEMBLY\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll + 2009-08-09 08:21 . 2009-08-09 08:21 12288 c:\windows\ASSEMBLY\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll + 2009-08-09 08:21 . 2009-08-09 08:21 61440 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll + 2009-08-09 08:25 . 2009-08-09 08:25 77824 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2009-08-09 08:21 . 2009-08-09 08:21 32768 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll + 2009-08-09 08:21 . 2009-08-09 08:21 77824 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll + 2009-08-09 08:19 . 2009-08-09 08:19 32768 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll + 2009-08-09 08:19 . 2009-08-09 08:19 73728 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll - 2009-04-04 21:23 . 2009-04-04 21:23 81920 c:\windows\ASSEMBLY\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2009-08-09 08:25 . 2009-08-09 08:25 81920 c:\windows\ASSEMBLY\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2009-08-09 08:21 . 2009-08-09 08:21 53248 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll + 2009-08-09 08:25 . 2009-08-09 08:25 81920 c:\windows\ASSEMBLY\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll - 2009-04-04 21:23 . 2009-04-04 21:23 81920 c:\windows\ASSEMBLY\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2009-08-09 08:21 . 2009-08-09 08:21 57344 c:\windows\ASSEMBLY\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll + 2009-08-09 08:21 . 2009-08-09 08:21 45056 c:\windows\ASSEMBLY\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll + 2009-08-09 08:19 . 2009-08-09 08:19 46104 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe + 2009-08-09 08:19 . 2009-08-09 08:19 32768 c:\windows\ASSEMBLY\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll + 2009-08-09 08:25 . 2009-08-09 08:25 32768 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll - 2009-04-04 21:22 . 2009-04-04 21:22 32768 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll + 2009-08-09 08:25 . 2009-08-09 08:25 12800 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll - 2009-04-04 21:23 . 2009-04-04 21:23 12800 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2009-08-09 08:21 . 2009-08-09 08:21 41984 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll + 2009-08-09 08:25 . 2009-08-09 08:25 28672 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll - 2009-04-04 21:22 . 2009-04-04 21:22 28672 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2009-08-09 08:25 . 2009-08-09 08:25 77824 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2009-08-09 08:21 . 2009-08-09 08:21 94208 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll + 2009-08-09 08:21 . 2009-08-09 08:21 36864 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2009-08-09 08:25 . 2009-08-09 08:25 36864 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll - 2009-04-04 21:23 . 2009-04-04 21:23 36864 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2009-08-09 08:25 . 2009-08-09 08:25 77824 c:\windows\ASSEMBLY\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll - 2009-04-04 21:23 . 2009-04-04 21:23 13312 c:\windows\ASSEMBLY\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2009-08-09 08:25 . 2009-08-09 08:25 13312 c:\windows\ASSEMBLY\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll - 2009-04-04 21:23 . 2009-04-04 21:23 10752 c:\windows\ASSEMBLY\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2009-08-09 08:25 . 2009-08-09 08:25 10752 c:\windows\ASSEMBLY\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2009-08-09 08:25 . 2009-08-09 08:25 72192 c:\windows\ASSEMBLY\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2009-04-04 21:23 . 2009-04-04 21:23 72192 c:\windows\ASSEMBLY\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2009-08-09 08:25 . 2009-08-09 08:25 69120 c:\windows\ASSEMBLY\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2009-08-09 08:25 . 2009-08-09 08:25 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll + 2008-07-30 03:40 . 2008-07-30 03:40 5632 c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll - 2005-09-23 11:28 . 2005-09-23 11:28 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll + 2008-07-25 15:16 . 2008-07-25 15:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll + 2008-07-25 15:17 . 2008-07-25 15:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll - 2005-09-23 11:29 . 2005-09-23 11:29 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll + 2008-07-25 15:17 . 2008-07-25 15:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll - 2005-09-23 11:28 . 2005-09-23 11:28 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll + 2008-07-25 15:17 . 2008-07-25 15:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll + 2008-07-25 15:17 . 2008-07-25 15:17 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe - 2005-09-23 11:28 . 2005-09-23 11:28 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe + 2008-07-25 15:16 . 2008-07-25 15:16 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe + 2009-08-15 20:58 . 2009-08-15 20:58 8192 c:\windows\ERDNT\subs\Users\00000004\UsrClass.dat + 2009-08-15 20:58 . 2009-08-15 20:58 8192 c:\windows\ERDNT\subs\Users\00000002\UsrClass.dat + 2009-08-09 08:21 . 2009-08-09 08:21 5632 c:\windows\ASSEMBLY\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll + 2009-08-09 08:25 . 2009-08-09 08:25 7168 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll - 2009-04-04 21:22 . 2009-04-04 21:22 7168 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2009-08-09 08:25 . 2009-08-09 08:25 5632 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2009-04-04 21:24 . 2009-04-04 21:24 5632 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2009-08-09 08:25 . 2009-08-09 08:25 6656 c:\windows\ASSEMBLY\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2009-08-09 08:25 . 2009-08-09 08:25 8192 c:\windows\ASSEMBLY\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll - 2009-04-04 21:23 . 2009-04-04 21:23 8192 c:\windows\ASSEMBLY\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2009-08-09 08:25 . 2009-08-09 08:25 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll - 2009-04-04 21:23 . 2009-04-04 21:23 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2009-08-09 08:25 . 2009-08-09 08:25 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll + 2007-11-07 06:19 . 2007-11-07 06:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll + 2007-11-07 06:19 . 2007-11-07 06:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll + 2007-11-07 01:23 . 2007-11-07 01:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll + 2008-07-25 15:17 . 2008-07-25 15:17 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll + 2008-07-25 15:17 . 2008-07-25 15:17 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll + 2008-07-25 15:17 . 2008-07-25 15:17 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll + 2008-07-30 01:26 . 2008-07-30 01:26 301568 c:\windows\SYSTEM32\XPSViewer\XPSViewer.exe + 2008-07-29 23:59 . 2008-07-29 23:59 161296 c:\windows\SYSTEM32\UIAutomationCore.dll + 2009-08-09 08:18 . 2008-07-06 12:06 765440 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\mxdwdrv.dll + 2009-08-09 08:18 . 2008-07-06 12:06 765440 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\i386\mxdwdrv.dll + 2009-08-09 08:18 . 2008-07-06 12:06 748032 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\mxdwdrv.dll + 2009-08-09 08:18 . 2008-07-06 12:06 748032 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\amd64\mxdwdrv.dll + 2009-08-09 08:18 . 2008-07-06 12:06 147456 c:\windows\SYSTEM32\SPOOL\PRTPROCS\x64\filterpipelineprintproc.dll + 2009-08-09 08:18 . 2008-07-06 10:50 597504 c:\windows\SYSTEM32\SPOOL\PRTPROCS\W32X86\printfilterpipelinesvc.exe - 2005-05-20 06:33 . 2007-05-15 08:08 761344 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unires.dll + 2005-05-20 06:33 . 2008-03-13 04:52 761344 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unires.dll + 2005-05-20 06:33 . 2008-07-06 12:06 744960 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrvui.dll - 2005-05-20 06:33 . 2008-04-14 00:12 373248 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrv.dll + 2005-05-20 06:33 . 2008-07-06 12:06 373248 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrv.dll + 2009-08-09 08:18 . 2008-07-06 12:06 198656 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\mxdwdui.dll + 2009-08-09 08:18 . 2008-07-06 12:06 765440 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\mxdwdrv.dll + 2006-08-24 20:15 . 2006-08-24 20:15 150808 c:\windows\SYSTEM32\rgb9rast_2.dll + 2008-07-29 23:59 . 2008-07-29 23:59 781344 c:\windows\SYSTEM32\PresentationNative_v0300.dll + 2008-07-30 00:35 . 2008-07-30 00:35 326160 c:\windows\SYSTEM32\PresentationHost.exe + 2008-07-29 23:59 . 2008-07-29 23:59 105016 c:\windows\SYSTEM32\PresentationCFFRasterizerNative_v0300.dll + 2004-12-22 02:59 . 2009-08-09 08:26 445370 c:\windows\SYSTEM32\PERFH009.DAT + 2004-08-04 11:00 . 2009-07-03 17:09 206848 c:\windows\SYSTEM32\occache.dll - 2006-11-08 02:03 . 2009-03-08 08:32 594432 c:\windows\SYSTEM32\msfeeds.dll + 2006-11-08 02:03 . 2009-07-03 17:09 594432 c:\windows\SYSTEM32\msfeeds.dll + 2008-07-25 15:16 . 2008-07-25 15:16 158720 c:\windows\SYSTEM32\mscorier.dll + 2008-07-25 15:16 . 2008-07-25 15:16 282112 c:\windows\SYSTEM32\mscoree.dll + 2004-08-04 11:00 . 2009-07-03 17:09 184320 c:\windows\SYSTEM32\iepeers.dll + 2004-08-04 11:00 . 2009-07-03 17:09 386048 c:\windows\SYSTEM32\iedkcs32.dll + 2004-08-04 11:00 . 2009-07-03 11:01 173056 c:\windows\SYSTEM32\ie4uinit.exe - 2004-08-04 11:00 . 2009-04-30 11:21 173056 c:\windows\SYSTEM32\ie4uinit.exe + 2008-07-29 23:24 . 2008-07-29 23:24 622080 c:\windows\SYSTEM32\icardagt.exe + 2004-08-10 19:08 . 2009-08-09 08:31 146808 c:\windows\SYSTEM32\FNTCACHE.DAT + 2008-07-30 01:10 . 2008-07-30 01:10 493048 c:\windows\SYSTEM32\evr.dll - 2006-05-10 05:23 . 2009-05-13 05:15 915456 c:\windows\SYSTEM32\DLLCACHE\wininet.dll + 2006-05-10 05:23 . 2009-07-03 17:09 915456 c:\windows\SYSTEM32\DLLCACHE\wininet.dll + 2009-06-16 14:36 . 2009-06-16 14:36 119808 c:\windows\SYSTEM32\DLLCACHE\t2embed.dll + 2006-10-17 17:04 . 2009-07-03 17:09 206848 c:\windows\SYSTEM32\DLLCACHE\occache.dll + 2007-05-08 21:39 . 2009-07-03 17:09 594432 c:\windows\SYSTEM32\DLLCACHE\msfeeds.dll - 2007-05-08 21:39 . 2009-03-08 08:32 594432 c:\windows\SYSTEM32\DLLCACHE\msfeeds.dll + 2009-06-12 19:46 . 2009-07-03 17:09 246272 c:\windows\SYSTEM32\DLLCACHE\ieproxy.dll - 2009-06-12 19:46 . 2009-04-30 21:22 246272 c:\windows\SYSTEM32\DLLCACHE\ieproxy.dll + 2006-05-10 05:22 . 2009-07-03 17:09 184320 c:\windows\SYSTEM32\DLLCACHE\iepeers.dll + 2004-08-04 11:00 . 2009-07-03 17:09 386048 c:\windows\SYSTEM32\DLLCACHE\iedkcs32.dll + 2004-08-04 11:00 . 2009-07-03 11:01 173056 c:\windows\SYSTEM32\DLLCACHE\ie4uinit.exe - 2004-08-04 11:00 . 2009-04-30 11:21 173056 c:\windows\SYSTEM32\DLLCACHE\ie4uinit.exe + 2004-12-31 23:19 . 2009-08-15 21:04 933888 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2004-12-31 23:19 . 2009-06-24 14:13 933888 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-08-30 00:03 . 