franki

After some more effort and research, I believe I have fixed this issue now. Kindly close this thread out. I will open another one if I have any further issues. Thanks.

Got very distracted and clicked on an email that I thought was actually from American Airlines. Funny thing is, I actually was waiting on tickets to L.A. and when I got the email saying my e-tickets were ready. Needless to say, I am now infected and cannot seem to get rid of the darned thing. I have disabled system restore and done a few different scans with malwarebytes and with symantec and also eset. Know I cannot update symantec. Please help if you can. Here are the dds and attach logs. Thank you. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_16 Run by Graham at 18:52:06 on 2012-01-25 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.320 [GMT -5:00] . AV: Symantec AntiVirus Corporate Edition *Enabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C} FW: Symantec Client Firewall *Enabled* . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch C:\WINDOWS\system32\svchost -k rpcss C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalService C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe C:\Program Files\Flip Video\FlipShare\FlipShareService.exe C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe C:\Program Files\LogMeIn\x86\RaMaint.exe C:\Program Files\LogMeIn\x86\LogMeIn.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\Explorer.EXE C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\WINDOWS\sm56hlpr.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~2\SYMANT~2\VPTray.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Laser App Enterprise\laupdate.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Ebix Inc\Common Files\SOFileManager.exe C:\Documents and Settings\Graham.STERLING-19AF01\Application Data\Verizon\UA_ar\UtilityApplication.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\NETGEAR\WG111v3\WG111v3.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\WINDOWS\system32\msiexec.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Graham.STERLING-19AF01\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Graham.STERLING-19AF01\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\system32\SearchFilterHost.exe . ============== Pseudo HJT Report =============== . uStart Page = https://www.ez-data.com/login.shtml uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll uRun: [cdloader] uRun: [Google Update] "c:\documents and settings\graham.sterling-19af01\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [LaserAppUpdate] "c:\program files\laser app enterprise\laupdate.exe" uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [smartOffice Desktop Integrations] c:\documents and settings\graham.sterling-19af01\start menu\programs\ebix inc\SmartOffice Desktop Integration - Installer.appref-ms uRun: [sOFileManager] "c:\program files\ebix inc\common files\SOFileManager.exe" mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe" mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [sMSERIAL] sm56hlpr.exe mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe" mRun: [vptray] c:\progra~1\symant~2\symant~2\VPTray.exe mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [soundMan] SOUNDMAN.EXE mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRunOnce: [MeetingHouse] c:\program files\netgear\wg111v3\AegisI5.exe -vendor Realtek -silent -install StartupFolder: c:\docume~1\graham~1.ste\startm~1\programs\startup\launch~1.lnk - c:\documents and settings\graham.sterling-19af01\application data\verizon\ua_ar\UtilityApplication.exe StartupFolder: c:\docume~1\graham~1.ste\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wg111v3\WG111v3.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL Trusted Zone: capitalanalysts.com\bat Trusted Zone: ebix.com Trusted Zone: ebixcrm.com Trusted Zone: ez-data.com Trusted Zone: ezdata.com Trusted Zone: smartofficeonline.com DPF: {03A89EFD-E023-8600-A22D-45F77558EB4C} - hxxps://content.ilinc.com/clientdownload/download/ilinci86.dll DPF: {59D8A93A-CA6A-4F2B-9398-2E620678726F} - hxxps://bat.capitalanalysts.com/osoft/installation/OSoftDiag.CAB DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1257373131697 DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {8FB1A5DF-578D-4302-BDD7-9E92BE61CA30} - hxxps://bat.capitalanalysts.com/osoft/installation/OSoftInst.CAB DPF: {B8CFAE23-A32D-4D85-A685-4BAEB03D9128} - hxxp://illustrations.columbuslife.com/clb/reports/control/clbrptview.cab DPF: {BDFCAF79-6A4E-46FB-8AAC-2629A03B8CBB} - hxxps://www.ez-data.com/SmartInstaller.cab DPF: {C8BF1F77-0A43-4AEC-A0AC-BEEE472B65C6} - hxxp://www.ez-data.com/SmartAnalyser.cab DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://genworth.webex.com/client/T27LB/event/ieatgpc.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{183FA869-C6CD-4998-B1C5-99809A328CA6} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{42761A85-A0C9-49AE-A023-9813D0996A79} : DhcpNameServer = 166.102.165.11 166.102.165.13 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Notify: LMIinit - LMIinit.dll Notify: NavLogon - c:\windows\system32\NavLogon.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\graham.sterling-19af01\application data\mozilla\firefox\profiles\xt1atbm3.default\ FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query= FF - prefs.js: browser.search.selectedEngine - Secure Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p= FF - component: c:\documents and settings\graham.sterling-19af01\application data\mozilla\firefox\profiles\xt1atbm3.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll FF - plugin: c:\documents and settings\graham.sterling-19af01\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\mozilla firefox\plugins\npatgpc.dll FF - plugin: c:\program files\mozilla firefox\plugins\NPil86.dll FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Winamp Toolbar: {0b38152b-1b20-484d-a11f-5e04a9b0661f} - %profile%\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} . ============= SERVICES / DRIVERS =============== . R1 SAVRT;SAVRT;c:\program files\symantec client security\symantec antivirus\savrt.sys [2006-9-6 337592] R1 SAVRTPEL;SAVRTPEL;c:\program files\symantec client security\symantec antivirus\Savrtpel.sys [2006-9-6 54968] R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2006-11-21 192104] R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2006-11-21 169576] R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2007-10-9 38144] R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2010-10-8 374152] R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2008-7-24 12856] R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2009-9-3 47640] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-1-25 652872] R2 Symantec AntiVirus;Symantec AntiVirus;c:\program files\symantec client security\symantec antivirus\Rtvscan.exe [2007-3-14 1816768] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-11-11 106104] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-1-25 20464] R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20120113.003\naveng.sys [2012-1-13 86136] R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20120113.003\navex15.sys [2012-1-13 1576312] R3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Vista Driver;c:\windows\system32\drivers\wg111v3.sys [2009-7-31 341504] S2 ccProxy;Symantec Network Proxy;c:\program files\common files\symantec shared\ccProxy.exe [2006-11-21 202344] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe --> c:\progra~1\mcafee\sitead~1\mcsacore.exe [?] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 SavRoam;SAVRoam;c:\program files\symantec client security\symantec antivirus\SavRoam.exe [2007-3-14 116416] S4 LMIRfsClientNP;LMIRfsClientNP; [x] . =============== Created Last 30 ================ . 2012-01-25 22:23:44 -------- d-----w- c:\program files\ESET 2012-01-25 22:15:12 -------- d-----w- C:\OEMSettings 2012-01-25 22:14:57 21361 ----a-w- c:\windows\system32\drivers\AegisP.sys 2012-01-25 22:14:14 -------- d-----w- c:\program files\NETGEAR 2012-01-25 16:52:32 -------- d-----w- c:\documents and settings\graham.sterling-19af01\application data\Malwarebytes 2012-01-25 16:52:24 -------- d-----w- c:\documents and settings\all users.windows\application data\Malwarebytes 2012-01-25 16:52:23 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-01-25 16:52:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-01-25 16:12:40 -------- d-----w- c:\program files\SpywareBlaster 2012-01-23 15:59:31 -------- d-----w- c:\windows\system32\wbem\repository\FS 2012-01-23 15:59:31 -------- d-----w- c:\windows\system32\wbem\Repository 2012-01-03 13:10:44 182672 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll 2012-01-03 13:10:44 182672 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll . ==================== Find3M ==================== . 2012-01-05 17:13:50 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-12-17 19:00:01 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll 2011-12-17 19:00:01 52096 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll 2011-12-17 19:00:00 87424 ----a-w- c:\windows\system32\LMIinit.dll 2011-12-17 19:00:00 30592 ----a-w- c:\windows\system32\LMIport.dll 2011-11-25 21:57:19 293376 ----a-w- c:\windows\system32\winsrv.dll 2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys 2011-11-18 12:35:08 60416 ----a-w- c:\windows\system32\packager.exe 2011-11-16 14:21:44 354816 ----a-w- c:\windows\system32\winhttp.dll 2011-11-16 14:21:44 152064 ----a-w- c:\windows\system32\schannel.dll 2011-11-03 15:28:36 386048 ----a-w- c:\windows\system32\qdvd.dll 2011-11-03 15:28:36 1292288 ----a-w- c:\windows\system32\quartz.dll 2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll 2011-10-31 23:43:21 832512 ----a-w- c:\windows\system32\wininet.dll 2011-10-31 23:43:21 78336 ----a-w- c:\windows\system32\ieencode.dll 2011-10-31 23:43:21 1830912 ------w- c:\windows\system32\inetcpl.cpl 2011-10-31 23:43:20 17408 ----a-w- c:\windows\system32\corpol.dll 2011-10-28 05:31:48 33280 ----a-w- c:\windows\system32\csrsrv.dll 2004-08-04 05:56:44 561179 ----a-w- c:\program files\common files\dao360.dll 1998-04-27 03:00:00 570128 ----a-w- c:\program files\common files\DAO350.DLL . ============= FINISH: 18:53:40.03 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume2 Install Date: 9/2/2009 9:26:01 AM System Uptime: 1/25/2012 5:01:59 PM (1 hours ago) . Motherboard: Acer | | FC51GM Processor: AMD Athlon 64 Processor 3800+ | Socket 939 | 2410/201mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 114 GiB total, 75.321 GiB free. D: is Removable E: is Removable F: is Removable G: is Removable H: is CDROM () I: is FIXED (FAT32) - 114 GiB total, 105.758 GiB free. J: is Removable K: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . . 32 Bit HP CIO Components Installer 7-Zip 4.65 Adobe AIR Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX Adobe Reader X (10.1.2) Adobe Shockwave Player Apple Application Support Apple Mobile Device Support Apple Software Update Bonjour Compatibility Pack for the 2007 Office system Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition DocSTAR 3.6 Easy PDF Creator 1.0 FlipShare Google Chrome GoToMeeting 4.8.0.723 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows Movie Maker (KB892312) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB893470) Hotfix for Windows XP (KB915800-v4) Hotfix for Windows XP (KB943604-v6) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) HP Color LaserJet CP2020 Series 1.0 hppQFolderCP2020 iTunes Java 6 Update 16 Laser App Enterprise LiveUpdate 3.1 (Symantec Corporation) LogMeIn LPES Desktop - CLB Malwarebytes Anti-Malware version 1.60.0.1800 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2656353) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook 2010 Microsoft Office Outlook MUI (English) 2007 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2007 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing (English) 2010 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2007 Microsoft Outlook 2010 Microsoft Silverlight Microsoft Software Update for Web Folders (English) 12 Microsoft Software Update for Web Folders (English) 14 Microsoft User-Mode Driver Framework Feature Pack 1.0 Motorola SM56 Speakerphone Modem Mozilla Firefox (3.6.13) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK NETGEAR WG111v3 wireless USB 2.0 adapter NetX360 NVIDIA Drivers OGA Notifier 2.0.0048.0 Pandora QuickTime Realtek AC'97 Audio Safari SAMSUNG USB Driver for Mobile Phones SAP Business Planning and Consolidation for Office Client Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 7 (KB2183461) Security Update for Windows Internet Explorer 7 (KB2360131) Security Update for Windows Internet Explorer 7 (KB2416400) Security Update for Windows Internet Explorer 7 (KB2482017) Security Update for Windows Internet Explorer 7 (KB2497640) Security Update for Windows Internet Explorer 7 (KB2530548) Security Update for Windows Internet Explorer 7 (KB2544521) Security Update for Windows Internet Explorer 7 (KB2559049) Security Update for Windows Internet Explorer 7 (KB2586448) Security Update for Windows Internet Explorer 7 (KB2618444) Security Update for Windows Internet Explorer 7 (KB938127-v2) Security Update for Windows Internet Explorer 7 (KB972260) Security Update for Windows Internet Explorer 7 (KB974455) Security Update for Windows Internet Explorer 7 (KB976325) Security Update for Windows Internet Explorer 7 (KB978207) Security Update for Windows Internet Explorer 7 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Search 4 - KB963093 Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2510581) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2536276) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371-v2) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972260) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977165) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981349) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Security Update for Windows XP (KB982802) Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) SmartOffice Desktop Integration SmartOffice Desktop Integration - Installer SmartOffice Utilities SpywareBlaster 4.5 Symantec Client Security Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition Update for Microsoft Outlook Social Connector (KB2583935) Update for Windows Internet Explorer 7 (KB976749) Update for Windows Internet Explorer 7 (KB980182) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676) Update for Windows XP (KB2641690) Update for Windows XP (KB898461) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) UpdateISScriptEngine Verizon Wireless Software Utility Application for Android - Samsung WebEx WebFldrs XP Winamp Application Detect Windows Genuine Advantage Notifications (KB905474) Windows Internet Explorer 7 Windows Media Format 11 runtime Windows Media Player 11 Windows Search 4.0 Yahoo! BrowserPlus 2.9.8 Yahoo! Detect . ==== Event Viewer Messages From Past Week ======== . 1/25/2012 5:03:38 PM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s). 1/23/2012 9:12:59 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the LiveUpdate service to connect. 1/23/2012 9:12:59 AM, error: Service Control Manager [7000] - The LiveUpdate service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 1/23/2012 9:12:57 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service LiveUpdate with arguments "" in order to run the server: {03E0E6C2-363B-11D3-B536-00902771A435} 1/23/2012 9:08:01 AM, error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23). 1/23/2012 9:05:26 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Apple Mobile Device service to connect. 1/23/2012 9:05:26 AM, error: Service Control Manager [7000] - The McAfee SiteAdvisor Service service failed to start due to the following error: The system cannot find the path specified. 1/23/2012 9:05:26 AM, error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 1/23/2012 11:06:01 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect. 1/23/2012 11:06:01 AM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 1/23/2012 11:04:11 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 1/23/2012 10:56:05 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MDM with arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064} 1/23/2012 10:43:08 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: eeCtrl Fips ohci1394 Processor SAVRT SAVRTPEL SPBBCDrv SYMTDI 1/23/2012 10:42:05 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 1/20/2012 12:26:38 PM, error: Dhcp [1002] - The IP address lease 192.168.1.102 for the Network Card with network address 001558390AA1 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). . ==== End Of File ===========================

