yankeeskid247
-
Posts
12 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by yankeeskid247
-
-
JavaRa 1.15 Removal Log.
Report follows after line.
------------------------------------
The JavaRa removal process was started on Thu Aug 20 15:57:05 2009
Found and removed: C:\Documents and Settings\Brian\Application Data\Sun\Java\jre1.6.0_12
Found and removed: SOFTWARE\Classes\JavaPlugin.150_04
Found and removed: SOFTWARE\Classes\JavaPlugin.150_06
Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0
Found and removed: SOFTWARE\Classes\JavaPlugin.142_03
Found and removed: Software\Classes\JavaPlugin.160_05
Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_05\
------------------------------------
Finished reporting.
-
Here are the logs, and my cd drive still works
DDS (Ver_09-07-30.01) - NTFSx86
Run by Brian at 15:19:00.71 on Wed 08/19/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.160 [GMT -4:00]
AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Documents and Settings\Brian\Local Settings\Temporary Internet Files\Content.IE5\Y1VKRIYI\dds[1].scr
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
BHO: {089fd14d-132b-48fc-8861-0048ae113215} - c:\program files\siteadvisor\6253\SiteAdv.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - No File
BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\progra~1\mcafee\viruss~1\scriptsn.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: McAfee SiteAdvisor: {0bf43445-2f28-4351-9252-17fe6e806aa0} - c:\program files\siteadvisor\6253\SiteAdv.dll
uRun: [AIM] c:\program files\aim\aim.exe -cnetwait.odl
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [OSCD_Creator] c:\dell\PreODM.EXE
mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [intelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [siteAdvisor] c:\program files\siteadvisor\6172\SiteAdv.exe
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [snp2std] c:\windows\vsnp2std.exe
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRunOnce: [OSCD_Creator] c:\dell\PreODM.EXE /2
dRun: [Windows Update Utility] \\?\globalroot\systemroot\system32\vfhr.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\nkbmon~1.lnk - c:\program files\nikon\pictureproject\NkbMonitor.exe
dPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
dPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Risk/Images/stg_drm.ocx
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader3.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Risk/Images/armhelper.ocx
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - c:\program files\siteadvisor\6253\SiteAdv.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
============= SERVICES / DRIVERS ===============
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2007-2-15 214024]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2007-2-15 359952]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2007-2-15 144704]
R3 Am772;AMD Alchemy Solutions Wireless 802.11 Adapter;c:\windows\system32\drivers\Am772.sys [2003-7-10 151894]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2007-2-15 79880]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2007-2-15 35272]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2007-2-15 34216]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2007-2-15 40552]
S4 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2007-2-15 606736]
=============== Created Last 30 ================
2009-08-19 14:56 <DIR> --d----- c:\program files\CCleaner
2009-08-15 17:02 128,512 -------- c:\windows\system32\dllcache\dhtmled.ocx
2009-08-15 17:02 1,315,328 -------- c:\windows\system32\dllcache\msoe.dll
2009-08-15 16:17 <DIR> --d----- c:\docume~1\brian\applic~1\McAfee
2009-08-09 12:54 1,089,593 -------- c:\windows\system32\dllcache\ntprint.cat
2009-08-09 04:19 <DIR> --d----- c:\windows\system32\XPSViewer
2009-08-09 04:18 117,760 -------- c:\windows\system32\prntvpt.dll
2009-08-09 04:18 89,088 -------- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-09 04:18 <DIR> --d----- C:\22d06f0c895e0e6bf8fed5
2009-08-09 04:18 1,676,288 -------- c:\windows\system32\xpssvcs.dll
2009-08-09 04:18 1,676,288 -------- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-09 04:18 597,504 -------- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-09 04:18 575,488 -------- c:\windows\system32\xpsshhdr.dll
2009-08-09 04:18 575,488 -------- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-05 05:01 204,800 -------- c:\windows\system32\dllcache\mswebdvd.dll
2009-07-25 19:11 664 a------- c:\windows\system32\d3d9caps.dat
==================== Find3M ====================
2009-08-08 12:10 216,064 a------- c:\windows\PEV.exe
2009-08-05 05:01 204,800 a------- c:\windows\system32\mswebdvd.dll
2009-08-03 13:36 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-03 13:36 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-07-19 18:48 11,067,392 -------- c:\windows\system32\dllcache\ieframe.dll
2009-07-19 09:18 5,937,152 a------- c:\windows\system32\dllcache\cache\mshtml.dll
2009-07-19 09:18 5,937,152 -------- c:\windows\system32\dllcache\mshtml.dll
2009-07-17 15:01 58,880 a------- c:\windows\system32\atl.dll
2009-07-17 15:01 58,880 -------- c:\windows\system32\dllcache\atl.dll
2009-07-13 23:43 286,208 a------- c:\windows\system32\wmpdxm.dll
2009-07-13 23:43 286,208 a------- c:\windows\system32\dllcache\wmpdxm.dll
2009-07-13 23:43 10,841,088 -------- c:\windows\system32\dllcache\wmp.dll
2009-07-03 07:01 173,056 -------- c:\windows\system32\dllcache\ie4uinit.exe
2009-06-16 10:36 119,808 a------- c:\windows\system32\t2embed.dll
2009-06-16 10:36 81,920 a------- c:\windows\system32\fontsub.dll
2009-06-16 10:36 119,808 -------- c:\windows\system32\dllcache\t2embed.dll
2009-06-16 10:36 81,920 -------- c:\windows\system32\dllcache\fontsub.dll
2009-06-12 08:31 76,288 a------- c:\windows\system32\telnet.exe
2009-06-12 08:31 76,288 -------- c:\windows\system32\dllcache\telnet.exe
2009-06-10 10:13 84,992 a------- c:\windows\system32\avifil32.dll
2009-06-10 10:13 84,992 -------- c:\windows\system32\dllcache\avifil32.dll
2009-06-10 09:19 2,066,432 a------- c:\windows\system32\mstscax.dll
2009-06-10 09:19 2,066,432 a------- c:\windows\system32\dllcache\mstscax.dll
2009-06-10 02:14 132,096 a------- c:\windows\system32\wkssvc.dll
2009-06-10 02:14 132,096 -------- c:\windows\system32\dllcache\wkssvc.dll
2009-06-03 15:09 1,291,264 a------- c:\windows\system32\quartz.dll
2009-06-03 15:09 1,291,264 -------- c:\windows\system32\dllcache\quartz.dll
2009-04-05 19:57 0 a------- c:\docume~1\brian\applic~1\itunesoption.bin
2008-03-21 18:15 20 -c--h--- c:\docume~1\alluse~1\applic~1\PKP_DLds.DAT
2008-03-21 18:15 20 -c--h--- c:\docume~1\alluse~1\applic~1\PKP_DLec.DAT
2004-08-04 07:00 94,784 -c-sh--- c:\windows\TWAIN.DLL
2008-04-13 20:12 50,688 ---sh--- c:\windows\twain_32.dll
2005-03-28 16:33 900 ac-sh--- c:\windows\system32\KGyGaAvL.sys
2008-04-13 20:11 1,028,096 a--sh--- c:\windows\system32\mfc42.dll
2008-04-13 20:12 57,344 a--sh--- c:\windows\system32\msvcirt.dll
2008-04-13 20:12 413,696 a--sh--- c:\windows\system32\msvcp60.dll
2008-04-13 20:12 343,040 a--sh--- c:\windows\system32\msvcrt.dll
2008-04-13 20:12 551,936 a--sh--- c:\windows\system32\oleaut32.dll
2008-04-13 20:12 84,992 a--sh--- c:\windows\system32\olepro32.dll
2008-04-13 20:12 11,776 a--sh--- c:\windows\system32\regsvr32.exe
2004-11-09 03:51 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\application data\microsoft\feeds cache\index.dat
2004-11-09 03:51 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012004110920041110\index.dat
============= FINISH: 15:20:06.09 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-07-30.01)
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 12/31/2004 6:26:16 PM
System Uptime: 8/19/2009 3:11:32 PM (0 hours ago)
Motherboard: Dell Computer Corp. | | 0N6381
Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2793/533mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 72 GiB total, 32.737 GiB free.
D: is CDROM (CDFS)
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP1592: 5/20/2009 6:31:25 PM - System Checkpoint
RP1593: 5/21/2009 7:44:48 PM - System Checkpoint
RP1594: 5/23/2009 10:55:59 AM - System Checkpoint
RP1595: 5/24/2009 1:39:40 PM - System Checkpoint
RP1596: 5/25/2009 2:28:34 PM - System Checkpoint
RP1597: 5/26/2009 5:27:12 PM - System Checkpoint
RP1598: 5/27/2009 6:09:13 PM - System Checkpoint
RP1599: 5/28/2009 6:38:55 PM - System Checkpoint
RP1600: 5/29/2009 7:27:41 PM - System Checkpoint
RP1601: 5/30/2009 8:05:47 PM - System Checkpoint
RP1602: 5/31/2009 10:43:29 PM - System Checkpoint
RP1603: 6/1/2009 10:58:30 PM - System Checkpoint
RP1604: 6/3/2009 7:57:28 AM - System Checkpoint
RP1605: 6/4/2009 5:23:20 PM - System Checkpoint
RP1606: 6/5/2009 9:39:11 PM - System Checkpoint
RP1607: 6/7/2009 12:36:54 AM - System Checkpoint
RP1608: 6/8/2009 9:01:47 AM - System Checkpoint
RP1609: 6/9/2009 10:25:51 AM - System Checkpoint
RP1610: 6/10/2009 4:00:33 AM - Software Distribution Service 3.0
RP1611: 6/11/2009 4:19:38 AM - System Checkpoint
RP1612: 6/12/2009 6:07:43 AM - System Checkpoint
RP1613: 6/12/2009 1:49:34 PM - Installed Microsoft Fix it 50027
RP1614: 6/12/2009 2:43:06 PM - Installed Microsoft Fix it 50027
RP1615: 6/12/2009 3:32:29 PM - Software Distribution Service 3.0
RP1616: 6/13/2009 4:11:53 PM - System Checkpoint
RP1617: 6/14/2009 6:57:30 PM - System Checkpoint
RP1618: 6/15/2009 11:34:59 PM - System Checkpoint
RP1619: 6/17/2009 1:22:52 AM - System Checkpoint
RP1620: 6/18/2009 7:47:19 AM - System Checkpoint
RP1621: 6/19/2009 9:19:47 AM - System Checkpoint
RP1622: 6/20/2009 10:23:49 AM - System Checkpoint
RP1623: 6/21/2009 2:11:50 PM - System Checkpoint
RP1624: 8/8/2009 7:44:10 PM - System Checkpoint
RP1625: 8/9/2009 4:00:24 AM - Software Distribution Service 3.0
RP1626: 8/9/2009 4:32:34 AM - Printer Driver Microsoft XPS Document Writer Installed
RP1627: 8/15/2009 5:01:08 PM - Software Distribution Service 3.0
RP1628: 8/15/2009 10:16:56 PM - Software Distribution Service 3.0
RP1629: 8/17/2009 8:16:27 PM - System Checkpoint
==== Installed Programs ======================
1400
1400_Help
1400Trb
Adobe Download Manager 2.0 (Remove Only)
Adobe Flash Player 10 ActiveX
Adobe Reader 7.0.5
Adobe Shockwave Player 11
AiO_Scan
AiOSoftware
AOL Instant Messenger
Apple Mobile Device Support
Apple Software Update
Bonjour
CCleaner (remove only)
Critical Update for Windows Media Player 11 (KB959772)
Dell Driver Reset Tool
Dell Photo Printer 720
Dell Support Center (Support Software)
DellSupport
ESPN Java Check
Fax
GdiplusUpgrade
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
HP Product Assistant
HP PSC & OfficeJet 4.7
HP Update
Intel® 537EP V9x DF PCI Modem
Intel® Extreme Graphics 2 Driver
Intel® PRO Network Adapters and Drivers
Intel® PROSet for Wired Connections
Internet Explorer Default Page
iPhone/iTouch/iPod to Computer Transfer 5.1.9
iPod for Windows 2005-09-23
iPod for Windows 2006-06-28
IrfanView (remove only)
iTunes
J2SE Runtime Environment 5.0 Update 4
J2SE Runtime Environment 5.0 Update 6
Java 2 Runtime Environment, SE v1.4.2_03
Java 6 Update 11
Java 6 Update 5
Malwarebytes' Anti-Malware
McAfee SecurityCenter
McAfee Shredder
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ Run Time Lib Setup
Modem Event Monitor
Modem Helper
Modem On Hold
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 Parser and SDK
Music Visualizer Library 1.4.00
My Way Search Assistant
Net MD Simple Burner
Network Play System (Patching)
Nikon Message Center
OpenMG Limited Patch 3.1-02-10-22-01
OpenMG Limited Patch 3.1-02-10-22-02
OpenMG Limited Patch 3.1-02-12-04-01
OpenMG Secure Module 3.1
PictureProject
PictureProject In Touch Downloader 1.0
ProductContext
QuickTime
Readme
RealPlayer
Scan
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Skype
-
here are the logs:
ComboFix 09-08-10.06 - Brian 08/17/2009 21:55.4.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.236 [GMT -4:00]
Running from: c:\documents and settings\Brian\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Brian\Desktop\CFscript.txt
AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
FILE ::
"c:\docume~1\emily\LOCALS~1\Temp\gkmixern.sys"
"c:\windows\system32\drivers\zcohxi.sys"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_GKMIXERN
-------\Legacy_VLTINUYVKADWS
-------\Service_gkmixern
-------\Service_vltinuyvkadws
((((((((((((((((((((((((( Files Created from 2009-07-18 to 2009-08-18 )))))))))))))))))))))))))))))))
.
2009-08-15 21:02 . 2009-07-10 13:27 1315328 ------w- c:\windows\system32\dllcache\msoe.dll
2009-08-15 20:17 . 2009-08-15 20:17 -------- d-----w- c:\documents and settings\Brian\Application Data\McAfee
2009-08-09 08:19 . 2009-08-09 08:19 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-09 08:19 . 2009-08-09 08:19 -------- d-----w- c:\program files\MSBuild
2009-08-09 08:19 . 2009-08-09 08:19 -------- d-----w- c:\program files\Reference Assemblies
2009-08-09 08:18 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-09 08:18 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-08-09 08:18 . 2009-08-09 08:18 -------- d-----w- C:\22d06f0c895e0e6bf8fed5
2009-08-09 08:18 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-08-09 08:18 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-09 08:18 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-08-09 08:18 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-09 08:18 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-05 09:01 . 2009-08-05 09:01 204800 ------w- c:\windows\system32\dllcache\mswebdvd.dll
2009-07-30 03:02 . 2009-07-30 03:02 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Apple Computer
2009-07-25 23:11 . 2009-08-10 20:25 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-07-21 19:53 . 2009-07-21 19:54 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-17 23:20 . 2008-08-25 01:19 -------- d-----w- c:\documents and settings\Brian\Application Data\skypePM
2009-08-15 21:35 . 2005-02-21 21:12 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-08-14 19:02 . 2004-11-09 10:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-14 19:02 . 2009-04-10 13:31 3942048 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-08-09 08:31 . 2005-01-23 03:14 -------- d-----w- c:\program files\McAfee
2009-08-05 09:01 . 2004-08-04 11:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-03 17:36 . 2004-11-09 10:23 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-03 17:36 . 2004-11-09 10:23 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-17 19:01 . 2004-08-04 11:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-14 03:43 . 2004-08-04 11:00 286208 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-03 17:09 . 2004-08-04 11:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-25 13:20 . 2009-06-25 13:20 -------- d-sh--w- c:\documents and settings\Guest\Application Data\lowsec
2009-06-24 01:34 . 2009-06-24 01:34 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2009-06-22 13:55 . 2008-08-13 20:01 -------- d-----w- c:\documents and settings\Brian\Application Data\SiteAdvisor
2009-06-16 14:36 . 2004-08-04 11:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:36 . 2004-08-04 11:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-12 12:31 . 2004-08-04 11:00 76288 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 14:13 . 2004-08-04 11:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-06-10 13:19 . 2004-08-04 11:00 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 06:14 . 2004-08-04 11:00 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-06-03 19:09 . 2004-08-04 11:00 1291264 ----a-w- c:\windows\system32\quartz.dll
2004-08-04 11:00 . 2004-08-04 11:00 94784 -csh--w- c:\windows\TWAIN.DLL
2008-04-14 00:12 . 2004-08-04 11:00 50688 --sh--w- c:\windows\twain_32.dll
2005-03-28 20:33 . 2005-01-13 05:54 900 -csha-w- c:\windows\SYSTEM32\KGyGaAvL.sys
2008-04-14 00:11 . 2004-08-04 11:00 1028096 --sha-w- c:\windows\SYSTEM32\mfc42.dll
2008-04-14 00:12 . 2004-08-04 11:00 57344 --sha-w- c:\windows\SYSTEM32\msvcirt.dll
2008-04-14 00:12 . 2004-08-04 11:00 413696 --sha-w- c:\windows\SYSTEM32\msvcp60.dll
2008-04-14 00:12 . 2004-08-04 11:00 343040 --sha-w- c:\windows\SYSTEM32\msvcrt.dll
2008-04-14 00:12 . 2004-08-04 11:00 551936 --sha-w- c:\windows\SYSTEM32\oleaut32.dll
2008-04-14 00:12 . 2004-08-04 11:00 84992 --sha-w- c:\windows\SYSTEM32\olepro32.dll
2008-04-14 00:12 . 2004-08-04 11:00 11776 --sha-w- c:\windows\SYSTEM32\regsvr32.exe
.