2004-07-17 15:41 366080 c:\windows\ServicePackFiles\i386\digreqex.msi + 2008-08-30 00:03 . 2004-07-17 15:41 863232 c:\windows\ServicePackFiles\i386\digopt.msi + 2008-07-30 03:40 . 2008-07-30 03:40 196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe + 2008-07-30 03:40 . 2008-07-30 03:40 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll + 2008-07-29 22:47 . 2008-07-29 22:47 984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll + 2008-07-29 22:47 . 2008-07-29 22:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll + 2008-07-29 22:47 . 2008-07-29 22:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll + 2008-07-29 22:47 . 2008-07-29 22:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll + 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll + 2008-07-29 22:47 . 2008-07-29 22:47 105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll + 2008-07-29 22:47 . 2008-07-29 22:47 107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll + 2008-07-29 22:47 . 2008-07-29 22:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll + 2008-07-29 22:47 . 2008-07-29 22:47 109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll + 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll + 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll + 2008-07-29 22:47 . 2008-07-29 22:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll + 2008-07-29 22:47 . 2008-07-29 22:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll + 2008-07-29 22:47 . 2008-07-29 22:47 101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll + 2008-07-29 22:47 . 2008-07-29 22:47 112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll + 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll + 2008-07-29 22:47 . 2008-07-29 22:47 113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll + 2008-07-29 22:47 . 2008-07-29 22:47 111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll + 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll + 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll + 2008-07-29 22:47 . 2008-07-29 22:47 102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll + 2008-07-29 22:47 . 2008-07-29 22:47 689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll + 2008-07-29 22:47 . 2008-07-29 22:47 413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll + 2008-07-29 22:47 . 2008-07-29 22:47 632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll + 2009-08-09 08:21 . 2009-08-09 08:21 652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi + 2008-07-29 22:47 . 2008-07-29 22:47 110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll + 2008-07-29 22:47 . 2008-07-29 22:47 131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll + 2008-07-29 22:47 . 2008-07-29 22:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll + 2008-07-29 22:47 . 2008-07-29 22:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll + 2008-07-29 22:47 . 2008-07-29 22:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll + 2008-07-29 22:47 . 2008-07-29 22:47 123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll + 2008-07-29 22:47 . 2008-07-29 22:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll + 2008-07-29 22:47 . 2008-07-29 22:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll + 2008-07-29 22:47 . 2008-07-29 22:47 121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll + 2008-07-29 22:47 . 2008-07-29 22:47 129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll + 2008-07-29 22:47 . 2008-07-29 22:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll + 2008-07-29 22:47 . 2008-07-29 22:47 132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll + 2008-07-29 22:47 . 2008-07-29 22:47 111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll + 2008-07-29 22:47 . 2008-07-29 22:47 133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll + 2008-07-29 22:47 . 2008-07-29 22:47 122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll + 2008-07-29 22:47 . 2008-07-29 22:47 137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll + 2008-07-29 22:47 . 2008-07-29 22:47 130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll + 2008-07-29 22:47 . 2008-07-29 22:47 126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll + 2008-07-29 22:47 . 2008-07-29 22:47 125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll + 2008-07-29 22:47 . 2008-07-29 22:47 113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll + 2008-07-29 22:47 . 2008-07-29 22:47 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe + 2008-07-29 22:47 . 2008-07-29 22:47 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll + 2008-07-29 22:47 . 2008-07-29 22:47 276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll + 2008-07-30 03:15 . 2008-07-30 03:15 225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat + 2008-07-30 03:40 . 2008-07-30 03:40 233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll + 2008-07-30 03:40 . 2008-07-30 03:40 168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll + 2008-07-30 00:35 . 2008-07-30 00:35 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll + 2008-07-29 23:59 . 2008-07-29 23:59 132120 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll + 2008-07-30 01:10 . 2008-07-30 01:10 806928 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll + 2008-07-29 23:16 . 2008-07-29 23:16 152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe + 2008-07-29 23:16 . 2008-07-29 23:16 966656 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll + 2008-07-29 23:16 . 2008-07-29 23:16 132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe + 2008-07-29 23:16 . 2008-07-29 23:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll + 2008-07-29 23:16 . 2008-07-29 23:16 156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe + 2008-07-29 23:16 . 2008-07-29 23:16 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll + 2008-07-29 23:16 . 2008-07-29 23:16 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll + 2008-07-29 23:24 . 2008-07-29 23:24 881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe + 2008-07-29 23:16 . 2008-07-29 23:16 168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe + 2008-11-25 08:59 . 2008-11-25 08:59 436040 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll + 2008-07-25 15:17 . 2008-07-25 15:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll + 2008-07-25 15:17 . 2008-07-25 15:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll - 2005-09-23 11:28 . 2005-09-23 11:28 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll + 2008-07-25 15:17 . 2008-07-25 15:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll + 2008-07-25 15:17 . 2008-07-25 15:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll - 2005-09-23 11:28 . 2005-09-23 11:28 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll + 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll - 2005-09-23 11:28 . 2005-09-23 11:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll + 2008-07-25 15:17 . 2008-07-25 15:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll - 2005-09-23 11:28 . 2005-09-23 11:28 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll + 2008-07-25 15:17 . 2008-07-25 15:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll - 2005-09-23 11:28 . 2005-09-23 11:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll + 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll + 2008-07-25 15:17 . 2008-07-25 15:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll + 2008-07-25 15:17 . 2008-07-25 15:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll - 2005-09-23 11:28 . 2005-09-23 11:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll + 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll + 2008-07-25 15:17 . 2008-07-25 15:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll - 2005-09-23 11:28 . 2005-09-23 11:28 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll + 2008-07-25 15:17 . 2008-07-25 15:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll + 2008-07-25 15:17 . 2008-07-25 15:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll + 2008-07-25 15:16 . 2008-07-25 15:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll + 2008-07-25 15:17 . 2008-07-25 15:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll + 2008-11-25 08:59 . 2008-11-25 08:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll + 2008-07-25 15:17 . 2008-07-25 15:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll - 2005-09-23 11:28 . 2005-09-23 11:28 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll + 2008-07-25 15:17 . 2008-07-25 15:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll + 2008-07-25 15:17 . 2008-07-25 15:17 392184 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll + 2008-07-25 15:17 . 2008-07-25 15:17 118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll + 2008-07-25 15:16 . 2008-07-25 15:16 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll + 2008-07-25 15:17 . 2008-07-25 15:17 100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe + 2008-07-25 15:17 . 2008-07-25 15:17 230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll + 2008-07-25 15:17 . 2008-07-25 15:17 345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll + 2008-07-25 15:17 . 2008-07-25 15:17 114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll + 2008-11-25 08:59 . 2008-11-25 08:59 364872 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll + 2008-07-25 15:17 . 2008-07-25 15:17 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll + 2008-11-25 08:59 . 2008-11-25 08:59 990032 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll + 2008-07-25 15:17 . 2008-07-25 15:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll - 2005-09-23 11:29 . 2005-09-23 11:29 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll + 2008-07-25 15:17 . 2008-07-25 15:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll + 2008-07-25 15:17 . 2008-07-25 15:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll - 2005-09-23 11:29 . 2005-09-23 11:29 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll + 2008-07-25 15:16 . 2008-07-25 15:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll + 2008-07-25 15:16 . 2008-07-25 15:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll + 2008-07-25 15:16 . 2008-07-25 15:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll + 2008-07-25 15:17 . 2008-07-25 15:17 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe + 2008-07-25 15:17 . 2008-07-25 15:17 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll + 2008-07-25 15:17 . 2008-07-25 15:17 575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - 2005-09-23 11:28 . 2005-09-23 11:28 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe + 2008-07-25 15:17 . 2008-07-25 15:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe + 2008-07-25 15:16 . 2008-07-25 15:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll + 2008-07-25 15:16 . 2008-07-25 15:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe - 2005-09-23 11:28 . 2005-09-23 11:28 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe + 2008-07-25 15:17 . 