Jump to content

I3randon

Members
  • Posts

    8
  • Joined

  • Last visited

Everything posted by I3randon

  1. HijackThis Log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:10:04 PM, on 8/11/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18294) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\DellTPad\Apoint.exe C:\Program Files\IDT\WDM\sttray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Windows\System32\WLTRAY.EXE C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\Pure Networks\Network Magic\nmapp.exe C:\Program Files\DellTPad\Apntex.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe C:\Program Files\CyberLink\Shared Files\brs.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Windows\system32\wuauclt.exe C:\Windows\Explorer.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll O3 - Toolbar: QT TabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - mscoree.dll (file missing) O3 - Toolbar: QT Tab Standard Buttons - {D2BF470E-ED1C-487F-A666-2BD8835EB6CE} - mscoree.dll (file missing) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2 O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe" O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe" O4 - HKLM\..\Run: [bDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe O8 - Extra context menu item: &AIM Toolbar Search - C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll O22 - SharedTaskScheduler: Ave's FolderBg - {73526E5A-FD53-4BE7-B5E2-D3C89D7413DC} - C:\Users\Brandon\Documents\Downloads\Compressed\AveFolderBg\32bits\VistaFolderBackground.dll O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\aestsrv.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: dldt_device - - C:\Windows\system32\dldtcoms.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: GoToAssist - Unknown owner - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE -- End of file - 13382 bytes P.S. - FireFox is working fine now
  2. ComboFix Pt. 3 + 2009-08-10 19:28 . 2008-06-20 01:14 168968 c:\windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe + 2009-08-10 19:28 . 2008-06-20 01:14 368640 c:\windows\assembly\GAC_32\System.Printing\3.0.0.0__31bf3856ad364e35\System.Printing.dll + 2009-08-10 19:27 . 2008-06-20 01:14 163840 c:\windows\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll + 2009-08-10 19:28 . 2008-06-20 01:13 1630208 c:\windows\winsxs\x86_wwf-system.workflow.componentmodel_31bf3856ad364e35_6.0.6001.22208_none_8c75ba7a272c 1073\System.Workflow.ComponentModel.dll + 2009-08-10 19:28 . 2008-06-20 01:14 1630208 c:\windows\winsxs\x86_wwf-system.workflow.componentmodel_31bf3856ad364e35_6.0.6001.18096_none_8b88cbe90e59 3c4d\System.Workflow.ComponentModel.dll + 2009-08-10 19:28 . 2008-06-20 01:13 1630208 c:\windows\winsxs\x86_wwf-system.workflow.componentmodel_31bf3856ad364e35_6.0.6000.20864_none_8a4a9b242a39 c1cc\System.Workflow.ComponentModel.dll + 2009-08-10 19:28 . 2008-06-20 01:18 1630208 c:\windows\winsxs\x86_wwf-system.workflow.componentmodel_31bf3856ad364e35_6.0.6000.16708_none_8a05df0910e7 dfb8\System.Workflow.ComponentModel.dll + 2009-08-10 19:28 . 2008-06-20 01:13 1138688 c:\windows\winsxs\x86_wwf-system.workflow.activities_31bf3856ad364e35_6.0.6001.22208_none_32f793e391151502\System.Workflow.Activities.dll + 2009-08-10 19:28 . 2008-06-20 01:14 1138688 c:\windows\winsxs\x86_wwf-system.workflow.activities_31bf3856ad364e35_6.0.6001.18096_none_320aa552784240dc\System.Workflow.Activities.dll + 2009-08-10 19:28 . 2008-06-20 01:12 1138688 c:\windows\winsxs\x86_wwf-system.workflow.activities_31bf3856ad364e35_6.0.6000.20864_none_30cc748d9422c65b\System.Workflow.Activities.dll + 2009-08-10 19:28 . 2008-06-20 01:18 1138688 c:\windows\winsxs\x86_wwf-system.workflow.activities_31bf3856ad364e35_6.0.6000.16708_none_3087b8727ad0e447\System.Workflow.Activities.dll + 2009-08-10 19:28 . 2008-06-20 01:13 1245184 c:\windows\winsxs\x86_wpf-windowsbase_31bf3856ad364e35_6.0.6001.22208_none_57feade560dc8728\WindowsBase.dll + 2009-08-10 19:28 . 2008-06-20 01:14 1245184 c:\windows\winsxs\x86_wpf-windowsbase_31bf3856ad364e35_6.0.6001.18096_none_5711bf544809b302\WindowsBase.dll + 2009-08-10 19:28 . 2008-06-20 01:12 1245184 c:\windows\winsxs\x86_wpf-windowsbase_31bf3856ad364e35_6.0.6000.20864_none_55d38e8f63ea3881\WindowsBase.dll + 2009-08-10 19:28 . 2008-06-20 01:18 1245184 c:\windows\winsxs\x86_wpf-windowsbase_31bf3856ad364e35_6.0.6000.16708_none_558ed2744a98566d\WindowsBase.dll + 2009-08-10 19:27 . 2008-06-20 01:13 5283840 c:\windows\winsxs\x86_wpf-presentationframework_31bf3856ad364e35_6.0.6001.22208_none_6f17fd076f0ccf52\PresentationFramework.dll + 2009-08-10 19:27 . 2008-06-20 01:14 5283840 c:\windows\winsxs\x86_wpf-presentationframework_31bf3856ad364e35_6.0.6001.18096_none_6e2b0e765639fb2c\PresentationFramework.dll + 2009-08-10 19:27 . 2008-06-20 01:12 5283840 c:\windows\winsxs\x86_wpf-presentationframework_31bf3856ad364e35_6.0.6000.20864_none_6cecddb1721a80ab\PresentationFramework.dll + 2009-08-10 19:27 . 2008-06-20 01:18 5283840 c:\windows\winsxs\x86_wpf-presentationframework_31bf3856ad364e35_6.0.6000.16708_none_6ca8219658c89e97\PresentationFramework.dll + 2009-08-10 19:27 . 2008-06-20 01:13 5931008 c:\windows\winsxs\x86_wcf-system.servicemodel_b03f5f7f11d50a3a_6.0.6001.22208_none_fe2a5a5f051cb345\System.ServiceModel.dll + 2009-08-10 19:27 . 2008-06-20 01:14 5931008 c:\windows\winsxs\x86_wcf-system.servicemodel_b03f5f7f11d50a3a_6.0.6001.18096_none_1501316ceb6d03bb\System.ServiceModel.dll + 2009-08-10 19:27 . 2008-06-20 01:12 5931008 c:\windows\winsxs\x86_wcf-system.servicemodel_b03f5f7f11d50a3a_6.0.6000.20864_none_fe54bb7304c5d874\System.ServiceModel.dll + 2009-08-10 19:27 . 2008-06-20 01:17 5931008 c:\windows\winsxs\x86_wcf-system.servicemodel_b03f5f7f11d50a3a_6.0.6000.16708_none_151c0556eb2446e8\System.ServiceModel.dll + 2009-08-10 19:27 . 2008-06-20 01:13 1738760 c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6001.22208_none_acc2b340a90ab125\wpfgfx_v0300.dll + 2009-08-10 19:28 . 2008-06-20 01:13 4210688 c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6001.22208_none_acc2b340a90ab125\PresentationCore.dll + 2009-08-10 19:27 . 2008-06-20 01:14 1738760 c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6001.18096_none_abd5c4af9037dcff\wpfgfx_v0300.dll + 2009-08-10 19:28 . 2008-06-20 01:14 4210688 c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6001.18096_none_abd5c4af9037dcff\PresentationCore.dll + 2009-08-10 19:27 . 2008-06-20 01:12 1738760 c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6000.20864_none_aa9793eaac18627e\wpfgfx_v0300.dll + 2009-08-10 19:28 . 2008-06-20 01:12 4210688 c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6000.20864_none_aa9793eaac18627e\PresentationCore.dll + 2009-08-10 19:27 . 2008-06-20 01:18 1738760 c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6000.16708_none_aa52d7cf92c6806a\wpfgfx_v0300.dll + 2009-08-10 19:28 . 2008-06-20 01:18 4210688 c:\windows\winsxs\x86_presentationcore_31bf3856ad364e35_6.0.6000.16708_none_aa52d7cf92c6806a\PresentationCore.dll + 2009-08-08 18:47 . 2009-06-17 08:02 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6002.22160_none_f4b74f0181eee730\OESpamFilter.dat + 2009-08-08 18:47 . 2009-06-17 07:35 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6002.18056_none_f43e83de68c3c37f\OESpamFilter.dat + 2009-08-08 18:47 . 2009-06-17 07:30 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.22459_none_f2e4af9f84b85a2a\OESpamFilter.dat + 2009-08-08 18:47 . 2009-06-17 07:35 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.18278_none_f24470cc6babdbc4\OESpamFilter.dat + 2009-08-08 18:47 . 2009-06-17 07:35 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.21074_none_f0e3a5eb87a6b883\OESpamFilter.dat + 2009-08-08 18:47 . 2009-06-17 07:36 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.16876_none_f05c31926e871825\OESpamFilter.dat + 2009-08-08 18:45 . 2009-07-18 11:45 6081024 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6002.22180_none_66bc01a4c4a3d534\ieframe.dll + 2009-08-08 18:45 . 2009-07-18 11:32 6079488 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6002.18071_none_663e350fab7d32d0\ieframe.dll + 2009-08-08 18:45 . 2009-07-18 09:55 6072832 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.22475_none_64e5611ac770e2d2\ieframe.dll + 2009-08-08 18:45 . 2009-07-18 16:01 6069248 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.18294_none_64452247ae64646c\ieframe.dll + 2009-08-08 18:46 . 2009-07-18 12:09 6070784 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.21089_none_62f829ecca4f0949\ieframe.dll + 2009-08-08 18:46 . 2009-07-18 12:10 6067200 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16890_none_625ae279b1416e1f\ieframe.dll + 2009-08-08 18:46 . 2009-07-18 11:45 3600384 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22180_none_155ca7a138ae4707\mshtml.dll + 2009-08-08 18:46 . 2009-07-18 11:33 3599360 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18071_none_14dedb0c1f87a4a3\mshtml.dll + 2009-08-08 18:45 . 2009-07-18 11:54 3584512 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22475_none_138607173b7b54a5\mshtml.dll + 2009-08-08 18:45 . 2009-07-18 16:02 3583488 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18294_none_12e5c844226ed63f\mshtml.dll + 2009-08-08 18:46 . 2009-07-18 12:12 3600384 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21089_none_1198cfe93e597b1c\mshtml.dll + 2009-08-08 18:46 . 2009-07-18 12:13 3597824 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16890_none_10fb8876254bdff2\mshtml.dll + 2009-08-08 18:46 . 2009-06-18 06:56 2452872 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.21089_none_f9e7d3a487ee8c39\ieapfltr.dat + 2009-08-08 18:46 . 2009-06-18 06:57 2452872 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16890_none_f94a8c316ee0f10f\ieapfltr.dat + 2009-08-08 18:45 . 2009-07-18 11:47 1167872 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6002.22180_none_b6fcace0ed4eb73e\urlmon.dll + 2009-08-08 18:45 . 2009-07-18 11:34 1167872 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6002.18071_none_b67ee04bd42814da\urlmon.dll + 2009-08-08 18:45 . 2009-07-18 11:56 1166848 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.22475_none_b5260c56f01bc4dc\urlmon.dll + 2009-08-08 18:45 . 2009-07-18 16:06 1166336 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.18294_none_b485cd83d70f4676\urlmon.dll + 2009-08-08 18:45 . 2009-07-18 12:16 1163264 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.21089_none_b338d528f2f9eb53\urlmon.dll + 2009-08-08 18:45 . 2009-07-18 12:16 1159680 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.16890_none_b29b8db5d9ec5029\urlmon.dll + 2009-08-10 19:28 . 2008-06-20 01:13 1245184 c:\windows\winsxs\msil_windowsbase_31bf3856ad364e35_6.0.6001.22208_none_97b08b7448b9ff5f\WindowsBase.dll + 2009-08-10 19:28 . 2008-06-20 01:14 1245184 c:\windows\winsxs\msil_windowsbase_31bf3856ad364e35_6.0.6001.18096_none_96c39ce32fe72b39\WindowsBase.dll + 2009-08-10 19:28 . 2008-06-20 01:12 1245184 c:\windows\winsxs\msil_windowsbase_31bf3856ad364e35_6.0.6000.20864_none_95856c1e4bc7b0b8\WindowsBase.dll + 2009-08-10 19:28 . 2008-06-20 01:18 1245184 c:\windows\winsxs\msil_windowsbase_31bf3856ad364e35_6.0.6000.16708_none_9540b0033275cea4\WindowsBase.dll + 2009-08-10 19:28 . 2008-06-20 01:13 1630208 c:\windows\winsxs\msil_system.workflow.componentmodel_31bf3856ad364e35_6.0.6001.22208_none_e9 0a0d4ae97e2ccb\System.Workflow.ComponentModel.dll + 2009-08-10 19:28 . 2008-06-20 01:14 1630208 c:\windows\winsxs\msil_system.workflow.componentmodel_31bf3856ad364e35_6.0.6001.18096_none_e8 1d1eb9d0ab58a5\System.Workflow.ComponentModel.dll + 2009-08-10 19:28 . 2008-06-20 01:13 1630208 c:\windows\winsxs\msil_system.workflow.componentmodel_31bf3856ad364e35_6.0.6000.20864_none_e6 deedf4ec8bde24\System.Workflow.ComponentModel.dll + 2009-08-10 19:28 . 2008-06-20 01:18 1630208 c:\windows\winsxs\msil_system.workflow.componentmodel_31bf3856ad364e35_6.0.6000.16708_none_e6 9a31d9d339fc10\System.Workflow.ComponentModel.dll + 2009-08-10 19:28 . 2008-06-20 01:13 1138688 c:\windows\winsxs\msil_system.workflow.activities_31bf3856ad364e35_6.0.6001.22208_none_293330 886c8121bc\System.Workflow.Activities.dll + 2009-08-10 19:28 . 2008-06-20 01:14 1138688 c:\windows\winsxs\msil_system.workflow.activities_31bf3856ad364e35_6.0.6001.18096_none_284641 f753ae4d96\System.Workflow.Activities.dll + 2009-08-10 19:28 . 2008-06-20 01:12 1138688 c:\windows\winsxs\msil_system.workflow.activities_31bf3856ad364e35_6.0.6000.20864_none_270811 326f8ed315\System.Workflow.Activities.dll + 2009-08-10 19:28 . 2008-06-20 01:18 1138688 c:\windows\winsxs\msil_system.workflow.activities_31bf3856ad364e35_6.0.6000.16708_none_26c355 17563cf101\System.Workflow.Activities.dll + 2009-08-10 19:27 . 2008-06-20 01:13 5931008 c:\windows\winsxs\msil_system.servicemodel_b77a5c561934e089_6.0.6001.22208_none_8e1bf2cea44da c8d\System.ServiceModel.dll + 2009-08-10 19:27 . 2008-06-20 01:14 5931008 c:\windows\winsxs\msil_system.servicemodel_b77a5c561934e089_6.0.6001.18096_none_a4f2c9dc8a9df d03\System.ServiceModel.dll + 2009-08-10 19:27 . 2008-06-20 01:12 5931008 c:\windows\winsxs\msil_system.servicemodel_b77a5c561934e089_6.0.6000.20864_none_8e4653e2a3f6d 1bc\System.ServiceModel.dll + 2009-08-10 19:27 . 2008-06-20 01:17 5931008 c:\windows\winsxs\msil_system.servicemodel_b77a5c561934e089_6.0.6000.16708_none_a50d9dc68a554 030\System.ServiceModel.dll + 2009-08-10 19:27 . 2008-06-20 01:13 5931008 c:\windows\winsxs\msil_system.servicemodel.ref_b77a5c561934e089_6.0.6001.22208_none_559775022 c5c3394\System.ServiceModel.dll + 2009-08-10 19:27 . 