((((((((((((((((((((((((((((( SnapShot_2009-08-15_21.09.20 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-08-18 02:11 . 2009-08-18 02:11 16384 c:\windows\temp\Perflib_Perfdata_7f0.dat
+ 2009-06-12 12:31 . 2009-06-12 12:31 76288 c:\windows\SYSTEM32\DLLCACHE\telnet.exe
+ 2009-06-10 14:13 . 2009-06-10 14:13 84992 c:\windows\SYSTEM32\DLLCACHE\avifil32.dll
+ 2009-07-17 19:01 . 2009-07-17 19:01 58880 c:\windows\SYSTEM32\DLLCACHE\atl.dll
+ 2004-12-31 23:19 . 2009-08-17 23:29 49152 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\index.dat
- 2004-12-31 23:19 . 2009-08-15 21:04 49152 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2004-12-31 23:19 . 2009-08-17 23:29 49152 c:\windows\SYSTEM32\CONFIG\systemprofile\Cookies\index.dat
- 2004-12-31 23:19 . 2009-08-15 21:04 49152 c:\windows\SYSTEM32\CONFIG\systemprofile\Cookies\index.dat
- 2009-08-09 08:35 . 2009-08-09 08:35 60928 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationProvider\a715aa442ef87ae99b3ade185599249d\UIAutomationProvider.ni.dll
+ 2009-08-15 21:15 . 2009-08-15 21:15 60928 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationProvider\a715aa442ef87ae99b3ade185599249d\UIAutomationProvider.ni.dll
- 2009-08-09 08:40 . 2009-08-09 08:40 37888 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Windows.Pres#\423f794d1f4ed6e120fbb02e436491cb\System.Windows.Presentation.ni.dll
+ 2009-08-15 22:06 . 2009-08-15 22:06 37888 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Windows.Pres#\423f794d1f4ed6e120fbb02e436491cb\System.Windows.Presentation.ni.dll
- 2009-08-09 08:40 . 2009-08-09 08:40 36864 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.DynamicD#\19ca1747c1ea18a3b639b302bca8df93\System.Web.DynamicData.Design.ni.dll
+ 2009-08-15 22:06 . 2009-08-15 22:06 36864 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.DynamicD#\19ca1747c1ea18a3b639b302bca8df93\System.Web.DynamicData.Design.ni.dll
- 2009-08-09 08:38 . 2009-08-09 08:38 94208 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ComponentMod#\532438e2acfcadc469a4d468c51f8451\System.ComponentModel.DataAnnotations.ni.dll
+ 2009-08-15 21:25 . 2009-08-15 21:25 94208 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ComponentMod#\532438e2acfcadc469a4d468c51f8451\System.ComponentModel.DataAnnotations.ni.dll
- 2009-08-09 08:38 . 2009-08-09 08:38 82944 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.AddIn.Contra#\597b20e1b053d6a510cfe033c07a63e6\System.AddIn.Contract.ni.dll
+ 2009-08-15 21:25 . 2009-08-15 21:25 82944 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.AddIn.Contra#\597b20e1b053d6a510cfe033c07a63e6\System.AddIn.Contract.ni.dll
+ 2009-08-15 21:28 . 2009-08-15 21:28 55296 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Vsa\790cf1edb17ee41b59be62ecbd59613b\Microsoft.Vsa.ni.dll
- 2009-08-09 08:40 . 2009-08-09 08:40 55296 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Vsa\790cf1edb17ee41b59be62ecbd59613b\Microsoft.Vsa.ni.dll
+ 2009-08-15 21:24 . 2009-08-15 21:24 65024 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e9aba2eab90d647356f65e66053da02b\Microsoft.Build.Framework.ni.dll
- 2009-08-09 08:38 . 2009-08-09 08:38 65024 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e9aba2eab90d647356f65e66053da02b\Microsoft.Build.Framework.ni.dll
- 2009-08-09 08:38 . 2009-08-09 08:38 74752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\28343d470d992f169ca0e7cdb3cc3117\Microsoft.Build.Framework.ni.dll
+ 2009-08-15 21:23 . 2009-08-15 21:23 74752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\28343d470d992f169ca0e7cdb3cc3117\Microsoft.Build.Framework.ni.dll
+ 2009-08-15 21:23 . 2009-08-15 21:23 14336 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\dfsvc\f4e38208e88cb4cc314a1d6543b9fcc6\dfsvc.ni.exe
- 2009-08-09 08:38 . 2009-08-09 08:38 14336 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\dfsvc\f4e38208e88cb4cc314a1d6543b9fcc6\dfsvc.ni.exe
- 2009-08-09 08:37 . 2009-08-09 08:37 25600 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll
+ 2009-08-15 21:23 . 2009-08-15 21:23 25600 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll
- 2009-08-15 20:58 . 2009-08-15 20:58 8192 c:\windows\ERDNT\subs\Users\00000004\UsrClass.dat
+ 2009-08-18 02:09 . 2009-08-18 02:09 8192 c:\windows\ERDNT\subs\Users\00000004\UsrClass.dat
- 2009-08-15 20:58 . 2009-08-15 20:58 8192 c:\windows\ERDNT\subs\Users\00000002\UsrClass.dat
+ 2009-08-18 02:09 . 2009-08-18 02:09 8192 c:\windows\ERDNT\subs\Users\00000002\UsrClass.dat
+ 2004-08-04 11:00 . 2009-07-14 03:43 286208 c:\windows\SYSTEM32\DLLCACHE\wmpdxm.dll
+ 2009-06-10 06:14 . 2009-06-10 06:14 132096 c:\windows\SYSTEM32\DLLCACHE\wkssvc.dll
+ 2004-12-31 23:19 . 2009-08-17 23:29 933888 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2004-12-31 23:19 . 2009-08-15 21:04 933888 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-08-18 02:09 . 2009-08-18 02:09 184320 c:\windows\ERDNT\subs\Users\00000006\UsrClass.dat
- 2009-08-15 20:58 . 2009-08-15 20:58 184320 c:\windows\ERDNT\subs\Users\00000006\UsrClass.dat
+ 2009-08-18 02:09 . 2009-08-18 02:09 237568 c:\windows\ERDNT\subs\Users\00000003\NTUSER.DAT
- 2009-08-15 20:58 . 2009-08-15 20:58 237568 c:\windows\ERDNT\subs\Users\00000003\NTUSER.DAT
- 2009-08-15 20:58 . 2009-08-15 20:58 237568 c:\windows\ERDNT\subs\Users\00000001\NTUSER.DAT
+ 2009-08-18 02:09 . 2009-08-18 02:09 237568 c:\windows\ERDNT\subs\Users\00000001\NTUSER.DAT
- 2009-08-09 08:37 . 2009-08-09 08:37 321536 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\WsatConfig\2ef5bc3a2edd7570bb23886a4f32294a\WsatConfig.ni.exe
+ 2009-08-15 21:22 . 2009-08-15 21:22 321536 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\WsatConfig\2ef5bc3a2edd7570bb23886a4f32294a\WsatConfig.ni.exe
+ 2009-08-15 21:17 . 2009-08-15 21:17 240128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\6a818099f0386e2356ae94f886a2196f\WindowsFormsIntegration.ni.dll
- 2009-08-09 08:35 . 2009-08-09 08:35 240128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\6a818099f0386e2356ae94f886a2196f\WindowsFormsIntegration.ni.dll
- 2009-08-09 08:35 . 2009-08-09 08:35 187904 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationTypes\a6d9503962d47c722231c1478f180695\UIAutomationTypes.ni.dll
+ 2009-08-15 21:15 . 2009-08-15 21:15 187904 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationTypes\a6d9503962d47c722231c1478f180695\UIAutomationTypes.ni.dll
+ 2009-08-15 21:15 . 2009-08-15 21:15 447488 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationClient\5c028c3d8db6c0f0277673ea4a2d89fb\UIAutomationClient.ni.dll
- 2009-08-09 08:35 . 2009-08-09 08:35 447488 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationClient\5c028c3d8db6c0f0277673ea4a2d89fb\UIAutomationClient.ni.dll
+ 2009-08-15 22:07 . 2009-08-15 22:07 400896 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Xml.Linq\c338a470b14851ce5987bb0f0869c310\System.Xml.Linq.ni.dll
- 2009-08-09 08:41 . 2009-08-09 08:41 400896 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Xml.Linq\c338a470b14851ce5987bb0f0869c310\System.Xml.Linq.ni.dll
- 2009-08-09 08:40 . 2009-08-09 08:40 129536 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Routing\bb77ea11f46ab438b2b7ed7c180011a1\System.Web.Routing.ni.dll
+ 2009-08-15 21:30 . 2009-08-15 21:30 129536 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Routing\bb77ea11f46ab438b2b7ed7c180011a1\System.Web.Routing.ni.dll
+ 2009-08-15 22:06 . 2009-08-15 22:06 202240 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.RegularE#\6ee255220d90dcbe80c990e443051cc5\System.Web.RegularExpressions.ni.dll
- 2009-08-09 08:40 . 2009-08-09 08:40 202240 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.RegularE#\6ee255220d90dcbe80c990e443051cc5\System.Web.RegularExpressions.ni.dll
+ 2009-08-15 22:06 . 2009-08-15 22:06 859648 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Extensio#\58f62044fa702ea6f936071aa5520baa\System.Web.Extensions.Design.ni.dll
- 2009-08-09 08:40 . 2009-08-09 08:40 859648 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Extensio#\58f62044fa702ea6f936071aa5520baa\System.Web.Extensions.Design.ni.dll
+ 2009-08-15 22:06 . 2009-08-15 22:06 328704 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Entity\79c29ac85dd57dd485ab60118ac292ff\System.Web.Entity.ni.dll
- 2009-08-09 08:40 . 2009-08-09 08:40 328704 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Entity\79c29ac85dd57dd485ab60118ac292ff\System.Web.Entity.ni.dll
- 2009-08-09 08:40 . 2009-08-09 08:40 301056 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d3d65e34fa60f0b6c72ca0d12ec89933\System.Web.Entity.Design.ni.dll
+ 2009-08-15 22:06 . 2009-08-15 22:06 301056 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d3d65e34fa60f0b6c72ca0d12ec89933\System.Web.Entity.Design.ni.dll
- 2009-08-09 08:40 . 2009-08-09 08:40 547328 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.DynamicD#\b7891f5659db299dbd1b3c72db7edb9f\System.Web.DynamicData.ni.dll
+ 2009-08-15 22:06 . 2009-08-15 22:06 547328 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.DynamicD#\b7891f5659db299dbd1b3c72db7edb9f\System.Web.DynamicData.ni.dll
+ 2009-08-15 21:30 . 2009-08-15 21:30 141312 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Abstract#\00ec08741a765c707bd9169346064a81\System.Web.Abstractions.ni.dll
- 2009-08-09 08:40 . 2009-08-09 08:40 141312 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Abstract#\00ec08741a765c707bd9169346064a81\System.Web.Abstractions.ni.dll
- 2009-08-09 08:40 . 2009-08-09 08:40 627200 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Transactions\5a555c9ae6984c40157cf940bb519f7c\System.Transactions.ni.dll
+ 2009-08-15 21:29 . 2009-08-15 21:29 627200 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Transactions\5a555c9ae6984c40157cf940bb519f7c\System.Transactions.ni.dll
+ 2009-08-15 21:29 . 2009-08-15 21:29 212992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll
- 2009-08-09 08:40 . 2009-08-09 08:40 212992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll
+ 2009-08-15 21:24 . 2009-08-15 21:24 676352 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Security\1c8df2da33222c048d683017f2095f04\System.Security.ni.dll
- 2009-08-09 08:38 . 2009-08-09 08:38 676352 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Security\1c8df2da33222c048d683017f2095f04\System.Security.ni.dll
- 2009-08-09 08:39 . 2009-08-09 08:39 311296 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16d8c3589cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2009-08-15 21:28 . 2009-08-15 21:28 311296 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16d8c3589cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2009-08-15 21:28 . 2009-08-15 21:28 621056 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Net\519d9c618341b136f9b963ffb7495308\System.Net.ni.dll
- 2009-08-09 08:40 . 2009-08-09 08:40 621056 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Net\519d9c618341b136f9b963ffb7495308\System.Net.ni.dll
- 2009-08-09 08:40 . 2009-08-09 08:40 998400 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll
+ 2009-08-15 21:28 . 2009-08-15 21:28 998400 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll
- 2009-08-09 08:39 . 2009-08-09 08:39 330752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Management.I#\1d3fbbd23ce1e8637ef4f40a8d23cd32\System.Management.Instrumentation.ni.dll
+ 2009-08-15 21:28 . 2009-08-15 21:28 330752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Management.I#\1d3fbbd23ce1e8637ef4f40a8d23cd32\System.Management.Instrumentation.ni.dll
- 2009-08-09 08:36 . 2009-08-09 08:36 381440 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IO.Log\7c367a96b10d626ec8cbf8149272d845\System.IO.Log.ni.dll
+ 2009-08-15 21:19 . 2009-08-15 21:19 381440 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IO.Log\7c367a96b10d626ec8cbf8149272d845\System.IO.Log.ni.dll
+ 2009-08-15 21:19 . 2009-08-15 21:19 212992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IdentityMode#\68e71147704ef0d34d9a4bece7767fc5\System.IdentityModel.Selectors.ni.dll
- 2009-08-09 08:36 . 2009-08-09 08:36 212992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IdentityMode#\68e71147704ef0d34d9a4bece7767fc5\System.IdentityModel.Selectors.ni.dll
+ 2009-08-15 21:28 . 2009-08-15 21:28 280064 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.Wrapper.dll
- 2009-08-09 08:39 . 2009-08-09 08:39 280064 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.Wrapper.dll
- 2009-08-09 08:39 . 2009-08-09 08:39 627712 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.ni.dll
+ 2009-08-15 21:28 . 2009-08-15 21:28 627712 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.ni.dll
- 2009-08-09 08:39 . 2009-08-09 08:39 455680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\c434a07332ce490711c27fd0edb7562f\System.DirectoryServices.Protocols.ni.dll
+ 2009-08-15 21:28 . 2009-08-15 21:28 455680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\c434a07332ce490711c27fd0edb7562f\System.DirectoryServices.Protocols.ni.dll
+ 2009-08-15 21:28 . 2009-08-15 21:28 881152 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\8b3bb7a2c2f3ffe94c866283f1cd5957\System.DirectoryServices.AccountManagement.ni.dll
- 2009-08-09 08:39 . 2009-08-09 08:39 881152 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\8b3bb7a2c2f3ffe94c866283f1cd5957\System.DirectoryServices.AccountManagement.ni.dll
+ 2009-08-15 21:27 . 2009-08-15 21:27 939008 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Service#\a4b887f476fa4b8746a93a9fc2208560\System.Data.Services.Client.ni.dll
- 2009-08-09 08:39 . 2009-08-09 08:39 939008 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Service#\a4b887f476fa4b8746a93a9fc2208560\System.Data.Services.Client.ni.dll
+ 2009-08-15 21:28 . 2009-08-15 21:28 354816 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Service#\1cf3acad6553d6c59df576794f4e8bd6\System.Data.Services.Design.ni.dll
- 2009-08-09 08:39 . 2009-08-09 08:39 354816 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Service#\1cf3acad6553d6c59df576794f4e8bd6\System.Data.Services.Design.ni.dll
- 2009-08-09 08:39 . 2009-08-09 08:39 756736 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Entity.#\392de34573f9f8ec885714f2f3e7f07f\System.Data.Entity.Design.ni.dll
+ 2009-08-15 21:27 . 2009-08-15 21:27 756736 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Entity.#\392de34573f9f8ec885714f2f3e7f07f\System.Data.Entity.Design.ni.dll
+ 2009-08-15 21:25 . 2009-08-15 21:25 135680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.DataSet#\1db495ff00bbd14df4af6680c4de0653\System.Data.DataSetExtensions.ni.dll
- 2009-08-09 08:38 . 2009-08-09 08:38 135680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.DataSet#\1db495ff00bbd14df4af6680c4de0653\System.Data.DataSetExtensions.ni.dll
- 2009-08-09 08:38 . 2009-08-09 08:38 971264 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll
+ 2009-08-15 21:24 . 2009-08-15 21:24 971264 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll
+ 2009-08-15 21:28 . 2009-08-15 21:28 141312 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Configuratio#\de514e484e49b04b016949d57ffac03e\System.Configuration.Install.ni.dll
- 2009-08-09 08:39 . 2009-08-09 08:39 141312 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Configuratio#\de514e484e49b04b016949d57ffac03e\System.Configuration.Install.ni.dll
+ 2009-08-15 21:25 . 2009-08-15 21:25 633856 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.AddIn\ce984d754e3c0b6be4504b785cc43574\System.AddIn.ni.dll
- 2009-08-09 08:38 . 2009-08-09 08:38 633856 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.AddIn\ce984d754e3c0b6be4504b785cc43574\System.AddIn.ni.dll
- 2009-08-09 08:37 . 2009-08-09 08:37 366080 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\SMSvcHost\045dd501b7257b1cc26083538ae69045\SMSvcHost.ni.exe
+ 2009-08-15 21:22 . 2009-08-15 21:22 366080 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\SMSvcHost\045dd501b7257b1cc26083538ae69045\SMSvcHost.ni.exe