2008-07-25 15:17 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll + 2008-07-25 15:16 . 2008-07-25 15:16 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll + 2008-07-25 15:17 . 2008-07-25 15:17 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll + 2008-07-25 15:16 . 2008-07-25 15:16 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll + 2006-06-03 23:01 . 2006-06-03 23:01 258048 c:\windows\Installer\f8d422b.msi + 2008-11-13 08:01 . 2008-11-13 08:01 432640 c:\windows\Installer\c6b66f5.msi + 2008-10-24 21:00 . 2008-10-24 21:00 125952 c:\windows\Installer\95db1d.msp + 2005-09-28 02:18 . 2005-09-28 02:18 203264 c:\windows\Installer\87cb234.msi + 2005-09-28 02:18 . 2005-09-28 02:18 129536 c:\windows\Installer\87cb22f.msi + 2005-09-28 02:18 . 2005-09-28 02:18 130048 c:\windows\Installer\87cb22a.msi + 2005-09-28 02:14 . 2005-09-28 02:14 290304 c:\windows\Installer\87caf78.msi + 2005-09-28 02:14 . 2005-09-28 02:14 129536 c:\windows\Installer\87caf73.msi + 2005-09-28 02:14 . 2005-09-28 02:14 698880 c:\windows\Installer\87caf60.msi + 2005-09-28 02:13 . 2005-09-28 02:13 342016 c:\windows\Installer\87caf51.msi + 2005-09-28 02:13 . 2005-09-28 02:13 287232 c:\windows\Installer\87caf30.msi + 2005-09-28 02:13 . 2005-09-28 02:13 135168 c:\windows\Installer\87caf2b.msi + 2004-12-22 03:15 . 2004-12-22 03:15 293376 c:\windows\Installer\8410.msi + 2004-12-22 03:13 . 2004-12-22 03:13 656896 c:\windows\Installer\83f9.msi + 2004-12-22 03:12 . 2004-12-22 03:12 669696 c:\windows\Installer\83f1.msi + 2004-12-22 03:10 . 2004-12-22 03:10 171008 c:\windows\Installer\83d0.msi + 2004-12-22 03:09 . 2004-12-22 03:09 275968 c:\windows\Installer\83cc.msi + 2004-12-22 03:08 . 2004-12-22 03:08 621056 c:\windows\Installer\83bb.msi + 2004-08-10 19:08 . 2004-08-10 19:08 264704 c:\windows\Installer\7506.MSI + 2007-08-16 07:02 . 2007-08-16 07:02 431104 c:\windows\Installer\6334ae2.msi + 2006-11-15 08:01 . 2006-11-15 08:01 428544 c:\windows\Installer\5412655c.msi + 2005-01-23 03:14 . 2005-01-23 03:14 336896 c:\windows\Installer\42a0e.msi + 2009-03-02 19:43 . 2009-03-02 19:43 562176 c:\windows\Installer\3eec211.msi + 2005-04-21 02:01 . 2005-04-21 02:01 307712 c:\windows\Installer\39a67.msi + 2008-03-11 23:39 . 2008-03-11 23:39 569856 c:\windows\Installer\33b32e6.msp + 2008-10-26 20:59 . 2008-10-26 20:59 445440 c:\windows\Installer\2a405bf.msp + 2005-10-03 20:51 . 2005-10-03 20:51 178688 c:\windows\Installer\263bf76f.msi + 2009-01-21 22:39 . 2009-01-21 22:39 119296 c:\windows\Installer\2455076.msp + 2006-09-03 20:16 . 2006-09-03 20:16 171008 c:\windows\Installer\231368f6.msi + 2009-04-04 21:57 . 2009-04-04 21:57 213504 c:\windows\Installer\22ea581.msi + 2008-12-13 13:58 . 2008-12-13 13:58 754688 c:\windows\Installer\1f7ad8f.msp + 2009-08-09 08:21 . 2009-08-09 08:21 648192 c:\windows\Installer\1f7ad6c.msi + 2008-07-30 01:23 . 2008-07-30 01:23 250880 c:\windows\Installer\1f588fa.msp + 2008-07-30 01:28 . 2008-07-30 01:28 278016 c:\windows\Installer\1f588f8.msp + 2008-07-29 23:40 . 2008-07-29 23:40 291840 c:\windows\Installer\1f588f6.msp + 2009-08-09 08:20 . 2009-08-09 08:20 137728 c:\windows\Installer\1f588f0.msi + 2008-07-29 21:35 . 2008-07-29 21:35 553472 c:\windows\Installer\1f014f2.msp + 2008-07-29 21:33 . 2008-07-29 21:33 506368 c:\windows\Installer\1f014f0.msp + 2008-07-29 21:37 . 2008-07-29 21:37 911360 c:\windows\Installer\1f014ef.msp + 2009-03-20 15:48 . 2009-03-20 15:48 183808 c:\windows\Installer\1bd96.msp + 2007-05-19 12:07 . 2007-05-19 12:07 390656 c:\windows\Installer\188f3b57.msi + 2008-03-23 05:39 . 2008-03-23 05:39 289792 c:\windows\Installer\108940.msi + 2009-08-09 08:10 . 2009-05-13 05:15 915456 c:\windows\ie8updates\KB972260-IE8\wininet.dll + 2009-08-09 08:10 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB972260-IE8\spuninst\updspapi.dll + 2009-08-09 08:10 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB972260-IE8\spuninst\spuninst.exe + 2009-08-09 08:10 . 2009-03-08 08:34 109568 c:\windows\ie8updates\KB972260-IE8\occache.dll + 2009-08-09 08:10 . 2009-03-08 08:32 594432 c:\windows\ie8updates\KB972260-IE8\msfeeds.dll + 2009-08-09 08:10 . 2009-04-30 21:22 246272 c:\windows\ie8updates\KB972260-IE8\ieproxy.dll + 2009-08-09 08:10 . 2009-03-08 08:31 183808 c:\windows\ie8updates\KB972260-IE8\iepeers.dll + 2009-08-09 08:10 . 2009-04-30 21:22 385536 c:\windows\ie8updates\KB972260-IE8\iedkcs32.dll + 2009-08-09 08:10 . 2009-04-30 11:21 173056 c:\windows\ie8updates\KB972260-IE8\ie4uinit.exe + 2009-08-15 20:58 . 2009-08-15 20:58 184320 c:\windows\ERDNT\subs\Users\00000006\UsrClass.dat + 2009-08-15 20:58 . 2009-08-15 20:58 237568 c:\windows\ERDNT\subs\Users\00000003\NTUSER.DAT + 2009-08-15 20:58 . 2009-08-15 20:58 237568 c:\windows\ERDNT\subs\Users\00000001\NTUSER.DAT + 2009-08-09 08:18 . 2008-03-13 04:52 761344 c:\windows\Driver Cache\I386\unires.dll + 2009-08-09 08:18 . 2008-07-06 12:06 744960 c:\windows\Driver Cache\I386\unidrvui.dll + 2009-08-09 08:18 . 2008-07-06 12:06 373248 c:\windows\Driver Cache\I386\unidrv.dll + 2009-08-09 08:18 . 2008-07-06 12:06 198656 c:\windows\Driver Cache\I386\mxdwdui.dll + 2009-08-09 08:18 . 2008-07-06 12:06 765440 c:\windows\Driver Cache\I386\mxdwdrv.dll + 2004-12-22 03:08 . 2004-12-22 03:08 576512 c:\windows\Downloaded Installations\{D7027C31-E9CC-4B3F-A5A7-B36F69DB679E}\Banctec Service Agreement.msi + 2005-12-25 15:04 . 2005-04-04 07:07 982016 c:\windows\Downloaded Installations\{78F4DFCE-1336-4027-BCB2-1A00C24A8653}\ISScript11.Msi + 2006-07-14 16:57 . 2005-04-04 06:07 982016 c:\windows\Downloaded Installations\{54C0D94A-F467-4ABC-9D02-6E58748668D4}\ISScript11.Msi + 2004-12-22 03:10 . 2004-12-22 03:10 413428 c:\windows\Downloaded Installations\{3AE813DE-06D6-4C11-AB7D-3832AA721F16}\Get High Speed Internet!.msi + 2009-08-09 08:37 . 2009-08-09 08:37 321536 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\WsatConfig\2ef5bc3a2edd7570bb23886a4f32294a\WsatConfig.ni.exe + 2009-08-09 08:35 . 2009-08-09 08:35 240128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\6a818099f0386e2356ae94f886a2196f\WindowsFormsIntegration.ni.dll + 2009-08-09 08:35 . 2009-08-09 08:35 187904 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationTypes\a6d9503962d47c722231c1478f180695\UIAutomationTypes.ni.dll + 2009-08-09 08:35 . 2009-08-09 08:35 447488 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationClient\5c028c3d8db6c0f0277673ea4a2d89fb\UIAutomationClient.ni.dll + 2009-08-09 08:41 . 2009-08-09 08:41 400896 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Xml.Linq\c338a470b14851ce5987bb0f0869c310\System.Xml.Linq.ni.dll + 2009-08-09 08:40 . 2009-08-09 08:40 129536 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Routing\bb77ea11f46ab438b2b7ed7c180011a1\System.Web.Routing.ni.dll + 2009-08-09 08:40 . 2009-08-09 08:40 202240 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.RegularE#\6ee255220d90dcbe80c990e443051cc5\System.Web.RegularExpressions.ni.dll + 2009-08-09 08:40 . 2009-08-09 08:40 859648 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Extensio#\58f62044fa702ea6f936071aa5520baa\System.Web.Extensions.Design.ni.dll + 2009-08-09 08:40 . 2009-08-09 08:40 328704 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Entity\79c29ac85dd57dd485ab60118ac292ff\System.Web.Entity.ni.dll + 2009-08-09 08:40 . 2009-08-09 08:40 301056 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d3d65e34fa60f0b6c72ca0d12ec89933\System.Web.Entity.Design.ni.dll + 2009-08-09 08:40 . 2009-08-09 08:40 547328 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.DynamicD#\b7891f5659db299dbd1b3c72db7edb9f\System.Web.DynamicData.ni.dll + 2009-08-09 08:40 . 2009-08-09 08:40 141312 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Abstract#\00ec08741a765c707bd9169346064a81\System.Web.Abstractions.ni.dll + 2009-08-09 08:40 . 2009-08-09 08:40 627200 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Transactions\5a555c9ae6984c40157cf940bb519f7c\System.Transactions.ni.dll + 2009-08-09 08:40 . 2009-08-09 08:40 212992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll + 2009-08-09 08:38 . 2009-08-09 08:38 676352 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Security\1c8df2da33222c048d683017f2095f04\System.Security.ni.dll + 2009-08-09 08:39 . 2009-08-09 08:39 311296 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16d8c3589cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2009-08-09 08:40 . 2009-08-09 08:40 621056 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Net\519d9c618341b136f9b963ffb7495308\System.Net.ni.dll + 2009-08-09 08:40 . 2009-08-09 08:40 998400 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll + 2009-08-09 08:39 . 2009-08-09 08:39 330752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Management.I#\1d3fbbd23ce1e8637ef4f40a8d23cd32\System.Management.Instrumentation.ni.dll + 2009-08-09 08:36 . 2009-08-09 08:36 381440 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IO.Log\7c367a96b10d626ec8cbf8149272d845\System.IO.Log.ni.dll + 2009-08-09 08:36 . 2009-08-09 08:36 212992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IdentityMode#\68e71147704ef0d34d9a4bece7767fc5\System.IdentityModel.Selectors.ni.dll + 2009-08-09 08:39 . 2009-08-09 08:39 280064 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.Wrapper.dll + 2009-08-09 08:39 . 2009-08-09 08:39 627712 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.ni.dll + 2009-08-15 21:08 . 2009-08-15 21:08 208384 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Drawing.Desi#\18bbe2b6717e7f1d1dd672526e9889ee\System.Drawing.Design.ni.dll + 2009-08-09 08:39 . 2009-08-09 08:39 455680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\c434a07332ce490711c27fd0edb7562f\System.DirectoryServices.Protocols.ni.dll + 2009-08-09 08:39 . 2009-08-09 08:39 881152 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\8b3bb7a2c2f3ffe94c866283f1cd5957\System.DirectoryServices.AccountManagement.ni.dll + 2009-08-09 08:39 . 2009-08-09 08:39 939008 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Service#\a4b887f476fa4b8746a93a9fc2208560\System.Data.Services.Client.ni.dll + 2009-08-09 08:39 . 2009-08-09 08:39 354816 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Service#\1cf3acad6553d6c59df576794f4e8bd6\System.Data.Services.Design.ni.dll + 2009-08-09 08:39 . 2009-08-09 08:39 756736 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Entity.#\392de34573f9f8ec885714f2f3e7f07f\System.Data.Entity.Design.ni.dll + 2009-08-09 08:38 . 2009-08-09 08:38 135680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.DataSet#\1db495ff00bbd14df4af6680c4de0653\System.Data.DataSetExtensions.ni.dll + 2009-08-09 08:38 . 2009-08-09 08:38 971264 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll + 2009-08-09 08:39 . 2009-08-09 08:39 141312 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Configuratio#\de514e484e49b04b016949d57ffac03e\System.Configuration.Install.ni.dll + 2009-08-09 08:38 . 2009-08-09 08:38 633856 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.AddIn\ce984d754e3c0b6be4504b785cc43574\System.AddIn.ni.dll + 2009-08-09 08:37 . 2009-08-09 08:37 366080 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\SMSvcHost\045dd501b7257b1cc26083538ae69045\SMSvcHost.ni.exe + 2009-08-09 08:37 . 