2008-06-20 01:14 5931008 c:\windows\winsxs\msil_system.servicemodel.ref_b77a5c561934e089_6.0.6001.18096_none_6c6e4c101 2ac840a\System.ServiceModel.dll + 2009-08-10 19:27 . 2008-06-20 01:12 5931008 c:\windows\winsxs\msil_system.servicemodel.ref_b77a5c561934e089_6.0.6000.20864_none_55c1d6162 c0558c3\System.ServiceModel.dll + 2009-08-10 19:27 . 2008-06-20 01:17 5931008 c:\windows\winsxs\msil_system.servicemodel.ref_b77a5c561934e089_6.0.6000.16708_none_6c891ffa1 263c737\System.ServiceModel.dll + 2009-08-10 19:27 . 2008-06-20 01:13 5283840 c:\windows\winsxs\msil_presentationframework_31bf3856ad364e35_6.0.6001.22208_none_774937060d1 32321\PresentationFramework.dll + 2009-08-10 19:27 . 2008-06-20 01:14 5283840 c:\windows\winsxs\msil_presentationframework_31bf3856ad364e35_6.0.6001.18096_none_765c4874f44 04efb\PresentationFramework.dll + 2009-08-10 19:27 . 2008-06-20 01:12 5283840 c:\windows\winsxs\msil_presentationframework_31bf3856ad364e35_6.0.6000.20864_none_751e17b0102 0d47a\PresentationFramework.dll + 2009-08-10 19:27 . 2008-06-20 01:18 5283840 c:\windows\winsxs\msil_presentationframework_31bf3856ad364e35_6.0.6000.16708_none_74d95b94f6c ef266\PresentationFramework.dll + 2009-08-08 18:45 . 2009-07-18 16:06 1166336 c:\windows\System32\urlmon.dll - 2009-06-10 22:48 . 2009-04-24 16:05 1166336 c:\windows\System32\urlmon.dll + 2006-11-02 10:22 . 2009-08-11 05:48 6553600 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT - 2006-11-02 10:22 . 2009-08-08 18:53 6553600 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT + 2009-08-08 18:45 . 2009-07-18 16:02 3583488 c:\windows\System32\mshtml.dll + 2009-08-08 18:45 . 2009-07-18 16:01 6069248 c:\windows\System32\ieframe.dll - 2009-06-10 22:48 . 2009-04-24 16:02 6069248 c:\windows\System32\ieframe.dll + 2006-11-02 12:47 . 2009-08-09 17:36 2318144 c:\windows\System32\FNTCACHE.DAT - 2006-11-02 12:47 . 2009-06-22 17:24 2318144 c:\windows\System32\FNTCACHE.DAT + 2008-07-30 03:40 . 2008-07-30 03:40 1720824 c:\windows\Microsoft.NET\Framework\v3.5\vbc.exe + 2008-07-29 22:47 . 2008-07-29 22:47 1054208 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.dll + 2008-07-29 22:47 . 2008-07-29 22:47 1364992 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\SITSetup.dll + 2008-07-29 22:47 . 2008-07-29 22:47 1064448 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\gencomp.dll + 2008-07-30 03:40 . 2008-07-30 03:40 1548280 c:\windows\Microsoft.NET\Framework\v3.5\csc.exe + 2009-08-10 19:27 . 2008-06-20 01:14 1738760 c:\windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll + 2009-08-10 19:27 . 2008-06-20 01:14 5931008 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll + 2009-05-26 22:54 . 2009-05-26 22:54 4192768 c:\windows\Installer\56741.msp + 2009-07-02 20:23 . 2009-07-02 20:23 5027328 c:\windows\Installer\56715.msp + 2008-12-25 22:21 . 2009-08-09 15:30 1172240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe - 2008-12-25 22:21 . 2009-06-15 12:11 1172240 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe + 2008-12-25 22:21 . 2009-08-09 15:30 1165584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\accicons.exe - 2008-12-25 22:21 . 2009-06-15 12:11 1165584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\accicons.exe - 2009-03-17 21:49 . 2009-06-15 12:10 1172240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe + 2009-03-17 21:49 . 2009-08-09 15:30 1172240 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe - 2009-03-17 21:49 . 2009-06-15 12:10 1165584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe + 2009-03-17 21:49 . 2009-08-09 15:30 1165584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe + 2009-08-10 19:35 . 2009-08-10 19:35 3311104 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\400510870f710fd409ee7fc71b4a69aa\WindowsBase.ni.dll + 2009-08-11 05:12 . 2009-08-11 05:12 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\c8b13dcfc97e24405e4fc0475ce6f8f6\UIAutomationClientsideProviders.ni.dll + 2009-08-11 05:12 . 2009-08-11 05:12 1355264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\2deca0680ab84ffa0d02529e6008c3af\System.WorkflowServices.ni.dll + 2009-08-10 19:36 . 2009-08-10 19:36 1904128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\5d6b641086cce5fdc858845791bceb39\System.Workflow.Runtime.ni.dll + 2009-08-10 19:36 . 2009-08-10 19:36 4510720 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\4ebf9425af71d1715702beddca876205\System.Workflow.ComponentModel.ni.dll + 2009-08-10 19:36 . 2009-08-10 19:36 2989568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\9a3bbad437aad5decc858ca4ff6aa95e\System.Workflow.Activities.ni.dll + 2009-08-11 05:12 . 2009-08-11 05:12 2400256 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\7a2ff61712242ed5a8ed3e2051913d8a\System.Web.Extensions.ni.dll + 2009-08-11 05:12 . 2009-08-11 05:12 1705984 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\9cd971129846bdc7b4d6f4de75d0d56f\System.ServiceModel.Web.ni.dll + 2009-08-11 01:21 . 2009-08-11 01:21 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\6a0e6b429befa7ae3195cfc8c92ea2cc\System.Runtime.Serialization.ni.dll + 2009-08-11 01:22 . 2009-08-11 01:22 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\828c0797125f0e89f76c00c87708cd08\System.Printing.ni.dll + 2009-08-11 01:21 . 2009-08-11 01:21 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\833aa4f13464ecb314a27adbcfca1e22\System.IdentityModel.ni.dll + 2009-08-11 05:12 . 2009-08-11 05:12 1326080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\41610b6770b86d583f850fe48761ff0c\System.Data.Services.ni.dll + 2009-08-10 19:36 . 2009-08-10 19:36 2510848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\f38eb6cd3804a40cbff2d1103f541776\System.Data.Linq.ni.dll + 2009-08-11 05:11 . 2009-08-11 05:11 9903104 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\dd4ce78d33fde0033fa5bd50e24c8fbc\System.Data.Entity.ni.dll + 2009-08-10 19:36 . 2009-08-10 19:36 2294784 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\6c69930d05c557da70144bcc0add7065\System.Core.ni.dll + 2009-08-11 01:22 . 2009-08-11 01:22 2126336 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\87d2215a3b6b8ebec883f6bf82b6b781\ReachFramework.ni.dll + 2009-08-11 01:21 . 2009-08-11 01:21 1656832 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\4746ed9ba78a700176711accdea55be1\PresentationUI.ni.dll + 2009-08-11 01:22 . 2009-08-11 01:22 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\4425dd4db3b0530d0a9369b7b259088b\PresentationBuildTasks.ni.dll + 2009-08-11 01:21 . 2009-08-11 01:21 1092608 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\88b610bb7a660a1b06385d595a72d272\Microsoft.Transactions.Bridge.ni.dll + 2009-08-11 01:22 . 2009-08-11 01:22 1965568 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\cd6eeb3d7ea1f65c28a43e665db38644\Microsoft.Build.Tasks.v3.5.ni.dll + 2009-08-11 01:22 . 2009-08-11 01:22 1886208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\ce984d7bbd9a6d5d3cca28c4e5038020\Microsoft.Build.Engine.ni.dll + 2009-08-10 19:28 . 2008-06-20 01:14 1245184 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll + 2009-08-10 19:28 . 2008-06-20 01:14 1630208 c:\windows\assembly\GAC_MSIL\System.Workflow.ComponentModel\3.0.0.0__31bf3856ad364e35\System.Workflow.ComponentModel.dll + 2009-08-10 19:28 . 2008-06-20 01:14 1138688 c:\windows\assembly\GAC_MSIL\System.Workflow.Activities\3.0.0.0__31bf3856ad364e35\System.Workflow.Activities.dll + 2009-08-10 19:33 . 2009-08-10 19:33 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll + 2009-08-10 19:27 . 2008-06-20 01:14 5931008 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll + 2009-08-10 19:33 . 2009-08-10 19:33 2879488 c:\windows\assembly\GAC_MSIL\System.Data.Entity\3.5.0.0__b77a5c561934e089\System.Data.Entity.dll + 2009-08-10 19:27 . 2008-06-20 01:14 5283840 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll + 2009-08-10 19:27 . 2008-06-20 01:14 1738760 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\wpfgfx_v0300.dll + 2009-08-10 19:28 . 2008-06-20 01:14 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll + 2009-06-13 07:01 . 2009-08-10 19:32 77842451 c:\windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin + 2006-11-02 10:24 . 2009-07-07 15:10 24539592 c:\windows\System32\mrt.exe + 2009-08-11 01:21 . 2009-08-11 01:21 17313792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\8916ab751fafa7245dc9dfa6cfac3cfc\System.ServiceModel.ni.dll + 2009-08-10 19:36 . 2009-08-10 19:36 14320128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2606f840d6783c9c2307965650735ada\PresentationFramework.ni.dll + 2009-08-10 19:35 . 2009-08-10 19:35 12213248 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\9895974a8ff48335614f44603ff16a9d\PresentationCore.ni.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-16 39408] "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-07-17 196608] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-07-17 442433] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-18 150040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-18 170520] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-18 145944] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-08-05 3563520] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-12-16 30192] "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-01-09 645328] "Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-06-03 446635] "PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2008-01-14 132392] "dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-10-04 206064] "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-11-02 167936] "nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-12-12 642856] "nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2008-12-14 467240] "McENUI"="c:\progra~1\McAfee\MHN\McENUI.exe" [2009-01-09 1176808] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-12 640376] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136] "RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe" [2008-03-21 83240] "PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe" [2007-12-14 50472] "BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2009-06-24 91432] c:\users\Brandon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2006-1-21 118784] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-7-9 1616976] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler] "{73526E5A-FD53-4BE7-B5E2-D3C89D7413DC}"= "c:\users\Brandon\Documents\Downloads\Compressed\AveFolderBg\32bits\VistaFolderBackground.dll" [2008-09-17 184320] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] SetupExecute REG_MULTI_SZ \0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{83EBE4D4-420E-4770-A6EA-72C1B6139ACC}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent "{5DA30AFC-D792-46F0-AAD1-B06D75914C5C}"= c:\program files\Dell\MediaDirect\MediaDirect.exe:Dell MediaDirect "{3276E660-7CEC-4959-AD16-340C5B4CDDF1}"= c:\program files\Dell\MediaDirect\PCMService.exe:CyberLink PowerCinema Resident Program "{63B77538-D270-49E2-BDB7-E26C92616C65}"= c:\program files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine "{E2D0029C-0CDF-4081-9401-68CF7AF8732E}"= c:\program files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe:CyberLink Media Server "{D05DE99F-D323-4130-963F-6181DBABB181}"= UDP:c:\program files\Dell Remote Access\ezi_ra.exe:Dell Remote Access "{AFEA741D-E902-42A5-AEB6-77F5762AD625}"= TCP:c:\program files\Dell Remote Access\ezi_ra.exe:Dell Remote Access "{5BF27FD1-310A-42DA-B3B6-48FAF15C1F11}"= UDP:c:\programdata\SingleClick Systems\Advanced Networking Service\hnm_svc.exe:Advanced Networking Service "{FED72049-7622-4DDB-87EC-7B84366DD52A}"= TCP:c:\programdata\SingleClick Systems\Advanced Networking Service\hnm_svc.exe:Advanced Networking Service "{02B4B086-FA54-473E-831E-A7FB64D1501B}"= UDP:c:\program files\Dell Video Chat\DellVideoChat.exe:SightSpeed "{C688789D-9D25-4278-A4B7-2FFC86A4C565}"= TCP:c:\program files\Dell Video Chat\DellVideoChat.exe:SightSpeed "{D33E9505-6F0A-491E-A514-5E255FAF86AF}"= UDP:c:\program files\uTorrent\uTorrent.exe:
  3. ComboFix Pt. 2 + 2009-08-10 19:35 . 2009-08-10 19:35 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\b07a3428544255944bc199e4e3d2e6d3\UIAutomationProvider.ni.dll + 2009-08-11 05:12 . 2009-08-11 05:12 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\05fc89ad1590cc672c5a47bbef2e7b2f\System.Windows.Presentation.ni.dll + 2009-08-11 05:12 . 2009-08-11 05:12 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\17e2a7113434da494a846a8f4e4ac5e9\System.Web.DynamicData.Design.ni.dll + 2009-08-11 01:22 . 2009-08-11 01:22 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\a8e047504bdad9ec14efd483574b0dd5\System.ComponentModel.DataAnnotations.ni.dll + 2009-08-11 01:22 . 2009-08-11 01:22 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f2b48eab657b4ef1d19dac11bdf0c913\System.AddIn.Contract.ni.dll + 2009-08-10 19:35 . 2009-08-10 19:35 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\30b970ab3de237247d0cd7f3dc328fed\PresentationFontCache.ni.exe + 2009-08-10 19:35 . 2009-08-10 19:35 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\22ccba9e26cba4b1dadd92f68173dc31\PresentationCFFRasterizer.ni.dll + 2009-08-11 01:22 . 2009-08-11 01:22 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\66359457e427c0d547750a79f754f9ba\Microsoft.Build.Framework.ni.dll + 2009-08-10 19:28 . 2008-06-20 01:14 94208 c:\windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll + 2009-08-10 19:28 . 2008-06-20 01:14 98304 c:\windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll + 2009-08-10 19:28 . 2008-06-20 01:14 40960 c:\windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll + 2009-08-10 19:33 . 2009-08-10 19:33 12288 c:\windows\assembly\GAC_MSIL\System.Windows.Presentation\3.5.0.0__b77a5c561934e089\System.Windows.Presentation.dll + 2009-08-10 19:33 . 2009-08-10 19:33 61440 c:\windows\assembly\GAC_MSIL\System.Web.Routing\3.5.0.0__31bf3856ad364e35\System.Web.Routing.dll + 2009-08-10 19:33 . 2009-08-10 19:33 32768 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData.Design\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.Design.dll + 2009-08-10 19:33 . 2009-08-10 19:33 77824 c:\windows\assembly\GAC_MSIL\System.Web.Abstractions\3.5.0.0__31bf3856ad364e35\System.Web.Abstractions.dll - 2008-01-21 02:25 . 2008-01-21 02:25 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll + 2009-08-10 19:28 . 2008-06-20 01:14 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll + 2009-08-10 19:28 . 2008-06-20 01:14 73728 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Install\3.0.0.0__b77a5c561934e089\System.ServiceModel.Install.dll + 2009-08-10 19:33 . 2009-08-10 19:33 53248 c:\windows\assembly\GAC_MSIL\System.Data.DataSetExtensions\3.5.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll + 2009-08-10 19:33 . 2009-08-10 19:33 57344 c:\windows\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\3.5.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll + 2009-08-10 19:33 . 2009-08-10 19:33 45056 c:\windows\assembly\GAC_MSIL\System.AddIn.Contract\2.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll + 2009-08-10 19:27 . 2008-06-20 01:14 46104 c:\windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe - 2008-01-21 02:25 . 2008-01-21 02:25 32768 c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll + 2009-08-10 19:28 . 2008-06-20 01:14 32768 c:\windows\assembly\GAC_MSIL\PresentationCFFRasterizer\3.0.0.0__31bf3856ad364e35\PresentationCFFRasterizer.dll + 2009-08-10 19:33 . 2009-08-10 19:33 41984 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC.STLCLR\1.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.STLCLR.dll + 2009-08-10 19:33 . 2009-08-10 19:33 94208 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.v3.5.dll + 2009-08-10 19:33 . 2009-08-10 19:33 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll - 2008-12-26 06:46 . 2009-07-06 05:34 2992 c:\windows\System32\WDI\ERCQueuedResolutions.dat + 2008-12-26 06:46 . 2009-08-11 05:48 2992 c:\windows\System32\WDI\ERCQueuedResolutions.dat + 2009-08-11 15:41 . 2009-08-11 15:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2009-08-11 15:41 . 2009-08-11 15:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-08-08 19:46 . 2009-08-08 19:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2008-07-30 03:40 . 2008-07-30 03:40 5632 c:\windows\Microsoft.NET\Framework\v3.5\Sentinel.v3.5Client.dll + 2009-08-10 19:33 . 2009-08-10 19:33 5632 c:\windows\assembly\GAC_MSIL\Sentinel.v3.5Client\3.5.0.0__b03f5f7f11d50a3a\Sentinel.v3.5Client.dll + 2009-08-10 19:28 . 2008-06-20 01:13 540672 c:\windows\winsxs\x86_wwf-system.workflow.runtime_31bf3856ad364e35_6.0.6001.22208_none_65ac7e9ab91d6187\System.Workflow.Runtime.dll + 2009-08-10 19:28 . 2008-06-20 01:14 540672 c:\windows\winsxs\x86_wwf-system.workflow.runtime_31bf3856ad364e35_6.0.6001.18096_none_64bf9009a04a8d61\System.Workflow.Runtime.dll + 2009-08-10 19:28 . 2008-06-20 01:13 540672 c:\windows\winsxs\x86_wwf-system.workflow.runtime_31bf3856ad364e35_6.0.6000.20864_none_63815f44bc2b12e0\System.Workflow.Runtime.dll + 2009-08-10 19:28 . 2008-06-20 01:18 540672 c:\windows\winsxs\x86_wwf-system.workflow.runtime_31bf3856ad364e35_6.0.6000.16708_none_633ca329a2d930cc\System.Workflow.Runtime.dll + 2009-08-10 19:27 . 2008-06-20 01:13 301568 c:\windows\winsxs\x86_wpf-xpsviewerexe_31bf3856ad364e35_6.0.6001.22208_none_c9c50d8221a5a7d5\XPSViewer.exe + 2009-08-10 19:27 . 2008-06-20 01:14 301568 c:\windows\winsxs\x86_wpf-xpsviewerexe_31bf3856ad364e35_6.0.6001.18096_none_c8d81ef108d2d3af\XPSViewer.exe + 2009-08-10 19:27 . 2008-06-20 01:12 301568 c:\windows\winsxs\x86_wpf-xpsviewerexe_31bf3856ad364e35_6.0.6000.20864_none_c799ee2c24b3592e\XPSViewer.exe + 2009-08-10 19:27 . 2008-06-20 01:18 301568 c:\windows\winsxs\x86_wpf-xpsviewerexe_31bf3856ad364e35_6.0.6000.16708_none_c75532110b61771a\XPSViewer.exe + 2009-08-10 19:28 . 2008-06-20 01:13 385024 c:\windows\winsxs\x86_wpf-uiautomationclientsideproviders_31bf3856ad364e35_6.0.6001.22208_none_554db166677 cc421\UIAutomationClientsideProviders.dll + 2009-08-10 19:28 . 2008-06-20 01:14 385024 c:\windows\winsxs\x86_wpf-uiautomationclientsideproviders_31bf3856ad364e35_6.0.6001.18096_none_5460c2d54ea 9effb\UIAutomationClientsideProviders.dll + 2009-08-10 19:28 . 2008-06-20 01:12 385024 c:\windows\winsxs\x86_wpf-uiautomationclientsideproviders_31bf3856ad364e35_6.0.6000.20864_none_532292106a8 a757a\UIAutomationClientsideProviders.dll + 2009-08-10 19:28 . 2008-06-20 01:18 385024 c:\windows\winsxs\x86_wpf-uiautomationclientsideproviders_31bf3856ad364e35_6.0.6000.16708_none_52ddd5f5513 89366\UIAutomationClientsideProviders.dll + 2009-08-10 19:28 . 2008-06-20 01:13 167936 c:\windows\winsxs\x86_wpf-uiautomationclient_31bf3856ad364e35_6.0.6001.22208_none_db0a99315a5ed6b2\UIAutomationClient.dll + 2009-08-10 19:28 . 2008-06-20 01:14 167936 c:\windows\winsxs\x86_wpf-uiautomationclient_31bf3856ad364e35_6.0.6001.18096_none_da1daaa0418c028c\UIAutomationClient.dll + 2009-08-10 19:28 . 2008-06-20 01:12 167936 c:\windows\winsxs\x86_wpf-uiautomationclient_31bf3856ad364e35_6.0.6000.20864_none_d8df79db5d6c880b\UIAutomationClient.dll + 2009-08-10 19:28 . 2008-06-20 01:18 167936 c:\windows\winsxs\x86_wpf-uiautomationclient_31bf3856ad364e35_6.0.6000.16708_none_d89abdc0441aa5f7\UIAutomationClient.dll + 2008-01-21 02:25 . 2008-01-21 02:25 688128 c:\windows\winsxs\x86_wpf-system.speech_31bf3856ad364e35_6.0.6001.22208_none_824e913c35a437af\System.Speech.dll + 2008-01-21 02:25 . 2008-01-21 02:25 688128 c:\windows\winsxs\x86_wpf-system.speech_31bf3856ad364e35_6.0.6001.18096_none_8161a2ab1cd16389\System.Speech.dll + 2008-01-21 02:25 . 2008-01-21 02:25 688128 c:\windows\winsxs\x86_wpf-system.speech_31bf3856ad364e35_6.0.6000.20864_none_802371e638b1e908\System.Speech.dll + 2008-01-21 02:25 . 2008-01-21 02:25 688128 c:\windows\winsxs\x86_wpf-system.speech_31bf3856ad364e35_6.0.6000.16708_none_7fdeb5cb1f6006f4\System.Speech.dll + 2009-08-10 19:28 . 2008-06-20 01:13 528384 c:\windows\winsxs\x86_wpf-reachframework_31bf3856ad364e35_6.0.6001.22208_none_00bbcc3141cfe80d\ReachFramework.dll + 2009-08-10 19:28 . 2008-06-20 01:14 528384 c:\windows\winsxs\x86_wpf-reachframework_31bf3856ad364e35_6.0.6001.18096_none_ffcedda028fd13e7\ReachFramework.dll + 2009-08-10 19:28 . 2008-06-20 01:12 528384 c:\windows\winsxs\x86_wpf-reachframework_31bf3856ad364e35_6.0.6000.20864_none_fe90acdb44dd9966\ReachFramework.dll + 2009-08-10 19:28 . 2008-06-20 01:18 528384 c:\windows\winsxs\x86_wpf-reachframework_31bf3856ad364e35_6.0.6000.16708_none_fe4bf0c02b8bb752\ReachFramework.dll + 2009-08-10 19:27 . 2008-06-20 01:13 781344 c:\windows\winsxs\x86_wpf-presentationnative_31bf3856ad364e35_6.0.6001.22208_none_5757acdb5f96b091\PresentationNative_v0300.dll + 2009-08-10 19:27 . 2008-06-20 01:14 781344 c:\windows\winsxs\x86_wpf-presentationnative_31bf3856ad364e35_6.0.6001.18096_none_566abe4a46c3dc6b\PresentationNative_v0300.dll + 2009-08-10 19:27 . 2008-06-20 01:12 781344 c:\windows\winsxs\x86_wpf-presentationnative_31bf3856ad364e35_6.0.6000.20864_none_552c8d8562a461ea\PresentationNative_v0300.dll + 2009-08-10 19:27 . 2008-06-20 01:18 781344 c:\windows\winsxs\x86_wpf-presentationnative_31bf3856ad364e35_6.0.6000.16708_none_54e7d16a49527fd6\PresentationNative_v0300.dll + 2009-08-10 19:27 . 2008-06-20 01:13 326160 c:\windows\winsxs\x86_wpf-presentationhostexe_31bf3856ad364e35_6.0.6001.22208_none_7085d452393445e2\PresentationHost.exe + 2009-08-10 19:27 . 2008-06-20 01:14 326160 c:\windows\winsxs\x86_wpf-presentationhostexe_31bf3856ad364e35_6.0.6001.18096_none_6f98e5c1206171bc\PresentationHost.exe + 2009-08-10 19:27 . 2008-06-20 01:12 326160 c:\windows\winsxs\x86_wpf-presentationhostexe_31bf3856ad364e35_6.0.6000.20864_none_6e5ab4fc3c41f73b\PresentationHost.exe + 2009-08-10 19:27 . 2008-06-20 01:18 326160 c:\windows\winsxs\x86_wpf-presentationhostexe_31bf3856ad364e35_6.0.6000.16708_none_6e15f8e122f01527\PresentationHost.exe + 2009-08-10 19:28 . 2008-06-20 01:13 132120 c:\windows\winsxs\x86_wpf-presentationhostdll_31bf3856ad364e35_6.0.6001.22208_none_709d0e3a3915a370\PresentationHostDLL.dll + 2009-08-10 19:28 . 2008-06-20 01:14 132120 c:\windows\winsxs\x86_wpf-presentationhostdll_31bf3856ad364e35_6.0.6001.18096_none_6fb01fa92042cf4a\PresentationHostDLL.dll + 2009-08-10 19:28 . 2008-06-20 01:12 132120 c:\windows\winsxs\x86_wpf-presentationhostdll_31bf3856ad364e35_6.0.6000.20864_none_6e71eee43c2354c9\PresentationHostDLL.dll + 2009-08-10 19:28 . 2008-06-20 01:18 132120 c:\windows\winsxs\x86_wpf-presentationhostdll_31bf3856ad364e35_6.0.6000.16708_none_6e2d32c922d172b5\PresentationHostDLL.dll + 2009-08-10 19:27 . 2008-06-20 01:13 163840 c:\windows\winsxs\x86_wpf-presentationframework.royale_31bf3856ad364e35_6.0.6001.22208_none_eb46d1fac358e6 98\PresentationFramework.Royale.dll + 2009-08-10 19:27 . 2008-06-20 01:14 163840 c:\windows\winsxs\x86_wpf-presentationframework.royale_31bf3856ad364e35_6.0.6001.18096_none_ea59e369aa8612 72\PresentationFramework.Royale.dll + 2009-08-10 19:27 . 2008-06-20 01:12 163840 c:\windows\winsxs\x86_wpf-presentationframework.royale_31bf3856ad364e35_6.0.6000.20864_none_e91bb2a4c66697 f1\PresentationFramework.Royale.dll + 2009-08-10 19:27 . 2008-06-20 01:18 163840 c:\windows\winsxs\x86_wpf-presentationframework.royale_31bf3856ad364e35_6.0.6000.16708_none_e8d6f689ad14b5 dd\PresentationFramework.Royale.dll + 2009-08-10 19:27 . 2008-06-20 01:13 397312 c:\windows\winsxs\x86_wpf-presentationframework.luna_31bf3856ad364e35_6.0.6001.22208_none_31f039762251cd08\PresentationFramework.Luna.dll + 2009-08-10 19:27 . 2008-06-20 01:14 397312 c:\windows\winsxs\x86_wpf-presentationframework.luna_31bf3856ad364e35_6.0.6001.18096_none_31034ae5097ef8e2\PresentationFramework.Luna.dll + 2009-08-10 19:27 . 2008-06-20 01:12 397312 c:\windows\winsxs\x86_wpf-presentationframework.luna_31bf3856ad364e35_6.0.6000.20864_none_2fc51a20255f7e61\PresentationFramework.Luna.dll + 2009-08-10 19:27 . 2008-06-20 01:18 397312 c:\windows\winsxs\x86_wpf-presentationframework.luna_31bf3856ad364e35_6.0.6000.16708_none_2f805e050c0d9c4d\PresentationFramework.Luna.dll + 2009-08-10 19:27 . 2008-06-20 01:13 139264 c:\windows\winsxs\x86_wpf-presentationframework.classic_31bf3856ad364e35_6.0.6001.22208_none_f4fae63b42dc1 362\PresentationFramework.Classic.dll + 2009-08-10 19:27 . 2008-06-20 01:14 139264 c:\windows\winsxs\x86_wpf-presentationframework.classic_31bf3856ad364e35_6.0.6001.18096_none_f40df7aa2a093 f3c\PresentationFramework.Classic.dll + 2009-08-10 19:27 . 2008-06-20 01:12 139264 c:\windows\winsxs\x86_wpf-presentationframework.classic_31bf3856ad364e35_6.0.6000.20864_none_f2cfc6e545e9c 4bb\PresentationFramework.Classic.dll + 2009-08-10 19:27 . 2008-06-20 01:18 139264 c:\windows\winsxs\x86_wpf-presentationframework.classic_31bf3856ad364e35_6.0.6000.16708_none_f28b0aca2c97e 2a7\PresentationFramework.Classic.dll + 2009-08-10 19:27 . 2008-06-20 01:13 196608 c:\windows\winsxs\x86_wpf-presentationframework.aero_31bf3856ad364e35_6.0.6001.22208_none_3315609821a7b585\PresentationFramework.Aero.dll + 2009-08-10 19:27 . 2008-06-20 01:14 196608 c:\windows\winsxs\x86_wpf-presentationframework.aero_31bf3856ad364e35_6.0.6001.18096_none_3228720708d4e15f\PresentationFramework.Aero.dll + 2009-08-10 19:27 . 2008-06-20 01:12 196608 c:\windows\winsxs\x86_wpf-presentationframework.aero_31bf3856ad364e35_6.0.6000.20864_none_30ea414224b566de\PresentationFramework.Aero.dll + 2009-08-10 19:27 . 2008-06-20 01:18 196608 c:\windows\winsxs\x86_wpf-presentationframework.aero_31bf3856ad364e35_6.0.6000.16708_none_30a585270b6384ca\PresentationFramework.Aero.dll + 2009-08-10 19:28 . 2008-06-20 01:13 105016 c:\windows\winsxs\x86_wpf-presentationcffrasterizernative_31bf3856ad364e35_6.0.6001.22208_none_ca27001ca76 8d8df\PresentationCFFRasterizerNative_v0300.dll + 2009-08-10 19:28 . 2008-06-20 01:14 105016 c:\windows\winsxs\x86_wpf-presentationcffrasterizernative_31bf3856ad364e35_6.0.6001.18096_none_c93a118b8e9 604b9\PresentationCFFRasterizerNative_v0300.dll + 2009-08-10 19:28 . 2008-06-20 01:12 105016 c:\windows\winsxs\x86_wpf-presentationcffrasterizernative_31bf3856ad364e35_6.0.6000.20864_none_c7fbe0c6aa7 68a38\PresentationCFFRasterizerNative_v0300.dll + 2009-08-10 19:28 . 2008-06-20 01:18 105016 c:\windows\winsxs\x86_wpf-presentationcffrasterizernative_31bf3856ad364e35_6.0.6000.16708_none_c7b724ab912 4a824\PresentationCFFRasterizerNative_v0300.dll + 2009-08-10 19:28 . 2008-06-20 01:13 598016 c:\windows\winsxs\x86_wpf-presentationbuildtasks_31bf3856ad364e35_6.0.6001.22208_none_509edfdf6691efea\PresentationBuildTasks.dll + 2009-08-10 19:28 . 2008-06-20 01:14 598016 c:\windows\winsxs\x86_wpf-presentationbuildtasks_31bf3856ad364e35_6.0.6001.18096_none_4fb1f14e4dbf1bc4\PresentationBuildTasks.dll + 2009-08-10 19:28 . 2008-06-20 01:12 598016 c:\windows\winsxs\x86_wpf-presentationbuildtasks_31bf3856ad364e35_6.0.6000.20864_none_4e73c089699fa143\PresentationBuildTasks.dll + 2009-08-10 19:28 . 2008-06-20 01:18 598016 c:\windows\winsxs\x86_wpf-presentationbuildtasks_31bf3856ad364e35_6.0.6000.16708_none_4e2f046e504dbf2f\PresentationBuildTasks.dll + 2009-08-10 19:27 . 2008-06-20 01:13 966656 c:\windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.22208_none_f0724a733a5cf5 93\System.Runtime.Serialization.dll + 2009-08-10 19:27 . 