thanks for the help on this topic. i must not be saving the autorun.inf file to the root directory on the usb card because it still is not working. how do i know if the file is saved in the root directory on the card? i assumed it meant to just save the file within the card itself and not in some folder located on said card?

I have a weblink that i would like to open automatically when the usb thumb drive is inserted into the computer. How would I go about doing that? I have tried using google to find the answer but everything I have tried has not worked. So far, this is the furthest I can get and it still is not working properly. I will use this website as the example: [autorun] shellexecute=http://www.malwarebytes.org These are the only two command lines I can come up with. I don't understand stuff like this very well. All I want is to have a file where I can get the page to autoload without me clicking on anything after inserting the usb thumb drive. I have using windows xp home edition sp3. Thanks in advance.

i might try that at a later date. it seems to be running pretty good right now with the dns client enabled. i might just leave well enough alone. i spent 3 hours the last time i messed up the hosts file trying to get my internet connection back.

yes. i did reboot. it was on the initial loading of MSE from the reboot that it would not ever "activate" from red to green.

i disabled my dns client and the internet worked fine but my Microsoft Security Essentials stopped working properly. It was the darndest thing. It turned red and it would not let me "enable" it or even update it. I wonder why disabling the DNS client caused my MSE to stop working? I re-enabled my dns client and now it works fine. I'm stumped.

will stopping it cause me to lose connection to the internet? i guess i need to look up what a dns client is

Forgive my noobishness when it comes to this but how would i go about disabling a dns client?

i reread my last thread and i didn't mean to imply that something was wrong with the other three hostsfiles. i just don't know how to use them properly

i very well could have not checked the merge with current hosts button. it said it was removing duplicates after it finished processing the files. i just checked the first button (mvps hosts) after i was able to get the hosts file corrected and it has been working fine since then. i think i'll just stick with mvps hosts and not use the other three since i did have a problem with them. i like the program. next time i won't be so quick to download everything all at once

thanks for the link. i was able to go into my system32 directory and remove the hosts file manually by deleting the entries and saving it with notepad. i then got a "fresh" copy from the Hostsman program and imported it. All appears fine now. I had it so screwed up that even MSE could not update. I don't know how I narfed the file up that badly but boy I sure did. Thanks again guys

Now the only way I can get on the internet from my computer is to try to update the hostsman files and then it says it fails but then I can access the internet. Something is terribly wrong here.

I know this isn't related to malwarebytes but I thought I'd give it a shot. I attempted to install and use Hostsman and it worked great up until I updated the software by checking all the boxes to update it. Now I can't access the internet at all. I am trying to restore my hosts file to the original windows settings and then remove the hostsman program. How do I restore my computer to the original hostsfile settings? I have tried all my system restore points and it doesn't work. Windows XP 32 bit

That fixed the issue. Top notch customer service and lightning fast responses as usual guys. Thanks so much. I am now a happy camper. They are both running great together. I am running Windows XP 32 bit btw. Sorry for not posting my OS the first time. Thanks again

I cannot get my computer to boot up with malwarebytes and security essentials loading at the same time. For some reason, ms security essentials hangs up and says real time protection is not enabled and the computer freezes. I was able to get the computer to load when I removed malwarebytes and then let the computer finish loading. I then re-installed malwarebytes from my online purchase link. Has anyone ever had this issue before? I was using Symantec for my virus protection but decided to give MS Security Essentials a try. I removed Symantec before loading the new virus software.

Thank you very kindly for your help. My system appears to be running fine now. I will post in a new topic if things change. This appears to have taken care of my browser redirects. Once again, thank you very much for your time and help.

Should I delete the diagnostic tools I downloaded to help with this infection so my AV program stops reporting them as trojans when I do a virus scan? And if I should remove them is there a command to do so that won't cause problems with my computer? I have combofix (ran it once before I should have before contacting you via this forum), combo-fix and tdsskiller on my computer. Norton was showing a program in a folder called Qoobox as a trojan. I know that this is a false positive but I don't want to mess up anything on my system by removing something I should not. Thanks. Also, the scan of the computer with system restore turned off did not show any further trojan activity.

i have not gotten a redirect yet but I am still getting virus notices from norton av that i have backdoor trojans on my system. it is showing they are on one of my system restore points. i am going to disable system restore and do a full scan with norton. i would be happy to compile the log and post what norton av is showing me but i don't know how to compile a log from norton i really appreciate your help.