- 2009-08-09 08:37 . 2009-08-09 08:37 256000 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\SMDiagnostics\9790551187e294b4ed3aaa1c221891c7\SMDiagnostics.ni.dll
+ 2009-08-15 21:22 . 2009-08-15 21:22 256000 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\SMDiagnostics\9790551187e294b4ed3aaa1c221891c7\SMDiagnostics.ni.dll
- 2009-08-09 08:37 . 2009-08-09 08:37 320512 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\ServiceModelReg\10a0c9707876fc1f65e64b811a28b020\ServiceModelReg.ni.exe
+ 2009-08-15 21:22 . 2009-08-15 21:22 320512 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\ServiceModelReg\10a0c9707876fc1f65e64b811a28b020\ServiceModelReg.ni.exe
+ 2009-08-15 21:23 . 2009-08-15 21:23 133632 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\MSBuild\6d38e317128608bc4516ea46ab94590e\MSBuild.ni.exe
- 2009-08-09 08:38 . 2009-08-09 08:38 133632 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\MSBuild\6d38e317128608bc4516ea46ab94590e\MSBuild.ni.exe
+ 2009-08-15 21:22 . 2009-08-15 21:22 386560 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1820d6a012fc0e16c3e1d29d973cd2d0\Microsoft.Transactions.Bridge.Dtc.ni.dll
- 2009-08-09 08:37 . 2009-08-09 08:37 386560 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1820d6a012fc0e16c3e1d29d973cd2d0\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2009-08-15 21:25 . 2009-08-15 21:25 144384 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\55b9eff9e23359faed4351386c062238\Microsoft.Build.Utilities.ni.dll
- 2009-08-09 08:38 . 2009-08-09 08:38 144384 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\55b9eff9e23359faed4351386c062238\Microsoft.Build.Utilities.ni.dll
+ 2009-08-15 21:25 . 2009-08-15 21:25 175104 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4217124db1ea5de5f1a1f3eea75e8d32\Microsoft.Build.Utilities.v3.5.ni.dll
- 2009-08-09 08:38 . 2009-08-09 08:38 175104 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4217124db1ea5de5f1a1f3eea75e8d32\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-08-15 21:24 . 2009-08-15 21:24 839680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\96825c34d7e1f7df1923ff2123bed8da\Microsoft.Build.Engine.ni.dll
- 2009-08-09 08:38 . 2009-08-09 08:38 839680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\96825c34d7e1f7df1923ff2123bed8da\Microsoft.Build.Engine.ni.dll
+ 2009-08-15 21:24 . 2009-08-15 21:24 222720 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\9b321ebf67587237f576df6104a32588\Microsoft.Build.Conversion.v3.5.ni.dll
- 2009-08-09 08:38 . 2009-08-09 08:38 222720 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\9b321ebf67587237f576df6104a32588\Microsoft.Build.Conversion.v3.5.ni.dll
- 2009-08-09 08:38 . 2009-08-09 08:38 220672 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\CustomMarshalers\9bea05938bee3555c5aa8763d89a68f9\CustomMarshalers.ni.dll
+ 2009-08-15 21:24 . 2009-08-15 21:24 220672 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\CustomMarshalers\9bea05938bee3555c5aa8763d89a68f9\CustomMarshalers.ni.dll
+ 2009-08-15 21:22 . 2009-08-15 21:22 410112 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\ComSvcConfig\12629e2f3e315459bee67cbbaac85cb2\ComSvcConfig.ni.exe
- 2009-08-09 08:37 . 2009-08-09 08:37 410112 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\ComSvcConfig\12629e2f3e315459bee67cbbaac85cb2\ComSvcConfig.ni.exe
- 2009-08-09 08:37 . 2009-08-09 08:37 842240 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\AspNetMMCExt\b5b2feadc3943e3976daebc0bcd2b5e2\AspNetMMCExt.ni.dll
+ 2009-08-15 21:23 . 2009-08-15 21:23 842240 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\AspNetMMCExt\b5b2feadc3943e3976daebc0bcd2b5e2\AspNetMMCExt.ni.dll
+ 2004-08-04 11:00 . 2009-06-10 13:19 2066432 c:\windows\SYSTEM32\DLLCACHE\mstscax.dll
+ 2009-08-18 02:09 . 2009-08-18 02:09 3784704 c:\windows\ERDNT\subs\Users\00000005\NTUSER.DAT
+ 2009-08-15 21:15 . 2009-08-15 21:15 1049600 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationClients#\f3c7957351aec85f526a3350c9718b1e\UIAutomationClientsideProviders.ni.dll
- 2009-08-09 08:35 . 2009-08-09 08:35 1049600 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationClients#\f3c7957351aec85f526a3350c9718b1e\UIAutomationClientsideProviders.ni.dll
+ 2009-08-15 21:14 . 2009-08-15 21:14 5450752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll
- 2009-08-09 08:35 . 2009-08-09 08:35 5450752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll
+ 2009-08-15 22:07 . 2009-08-15 22:07 1356288 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.WorkflowServ#\ac1750e78d79520dcf19195772eff1b6\System.WorkflowServices.ni.dll
- 2009-08-09 08:41 . 2009-08-09 08:41 1356288 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.WorkflowServ#\ac1750e78d79520dcf19195772eff1b6\System.WorkflowServices.ni.dll
- 2009-08-09 08:41 . 2009-08-09 08:41 1908224 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Run#\d265da36954fcb4cb7ad5adc693ea0f2\System.Workflow.Runtime.ni.dll
+ 2009-08-15 22:07 . 2009-08-15 22:07 1908224 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Run#\d265da36954fcb4cb7ad5adc693ea0f2\System.Workflow.Runtime.ni.dll
- 2009-08-09 08:41 . 2009-08-09 08:41 4514304 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Com#\693a8fbe6f7ad6e4e429052da4317e59\System.Workflow.ComponentModel.ni.dll
+ 2009-08-15 22:07 . 2009-08-15 22:07 4514304 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Com#\693a8fbe6f7ad6e4e429052da4317e59\System.Workflow.ComponentModel.ni.dll
+ 2009-08-15 22:06 . 2009-08-15 22:06 2992640 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Act#\cc99fbbac0b6e4e9ca62093e49b0c16b\System.Workflow.Activities.ni.dll
- 2009-08-09 08:41 . 2009-08-09 08:41 2992640 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Act#\cc99fbbac0b6e4e9ca62093e49b0c16b\System.Workflow.Activities.ni.dll
- 2009-08-09 08:40 . 2009-08-09 08:40 1840640 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Services\b57bb002a655920cbfa2bee29d1e22b7\System.Web.Services.ni.dll
+ 2009-08-15 22:06 . 2009-08-15 22:06 1840640 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Services\b57bb002a655920cbfa2bee29d1e22b7\System.Web.Services.ni.dll
+ 2009-08-15 22:06 . 2009-08-15 22:06 2209280 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Mobile\81197e32ec931f439b3114e9031b65d6\System.Web.Mobile.ni.dll
- 2009-08-09 08:40 . 2009-08-09 08:40 2209280 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Mobile\81197e32ec931f439b3114e9031b65d6\System.Web.Mobile.ni.dll
+ 2009-08-15 22:06 . 2009-08-15 22:06 2403328 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Extensio#\7f64c9d25471b72e1e957bdfe67947c8\System.Web.Extensions.ni.dll
- 2009-08-09 08:40 . 2009-08-09 08:40 2403328 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Extensio#\7f64c9d25471b72e1e957bdfe67947c8\System.Web.Extensions.ni.dll
- 2009-08-09 08:35 . 2009-08-09 08:35 1917440 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Speech\63cf639b6e0a3c25c1643c85016e7422\System.Speech.ni.dll
+ 2009-08-15 21:12 . 2009-08-15 21:12 1917440 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Speech\63cf639b6e0a3c25c1643c85016e7422\System.Speech.ni.dll
+ 2009-08-15 21:29 . 2009-08-15 21:29 1706496 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceModel#\340cad17fe57947eacbc8fa2cea780da\System.ServiceModel.Web.ni.dll
- 2009-08-09 08:40 . 2009-08-09 08:40 1706496 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceModel#\340cad17fe57947eacbc8fa2cea780da\System.ServiceModel.Web.ni.dll
- 2009-08-09 08:37 . 2009-08-09 08:37 2338304 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Runtime.Seri#\034c91b133dee73d452652c52767b5ea\System.Runtime.Serialization.ni.dll
+ 2009-08-15 21:19 . 2009-08-15 21:19 2338304 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Runtime.Seri#\034c91b133dee73d452652c52767b5ea\System.Runtime.Serialization.ni.dll
- 2009-08-09 08:35 . 2009-08-09 08:35 1035264 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Printing\646ab52eef343380aa002c220dc31e13\System.Printing.ni.dll
+ 2009-08-15 21:11 . 2009-08-15 21:11 1035264 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Printing\646ab52eef343380aa002c220dc31e13\System.Printing.ni.dll
- 2009-08-09 08:36 . 2009-08-09 08:36 1056768 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IdentityModel\c2de8479e54852f56996f79bc93acb13\System.IdentityModel.ni.dll
+ 2009-08-15 21:19 . 2009-08-15 21:19 1056768 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IdentityModel\c2de8479e54852f56996f79bc93acb13\System.IdentityModel.ni.dll
- 2009-08-09 08:39 . 2009-08-09 08:39 1116672 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\543aced762f6b0c3f8e037955941afc6\System.DirectoryServices.ni.dll
+ 2009-08-15 21:28 . 2009-08-15 21:28 1116672 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\543aced762f6b0c3f8e037955941afc6\System.DirectoryServices.ni.dll
+ 2009-08-15 21:28 . 2009-08-15 21:28 1801216 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Deployment\a6b58624486714fa71e5e35186850ff0\System.Deployment.ni.dll
- 2009-08-09 08:39 . 2009-08-09 08:39 1801216 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Deployment\a6b58624486714fa71e5e35186850ff0\System.Deployment.ni.dll
- 2009-08-09 08:38 . 2009-08-09 08:38 2510336 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.SqlXml\826b09ab0d0e36f4d631b4cd335df511\System.Data.SqlXml.ni.dll
+ 2009-08-15 21:24 . 2009-08-15 21:24 2510336 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.SqlXml\826b09ab0d0e36f4d631b4cd335df511\System.Data.SqlXml.ni.dll
+ 2009-08-15 21:27 . 2009-08-15 21:27 1328128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Services\956a513dcbd44d5a6801840ef2b0b47b\System.Data.Services.ni.dll
- 2009-08-09 08:39 . 2009-08-09 08:39 1328128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Services\956a513dcbd44d5a6801840ef2b0b47b\System.Data.Services.ni.dll
+ 2009-08-15 21:27 . 2009-08-15 21:27 9924096 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Entity\6479f975b105808a8d9e7a7fdc762551\System.Data.Entity.ni.dll
- 2009-08-09 08:39 . 2009-08-09 08:39 9924096 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Entity\6479f975b105808a8d9e7a7fdc762551\System.Data.Entity.ni.dll
+ 2009-08-15 21:25 . 2009-08-15 21:25 1712128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll
- 2009-08-09 08:38 . 2009-08-09 08:38 1712128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll
- 2009-08-09 08:37 . 2009-08-09 08:37 1093120 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Transacti#\6b2f62f5e981913fce1d223f645d9ddf\Microsoft.Transactions.Bridge.ni.dll
+ 2009-08-15 21:22 . 2009-08-15 21:22 1093120 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Transacti#\6b2f62f5e981913fce1d223f645d9ddf\Microsoft.Transactions.Bridge.ni.dll
- 2009-08-09 08:40 . 2009-08-09 08:40 2332160 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.JScript\b261961046545831aa60963e84905968\Microsoft.JScript.ni.dll
+ 2009-08-15 21:28 . 2009-08-15 21:28 2332160 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.JScript\b261961046545831aa60963e84905968\Microsoft.JScript.ni.dll
+ 2009-08-15 21:24 . 2009-08-15 21:24 1620992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\bd241492d96db39f20e758c13c845033\Microsoft.Build.Tasks.ni.dll
- 2009-08-09 08:38 . 2009-08-09 08:38 1620992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\bd241492d96db39f20e758c13c845033\Microsoft.Build.Tasks.ni.dll
+ 2009-08-15 21:25 . 2009-08-15 21:25 1966080 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\a47100d8f4574bed2d49d83d0ab8964e\Microsoft.Build.Tasks.v3.5.ni.dll
- 2009-08-09 08:38 . 2009-08-09 08:38 1966080 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\a47100d8f4574bed2d49d83d0ab8964e\Microsoft.Build.Tasks.v3.5.ni.dll
- 2009-08-09 08:38 . 2009-08-09 08:38 1888768 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6cfe582681724965fb817e8ece5f0909\Microsoft.Build.Engine.ni.dll
+ 2009-08-15 21:23 . 2009-08-15 21:23 1888768 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6cfe582681724965fb817e8ece5f0909\Microsoft.Build.Engine.ni.dll
+ 2004-08-04 11:00 . 2009-07-14 03:43 10841088 c:\windows\SYSTEM32\wmp.dll
+ 2009-03-30 03:10 . 2009-07-30 00:49 24281536 c:\windows\SYSTEM32\MRT.exe
+ 2009-07-14 03:43 . 2009-07-14 03:43 10841088 c:\windows\SYSTEM32\DLLCACHE\wmp.dll
+ 2009-08-15 21:13 . 2009-08-15 21:13 12430848 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll
- 2009-08-09 08:35 . 2009-08-09 08:35 12430848 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll
- 2009-08-09 08:40 . 2009-08-09 08:40 11796992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll
+ 2009-08-15 21:29 . 2009-08-15 21:29 11796992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll
- 2009-08-09 08:37 . 2009-08-09 08:37 17317888 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceModel\4146033013edebd7e0cb604e504ebfee\System.ServiceModel.ni.dll
+ 2009-08-15 21:21 . 2009-08-15 21:21 17317888 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceModel\4146033013edebd7e0cb604e504ebfee\System.ServiceModel.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AIM"="c:\program files\AIM\aim.exe" [2005-08-05 67160]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-08-12 21741864]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OSCD_Creator"="c:\dell\PreODM.EXE" [2004-10-31 408576]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-02 136600]
"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2005-05-12 180269]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"SiteAdvisor"="c:\program files\SiteAdvisor\6172\SiteAdv.exe" [2007-02-09 36904]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-01-09 645328]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"snp2std"="c:\windows\vsnp2std.exe" [2006-09-15 675840]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"OSCD_Creator"="c:\dell\PreODM.EXE" [2004-10-31 408576]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Update Utility"="\\?\globalroot\systemroot\system32\vfhr.exe" [?]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2007-5-19 118784]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\SYSTEM32\\LEXPPS.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
"c:\\Program Files\\McAfee\\MPF\\MpfSrv.exe"=
"c:\\Program Files\\Dell Support Center\\bin\\sprtsvc.exe"=
R3 Am772;AMD Alchemy Solutions Wireless 802.11 Adapter;c:\windows\SYSTEM32\DRIVERS\Am772.sys [7/10/2003 6:47 PM 151894]
S0 $sys$cor;$sys$cor;c:\windows\system32\Drivers\$sys$cor.sys --> c:\windows\system32\Drivers\$sys$cor.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-06-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 16:34]
2009-06-15 c:\windows\Tasks\McDefragTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2007-02-15 15:53]
2009-06-01 c:\windows\Tasks\McQcTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2007-02-15 15:53]
2009-08-17 c:\windows\Tasks\User_Feed_Synchronization-{DF4C93FD-E010-495E-BE2B-9D30E0F32456}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 08:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-17 22:12
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
OSCD_Creator = c:\dell\PreODM.EXE /2??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(1464)
c:\windows\system32\WININET.dll
c:\program files\SiteAdvisor\6172\saHook.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SYSTEM32\LEXBCES.EXE
c:\windows\SYSTEM32\LEXPPS.EXE
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\progra~1\McAfee\MSC\mcmscsvc.exe
c:\program files\Common Files\McAfee\MNA\McNASvc.exe
c:\progra~1\COMMON~1\McAfee\McProxy\McProxy.exe
c:\progra~1\McAfee\VIRUSS~1\Mcshield.exe
c:\program files\McAfee\MSK\msksrver.exe
c:\windows\SYSTEM32\HPZipm12.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\progra~1\McAfee.com\Agent\mcagent.exe
c:\windows\SYSTEM32\wscntfy.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\McAfee\MPF\MpfSrv.exe
c:\program files\Java\jre6\bin\jucheck.exe
.