2008-06-20 01:14 966656 c:\windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6001.18096_none_0749218120ad46 09\System.Runtime.Serialization.dll + 2009-08-10 19:27 . 2008-06-20 01:12 966656 c:\windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.20864_none_f09cab873a061a c2\System.Runtime.Serialization.dll + 2009-08-10 19:27 . 2008-06-20 01:17 966656 c:\windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.0.6000.16708_none_0763f56b206489 36\System.Runtime.Serialization.dll + 2009-08-10 19:28 . 2008-06-20 01:13 131072 c:\windows\winsxs\x86_wcf-system.io.log_b03f5f7f11d50a3a_6.0.6001.22208_none_c39f387ed4c63b41\System.IO.Log.dll + 2009-08-10 19:28 . 2008-06-20 01:14 131072 c:\windows\winsxs\x86_wcf-system.io.log_b03f5f7f11d50a3a_6.0.6001.18096_none_da760f8cbb168bb7\System.IO.Log.dll + 2009-08-10 19:28 . 2008-06-20 01:12 131072 c:\windows\winsxs\x86_wcf-system.io.log_b03f5f7f11d50a3a_6.0.6000.20864_none_c3c99992d46f6070\System.IO.Log.dll + 2009-08-10 19:28 . 2008-06-20 01:17 131072 c:\windows\winsxs\x86_wcf-system.io.log_b03f5f7f11d50a3a_6.0.6000.16708_none_da90e376bacdcee4\System.IO.Log.dll + 2009-08-10 19:28 . 2008-06-20 01:13 430080 c:\windows\winsxs\x86_wcf-system.identitymodel_b03f5f7f11d50a3a_6.0.6001.22208_none_0eda032a5a266f2c\System.IdentityModel.dll + 2009-08-10 19:28 . 2008-06-20 01:14 430080 c:\windows\winsxs\x86_wcf-system.identitymodel_b03f5f7f11d50a3a_6.0.6001.18096_none_25b0da384076bfa2\System.IdentityModel.dll + 2009-08-10 19:28 . 2008-06-20 01:12 430080 c:\windows\winsxs\x86_wcf-system.identitymodel_b03f5f7f11d50a3a_6.0.6000.20864_none_0f04643e59cf945b\System.IdentityModel.dll + 2009-08-10 19:28 . 2008-06-20 01:17 430080 c:\windows\winsxs\x86_wcf-system.identitymodel_b03f5f7f11d50a3a_6.0.6000.16708_none_25cbae22402e02cf\System.IdentityModel.dll + 2009-08-10 19:28 . 2008-06-20 01:13 126976 c:\windows\winsxs\x86_wcf-system.identitymodel.selectors_b03f5f7f11d50a3a_6.0.6001.22208_none_4ca2f28d4aba 1c9a\System.IdentityModel.Selectors.dll + 2009-08-10 19:28 . 2008-06-20 01:14 126976 c:\windows\winsxs\x86_wcf-system.identitymodel.selectors_b03f5f7f11d50a3a_6.0.6001.18096_none_6379c99b310a 6d10\System.IdentityModel.Selectors.dll + 2009-08-10 19:28 . 2008-06-20 01:12 126976 c:\windows\winsxs\x86_wcf-system.identitymodel.selectors_b03f5f7f11d50a3a_6.0.6000.20864_none_4ccd53a14a63 41c9\System.IdentityModel.Selectors.dll + 2009-08-10 19:28 . 2008-06-20 01:17 126976 c:\windows\winsxs\x86_wcf-system.identitymodel.selectors_b03f5f7f11d50a3a_6.0.6000.16708_none_63949d8530c1 b03d\System.IdentityModel.Selectors.dll + 2009-08-10 19:28 . 2008-06-20 01:13 181264 c:\windows\winsxs\x86_wcf-m_sm_cfg_ins_exe_31bf3856ad364e35_6.0.6001.22208_none_00b2fd11363c5214\SMConfigInstaller.exe + 2009-08-10 19:28 . 2008-06-20 01:14 181264 c:\windows\winsxs\x86_wcf-m_sm_cfg_ins_exe_31bf3856ad364e35_6.0.6001.18096_none_ffc60e801d697dee\SMConfigInstaller.exe + 2009-08-10 19:28 . 2008-06-20 01:12 181264 c:\windows\winsxs\x86_wcf-m_sm_cfg_ins_exe_31bf3856ad364e35_6.0.6000.20864_none_fe87ddbb394a036d\SMConfigInstaller.exe + 2009-08-10 19:28 . 2008-06-20 01:17 181264 c:\windows\winsxs\x86_wcf-m_sm_cfg_ins_exe_31bf3856ad364e35_6.0.6000.16708_none_fe4321a01ff82159\SMConfigInstaller.exe + 2009-08-10 19:28 . 2008-06-20 01:13 622080 c:\windows\winsxs\x86_wcf-icardagt_exe_31bf3856ad364e35_6.0.6001.22208_none_32694bc98abe06ed\icardagt.exe + 2009-08-10 19:28 . 2008-06-20 01:14 622080 c:\windows\winsxs\x86_wcf-icardagt_exe_31bf3856ad364e35_6.0.6001.18096_none_317c5d3871eb32c7\icardagt.exe + 2009-08-10 19:28 . 2008-06-20 01:12 622080 c:\windows\winsxs\x86_wcf-icardagt_exe_31bf3856ad364e35_6.0.6000.20864_none_303e2c738dcbb846\icardagt.exe + 2009-08-10 19:28 . 2008-06-20 01:17 622080 c:\windows\winsxs\x86_wcf-icardagt_exe_31bf3856ad364e35_6.0.6000.16708_none_2ff970587479d632\icardagt.exe + 2009-08-10 19:28 . 2008-06-20 01:13 368640 c:\windows\winsxs\x86_system.printing_31bf3856ad364e35_6.0.6001.22208_none_73d203be8f32b550\System.Printing.dll + 2009-08-10 19:28 . 2008-06-20 01:14 368640 c:\windows\winsxs\x86_system.printing_31bf3856ad364e35_6.0.6001.18096_none_72e5152d765fe12a\System.Printing.dll + 2009-08-10 19:28 . 2008-06-20 01:12 368640 c:\windows\winsxs\x86_system.printing_31bf3856ad364e35_6.0.6000.20864_none_71a6e468924066a9\System.Printing.dll + 2009-08-10 19:28 . 2008-06-20 01:18 368640 c:\windows\winsxs\x86_system.printing_31bf3856ad364e35_6.0.6000.16708_none_7162284d78ee8495\System.Printing.dll + 2009-08-10 19:27 . 2008-06-20 01:13 163840 c:\windows\winsxs\x86_microsoft.transactions.bridge.dtc_b03f5f7f11d50a3a_6.0.6001.22208_none_ d8566749ac903376\Microsoft.Transactions.Bridge.Dtc.dll + 2009-08-10 19:27 . 2008-06-20 01:14 163840 c:\windows\winsxs\x86_microsoft.transactions.bridge.dtc_b03f5f7f11d50a3a_6.0.6001.18096_none_ ef2d3e5792e083ec\Microsoft.Transactions.Bridge.Dtc.dll + 2009-08-10 19:27 . 2008-06-20 01:12 163840 c:\windows\winsxs\x86_microsoft.transactions.bridge.dtc_b03f5f7f11d50a3a_6.0.6000.20864_none_ d880c85dac3958a5\Microsoft.Transactions.Bridge.Dtc.dll + 2009-08-10 19:27 . 2008-06-20 01:17 163840 c:\windows\winsxs\x86_microsoft.transactions.bridge.dtc_b03f5f7f11d50a3a_6.0.6000.16708_none_ ef4812419297c719\Microsoft.Transactions.Bridge.Dtc.dll + 2009-08-08 18:46 . 2009-07-18 10:02 301568 c:\windows\winsxs\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.21089_none_0b99cb87f04d1d33\ieuser.exe + 2009-08-08 18:46 . 2009-07-18 10:01 301568 c:\windows\winsxs\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.16890_none_0afc8414d73f8209\ieuser.exe + 2009-08-08 18:45 . 2009-07-18 10:02 263168 c:\windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.21089_none_e6f1966badd25d81\ieinstal.exe + 2009-08-08 18:45 . 2009-07-18 10:01 263168 c:\windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.16890_none_e6544ef894c4c257\ieinstal.exe + 2009-08-08 18:45 . 2009-07-18 09:24 180736 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6002.22180_none_66bc01a4c4a3d534\ieui.dll + 2009-08-08 18:45 . 2009-07-18 09:20 180736 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6002.18071_none_663e350fab7d32d0\ieui.dll + 2009-08-08 18:45 . 2009-07-18 11:52 180736 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.22475_none_64e5611ac770e2d2\ieui.dll + 2009-08-08 18:45 . 2009-07-18 12:09 180736 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.21089_none_62f829ecca4f0949\ieui.dll + 2009-08-08 18:45 . 2009-07-18 12:10 180736 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16890_none_625ae279b1416e1f\ieui.dll + 2009-08-08 18:45 . 2009-07-18 11:56 129536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.22475_none_47e69ed4a5d609cc\sqmapi.dll + 2009-08-08 18:45 . 2009-07-18 11:52 271360 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.22475_none_47e69ed4a5d609cc\iertutil.dll + 2009-08-08 18:45 . 2009-07-18 16:01 270848 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.18294_none_474660018cc98b66\iertutil.dll + 2009-08-08 18:45 . 2009-07-18 12:15 134144 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.21089_none_45f967a6a8b43043\sqmapi.dll + 2009-08-08 18:45 . 2009-07-18 12:09 268288 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.21089_none_45f967a6a8b43043\iertutil.dll + 2009-08-08 18:45 . 2009-07-18 12:16 134144 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.16890_none_455c20338fa69519\sqmapi.dll + 2009-08-08 18:45 . 2009-07-18 12:10 268288 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.16890_none_455c20338fa69519\iertutil.dll + 2009-08-08 18:45 . 2009-07-18 11:55 146432 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6001.22475_none_37695ca72d74ef3a\occache.dll + 2009-08-08 18:45 . 2009-07-18 16:04 146432 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6001.18294_none_36c91dd4146870d4\occache.dll + 2009-08-08 18:45 . 2009-07-18 12:14 102912 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6000.21089_none_357c2579305315b1\occache.dll + 2009-08-08 18:45 . 2009-07-18 12:15 102912 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6000.16890_none_34dede0617457a87\occache.dll + 2009-08-08 18:45 . 2009-07-18 11:55 634648 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22475_none_2fa4f48433505a52\iexplore.exe + 2009-08-08 18:45 . 2009-07-18 21:39 634648 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18294_none_2f04b5b11a43dbec\iexplore.exe + 2009-08-08 18:45 . 2009-07-18 12:16 634648 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21089_none_2db7bd56362e80c9\iexplore.exe + 2009-08-08 18:45 . 2009-07-18 12:16 634648 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16890_none_2d1a75e31d20e59f\iexplore.exe + 2009-08-08 18:46 . 2009-07-18 12:12 477696 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.21089_none_467ea6b45f94c4f4\mshtmled.dll + 2009-08-08 18:46 . 2009-07-18 12:13 477696 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.16890_none_45e15f41468729ca\mshtmled.dll + 2009-08-08 18:45 . 2009-07-18 11:54 458240 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6001.22475_none_60297ec753c83e27\msfeeds.dll + 2009-08-08 18:45 . 2009-07-18 16:02 458240 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6001.18294_none_5f893ff43abbbfc1\msfeeds.dll + 2009-08-08 18:45 . 2009-07-18 12:12 459264 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6000.21089_none_5e3c479956a6649e\msfeeds.dll + 2009-08-08 18:45 . 2009-07-18 12:13 459264 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6000.16890_none_5d9f00263d98c974\msfeeds.dll + 2009-08-08 18:46 . 2009-07-18 12:08 214528 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.21089_none_961c0c5c9dd41267\dxtrans.dll + 2009-08-08 18:46 . 2009-07-18 12:08 347136 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.21089_none_961c0c5c9dd41267\dxtmsft.dll + 2009-08-08 18:46 . 2009-07-18 12:09 214528 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16890_none_957ec4e984c6773d\dxtrans.dll + 2009-08-08 18:46 . 2009-07-18 12:09 347136 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16890_none_957ec4e984c6773d\dxtmsft.dll + 2009-08-08 18:46 . 2009-07-18 12:09 380928 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.21089_none_f9e7d3a487ee8c39\ieapfltr.dll + 2009-08-08 18:46 . 2009-07-18 12:10 380928 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16890_none_f94a8c316ee0f10f\ieapfltr.dll + 2009-08-08 18:45 . 2009-07-18 11:52 161792 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.22475_none_ae7516482017c315\ieakui.dll + 2009-08-08 18:45 . 2009-07-18 11:52 230400 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.22475_none_ae7516482017c315\ieaksie.dll + 2009-08-08 18:45 . 2009-07-18 16:01 230400 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.18294_none_add4d775070b44af\ieaksie.dll + 2009-08-08 18:45 . 2009-07-18 12:09 161792 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6000.21089_none_ac87df1a22f5e98c\ieakui.dll + 2009-08-08 18:45 . 2009-07-18 12:09 230400 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6000.21089_none_ac87df1a22f5e98c\ieaksie.dll + 2009-08-08 18:45 . 2009-07-18 12:10 161792 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6000.16890_none_abea97a709e84e62\ieakui.dll + 2009-08-08 18:45 . 2009-07-18 12:10 230400 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6000.16890_none_abea97a709e84e62\ieaksie.dll + 2009-08-08 18:45 . 2009-07-18 11:52 389120 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_6.0.6001.22475_none_749360f470cf0c36\iedkcs32.dll + 2009-08-08 18:45 . 2009-07-18 16:01 389120 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_6.0.6001.18294_none_73f3222157c28dd0\iedkcs32.dll + 2009-08-08 18:45 . 2009-07-18 12:09 388608 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_6.0.6000.21089_none_72a629c673ad32ad\iedkcs32.dll + 2009-08-08 18:45 . 2009-07-18 12:10 385024 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_6.0.6000.16890_none_7208e2535a9f9783\iedkcs32.dll + 2009-08-08 18:45 . 2009-07-18 11:47 828928 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22180_none_04028882b857ddd1\wininet.dll + 2009-08-08 18:45 . 2009-07-18 11:35 828416 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18071_none_0384bbed9f313b6d\wininet.dll + 2009-08-08 18:45 . 2009-07-18 11:56 828416 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22475_none_022be7f8bb24eb6f\wininet.dll + 2009-08-08 18:45 . 2009-07-18 16:06 827904 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18294_none_018ba925a2186d09\wininet.dll + 2009-08-08 18:45 . 2009-07-18 12:16 828928 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21089_none_003eb0cabe0311e6\wininet.dll + 2009-08-08 18:45 . 2009-07-18 12:17 827392 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16890_none_ffa16957a4f576bc\wininet.dll + 2009-08-08 18:45 . 2009-07-18 11:54 671232 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.22475_none_e1089b1f95c4844b\mstime.dll + 2009-08-08 18:45 . 2009-07-18 16:03 671232 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.18294_none_e0685c4c7cb805e5\mstime.dll + 2009-08-08 18:45 . 2009-07-18 12:13 671232 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.21089_none_df1b63f198a2aac2\mstime.dll + 2009-08-08 18:45 . 2009-07-18 12:13 671232 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.16890_none_de7e1c7e7f950f98\mstime.dll + 2009-08-08 18:47 . 2009-06-15 12:45 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_ac0f1dd570f10812\atmfd.dll + 2009-08-08 18:47 . 2009-06-15 12:42 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_ab8480c057d44ef1\atmfd.dll + 2009-08-08 18:47 . 