i have completed the requested scan. 06:39:03:093 3700 TDSS rootkit removing tool 2.3.2.0 May 31 2010 10:39:48 06:39:03:093 3700 ================================================================================ 06:39:03:093 3700 SystemInfo: 06:39:03:093 3700 OS Version: 5.1.2600 ServicePack: 3.0 06:39:03:093 3700 Product type: Workstation 06:39:03:093 3700 ComputerName: ACER-A7A471A2C7 06:39:03:093 3700 UserName: William Trantham 06:39:03:093 3700 Windows directory: C:\WINDOWS 06:39:03:093 3700 Processor architecture: Intel x86 06:39:03:093 3700 Number of processors: 2 06:39:03:093 3700 Page size: 0x1000 06:39:03:093 3700 Boot type: Normal boot 06:39:03:093 3700 ================================================================================ 06:39:03:312 3700 Initialize success 06:39:03:312 3700 06:39:03:312 3700 Scanning Services ... 06:39:03:421 3700 Raw services enum returned 376 services 06:39:03:421 3700 06:39:03:421 3700 Scanning Drivers ... 06:39:04:015 3700 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys 06:39:04:046 3700 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys 06:39:04:093 3700 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 06:39:04:140 3700 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 06:39:04:187 3700 AFS2K (0ebb674888cbdefd5773341c16dd6a07) C:\WINDOWS\system32\drivers\AFS2K.sys 06:39:04:343 3700 ALCXWDM (93f93a8e3e14cbbf1ce9a5af1a70c095) C:\WINDOWS\system32\drivers\ALCXWDM.SYS 06:39:04:406 3700 AmdK8 (59301936898ae62245a6f09c0aba9475) C:\WINDOWS\system32\DRIVERS\AmdK8.sys 06:39:04:453 3700 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 06:39:04:531 3700 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 06:39:04:578 3700 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 06:39:04:765 3700 ati2mtag (e43a7639be410b67059e48d3dd0ad405) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 06:39:04:953 3700 AtiHdmiService (d9bc8892b9440a2551b8148c57aa039e) C:\WINDOWS\system32\drivers\AtiHdmi.sys 06:39:05:000 3700 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 06:39:05:046 3700 audstub (55f9fe9cf703607a5ffd7d46687bac57) C:\WINDOWS\system32\DRIVERS\audstub.sys 06:39:05:093 3700 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 06:39:05:265 3700 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 06:39:05:328 3700 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 06:39:05:375 3700 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 06:39:05:437 3700 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 06:39:05:500 3700 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 06:39:05:562 3700 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys 06:39:05:625 3700 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys 06:39:05:640 3700 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 06:39:05:671 3700 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 06:39:05:687 3700 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 06:39:05:796 3700 eeCtrl (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 06:39:05:812 3700 EraserUtilRebootDrv (850259334652d392e33ee3412562e583) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 06:39:05:937 3700 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 06:39:05:968 3700 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 06:39:05:984 3700 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys 06:39:06:000 3700 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 06:39:06:046 3700 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 06:39:06:093 3700 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 06:39:06:125 3700 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 06:39:06:156 3700 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 06:39:06:218 3700 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 06:39:06:234 3700 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 06:39:06:281 3700 HPZid412 (287a63bd8509bd78e7978823b38afa81) C:\WINDOWS\system32\DRIVERS\HPZid412.sys 06:39:06:296 3700 HPZipr12 (0b4fda2657c3e0315eaa57f9c6d4fd1f) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 06:39:06:343 3700 HPZius12 (29559db25258b60510a60c4e470fce32) C:\WINDOWS\system32\DRIVERS\HPZius12.sys 06:39:06:390 3700 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 06:39:06:453 3700 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 06:39:06:484 3700 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 06:39:06:593 3700 int15.sys (4d8d5b1c895ea0f2a721b98a7ce198f1) C:\Acer\Empowering Technology\eRecovery\int15.sys 06:39:06:640 3700 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 06:39:06:656 3700 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 06:39:06:703 3700 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 06:39:06:734 3700 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 06:39:06:781 3700 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 06:39:06:843 3700 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys 06:39:06:859 3700 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 06:39:06:890 3700 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys 06:39:06:937 3700 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys 06:39:06:953 3700 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 06:39:06:968 3700 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 06:39:07:000 3700 klmd23 (67e1faa88fb397b3d56909d7e04f4dd3) C:\WINDOWS\system32\drivers\klmd.sys 06:39:07:046 3700 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 06:39:07:078 3700 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 06:39:07:109 3700 Lbd (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\WINDOWS\system32\DRIVERS\Lbd.sys 06:39:07:156 3700 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys 06:39:07:171 3700 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 06:39:07:218 3700 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys 06:39:07:265 3700 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys 06:39:07:312 3700 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys 06:39:07:343 3700 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys 06:39:07:390 3700 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 06:39:07:406 3700 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 06:39:07:437 3700 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 06:39:07:468 3700 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 06:39:07:515 3700 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 06:39:07:531 3700 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 06:39:07:562 3700 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 06:39:07:593 3700 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 06:39:07:640 3700 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 06:39:07:781 3700 NAVENG (83518e6cc82bdc3c3db0c12d1c9a2275) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20100611.003\naveng.sys 06:39:07:828 3700 NAVEX15 (85cf37740fe06c7a2eaa7f6c81f0819c) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20100611.003\navex15.sys 06:39:07:921 3700 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 06:39:07:953 3700 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 06:39:07:968 3700 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 06:39:07:984 3700 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 06:39:08:015 3700 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys 06:39:08:046 3700 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 06:39:08:078 3700 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 06:39:08:125 3700 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 06:39:08:140 3700 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 06:39:08:171 3700 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 06:39:08:187 3700 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys 06:39:08:203 3700 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 06:39:08:250 3700 nvata (c03e15101f6d9e82cd9b0e7d715f5de3) C:\WINDOWS\system32\DRIVERS\nvata.sys 06:39:08:281 3700 nvatabus (11d1ad7e946538e02f9ef6a6e1792061) C:\WINDOWS\system32\drivers\nvatabus.sys 06:39:08:328 3700 NVENETFD (b9333604527e02cd2223f200c0bae7e0) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys 06:39:08:375 3700 nvnetbus (5e9e55f7ee644c7c5fd78a206fbe37ab) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys 06:39:08:390 3700 nvraid (3bc8b9d8a744df75698fe35d52f18a0a) C:\WINDOWS\system32\drivers\nvraid.sys 06:39:08:421 3700 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 06:39:08:437 3700 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 06:39:08:453 3700 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 06:39:08:484 3700 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys 06:39:08:500 3700 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 06:39:08:531 3700 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 06:39:08:546 3700 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys 06:39:08:578 3700 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys 06:39:08:593 3700 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys 06:39:08:734 3700 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys 06:39:10:953 3700 pfc (6c1618a07b49e3873582b6449e744088) C:\WINDOWS\system32\drivers\pfc.sys 06:39:11:375 3700 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 06:39:11:812 3700 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys 06:39:12:250 3700 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 06:39:12:531 3700 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 06:39:12:609 3700 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys 06:39:12:843 3700 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 06:39:12:875 3700 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys 06:39:12:906 3700 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 06:39:12:953 3700 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 06:39:12:984 3700 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 06:39:13:031 3700 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 06:39:13:078 3700 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 06:39:13:125 3700 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 06:39:13:171 3700 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 06:39:13:203 3700 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys 06:39:13:281 3700 SAVRT (12b6e269ef8ac8ea36122544c8a1b6d8) C:\Program Files\Symantec AntiVirus\savrt.sys 06:39:13:296 3700 SAVRTPEL (97e5b6f3f95465e1f59360b59d8ec64e) C:\Program Files\Symantec AntiVirus\Savrtpel.sys 06:39:13:343 3700 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 06:39:13:375 3700 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 06:39:13:406 3700 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys 06:39:13:437 3700 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 06:39:13:500 3700 smserial (544763e5ef4d8ef4c880bdfa7b7c5383) C:\WINDOWS\system32\DRIVERS\smserial.sys 06:39:13:546 3700 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS 06:39:13:656 3700 SPBBCDrv (ef9760a364d836a0ce6149ebdf71524d) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys 06:39:13:687 3700 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 06:39:13:734 3700 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys 06:39:13:781 3700 Srv (89220b427890aa1dffd1a02648ae51c3) C:\WINDOWS\system32\DRIVERS\srv.sys 06:39:13:812 3700 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 06:39:13:859 3700 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 06:39:13:937 3700 SymEvent (49b20b430a4f219173f823536944474a) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS 06:39:13:968 3700 symlcbrd (b226f8a4d780acdf76145b58bb791d5b) C:\WINDOWS\system32\drivers\symlcbrd.sys 06:39:14:015 3700 SYMREDRV (626f733be7f951116c5c0804b068666c) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS 06:39:14:078 3700 SYMTDI (cb7cc4ddbe09e224d4cd876760ba982c) C:\WINDOWS\System32\Drivers\SYMTDI.SYS 06:39:14:140 3700 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 06:39:14:171 3700 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 06:39:14:187 3700 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 06:39:14:218 3700 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 06:39:14:250 3700 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 06:39:14:312 3700 UBHelper (e0c67be430c6de490d6ccaecfa071f9e) C:\WINDOWS\system32\drivers\UBHelper.sys 06:39:14:328 3700 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 06:39:14:375 3700 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 06:39:14:421 3700 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 06:39:14:437 3700 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 06:39:14:468 3700 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 06:39:14:484 3700 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 06:39:14:500 3700 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 06:39:14:546 3700 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 06:39:14:578 3700 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 06:39:14:593 3700 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 06:39:14:625 3700 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 06:39:14:656 3700 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys 06:39:14:687 3700 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 06:39:14:734 3700 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 06:39:14:750 3700 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 06:39:14:781 3700 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 06:39:14:812 3700 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 06:39:14:843 3700 ZD1211BU(ZyDAS) (478b4415dfb3a45b6fe61ec781e07d7b) C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys 06:39:14:890 3700 ZD1211U(ZyDAS) (3c185892dd5c13975966e8d1c2a65290) C:\WINDOWS\system32\DRIVERS\zd1211u.sys 06:39:14:906 3700 ZDPSp50 (00ae175b903d45ed4a62384d3315dc2a) C:\WINDOWS\system32\Drivers\ZDPSp50.sys 06:39:14:906 3700 06:39:14:906 3700 Completed 06:39:14:921 3700 06:39:14:921 3700 Results: 06:39:14:921 3700 Registry objects infected / cured / cured on reboot: 0 / 0 / 0 06:39:14:921 3700 File objects infected / cured / cured on reboot: 0 / 0 / 0 06:39:14:921 3700 06:39:14:921 3700 KLMD(ARK) unloaded successfully