**************************************************************************
.
Completion time: 2009-08-18 22:23 - machine was rebooted
ComboFix-quarantined-files.txt 2009-08-18 02:23
ComboFix2.txt 2009-08-15 21:40
ComboFix3.txt 2009-06-24 15:05
Pre-Run: 34,695,454,720 bytes free
Post-Run: 34,904,555,520 bytes free
402 --- E O F --- 2009-08-16 02:24
Malwarebytes' Anti-Malware 1.40
Database version: 2650
Windows 5.1.2600 Service Pack 3
8/18/2009 3:22:41 PM
mbam-log-2009-08-18 (15-22-41).txt
Scan type: Quick Scan
Objects scanned: 120573
Time elapsed: 6 minute(s), 33 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:24:51 PM, on 8/18/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [OSCD_Creator] c:\Dell\PreODM.EXE
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [intelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [OSCD_Creator] C:\Dell\PreODM.EXE /2
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [Windows Update Utility] \\?\globalroot\systemroot\system32\vfhr.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Windows Update Utility] \\?\globalroot\systemroot\system32\vfhr.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Risk/Images/stg_drm.ocx
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Risk/Images/armhelper.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
--
End of file - 9878 bytes
-
this is the hijack this log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:43:49 PM, on 8/15/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\wscntfy.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [OSCD_Creator] c:\Dell\PreODM.EXE
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [intelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [OSCD_Creator] C:\Dell\PreODM.EXE /2
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-18\..\Run: [Windows Update Utility] \\?\globalroot\systemroot\system32\vfhr.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Windows Update Utility] \\?\globalroot\systemroot\system32\vfhr.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Risk/Images/stg_drm.ocx
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Risk/Images/armhelper.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
--
End of file - 9964 bytes
-
+ 2008-07-25 15:17 . 2008-07-25 15:17 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 13824 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\CvtResUI.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\alinkui.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 96768 c:\windows\Microsoft.NET\Framework\v1.0.3705\mscormmc.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 16896 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 82944 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2009-03-20 01:50 . 2009-03-20 01:50 51712 c:\windows\Installer\84b23a2.msi
+ 2004-12-22 03:13 . 2004-12-22 03:13 72704 c:\windows\Installer\83f5.msi
+ 2009-06-02 01:41 . 2009-06-02 01:41 99328 c:\windows\Installer\5e50e31.msi
+ 2008-07-30 01:07 . 2008-07-30 01:07 23040 c:\windows\Installer\1f588f1.msp
+ 2009-08-09 08:16 . 2009-08-09 08:16 88576 c:\windows\Installer\1f014ed.msi
+ 2009-08-09 08:10 . 2009-04-30 21:22 12800 c:\windows\ie8updates\KB972260-IE8\xpshims.dll
+ 2009-08-09 08:10 . 2009-03-08 08:31 55296 c:\windows\ie8updates\KB972260-IE8\msfeedsbs.dll
+ 2009-08-09 08:10 . 2009-04-30 21:22 25600 c:\windows\ie8updates\KB972260-IE8\jsproxy.dll
+ 2009-08-09 08:18 . 2008-07-06 12:06 89088 c:\windows\Driver Cache\I386\filterpipelineprintproc.dll
+ 2009-08-09 08:35 . 2009-08-09 08:35 60928 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationProvider\a715aa442ef87ae99b3ade185599249d\UIAutomationProvider.ni.dll
+ 2009-08-09 08:40 . 2009-08-09 08:40 37888 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Windows.Pres#\423f794d1f4ed6e120fbb02e436491cb\System.Windows.Presentation.ni.dll
+ 2009-08-09 08:40 . 2009-08-09 08:40 36864 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.DynamicD#\19ca1747c1ea18a3b639b302bca8df93\System.Web.DynamicData.Design.ni.dll
+ 2009-08-09 08:38 . 2009-08-09 08:38 94208 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ComponentMod#\532438e2acfcadc469a4d468c51f8451\System.ComponentModel.DataAnnotations.ni.dll
+ 2009-08-09 08:38 . 2009-08-09 08:38 82944 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.AddIn.Contra#\597b20e1b053d6a510cfe033c07a63e6\System.AddIn.Contract.ni.dll
+ 2009-08-15 21:03 . 2009-08-15 21:03 47104 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFontCac#\2d7408a0232f2e2efd0d7adf5dfa733a\PresentationFontCache.ni.exe
+ 2009-08-09 08:28 . 2009-08-09 08:28 39424 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationCFFRast#\c8fd2d9233f8ea3031fb16f697635231\PresentationCFFRasterizer.ni.dll
+ 2009-08-09 08:40 . 2009-08-09 08:40 55296 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Vsa\790cf1edb17ee41b59be62ecbd59613b\Microsoft.Vsa.ni.dll
+ 2009-08-09 08:38 . 2009-08-09 08:38 65024 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e9aba2eab90d647356f65e66053da02b\Microsoft.Build.Framework.ni.dll
+ 2009-08-09 08:38 . 2009-08-09 08:38 74752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\28343d470d992f169ca0e7cdb3cc3117\Microsoft.Build.Framework.ni.dll
+ 2009-08-09 08:38 . 2009-08-09 08:38 14336 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\dfsvc\f4e38208e88cb4cc314a1d6543b9fcc6\dfsvc.ni.exe
+ 2009-08-09 08:37 . 2009-08-09 08:37 25600 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Accessibility\11eb4f6606ba01e5128805759121ea6c\Accessibility.ni.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 94208 c:\windows\ASSEMBLY\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 98304 c:\windows\ASSEMBLY\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 40960 c:\windows\ASSEMBLY\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 12288 c:\windows\ASSEMBLY\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 61440 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 77824 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 32768 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 77824 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 32768 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 73728 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll
- 2009-04-04 21:23 . 2009-04-04 21:23 81920 c:\windows\ASSEMBLY\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 81920 c:\windows\ASSEMBLY\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 53248 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 81920 c:\windows\ASSEMBLY\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2009-04-04 21:23 . 2009-04-04 21:23 81920 c:\windows\ASSEMBLY\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 57344 c:\windows\ASSEMBLY\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 45056 c:\windows\ASSEMBLY\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 46104 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
+ 2009-08-09 08:19 . 2009-08-09 08:19 32768 c:\windows\ASSEMBLY\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 32768 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2009-04-04 21:22 . 2009-04-04 21:22 32768 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 12800 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2009-04-04 21:23 . 2009-04-04 21:23 12800 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 41984 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 28672 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2009-04-04 21:22 . 2009-04-04 21:22 28672 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 77824 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 94208 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 36864 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 36864 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2009-04-04 21:23 . 2009-04-04 21:23 36864 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 77824 c:\windows\ASSEMBLY\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2009-04-04 21:23 . 2009-04-04 21:23 13312 c:\windows\ASSEMBLY\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 13312 c:\windows\ASSEMBLY\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2009-04-04 21:23 . 2009-04-04 21:23 10752 c:\windows\ASSEMBLY\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 10752 c:\windows\ASSEMBLY\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 72192 c:\windows\ASSEMBLY\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2009-04-04 21:23 . 2009-04-04 21:23 72192 c:\windows\ASSEMBLY\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 69120 c:\windows\ASSEMBLY\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 5632 c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 7168 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft_VsaVb.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
- 2005-09-23 11:29 . 2005-09-23 11:29 5632 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualC.Dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 6656 c:\windows\Microsoft.NET\Framework\v2.0.50727\IIEHost.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 8192 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExecRemote.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
- 2005-09-23 11:28 . 2005-09-23 11:28 9728 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 5120 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe
+ 2009-08-15 20:58 . 2009-08-15 20:58 8192 c:\windows\ERDNT\subs\Users\00000004\UsrClass.dat
+ 2009-08-15 20:58 . 2009-08-15 20:58 8192 c:\windows\ERDNT\subs\Users\00000002\UsrClass.dat
+ 2009-08-09 08:21 . 2009-08-09 08:21 5632 c:\windows\ASSEMBLY\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 7168 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2009-04-04 21:22 . 2009-04-04 21:22 7168 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 5632 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2009-04-04 21:24 . 2009-04-04 21:24 5632 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 6656 c:\windows\ASSEMBLY\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 8192 c:\windows\ASSEMBLY\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2009-04-04 21:23 . 2009-04-04 21:23 8192 c:\windows\ASSEMBLY\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2009-04-04 21:23 . 2009-04-04 21:23 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2007-11-07 06:19 . 2007-11-07 06:19 655872 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
+ 2007-11-07 06:19 . 2007-11-07 06:19 568832 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
+ 2007-11-07 01:23 . 2007-11-07 01:23 224768 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 635904 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 558080 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcp80.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcm80.dll
+ 2008-07-30 01:26 . 2008-07-30 01:26 301568 c:\windows\SYSTEM32\XPSViewer\XPSViewer.exe
+ 2008-07-29 23:59 . 2008-07-29 23:59 161296 c:\windows\SYSTEM32\UIAutomationCore.dll
+ 2009-08-09 08:18 . 2008-07-06 12:06 765440 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\mxdwdrv.dll
+ 2009-08-09 08:18 . 2008-07-06 12:06 765440 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\i386\mxdwdrv.dll
+ 2009-08-09 08:18 . 2008-07-06 12:06 748032 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\mxdwdrv.dll
+ 2009-08-09 08:18 . 2008-07-06 12:06 748032 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\amd64\mxdwdrv.dll
+ 2009-08-09 08:18 . 2008-07-06 12:06 147456 c:\windows\SYSTEM32\SPOOL\PRTPROCS\x64\filterpipelineprintproc.dll
+ 2009-08-09 08:18 . 2008-07-06 10:50 597504 c:\windows\SYSTEM32\SPOOL\PRTPROCS\W32X86\printfilterpipelinesvc.exe
- 2005-05-20 06:33 . 2007-05-15 08:08 761344 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unires.dll
+ 2005-05-20 06:33 . 2008-03-13 04:52 761344 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unires.dll
+ 2005-05-20 06:33 . 2008-07-06 12:06 744960 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrvui.dll
- 2005-05-20 06:33 . 2008-04-14 00:12 373248 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrv.dll
+ 2005-05-20 06:33 . 2008-07-06 12:06 373248 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\unidrv.dll
+ 2009-08-09 08:18 . 2008-07-06 12:06 198656 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\mxdwdui.dll
+ 2009-08-09 08:18 . 2008-07-06 12:06 765440 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\mxdwdrv.dll
+ 2006-08-24 20:15 . 2006-08-24 20:15 150808 c:\windows\SYSTEM32\rgb9rast_2.dll
+ 2008-07-29 23:59 . 2008-07-29 23:59 781344 c:\windows\SYSTEM32\PresentationNative_v0300.dll
+ 2008-07-30 00:35 . 2008-07-30 00:35 326160 c:\windows\SYSTEM32\PresentationHost.exe
+ 2008-07-29 23:59 . 2008-07-29 23:59 105016 c:\windows\SYSTEM32\PresentationCFFRasterizerNative_v0300.dll
+ 2004-12-22 02:59 . 2009-08-09 08:26 445370 c:\windows\SYSTEM32\PERFH009.DAT
+ 2004-08-04 11:00 . 2009-07-03 17:09 206848 c:\windows\SYSTEM32\occache.dll
- 2006-11-08 02:03 . 2009-03-08 08:32 594432 c:\windows\SYSTEM32\msfeeds.dll
+ 2006-11-08 02:03 . 2009-07-03 17:09 594432 c:\windows\SYSTEM32\msfeeds.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 158720 c:\windows\SYSTEM32\mscorier.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 282112 c:\windows\SYSTEM32\mscoree.dll
+ 2004-08-04 11:00 . 2009-07-03 17:09 184320 c:\windows\SYSTEM32\iepeers.dll
+ 2004-08-04 11:00 . 2009-07-03 17:09 386048 c:\windows\SYSTEM32\iedkcs32.dll
+ 2004-08-04 11:00 . 2009-07-03 11:01 173056 c:\windows\SYSTEM32\ie4uinit.exe
- 2004-08-04 11:00 . 2009-04-30 11:21 173056 c:\windows\SYSTEM32\ie4uinit.exe
+ 2008-07-29 23:24 . 2008-07-29 23:24 622080 c:\windows\SYSTEM32\icardagt.exe
+ 2004-08-10 19:08 . 2009-08-09 08:31 146808 c:\windows\SYSTEM32\FNTCACHE.DAT
+ 2008-07-30 01:10 . 2008-07-30 01:10 493048 c:\windows\SYSTEM32\evr.dll
- 2006-05-10 05:23 . 2009-05-13 05:15 915456 c:\windows\SYSTEM32\DLLCACHE\wininet.dll
+ 2006-05-10 05:23 . 2009-07-03 17:09 915456 c:\windows\SYSTEM32\DLLCACHE\wininet.dll
+ 2009-06-16 14:36 . 2009-06-16 14:36 119808 c:\windows\SYSTEM32\DLLCACHE\t2embed.dll
+ 2006-10-17 17:04 . 2009-07-03 17:09 206848 c:\windows\SYSTEM32\DLLCACHE\occache.dll
+ 2007-05-08 21:39 . 2009-07-03 17:09 594432 c:\windows\SYSTEM32\DLLCACHE\msfeeds.dll
- 2007-05-08 21:39 . 2009-03-08 08:32 594432 c:\windows\SYSTEM32\DLLCACHE\msfeeds.dll
+ 2009-06-12 19:46 . 2009-07-03 17:09 246272 c:\windows\SYSTEM32\DLLCACHE\ieproxy.dll
- 2009-06-12 19:46 . 2009-04-30 21:22 246272 c:\windows\SYSTEM32\DLLCACHE\ieproxy.dll
+ 2006-05-10 05:22 . 2009-07-03 17:09 184320 c:\windows\SYSTEM32\DLLCACHE\iepeers.dll
+ 2004-08-04 11:00 . 2009-07-03 17:09 386048 c:\windows\SYSTEM32\DLLCACHE\iedkcs32.dll
+ 2004-08-04 11:00 . 2009-07-03 11:01 173056 c:\windows\SYSTEM32\DLLCACHE\ie4uinit.exe
- 2004-08-04 11:00 . 2009-04-30 11:21 173056 c:\windows\SYSTEM32\DLLCACHE\ie4uinit.exe
+ 2004-12-31 23:19 . 2009-08-15 21:04 933888 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2004-12-31 23:19 . 2009-06-24 14:13 933888 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-08-30 00:03 . 2004-07-17 15:41 366080 c:\windows\ServicePackFiles\i386\digreqex.msi
+ 2008-08-30 00:03 . 2004-07-17 15:41 863232 c:\windows\ServicePackFiles\i386\digopt.msi
+ 2008-07-30 03:40 . 2008-07-30 03:40 196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi
+ 2008-07-29 22:47 . 2008-07-29 22:47 110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
+ 2008-07-29 22:47 . 2008-07-29 22:47 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll
+ 2008-07-30 03:15 . 2008-07-30 03:15 225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat
+ 2008-07-30 03:40 . 2008-07-30 03:40 233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll
+ 2008-07-30 00:35 . 2008-07-30 00:35 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll
+ 2008-07-29 23:59 . 2008-07-29 23:59 132120 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2008-07-30 01:10 . 2008-07-30 01:10 806928 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NaturalLanguage6.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe
+ 2008-07-29 23:16 . 2008-07-29 23:16 966656 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
+ 2008-07-29 23:16 . 2008-07-29 23:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe
+ 2008-07-29 23:16 . 2008-07-29 23:16 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll
+ 2008-07-29 23:24 . 2008-07-29 23:24 881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
+ 2008-07-29 23:16 . 2008-07-29 23:16 168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe
+ 2008-11-25 08:59 . 2008-11-25 08:59 436040 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 839680 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Services.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 835584 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.Mobile.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 261632 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Transactions.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 114688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.ServiceProcess.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 131072 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 303104 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Remoting.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Messaging.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Management.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 113664 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Wrapper.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 626688 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 188416 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.Protocols.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 401408 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.DirectoryServices.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 970752 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Deployment.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 745472 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.SqlXml.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 486400 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 425984 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.configuration.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\sysglobl.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 392184 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 118784 c:\windows\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 143360 c:\windows\Microsoft.NET\Framework\v2.0.50727\peverify.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 100856 c:\windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 230912 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvc.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 345600 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 114176 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 364872 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 308224 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbi.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 990032 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 659456 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.dll
- 2005-09-23 11:29 . 2005-09-23 11:29 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 372736 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
- 2005-09-23 11:29 . 2005-09-23 11:29 110592 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 749568 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.JScript.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 655360 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Tasks.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 348160 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Engine.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 230904 c:\windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 798224 c:\windows\Microsoft.NET\Framework\v2.0.50727\EventLogMessages.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 575496 c:\windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 507904 c:\windows\Microsoft.NET\Framework\v2.0.50727\AspNetMMCExt.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
- 2005-09-23 11:28 . 2005-09-23 11:28 106496 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 147968 c:\windows\Microsoft.NET\Framework\v2.0.50727\AdoNetDiag.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 218112 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\Vsavb7rtUI.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 193016 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\vbc7ui.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 145408 c:\windows\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
+ 2006-06-03 23:01 . 2006-06-03 23:01 258048 c:\windows\Installer\f8d422b.msi
+ 2008-11-13 08:01 . 2008-11-13 08:01 432640 c:\windows\Installer\c6b66f5.msi
+ 2008-10-24 21:00 . 2008-10-24 21:00 125952 c:\windows\Installer\95db1d.msp
+ 2005-09-28 02:18 . 2005-09-28 02:18 203264 c:\windows\Installer\87cb234.msi
+ 2005-09-28 02:18 . 2005-09-28 02:18 129536 c:\windows\Installer\87cb22f.msi
+ 2005-09-28 02:18 . 2005-09-28 02:18 130048 c:\windows\Installer\87cb22a.msi
+ 2005-09-28 02:14 . 2005-09-28 02:14 290304 c:\windows\Installer\87caf78.msi
+ 2005-09-28 02:14 . 2005-09-28 02:14 129536 c:\windows\Installer\87caf73.msi
+ 2005-09-28 02:14 . 2005-09-28 02:14 698880 c:\windows\Installer\87caf60.msi
+ 2005-09-28 02:13 . 2005-09-28 02:13 342016 c:\windows\Installer\87caf51.msi
+ 2005-09-28 02:13 . 2005-09-28 02:13 287232 c:\windows\Installer\87caf30.msi
+ 2005-09-28 02:13 . 2005-09-28 02:13 135168 c:\windows\Installer\87caf2b.msi
+ 2004-12-22 03:15 . 2004-12-22 03:15 293376 c:\windows\Installer\8410.msi
+ 2004-12-22 03:13 . 2004-12-22 03:13 656896 c:\windows\Installer\83f9.msi
+ 2004-12-22 03:12 . 2004-12-22 03:12 669696 c:\windows\Installer\83f1.msi
+ 2004-12-22 03:10 . 2004-12-22 03:10 171008 c:\windows\Installer\83d0.msi
+ 2004-12-22 03:09 . 2004-12-22 03:09 275968 c:\windows\Installer\83cc.msi
+ 2004-12-22 03:08 . 2004-12-22 03:08 621056 c:\windows\Installer\83bb.msi
+ 2004-08-10 19:08 . 2004-08-10 19:08 264704 c:\windows\Installer\7506.MSI
+ 2007-08-16 07:02 . 2007-08-16 07:02 431104 c:\windows\Installer\6334ae2.msi
+ 2006-11-15 08:01 . 2006-11-15 08:01 428544 c:\windows\Installer\5412655c.msi
+ 2005-01-23 03:14 . 2005-01-23 03:14 336896 c:\windows\Installer\42a0e.msi
+ 2009-03-02 19:43 . 2009-03-02 19:43 562176 c:\windows\Installer\3eec211.msi
+ 2005-04-21 02:01 . 2005-04-21 02:01 307712 c:\windows\Installer\39a67.msi
+ 2008-03-11 23:39 . 2008-03-11 23:39 569856 c:\windows\Installer\33b32e6.msp
+ 2008-10-26 20:59 . 2008-10-26 20:59 445440 c:\windows\Installer\2a405bf.msp
+ 2005-10-03 20:51 . 2005-10-03 20:51 178688 c:\windows\Installer\263bf76f.msi
+ 2009-01-21 22:39 . 2009-01-21 22:39 119296 c:\windows\Installer\2455076.msp
+ 2006-09-03 20:16 . 2006-09-03 20:16 171008 c:\windows\Installer\231368f6.msi
+ 2009-04-04 21:57 . 2009-04-04 21:57 213504 c:\windows\Installer\22ea581.msi
+ 2008-12-13 13:58 . 2008-12-13 13:58 754688 c:\windows\Installer\1f7ad8f.msp
+ 2009-08-09 08:21 . 2009-08-09 08:21 648192 c:\windows\Installer\1f7ad6c.msi
+ 2008-07-30 01:23 . 2008-07-30 01:23 250880 c:\windows\Installer\1f588fa.msp
+ 2008-07-30 01:28 . 2008-07-30 01:28 278016 c:\windows\Installer\1f588f8.msp
+ 2008-07-29 23:40 . 2008-07-29 23:40 291840 c:\windows\Installer\1f588f6.msp
+ 2009-08-09 08:20 . 2009-08-09 08:20 137728 c:\windows\Installer\1f588f0.msi
+ 2008-07-29 21:35 . 2008-07-29 21:35 553472 c:\windows\Installer\1f014f2.msp
+ 2008-07-29 21:33 . 2008-07-29 21:33 506368 c:\windows\Installer\1f014f0.msp
+ 2008-07-29 21:37 . 2008-07-29 21:37 911360 c:\windows\Installer\1f014ef.msp
+ 2009-03-20 15:48 . 2009-03-20 15:48 183808 c:\windows\Installer\1bd96.msp
+ 2007-05-19 12:07 . 2007-05-19 12:07 390656 c:\windows\Installer\188f3b57.msi
+ 2008-03-23 05:39 . 2008-03-23 05:39 289792 c:\windows\Installer\108940.msi
+ 2009-08-09 08:10 . 2009-05-13 05:15 915456 c:\windows\ie8updates\KB972260-IE8\wininet.dll
+ 2009-08-09 08:10 . 2009-05-26 11:40 382840 c:\windows\ie8updates\KB972260-IE8\spuninst\updspapi.dll
+ 2009-08-09 08:10 . 2009-05-26 11:40 231288 c:\windows\ie8updates\KB972260-IE8\spuninst\spuninst.exe
+ 2009-08-09 08:10 . 2009-03-08 08:34 109568 c:\windows\ie8updates\KB972260-IE8\occache.dll
+ 2009-08-09 08:10 . 2009-03-08 08:32 594432 c:\windows\ie8updates\KB972260-IE8\msfeeds.dll
+ 2009-08-09 08:10 . 2009-04-30 21:22 246272 c:\windows\ie8updates\KB972260-IE8\ieproxy.dll
+ 2009-08-09 08:10 . 2009-03-08 08:31 183808 c:\windows\ie8updates\KB972260-IE8\iepeers.dll
+ 2009-08-09 08:10 . 2009-04-30 21:22 385536 c:\windows\ie8updates\KB972260-IE8\iedkcs32.dll
+ 2009-08-09 08:10 . 2009-04-30 11:21 173056 c:\windows\ie8updates\KB972260-IE8\ie4uinit.exe
+ 2009-08-15 20:58 . 2009-08-15 20:58 184320 c:\windows\ERDNT\subs\Users\00000006\UsrClass.dat
+ 2009-08-15 20:58 . 2009-08-15 20:58 237568 c:\windows\ERDNT\subs\Users\00000003\NTUSER.DAT
+ 2009-08-15 20:58 . 2009-08-15 20:58 237568 c:\windows\ERDNT\subs\Users\00000001\NTUSER.DAT
+ 2009-08-09 08:18 . 2008-03-13 04:52 761344 c:\windows\Driver Cache\I386\unires.dll
+ 2009-08-09 08:18 . 2008-07-06 12:06 744960 c:\windows\Driver Cache\I386\unidrvui.dll
+ 2009-08-09 08:18 . 2008-07-06 12:06 373248 c:\windows\Driver Cache\I386\unidrv.dll
+ 2009-08-09 08:18 . 2008-07-06 12:06 198656 c:\windows\Driver Cache\I386\mxdwdui.dll
+ 2009-08-09 08:18 . 2008-07-06 12:06 765440 c:\windows\Driver Cache\I386\mxdwdrv.dll
+ 2004-12-22 03:08 . 2004-12-22 03:08 576512 c:\windows\Downloaded Installations\{D7027C31-E9CC-4B3F-A5A7-B36F69DB679E}\Banctec Service Agreement.msi
+ 2005-12-25 15:04 . 2005-04-04 07:07 982016 c:\windows\Downloaded Installations\{78F4DFCE-1336-4027-BCB2-1A00C24A8653}\ISScript11.Msi
+ 2006-07-14 16:57 . 2005-04-04 06:07 982016 c:\windows\Downloaded Installations\{54C0D94A-F467-4ABC-9D02-6E58748668D4}\ISScript11.Msi
+ 2004-12-22 03:10 . 2004-12-22 03:10 413428 c:\windows\Downloaded Installations\{3AE813DE-06D6-4C11-AB7D-3832AA721F16}\Get High Speed Internet!.msi
+ 2009-08-09 08:37 . 2009-08-09 08:37 321536 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\WsatConfig\2ef5bc3a2edd7570bb23886a4f32294a\WsatConfig.ni.exe
+ 2009-08-09 08:35 . 2009-08-09 08:35 240128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\6a818099f0386e2356ae94f886a2196f\WindowsFormsIntegration.ni.dll
+ 2009-08-09 08:35 . 2009-08-09 08:35 187904 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationTypes\a6d9503962d47c722231c1478f180695\UIAutomationTypes.ni.dll
+ 2009-08-09 08:35 . 2009-08-09 08:35 447488 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationClient\5c028c3d8db6c0f0277673ea4a2d89fb\UIAutomationClient.ni.dll
+ 2009-08-09 08:41 . 2009-08-09 08:41 400896 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Xml.Linq\c338a470b14851ce5987bb0f0869c310\System.Xml.Linq.ni.dll
+ 2009-08-09 08:40 . 2009-08-09 08:40 129536 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Routing\bb77ea11f46ab438b2b7ed7c180011a1\System.Web.Routing.ni.dll
+ 2009-08-09 08:40 . 2009-08-09 08:40 202240 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.RegularE#\6ee255220d90dcbe80c990e443051cc5\System.Web.RegularExpressions.ni.dll
+ 2009-08-09 08:40 . 2009-08-09 08:40 859648 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Extensio#\58f62044fa702ea6f936071aa5520baa\System.Web.Extensions.Design.ni.dll
+ 2009-08-09 08:40 . 2009-08-09 08:40 328704 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Entity\79c29ac85dd57dd485ab60118ac292ff\System.Web.Entity.ni.dll
+ 2009-08-09 08:40 . 2009-08-09 08:40 301056 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Entity.D#\d3d65e34fa60f0b6c72ca0d12ec89933\System.Web.Entity.Design.ni.dll
+ 2009-08-09 08:40 . 2009-08-09 08:40 547328 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.DynamicD#\b7891f5659db299dbd1b3c72db7edb9f\System.Web.DynamicData.ni.dll
+ 2009-08-09 08:40 . 2009-08-09 08:40 141312 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Abstract#\00ec08741a765c707bd9169346064a81\System.Web.Abstractions.ni.dll
+ 2009-08-09 08:40 . 2009-08-09 08:40 627200 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Transactions\5a555c9ae6984c40157cf940bb519f7c\System.Transactions.ni.dll
+ 2009-08-09 08:40 . 2009-08-09 08:40 212992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll
+ 2009-08-09 08:38 . 2009-08-09 08:38 676352 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Security\1c8df2da33222c048d683017f2095f04\System.Security.ni.dll
+ 2009-08-09 08:39 . 2009-08-09 08:39 311296 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16d8c3589cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2009-08-09 08:40 . 2009-08-09 08:40 621056 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Net\519d9c618341b136f9b963ffb7495308\System.Net.ni.dll
+ 2009-08-09 08:40 . 2009-08-09 08:40 998400 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Management\8642fdfbf02a6cb6f01169fe6fdb5d11\System.Management.ni.dll
+ 2009-08-09 08:39 . 2009-08-09 08:39 330752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Management.I#\1d3fbbd23ce1e8637ef4f40a8d23cd32\System.Management.Instrumentation.ni.dll
+ 2009-08-09 08:36 . 2009-08-09 08:36 381440 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IO.Log\7c367a96b10d626ec8cbf8149272d845\System.IO.Log.ni.dll
+ 2009-08-09 08:36 . 2009-08-09 08:36 212992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IdentityMode#\68e71147704ef0d34d9a4bece7767fc5\System.IdentityModel.Selectors.ni.dll
+ 2009-08-09 08:39 . 2009-08-09 08:39 280064 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.Wrapper.dll
+ 2009-08-09 08:39 . 2009-08-09 08:39 627712 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.EnterpriseSe#\4267bd908175603006c6c90bb5d900c7\System.EnterpriseServices.ni.dll
+ 2009-08-15 21:08 . 2009-08-15 21:08 208384 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Drawing.Desi#\18bbe2b6717e7f1d1dd672526e9889ee\System.Drawing.Design.ni.dll
+ 2009-08-09 08:39 . 2009-08-09 08:39 455680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\c434a07332ce490711c27fd0edb7562f\System.DirectoryServices.Protocols.ni.dll
+ 2009-08-09 08:39 . 2009-08-09 08:39 881152 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\8b3bb7a2c2f3ffe94c866283f1cd5957\System.DirectoryServices.AccountManagement.ni.dll
+ 2009-08-09 08:39 . 2009-08-09 08:39 939008 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Service#\a4b887f476fa4b8746a93a9fc2208560\System.Data.Services.Client.ni.dll
+ 2009-08-09 08:39 . 2009-08-09 08:39 354816 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Service#\1cf3acad6553d6c59df576794f4e8bd6\System.Data.Services.Design.ni.dll
+ 2009-08-09 08:39 . 2009-08-09 08:39 756736 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Entity.#\392de34573f9f8ec885714f2f3e7f07f\System.Data.Entity.Design.ni.dll
+ 2009-08-09 08:38 . 2009-08-09 08:38 135680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.DataSet#\1db495ff00bbd14df4af6680c4de0653\System.Data.DataSetExtensions.ni.dll
+ 2009-08-09 08:38 . 2009-08-09 08:38 971264 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll
+ 2009-08-09 08:39 . 2009-08-09 08:39 141312 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Configuratio#\de514e484e49b04b016949d57ffac03e\System.Configuration.Install.ni.dll
+ 2009-08-09 08:38 . 2009-08-09 08:38 633856 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.AddIn\ce984d754e3c0b6be4504b785cc43574\System.AddIn.ni.dll
+ 2009-08-09 08:37 . 2009-08-09 08:37 366080 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\SMSvcHost\045dd501b7257b1cc26083538ae69045\SMSvcHost.ni.exe
+ 2009-08-09 08:37 . 2009-08-09 08:37 256000 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\SMDiagnostics\9790551187e294b4ed3aaa1c221891c7\SMDiagnostics.ni.dll
+ 2009-08-09 08:37 . 2009-08-09 08:37 320512 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\ServiceModelReg\10a0c9707876fc1f65e64b811a28b020\ServiceModelReg.ni.exe
+ 2009-08-15 21:05 . 2009-08-15 21:05 224768 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFramewo#\f475294d8c7dc2dd4febeef27bc0417e\PresentationFramework.Classic.ni.dll