2009-08-09 08:37 256000 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\SMDiagnostics\9790551187e294b4ed3aaa1c221891c7\SMDiagnostics.ni.dll + 2009-08-09 08:37 . 2009-08-09 08:37 320512 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\ServiceModelReg\10a0c9707876fc1f65e64b811a28b020\ServiceModelReg.ni.exe + 2009-08-15 21:05 . 2009-08-15 21:05 224768 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFramewo#\f475294d8c7dc2dd4febeef27bc0417e\PresentationFramework.Classic.ni.dll + 2009-08-15 21:05 . 2009-08-15 21:05 539648 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFramewo#\8003abaf6bcf70f7eb620d06837e897b\PresentationFramework.Luna.ni.dll + 2009-08-15 21:05 . 2009-08-15 21:05 368128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFramewo#\59a67874d8d8475faa5be1d993083d12\PresentationFramework.Aero.ni.dll + 2009-08-15 21:05 . 2009-08-15 21:05 258048 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFramewo#\2c980c9a5051d723c6ec2a78a3d0e2b3\PresentationFramework.Royale.ni.dll + 2009-08-09 08:38 . 2009-08-09 08:38 133632 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\MSBuild\6d38e317128608bc4516ea46ab94590e\MSBuild.ni.exe + 2009-08-09 08:37 . 2009-08-09 08:37 386560 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1820d6a012fc0e16c3e1d29d973cd2d0\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2009-08-09 08:38 . 2009-08-09 08:38 144384 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\55b9eff9e23359faed4351386c062238\Microsoft.Build.Utilities.ni.dll + 2009-08-09 08:38 . 2009-08-09 08:38 175104 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4217124db1ea5de5f1a1f3eea75e8d32\Microsoft.Build.Utilities.v3.5.ni.dll + 2009-08-09 08:38 . 2009-08-09 08:38 839680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\96825c34d7e1f7df1923ff2123bed8da\Microsoft.Build.Engine.ni.dll + 2009-08-09 08:38 . 2009-08-09 08:38 222720 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\9b321ebf67587237f576df6104a32588\Microsoft.Build.Conversion.v3.5.ni.dll + 2009-08-09 08:38 . 2009-08-09 08:38 220672 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\CustomMarshalers\9bea05938bee3555c5aa8763d89a68f9\CustomMarshalers.ni.dll + 2009-08-09 08:37 . 2009-08-09 08:37 410112 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\ComSvcConfig\12629e2f3e315459bee67cbbaac85cb2\ComSvcConfig.ni.exe + 2009-08-09 08:37 . 2009-08-09 08:37 842240 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\AspNetMMCExt\b5b2feadc3943e3976daebc0bcd2b5e2\AspNetMMCExt.ni.dll + 2009-08-09 08:19 . 2009-08-09 08:19 385024 c:\windows\ASSEMBLY\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll + 2009-08-09 08:19 . 2009-08-09 08:19 167936 c:\windows\ASSEMBLY\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll + 2009-08-09 08:21 . 2009-08-09 08:21 139264 c:\windows\ASSEMBLY\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll + 2009-08-09 08:21 . 2009-08-09 08:21 507904 c:\windows\ASSEMBLY\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll + 2009-08-09 08:19 . 2009-08-09 08:19 540672 c:\windows\ASSEMBLY\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll + 2009-08-09 08:25 . 2009-08-09 08:25 839680 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll - 2009-04-04 21:24 . 2009-04-04 21:24 835584 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2009-08-09 08:25 . 2009-08-09 08:25 835584 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2009-08-09 08:21 . 2009-08-09 08:21 335872 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll + 2009-08-09 08:28 . 2009-08-09 08:28 139264 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll + 2009-08-09 08:21 . 2009-08-09 08:21 131072 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll + 2009-08-09 08:28 . 2009-08-09 08:28 229376 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll + 2009-08-09 08:19 . 2009-08-09 08:19 688128 c:\windows\ASSEMBLY\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll + 2009-08-09 08:25 . 2009-08-09 08:25 114688 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2009-04-04 21:23 . 2009-04-04 21:23 114688 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2009-08-09 08:21 . 2009-08-09 08:21 569344 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll - 2009-04-04 21:23 . 2009-04-04 21:23 258048 c:\windows\ASSEMBLY\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2009-08-09 08:25 . 2009-08-09 08:25 258048 c:\windows\ASSEMBLY\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2009-08-09 08:19 . 2009-08-09 08:19 966656 c:\windows\ASSEMBLY\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll + 2009-08-09 08:25 . 2009-08-09 08:25 131072 c:\windows\ASSEMBLY\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll - 2009-04-04 21:23 . 2009-04-04 21:23 131072 c:\windows\ASSEMBLY\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2009-08-09 08:25 . 2009-08-09 08:25 303104 c:\windows\ASSEMBLY\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2009-08-09 08:21 . 2009-08-09 08:21 233472 c:\windows\ASSEMBLY\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll - 2009-04-04 21:23 . 2009-04-04 21:23 258048 c:\windows\ASSEMBLY\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2009-08-09 08:25 . 2009-08-09 08:25 258048 c:\windows\ASSEMBLY\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2009-08-09 08:25 . 2009-08-09 08:25 372736 c:\windows\ASSEMBLY\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2009-08-09 08:21 . 2009-08-09 08:21 143360 c:\windows\ASSEMBLY\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll + 2009-08-09 08:19 . 2009-08-09 08:19 131072 c:\windows\ASSEMBLY\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll + 2009-08-09 08:19 . 2009-08-09 08:19 430080 c:\windows\ASSEMBLY\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll + 2009-08-09 08:19 . 2009-08-09 08:19 126976 c:\windows\ASSEMBLY\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll + 2009-08-09 08:25 . 2009-08-09 08:25 626688 c:\windows\ASSEMBLY\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2009-08-09 08:25 . 2009-08-09 08:25 401408 c:\windows\ASSEMBLY\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll - 2009-04-04 21:23 . 2009-04-04 21:23 188416 c:\windows\ASSEMBLY\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2009-08-09 08:25 . 2009-08-09 08:25 188416 c:\windows\ASSEMBLY\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2009-08-09 08:21 . 2009-08-09 08:21 286720 c:\windows\ASSEMBLY\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll + 2009-08-09 08:25 . 2009-08-09 08:25 970752 c:\windows\ASSEMBLY\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2009-08-09 08:25 . 2009-08-09 08:25 745472 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2009-08-09 08:28 . 2009-08-09 08:28 442368 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll + 2009-08-09 08:21 . 2009-08-09 08:21 114688 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll + 2009-08-09 08:28 . 2009-08-09 08:28 294912 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll + 2009-08-09 08:21 . 2009-08-09 08:21 684032 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll + 2009-08-09 08:21 . 2009-08-09 08:21 229376 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll + 2009-08-09 08:21 . 2009-08-09 08:21 667648 c:\windows\ASSEMBLY\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll + 2009-08-09 08:25 . 2009-08-09 08:25 425984 c:\windows\ASSEMBLY\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2009-08-09 08:21 . 2009-08-09 08:21 163840 c:\windows\ASSEMBLY\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll - 2009-04-04 21:23 . 2009-04-04 21:23 110592 c:\windows\ASSEMBLY\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2009-08-09 08:25 . 2009-08-09 08:25 110592 c:\windows\ASSEMBLY\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2009-08-09 08:19 . 2009-08-09 08:19 110592 c:\windows\ASSEMBLY\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll + 2009-08-09 08:19 . 2009-08-09 08:19 528384 c:\windows\ASSEMBLY\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll + 2009-08-09 08:19 . 2009-08-09 08:19 864256 c:\windows\ASSEMBLY\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll + 2009-08-09 08:19 . 2009-08-09 08:19 163840 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll + 2009-08-09 08:19 . 2009-08-09 08:19 397312 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll + 2009-08-09 08:19 . 2009-08-09 08:19 139264 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll + 2009-08-09 08:19 . 2009-08-09 08:19 196608 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll + 2009-08-09 08:19 . 2009-08-09 08:19 598016 c:\windows\ASSEMBLY\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll + 2009-08-09 08:25 . 2009-08-09 08:25 659456 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2009-08-09 08:25 . 2009-08-09 08:25 372736 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2009-04-04 21:24 . 2009-04-04 21:24 372736 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2009-04-04 21:24 . 2009-04-04 21:24 110592 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2009-08-09 08:25 . 2009-08-09 08:25 110592 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2009-08-09 08:19 . 2009-08-09 08:19 397312 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll + 2009-08-09 08:25 . 2009-08-09 08:25 749568 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2009-08-09 08:25 . 2009-08-09 08:25 655360 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2009-08-09 08:21 . 2009-08-09 08:21 802816 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll + 2009-08-09 08:21 . 2009-08-09 08:21 733184 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2009-08-09 08:25 . 2009-08-09 08:25 348160 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2009-08-09 08:21 . 2009-08-09 08:21 106496 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll + 2009-08-09 08:25 . 2009-08-09 08:25 507904 c:\windows\ASSEMBLY\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2009-08-09 08:25 . 2009-08-09 08:25 261632 c:\windows\ASSEMBLY\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll + 2009-08-09 08:19 . 2009-08-09 08:19 368640 c:\windows\ASSEMBLY\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll + 2009-08-09 08:25 . 2009-08-09 08:25 113664 c:\windows\ASSEMBLY\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - 2009-04-04 21:23 . 2009-04-04 21:23 258048 c:\windows\ASSEMBLY\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2009-08-09 08:25 . 2009-08-09 08:25 258048 c:\windows\ASSEMBLY\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2009-08-09 08:25 . 2009-08-09 08:25 486400 c:\windows\ASSEMBLY\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2009-08-09 08:19 . 2009-08-09 08:19 163840 c:\windows\ASSEMBLY\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll + 2004-08-04 11:00 . 2004-08-04 11:00 1326080 c:\windows\SYSTEM32\WEBFLDRS.MSI + 2004-08-04 11:00 . 2009-07-03 17:09 1208832 c:\windows\SYSTEM32\urlmon.dll + 2009-08-09 08:18 . 2008-07-06 12:06 1676288 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\xpssvcs.dll + 2009-08-09 08:18 . 