I have completed the combo-fix scan. Last night while I was asleep symantec found more trojans in my system restore folder as well. I will not run any new scans until instructed to do so at this point. ComboFix 10-06-11.01 - William Trantham 06/12/2010 6:12.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1255 [GMT -4:00] Running from: c:\documents and settings\William Trantham\Desktop\Combo-Fix.exe AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C} FW: ActiveArmor Firewall *enabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\William Trantham\Local Settings\Application Data\{2B7DD5EE-57C5-4E08-8896-87B7CA150B40} c:\documents and settings\William Trantham\Local Settings\Application Data\{2B7DD5EE-57C5-4E08-8896-87B7CA150B40}\chrome.manifest c:\documents and settings\William Trantham\Local Settings\Application Data\{2B7DD5EE-57C5-4E08-8896-87B7CA150B40}\chrome\content\_cfg.js c:\documents and settings\William Trantham\Local Settings\Application Data\{2B7DD5EE-57C5-4E08-8896-87B7CA150B40}\chrome\content\c.js c:\documents and settings\William Trantham\Local Settings\Application Data\{2B7DD5EE-57C5-4E08-8896-87B7CA150B40}\chrome\content\overlay.xul c:\documents and settings\William Trantham\Local Settings\Application Data\{2B7DD5EE-57C5-4E08-8896-87B7CA150B40}\install.rdf . ((((((((((((((((((((((((( Files Created from 2010-05-12 to 2010-06-12 ))))))))))))))))))))))))))))))) . 2010-06-12 04:05 . 2010-05-06 10:41 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2010-06-12 03:15 . 2010-06-12 03:19 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS 2010-06-12 03:15 . 2010-06-12 03:15 -------- d-----w- c:\program files\NOS 2010-06-12 01:46 . 2010-06-12 01:46 -------- d-----w- c:\program files\Common Files\Java 2010-06-12 01:45 . 2010-06-12 01:45 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-06-12 01:24 . 2010-06-12 01:24 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2010-06-11 11:51 . 2010-06-11 11:51 -------- d-----w- c:\documents and settings\William Trantham\Application Data\Malwarebytes 2010-06-11 11:50 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-06-11 11:50 . 2010-06-11 11:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-06-11 11:50 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-06-11 11:50 . 2010-06-11 11:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-06-11 02:14 . 2010-06-11 02:14 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Symantec 2010-06-11 02:14 . 2010-06-11 02:14 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache 2010-06-10 07:12 . 2010-06-10 07:13 -------- d-----w- C:\NBRT 2010-06-09 23:02 . 2010-06-09 23:02 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE 2010-06-09 23:01 . 2010-06-09 23:01 -------- d-sh--w- c:\documents and settings\LocalService\IECompatCache 2010-06-09 22:54 . 2010-06-09 01:55 15880 ----a-w- c:\windows\system32\lsdelete.exe 2010-06-09 01:55 . 2010-06-09 01:54 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys 2010-06-09 01:55 . 2010-06-09 01:55 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2010-06-09 01:52 . 2010-06-09 01:52 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6} 2010-06-09 01:52 . 2010-02-04 15:53 2954656 -c--a-w- c:\documents and settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe 2010-06-05 11:59 . 2010-06-05 11:59 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2010-06-04 16:34 . 2010-06-04 16:34 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller 2010-06-04 16:11 . 2010-06-04 16:11 -------- d-----w- c:\windows\system32\wbem\Repository 2010-06-04 16:11 . 2010-06-04 16:11 -------- d-----w- c:\documents and settings\William Trantham\Application Data\MySpace 2010-06-04 16:11 . 2010-06-04 16:11 -------- d-----w- c:\documents and settings\William Trantham\Application Data\Leadertech 2010-06-04 16:11 . 2010-06-04 16:11 -------- d-----w- c:\documents and settings\William Trantham\Application Data\.Torrent Swapper 2010-06-04 15:50 . 2010-06-10 03:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton 2010-06-04 15:46 . 2010-06-07 14:15 -------- d-----w- c:\documents and settings\William Trantham\Local Settings\Application Data\NPE . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-06-12 10:11 . 2008-04-28 02:04 -------- d-----w- c:\program files\Symantec AntiVirus 2010-06-12 07:17 . 2006-01-01 04:32 -------- d-----w- c:\program files\Steam 2010-06-12 01:22 . 2006-11-30 01:26 -------- d-----w- c:\program files\Java 2010-06-09 01:52 . 2009-04-05 17:45 -------- d-----w- c:\program files\Lavasoft 2010-06-09 01:52 . 2009-04-05 17:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft 2010-06-08 00:41 . 2009-04-07 01:34 -------- d-----w- c:\program files\CCleaner 2010-06-08 00:38 . 2006-04-10 04:59 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-06-05 14:33 . 2009-08-31 19:39 -------- d-----w- c:\program files\Microsoft Silverlight 2010-05-06 10:41 . 2006-01-09 18:02 916480 ----a-w- c:\windows\system32\wininet.dll 2010-05-02 05:22 . 2005-10-06 00:06 1851264 ----a-w- c:\windows\system32\win32k.sys 2010-04-21 00:05 . 2007-08-16 02:40 -------- d-----w- c:\documents and settings\William Trantham\Application Data\Apple Computer 2010-04-20 05:30 . 2004-08-10 20:00 285696 ----a-w- c:\windows\system32\atmfd.dll 2010-04-14 21:47 . 2010-04-14 21:46 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-04-14 21:45 . 2010-04-14 21:45 -------- d-----w- c:\program files\QuickTime 2010-04-14 21:42 . 2010-04-14 21:42 -------- d-----w- c:\program files\Bonjour 2004-08-10 20:00 . 2004-08-10 20:00 94784 --sh--w- c:\windows\twain.dll 2008-04-14 00:12 . 2004-08-10 20:00 50688 --sh--w- c:\windows\twain_32.dll 2008-04-14 00:11 . 2004-08-10 20:00 1028096 --sha-w- c:\windows\system32\mfc42.dll 2008-04-14 00:12 . 2004-08-10 20:00 57344 --sh--w- c:\windows\system32\msvcirt.dll 2008-04-14 00:12 . 2004-08-10 20:00 413696 --sha-w- c:\windows\system32\msvcp60.dll 2008-04-14 00:12 . 2004-08-10 20:00 551936 --sh--w- c:\windows\system32\oleaut32.dll 2008-04-14 00:12 . 2004-08-10 20:00 84992 --sha-w- c:\windows\system32\olepro32.dll 2008-04-14 00:12 . 2004-08-10 20:00 11776 --sh--w- c:\windows\system32\regsvr32.exe . ((((((((((((((((((((((((((((( SnapShot@2010-06-12_03.47.47 ))))))))))))))))))))))))))))))))))))))))) . + 2010-06-12 07:17 . 2010-06-12 07:17 16384 c:\windows\temp\Perflib_Perfdata_984.dat + 2010-06-12 07:17 . 2010-06-12 07:17 16384 c:\windows\temp\Perflib_Perfdata_2a8.dat - 2006-05-05 12:09 . 2010-05-30 19:37 72780 c:\windows\system32\perfc009.dat + 2006-05-05 12:09 . 2010-06-12 04:14 72780 c:\windows\system32\perfc009.dat + 2009-11-06 02:17 . 2009-11-06 02:17 11600 c:\windows\system32\mui\0409\mscorees.dll - 2006-11-08 02:03 . 2010-02-25 06:24 55296 c:\windows\system32\msfeedsbs.dll + 2006-11-08 02:03 . 2010-05-06 10:41 55296 c:\windows\system32\msfeedsbs.dll - 2004-08-10 20:00 . 2010-02-25 06:24 25600 c:\windows\system32\jsproxy.dll + 2004-08-10 20:00 . 2010-05-06 10:41 25600 c:\windows\system32\jsproxy.dll + 2009-07-08 01:12 . 2010-05-06 10:41 12800 c:\windows\system32\dllcache\xpshims.dll - 2009-07-08 01:12 . 2010-02-25 06:24 12800 c:\windows\system32\dllcache\xpshims.dll + 2007-05-08 23:59 . 2010-05-06 10:41 55296 c:\windows\system32\dllcache\msfeedsbs.dll - 2007-05-08 23:59 . 2010-02-25 06:24 55296 c:\windows\system32\dllcache\msfeedsbs.dll + 2004-08-10 20:00 . 2010-05-06 10:41 25600 c:\windows\system32\dllcache\jsproxy.dll - 2004-08-10 20:00 . 2010-02-25 06:24 25600 c:\windows\system32\dllcache\jsproxy.dll + 2004-08-10 20:00 . 2010-03-05 14:37 65536 c:\windows\system32\dllcache\asycfilt.dll + 2004-08-10 20:00 . 2010-03-05 14:37 65536 c:\windows\system32\asycfilt.dll + 2010-04-08 03:48 . 2010-04-08 03:48 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll - 2008-07-29 23:16 . 2008-07-29 23:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll + 2010-03-23 09:31 . 2010-03-23 09:31 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe + 2010-04-01 15:42 . 2010-04-01 15:42 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll - 2008-05-28 04:49 . 2008-05-28 04:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll + 2010-03-31 18:51 . 2010-03-31 18:51 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll + 2010-03-31 18:51 . 2010-03-31 18:51 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll - 2008-05-28 04:49 . 2008-05-28 04:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll + 2010-03-31 18:51 . 2010-03-31 18:51 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll - 2008-05-28 04:49 . 2008-05-28 04:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll + 2010-03-31 19:32 . 2010-03-31 19:32 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe - 2008-05-28 05:30 . 2008-05-28 05:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe + 2010-03-31 19:32 . 2010-03-31 19:32 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll - 2003-02-21 02:19 . 2003-02-21 02:19 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll + 2004-07-20 01:54 . 2010-02-09 22:22 81920 c:\windows\Microsoft.NET\Framework\v1.0.3705\System.Security.dll - 2007-07-13 01:34 . 2010-05-13 07:03 23040 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\unbndico.exe + 2007-07-13 01:34 . 2010-06-12 04:09 23040 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\unbndico.exe + 2007-07-13 01:34 . 2010-06-12 04:09 61440 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\pubs.exe - 2007-07-13 01:34 . 2010-05-13 07:03 61440 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\pubs.exe - 2007-07-13 01:34 . 2010-05-13 07:03 27136 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\oisicon.exe + 2007-07-13 01:34 . 2010-06-12 04:09 27136 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\oisicon.exe + 2007-07-13 01:34 . 2010-06-12 04:09 11264 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\mspicons.exe - 2007-07-13 01:34 . 2010-05-13 07:03 11264 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\mspicons.exe + 2007-07-13 01:34 . 2010-06-12 04:09 86016 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\inficon.exe - 2007-07-13 01:34 . 2010-05-13 07:03 86016 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\inficon.exe + 2007-07-13 01:34 . 2010-06-12 04:09 12288 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\cagicon.exe - 2007-07-13 01:34 . 2010-05-13 07:03 12288 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\cagicon.exe + 2010-06-12 04:09 . 2010-06-12 04:09 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe - 2010-04-14 07:04 . 