+ 2009-08-15 21:05 . 2009-08-15 21:05 539648 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFramewo#\8003abaf6bcf70f7eb620d06837e897b\PresentationFramework.Luna.ni.dll
+ 2009-08-15 21:05 . 2009-08-15 21:05 368128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFramewo#\59a67874d8d8475faa5be1d993083d12\PresentationFramework.Aero.ni.dll
+ 2009-08-15 21:05 . 2009-08-15 21:05 258048 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFramewo#\2c980c9a5051d723c6ec2a78a3d0e2b3\PresentationFramework.Royale.ni.dll
+ 2009-08-09 08:38 . 2009-08-09 08:38 133632 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\MSBuild\6d38e317128608bc4516ea46ab94590e\MSBuild.ni.exe
+ 2009-08-09 08:37 . 2009-08-09 08:37 386560 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Transacti#\1820d6a012fc0e16c3e1d29d973cd2d0\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2009-08-09 08:38 . 2009-08-09 08:38 144384 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\55b9eff9e23359faed4351386c062238\Microsoft.Build.Utilities.ni.dll
+ 2009-08-09 08:38 . 2009-08-09 08:38 175104 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\4217124db1ea5de5f1a1f3eea75e8d32\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2009-08-09 08:38 . 2009-08-09 08:38 839680 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\96825c34d7e1f7df1923ff2123bed8da\Microsoft.Build.Engine.ni.dll
+ 2009-08-09 08:38 . 2009-08-09 08:38 222720 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\9b321ebf67587237f576df6104a32588\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2009-08-09 08:38 . 2009-08-09 08:38 220672 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\CustomMarshalers\9bea05938bee3555c5aa8763d89a68f9\CustomMarshalers.ni.dll
+ 2009-08-09 08:37 . 2009-08-09 08:37 410112 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\ComSvcConfig\12629e2f3e315459bee67cbbaac85cb2\ComSvcConfig.ni.exe
+ 2009-08-09 08:37 . 2009-08-09 08:37 842240 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\AspNetMMCExt\b5b2feadc3943e3976daebc0bcd2b5e2\AspNetMMCExt.ni.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 385024 c:\windows\ASSEMBLY\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 167936 c:\windows\ASSEMBLY\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 139264 c:\windows\ASSEMBLY\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 507904 c:\windows\ASSEMBLY\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 540672 c:\windows\ASSEMBLY\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 839680 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2009-04-04 21:24 . 2009-04-04 21:24 835584 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 835584 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 335872 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll
+ 2009-08-09 08:28 . 2009-08-09 08:28 139264 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 131072 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll
+ 2009-08-09 08:28 . 2009-08-09 08:28 229376 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 688128 c:\windows\ASSEMBLY\GAC_MSIL\System.Speech\3.0.0.0__31bf3856ad364e35\System.Speech.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 114688 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2009-04-04 21:23 . 2009-04-04 21:23 114688 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 569344 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll
- 2009-04-04 21:23 . 2009-04-04 21:23 258048 c:\windows\ASSEMBLY\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 258048 c:\windows\ASSEMBLY\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 966656 c:\windows\ASSEMBLY\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 131072 c:\windows\ASSEMBLY\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2009-04-04 21:23 . 2009-04-04 21:23 131072 c:\windows\ASSEMBLY\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 303104 c:\windows\ASSEMBLY\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 233472 c:\windows\ASSEMBLY\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll
- 2009-04-04 21:23 . 2009-04-04 21:23 258048 c:\windows\ASSEMBLY\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 258048 c:\windows\ASSEMBLY\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 372736 c:\windows\ASSEMBLY\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 143360 c:\windows\ASSEMBLY\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 131072 c:\windows\ASSEMBLY\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 430080 c:\windows\ASSEMBLY\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 126976 c:\windows\ASSEMBLY\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 626688 c:\windows\ASSEMBLY\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 401408 c:\windows\ASSEMBLY\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2009-04-04 21:23 . 2009-04-04 21:23 188416 c:\windows\ASSEMBLY\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 188416 c:\windows\ASSEMBLY\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 286720 c:\windows\ASSEMBLY\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 970752 c:\windows\ASSEMBLY\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 745472 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2009-08-09 08:28 . 2009-08-09 08:28 442368 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 114688 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll
+ 2009-08-09 08:28 . 2009-08-09 08:28 294912 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 684032 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 229376 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 667648 c:\windows\ASSEMBLY\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 425984 c:\windows\ASSEMBLY\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 163840 c:\windows\ASSEMBLY\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll
- 2009-04-04 21:23 . 2009-04-04 21:23 110592 c:\windows\ASSEMBLY\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 110592 c:\windows\ASSEMBLY\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 110592 c:\windows\ASSEMBLY\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 528384 c:\windows\ASSEMBLY\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 864256 c:\windows\ASSEMBLY\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 163840 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 397312 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 139264 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 196608 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 598016 c:\windows\ASSEMBLY\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 659456 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 372736 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2009-04-04 21:24 . 2009-04-04 21:24 372736 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2009-04-04 21:24 . 2009-04-04 21:24 110592 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 110592 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 397312 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 749568 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 655360 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 802816 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 733184 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 348160 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 106496 c:\windows\ASSEMBLY\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 507904 c:\windows\ASSEMBLY\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 261632 c:\windows\ASSEMBLY\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 368640 c:\windows\ASSEMBLY\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 113664 c:\windows\ASSEMBLY\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2009-04-04 21:23 . 2009-04-04 21:23 258048 c:\windows\ASSEMBLY\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 258048 c:\windows\ASSEMBLY\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 486400 c:\windows\ASSEMBLY\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 163840 c:\windows\ASSEMBLY\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
+ 2004-08-04 11:00 . 2004-08-04 11:00 1326080 c:\windows\SYSTEM32\WEBFLDRS.MSI
+ 2004-08-04 11:00 . 2009-07-03 17:09 1208832 c:\windows\SYSTEM32\urlmon.dll
+ 2009-08-09 08:18 . 2008-07-06 12:06 1676288 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\xpssvcs.dll
+ 2009-08-09 08:18 . 2008-07-06 12:06 1676288 c:\windows\SYSTEM32\SPOOL\XPSEP\i386\i386\xpssvcs.dll
+ 2009-08-09 08:18 . 2008-07-06 21:36 2936832 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\xpssvcs.dll
+ 2009-08-09 08:18 . 2008-07-06 21:36 2936832 c:\windows\SYSTEM32\SPOOL\XPSEP\amd64\amd64\xpssvcs.dll
+ 2009-08-09 08:18 . 2008-07-06 12:06 1676288 c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\XpsSvcs.dll
+ 2004-08-04 11:00 . 2009-07-19 13:18 5937152 c:\windows\SYSTEM32\mshtml.dll
+ 2006-10-17 16:57 . 2009-07-03 17:09 1985536 c:\windows\SYSTEM32\iertutil.dll
+ 2006-05-10 05:23 . 2009-07-03 17:09 1208832 c:\windows\SYSTEM32\DLLCACHE\urlmon.dll
+ 2008-05-07 05:12 . 2009-06-03 19:09 1291264 c:\windows\SYSTEM32\DLLCACHE\quartz.dll
+ 2006-05-19 15:08 . 2009-07-19 13:18 5937152 c:\windows\SYSTEM32\DLLCACHE\mshtml.dll
+ 2007-05-08 21:39 . 2009-07-03 17:09 1985536 c:\windows\SYSTEM32\DLLCACHE\iertutil.dll
+ 2004-12-31 23:26 . 2004-12-22 03:07 9946112 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\Application Data\{7148F0A6-6813-11D6-A77B-00B0D0142030}\Java 2 Runtime Environment, SE v1.4.2_03.msi
+ 2008-08-30 00:06 . 2004-08-04 11:00 1326080 c:\windows\ServicePackFiles\i386\webfldrs.msi
+ 2008-08-30 00:05 . 2004-07-17 15:41 5080576 c:\windows\ServicePackFiles\i386\msnmsgs.msi
+ 2008-07-30 03:40 . 2008-07-30 03:40 1720824 c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe
+ 2008-07-29 22:47 . 2008-07-29 22:47 1054208 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 1364992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 1064448 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 1548280 c:\windows\Microsoft.NET\Framework\v3.5\csc.exe
+ 2008-12-05 23:35 . 2008-12-05 23:35 1736528 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
+ 2008-07-30 01:10 . 2008-07-30 01:10 2637840 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsLexicons0009.dll
+ 2008-07-30 01:10 . 2008-07-30 01:10 4883464 c:\windows\Microsoft.NET\Framework\v3.0\WPF\NlsData0009.dll
+ 2008-12-06 00:12 . 2008-12-06 00:12 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 1344000 c:\windows\Microsoft.NET\Framework\v2.0.50727\VsaVb7rt.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 1172472 c:\windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
+ 2008-11-25 08:59 . 2008-11-25 08:59 2048000 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.XML.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 5025792 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Windows.Forms.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 3149824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 5062656 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 2933248 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Data.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 5813576 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 4546560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 1163768 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
+ 2007-05-25 16:08 . 2007-05-25 16:08 9609728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp
+ 2008-08-28 17:18 . 2008-08-28 17:18 1247744 c:\windows\Installer\efc01d6.msi
+ 2005-12-26 20:43 . 2005-12-26 20:43 3037184 c:\windows\Installer\dd58ed.msi
+ 2008-08-14 07:26 . 2008-08-14 07:26 5314048 c:\windows\Installer\c7aecff.msp
+ 2007-04-14 02:21 . 2007-04-14 02:21 1392128 c:\windows\Installer\bbfe9b.msi
+ 2008-10-22 00:19 . 2008-10-22 00:19 3771904 c:\windows\Installer\a35747a.msi
+ 2008-10-22 00:16 . 2008-10-22 00:16 1652224 c:\windows\Installer\a3572ee.msi
+ 2008-10-22 00:14 . 2008-10-22 00:14 8990208 c:\windows\Installer\a3572e9.msi
+ 2008-10-22 00:09 . 2008-10-22 00:09 3152384 c:\windows\Installer\a35703b.msi
+ 2005-09-28 02:17 . 2005-09-28 02:17 3459584 c:\windows\Installer\87cb225.msi
+ 2009-01-15 07:35 . 2009-01-15 07:35 4830720 c:\windows\Installer\84b23a8.msp
+ 2004-12-22 03:09 . 2004-12-22 03:09 1914880 c:\windows\Installer\83c6.msi
+ 2008-08-21 23:29 . 2008-08-21 23:29 1888768 c:\windows\Installer\57b786d.msi
+ 2004-08-10 19:10 . 2004-08-10 19:10 3443712 c:\windows\Installer\50C4.MSI
+ 2006-07-14 15:58 . 2006-07-14 15:58 7435776 c:\windows\Installer\3928d2e6.msi
+ 2005-02-11 12:06 . 2005-02-11 12:06 5864960 c:\windows\Installer\32aa0b6.msp
+ 2008-02-13 09:15 . 2008-02-13 09:15 2417152 c:\windows\Installer\311fb017.msp
+ 2005-01-22 20:37 . 2005-01-22 20:37 1188864 c:\windows\Installer\2d5dc.msi
+ 2008-01-26 23:25 . 2008-01-26 23:25 2051072 c:\windows\Installer\2ac96828.msi
+ 2005-05-26 23:47 . 2005-05-26 23:47 4716032 c:\windows\Installer\27cd68.msi
+ 2008-12-13 13:57 . 2008-12-13 13:57 8397824 c:\windows\Installer\1f7ad7a.msp
+ 2008-07-29 23:26 . 2008-07-29 23:26 1043456 c:\windows\Installer\1f588f9.msp
+ 2008-07-30 00:37 . 2008-07-30 00:37 2679808 c:\windows\Installer\1f588f7.msp
+ 2008-07-30 01:15 . 2008-07-30 01:15 3697664 c:\windows\Installer\1f588f5.msp
+ 2008-07-29 23:34 . 2008-07-29 23:34 1448448 c:\windows\Installer\1f588f4.msp
+ 2008-07-30 00:22 . 2008-07-30 00:22 4137984 c:\windows\Installer\1f588f3.msp
+ 2008-07-29 23:18 . 2008-07-29 23:18 3376640 c:\windows\Installer\1f588f2.msp
+ 2008-07-29 21:45 . 2008-07-29 21:45 2543616 c:\windows\Installer\1f014f6.msp
+ 2008-07-29 21:29 . 2008-07-29 21:29 2926080 c:\windows\Installer\1f014f5.msp
+ 2008-07-29 21:41 . 2008-07-29 21:41 6487040 c:\windows\Installer\1f014f4.msp
+ 2008-07-29 21:39 . 2008-07-29 21:39 3403264 c:\windows\Installer\1f014f3.msp
+ 2008-07-29 21:43 . 2008-07-29 21:43 1013248 c:\windows\Installer\1f014f1.msp
+ 2008-07-29 21:31 . 2008-07-29 21:31 6083072 c:\windows\Installer\1f014ee.msp
+ 2005-12-25 15:03 . 2005-12-25 15:03 7417344 c:\windows\Installer\1bdc612.msi
+ 2008-08-29 21:10 . 2008-08-29 21:10 1549312 c:\windows\Installer\1ad7c3.msi
+ 2005-04-03 19:37 . 2005-04-03 19:37 2593792 c:\windows\Installer\14fe730c.msp
+ 2004-10-21 21:56 . 2004-10-21 21:56 5533696 c:\windows\Installer\14fe72f9.msp
+ 2004-10-21 14:23 . 2004-10-21 14:23 3581952 c:\windows\Installer\14fe72e4.msp
+ 2005-03-02 14:23 . 2005-03-02 14:23 4775424 c:\windows\Installer\14fe72d3.msp
+ 2005-04-22 19:29 . 2005-04-22 19:29 4855296 c:\windows\Installer\14fe72c2.msp
+ 2009-08-09 08:10 . 2009-04-30 21:22 1207808 c:\windows\ie8updates\KB972260-IE8\urlmon.dll
+ 2009-08-09 08:10 . 2009-05-13 05:15 5936128 c:\windows\ie8updates\KB972260-IE8\mshtml.dll
+ 2009-08-09 08:10 . 2009-04-30 21:22 1985024 c:\windows\ie8updates\KB972260-IE8\iertutil.dll
+ 2005-10-05 20:00 . 2005-10-05 20:00 2220544 c:\windows\Hewlett-Packard\Setup Files\HP Software Update\{BB4EE741-CA46-4345-A3B7-1AECBFAB0AFE}\HP Software Update.msi
+ 2009-08-15 20:58 . 2009-08-15 20:58 3776512 c:\windows\ERDNT\subs\Users\00000005\NTUSER.DAT
+ 2005-12-25 15:04 . 2005-09-16 15:15 9926144 c:\windows\Downloaded Installations\{78F4DFCE-1336-4027-BCB2-1A00C24A8653}\iTunes.msi
+ 2006-07-14 16:57 . 2006-06-19 20:04 9934848 c:\windows\Downloaded Installations\{54C0D94A-F467-4ABC-9D02-6E58748668D4}\iTunes.msi
+ 2009-08-09 08:29 . 2009-08-09 08:29 3313664 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\WindowsBase\14cd5f4b61d35f9b76327d6be9853755\WindowsBase.ni.dll
+ 2009-08-09 08:35 . 2009-08-09 08:35 1049600 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\UIAutomationClients#\f3c7957351aec85f526a3350c9718b1e\UIAutomationClientsideProviders.ni.dll
+ 2009-08-09 08:28 . 2009-08-09 08:28 7868416 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll
+ 2009-08-09 08:35 . 2009-08-09 08:35 5450752 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll
+ 2009-08-09 08:41 . 2009-08-09 08:41 1356288 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.WorkflowServ#\ac1750e78d79520dcf19195772eff1b6\System.WorkflowServices.ni.dll