2008-07-06 12:06 1676288 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\i386\xpssvcs.dll + 2009-08-09 08:18 . 2008-07-06 21:36 2936832 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\xpssvcs.dll + 2009-08-09 08:18 . 2008-07-06 21:36 2936832 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\amd64\xpssvcs.dll + 2009-08-09 08:18 . 2008-07-06 12:06 1676288 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\XpsSvcs.dll + 2004-08-04 11:00 . 2009-07-19 13:18 5937152 c:\windows\SYSTEM32\mshtml.dll + 2006-10-17 16:57 . 2009-07-03 17:09 1985536 c:\windows\SYSTEM32\iertutil.dll + 2006-05-10 05:23 . 2009-07-03 17:09 1208832 c:\windows\SYSTEM32\DLLCACHE\urlmon.dll + 2008-05-07 05:12 . 2009-06-03 19:09 1291264 c:\windows\SYSTEM32\DLLCACHE\quartz.dll + 2006-05-19 15:08 . 2009-07-19 13:18 5937152 c:\windows\SYSTEM32\DLLCACHE\mshtml.dll + 2007-05-08 21:39 . 2009-07-03 17:09 1985536 c:\windows\SYSTEM32\DLLCACHE\iertutil.dll + 2004-12-31 23:26 . 2004-12-22 03:07 9946112 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}\Java 2 Runtime Environment, SE v1.4.2_03.msi + 2008-08-30 00:06 . 2004-08-04 11:00 1326080 c:\windows\ServicePackFiles\i386\webfldrs.msi + 2008-08-30 00:05 . 2004-07-17 15:41 5080576 c:\windows\ServicePackFiles\i386\msnmsgs.msi + 2008-07-30 03:40 . 2008-07-30 03:40 1720824 c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe + 2008-07-29 22:47 . 2008-07-29 22:47 1054208 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll + 2008-07-29 22:47 . 2008-07-29 22:47 1364992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll + 2008-07-29 22:47 . 2008-07-29 22:47 1064448 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll + 2008-07-30 03:40 . 2008-07-30 03:40 1548280 c:\windows\Microsoft.NET\Framework\v3.5\csc.exe + 2008-12-05 23:35 . 2008-12-05 23:35 1736528 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll + 2008-07-30 01:10 . 2008-07-30 01:10 2637840 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll + 2008-07-30 01:10 . 2008-07-30 01:10 4883464 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll + 2008-12-06 00:12 . 2008-12-06 00:12 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll + 2008-07-25 15:16 . 2008-07-25 15:16 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll + 2008-07-25 15:17 . 2008-07-25 15:17 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe + 2008-11-25 08:59 . 2008-11-25 08:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll + 2008-07-25 15:17 . 2008-07-25 15:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll + 2008-11-25 08:59 . 2008-11-25 08:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll + 2008-07-25 15:17 . 2008-07-25 15:17 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll + 2008-07-25 15:17 . 2008-07-25 15:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll + 2008-07-25 15:17 . 2008-07-25 15:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll + 2008-11-25 08:59 . 2008-11-25 08:59 5813576 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll + 2008-11-25 08:59 . 2008-11-25 08:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2008-07-25 15:16 . 2008-07-25 15:16 1163768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll + 2007-05-25 16:08 . 2007-05-25 16:08 9609728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp + 2008-08-28 17:18 . 2008-08-28 17:18 1247744 c:\windows\Installer\efc01d6.msi + 2005-12-26 20:43 . 2005-12-26 20:43 3037184 c:\windows\Installer\dd58ed.msi + 2008-08-14 07:26 . 2008-08-14 07:26 5314048 c:\windows\Installer\c7aecff.msp + 2007-04-14 02:21 . 2007-04-14 02:21 1392128 c:\windows\Installer\bbfe9b.msi + 2008-10-22 00:19 . 2008-10-22 00:19 3771904 c:\windows\Installer\a35747a.msi + 2008-10-22 00:16 . 2008-10-22 00:16 1652224 c:\windows\Installer\a3572ee.msi + 2008-10-22 00:14 . 2008-10-22 00:14 8990208 c:\windows\Installer\a3572e9.msi + 2008-10-22 00:09 . 2008-10-22 00:09 3152384 c:\windows\Installer\a35703b.msi + 2005-09-28 02:17 . 2005-09-28 02:17 3459584 c:\windows\Installer\87cb225.msi + 2009-01-15 07:35 . 2009-01-15 07:35 4830720 c:\windows\Installer\84b23a8.msp + 2004-12-22 03:09 . 2004-12-22 03:09 1914880 c:\windows\Installer\83c6.msi + 2008-08-21 23:29 . 2008-08-21 23:29 1888768 c:\windows\Installer\57b786d.msi + 2004-08-10 19:10 . 2004-08-10 19:10 3443712 c:\windows\Installer\50C4.MSI + 2006-07-14 15:58 . 2006-07-14 15:58 7435776 c:\windows\Installer\3928d2e6.msi + 2005-02-11 12:06 . 2005-02-11 12:06 5864960 c:\windows\Installer\32aa0b6.msp + 2008-02-13 09:15 . 2008-02-13 09:15 2417152 c:\windows\Installer\311fb017.msp + 2005-01-22 20:37 . 2005-01-22 20:37 1188864 c:\windows\Installer\2d5dc.msi + 2008-01-26 23:25 . 2008-01-26 23:25 2051072 c:\windows\Installer\2ac96828.msi + 2005-05-26 23:47 . 2005-05-26 23:47 4716032 c:\windows\Installer\27cd68.msi + 2008-12-13 13:57 . 2008-12-13 13:57 8397824 c:\windows\Installer\1f7ad7a.msp + 2008-07-29 23:26 . 2008-07-29 23:26 1043456 c:\windows\Installer\1f588f9.msp + 2008-07-30 00:37 . 2008-07-30 00:37 2679808 c:\windows\Installer\1f588f7.msp + 2008-07-30 01:15 . 2008-07-30 01:15 3697664 c:\windows\Installer\1f588f5.msp + 2008-07-29 23:34 . 2008-07-29 23:34 1448448 c:\windows\Installer\1f588f4.msp + 2008-07-30 00:22 . 2008-07-30 00:22 4137984 c:\windows\Installer\1f588f3.msp + 2008-07-29 23:18 . 2008-07-29 23:18 3376640 c:\windows\Installer\1f588f2.msp + 2008-07-29 21:45 . 2008-07-29 21:45 2543616 c:\windows\Installer\1f014f6.msp + 2008-07-29 21:29 . 2008-07-29 21:29 2926080 c:\windows\Installer\1f014f5.msp + 2008-07-29 21:41 . 2008-07-29 21:41 6487040 c:\windows\Installer\1f014f4.msp + 2008-07-29 21:39 . 2008-07-29 21:39 3403264 c:\windows\Installer\1f014f3.msp + 2008-07-29 21:43 . 2008-07-29 21:43 1013248 c:\windows\Installer\1f014f1.msp + 2008-07-29 21:31 . 2008-07-29 21:31 6083072 c:\windows\Installer\1f014ee.msp + 2005-12-25 15:03 . 2005-12-25 15:03 7417344 c:\windows\Installer\1bdc612.msi + 2008-08-29 21:10 . 2008-08-29 21:10 1549312 c:\windows\Installer\1ad7c3.msi + 2005-04-03 19:37 . 2005-04-03 19:37 2593792 c:\windows\Installer\14fe730c.msp + 2004-10-21 21:56 . 2004-10-21 21:56 5533696 c:\windows\Installer\14fe72f9.msp + 2004-10-21 14:23 . 2004-10-21 14:23 3581952 c:\windows\Installer\14fe72e4.msp + 2005-03-02 14:23 . 2005-03-02 14:23 4775424 c:\windows\Installer\14fe72d3.msp + 2005-04-22 19:29 . 2005-04-22 19:29 4855296 c:\windows\Installer\14fe72c2.msp + 2009-08-09 08:10 . 2009-04-30 21:22 1207808 c:\windows\ie8updates\KB972260-IE8\urlmon.dll + 2009-08-09 08:10 . 2009-05-13 05:15 5936128 c:\windows\ie8updates\KB972260-IE8\mshtml.dll + 2009-08-09 08:10 . 2009-04-30 21:22 1985024 c:\windows\ie8updates\KB972260-IE8\iertutil.dll + 2005-10-05 20:00 . 2005-10-05 20:00 2220544 c:\windows\Hewlett-Packard\Setup Files\HP Software Update\{BB4EE741-CA46-4345-A3B7-1AECBFAB0AFE}\HP Software Update.msi + 2009-08-15 20:58 . 2009-08-15 20:58 3776512 c:\windows\ERDNT\subs\Users\00000005\NTUSER.DAT + 2005-12-25 15:04 . 2005-09-16 15:15 9926144 c:\windows\Downloaded Installations\{78F4DFCE-1336-4027-BCB2-1A00C24A8653}\iTunes.msi + 2006-07-14 16:57 . 2006-06-19 20:04 9934848 c:\windows\Downloaded Installations\{54C0D94A-F467-4ABC-9D02-6E58748668D4}\iTunes.msi + 2009-08-09 08:29 . 2009-08-09 08:29 3313664 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\WindowsBase\14cd5f4b61d35f9b76327d6be9853755\WindowsBase.ni.dll + 2009-08-09 08:35 . 2009-08-09 08:35 1049600 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationClients#\f3c7957351aec85f526a3350c9718b1e\UIAutomationClientsideProviders.ni.dll + 2009-08-09 08:28 . 2009-08-09 08:28 7868416 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll + 2009-08-09 08:35 . 2009-08-09 08:35 5450752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll + 2009-08-09 08:41 . 2009-08-09 08:41 1356288 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.WorkflowServ#\ac1750e78d79520dcf19195772eff1b6\System.WorkflowServices.ni.dll + 2009-08-09 08:41 . 2009-08-09 08:41 1908224 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Run#\d265da36954fcb4cb7ad5adc693ea0f2\System.Workflow.Runtime.ni.dll + 2009-08-09 08:41 . 2009-08-09 08:41 4514304 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Com#\693a8fbe6f7ad6e4e429052da4317e59\System.Workflow.ComponentModel.ni.dll + 2009-08-09 08:41 . 2009-08-09 08:41 2992640 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Act#\cc99fbbac0b6e4e9ca62093e49b0c16b\System.Workflow.Activities.ni.dll + 2009-08-09 08:40 . 2009-08-09 08:40 1840640 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Services\b57bb002a655920cbfa2bee29d1e22b7\System.Web.Services.ni.dll + 2009-08-09 08:40 . 2009-08-09 08:40 2209280 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Mobile\81197e32ec931f439b3114e9031b65d6\System.Web.Mobile.ni.dll + 2009-08-09 08:40 . 2009-08-09 08:40 2403328 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Extensio#\7f64c9d25471b72e1e957bdfe67947c8\System.Web.Extensions.ni.dll + 2009-08-09 08:35 . 2009-08-09 08:35 1917440 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Speech\63cf639b6e0a3c25c1643c85016e7422\System.Speech.ni.dll + 2009-08-09 08:40 . 2009-08-09 08:40 1706496 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceModel#\340cad17fe57947eacbc8fa2cea780da\System.ServiceModel.Web.ni.dll + 2009-08-09 08:37 . 2009-08-09 08:37 2338304 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Runtime.Seri#\034c91b133dee73d452652c52767b5ea\System.Runtime.Serialization.ni.dll + 2009-08-09 08:35 . 2009-08-09 08:35 1035264 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Printing\646ab52eef343380aa002c220dc31e13\System.Printing.ni.dll + 2009-08-09 08:36 . 2009-08-09 08:36 1056768 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IdentityModel\c2de8479e54852f56996f79bc93acb13\System.IdentityModel.ni.dll + 2009-08-15 21:08 . 2009-08-15 21:08 1587200 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab9202626ae44c18d226c\System.Drawing.ni.dll + 2009-08-09 08:39 . 2009-08-09 08:39 1116672 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\543aced762f6b0c3f8e037955941afc6\System.DirectoryServices.ni.dll + 2009-08-09 08:39 . 2009-08-09 08:39 1801216 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Deployment\a6b58624486714fa71e5e35186850ff0\System.Deployment.ni.dll + 2009-08-15 21:06 . 2009-08-15 21:06 6616576 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data\c70731047b0022638b3f9fb158948a03\System.Data.ni.dll + 2009-08-09 08:38 . 2009-08-09 08:38 2510336 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.SqlXml\826b09ab0d0e36f4d631b4cd335df511\System.Data.SqlXml.ni.dll + 2009-08-09 08:39 . 2009-08-09 08:39 1328128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Services\956a513dcbd44d5a6801840ef2b0b47b\System.Data.Services.ni.dll + 2009-08-15 21:06 . 2009-08-15 21:06 2516480 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Linq\0bbec79460b1137df5313f9baf7b246f\System.Data.Linq.ni.dll + 2009-08-09 08:39 . 2009-08-09 08:39 9924096 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Entity\6479f975b105808a8d9e7a7fdc762551\System.Data.Entity.ni.dll + 2009-08-15 21:06 . 