2010-04-14 07:04 38240 c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe + 2007-03-23 00:13 . 2007-03-23 00:13 23904 c:\windows\Installer\$PatchCache$\Managed\90403E1900063D11C8EF10054038389C\11.0.8173\IPDMCTRL.DLL + 2010-06-12 04:18 . 2010-02-25 06:24 12800 c:\windows\ie8updates\KB982381-IE8\xpshims.dll + 2010-06-12 04:18 . 2010-02-25 06:24 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll + 2010-06-12 04:18 . 2010-02-25 06:24 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll + 2010-06-12 04:13 . 2010-06-12 04:13 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_0217a2e8\System.Drawing.Design.dll + 2010-06-12 04:13 . 2010-06-12 04:13 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_887063e8\CustomMarshalers.dll + 2010-06-12 04:25 . 2010-06-12 04:25 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\1c1629f536fa9874ef08d09fb19ab0f0\System.Windows.Presentation.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\1464c662c302ea6372a885161b983732\System.Web.DynamicData.Design.ni.dll + 2010-06-12 04:23 . 2010-06-12 04:23 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\5d535ecadf77ac2d9278a1661beb2855\System.ComponentModel.DataAnnotations.ni.dll + 2010-06-12 04:15 . 2010-06-12 04:15 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\e67992626a30603458b0df22841c2423\PresentationFontCache.ni.exe + 2010-06-12 04:15 . 2010-06-12 04:15 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\6be27d744e6e2bfc4b0e25bd2998ef7c\PresentationCFFRasterizer.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\4a52287444c36c89310856b38ff52fe0\Microsoft.Vsa.ni.dll + 2010-06-12 04:14 . 2010-06-12 04:14 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll - 2009-10-16 07:08 . 2009-10-16 07:08 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2010-06-12 04:15 . 2010-06-12 04:15 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll - 2009-08-08 07:04 . 2009-08-08 07:04 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll - 2009-10-16 07:08 . 2009-10-16 07:08 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll + 2010-06-12 04:14 . 2010-06-12 04:14 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll - 2009-10-16 07:08 . 2009-10-16 07:08 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2010-06-12 04:14 . 2010-06-12 04:14 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2010-06-12 04:14 . 2010-06-12 04:14 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll - 2009-10-16 07:08 . 2009-10-16 07:08 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll - 2009-10-16 07:08 . 2009-10-16 07:08 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll + 2010-06-12 04:14 . 2010-06-12 04:14 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll - 2009-10-16 07:08 . 2009-10-16 07:08 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2010-06-12 04:14 . 2010-06-12 04:14 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2010-06-12 04:14 . 2010-06-12 04:14 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll - 2009-10-16 07:08 . 2009-10-16 07:08 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll - 2009-10-16 07:08 . 2009-10-16 07:08 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2010-06-12 04:14 . 2010-06-12 04:14 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2010-06-12 04:14 . 2010-06-12 04:14 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll - 2009-10-16 07:08 . 2009-10-16 07:08 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll + 2010-06-12 04:14 . 2010-06-12 04:14 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll - 2009-10-16 07:08 . 2009-10-16 07:08 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2010-06-12 04:14 . 2010-06-12 04:14 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll - 2009-10-16 07:08 . 2009-10-16 07:08 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll - 2009-10-16 07:08 . 2009-10-16 07:08 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2010-06-12 04:14 . 2010-06-12 04:14 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll - 2009-10-16 07:08 . 2009-10-16 07:08 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2010-06-12 04:14 . 2010-06-12 04:14 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2010-06-12 04:12 . 2010-06-12 04:12 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll + 2010-06-12 04:17 . 2010-06-12 04:17 81920 c:\windows\assembly\GAC\System.Security\1.0.3300.0__b03f5f7f11d50a3a\System.Security.dll - 2009-10-16 07:08 . 2009-10-16 07:08 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll + 2010-06-12 04:14 . 2010-06-12 04:14 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll - 2007-07-13 01:34 . 2010-05-13 07:03 4096 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\opwicon.exe + 2007-07-13 01:34 . 2010-06-12 04:09 4096 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\opwicon.exe + 2010-06-12 04:14 . 2010-06-12 04:14 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll - 2009-10-16 07:08 . 2009-10-16 07:08 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll - 2009-10-16 07:08 . 2009-10-16 07:08 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2010-06-12 04:14 . 2010-06-12 04:14 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2009-10-16 07:08 . 2009-10-16 07:08 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2010-06-12 04:14 . 2010-06-12 04:14 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2010-06-12 04:14 . 2010-06-12 04:14 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll - 2009-10-16 07:08 . 2009-10-16 07:08 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll + 2010-06-12 04:14 . 2010-06-12 04:14 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll - 2009-10-16 07:08 . 2009-10-16 07:08 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2010-06-12 04:14 . 2010-06-12 04:14 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll - 2009-10-16 07:08 . 2009-10-16 07:08 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll - 2006-05-05 12:09 . 2010-05-30 19:37 445700 c:\windows\system32\perfh009.dat + 2006-05-05 12:09 . 2010-06-12 04:14 445700 c:\windows\system32\perfh009.dat + 2004-08-10 20:00 . 2010-05-06 10:41 206848 c:\windows\system32\occache.dll - 2004-08-10 20:00 . 2010-02-25 06:24 206848 c:\windows\system32\occache.dll + 2006-01-09 18:02 . 2010-05-06 10:41 611840 c:\windows\system32\mstime.dll - 2006-01-09 18:02 . 2010-02-25 06:24 611840 c:\windows\system32\mstime.dll + 2006-11-08 02:03 . 2010-05-06 10:41 599040 c:\windows\system32\msfeeds.dll - 2006-01-09 18:01 . 2010-02-25 06:24 184320 c:\windows\system32\iepeers.dll + 2006-01-09 18:01 . 2010-05-06 10:41 184320 c:\windows\system32\iepeers.dll - 2004-08-10 20:00 . 2010-02-25 06:24 387584 c:\windows\system32\iedkcs32.dll + 2004-08-10 20:00 . 2010-05-06 10:41 387584 c:\windows\system32\iedkcs32.dll + 2004-08-10 20:00 . 2010-05-05 13:30 173056 c:\windows\system32\ie4uinit.exe - 2004-08-10 20:00 . 2010-02-24 09:54 173056 c:\windows\system32\ie4uinit.exe + 2006-05-05 12:05 . 2010-06-12 07:16 280536 c:\windows\system32\FNTCACHE.DAT - 2006-05-05 12:05 . 2009-11-12 00:11 280536 c:\windows\system32\FNTCACHE.DAT + 2006-01-09 18:02 . 2010-05-06 10:41 916480 c:\windows\system32\dllcache\wininet.dll - 2006-01-09 18:02 . 2010-02-25 06:24 916480 c:\windows\system32\dllcache\wininet.dll + 2004-08-10 20:00 . 2010-05-06 10:41 206848 c:\windows\system32\dllcache\occache.dll - 2004-08-10 20:00 . 2010-02-25 06:24 206848 c:\windows\system32\dllcache\occache.dll - 2006-01-09 18:02 . 2010-02-25 06:24 611840 c:\windows\system32\dllcache\mstime.dll + 2006-01-09 18:02 . 2010-05-06 10:41 611840 c:\windows\system32\dllcache\mstime.dll + 2007-05-08 23:59 . 2010-05-06 10:41 599040 c:\windows\system32\dllcache\msfeeds.dll + 2009-07-08 01:12 . 2010-05-06 10:41 247808 c:\windows\system32\dllcache\ieproxy.dll - 2009-07-08 01:12 . 2010-02-25 06:24 247808 c:\windows\system32\dllcache\ieproxy.dll + 2006-01-09 18:01 . 2010-05-06 10:41 184320 c:\windows\system32\dllcache\iepeers.dll - 2006-01-09 18:01 . 2010-02-25 06:24 184320 c:\windows\system32\dllcache\iepeers.dll + 2004-08-10 20:00 . 2010-05-06 10:41 387584 c:\windows\system32\dllcache\iedkcs32.dll - 2004-08-10 20:00 . 2010-02-25 06:24 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2004-08-10 20:00 . 2010-05-05 13:30 173056 c:\windows\system32\dllcache\ie4uinit.exe - 2004-08-10 20:00 . 2010-02-24 09:54 173056 c:\windows\system32\dllcache\ie4uinit.exe + 2010-04-20 05:30 . 2010-04-20 05:30 285696 c:\windows\system32\dllcache\atmfd.dll + 2010-04-08 03:48 . 2010-04-08 03:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll - 2008-07-29 23:16 . 2008-07-29 23:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll + 2010-04-08 03:48 . 2010-04-08 03:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll + 2010-03-23 09:31 . 2010-03-23 09:31 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll + 2010-02-09 16:22 . 2010-02-09 16:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll - 2008-07-25 15:17 . 2008-07-25 15:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll + 2010-03-31 18:51 . 2010-03-31 18:51 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll - 2008-05-28 04:49 . 2008-05-28 04:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll - 2008-05-28 04:48 . 2008-05-28 04:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll + 2010-03-31 18:49 . 2010-03-31 18:49 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll + 2010-03-31 19:32 . 2010-03-31 19:32 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll - 2008-05-28 05:30 . 2008-05-28 05:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll + 2010-02-25 04:14 . 2010-02-25 04:14 543232 c:\windows\Installer\b3156.msp + 2007-07-13 01:34 . 2010-06-12 04:09 409600 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\xlicons.exe - 2007-07-13 01:34 . 2010-05-13 07:03 409600 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\xlicons.exe + 2007-07-13 01:34 . 2010-06-12 04:09 286720 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\wordicon.exe - 2007-07-13 01:34 . 2010-05-13 07:03 286720 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\wordicon.exe + 2007-07-13 01:34 . 2010-06-12 04:09 249856 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\pptico.exe - 2007-07-13 01:34 . 2010-05-13 07:03 249856 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\pptico.exe - 2007-07-13 01:34 . 2010-05-13 07:03 794624 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\outicon.exe + 2007-07-13 01:34 . 2010-06-12 04:09 794624 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\outicon.exe - 2007-07-13 01:34 . 