+ 2009-08-09 08:41 . 2009-08-09 08:41 1908224 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Run#\d265da36954fcb4cb7ad5adc693ea0f2\System.Workflow.Runtime.ni.dll
+ 2009-08-09 08:41 . 2009-08-09 08:41 4514304 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Com#\693a8fbe6f7ad6e4e429052da4317e59\System.Workflow.ComponentModel.ni.dll
+ 2009-08-09 08:41 . 2009-08-09 08:41 2992640 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Workflow.Act#\cc99fbbac0b6e4e9ca62093e49b0c16b\System.Workflow.Activities.ni.dll
+ 2009-08-09 08:40 . 2009-08-09 08:40 1840640 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Services\b57bb002a655920cbfa2bee29d1e22b7\System.Web.Services.ni.dll
+ 2009-08-09 08:40 . 2009-08-09 08:40 2209280 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Mobile\81197e32ec931f439b3114e9031b65d6\System.Web.Mobile.ni.dll
+ 2009-08-09 08:40 . 2009-08-09 08:40 2403328 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web.Extensio#\7f64c9d25471b72e1e957bdfe67947c8\System.Web.Extensions.ni.dll
+ 2009-08-09 08:35 . 2009-08-09 08:35 1917440 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Speech\63cf639b6e0a3c25c1643c85016e7422\System.Speech.ni.dll
+ 2009-08-09 08:40 . 2009-08-09 08:40 1706496 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceModel#\340cad17fe57947eacbc8fa2cea780da\System.ServiceModel.Web.ni.dll
+ 2009-08-09 08:37 . 2009-08-09 08:37 2338304 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Runtime.Seri#\034c91b133dee73d452652c52767b5ea\System.Runtime.Serialization.ni.dll
+ 2009-08-09 08:35 . 2009-08-09 08:35 1035264 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Printing\646ab52eef343380aa002c220dc31e13\System.Printing.ni.dll
+ 2009-08-09 08:36 . 2009-08-09 08:36 1056768 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.IdentityModel\c2de8479e54852f56996f79bc93acb13\System.IdentityModel.ni.dll
+ 2009-08-15 21:08 . 2009-08-15 21:08 1587200 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab9202626ae44c18d226c\System.Drawing.ni.dll
+ 2009-08-09 08:39 . 2009-08-09 08:39 1116672 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.DirectorySer#\543aced762f6b0c3f8e037955941afc6\System.DirectoryServices.ni.dll
+ 2009-08-09 08:39 . 2009-08-09 08:39 1801216 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Deployment\a6b58624486714fa71e5e35186850ff0\System.Deployment.ni.dll
+ 2009-08-15 21:06 . 2009-08-15 21:06 6616576 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data\c70731047b0022638b3f9fb158948a03\System.Data.ni.dll
+ 2009-08-09 08:38 . 2009-08-09 08:38 2510336 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.SqlXml\826b09ab0d0e36f4d631b4cd335df511\System.Data.SqlXml.ni.dll
+ 2009-08-09 08:39 . 2009-08-09 08:39 1328128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Services\956a513dcbd44d5a6801840ef2b0b47b\System.Data.Services.ni.dll
+ 2009-08-15 21:06 . 2009-08-15 21:06 2516480 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Linq\0bbec79460b1137df5313f9baf7b246f\System.Data.Linq.ni.dll
+ 2009-08-09 08:39 . 2009-08-09 08:39 9924096 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Data.Entity\6479f975b105808a8d9e7a7fdc762551\System.Data.Entity.ni.dll
+ 2009-08-15 21:06 . 2009-08-15 21:06 2295296 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Core\47d87251e93256c635eb73403b8db33e\System.Core.ni.dll
+ 2009-08-15 21:05 . 2009-08-15 21:05 2128896 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\ReachFramework\4bfb3048bf200a6a8592d1b4ba861a7f\ReachFramework.ni.dll
+ 2009-08-15 21:05 . 2009-08-15 21:05 1657856 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationUI\6bafb1a2a73794ddb9761cb321c9e7e2\PresentationUI.ni.dll
+ 2009-08-09 08:28 . 2009-08-09 08:28 1451008 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationBuildTa#\e634bc4c4a00635a0a254febab0e2e2c\PresentationBuildTasks.ni.dll
+ 2009-08-09 08:38 . 2009-08-09 08:38 1712128 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1c86afc399d0fdd8e069266ffbe748d1\Microsoft.VisualBasic.ni.dll
+ 2009-08-09 08:37 . 2009-08-09 08:37 1093120 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Transacti#\6b2f62f5e981913fce1d223f645d9ddf\Microsoft.Transactions.Bridge.ni.dll
+ 2009-08-09 08:40 . 2009-08-09 08:40 2332160 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.JScript\b261961046545831aa60963e84905968\Microsoft.JScript.ni.dll
+ 2009-08-09 08:38 . 2009-08-09 08:38 1620992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\bd241492d96db39f20e758c13c845033\Microsoft.Build.Tasks.ni.dll
+ 2009-08-09 08:38 . 2009-08-09 08:38 1966080 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\a47100d8f4574bed2d49d83d0ab8964e\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2009-08-09 08:38 . 2009-08-09 08:38 1888768 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6cfe582681724965fb817e8ece5f0909\Microsoft.Build.Engine.ni.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 1245184 c:\windows\ASSEMBLY\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 3149824 c:\windows\ASSEMBLY\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 2048000 c:\windows\ASSEMBLY\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 1630208 c:\windows\ASSEMBLY\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 1138688 c:\windows\ASSEMBLY\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 5025792 c:\windows\ASSEMBLY\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2009-08-09 08:28 . 2009-08-09 08:28 1277952 c:\windows\ASSEMBLY\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2009-08-09 08:27 . 2009-08-09 08:27 5931008 c:\windows\ASSEMBLY\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 5062656 c:\windows\ASSEMBLY\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2009-08-09 08:21 . 2009-08-09 08:21 2879488 c:\windows\ASSEMBLY\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll
+ 2009-08-09 08:27 . 2009-08-09 08:27 5283840 c:\windows\ASSEMBLY\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 5242880 c:\windows\ASSEMBLY\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 2933248 c:\windows\ASSEMBLY\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2009-08-09 08:19 . 2009-08-09 08:19 4210688 c:\windows\ASSEMBLY\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2009-08-09 08:25 . 2009-08-09 08:25 4546560 c:\windows\ASSEMBLY\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2009-03-30 03:10 . 2009-07-07 15:10 24539592 c:\windows\SYSTEM32\MRT.exe
+ 2006-11-08 02:03 . 2009-07-19 22:48 11067392 c:\windows\SYSTEM32\ieframe.dll
+ 2007-05-08 21:39 . 2009-07-19 22:48 11067392 c:\windows\SYSTEM32\DLLCACHE\ieframe.dll
+ 2007-07-11 07:00 . 2007-07-11 07:00 15256576 c:\windows\Installer\2543a793.msp
+ 2008-12-13 14:21 . 2008-12-13 14:21 10473472 c:\windows\Installer\1f7ad84.msp
+ 2004-08-10 19:10 . 2004-08-10 19:10 19204096 c:\windows\Installer\1599F.MSP
+ 2004-07-08 04:23 . 2004-07-08 04:23 18643968 c:\windows\Installer\14fe72af.msp
+ 2009-08-09 08:10 . 2009-04-30 21:22 11064832 c:\windows\ie8updates\KB972260-IE8\ieframe.dll
+ 2005-12-25 14:53 . 2008-03-23 05:26 35885568 c:\windows\Downloaded Installations\{B9C0ED57-3C59-4B31-9AE9-50E12D0357DD}\iPod for Windows 2005-09-23.msi
+ 2006-07-14 15:57 . 2006-07-14 15:56 45631488 c:\windows\Downloaded Installations\{ADF0CB4C-E2E8-41AC-832B-81F52F0FE755}\iPod for Windows 2006-06-28.msi
+ 2009-08-09 08:35 . 2009-08-09 08:35 12430848 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll
+ 2009-08-09 08:40 . 2009-08-09 08:40 11796992 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll
+ 2009-08-09 08:37 . 2009-08-09 08:37 17317888 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.ServiceModel\4146033013edebd7e0cb604e504ebfee\System.ServiceModel.ni.dll
+ 2009-08-15 21:07 . 2009-08-15 21:07 10683392 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\System.Design\8ee220bc3cce4f7bbd7818946519ed7f\System.Design.ni.dll
+ 2009-08-15 21:04 . 2009-08-15 21:04 14327808 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationFramewo#\96e710f47c601cba3f2348a8d11ddede\PresentationFramework.ni.dll
+ 2009-08-15 21:03 . 2009-08-15 21:03 12216320 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\PresentationCore\956375d487cbef36165b3250030e3574\PresentationCore.ni.dll
+ 2009-08-15 21:02 . 2009-08-15 21:02 11486720 c:\windows\ASSEMBLY\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AIM"="c:\program files\AIM\aim.exe" [2005-08-05 67160]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-08-12 21741864]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OSCD_Creator"="c:\dell\PreODM.EXE" [2004-10-31 408576]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-02 136600]
"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2005-05-12 180269]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"SiteAdvisor"="c:\program files\SiteAdvisor\6172\SiteAdv.exe" [2007-02-09 36904]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-01-09 645328]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"snp2std"="c:\windows\vsnp2std.exe" [2006-09-15 675840]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"OSCD_Creator"="c:\dell\PreODM.EXE" [2004-10-31 408576]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Update Utility"="\\?\globalroot\systemroot\system32\vfhr.exe" [?]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2007-5-19 118784]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\SYSTEM32\\LEXPPS.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
"c:\\Program Files\\McAfee\\MPF\\MpfSrv.exe"=
"c:\\Program Files\\Dell Support Center\\bin\\sprtsvc.exe"=
R0 $sys$cor;$sys$cor;c:\windows\SYSTEM32\DRIVERS\$sys$cor.sys [10/6/2004 10:11 AM 10368]
R3 Am772;AMD Alchemy Solutions Wireless 802.11 Adapter;c:\windows\SYSTEM32\DRIVERS\Am772.sys [7/10/2003 6:47 PM 151894]
S2 vltinuyvkadws;vltinuyvkadws;\??\c:\windows\system32\drivers\zcohxi.sys --> c:\windows\system32\drivers\zcohxi.sys [?]
S3 gkmixern;gkmixern;\??\c:\docume~1\emily\LOCALS~1\Temp\gkmixern.sys --> c:\docume~1\emily\LOCALS~1\Temp\gkmixern.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-06-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 16:34]
2009-06-15 c:\windows\Tasks\McDefragTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2007-02-15 15:53]
2009-06-01 c:\windows\Tasks\McQcTask.job
- c:\program files\mcafee\mqc\QcConsol.exe [2007-02-15 15:53]
2009-08-15 c:\windows\Tasks\User_Feed_Synchronization-{DF4C93FD-E010-495E-BE2B-9D30E0F32456}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 08:31]
.
- - - - ORPHANS REMOVED - - - -
BHO-{3F1866D7-E21A-4403-A609-D8F2090567DF} - (no file)
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-15 17:08
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
OSCD_Creator = c:\dell\PreODM.EXE /2??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(3676)
c:\windows\system32\WININET.dll
c:\program files\SiteAdvisor\6172\saHook.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Microsoft Office\OFFICE11\msohev.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SYSTEM32\LEXBCES.EXE
c:\windows\SYSTEM32\LEXPPS.EXE
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\progra~1\McAfee\MSC\mcmscsvc.exe
c:\program files\Common Files\McAfee\MNA\McNASvc.exe
c:\progra~1\COMMON~1\McAfee\McProxy\McProxy.exe
c:\progra~1\McAfee\VIRUSS~1\Mcshield.exe
c:\program files\McAfee\MSK\msksrver.exe
c:\windows\SYSTEM32\HPZipm12.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
c:\progra~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\program files\McAfee\MPF\MpfSrv.exe
c:\windows\SYSTEM32\wscntfy.exe
c:\progra~1\McAfee.com\Agent\mcagent.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\Java\jre6\bin\jucheck.exe
.
**************************************************************************
.
Completion time: 2009-08-15 17:39 - machine was rebooted
ComboFix-quarantined-files.txt 2009-08-15 21:39
ComboFix2.txt 2009-06-24 15:05
Pre-Run: 35,310,465,024 bytes free
Post-Run: 34,898,407,424 bytes free
934 --- E O F --- 2009-08-15 21:06
-
I am going to post the logs within two post because the logs are too large for one post
ComboFix 09-08-10.06 - Brian 08/15/2009 16:46.3.1 - NTFSx86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.345 [GMT -4:00]
Running from: c:\documents and settings\Brian\Desktop\ComboFix.exe
AV: McAfee VirusScan *On-access scanning disabled* (Outdated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\Installer\d3a3b.msi
c:\windows\run.log
c:\windows\system32\Drivers\acsww.sys
c:\windows\system32\Drivers\elldbwrw.sys
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_drae
((((((((((((((((((((((((( Files Created from 2009-07-15 to 2009-08-15 )))))))))))))))))))))))))))))))
.
2009-08-15 21:01 . 2009-08-15 21:01 -------- d-----w- c:\windows\LastGood
2009-08-15 20:17 . 2009-08-15 20:17 -------- d-----w- c:\documents and settings\Brian\Application Data\McAfee
2009-08-09 08:19 . 2009-08-09 08:19 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-09 08:19 . 2009-08-09 08:19 -------- d-----w- c:\program files\MSBuild
2009-08-09 08:19 . 2009-08-09 08:19 -------- d-----w- c:\program files\Reference Assemblies
2009-08-09 08:18 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-09 08:18 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-08-09 08:18 . 2009-08-09 08:18 -------- d-----w- C:\22d06f0c895e0e6bf8fed5
2009-08-09 08:18 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-08-09 08:18 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-09 08:18 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-08-09 08:18 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-09 08:18 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-07-30 03:02 . 2009-07-30 03:02 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Apple Computer
2009-07-25 23:11 . 2009-08-10 20:25 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-07-21 19:53 . 2009-07-21 19:54 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-15 21:11 . 2008-08-25 01:19 -------- d-----w- c:\documents and settings\Brian\Application Data\skypePM
2009-08-14 19:02 . 2004-11-09 10:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-14 19:02 . 2009-04-10 13:31 3942048 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-08-09 08:31 . 2005-01-23 03:14 -------- d-----w- c:\program files\McAfee
2009-08-03 17:36 . 2004-11-09 10:23 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-03 17:36 . 2004-11-09 10:23 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-03 17:09 . 2004-08-04 11:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-25 13:20 . 2009-06-25 13:20 -------- d-sh--w- c:\documents and settings\Guest\Application Data\lowsec
2009-06-24 01:34 . 2009-06-24 01:34 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2009-06-22 13:55 . 2008-08-13 20:01 -------- d-----w- c:\documents and settings\Brian\Application Data\SiteAdvisor
2009-06-19 02:14 . 2009-05-10 20:18 -------- d-----w- c:\program files\RealArcade
2009-06-17 17:13 . 2009-06-17 17:09 -------- d-----w- c:\program files\ZillaTube
2009-06-17 16:53 . 2009-04-04 22:08 -------- d-----w- c:\program files\Cucusoft
2009-06-16 14:36 . 2004-08-04 11:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:36 . 2004-08-04 11:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-03 19:09 . 2004-08-04 11:00 1291264 ----a-w- c:\windows\system32\quartz.dll
2004-08-04 11:00 . 2004-08-04 11:00 94784 -csh--w- c:\windows\TWAIN.DLL
2008-04-14 00:12 . 2004-08-04 11:00 50688 --sh--w- c:\windows\twain_32.dll
2005-03-28 20:33 . 2005-01-13 05:54 900 -csha-w- c:\windows\SYSTEM32\KGyGaAvL.sys
2008-04-14 00:11 . 2004-08-04 11:00 1028096 --sha-w- c:\windows\SYSTEM32\mfc42.dll
2008-04-14 00:12 . 2004-08-04 11:00 57344 --sha-w- c:\windows\SYSTEM32\msvcirt.dll
2008-04-14 00:12 . 2004-08-04 11:00 413696 --sha-w- c:\windows\SYSTEM32\msvcp60.dll
2008-04-14 00:12 . 2004-08-04 11:00 343040 --sha-w- c:\windows\SYSTEM32\msvcrt.dll
2008-04-14 00:12 . 2004-08-04 11:00 551936 --sha-w- c:\windows\SYSTEM32\oleaut32.dll
2008-04-14 00:12 . 2004-08-04 11:00 84992 --sha-w- c:\windows\SYSTEM32\olepro32.dll
2008-04-14 00:12 . 2004-08-04 11:00 11776 --sha-w- c:\windows\SYSTEM32\regsvr32.exe
.