2009-06-15 12:56 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_aa26ab5973cc8040\atmfd.dll + 2009-08-08 18:47 . 2009-06-15 12:52 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_a9896d645abd4ddf\atmfd.dll + 2009-08-08 18:47 . 2009-06-15 12:53 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_a83c750976a7f2bc\atmfd.dll + 2009-08-08 18:47 . 2009-06-15 13:03 289792 c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_a7a12e2a5d988a40\atmfd.dll + 2009-08-08 18:47 . 2009-06-15 15:00 156672 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6002.22152_none_b7fc28a4355e72c9\t2embed.dll + 2009-08-08 18:47 . 2009-06-15 14:53 156672 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6002.18051_none_b7718b8f1c41b9a8\t2embed.dll + 2009-08-08 18:47 . 2009-06-15 15:26 156672 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6001.22450_none_b613b6283839eaf7\t2embed.dll + 2009-08-08 18:47 . 2009-06-15 15:24 156672 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6001.18272_none_b57678331f2ab896\t2embed.dll + 2009-08-08 18:47 . 2009-06-15 15:09 156160 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6000.21067_none_b4297fd83b155d73\t2embed.dll + 2009-08-08 18:47 . 2009-06-15 15:29 156160 c:\windows\winsxs\x86_microsoft-windows-font-embedding_31bf3856ad364e35_6.0.6000.16870_none_b38e38f92205f4f7\t2embed.dll + 2009-08-08 18:45 . 2009-07-18 12:06 124928 c:\windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.21089_none_aa2122c70f008df0\advpack.dll + 2009-08-08 18:45 . 2009-07-18 12:07 124928 c:\windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.16890_none_a983db53f5f2f2c6\advpack.dll + 2009-08-10 19:27 . 2008-06-20 01:13 881664 c:\windows\winsxs\x86_infocard_b77a5c561934e089_6.0.6001.22208_none_b4bd0a2b32340979\infocard.exe + 2009-08-10 19:27 . 2008-06-20 01:14 881664 c:\windows\winsxs\x86_infocard_b77a5c561934e089_6.0.6001.18096_none_cb93e139188459ef\infocard.exe + 2009-08-10 19:27 . 2008-06-20 01:12 881664 c:\windows\winsxs\x86_infocard_b77a5c561934e089_6.0.6000.20864_none_b4e76b3f31dd2ea8\infocard.exe + 2009-08-10 19:27 . 2008-06-20 01:17 881664 c:\windows\winsxs\x86_infocard_b77a5c561934e089_6.0.6000.16708_none_cbaeb523183b9d1c\infocard.exe + 2009-08-10 19:28 . 2008-06-20 01:13 152576 c:\windows\winsxs\msil_wsatconfig_b03f5f7f11d50a3a_6.0.6001.22208_none_f20f4d49d1297aed\WsatConfig.exe + 2009-08-10 19:28 . 2008-06-20 01:14 152576 c:\windows\winsxs\msil_wsatconfig_b03f5f7f11d50a3a_6.0.6001.18096_none_08e62457b779cb63\WsatConfig.exe + 2009-08-10 19:28 . 2008-06-20 01:12 152576 c:\windows\winsxs\msil_wsatconfig_b03f5f7f11d50a3a_6.0.6000.20864_none_f239ae5dd0d2a01c\WsatConfig.exe + 2009-08-10 19:28 . 2008-06-20 01:17 152576 c:\windows\winsxs\msil_wsatconfig_b03f5f7f11d50a3a_6.0.6000.16708_none_0900f841b7310e90\WsatConfig.exe + 2009-08-10 19:28 . 2008-06-20 01:13 385024 c:\windows\winsxs\msil_uiautomationclientsideproviders_31bf3856ad364e35_6.0.6001.22208_none_b 77300279b2a623c\UIAutomationClientsideProviders.dll + 2009-08-10 19:28 . 2008-06-20 01:14 385024 c:\windows\winsxs\msil_uiautomationclientsideproviders_31bf3856ad364e35_6.0.6001.18096_none_b 686119682578e16\UIAutomationClientsideProviders.dll + 2009-08-10 19:28 . 2008-06-20 01:12 385024 c:\windows\winsxs\msil_uiautomationclientsideproviders_31bf3856ad364e35_6.0.6000.20864_none_b 547e0d19e381395\UIAutomationClientsideProviders.dll + 2009-08-10 19:28 . 2008-06-20 01:18 385024 c:\windows\winsxs\msil_uiautomationclientsideproviders_31bf3856ad364e35_6.0.6000.16708_none_b 50324b684e63181\UIAutomationClientsideProviders.dll + 2009-08-10 19:28 . 2008-06-20 01:13 167936 c:\windows\winsxs\msil_uiautomationclient_31bf3856ad364e35_6.0.6001.22208_none_21b6b58fa15595 15\UIAutomationClient.dll + 2009-08-10 19:28 . 2008-06-20 01:14 167936 c:\windows\winsxs\msil_uiautomationclient_31bf3856ad364e35_6.0.6001.18096_none_20c9c6fe8882c0 ef\UIAutomationClient.dll + 2009-08-10 19:28 . 2008-06-20 01:12 167936 c:\windows\winsxs\msil_uiautomationclient_31bf3856ad364e35_6.0.6000.20864_none_1f8b9639a46346 6e\UIAutomationClient.dll + 2009-08-10 19:28 . 2008-06-20 01:18 167936 c:\windows\winsxs\msil_uiautomationclient_31bf3856ad364e35_6.0.6000.16708_none_1f46da1e8b1164 5a\UIAutomationClient.dll + 2009-08-10 19:28 . 2008-06-20 01:13 540672 c:\windows\winsxs\msil_system.workflow.runtime_31bf3856ad364e35_6.0.6001.22208_none_d8b0c75ed 873478b\System.Workflow.Runtime.dll + 2009-08-10 19:28 . 2008-06-20 01:14 540672 c:\windows\winsxs\msil_system.workflow.runtime_31bf3856ad364e35_6.0.6001.18096_none_d7c3d8cdb fa07365\System.Workflow.Runtime.dll + 2009-08-10 19:28 . 2008-06-20 01:13 540672 c:\windows\winsxs\msil_system.workflow.runtime_31bf3856ad364e35_6.0.6000.20864_none_d685a808d b80f8e4\System.Workflow.Runtime.dll + 2009-08-10 19:28 . 2008-06-20 01:18 540672 c:\windows\winsxs\msil_system.workflow.runtime_31bf3856ad364e35_6.0.6000.16708_none_d640ebedc 22f16d0\System.Workflow.Runtime.dll + 2008-01-21 02:25 . 2008-01-21 02:25 688128 c:\windows\winsxs\msil_system.speech_31bf3856ad364e35_6.0.6001.22208_none_0a7e4c40999e5e7e\System.Speech.dll + 2008-01-21 02:25 . 2008-01-21 02:25 688128 c:\windows\winsxs\msil_system.speech_31bf3856ad364e35_6.0.6001.18096_none_09915daf80cb8a58\System.Speech.dll + 2008-01-21 02:25 . 2008-01-21 02:25 688128 c:\windows\winsxs\msil_system.speech_31bf3856ad364e35_6.0.6000.20864_none_08532cea9cac0fd7\System.Speech.dll + 2008-01-21 02:25 . 2008-01-21 02:25 688128 c:\windows\winsxs\msil_system.speech_31bf3856ad364e35_6.0.6000.16708_none_080e70cf835a2dc3\System.Speech.dll + 2009-08-10 19:27 . 2008-06-20 01:13 966656 c:\windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.22208_none_eb97 9ea5f9865b51\System.Runtime.Serialization.dll + 2009-08-10 19:27 . 2008-06-20 01:14 966656 c:\windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6001.18096_none_026e 75b3dfd6abc7\System.Runtime.Serialization.dll + 2009-08-10 19:27 . 2008-06-20 01:12 966656 c:\windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.20864_none_ebc1 ffb9f92f8080\System.Runtime.Serialization.dll + 2009-08-10 19:27 . 2008-06-20 01:17 966656 c:\windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.0.6000.16708_none_0289 499ddf8deef4\System.Runtime.Serialization.dll + 2009-08-10 19:27 . 2008-06-20 01:13 966656 c:\windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.22208_none_ bb54690bd1df5a1e\System.Runtime.Serialization.dll + 2009-08-10 19:27 . 2008-06-20 01:14 966656 c:\windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6001.18096_none_ d22b4019b82faa94\System.Runtime.Serialization.dll + 2009-08-10 19:27 . 2008-06-20 01:12 966656 c:\windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.20864_none_ bb7eca1fd1887f4d\System.Runtime.Serialization.dll + 2009-08-10 19:27 . 2008-06-20 01:17 966656 c:\windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.0.6000.16708_none_ d2461403b7e6edc1\System.Runtime.Serialization.dll + 2009-08-10 19:28 . 2008-06-20 01:13 131072 c:\windows\winsxs\msil_system.io.log_b03f5f7f11d50a3a_6.0.6001.22208_none_6e2eb1c839eb7bff\System.IO.Log.dll + 2009-08-10 19:28 . 2008-06-20 01:14 131072 c:\windows\winsxs\msil_system.io.log_b03f5f7f11d50a3a_6.0.6001.18096_none_850588d6203bcc75\System.IO.Log.dll + 2009-08-10 19:28 . 2008-06-20 01:12 131072 c:\windows\winsxs\msil_system.io.log_b03f5f7f11d50a3a_6.0.6000.20864_none_6e5912dc3994a12e\System.IO.Log.dll + 2009-08-10 19:28 . 2008-06-20 01:17 131072 c:\windows\winsxs\msil_system.io.log_b03f5f7f11d50a3a_6.0.6000.16708_none_85205cc01ff30fa2\System.IO.Log.dll + 2009-08-10 19:28 . 2008-06-20 01:13 430080 c:\windows\winsxs\msil_system.identitymodel_b77a5c561934e089_6.0.6001.22208_none_068c11b05db6 bb6a\System.IdentityModel.dll + 2009-08-10 19:28 . 2008-06-20 01:14 430080 c:\windows\winsxs\msil_system.identitymodel_b77a5c561934e089_6.0.6001.18096_none_1d62e8be4407 0be0\System.IdentityModel.dll + 2009-08-10 19:28 . 2008-06-20 01:12 430080 c:\windows\winsxs\msil_system.identitymodel_b77a5c561934e089_6.0.6000.20864_none_06b672c45d5f e099\System.IdentityModel.dll + 2009-08-10 19:28 . 2008-06-20 01:17 430080 c:\windows\winsxs\msil_system.identitymodel_b77a5c561934e089_6.0.6000.16708_none_1d7dbca843be 4f0d\System.IdentityModel.dll + 2009-08-10 19:28 . 2008-06-20 01:13 126976 c:\windows\winsxs\msil_system.identitymodel.selectors_b77a5c561934e089_6.0.6001.22208_none_95 20e1d88d457400\System.IdentityModel.Selectors.dll + 2009-08-10 19:28 . 2008-06-20 01:14 126976 c:\windows\winsxs\msil_system.identitymodel.selectors_b77a5c561934e089_6.0.6001.18096_none_ab f7b8e67395c476\System.IdentityModel.Selectors.dll + 2009-08-10 19:28 . 2008-06-20 01:12 126976 c:\windows\winsxs\msil_system.identitymodel.selectors_b77a5c561934e089_6.0.6000.20864_none_95 4b42ec8cee992f\System.IdentityModel.Selectors.dll + 2009-08-10 19:28 . 2008-06-20 01:17 126976 c:\windows\winsxs\msil_system.identitymodel.selectors_b77a5c561934e089_6.0.6000.16708_none_ac 128cd0734d07a3\System.IdentityModel.Selectors.dll + 2009-08-10 19:27 . 2008-06-20 01:13 132096 c:\windows\winsxs\msil_smsvchost_b03f5f7f11d50a3a_6.0.6001.22208_none_fb8b69b06e19ee70\SMSvcHost.exe + 2009-08-10 19:27 . 2008-06-20 01:14 132096 c:\windows\winsxs\msil_smsvchost_b03f5f7f11d50a3a_6.0.6001.18096_none_126240be546a3ee6\SMSvcHost.exe + 2009-08-10 19:27 . 2008-06-20 01:12 132096 c:\windows\winsxs\msil_smsvchost_b03f5f7f11d50a3a_6.0.6000.20864_none_fbb5cac46dc3139f\SMSvcHost.exe + 2009-08-10 19:27 . 2008-06-20 01:17 132096 c:\windows\winsxs\msil_smsvchost_b03f5f7f11d50a3a_6.0.6000.16708_none_127d14a854218213\SMSvcHost.exe + 2009-08-10 19:28 . 2008-06-20 01:13 110592 c:\windows\winsxs\msil_smdiagnostics_b77a5c561934e089_6.0.6001.22208_none_87c3f6f4c9aa65b8\SMdiagnostics.dll + 2009-08-10 19:28 . 2008-06-20 01:14 110592 c:\windows\winsxs\msil_smdiagnostics_b77a5c561934e089_6.0.6001.18096_none_9e9ace02affab62e\SMdiagnostics.dll + 2009-08-10 19:28 . 2008-06-20 01:12 110592 c:\windows\winsxs\msil_smdiagnostics_b77a5c561934e089_6.0.6000.20864_none_87ee5808c9538ae7\SMdiagnostics.dll + 2009-08-10 19:28 . 2008-06-20 01:17 110592 c:\windows\winsxs\msil_smdiagnostics_b77a5c561934e089_6.0.6000.16708_none_9eb5a1ecafb1f95b\SMdiagnostics.dll + 2009-08-10 19:28 . 2008-06-20 01:13 156688 c:\windows\winsxs\msil_servicemodelreg_b03f5f7f11d50a3a_6.0.6001.22208_none_33fe5fa115ae9bd2\ServiceModelReg.exe + 2009-08-10 19:28 . 2008-06-20 01:14 156688 c:\windows\winsxs\msil_servicemodelreg_b03f5f7f11d50a3a_6.0.6001.18096_none_4ad536aefbfeec48\ServiceModelReg.exe + 2009-08-10 19:28 . 2008-06-20 01:12 156688 c:\windows\winsxs\msil_servicemodelreg_b03f5f7f11d50a3a_6.0.6000.20864_none_3428c0b51557c101\ServiceModelReg.exe + 2009-08-10 19:28 . 2008-06-20 01:17 156688 c:\windows\winsxs\msil_servicemodelreg_b03f5f7f11d50a3a_6.0.6000.16708_none_4af00a98fbb62f75\ServiceModelReg.exe + 2009-08-10 19:28 . 2008-06-20 01:13 528384 c:\windows\winsxs\msil_reachframework_31bf3856ad364e35_6.0.6001.22208_none_4240f8a51a971ffc\ReachFramework.dll + 2009-08-10 19:28 . 2008-06-20 01:14 528384 c:\windows\winsxs\msil_reachframework_31bf3856ad364e35_6.0.6001.18096_none_41540a1401c44bd6\ReachFramework.dll + 2009-08-10 19:28 . 2008-06-20 01:12 528384 c:\windows\winsxs\msil_reachframework_31bf3856ad364e35_6.0.6000.20864_none_4015d94f1da4d155\ReachFramework.dll + 2009-08-10 19:28 . 2008-06-20 01:18 528384 c:\windows\winsxs\msil_reachframework_31bf3856ad364e35_6.0.6000.16708_none_3fd11d340452ef41\ReachFramework.dll + 2009-08-10 19:28 . 2008-06-20 01:13 864256 c:\windows\winsxs\msil_presentationui_31bf3856ad364e35_6.0.6001.22208_none_ac3c35f9559e5ae3\PresentationUI.dll + 2009-08-10 19:28 . 2008-06-20 01:14 864256 c:\windows\winsxs\msil_presentationui_31bf3856ad364e35_6.0.6001.18096_none_ab4f47683ccb86bd\PresentationUI.dll + 2009-08-10 19:28 . 2008-06-20 01:12 864256 c:\windows\winsxs\msil_presentationui_31bf3856ad364e35_6.0.6000.20864_none_aa1116a358ac0c3c\PresentationUI.dll + 2009-08-10 19:28 . 2008-06-20 01:18 864256 c:\windows\winsxs\msil_presentationui_31bf3856ad364e35_6.0.6000.16708_none_a9cc5a883f5a2a28\PresentationUI.dll + 2009-08-10 19:27 . 2008-06-20 01:13 163840 c:\windows\winsxs\msil_presentationframework.royale_31bf3856ad364e35_6.0.6001.22208_none_9b3c e050aa5ad929\PresentationFramework.Royale.dll + 2009-08-10 19:27 . 2008-06-20 01:14 163840 c:\windows\winsxs\msil_presentationframework.royale_31bf3856ad364e35_6.0.6001.18096_none_9a4f f1bf91880503\PresentationFramework.Royale.dll + 2009-08-10 19:27 . 2008-06-20 01:12 163840 c:\windows\winsxs\msil_presentationframework.royale_31bf3856ad364e35_6.0.6000.20864_none_9911 c0faad688a82\PresentationFramework.Royale.dll + 2009-08-10 19:27 . 2008-06-20 01:18 163840 c:\windows\winsxs\msil_presentationframework.royale_31bf3856ad364e35_6.0.6000.16708_none_98cd 04df9416a86e\PresentationFramework.Royale.dll + 2009-08-10 19:27 . 2008-06-20 01:13 397312 c:\windows\winsxs\msil_presentationframework.luna_31bf3856ad364e35_6.0.6001.22208_none_18b48c e1895a2e6b\PresentationFramework.Luna.dll + 2009-08-10 19:27 . 2008-06-20 01:14 397312 c:\windows\winsxs\msil_presentationframework.luna_31bf3856ad364e35_6.0.6001.18096_none_17c79e 5070875a45\PresentationFramework.Luna.dll + 2009-08-10 19:27 . 2008-06-20 01:12 397312 c:\windows\winsxs\msil_presentationframework.luna_31bf3856ad364e35_6.0.6000.20864_none_16896d 8b8c67dfc4\PresentationFramework.Luna.dll + 2009-08-10 19:27 . 2008-06-20 01:18 397312 c:\windows\winsxs\msil_presentationframework.luna_31bf3856ad364e35_6.0.6000.16708_none_1644b1 707315fdb0\PresentationFramework.Luna.dll + 2009-08-10 19:27 . 2008-06-20 01:13 139264 c:\windows\winsxs\msil_presentationframework.classic_31bf3856ad364e35_6.0.6001.22208_none_b0e af6e9fda81431\PresentationFramework.Classic.dll + 2009-08-10 19:27 . 