2010-05-13 07:03 135168 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\misc.exe + 2007-07-13 01:34 . 2010-06-12 04:09 135168 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\misc.exe - 2007-07-13 01:34 . 2010-05-13 07:03 593920 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\accicons.exe + 2007-07-13 01:34 . 2010-06-12 04:09 593920 c:\windows\Installer\{91E30409-6000-11D3-8CFE-0150048383C9}\accicons.exe + 2008-01-02 01:30 . 2008-01-02 01:30 103776 c:\windows\Installer\$PatchCache$\Managed\90403E1900063D11C8EF10054038389C\11.0.8173\IPATHPIA.DLL + 2010-06-12 04:18 . 2010-02-25 06:24 916480 c:\windows\ie8updates\KB982381-IE8\wininet.dll + 2010-06-12 04:18 . 2010-02-22 14:23 382840 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll + 2010-06-12 04:18 . 2008-07-08 13:02 231288 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe + 2010-06-12 04:18 . 2010-02-25 06:24 206848 c:\windows\ie8updates\KB982381-IE8\occache.dll + 2010-06-12 04:18 . 2010-02-25 06:24 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll + 2010-06-12 04:18 . 2010-02-25 06:24 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll + 2010-06-12 04:18 . 2010-02-25 06:24 247808 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll + 2010-06-12 04:18 . 2010-02-25 06:24 184320 c:\windows\ie8updates\KB982381-IE8\iepeers.dll + 2010-06-12 04:18 . 2009-03-08 08:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll + 2010-06-12 04:18 . 2010-02-25 06:24 387584 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll + 2010-06-12 04:18 . 2010-02-24 09:54 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe + 2010-06-12 04:13 . 2010-06-12 04:13 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_6cc4ef63\System.Drawing.dll + 2010-06-12 04:13 . 2010-06-12 04:13 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_b837152f\System.Drawing.Design.dll + 2010-06-12 04:13 . 2010-06-12 04:13 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_c02bde0f\CustomMarshalers.dll + 2010-06-12 04:23 . 2010-06-12 04:23 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\4d07b1ccecca66f320c1a0971dd614d1\WsatConfig.ni.exe + 2010-06-12 04:17 . 2010-06-12 04:17 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\a7c702f75d47bf841b9587e582c2d0b2\WindowsFormsIntegration.ni.dll + 2010-06-12 04:17 . 2010-06-12 04:17 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\3a78043c85333d5af49a0d958912ae4a\UIAutomationClient.ni.dll + 2010-06-12 04:25 . 2010-06-12 04:25 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\747e84d81d1de2041661f0f71b04734a\System.Xml.Linq.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\d51dfbd8d5431eb89181baaa24863e15\System.Web.Routing.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\436dde9611932489da3dc8a1be170843\System.Web.RegularExpressions.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\e8ef769b3e899e62b26daadee50b97ed\System.Web.Extensions.Design.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\ce3b446b7bee5c47949c994ec89b1649\System.Web.Entity.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\ad04fe1182e55e7c01066b62a4bee6b5\System.Web.Entity.Design.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\20ba0d4d182a1a9c1f54c00d3bc29a68\System.Web.DynamicData.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\c97ecf9250c2f0794262534f27f98b72\System.Web.Abstractions.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9c56656c88979cf18de6cbcb6587ba8f\System.Transactions.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5adb0f89d469632511aed9d88cfe05c4\System.ServiceProcess.ni.dll + 2010-06-12 04:23 . 2010-06-12 04:23 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\42b2ffb594dbd5652a576a0dce28722c\System.Security.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3231473e2ec4451c8f218930fda80d19\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\f90965b9d9a6a6604c9a66f57c37c026\System.Net.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\16670b6870746e5a8dc4a73a76a90bed\System.Management.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\e6bd59fec415e273c173170c6508180a\System.Management.Instrumentation.ni.dll + 2010-06-12 04:22 . 2010-06-12 04:22 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\e3eb86170cba4c80e6e22ca33c63c218\System.IO.Log.ni.dll + 2010-06-12 04:23 . 2010-06-12 04:23 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\cfa48936affc9a5fb89f0bf66cc52a47\System.IdentityModel.Selectors.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\e9edc5cd12ebb513b4a3c53cb4640771\System.EnterpriseServices.Wrapper.dll + 2010-06-12 04:24 . 2010-06-12 04:24 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\e9edc5cd12ebb513b4a3c53cb4640771\System.EnterpriseServices.ni.dll + 2010-06-12 04:16 . 2010-06-12 04:16 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\aeba6820f20655dec7fe0fe05aaeb818\System.Drawing.Design.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\9ef70079beca3a9982a3aa76ebc0ddd8\System.DirectoryServices.Protocols.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\277619716d9136216065bea970365c65\System.DirectoryServices.AccountManagement.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\90b67e13866b176ae6cbdb23144f724d\System.Data.Services.Client.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\131a477d41a8669b15696128b94c2636\System.Data.Services.Design.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\d4990681ce373d81a52b231ee4c4afea\System.Data.Entity.Design.ni.dll + 2010-06-12 04:23 . 2010-06-12 04:23 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\9e9d66a3a0e16fceead505c25af569eb\System.Data.DataSetExtensions.ni.dll + 2010-06-12 04:23 . 2010-06-12 04:23 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\39e4f9a276fb12125d8a1444d8b65a84\System.Configuration.Install.ni.dll + 2010-06-12 04:23 . 2010-06-12 04:23 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\849916c5cb3ff7763d15a3976766c2f6\System.AddIn.ni.dll + 2010-06-12 04:23 . 2010-06-12 04:23 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\f38a426b90e6c526dcb2c435c7380450\SMSvcHost.ni.exe + 2010-06-12 04:23 . 2010-06-12 04:23 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\6cabc7d1700c224e8b41ff2f96a3087c\SMDiagnostics.ni.dll + 2010-06-12 04:23 . 2010-06-12 04:23 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\5c8f5ca36498f43980d64820d8186c8a\ServiceModelReg.ni.exe + 2010-06-12 04:16 . 2010-06-12 04:16 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ae733e4062edba3a33bb0a632bef66bf\PresentationFramework.Royale.ni.dll + 2010-06-12 04:16 . 2010-06-12 04:16 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3ffad524016f0aba7b11a8aa33301a65\PresentationFramework.Aero.ni.dll + 2010-06-12 04:16 . 2010-06-12 04:16 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\201968d038a23a4688310fed1eeaddaa\PresentationFramework.Classic.ni.dll + 2010-06-12 04:16 . 2010-06-12 04:16 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ead87ca8eb84c595c77c70e3b2df88d\PresentationFramework.Luna.ni.dll + 2010-06-12 04:23 . 2010-06-12 04:23 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\7700963610c1af364aa934c3c824b7b4\MSBuild.ni.exe + 2010-06-12 04:23 . 2010-06-12 04:23 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\c74d4c69c49992dfb23ba512081dc3de\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2010-06-12 04:23 . 2010-06-12 04:23 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\a6a9f24b1a8984eaafbabb1ee968e359\Microsoft.Build.Utilities.ni.dll + 2010-06-12 04:23 . 2010-06-12 04:23 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\2fa81d363cb1496be2427d848a867409\Microsoft.Build.Utilities.v3.5.ni.dll + 2010-06-12 04:23 . 2010-06-12 04:23 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\c4c360df9c1024ebc3f0de77f5cf8b1c\Microsoft.Build.Engine.ni.dll + 2010-06-12 04:23 . 2010-06-12 04:23 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\c9386dcd89c2518a74115f3bfd861830\Microsoft.Build.Conversion.v3.5.ni.dll + 2010-06-12 04:23 . 2010-06-12 04:23 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\abb62e3ed74c974f0282bc7ea5d3f1c1\ComSvcConfig.ni.exe + 2010-06-12 04:23 . 2010-06-12 04:23 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\6d34f00b6a782d15bec70d6cdb00b5e8\AspNetMMCExt.ni.dll + 2010-06-12 04:14 . 2010-06-12 04:14 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll - 2009-10-16 07:08 . 2009-10-16 07:08 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll - 2009-10-16 07:08 . 2009-10-16 07:08 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll + 2010-06-12 04:14 . 2010-06-12 04:14 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll - 2009-10-16 07:08 . 2009-10-16 07:08 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2010-06-12 04:14 . 2010-06-12 04:14 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2010-06-12 04:14 . 2010-06-12 04:14 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll - 2009-10-16 07:08 . 2009-10-16 07:08 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2010-06-12 04:15 . 2010-06-12 04:15 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll - 2009-10-16 07:08 . 2009-10-16 07:08 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2010-06-12 04:14 . 2010-06-12 04:14 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll - 2009-10-16 07:08 . 2009-10-16 07:08 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2010-06-12 04:14 . 2010-06-12 04:14 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2010-06-12 04:14 . 2010-06-12 04:14 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll - 2009-10-16 07:08 . 2009-10-16 07:08 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll + 2010-06-12 04:14 . 2010-06-12 04:14 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll - 2009-10-16 07:08 . 2009-10-16 07:08 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2010-06-12 04:15 . 2010-06-12 04:15 438272 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll - 2009-10-16 07:08 . 2009-10-16 07:08 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll + 2010-06-12 04:14 . 2010-06-12 04:14 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - 2009-10-16 07:08 . 2009-10-16 07:08 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2010-06-12 04:14 . 2010-06-12 04:14 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2010-06-12 04:14 . 2010-06-12 04:14 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2009-10-16 07:08 . 2009-10-16 07:08 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2009-10-16 07:08 . 