2009-08-15 21:06 2295296 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Core\47d87251e93256c635eb73403b8db33e\System.Core.ni.dll + 2009-08-15 21:05 . 2009-08-15 21:05 2128896 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\ReachFramework\4bfb3048bf200a6a8592d1b4ba861a7f\ReachFramework.ni.dll + 2009-08-15 21:05 . 2009-08-15 21:05 1657856 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationUI\6bafb1a2a73794ddb9761cb321c9e7e2\PresentationUI.ni.dll + 2009-08-09 08:28 . 2009-08-09 08:28 1451008 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationBuildTa#\e634bc4c4a00635a0a254febab0e2e2c\PresentationBuildTasks.ni.dll + 2009-08-09 08:38 . 2009-08-09 08:38 1712128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll + 2009-08-09 08:37 . 2009-08-09 08:37 1093120 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Transacti#\6b2f62f5e981913fce1d223f645d9ddf\Microsoft.Transactions.Bridge.ni.dll + 2009-08-09 08:40 . 2009-08-09 08:40 2332160 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.JScript\b261961046545831aa60963e84905968\Microsoft.JScript.ni.dll + 2009-08-09 08:38 . 2009-08-09 08:38 1620992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\bd241492d96db39f20e758c13c845033\Microsoft.Build.Tasks.ni.dll + 2009-08-09 08:38 . 2009-08-09 08:38 1966080 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\a47100d8f4574bed2d49d83d0ab8964e\Microsoft.Build.Tasks.v3.5.ni.dll + 2009-08-09 08:38 . 2009-08-09 08:38 1888768 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6cfe582681724965fb817e8ece5f0909\Microsoft.Build.Engine.ni.dll + 2009-08-09 08:19 . 2009-08-09 08:19 1245184 c:\windows\ASSEMBLY\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll + 2009-08-09 08:25 . 2009-08-09 08:25 3149824 c:\windows\ASSEMBLY\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll + 2009-08-09 08:25 . 2009-08-09 08:25 2048000 c:\windows\ASSEMBLY\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll + 2009-08-09 08:19 . 2009-08-09 08:19 1630208 c:\windows\ASSEMBLY\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll + 2009-08-09 08:19 . 2009-08-09 08:19 1138688 c:\windows\ASSEMBLY\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll + 2009-08-09 08:25 . 2009-08-09 08:25 5025792 c:\windows\ASSEMBLY\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2009-08-09 08:28 . 2009-08-09 08:28 1277952 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll + 2009-08-09 08:27 . 2009-08-09 08:27 5931008 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll + 2009-08-09 08:25 . 2009-08-09 08:25 5062656 c:\windows\ASSEMBLY\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2009-08-09 08:21 . 2009-08-09 08:21 2879488 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll + 2009-08-09 08:27 . 2009-08-09 08:27 5283840 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll + 2009-08-09 08:25 . 2009-08-09 08:25 5242880 c:\windows\ASSEMBLY\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2009-08-09 08:25 . 2009-08-09 08:25 2933248 c:\windows\ASSEMBLY\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2009-08-09 08:19 . 2009-08-09 08:19 4210688 c:\windows\ASSEMBLY\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll + 2009-08-09 08:25 . 2009-08-09 08:25 4546560 c:\windows\ASSEMBLY\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2009-03-30 03:10 . 2009-07-07 15:10 24539592 c:\windows\SYSTEM32\MRT.exe + 2006-11-08 02:03 . 2009-07-19 22:48 11067392 c:\windows\SYSTEM32\ieframe.dll + 2007-05-08 21:39 . 2009-07-19 22:48 11067392 c:\windows\SYSTEM32\DLLCACHE\ieframe.dll + 2007-07-11 07:00 . 2007-07-11 07:00 15256576 c:\windows\Installer\2543a793.msp + 2008-12-13 14:21 . 2008-12-13 14:21 10473472 c:\windows\Installer\1f7ad84.msp + 2004-08-10 19:10 . 2004-08-10 19:10 19204096 c:\windows\Installer\1599F.MSP + 2004-07-08 04:23 . 2004-07-08 04:23 18643968 c:\windows\Installer\14fe72af.msp + 2009-08-09 08:10 . 2009-04-30 21:22 11064832 c:\windows\ie8updates\KB972260-IE8\ieframe.dll + 2005-12-25 14:53 . 2008-03-23 05:26 35885568 c:\windows\Downloaded Installations\{B9C0ED57-3C59-4B31-9AE9-50E12D0357DD}\iPod for Windows 2005-09-23.msi + 2006-07-14 15:57 . 2006-07-14 15:56 45631488 c:\windows\Downloaded Installations\{ADF0CB4C-E2E8-41AC-832B-81F52F0FE755}\iPod for Windows 2006-06-28.msi + 2009-08-09 08:35 . 2009-08-09 08:35 12430848 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll + 2009-08-09 08:40 . 2009-08-09 08:40 11796992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll + 2009-08-09 08:37 . 2009-08-09 08:37 17317888 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceModel\4146033013edebd7e0cb604e504ebfee\System.ServiceModel.ni.dll + 2009-08-15 21:07 . 2009-08-15 21:07 10683392 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Design\8ee220bc3cce4f7bbd7818946519ed7f\System.Design.ni.dll + 2009-08-15 21:04 . 2009-08-15 21:04 14327808 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFramewo#\96e710f47c601cba3f2348a8d11ddede\PresentationFramework.ni.dll + 2009-08-15 21:03 . 2009-08-15 21:03 12216320 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationCore\956375d487cbef36165b3250030e3574\PresentationCore.ni.dll + 2009-08-15 21:02 . 2009-08-15 21:02 11486720 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AIM"="c:\program files\AIM\aim.exe" [2005-08-05 67160] "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-08-12 21741864] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OSCD_Creator"="c:\dell\PreODM.EXE" [2004-10-31 408576] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-02 136600] "IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2005-05-12 180269] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688] "SiteAdvisor"="c:\program files\SiteAdvisor\6172\SiteAdv.exe" [2007-02-09 36904] "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-01-09 645328] "dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928] "snp2std"="c:\windows\vsnp2std.exe" [2006-09-15 675840] "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "OSCD_Creator"="c:\dell\PreODM.EXE" [2004-10-31 408576] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Update Utility"="\\?\globalroot\systemroot\system32\vfhr.exe" [?] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696] NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2007-5-19 118784] [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSetActiveDesktop"= 1 (0x1) "NoActiveDesktopChanges"= 1 (0x1) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"= "c:\\Program Files\\AIM\\aim.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\SYSTEM32\\LEXPPS.EXE"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"= "c:\\Program Files\\McAfee\\MPF\\MpfSrv.exe"= "c:\\Program Files\\Dell Support Center\\bin\\sprtsvc.exe"= R0 $sys$cor;$sys$cor;c:\windows\SYSTEM32\DRIVERS\$sys$cor.sys [10/6/2004 10:11 AM 10368] R3 Am772;AMD Alchemy Solutions Wireless 802.11 Adapter;c:\windows\SYSTEM32\DRIVERS\Am772.sys [7/10/2003 6:47 PM 151894] S2 vltinuyvkadws;vltinuyvkadws;\??\c:\windows\system32\drivers\zcohxi.sys --> c:\windows\system32\drivers\zcohxi.sys [?] S3 gkmixern;gkmixern;\??\c:\docume~1\emily\LOCALS~1\Temp\gkmixern.sys --> c:\docume~1\emily\LOCALS~1\Temp\gkmixern.sys [?] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Contents of the 'Scheduled Tasks' folder 2009-06-26 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 16:34] 2009-06-15 c:\windows\Tasks\McDefragTask.job - c:\program files\mcafee\mqc\QcConsol.exe [2007-02-15 15:53] 2009-06-01 c:\windows\Tasks\McQcTask.job - c:\program files\mcafee\mqc\QcConsol.exe [2007-02-15 15:53] 2009-08-15 c:\windows\Tasks\User_Feed_Synchronization-{DF4C93FD-E010-495E-BE2B-9D30E0F32456}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 08:31] . - - - - ORPHANS REMOVED - - - - BHO-{3F1866D7-E21A-4403-A609-D8F2090567DF} - (no file) . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com/ uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-08-15 17:08 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce OSCD_Creator = c:\dell\PreODM.EXE /2?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(3676) c:\windows\system32\WININET.dll c:\program files\SiteAdvisor\6172\saHook.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\program files\Microsoft Office\OFFICE11\msohev.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\SYSTEM32\LEXBCES.EXE c:\windows\SYSTEM32\LEXPPS.EXE c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\progra~1\McAfee\MSC\mcmscsvc.exe c:\program files\Common Files\McAfee\MNA\McNASvc.exe c:\progra~1\COMMON~1\McAfee\McProxy\McProxy.exe c:\progra~1\McAfee\VIRUSS~1\Mcshield.exe c:\program files\McAfee\MSK\msksrver.exe c:\windows\SYSTEM32\HPZipm12.exe c:\program files\Dell Support Center\bin\sprtsvc.exe c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe c:\progra~1\McAfee\VIRUSS~1\mcsysmon.exe c:\program files\McAfee\MPF\MpfSrv.exe c:\windows\SYSTEM32\wscntfy.exe c:\progra~1\McAfee.com\Agent\mcagent.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Skype\Plugin Manager\skypePM.exe c:\program files\Java\jre6\bin\jucheck.exe . ************************************************************************** . Completion time: 2009-08-15 17:39 - machine was rebooted ComboFix-quarantined-files.txt 2009-08-15 21:39 ComboFix2.txt 2009-06-24 15:05 Pre-Run: 35,310,465,024 bytes free Post-Run: 34,898,407,424 bytes free 934 --- E O F --- 2009-08-15 21:06
  7. I am going to post the logs within two post because the logs are too large for one post ComboFix 09-08-10.06 - Brian 08/15/2009 16:46.3.1 - NTFSx86 NETWORK Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.345 [GMT -4:00] Running from: c:\documents and settings\Brian\Desktop\ComboFix.exe AV: McAfee VirusScan *On-access scanning disabled* (Outdated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\Installer\d3a3b.msi c:\windows\run.log c:\windows\system32\Drivers\acsww.sys c:\windows\system32\Drivers\elldbwrw.sys . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_drae ((((((((((((((((((((((((( Files Created from 2009-07-15 to 2009-08-15 ))))))))))))))))))))))))))))))) . 2009-08-15 21:01 . 2009-08-15 21:01 -------- d-----w- c:\windows\LastGood 2009-08-15 20:17 . 2009-08-15 20:17 -------- d-----w- c:\documents and settings\Brian\Application Data\McAfee 2009-08-09 08:19 . 2009-08-09 08:19 -------- d-----w- c:\windows\system32\XPSViewer 2009-08-09 08:19 . 2009-08-09 08:19 -------- d-----w- c:\program files\MSBuild 2009-08-09 08:19 . 2009-08-09 08:19 -------- d-----w- c:\program files\Reference Assemblies 2009-08-09 08:18 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-08-09 08:18 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll 2009-08-09 08:18 . 2009-08-09 08:18 -------- d-----w- C:\22d06f0c895e0e6bf8fed5 2009-08-09 08:18 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll 2009-08-09 08:18 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll 2009-08-09 08:18 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll 2009-08-09 08:18 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll 2009-08-09 08:18 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-07-30 03:02 . 2009-07-30 03:02 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Apple Computer 2009-07-25 23:11 . 