2008-06-20 01:14 139264 c:\windows\winsxs\msil_presentationframework.classic_31bf3856ad364e35_6.0.6001.18096_none_aff e0858e4d5400b\PresentationFramework.Classic.dll + 2009-08-10 19:27 . 2008-06-20 01:12 139264 c:\windows\winsxs\msil_presentationframework.classic_31bf3856ad364e35_6.0.6000.20864_none_aeb fd79400b5c58a\PresentationFramework.Classic.dll + 2009-08-10 19:27 . 2008-06-20 01:18 139264 c:\windows\winsxs\msil_presentationframework.classic_31bf3856ad364e35_6.0.6000.16708_none_ae7 b1b78e763e376\PresentationFramework.Classic.dll + 2009-08-10 19:27 . 2008-06-20 01:13 196608 c:\windows\winsxs\msil_presentationframework.aero_31bf3856ad364e35_6.0.6001.22208_none_19d9b4 0388b016e8\PresentationFramework.Aero.dll + 2009-08-10 19:27 . 2008-06-20 01:14 196608 c:\windows\winsxs\msil_presentationframework.aero_31bf3856ad364e35_6.0.6001.18096_none_18ecc5 726fdd42c2\PresentationFramework.Aero.dll + 2009-08-10 19:27 . 2008-06-20 01:12 196608 c:\windows\winsxs\msil_presentationframework.aero_31bf3856ad364e35_6.0.6000.20864_none_17ae94 ad8bbdc841\PresentationFramework.Aero.dll + 2009-08-10 19:27 . 2008-06-20 01:18 196608 c:\windows\winsxs\msil_presentationframework.aero_31bf3856ad364e35_6.0.6000.16708_none_1769d8 92726be62d\PresentationFramework.Aero.dll + 2009-08-10 19:28 . 2008-06-20 01:13 598016 c:\windows\winsxs\msil_presentationbuildtasks_31bf3856ad364e35_6.0.6001.22208_none_9cb21d8151 aec4d9\PresentationBuildTasks.dll + 2009-08-10 19:28 . 2008-06-20 01:14 598016 c:\windows\winsxs\msil_presentationbuildtasks_31bf3856ad364e35_6.0.6001.18096_none_9bc52ef038 dbf0b3\PresentationBuildTasks.dll + 2009-08-10 19:28 . 2008-06-20 01:12 598016 c:\windows\winsxs\msil_presentationbuildtasks_31bf3856ad364e35_6.0.6000.20864_none_9a86fe2b54 bc7632\PresentationBuildTasks.dll + 2009-08-10 19:28 . 2008-06-20 01:18 598016 c:\windows\winsxs\msil_presentationbuildtasks_31bf3856ad364e35_6.0.6000.16708_none_9a4242103b 6a941e\PresentationBuildTasks.dll + 2009-08-10 19:28 . 2008-06-20 01:13 397312 c:\windows\winsxs\msil_microsoft.transactions.bridge_b03f5f7f11d50a3a_6.0.6001.22208_none_b11 4e4c017448d80\Microsoft.Transactions.Bridge.dll + 2009-08-10 19:28 . 2008-06-20 01:14 397312 c:\windows\winsxs\msil_microsoft.transactions.bridge_b03f5f7f11d50a3a_6.0.6001.18096_none_c7e bbbcdfd94ddf6\Microsoft.Transactions.Bridge.dll + 2009-08-10 19:28 . 2008-06-20 01:12 397312 c:\windows\winsxs\msil_microsoft.transactions.bridge_b03f5f7f11d50a3a_6.0.6000.20864_none_b13 f45d416edb2af\Microsoft.Transactions.Bridge.dll + 2009-08-10 19:28 . 2008-06-20 01:17 397312 c:\windows\winsxs\msil_microsoft.transactions.bridge_b03f5f7f11d50a3a_6.0.6000.16708_none_c80 68fb7fd4c2123\Microsoft.Transactions.Bridge.dll + 2009-08-10 19:28 . 2008-06-20 01:13 168968 c:\windows\winsxs\msil_comsvcconfig_b03f5f7f11d50a3a_6.0.6001.22208_none_d4ba1a7aee429661\ComSvcConfig.exe + 2009-08-10 19:28 . 2008-06-20 01:14 168968 c:\windows\winsxs\msil_comsvcconfig_b03f5f7f11d50a3a_6.0.6001.18096_none_eb90f188d492e6d7\ComSvcConfig.exe + 2009-08-10 19:28 . 2008-06-20 01:12 168968 c:\windows\winsxs\msil_comsvcconfig_b03f5f7f11d50a3a_6.0.6000.20864_none_d4e47b8eedebbb90\ComSvcConfig.exe + 2009-08-10 19:28 . 2008-06-20 01:17 168968 c:\windows\winsxs\msil_comsvcconfig_b03f5f7f11d50a3a_6.0.6000.16708_none_ebabc572d44a2a04\ComSvcConfig.exe + 2009-08-10 19:27 . 2008-06-20 01:14 301568 c:\windows\System32\XPSViewer\XPSViewer.exe + 2008-12-17 00:00 . 2009-08-11 23:24 423690 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2006-11-02 10:33 . 2009-08-11 16:41 598588 c:\windows\System32\perfh009.dat - 2006-11-02 10:33 . 2009-08-08 19:08 598588 c:\windows\System32\perfh009.dat - 2006-11-02 10:33 . 2009-08-08 19:08 102194 c:\windows\System32\perfc009.dat + 2006-11-02 10:33 . 2009-08-11 16:41 102194 c:\windows\System32\perfc009.dat + 2009-08-08 18:45 . 2009-07-18 16:04 146432 c:\windows\System32\occache.dll - 2009-06-10 22:48 . 2009-04-24 16:03 671232 c:\windows\System32\mstime.dll + 2009-08-08 18:45 . 2009-07-18 16:03 671232 c:\windows\System32\mstime.dll + 2009-08-08 18:45 . 2009-07-18 16:02 458240 c:\windows\System32\msfeeds.dll - 2009-06-10 22:48 . 2009-04-24 16:03 458240 c:\windows\System32\msfeeds.dll + 2009-08-08 18:45 . 2009-07-18 16:01 270848 c:\windows\System32\iertutil.dll - 2009-06-10 22:48 . 2009-04-24 16:02 270848 c:\windows\System32\iertutil.dll - 2009-06-10 22:48 . 2009-04-24 16:02 389120 c:\windows\System32\iedkcs32.dll + 2009-08-08 18:45 . 2009-07-18 16:01 389120 c:\windows\System32\iedkcs32.dll + 2009-08-08 18:45 . 2009-07-18 16:01 230400 c:\windows\System32\ieaksie.dll - 2009-06-10 22:48 . 2009-04-24 16:02 230400 c:\windows\System32\ieaksie.dll + 2008-07-30 03:40 . 2008-07-30 03:40 196104 c:\windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe + 2008-07-30 03:40 . 2008-07-30 03:40 802816 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft.Build.Tasks.v3.5.dll + 2008-07-29 22:47 . 2008-07-29 22:47 984056 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapUI.dll + 2008-07-29 22:47 . 2008-07-29 22:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.dll + 2008-07-29 22:47 . 2008-07-29 22:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.3082.dll + 2008-07-29 22:47 . 2008-07-29 22:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.2070.dll + 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1055.dll + 2008-07-29 22:47 . 2008-07-29 22:47 105976 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1053.dll + 2008-07-29 22:47 . 2008-07-29 22:47 107000 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1049.dll + 2008-07-29 22:47 . 2008-07-29 22:47 107512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1046.dll + 2008-07-29 22:47 . 2008-07-29 22:47 109048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1045.dll + 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1044.dll + 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1043.dll + 2008-07-29 22:47 . 2008-07-29 22:47 110072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1040.dll + 2008-07-29 22:47 . 2008-07-29 22:47 111096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1038.dll + 2008-07-29 22:47 . 2008-07-29 22:47 101368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1037.dll + 2008-07-29 22:47 . 2008-07-29 22:47 112120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1036.dll + 2008-07-29 22:47 . 2008-07-29 22:47 106488 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1035.dll + 2008-07-29 22:47 . 2008-07-29 22:47 113656 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1032.dll + 2008-07-29 22:47 . 2008-07-29 22:47 111608 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1031.dll + 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1030.dll + 2008-07-29 22:47 . 2008-07-29 22:47 108536 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1029.dll + 2008-07-29 22:47 . 2008-07-29 22:47 102904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\WapRes.1025.dll + 2008-07-29 22:47 . 2008-07-29 22:47 689152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsscenario.dll + 2008-07-29 22:47 . 2008-07-29 22:47 413184 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vsbasereqs.dll + 2008-07-29 22:47 . 2008-07-29 22:47 632320 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs70uimgr.dll + 2009-08-10 19:33 . 2009-08-10 19:33 652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi + 2008-07-29 22:47 . 2008-07-29 22:47 110080 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.dll + 2008-07-29 22:47 . 2008-07-29 22:47 131584 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.3082.dll + 2008-07-29 22:47 . 2008-07-29 22:47 131072 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.2070.dll + 2008-07-29 22:47 . 2008-07-29 22:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1055.dll + 2008-07-29 22:47 . 2008-07-29 22:47 121344 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1053.dll + 2008-07-29 22:47 . 2008-07-29 22:47 123904 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1049.dll + 2008-07-29 22:47 . 2008-07-29 22:47 122880 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1046.dll + 2008-07-29 22:47 . 2008-07-29 22:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1045.dll + 2008-07-29 22:47 . 2008-07-29 22:47 121856 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1044.dll + 2008-07-29 22:47 . 2008-07-29 22:47 129024 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1043.dll + 2008-07-29 22:47 . 2008-07-29 22:47 128512 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1040.dll + 2008-07-29 22:47 . 2008-07-29 22:47 132096 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1038.dll + 2008-07-29 22:47 . 2008-07-29 22:47 111104 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1037.dll + 2008-07-29 22:47 . 2008-07-29 22:47 133120 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1036.dll + 2008-07-29 22:47 . 2008-07-29 22:47 122368 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1035.dll + 2008-07-29 22:47 . 2008-07-29 22:47 137728 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1032.dll + 2008-07-29 22:47 . 2008-07-29 22:47 130048 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1031.dll + 2008-07-29 22:47 . 2008-07-29 22:47 126464 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1030.dll + 2008-07-29 22:47 . 2008-07-29 22:47 125440 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1029.dll + 2008-07-29 22:47 . 2008-07-29 22:47 113152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setupres.1025.dll + 2008-07-29 22:47 . 2008-07-29 22:47 269304 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe + 2008-07-29 22:47 . 2008-07-29 22:47 177152 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\HtmlLite.dll + 2008-07-29 22:47 . 2008-07-29 22:47 276984 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\dlmgr.dll + 2008-07-30 03:15 . 2008-07-30 03:15 225490 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\baseline.dat + 2008-07-30 03:40 . 2008-07-30 03:40 233976 c:\windows\Microsoft.NET\Framework\v3.5\1033\vbc7ui.dll + 2008-07-30 03:40 . 2008-07-30 03:40 168448 c:\windows\Microsoft.NET\Framework\v3.5\1033\cscompui.dll + 2009-08-10 19:28 . 2008-06-20 01:14 864256 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationUI.dll + 2009-08-10 19:28 . 2008-06-20 01:14 132120 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll + 2009-08-10 19:28 . 2008-06-20 01:14 152576 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe + 2009-08-10 19:27 . 2008-06-20 01:14 966656 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll + 2009-08-10 19:27 . 2008-06-20 01:14 132096 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe + 2009-08-10 19:28 . 2008-06-20 01:14 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll + 2009-08-10 19:28 . 2008-06-20 01:14 181264 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMConfigInstaller.exe + 2009-08-10 19:28 . 2008-06-20 01:14 156688 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe + 2009-08-10 19:27 . 2008-06-20 01:14 163840 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.Dtc.dll - 2008-01-21 02:25 . 2008-01-21 02:25 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll + 2009-08-10 19:28 . 2008-06-20 01:14 397312 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\Microsoft.Transactions.Bridge.dll + 2009-08-10 19:27 . 2008-06-20 01:14 881664 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe + 2009-08-10 19:28 . 2008-06-20 01:14 168968 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe + 2009-08-09 15:24 . 2009-08-09 15:24 248832 c:\windows\Installer\56701.msi + 2009-08-10 19:33 . 2009-08-10 19:33 648192 c:\windows\Installer\142d044.msi + 2008-12-25 22:21 . 2009-08-09 15:30 888080 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe - 2008-12-25 22:21 . 2009-06-15 12:11 888080 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe + 2008-12-25 22:21 . 2009-08-09 15:30 272648 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pubs.exe - 2008-12-25 22:21 . 2009-06-15 12:11 272648 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pubs.exe - 2008-12-25 22:21 . 2009-06-15 12:11 922384 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe + 2008-12-25 22:21 . 2009-08-09 15:30 922384 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe + 2008-12-25 22:21 . 2009-08-09 15:30 845584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe - 2008-12-25 22:21 . 2009-06-15 12:11 845584 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe + 2008-12-25 22:21 . 2009-08-09 15:30 217864 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe - 2008-12-25 22:21 . 2009-06-15 12:11 217864 c:\windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe + 2009-03-17 21:49 . 2009-08-09 15:30 888080 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe - 2009-03-17 21:49 . 2009-06-15 12:10 888080 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe - 2009-03-17 21:49 . 2009-06-15 12:10 272648 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe + 2009-03-17 21:49 . 2009-08-09 15:30 272648 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe + 2009-03-17 21:49 . 2009-08-09 15:30 922384 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe - 2009-03-17 21:49 . 2009-06-15 12:10 922384 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe + 2009-03-17 21:49 . 2009-08-09 15:30 845584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe - 2009-03-17 21:49 . 2009-06-15 12:10 845584 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe + 2009-03-17 21:49 . 2009-08-09 15:30 217864 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe - 2009-03-17 21:49 . 