2009-10-16 07:08 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll + 2010-06-12 04:14 . 2010-06-12 04:14 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll - 2009-10-16 07:08 . 2009-10-16 07:08 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2010-06-12 04:14 . 2010-06-12 04:14 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll - 2009-10-16 07:08 . 2009-10-16 07:08 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2010-06-12 04:14 . 2010-06-12 04:14 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll + 2010-06-12 04:14 . 2010-06-12 04:14 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll - 2009-10-16 07:08 . 2009-10-16 07:08 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll - 2009-08-08 07:04 . 2009-08-08 07:04 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll + 2010-06-12 04:15 . 2010-06-12 04:15 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll + 2010-06-12 04:14 . 2010-06-12 04:14 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll - 2009-10-16 07:08 . 2009-10-16 07:08 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2010-06-12 04:14 . 2010-06-12 04:14 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2009-10-16 07:08 . 2009-10-16 07:08 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2009-10-16 07:08 . 2009-10-16 07:08 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2010-06-12 04:14 . 2010-06-12 04:14 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll - 2009-10-16 07:08 . 2009-10-16 07:08 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2010-06-12 04:14 . 2010-06-12 04:14 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2010-06-12 04:14 . 2010-06-12 04:14 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll - 2009-10-16 07:08 . 2009-10-16 07:08 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll - 2009-10-16 07:08 . 2009-10-16 07:08 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2010-06-12 04:14 . 2010-06-12 04:14 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll + 2010-06-12 04:14 . 2010-06-12 04:14 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll - 2009-10-16 07:08 . 2009-10-16 07:08 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2010-06-12 04:14 . 2010-06-12 04:14 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - 2009-10-16 07:08 . 2009-10-16 07:08 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - 2009-10-16 07:08 . 2009-10-16 07:08 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2010-06-12 04:14 . 2010-06-12 04:14 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - 2009-10-16 07:08 . 2009-10-16 07:08 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2010-06-12 04:14 . 2010-06-12 04:14 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2010-06-12 04:14 . 2010-06-12 04:14 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll - 2009-10-16 07:08 . 2009-10-16 07:08 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2010-06-12 04:07 . 2010-06-12 04:07 111624 c:\windows\assembly\GAC\Microsoft.Office.Interop.InfoPath\11.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.InfoPath.dll + 2005-08-04 01:29 . 2010-04-06 08:52 2462720 c:\windows\system32\WMVCore.dll - 2006-01-09 18:02 . 2010-02-25 06:24 1209344 c:\windows\system32\urlmon.dll + 2006-01-09 18:02 . 2010-05-06 10:41 1209344 c:\windows\system32\urlmon.dll + 2005-08-30 04:13 . 2010-02-05 18:27 1291776 c:\windows\system32\quartz.dll - 2005-08-30 04:13 . 2009-11-27 17:11 1291776 c:\windows\system32\quartz.dll + 2006-02-01 02:59 . 2010-05-06 10:41 5950976 c:\windows\system32\mshtml.dll + 2006-10-17 16:57 . 2010-05-06 10:41 1985536 c:\windows\system32\iertutil.dll - 2006-10-17 16:57 . 2010-02-25 06:24 1985536 c:\windows\system32\iertutil.dll + 2005-08-04 01:29 . 2010-04-06 08:52 2462720 c:\windows\system32\dllcache\WMVCore.dll + 2008-10-15 17:43 . 2010-05-02 05:22 1851264 c:\windows\system32\dllcache\win32k.sys + 2006-01-09 18:02 . 2010-05-06 10:41 1209344 c:\windows\system32\dllcache\urlmon.dll - 2006-01-09 18:02 . 2010-02-25 06:24 1209344 c:\windows\system32\dllcache\urlmon.dll - 2008-05-07 05:12 . 2009-11-27 17:11 1291776 c:\windows\system32\dllcache\quartz.dll + 2008-05-07 05:12 . 2010-02-05 18:27 1291776 c:\windows\system32\dllcache\quartz.dll + 2006-02-01 02:59 . 2010-05-06 10:41 5950976 c:\windows\system32\dllcache\mshtml.dll + 2007-05-08 23:59 . 2010-05-06 10:41 1985536 c:\windows\system32\dllcache\iertutil.dll - 2007-05-08 23:59 . 2010-02-25 06:24 1985536 c:\windows\system32\dllcache\iertutil.dll + 2010-04-08 03:48 . 2010-04-08 03:48 5967872 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll + 2010-03-23 09:32 . 2010-03-23 09:32 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll - 2008-11-25 08:59 . 2008-11-25 08:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll + 2010-03-23 09:32 . 2010-03-23 09:32 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll + 2010-04-01 15:42 . 2010-04-01 15:42 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll - 2008-05-28 05:35 . 2008-05-28 05:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll - 2008-05-28 05:35 . 2008-05-28 05:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll + 2010-04-01 15:42 . 2010-04-01 15:42 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll + 2010-03-31 18:50 . 2010-03-31 18:50 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll - 2008-05-28 04:48 . 2008-05-28 04:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll + 2010-03-31 18:50 . 2010-03-31 18:50 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll + 2010-04-01 15:42 . 2010-04-01 15:42 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll - 2008-05-28 04:43 . 2008-05-28 04:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll + 2010-04-12 02:17 . 2010-04-12 02:17 2607104 c:\windows\Installer\b3181.msp + 2010-04-12 02:17 . 2010-04-12 02:17 4210688 c:\windows\Installer\b3180.msp + 2010-04-24 21:10 . 2010-04-24 21:10 8486400 c:\windows\Installer\b3149.msp + 2010-05-05 02:25 . 2010-05-05 02:25 7681024 c:\windows\Installer\b3121.msp + 2010-05-03 20:11 . 2010-05-03 20:11 4149760 c:\windows\Installer\b310b.msp + 2010-03-30 16:34 . 2010-03-30 16:34 3826688 c:\windows\Installer\b30f5.msp + 2010-05-03 20:27 . 2010-05-03 20:27 6825472 c:\windows\Installer\b30df.msp + 2010-05-03 20:06 . 2010-05-03 20:06 5053952 c:\windows\Installer\b30c9.msp + 2010-05-10 21:17 . 2010-05-10 21:17 5520896 c:\windows\Installer\b30b3.msp + 2007-04-30 19:57 . 2007-04-30 19:57 7084384 c:\windows\Installer\$PatchCache$\Managed\90403E1900063D11C8EF10054038389C\11.0.8173\INFOPATH.EXE + 2010-06-12 04:18 . 2010-02-25 06:24 1209344 c:\windows\ie8updates\KB982381-IE8\urlmon.dll + 2010-06-12 04:18 . 2010-02-25 06:24 5944832 c:\windows\ie8updates\KB982381-IE8\mshtml.dll + 2010-06-12 04:18 . 2010-02-25 06:24 1985536 c:\windows\ie8updates\KB982381-IE8\iertutil.dll + 2009-10-16 07:03 . 2009-10-16 07:03 1966080 c:\windows\assembly\temp\V9B2C22HU7\System.dll + 2009-10-16 07:03 . 2009-10-16 07:03 3391488 c:\windows\assembly\temp\T4TNC1G21V\mscorlib.dll + 2009-10-16 07:03 . 2009-10-16 07:03 1232896 c:\windows\assembly\temp\ASECA8Y40R\System.dll + 2010-06-12 04:13 . 2010-06-12 04:13 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_b88ef546\System.dll + 2010-06-12 04:13 . 2010-06-12 04:13 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_53f62113\System.dll + 2010-06-12 04:13 . 2010-06-12 04:13 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_d577704b\System.Xml.dll + 2010-06-12 04:13 . 2010-06-12 04:13 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_6546de3c\System.Xml.dll + 2010-06-12 04:13 . 2010-06-12 04:13 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_4b06242b\System.Windows.Forms.dll + 2010-06-12 04:13 . 2010-06-12 04:13 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_380c27f9\System.Windows.Forms.dll + 2010-06-12 04:13 . 2010-06-12 04:13 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_d4db55a6\System.Drawing.dll + 2010-06-12 04:13 . 2010-06-12 04:13 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_9e2ab156\System.Design.dll + 2010-06-12 04:13 . 2010-06-12 04:13 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_3b33193b\System.Design.dll + 2010-06-12 04:13 . 2010-06-12 04:13 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_7fd57af5\mscorlib.dll + 2010-06-12 04:13 . 2010-06-12 04:13 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_3723a507\mscorlib.dll + 2010-06-12 04:15 . 2010-06-12 04:15 3313664 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\f231461883859922a040002dddfb7b12\WindowsBase.ni.dll + 2010-06-12 04:17 . 2010-06-12 04:17 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\48b66876f72f472db62de48ae4369406\UIAutomationClientsideProviders.ni.dll + 2010-06-12 04:15 . 2010-06-12 04:15 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\37217abe2c5164e59aba251860f4c79e\System.ni.dll + 2010-06-12 04:17 . 2010-06-12 04:17 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\563a54b98adb70fae862974042298348\System.Xml.ni.dll + 2010-06-12 04:25 . 2010-06-12 04:25 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\016b75f60a18535c8d6b3e5d861ab559\System.WorkflowServices.ni.dll + 2010-06-12 04:25 . 2010-06-12 04:25 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\6dacae37d337004345518976fb57099e\System.Workflow.Runtime.ni.dll + 2010-06-12 04:25 . 2010-06-12 04:25 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\c7b832bbc5bb11c6c7f128c801ce90d7\System.Workflow.ComponentModel.ni.dll + 2010-06-12 04:25 . 2010-06-12 04:25 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\b9ea6ea910293cd6f13f765775867ebd\System.Workflow.Activities.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\8ef8d556899a4a10b7f288a80925489f\System.Web.Services.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\5dfda43f1991ee6ba345d62b2be4801c\System.Web.Mobile.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f08b3b8cdf548e3dfe61f342536175eb\System.Web.Extensions.ni.dll + 2010-06-12 04:17 . 2010-06-12 04:17 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\2d6a5dbee4506bf643b853e41668afa3\System.Speech.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\169fe0ad9d59982a2a6b89779c09885b\System.ServiceModel.Web.ni.dll + 2010-06-12 04:22 . 2010-06-12 04:22 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8b2710a63ecd363315ef16b257588b95\System.Runtime.Serialization.ni.dll + 2010-06-12 04:17 . 2010-06-12 04:17 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\161b423dc4e86e569af019e838d39de5\System.Printing.ni.dll + 2010-06-12 04:22 . 