2009-08-10 20:25 664 ----a-w- c:\windows\system32\d3d9caps.dat 2009-07-21 19:53 . 2009-07-21 19:54 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-08-15 21:11 . 2008-08-25 01:19 -------- d-----w- c:\documents and settings\Brian\Application Data\skypePM 2009-08-14 19:02 . 2004-11-09 10:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-08-14 19:02 . 2009-04-10 13:31 3942048 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-08-09 08:31 . 2005-01-23 03:14 -------- d-----w- c:\program files\McAfee 2009-08-03 17:36 . 2004-11-09 10:23 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-08-03 17:36 . 2004-11-09 10:23 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-07-03 17:09 . 2004-08-04 11:00 915456 ----a-w- c:\windows\system32\wininet.dll 2009-06-25 13:20 . 2009-06-25 13:20 -------- d-sh--w- c:\documents and settings\Guest\Application Data\lowsec 2009-06-24 01:34 . 2009-06-24 01:34 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2009-06-22 13:55 . 2008-08-13 20:01 -------- d-----w- c:\documents and settings\Brian\Application Data\SiteAdvisor 2009-06-19 02:14 . 2009-05-10 20:18 -------- d-----w- c:\program files\RealArcade 2009-06-17 17:13 . 2009-06-17 17:09 -------- d-----w- c:\program files\ZillaTube 2009-06-17 16:53 . 2009-04-04 22:08 -------- d-----w- c:\program files\Cucusoft 2009-06-16 14:36 . 2004-08-04 11:00 81920 ----a-w- c:\windows\system32\fontsub.dll 2009-06-16 14:36 . 2004-08-04 11:00 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-06-03 19:09 . 2004-08-04 11:00 1291264 ----a-w- c:\windows\system32\quartz.dll 2004-08-04 11:00 . 2004-08-04 11:00 94784 -csh--w- c:\windows\TWAIN.DLL 2008-04-14 00:12 . 2004-08-04 11:00 50688 --sh--w- c:\windows\twain_32.dll 2005-03-28 20:33 . 2005-01-13 05:54 900 -csha-w- c:\windows\SYSTEM32\KGyGaAvL.sys 2008-04-14 00:11 . 2004-08-04 11:00 1028096 --sha-w- c:\windows\SYSTEM32\mfc42.dll 2008-04-14 00:12 . 2004-08-04 11:00 57344 --sha-w- c:\windows\SYSTEM32\msvcirt.dll 2008-04-14 00:12 . 2004-08-04 11:00 413696 --sha-w- c:\windows\SYSTEM32\msvcp60.dll 2008-04-14 00:12 . 2004-08-04 11:00 343040 --sha-w- c:\windows\SYSTEM32\msvcrt.dll 2008-04-14 00:12 . 2004-08-04 11:00 551936 --sha-w- c:\windows\SYSTEM32\oleaut32.dll 2008-04-14 00:12 . 2004-08-04 11:00 84992 --sha-w- c:\windows\SYSTEM32\olepro32.dll 2008-04-14 00:12 . 2004-08-04 11:00 11776 --sha-w- c:\windows\SYSTEM32\regsvr32.exe . ((((((((((((((((((((((((((((( SnapShot@2009-06-24_14.59.20 ))))))))))))))))))))))))))))))))))))))))) . + 2009-08-15 20:59 . 2009-08-15 20:59 16384 c:\windows\temp\Perflib_Perfdata_7e4.dat + 2008-07-30 01:10 . 2008-07-30 01:10 26112 c:\windows\SYSTEM32\TsWpfWrp.exe + 2009-08-09 08:18 . 2008-07-06 12:06 89088 c:\windows\SYSTEM32\SPOOL\PRTPROCS\W32X86\filterpipelineprintproc.dll + 2008-07-29 23:59 . 2008-07-29 23:59 43544 c:\windows\SYSTEM32\PresentationHostProxy.dll + 2004-12-22 02:59 . 2009-08-09 08:26 72576 c:\windows\SYSTEM32\PERFC009.DAT + 2008-07-25 15:17 . 2008-07-25 15:17 15360 c:\windows\SYSTEM32\MUI\0409\mscorees.dll + 2006-11-08 02:03 . 2009-07-03 17:09 55296 c:\windows\SYSTEM32\msfeedsbs.dll - 2006-11-08 02:03 . 2009-03-08 08:31 55296 c:\windows\SYSTEM32\msfeedsbs.dll + 2008-07-25 15:16 . 2008-07-25 15:16 83968 c:\windows\SYSTEM32\mscories.dll - 2004-08-04 11:00 . 2009-04-30 21:22 25600 c:\windows\SYSTEM32\jsproxy.dll + 2004-08-04 11:00 . 2009-07-03 17:09 25600 c:\windows\SYSTEM32\jsproxy.dll + 2008-07-29 23:24 . 2008-07-29 23:24 97800 c:\windows\SYSTEM32\infocardapi.dll + 2008-07-29 23:24 . 2008-07-29 23:24 11264 c:\windows\SYSTEM32\icardres.dll + 2008-07-30 01:10 . 2008-07-30 01:10 73720 c:\windows\SYSTEM32\dxva2.dll + 2009-06-12 19:46 . 2009-07-03 17:09 12800 c:\windows\SYSTEM32\DLLCACHE\xpshims.dll - 2009-06-12 19:46 . 2009-04-30 21:22 12800 c:\windows\SYSTEM32\DLLCACHE\xpshims.dll - 2007-05-08 21:39 . 2009-03-08 08:31 55296 c:\windows\SYSTEM32\DLLCACHE\msfeedsbs.dll + 2007-05-08 21:39 . 2009-07-03 17:09 55296 c:\windows\SYSTEM32\DLLCACHE\msfeedsbs.dll + 2004-08-04 11:00 . 2009-07-03 17:09 25600 c:\windows\SYSTEM32\DLLCACHE\jsproxy.dll - 2004-08-04 11:00 . 2009-04-30 21:22 25600 c:\windows\SYSTEM32\DLLCACHE\jsproxy.dll + 2009-06-16 14:36 . 2009-06-16 14:36 81920 c:\windows\SYSTEM32\DLLCACHE\fontsub.dll + 2008-07-25 15:16 . 2008-07-25 15:16 96760 c:\windows\SYSTEM32\dfshim.dll + 2004-12-31 23:19 . 2009-08-15 21:04 49152 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\index.dat - 2004-12-31 23:19 . 2009-06-24 14:13 49152 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\index.dat + 2004-12-31 23:19 . 2009-08-15 21:04 49152 c:\windows\SYSTEM32\CONFIG\systemprofile\Cookies\index.dat - 2004-12-31 23:19 . 2009-06-24 14:13 49152 c:\windows\SYSTEM32\CONFIG\systemprofile\Cookies\index.dat + 2008-07-30 03:40 . 2008-07-30 03:40 70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll + 2008-07-30 03:40 . 2008-07-30 03:40 91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe + 2008-07-30 03:40 . 2008-07-30 03:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll + 2008-07-30 03:40 . 2008-07-30 03:40 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll + 2008-07-29 22:47 . 2008-07-29 22:47 89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll + 2008-07-29 22:47 . 2008-07-29 22:47 92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll + 2008-07-29 22:47 . 2008-07-29 22:47 95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll + 2008-07-29 22:47 . 2008-07-29 22:47 89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll + 2008-07-29 22:47 . 2008-07-29 22:47 84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll + 2008-07-29 22:47 . 2008-07-29 22:47 94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll + 2008-07-29 22:47 . 2008-07-29 22:47 97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll + 2008-07-29 22:47 . 2008-07-29 22:47 84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll + 2008-07-29 22:47 . 2008-07-29 22:47 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe + 2008-07-30 03:40 . 2008-07-30 03:40 95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe + 2008-07-30 03:40 . 2008-07-30 03:40 78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe + 2008-07-30 03:40 . 2008-07-30 03:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe + 2008-07-30 03:40 . 2008-07-30 03:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe + 2008-07-30 03:40 . 2008-07-30 03:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe + 2008-07-30 01:10 . 2008-07-30 01:10 46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe + 2008-07-29 23:59 . 2008-07-29 23:59 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll + 2008-07-30 01:10 . 2008-07-30 01:10 71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll + 2008-07-29 23:32 . 2008-07-29 23:32 17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe + 2008-07-29 23:16 . 2008-07-29 23:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll + 2008-07-29 23:16 . 2008-07-29 23:16 73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll + 2008-07-29 23:16 . 2008-07-29 23:16 20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll + 2008-07-29 23:16 . 2008-07-29 23:16 11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll + 2008-07-25 15:17 . 2008-07-25 15:17 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll + 2008-07-25 15:17 . 2008-07-25 15:17 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL + 2008-07-25 15:17 . 2008-07-25 15:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll + 2008-07-25 15:17 . 2008-07-25 15:17 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll + 2008-07-25 15:17 . 2008-07-25 15:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll - 2005-09-23 11:28 . 2005-09-23 11:28 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll + 2008-07-25 15:17 . 2008-07-25 15:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll - 2005-09-23 11:28 . 2005-09-23 11:28 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll + 2008-07-25 15:17 . 2008-07-25 15:17 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll + 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll + 2008-07-25 15:17 . 2008-07-25 15:17 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe - 2005-09-23 11:28 . 2005-09-23 11:28 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe + 2008-07-25 15:17 . 2008-07-25 15:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe + 2008-07-25 15:17 . 2008-07-25 15:17 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe - 2005-09-23 11:28 . 2005-09-23 11:28 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe + 2008-07-25 15:17 . 2008-07-25 15:17 88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll + 2008-07-25 15:17 . 2008-07-25 15:17 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll + 2008-07-25 15:17 . 2008-07-25 15:17 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll + 2008-07-25 15:17 . 2008-07-25 15:17 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll + 2008-07-25 15:17 . 2008-07-25 15:17 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe + 2008-07-25 15:16 . 2008-07-25 15:16 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll + 2008-07-25 15:17 . 2008-07-25 15:17 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll + 2008-07-25 15:17 . 2008-07-25 15:17 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll + 2008-07-25 15:17 . 2008-07-25 15:17 46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll + 2008-07-25 15:17 . 2008-07-25 15:17 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll - 2005-09-23 11:28 . 2005-09-23 11:28 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe + 2008-07-25 15:16 . 2008-07-25 15:16 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe + 2008-07-25 15:16 . 2008-07-25 15:16 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll - 2005-09-23 11:28 . 2005-09-23 11:28 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2008-07-25 15:16 . 2008-07-25 15:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2008-07-25 15:16 . 2008-07-25 15:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll - 2005-09-23 11:28 . 2005-09-23 11:28 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll - 2005-09-23 11:28 . 2005-09-23 11:28 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll + 2008-07-25 15:16 . 2008-07-25 15:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll + 2008-07-25 15:16 . 2008-07-25 15:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll + 2008-07-25 15:16 . 2008-07-25 15:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll - 2005-09-23 11:28 . 2005-09-23 11:28 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll + 2008-07-25 15:16 . 2008-07-25 15:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe - 2005-09-23 11:28 . 2005-09-23 11:28 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe + 2008-07-25 15:17 . 2008-07-25 15:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll - 2005-09-23 11:28 . 2005-09-23 11:28 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll + 2008-07-25 15:17 . 2008-07-25 15:17 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll + 2008-07-25 15:17 . 