2009-06-15 12:10 217864 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe - 2009-03-17 21:49 . 2009-06-15 12:10 159504 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe + 2009-03-17 21:49 . 2009-08-09 15:30 159504 c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe + 2009-08-11 01:21 . 2009-08-11 01:21 321024 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\8875e6d61ff95b1ab9801156ea795373\WsatConfig.ni.exe + 2009-08-11 05:12 . 2009-08-11 05:12 239616 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\93e9637d1e5c69baa89c5a47dc44153f\WindowsFormsIntegration.ni.dll + 2009-08-11 01:21 . 2009-08-11 01:21 284160 c:\windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\aa07a05aa56b83678a351cf2185b342e\VistaBridgeLibrary.ni.dll + 2009-08-10 19:35 . 2009-08-10 19:35 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\817d652893fb93c34428b1b4206a2803\UIAutomationTypes.ni.dll + 2009-08-11 05:12 . 2009-08-11 05:12 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\eb6190745392522b3c1b508bd2517096\UIAutomationClient.ni.dll + 2009-08-11 05:12 . 2009-08-11 05:12 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\8c0d96269480bdd3de8a825f0215308d\System.Xml.Linq.ni.dll + 2009-08-11 05:12 . 2009-08-11 05:12 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\18e1acd6761195389db42bab83169fd2\System.Web.Routing.ni.dll + 2009-08-11 05:12 . 2009-08-11 05:12 858112 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f288f2cb75465c0f45154079365af9e8\System.Web.Extensions.Design.ni.dll + 2009-08-11 05:12 . 2009-08-11 05:12 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\bbdc5cb2f2f92fd610de7331d748193a\System.Web.Entity.ni.dll + 2009-08-11 05:12 . 2009-08-11 05:12 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\ca1ce755bb49324c7d275c426188a28f\System.Web.Entity.Design.ni.dll + 2009-08-11 05:12 . 2009-08-11 05:12 542720 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\4dfde90e4704b0d504ddde88045ba036\System.Web.DynamicData.ni.dll + 2009-08-11 05:12 . 2009-08-11 05:12 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\fbe60d84b9f1ab74e396fb1507f69615\System.Web.Abstractions.ni.dll + 2009-08-11 05:12 . 2009-08-11 05:12 620032 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\eabe1915c13467e1e66e2b073bcb842f\System.Net.ni.dll + 2009-08-11 05:12 . 2009-08-11 05:12 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\1db9deebde7c96b2874b4ffccac2f48e\System.Management.Instrumentation.ni.dll + 2009-08-11 01:21 . 2009-08-11 01:21 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\a5b71b6ba2b4405280bdc407f16d8cbe\System.IO.Log.ni.dll + 2009-08-11 01:21 . 2009-08-11 01:21 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\77b64d64ef6bfef132fdc1db886bfdff\System.IdentityModel.Selectors.ni.dll + 2009-08-11 05:12 . 2009-08-11 05:12 880640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c205bbbb88bfa4bd5e274f43ea0013cb\System.DirectoryServices.AccountManagement.ni.dll + 2009-08-11 05:12 . 2009-08-11 05:12 939520 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\d3aed340a6562196ca40978556fb29d1\System.Data.Services.Client.ni.dll + 2009-08-11 05:12 . 2009-08-11 05:12 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3cb9c5203e50cb6af99b163522e9357c\System.Data.Services.Design.ni.dll + 2009-08-11 05:12 . 2009-08-11 05:12 755200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\9867484f25281882e61f61066fa651a3\System.Data.Entity.Design.ni.dll + 2009-08-11 01:22 . 2009-08-11 01:22 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\4f4ddae492a4a4ce4a2961f3d72d9399\System.Data.DataSetExtensions.ni.dll + 2009-08-11 01:22 . 2009-08-11 01:22 632832 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\b01721205312c6c18df033cc47b60e5c\System.AddIn.ni.dll + 2009-08-11 01:21 . 2009-08-11 01:21 365056 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\614c3b7c48bdb5ec34f8e30de4abc8d4\SMSvcHost.ni.exe + 2009-08-11 01:21 . 2009-08-11 01:21 255488 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\a0cb977cf742634cf54dfe5b81c1b400\SMDiagnostics.ni.dll + 2009-08-11 01:21 . 2009-08-11 01:21 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\6f93937288d32bef8b8fdfb383b37b6e\ServiceModelReg.ni.exe + 2009-08-10 19:36 . 2009-08-10 19:36 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fc4446ba40b28fe87388a738d7551b21\PresentationFramework.Royale.ni.dll + 2009-08-10 19:36 . 2009-08-10 19:36 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fa0fda2540c243cd2de25db559086942\PresentationFramework.Classic.ni.dll + 2009-08-10 19:36 . 2009-08-10 19:36 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bd6a1460174d0ea2996aa9b11a82333b\PresentationFramework.Luna.ni.dll + 2009-08-10 19:36 . 2009-08-10 19:36 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\9ad65537fa3d6b3c9c01a98586acfa28\PresentationFramework.Aero.ni.dll + 2009-08-11 01:22 . 2009-08-11 01:22 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\87c84ffaaad81d8d106a9aa9d68b5926\MSBuild.ni.exe + 2009-08-11 01:21 . 2009-08-11 01:21 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\e5eb97b14d58d58eb1c6a2e282f28532\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2009-08-11 01:22 . 2009-08-11 01:22 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\28eede53267524df58362a75a668cf86\Microsoft.Build.Utilities.v3.5.ni.dll + 2009-08-11 01:22 . 2009-08-11 01:22 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\c5c4db4f9bc7a454e9cfc2548a9d45a5\Microsoft.Build.Conversion.v3.5.ni.dll + 2009-08-11 01:21 . 2009-08-11 01:21 409600 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\440a41a4d597095a5c8406bddf80cee2\ComSvcConfig.ni.exe + 2009-08-10 19:28 . 2008-06-20 01:14 152576 c:\windows\assembly\GAC_MSIL\WsatConfig\3.0.0.0__b03f5f7f11d50a3a\WsatConfig.exe + 2009-08-10 19:28 . 2008-06-20 01:14 385024 c:\windows\assembly\GAC_MSIL\UIAutomationClientsideProviders\3.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll + 2009-08-10 19:28 . 2008-06-20 01:14 167936 c:\windows\assembly\GAC_MSIL\UIAutomationClient\3.0.0.0__31bf3856ad364e35\UIAutomationClient.dll + 2009-08-10 19:33 . 2009-08-10 19:33 139264 c:\windows\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll + 2009-08-10 19:33 . 2009-08-10 19:33 507904 c:\windows\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll + 2009-08-10 19:28 . 2008-06-20 01:14 540672 c:\windows\assembly\GAC_MSIL\System.Workflow.Runtime\3.0.0.0__31bf3856ad364e35\System.Workflow.Runtime.dll + 2009-08-10 19:33 . 2009-08-10 19:33 335872 c:\windows\assembly\GAC_MSIL\System.Web.Extensions.Design\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.Design.dll + 2009-08-10 19:33 . 2009-08-10 19:33 139264 c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll + 2009-08-10 19:33 . 2009-08-10 19:33 131072 c:\windows\assembly\GAC_MSIL\System.Web.Entity.Design\3.5.0.0__b77a5c561934e089\System.Web.Entity.Design.dll + 2009-08-10 19:33 . 2009-08-10 19:33 225280 c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll + 2009-08-10 19:33 . 2009-08-10 19:33 569344 c:\windows\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll + 2009-08-10 19:27 . 2008-06-20 01:14 966656 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll + 2009-08-10 19:33 . 2009-08-10 19:33 233472 c:\windows\assembly\GAC_MSIL\System.Net\3.5.0.0__b03f5f7f11d50a3a\System.Net.dll + 2009-08-10 19:33 . 2009-08-10 19:33 143360 c:\windows\assembly\GAC_MSIL\System.Management.Instrumentation\3.5.0.0__b77a5c561934e089\System.Management.Instrumentation.dll - 2008-01-21 02:25 . 2008-01-21 02:25 131072 c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll + 2009-08-10 19:28 . 2008-06-20 01:14 131072 c:\windows\assembly\GAC_MSIL\System.IO.Log\3.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll - 2008-01-21 02:25 . 2008-01-21 02:25 430080 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll + 2009-08-10 19:28 . 2008-06-20 01:14 430080 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll + 2009-08-10 19:28 . 2008-06-20 01:14 126976 c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll - 2008-01-21 02:25 . 2008-01-21 02:25 126976 c:\windows\assembly\GAC_MSIL\System.IdentityModel.Selectors\3.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll + 2009-08-10 19:33 . 2009-08-10 19:33 286720 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\3.5.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll + 2009-08-10 19:33 . 2009-08-10 19:33 442368 c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll + 2009-08-10 19:33 . 2009-08-10 19:33 114688 c:\windows\assembly\GAC_MSIL\System.Data.Services.Design\3.5.0.0__b77a5c561934e089\System.Data.Services.Design.dll + 2009-08-10 19:33 . 2009-08-10 19:33 294912 c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll + 2009-08-10 19:33 . 2009-08-10 19:33 684032 c:\windows\assembly\GAC_MSIL\System.Data.Linq\3.5.0.0__b77a5c561934e089\System.Data.Linq.dll + 2009-08-10 19:33 . 2009-08-10 19:33 229376 c:\windows\assembly\GAC_MSIL\System.Data.Entity.Design\3.5.0.0__b77a5c561934e089\System.Data.Entity.Design.dll + 2009-08-10 19:33 . 2009-08-10 19:33 667648 c:\windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll + 2009-08-10 19:33 . 2009-08-10 19:33 163840 c:\windows\assembly\GAC_MSIL\System.AddIn\3.5.0.0__b77a5c561934e089\System.AddIn.dll + 2009-08-10 19:27 . 2008-06-20 01:14 132096 c:\windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe + 2009-08-10 19:28 . 2008-06-20 01:14 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll + 2009-08-10 19:28 . 2008-06-20 01:14 156688 c:\windows\assembly\GAC_MSIL\ServiceModelReg\3.0.0.0__b03f5f7f11d50a3a\ServiceModelReg.exe + 2009-08-10 19:28 . 2008-06-20 01:14 528384 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll - 2008-01-21 02:25 . 2008-01-21 02:25 528384 c:\windows\assembly\GAC_MSIL\ReachFramework\3.0.0.0__31bf3856ad364e35\ReachFramework.dll + 2009-08-10 19:28 . 2008-06-20 01:14 864256 c:\windows\assembly\GAC_MSIL\PresentationUI\3.0.0.0__31bf3856ad364e35\PresentationUI.dll + 2009-08-10 19:27 . 2008-06-20 01:14 163840 c:\windows\assembly\GAC_MSIL\PresentationFramework.Royale\3.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll + 2009-08-10 19:27 . 2008-06-20 01:14 397312 c:\windows\assembly\GAC_MSIL\PresentationFramework.Luna\3.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll + 2009-08-10 19:27 . 2008-06-20 01:14 139264 c:\windows\assembly\GAC_MSIL\PresentationFramework.Classic\3.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll + 2009-08-10 19:27 . 2008-06-20 01:14 196608 c:\windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll + 2009-08-10 19:28 . 2008-06-20 01:14 598016 c:\windows\assembly\GAC_MSIL\PresentationBuildTasks\3.0.0.0__31bf3856ad364e35\PresentationBuildTasks.dll + 2009-08-10 19:28 . 2008-06-20 01:14 397312 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll - 2008-01-21 02:25 . 2008-01-21 02:25 397312 c:\windows\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll + 2009-08-10 19:33 . 2009-08-10 19:33 802816 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.v3.5.dll + 2009-08-10 19:33 . 2009-08-10 19:33 733184 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2009-08-10 19:33 . 2009-08-10 19:33 106496 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Conversion.v3.5\3.5.0.0__b03f5f7f11d50a3a\Microsoft.Build.Conversion.v3.5.dll
  4. I'm sorry about the delay, I've been having network problems. Here are the logs: (The whole log won't fit in one response so I'll have to split it into parts) ComboFix: ComboFix 09-08-10.06 - Brandon 08/11/2009 19:52.2.2 - NTFSx86 Microsoft
  5. After ComboFix restarted the computer, Firefox won't start and I get this message: "Illegal operation attempted on a registry key that has been marked for deletion." Anyways, here's the ComboFix log: ComboFix 09-08-07.09 - Brandon 08/08/2009 15:37.1.2 - NTFSx86 Microsoft
  6. After wiping that file, my computer worked without being in safe mode for the first time since it was infected. Also, my McAfee is working again and quarantined some files while the Malwarebytes scan was running. Here are the results from the latest MB scan: Malwarebytes' Anti-Malware 1.39 Database version: 2548 Windows 6.0.6001 Service Pack 1 8/8/2009 2:51:15 PM mbam-log-2009-08-08 (14-51-15).txt Scan type: Quick Scan Objects scanned: 89638 Time elapsed: 30 minute(s), 15 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 14 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\Windows\System32\UACfpyohmpsxcxasrdar.dll (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\system32\UAChqvbtxltuauwdhaxc.dll (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\system32\UACobmxkmoxitwxfywms.dll (Rogue.Agent) -> Quarantined and deleted successfully. c:\windows\system32\UACsrqddvspjptiqrxns.dll (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\UAC1534.tmp (Rogue.Agent) -> Quarantined and deleted successfully. c:\windows\temp\UAC25d7.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\UAC298f.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\UAC2b72.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\Windows\Temp\UAC2da4.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\UACb74.tmp (Rogue.Agent) -> Quarantined and deleted successfully. c:\windows\temp\UACc782.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\windows\temp\UACcd1d.tmp (Trojan.TDSS) -> Quarantined and deleted successfully. c:\Windows\System32\UACumtneufxlhfpqkmiq.dll (Trojan.Agent) -> Quarantined and deleted successfully. c:\Windows\System32\drivers\UACcpygoifntxnmtppiw.sys (Trojan.Agent) -> Quarantined and deleted successfully.