((((((((((((((((((((((((((((( SnapShot@2009-06-24_14.59.20 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-08-15 20:59 . 2009-08-15 20:59 16384 c:\windows\temp\Perflib_Perfdata_7e4.dat
+ 2008-07-30 01:10 . 2008-07-30 01:10 26112 c:\windows\SYSTEM32\TsWpfWrp.exe
+ 2009-08-09 08:18 . 2008-07-06 12:06 89088 c:\windows\SYSTEM32\SPOOL\PRTPROCS\W32X86\filterpipelineprintproc.dll
+ 2008-07-29 23:59 . 2008-07-29 23:59 43544 c:\windows\SYSTEM32\PresentationHostProxy.dll
+ 2004-12-22 02:59 . 2009-08-09 08:26 72576 c:\windows\SYSTEM32\PERFC009.DAT
+ 2008-07-25 15:17 . 2008-07-25 15:17 15360 c:\windows\SYSTEM32\MUI\0409\mscorees.dll
+ 2006-11-08 02:03 . 2009-07-03 17:09 55296 c:\windows\SYSTEM32\msfeedsbs.dll
- 2006-11-08 02:03 . 2009-03-08 08:31 55296 c:\windows\SYSTEM32\msfeedsbs.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 83968 c:\windows\SYSTEM32\mscories.dll
- 2004-08-04 11:00 . 2009-04-30 21:22 25600 c:\windows\SYSTEM32\jsproxy.dll
+ 2004-08-04 11:00 . 2009-07-03 17:09 25600 c:\windows\SYSTEM32\jsproxy.dll
+ 2008-07-29 23:24 . 2008-07-29 23:24 97800 c:\windows\SYSTEM32\infocardapi.dll
+ 2008-07-29 23:24 . 2008-07-29 23:24 11264 c:\windows\SYSTEM32\icardres.dll
+ 2008-07-30 01:10 . 2008-07-30 01:10 73720 c:\windows\SYSTEM32\dxva2.dll
+ 2009-06-12 19:46 . 2009-07-03 17:09 12800 c:\windows\SYSTEM32\DLLCACHE\xpshims.dll
- 2009-06-12 19:46 . 2009-04-30 21:22 12800 c:\windows\SYSTEM32\DLLCACHE\xpshims.dll
- 2007-05-08 21:39 . 2009-03-08 08:31 55296 c:\windows\SYSTEM32\DLLCACHE\msfeedsbs.dll
+ 2007-05-08 21:39 . 2009-07-03 17:09 55296 c:\windows\SYSTEM32\DLLCACHE\msfeedsbs.dll
+ 2004-08-04 11:00 . 2009-07-03 17:09 25600 c:\windows\SYSTEM32\DLLCACHE\jsproxy.dll
- 2004-08-04 11:00 . 2009-04-30 21:22 25600 c:\windows\SYSTEM32\DLLCACHE\jsproxy.dll
+ 2009-06-16 14:36 . 2009-06-16 14:36 81920 c:\windows\SYSTEM32\DLLCACHE\fontsub.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 96760 c:\windows\SYSTEM32\dfshim.dll
+ 2004-12-31 23:19 . 2009-08-15 21:04 49152 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\index.dat
- 2004-12-31 23:19 . 2009-06-24 14:13 49152 c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2004-12-31 23:19 . 2009-08-15 21:04 49152 c:\windows\SYSTEM32\CONFIG\systemprofile\Cookies\index.dat
- 2004-12-31 23:19 . 2009-06-24 14:13 49152 c:\windows\SYSTEM32\CONFIG\systemprofile\Cookies\index.dat
+ 2008-07-30 03:40 . 2008-07-30 03:40 70648 c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 91136 c:\windows\Microsoft.NET\Framework\v3.5\MSBuild.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.VisualC.STLCLR.dll
+ 2008-07-30 03:40 . 2008-07-30 03:40 40960 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Data.Entity.Build.Tasks.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 89080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2052.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 92664 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1042.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 95224 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1041.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 89592 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1028.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 84480 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2052.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 94720 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1042.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 97792 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1041.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 84992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1028.dll
+ 2008-07-29 22:47 . 2008-07-29 22:47 97280 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\DeleteTemp.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 95224 c:\windows\Microsoft.NET\Framework\v3.5\EdmGen.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 78856 c:\windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 41984 c:\windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe
+ 2008-07-30 03:40 . 2008-07-30 03:40 41992 c:\windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe
+ 2008-07-30 01:10 . 2008-07-30 01:10 46104 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
+ 2008-07-29 23:59 . 2008-07-29 23:59 32768 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationCFFRasterizer.dll
+ 2008-07-30 01:10 . 2008-07-30 01:10 71160 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PenIMC.dll
+ 2008-07-29 23:32 . 2008-07-29 23:32 17448 c:\windows\Microsoft.NET\Framework\v3.0\Windows Workflow Foundation\PerformanceCounterInstaller.exe
+ 2008-07-29 23:16 . 2008-07-29 23:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 73728 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.Install.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 20504 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceMonikerSupport.dll
+ 2008-07-29 23:16 . 2008-07-29 23:16 11280 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelEvents.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 37896 c:\windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 81400 c:\windows\Microsoft.NET\Framework\v2.0.50727\TLBREF.DLL
+ 2008-07-25 15:17 . 2008-07-25 15:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.RegularExpressions.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 57392 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.EnterpriseServices.Thunk.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.Design.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 81920 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Configuration.Install.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 95232 c:\windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 16896 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 61952 c:\windows\Microsoft.NET\Framework\v2.0.50727\regtlibv12.exe
- 2005-09-23 11:28 . 2005-09-23 11:28 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
- 2005-09-23 11:28 . 2005-09-23 11:28 53248 c:\windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 88584 c:\windows\Microsoft.NET\Framework\v2.0.50727\PerfCounter.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 24584 c:\windows\Microsoft.NET\Framework\v2.0.50727\normalization.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 31744 c:\windows\Microsoft.NET\Framework\v2.0.50727\MUI\0409\mscorsecr.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 19456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscortim.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 18944 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsn.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 77312 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 94208 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorld.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 46592 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 83456 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordbc.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 69632 c:\windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 97792 c:\windows\Microsoft.NET\Framework\v2.0.50727\MmcAspExt.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 12800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 32768 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Vsa.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.VisualBasic.Vsa.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Utilities.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\Microsoft.Build.Framework.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
- 2005-09-23 11:28 . 2005-09-23 11:28 40960 c:\windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 72192 c:\windows\Microsoft.NET\Framework\v2.0.50727\ISymWrapper.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 65032 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtilLib.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
- 2005-09-23 11:28 . 2005-09-23 11:28 28672 c:\windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 77824 c:\windows\Microsoft.NET\Framework\v2.0.50727\IEHost.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 18936 c:\windows\Microsoft.NET\Framework\v2.0.50727\fusion.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 62968 c:\windows\Microsoft.NET\Framework\v2.0.50727\dfdll.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 35320 c:\windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 69120 c:\windows\Microsoft.NET\Framework\v2.0.50727\CustomMarshalers.dll
+ 2008-07-25 15:17 . 2008-07-25 15:17 27136 c:\windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 13312 c:\windows\Microsoft.NET\Framework\v2.0.50727\cscompmgd.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 80376 c:\windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 89608 c:\windows\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll
+ 2008-11-25 08:59 . 2008-11-25 08:59 31560 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 34312 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 33288 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 24576 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 84480 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_rc.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 33800 c:\windows\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 17416 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_isapi.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 22024 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_filter.dll
+ 2008-07-25 15:16 . 2008-07-25 15:16 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
- 2005-09-23 11:28 . 2005-09-23 11:28 36864 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe
+ 2008-07-25 15:17 . 2008-07-25 15:17 58880 c:\windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe
+ 2008-07-25 15:16 . 2008-07-25 15:16 98808 c:\windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
- 2005-09-23 11:28 . 2005-09-23 11:28 10752 c:\windows\Microsoft.NET\Framework\v2.0.50727\Accessibility.dll
-
Sorry About the Delay
Malwarebytes' Anti-Malware 1.40
Database version: 2551
Windows 5.1.2600 Service Pack 3 (Safe Mode)
8/14/2009 3:36:26 PM
mbam-log-2009-08-14 (15-36-25).txt
Scan type: Quick Scan
Objects scanned: 135076
Time elapsed: 15 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\fias4051 (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AlerterALG (Trojan.Downloader) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\SYSTEM32\DRIVERS\str.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\0101120101465452.lso (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\0101120101465749.lso (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\0101120101465452.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\0101120101465749.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-07-30.01)
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 12/31/2004 6:26:16 PM
System Uptime: 8/14/2009 2:55:02 PM (1 hours ago)
Motherboard: Dell Computer Corp. | | 0N6381
Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2793/533mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 72 GiB total, 33.045 GiB free.
==== Disabled Device Manager Items =============
Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}
Description: CD-ROM Drive
Device ID: IDE\CDROMHL-DT-ST_CD-ROM_GCR-8483B_______________1.07____\5&145A0A8F&0&0.0.0
Manufacturer: (Standard CD-ROM drives)
Name: HL-DT-ST CD-ROM GCR-8483B
PNP Device ID: IDE\CDROMHL-DT-ST_CD-ROM_GCR-8483B_______________1.07____\5&145A0A8F&0&0.0.0
Service: cdrom
==== System Restore Points ===================
RP1585: 5/11/2009 11:42:05 PM - System Checkpoint
RP1586: 5/13/2009 3:14:35 AM - System Checkpoint
RP1587: 5/14/2009 7:31:24 PM - Software Distribution Service 3.0
RP1588: 5/15/2009 10:29:53 PM - System Checkpoint
RP1589: 5/16/2009 11:50:48 PM - System Checkpoint
RP1590: 5/18/2009 12:12:49 AM - System Checkpoint
RP1591: 5/19/2009 12:52:33 AM - System Checkpoint
RP1592: 5/20/2009 6:31:25 PM - System Checkpoint
RP1593: 5/21/2009 7:44:48 PM - System Checkpoint
RP1594: 5/23/2009 10:55:59 AM - System Checkpoint
RP1595: 5/24/2009 1:39:40 PM - System Checkpoint
RP1596: 5/25/2009 2:28:34 PM - System Checkpoint
RP1597: 5/26/2009 5:27:12 PM - System Checkpoint
RP1598: 5/27/2009 6:09:13 PM - System Checkpoint
RP1599: 5/28/2009 6:38:55 PM - System Checkpoint
RP1600: 5/29/2009 7:27:41 PM - System Checkpoint
RP1601: 5/30/2009 8:05:47 PM - System Checkpoint
RP1602: 5/31/2009 10:43:29 PM - System Checkpoint
RP1603: 6/1/2009 10:58:30 PM - System Checkpoint
RP1604: 6/3/2009 7:57:28 AM - System Checkpoint
RP1605: 6/4/2009 5:23:20 PM - System Checkpoint
RP1606: 6/5/2009 9:39:11 PM - System Checkpoint
RP1607: 6/7/2009 12:36:54 AM - System Checkpoint
RP1608: 6/8/2009 9:01:47 AM - System Checkpoint
RP1609: 6/9/2009 10:25:51 AM - System Checkpoint
RP1610: 6/10/2009 4:00:33 AM - Software Distribution Service 3.0
RP1611: 6/11/2009 4:19:38 AM - System Checkpoint
RP1612: 6/12/2009 6:07:43 AM - System Checkpoint
RP1613: 6/12/2009 1:49:34 PM - Installed Microsoft Fix it 50027
RP1614: 6/12/2009 2:43:06 PM - Installed Microsoft Fix it 50027
RP1615: 6/12/2009 3:32:29 PM - Software Distribution Service 3.0
RP1616: 6/13/2009 4:11:53 PM - System Checkpoint
RP1617: 6/14/2009 6:57:30 PM - System Checkpoint
RP1618: 6/15/2009 11:34:59 PM - System Checkpoint
RP1619: 6/17/2009 1:22:52 AM - System Checkpoint
RP1620: 6/18/2009 7:47:19 AM - System Checkpoint
RP1621: 6/19/2009 9:19:47 AM - System Checkpoint
RP1622: 6/20/2009 10:23:49 AM - System Checkpoint
RP1623: 6/21/2009 2:11:50 PM - System Checkpoint
RP1624: 8/8/2009 7:44:10 PM - System Checkpoint
RP1625: 8/9/2009 4:00:24 AM - Software Distribution Service 3.0
RP1626: 8/9/2009 4:32:34 AM - Printer Driver Microsoft XPS Document Writer Installed
==== Installed Programs ======================
1400
1400_Help
1400Trb
Adobe Download Manager 2.0 (Remove Only)
Adobe Flash Player 10 ActiveX
Adobe Reader 7.0.5
Adobe Shockwave Player 11
AiO_Scan
AiOSoftware
AOL Instant Messenger
Apple Mobile Device Support
Apple Software Update
Bonjour
Critical Update for Windows Media Player 11 (KB959772)
Dell Driver Reset Tool
Dell Photo Printer 720
Dell Support Center (Support Software)
DellSupport
ESPN Java Check
Fax
GdiplusUpgrade
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
HP Product Assistant
HP PSC & OfficeJet 4.7
HP Update
Intel® 537EP V9x DF PCI Modem
Intel® Extreme Graphics 2 Driver
Intel® PRO Network Adapters and Drivers
Intel® PROSet for Wired Connections
Internet Explorer Default Page
iPhone/iTouch/iPod to Computer Transfer 5.1.9
iPod for Windows 2005-09-23
iPod for Windows 2006-06-28
IrfanView (remove only)
iTunes
J2SE Runtime Environment 5.0 Update 4
J2SE Runtime Environment 5.0 Update 6
Java 2 Runtime Environment, SE v1.4.2_03
Java 6 Update 11
Java 6 Update 5
Malwarebytes' Anti-Malware
McAfee SecurityCenter
McAfee Shredder
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ Run Time Lib Setup
Modem Event Monitor
Modem Helper
Modem On Hold
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 Parser and SDK
Music Visualizer Library 1.4.00
My Way Search Assistant
Net MD Simple Burner
Network Play System (Patching)
Nikon Message Center
OpenMG Limited Patch 3.1-02-10-22-01
OpenMG Limited Patch 3.1-02-10-22-02
OpenMG Limited Patch 3.1-02-12-04-01
OpenMG Secure Module 3.1
PictureProject
PictureProject In Touch Downloader 1.0
ProductContext
QuickTime
Readme
RealPlayer
Scan
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB973346)
Skype
-
You said to run the scans not in safe mode but its the only way i can
-
I am going to qork right now, but will have a full reply when i get home thanks!
-
I'm not sure who that person is?? But if you can help I would appreciate your help!
-
i have an infection i cannot get rid of. Here are copies of the logs.
malwarebytes
Malwarebytes' Anti-Malware 1.38
Database version: 2307
Windows 5.1.2600 Service Pack 3
7/28/2009 7:32:31 PM
mbam-log-2009-07-28 (19-32-31).txt
Scan type: Quick Scan
Objects scanned: 140364
Time elapsed: 17 minute(s), 31 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Hijack This
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:31:48 PM, on 7/28/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com/search/de_srchlft.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {3F1866D7-E21A-4403-A609-D8F2090567DF} - (no file)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O4 - HKLM\..\Run: [OSCD_Creator] c:\Dell\PreODM.EXE
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [intelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [OSCD_Creator] C:\Dell\PreODM.EXE /2
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [Windows Update Utility] \\?\globalroot\systemroot\system32\vfhr.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Windows Update Utility] \\?\globalroot\systemroot\system32\vfhr.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Risk/Images/stg_drm.ocx
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkId=39204&clcid=0x409
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Risk/Images/armhelper.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Alerter AlerterALG (AlerterALG) - Unknown owner - C:\WINDOWS\system32\f.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
--
End of file - 8531 bytes
I need some help?!?!
in Resolved Malware Removal Logs
Posted
hmmm, i ran the scan, but cannot seem to find a log report to post