2008-07-25 15:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe - 2005-09-23 11:28 . 2005-09-23 11:28 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe + 2008-07-25 15:17 . 2008-07-25 15:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll + 2008-07-25 15:16 . 2008-07-25 15:16 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll + 2008-07-25 15:16 . 2008-07-25 15:16 62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll + 2008-07-25 15:16 . 2008-07-25 15:16 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe + 2008-07-25 15:17 . 2008-07-25 15:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll + 2008-07-25 15:17 . 2008-07-25 15:17 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll + 2008-07-25 15:16 . 2008-07-25 15:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll - 2005-09-23 11:28 . 2005-09-23 11:28 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll + 2008-07-25 15:16 . 2008-07-25 15:16 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe + 2008-07-25 15:17 . 2008-07-25 15:17 89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll + 2008-11-25 08:59 . 2008-11-25 08:59 31560 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe + 2008-07-25 15:16 . 2008-07-25 15:16 34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe + 2008-07-25 15:16 . 2008-07-25 15:16 33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe + 2008-07-25 15:16 . 2008-07-25 15:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe + 2008-07-25 15:16 . 2008-07-25 15:16 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll + 2008-07-25 15:16 . 2008-07-25 15:16 33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll + 2008-07-25 15:16 . 2008-07-25 15:16 17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll + 2008-07-25 15:16 . 2008-07-25 15:16 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll + 2008-07-25 15:16 . 2008-07-25 15:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe - 2005-09-23 11:28 . 2005-09-23 11:28 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe + 2008-07-25 15:17 . 2008-07-25 15:17 58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe + 2008-07-25 15:16 . 2008-07-25 15:16 98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - 2005-09-23 11:28 . 2005-09-23 11:28 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
  8. Sorry About the Delay Malwarebytes' Anti-Malware 1.40 Database version: 2551 Windows 5.1.2600 Service Pack 3 (Safe Mode) 8/14/2009 3:36:26 PM mbam-log-2009-08-14 (15-36-25).txt Scan type: Quick Scan Objects scanned: 135076 Time elapsed: 15 minute(s), 53 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 2 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 5 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\fias4051 (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AlerterALG (Trojan.Downloader) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\SYSTEM32\DRIVERS\str.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\0101120101465452.lso (Worm.KoobFace) -> Quarantined and deleted successfully. C:\WINDOWS\0101120101465749.lso (Worm.KoobFace) -> Quarantined and deleted successfully. C:\WINDOWS\0101120101465452.dat (Worm.KoobFace) -> Quarantined and deleted successfully. C:\WINDOWS\0101120101465749.dat (Worm.KoobFace) -> Quarantined and deleted successfully. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-07-30.01) Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume2 Install Date: 12/31/2004 6:26:16 PM System Uptime: 8/14/2009 2:55:02 PM (1 hours ago) Motherboard: Dell Computer Corp. | | 0N6381 Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2793/533mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 72 GiB total, 33.045 GiB free. ==== Disabled Device Manager Items ============= Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318} Description: CD-ROM Drive Device ID: IDE\CDROMHL-DT-ST_CD-ROM_GCR-8483B_______________1.07____\5&145A0A8F&0&0.0.0 Manufacturer: (Standard CD-ROM drives) Name: HL-DT-ST CD-ROM GCR-8483B PNP Device ID: IDE\CDROMHL-DT-ST_CD-ROM_GCR-8483B_______________1.07____\5&145A0A8F&0&0.0.0 Service: cdrom ==== System Restore Points =================== RP1585: 5/11/2009 11:42:05 PM - System Checkpoint RP1586: 5/13/2009 3:14:35 AM - System Checkpoint RP1587: 5/14/2009 7:31:24 PM - Software Distribution Service 3.0 RP1588: 5/15/2009 10:29:53 PM - System Checkpoint RP1589: 5/16/2009 11:50:48 PM - System Checkpoint RP1590: 5/18/2009 12:12:49 AM - System Checkpoint RP1591: 5/19/2009 12:52:33 AM - System Checkpoint RP1592: 5/20/2009 6:31:25 PM - System Checkpoint RP1593: 5/21/2009 7:44:48 PM - System Checkpoint RP1594: 5/23/2009 10:55:59 AM - System Checkpoint RP1595: 5/24/2009 1:39:40 PM - System Checkpoint RP1596: 5/25/2009 2:28:34 PM - System Checkpoint RP1597: 5/26/2009 5:27:12 PM - System Checkpoint RP1598: 5/27/2009 6:09:13 PM - System Checkpoint RP1599: 5/28/2009 6:38:55 PM - System Checkpoint RP1600: 5/29/2009 7:27:41 PM - System Checkpoint RP1601: 5/30/2009 8:05:47 PM - System Checkpoint RP1602: 5/31/2009 10:43:29 PM - System Checkpoint RP1603: 6/1/2009 10:58:30 PM - System Checkpoint RP1604: 6/3/2009 7:57:28 AM - System Checkpoint RP1605: 6/4/2009 5:23:20 PM - System Checkpoint RP1606: 6/5/2009 9:39:11 PM - System Checkpoint RP1607: 6/7/2009 12:36:54 AM - System Checkpoint RP1608: 6/8/2009 9:01:47 AM - System Checkpoint RP1609: 6/9/2009 10:25:51 AM - System Checkpoint RP1610: 6/10/2009 4:00:33 AM - Software Distribution Service 3.0 RP1611: 6/11/2009 4:19:38 AM - System Checkpoint RP1612: 6/12/2009 6:07:43 AM - System Checkpoint RP1613: 6/12/2009 1:49:34 PM - Installed Microsoft Fix it 50027 RP1614: 6/12/2009 2:43:06 PM - Installed Microsoft Fix it 50027 RP1615: 6/12/2009 3:32:29 PM - Software Distribution Service 3.0 RP1616: 6/13/2009 4:11:53 PM - System Checkpoint RP1617: 6/14/2009 6:57:30 PM - System Checkpoint RP1618: 6/15/2009 11:34:59 PM - System Checkpoint RP1619: 6/17/2009 1:22:52 AM - System Checkpoint RP1620: 6/18/2009 7:47:19 AM - System Checkpoint RP1621: 6/19/2009 9:19:47 AM - System Checkpoint RP1622: 6/20/2009 10:23:49 AM - System Checkpoint RP1623: 6/21/2009 2:11:50 PM - System Checkpoint RP1624: 8/8/2009 7:44:10 PM - System Checkpoint RP1625: 8/9/2009 4:00:24 AM - Software Distribution Service 3.0 RP1626: 8/9/2009 4:32:34 AM - Printer Driver Microsoft XPS Document Writer Installed ==== Installed Programs ====================== 1400 1400_Help 1400Trb Adobe Download Manager 2.0 (Remove Only) Adobe Flash Player 10 ActiveX Adobe Reader 7.0.5 Adobe Shockwave Player 11 AiO_Scan AiOSoftware AOL Instant Messenger Apple Mobile Device Support Apple Software Update Bonjour Critical Update for Windows Media Player 11 (KB959772) Dell Driver Reset Tool Dell Photo Printer 720 Dell Support Center (Support Software) DellSupport ESPN Java Check Fax GdiplusUpgrade Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) HP Product Assistant HP PSC & OfficeJet 4.7 HP Update Intel® 537EP V9x DF PCI Modem Intel® Extreme Graphics 2 Driver Intel® PRO Network Adapters and Drivers Intel® PROSet for Wired Connections Internet Explorer Default Page iPhone/iTouch/iPod to Computer Transfer 5.1.9 iPod for Windows 2005-09-23 iPod for Windows 2006-06-28 IrfanView (remove only) iTunes J2SE Runtime Environment 5.0 Update 4 J2SE Runtime Environment 5.0 Update 6 Java 2 Runtime Environment, SE v1.4.2_03 Java 6 Update 11 Java 6 Update 5 Malwarebytes' Anti-Malware McAfee SecurityCenter McAfee Shredder Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Hotfix (KB928366) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office Standard Edition 2003 Microsoft Plus! Digital Media Edition Installer Microsoft Plus! Photo Story 2 LE Microsoft Silverlight Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ Run Time Lib Setup Modem Event Monitor Modem Helper Modem On Hold MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 Parser and SDK Music Visualizer Library 1.4.00 My Way Search Assistant Net MD Simple Burner Network Play System (Patching) Nikon Message Center OpenMG Limited Patch 3.1-02-10-22-01 OpenMG Limited Patch 3.1-02-10-22-02 OpenMG Limited Patch 3.1-02-12-04-01 OpenMG Secure Module 3.1 PictureProject PictureProject In Touch Downloader 1.0 ProductContext QuickTime Readme RealPlayer Scan Security Update for Step By Step Interactive Training (KB898458) Security Update for Step By Step Interactive Training (KB923723) Security Update for Windows Internet Explorer 7 (KB928090) Security Update for Windows Internet Explorer 7 (KB929969) Security Update for Windows Internet Explorer 7 (KB931768) Security Update for Windows Internet Explorer 7 (KB933566) Security Update for Windows Internet Explorer 7 (KB937143) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB939653) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows Internet Explorer 8 (KB969897) Security Update for Windows Internet Explorer 8 (KB972260) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player 10 (KB911565) Security Update for Windows Media Player 10 (KB917734) Security Update for Windows Media Player 10 (KB936782) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB973346) Skype
  9. You said to run the scans not in safe mode but its the only way i can
  10. I am going to qork right now, but will have a full reply when i get home thanks!
  11. I'm not sure who that person is?? But if you can help I would appreciate your help!
  12. i have an infection i cannot get rid of. Here are copies of the logs. malwarebytes Malwarebytes' Anti-Malware 1.38 Database version: 2307 Windows 5.1.2600 Service Pack 3 7/28/2009 7:32:31 PM mbam-log-2009-07-28 (19-32-31).txt Scan type: Quick Scan Objects scanned: 140364 Time elapsed: 17 minute(s), 31 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Hijack This Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:31:48 PM, on 7/28/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Safe mode with network support Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe C:\WINDOWS\Explorer.EXE c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com/search/de_srchlft.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll O2 - BHO: (no name) - {3F1866D7-E21A-4403-A609-D8F2090567DF} - (no file) O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O4 - HKLM\..\Run: [OSCD_Creator] c:\Dell\PreODM.EXE O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [intelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [OSCD_Creator] C:\Dell\PreODM.EXE /2 O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [Windows Update Utility] \\?\globalroot\systemroot\system32\vfhr.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Windows Update Utility] \\?\globalroot\systemroot\system32\vfhr.exe (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Risk/Images/stg_drm.ocx O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409 O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Risk/Images/armhelper.ocx O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Alerter AlerterALG (AlerterALG) - Unknown owner - C:\WINDOWS\system32\f.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe -- End of file - 8531 bytes