  7. Thanks for the reply Kenny94, here's the RootRepeal Log: ROOTREPEAL © AD, 2007-2009 ================================================== Scan Start Time: 2009/08/08 11:51 Program Version: Version 1.3.3.0 Windows Version: Windows Vista SP1 ================================================== Hidden/Locked Files ------------------- Path: C:\System Volume Information\{409F0~1 Status: Locked to the Windows API! Path: C:\System Volume Information\{48a8f4b6-61a9-11de-8e87-002219dc2f58}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{9a95fac9-6753-11de-9d0e-002219dc2f58}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{9a95fad1-6753-11de-9d0e-002219dc2f58}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{9a95fad7-6753-11de-9d0e-002219dc2f58}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{a6f3c9f1-64a7-11de-ba96-002219dc2f58}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{DB3B8~1 Status: Locked to the Windows API! Path: C:\System Volume Information\{1659B~1 Status: Locked to the Windows API! Path: C:\System Volume Information\{1a7a7e2b-629d-11de-bf2f-002219dc2f58}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{243eebf2-6cab-11de-a8a0-002219dc2f58}{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\System Volume Information\{337C1~1 Status: Locked to the Windows API! Path: C:\System Volume Information\{337C1~2 Status: Locked to the Windows API! Path: C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752} Status: Locked to the Windows API! Path: C:\Windows\System32\UACbteplxwpnoswrrdwh.dat Status: Invisible to the Windows API! Path: C:\Windows\System32\UACfpyohmpsxcxasrdar.dll Status: Invisible to the Windows API! Path: C:\Windows\System32\UAChqvbtxltuauwdhaxc.dll Status: Invisible to the Windows API! Path: C:\Windows\System32\uacinit.dll Status: Invisible to the Windows API! Path: C:\Windows\System32\UACkirreecvmpqlhcdfv.db Status: Invisible to the Windows API! Path: C:\Windows\System32\UACobmxkmoxitwxfywms.dll Status: Invisible to the Windows API! Path: C:\Windows\System32\UACsrqddvspjptiqrxns.dll Status: Invisible to the Windows API! Path: C:\Windows\System32\uactmp.db Status: Invisible to the Windows API! Path: C:\Windows\System32\UACumtneufxlhfpqkmiq.dll Status: Invisible to the Windows API! Path: c:\windows\temp\mcmsc_bifvud8gvgqlb1k Status: Allocation size mismatch (API: 4096, Raw: 0) Path: c:\windows\temp\mcafee_4zmxk1wiiordrby Status: Allocation size mismatch (API: 4096, Raw: 0) Path: C:\Windows\Temp\UAC1534.tmp Status: Invisible to the Windows API! Path: C:\Windows\Temp\UAC1988.tmp Status: Invisible to the Windows API! Path: C:\Windows\Temp\UAC25d7.tmp Status: Invisible to the Windows API! Path: C:\Windows\Temp\UAC298f.tmp Status: Invisible to the Windows API! Path: C:\Windows\Temp\UAC2b72.tmp Status: Invisible to the Windows API! Path: C:\Windows\Temp\UAC2da4.tmp Status: Invisible to the Windows API! Path: C:\Windows\Temp\UACb74.tmp Status: Invisible to the Windows API! Path: C:\Windows\Temp\UACc36d.tmp Status: Invisible to the Windows API! Path: C:\Windows\Temp\UACc782.tmp Status: Invisible to the Windows API! Path: C:\Windows\Temp\UACcb1b.tmp Status: Invisible to the Windows API! Path: C:\Windows\Temp\UACcd1d.tmp Status: Invisible to the Windows API! Path: C:\Windows\Temp\UACcfeb.tmp Status: Invisible to the Windows API! Path: C:\Windows\Temp\UACed79.tmp Status: Invisible to the Windows API! Path: C:\Windows\Temp\UACef3e.tmp Status: Invisible to the Windows API! Path: c:\programdata\pure networks\log\logfile.nmsrvc_exe.txt Status: Allocation size mismatch (API: 4096, Raw: 0) Path: C:\Users\Brandon\Desktop\UACfpyohmpsxcxasrdar.dll Status: Invisible to the Windows API! Path: C:\Users\Brandon\Desktop\UAChqvbtxltuauwdhaxc.dll Status: Invisible to the Windows API! Path: C:\Users\Brandon\Desktop\UACobmxkmoxitwxfywms.dll Status: Invisible to the Windows API! Path: C:\Users\Brandon\Desktop\UACumtneufxlhfpqkmiq.dll Status: Invisible to the Windows API! Path: C:\Windows\System32\drivers\UACcpygoifntxnmtppiw.sys Status: Invisible to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3c e6.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed .cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8 .cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_dc990e4797f81af1. cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_7b33aa7d21850 4d2.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_8e053 e8c6967ba9d.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_a6dea5dc 0ea08098.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c .cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_b7e00e6c7b30b69b.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.42_none_765 8964504b9f3b6.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_8d d7dea5d5a7a18a.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_8a14c 0566bec5b24.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91.c at Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_58b19c 2866332652.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_588 43c41d2730d3f.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_e163563597edeada.c at Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2. cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_9193a 620671dde41.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_5c4003 bc63e949f6.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d 131.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_ab ac38a907ee8801.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_54c11d f268b7c6d9.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_db5f52fb98cb24ad. cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_365945b9da656e4d.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.42_none_45e008191e5070 87.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_60a5df5 6e60dc5df.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_8550c6b 5d18a9128.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\Catalogs\x86_policy.4.1.microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_8b7b15c031cd a6db.cat Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-machine_config_ocm_b03f5f7f11d50a3a_6.0.6000.16720_none_f570e12815568682\MACHIN~1.COM Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-machine_config_ocm_b03f5f7f11d50a3a_6.0.6000.20883_none_dea8f7cc2ef8cb75\MACHIN~1.COM Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-machine_config_ocm_b03f5f7f11d50a3a_6.0.6001.18111_none_f54bc5de15a89323\MACHIN~1.COM Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-machine_config_ocm_b03f5f7f11d50a3a_6.0.6001.22230_none_de80367a2f4e0c36\MACHIN~1.COM Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-msbuild_data_files_b03f5f7f11d50a3a_6.0.6001.18111_none_7c8b5cbf426fb0d2\MICROS~1.TAS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-msbuild_data_files_b03f5f7f11d50a3a_6.0.6001.22230_none_65bfcd5b5c1529e5\MICROS~1.TAS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-msbuild_targetfiles_b03f5f7f11d50a3a_6.0.6000.16720_none_8d57832b7d03f5e1\MICROS~3.TAR Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-msbuild_targetfiles_b03f5f7f11d50a3a_6.0.6000.20883_none_768f99cf96a63ad4\MICROS~3.TAR Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_policy.1.2.microsof..op.security.azroles_31bf3856ad364e35_6.0.6000.1638 6_none_ea83414c2e75b887\Microsoft.Interop.Security.AzRoles.config Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-msbuild_targetfiles_b03f5f7f11d50a3a_6.0.6001.18111_none_8d3267e17d560282\MICROS~3.TAR Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-msbuild_targetfiles_b03f5f7f11d50a3a_6.0.6001.22230_none_7666d87d96fb7b95\MICROS~3.TAR Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-msbuild_commontypes_schema_b03f5f7f11d50a3a_6.0.6000.16720_none_7081409dee51e2d7\MICROS~1.XSD Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-msbuild_commontypes_schema_b03f5f7f11d50a3a_6.0.6000.20883_none_59b9574207f427ca\MICROS~1.XSD Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-msbuild_commontypes_schema_b03f5f7f11d50a3a_6.0.6001.18111_none_705c2553eea3ef78\MICROS~1.XSD Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-msbuild_commontypes_schema_b03f5f7f11d50a3a_6.0.6001.22230_none_599095f00849688b\MICROS~1.XSD Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-msbuild_data_files_b03f5f7f11d50a3a_6.0.6000.16720_none_7cb07809421da431\MICROS~1.TAS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-msbuild_data_files_b03f5f7f11d50a3a_6.0.6000.20883_none_65e88ead5bbfe924\MICROS~1.TAS Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-csc_exe_config_b03f5f7f11d50a3a_6.0.6000.16720_none_879a188098bde787\CSCEXE~1.CON Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-csc_exe_config_b03f5f7f11d50a3a_6.0.6000.20883_none_70d22f24b2602c7a\CSCEXE~1.CON Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-csc_exe_config_b03f5f7f11d50a3a_6.0.6001.18111_none_8774fd36990ff428\CSCEXE~1.CON Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-csc_exe_config_b03f5f7f11d50a3a_6.0.6001.22230_none_70a96dd2b2b56d3b\CSCEXE~1.CON Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-config_files_.._gacutil_exe_config_31bf3856ad364e35_6.0.6000.16720_none_9b01a5fd d9371aff\GACUTI~1.CON Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-config_files_.._gacutil_exe_config_31bf3856ad364e35_6.0.6000.20883_none_9b4d641e f282ae74\GACUTI~1.CON Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-config_files_.._gacutil_exe_config_31bf3856ad364e35_6.0.6001.18111_none_9cf3b4d9 d654a956\GACUTI~1.CON Status: Locked to the Windows API! Path: C:\Windows\winsxs\x86_netfx-config_files_.._gacutil_exe_config_31bf3856ad364e35_6.0.6001.22230_none_9d66b182 ef8367ab\GACUTI~1.CON Status: Locked to the Windows API! Path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\SYSTEM~1.DLL Status: Locked to the Windows API! Path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\MICROS~3.TAR Status: Locked to the Windows API! Path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\MICROS~1.TAS Status: Locked to the Windows API! Path: c:\windows\system32\wdi\logfiles\wdicontextlog.etl.001 Status: Allocation size mismatch (API: 262144, Raw: 0) Path: c:\windows\system32\wdi\logfiles\wdicontextlog.etl.002 Status: Allocation size mismatch (API: 262144, Raw: 0) Path: c:\windows\system32\wdi\logfiles\wdicontextlog.etl.003 Status: Allocation size mismatch (API: 262144, Raw: 0) Path: c:\windows\system32\logfiles\scm\scm.evm Status: Allocation size mismatch (API: 1572864, Raw: 0) Path: C:\Windows\winsxs\Temp\PendingDeletes\sortkey.nlp Status: Locked to the Windows API! Path: C:\Windows\winsxs\Temp\PendingDeletes\sorttbls.nlp Status: Locked to the Windows API! Path: C:\Users\Brandon\AppData\Local\Temp\UACfb7e.tmp Status: Invisible to the Windows API! Path: C:\Users\Brandon\AppData\Local\Temp\fla458E.tmp Status: Invisible to the Windows API! Path: C:\Users\Brandon\AppData\Local\Temp\flaB61C.tmp Status: Visible to the Windows API, but not on disk. Path: C:\Windows\assembly\GAC_32\Policy.1.2.Microsoft.Interop.Security.AzRoles\6.0.6000.16386__31bf3856ad364e35\Microsoft.Interop.Security.AzRoles.config Status: Locked to the Windows API! Path: C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\SYSTEM~1.DLL Status: Locked to the Windows API! Path: c:\windows\serviceprofiles\localservice\appdata\local\lastalive0.dat Status: Allocation size mismatch (API: 4096, Raw: 0) Path: c:\windows\serviceprofiles\localservice\appdata\local\lastalive1.dat Status: Allocation size mismatch (API: 4096, Raw: 0) Path: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl Status: Locked to the Windows API! Path: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl Status: Locked to the Windows API! Path: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl Status: Locked to the Windows API! Path: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl Status: Locked to the Windows API! Path: c:\programdata\microsoft\search\data\applications\windows\gatherlogs\systemindex\systemindex.200.crwl Status: Allocation size mismatch (API: 8, Raw: 0) Path: c:\programdata\microsoft\search\data\applications\windows\gatherlogs\systemindex\systemindex.200.gthr Status: Allocation size mismatch (API: 136, Raw: 0) Path: c:\users\brandon\appdata\local\mozilla\firefox\profiles\7pkx9c9b.default\urlclassifier3.sqlite Status: Allocation size mismatch (API: 41803776, Raw: 41791488) Path: C:\Users\Brandon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M3YH2423\acCAP6S53O.htm Status: Visible to the Windows API, but not on disk. Path: c:\users\brandon\appdata\local\mozilla\firefox\profiles\7pkx9c9b.default\cache\_cache_001_ Status: Allocation size mismatch (API: 327680, Raw: 0) Path: c:\users\brandon\appdata\local\mozilla\firefox\profiles\7pkx9c9b.default\cache\_cache_002_ Status: Allocation size mismatch (API: 327680, Raw: 0) Path: c:\users\brandon\appdata\local\mozilla\firefox\profiles\7pkx9c9b.default\cache\_cache_003_ Status: Allocation size mismatch (API: 720896, Raw: 0) Path: c:\users\brandon\appdata\local\mozilla\firefox\profiles\7pkx9c9b.default\cache\_cache_map_ Status: Allocation size mismatch (API: 280, Raw: 0)
  8. Hello, I've run the Malwarebytes scan and it came up with 2 infected files, one of the was quarantined and deleted successfully, the other one is supposed to be deleted upon restart, but it doesn't. Here are my logs: Malwarebytes Log: Malwarebytes' Anti-Malware 1.39 Database version: 2548 Windows 6.0.6001 Service Pack 1 8/7/2009 4:53:48 PM mbam-log-2009-08-07 (16-53-48).txt Scan type: Quick Scan Objects scanned: 86796 Time elapsed: 4 minute(s), 47 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Windows\system32\uacinit.dll (Trojan.Agent) -> Delete on reboot. HijackThis Log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 4:55:12 PM, on 8/7/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18248) Boot mode: Safe mode with network support Running processes: C:\Program Files\Windows Media Player\wmpnscfg.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\Internet Explorer\Iexplore.exe C:\Windows\Explorer.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll O1 - Hosts: ::1 localhost O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll O3 - Toolbar: QT TabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - mscoree.dll (file missing) O3 - Toolbar: QT Tab Standard Buttons - {D2BF470E-ED1C-487F-A666-2BD8835EB6CE} - mscoree.dll (file missing) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2 O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe" O4 - HKLM\..\Run: [dellsupportcenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE O4 - HKLM\..\Run: [DNP] C:\Program Files\Desktop Notepad\Desktop Notepad.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe" O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe" O4 - HKLM\..\Run: [bDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.bat.exe" /runcleanupscript O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\Program Files\Dell\DellDock\DellDock.exe (User 'Default user') O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe O8 - Extra context menu item: &AIM Toolbar Search - C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll (file missing) O22 - SharedTaskScheduler: Ave's FolderBg - {73526E5A-FD53-4BE7-B5E2-D3C89D7413DC} - C:\Users\Brandon\Documents\Downloads\Compressed\AveFolderBg\32bits\VistaFolderBackground.dll O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\aestsrv.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: dldt_device - - C:\Windows\system32\dldtcoms.exe O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: GoToAssist - Unknown owner - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE -- End of file - 13388 bytes Any help is appreciated! Thanks
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.