2010-06-12 04:22 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\ad4fb86064d7a1ebcb9ee997e7208ac1\System.IdentityModel.ni.dll + 2010-06-12 04:16 . 2010-06-12 04:16 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f3440ea00eb3c40dc073b2fe03843638\System.Drawing.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7deab2494d53763cd83c567e71e0d8e0\System.DirectoryServices.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\b81efadfee7702624b713c6d86f7e369\System.Deployment.ni.dll + 2010-06-12 04:16 . 2010-06-12 04:16 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\50130ef751b98a4a11bd4ab73af7cab5\System.Data.ni.dll + 2010-06-12 04:23 . 2010-06-12 04:23 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f71abf392c5ca05a4e46a5d1c4c72856\System.Data.SqlXml.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\5e6311aff5ada83d0f854922fa62faf6\System.Data.Services.ni.dll + 2010-06-12 04:16 . 2010-06-12 04:16 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c3ba3367d03779ad6e76c5d4cdfe572a\System.Data.Linq.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6abf820d8ec57a0561c3367727d274df\System.Data.Entity.ni.dll + 2010-06-12 04:16 . 2010-06-12 04:16 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\e98726349766935ec0e9b980f19a046a\System.Core.ni.dll + 2010-06-12 04:16 . 2010-06-12 04:16 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\fc373f0a8dbd173c63b6b95551b1c673\ReachFramework.ni.dll + 2010-06-12 04:16 . 2010-06-12 04:16 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\ead93b6a4f0101cb99d09f3e3fc6491c\PresentationUI.ni.dll + 2010-06-12 04:15 . 2010-06-12 04:15 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\20ef773b20f6ce721ae60e5c2c2e8f80\PresentationBuildTasks.ni.dll + 2010-06-12 04:23 . 2010-06-12 04:23 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\935b855860088a86bb65d37a19f059cc\Microsoft.VisualBasic.ni.dll + 2010-06-12 04:23 . 2010-06-12 04:23 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\7a266de493d30eed21cb60ebe300be53\Microsoft.Transactions.Bridge.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\9db8f9f7fe63ca4451bb5316a3ebb009\Microsoft.JScript.ni.dll + 2010-06-12 04:23 . 2010-06-12 04:23 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\c96be82d6cb00367db4e3553272165ef\Microsoft.Build.Tasks.v3.5.ni.dll + 2010-06-12 04:23 . 2010-06-12 04:23 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\3815de5b052187b5d9375681a6784255\Microsoft.Build.Tasks.ni.dll + 2010-06-12 04:23 . 2010-06-12 04:23 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\43fc6723d08e9ce88701c29653efd224\Microsoft.Build.Engine.ni.dll + 2010-06-12 04:14 . 2010-06-12 04:14 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll - 2009-10-16 07:08 . 2009-10-16 07:08 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll + 2010-06-12 04:14 . 2010-06-12 04:14 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - 2009-10-16 07:08 . 2009-10-16 07:08 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2010-06-12 04:14 . 2010-06-12 04:14 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2010-06-12 04:15 . 2010-06-12 04:15 5967872 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll - 2009-10-16 07:08 . 2009-10-16 07:08 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2010-06-12 04:14 . 2010-06-12 04:14 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll - 2009-10-16 07:08 . 2009-10-16 07:08 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll + 2010-06-12 04:14 . 2010-06-12 04:14 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll - 2009-10-16 07:08 . 2009-10-16 07:08 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2010-06-12 04:14 . 2010-06-12 04:14 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - 2009-10-16 07:08 . 2009-10-16 07:08 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll + 2010-06-12 04:14 . 2010-06-12 04:14 4546560 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll - 2009-10-16 07:03 . 2009-10-16 07:03 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll + 2010-06-12 04:13 . 2010-06-12 04:13 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll - 2009-10-16 07:03 . 2009-10-16 07:03 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll + 2010-06-12 04:13 . 2010-06-12 04:13 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll - 2006-12-01 02:54 . 2010-05-28 16:37 32472008 c:\windows\system32\MRT.exe + 2006-12-01 02:54 . 2010-05-28 19:37 32472008 c:\windows\system32\MRT.exe + 2006-11-08 02:03 . 2010-05-06 10:41 11076096 c:\windows\system32\ieframe.dll + 2007-05-08 23:59 . 2010-05-06 10:41 11076096 c:\windows\system32\dllcache\ieframe.dll + 2010-04-02 23:29 . 2010-04-02 23:29 11413504 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp + 2010-04-12 02:17 . 2010-04-12 02:17 14599680 c:\windows\Installer\b3190.msp + 2010-04-02 16:30 . 2010-04-02 16:30 17456640 c:\windows\Installer\b3175.msp + 2010-04-24 21:09 . 2010-04-24 21:09 11750912 c:\windows\Installer\b3140.msp + 2010-05-11 15:30 . 2010-05-11 15:30 11194880 c:\windows\Installer\b3137.msp + 2010-06-12 04:18 . 2010-02-25 15:54 11070976 c:\windows\ie8updates\KB982381-IE8\ieframe.dll + 2010-06-12 04:17 . 2010-06-12 04:17 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\2dfe045e4b1577fdea9a2f456db0afc2\System.Windows.Forms.ni.dll + 2010-06-12 04:24 . 2010-06-12 04:24 11797504 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\d987cf1de4ba688da92e212a374232c2\System.Web.ni.dll + 2010-06-12 04:23 . 2010-06-12 04:23 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\8b74f2fe3f3632f95ff4ddb8c4839a1e\System.ServiceModel.ni.dll + 2010-06-12 04:16 . 2010-06-12 04:16 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\f352c5cb50bee105e4c873ca050f9f46\System.Design.ni.dll + 2010-06-12 04:16 . 2010-06-12 04:16 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ca898d942e4d85af4c3d5f14a77c359a\PresentationFramework.ni.dll + 2010-06-12 04:15 . 2010-06-12 04:15 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\ba8f917fd89d7afa8885c2a326379f03\PresentationCore.ni.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\program files\steam\steam.exe" [2006-01-01 1238352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-11-21 52840] "vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2007-03-14 125632] "nTrayFw"="c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe" [2006-02-17 270336] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-18 421888] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] c:\documents and settings\William Trantham\Start Menu\Programs\Startup\ Snapfish Picture Mover.lnk - c:\program files\Snapfish Picture Mover\SnapfishPictureMover.exe [2007-1-30 442368] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Snapfish Picture Mover.lnk - c:\program files\Snapfish Picture Mover\SnapfishPictureMover.exe [2007-1-30 442368] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acer Empowering Technology.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Acer Empowering Technology.lnk backup=c:\windows\pss\Acer Empowering Technology.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acer WLAN 11g USB Dongle.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Acer WLAN 11g USB Dongle.lnk backup=c:\windows\pss\Acer WLAN 11g USB Dongle.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Billminder.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Billminder.lnk backup=c:\windows\pss\Billminder.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Startup.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Quicken Startup.lnk backup=c:\windows\pss\Quicken Startup.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^William Trantham^Start Menu^Programs^Startup^PMB Media Check Tool.lnk] path=c:\documents and settings\William Trantham\Start Menu\Programs\Startup\PMB Media Check Tool.lnk backup=c:\windows\pss\PMB Media Check Tool.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchApp] Alaunch [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Empowering Technology Monitor] 2006-04-19 03:54 49152 ----a-w- c:\windows\system32\SysMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch] 2010-06-09 01:54 864112 ----a-w- c:\program files\Lavasoft\Ad-Aware\AAWTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2008-10-15 05:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CXMon] 2000-08-22 17:20 32768 ----a-w- c:\program files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_monitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DACSMiniApp] 2008-03-13 16:05 128256 ----a-w- c:\program files\Fisher-Price\DACS\MiniApp\DACSMiniApp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray] 2005-09-29 22:01 67584 ----a-w- c:\windows\ehome\ehtray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService] 2006-04-29 00:43 401408 ----a-w- c:\acer\Empowering Technology\eRecovery\eRAgent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager] 2003-12-22 16:38 241664 ----a-w- c:\program files\HP\hpcoretech\hpcmpmgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2005-02-17 04:11 49152 ----a-w- c:\program files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility] 2003-12-04 12:44 176128 ----a-w- c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHmon05] 2004-02-02 08:41 495616 ----a-w- c:\windows\system32\hphmon05.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD05] 2003-11-12 13:23 49152 ----a-w- c:\program files\Hewlett-Packard\{D946675D-1D6C-4dc8-9E0D-B4B8EAA30EAA}\hphupd05.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPIJetSend] 2000-08-22 17:24 585728 ----a-w- c:\program files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_JetSend.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ImageItEncrypt] 2005-12-30 22:02 40960 ----a-w- c:\windows\system32\ImageItEncrypt.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1] 2004-08-10 20:00 208952 ----a-w- c:\windows\ime\imjp8_1\imjpmig.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002] 2004-08-10 20:00 59392 ----a-w- c:\windows\system32\IME\PINTLGNT\IMSCINST.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI] 2005-05-12 01:15 45056 ----a-w- c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A] 2004-08-10 20:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync] 2004-08-10 20:00 455168 ----a-w- c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-03-18 01:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] 2004-11-03 03:24 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL] 2005-06-07 02:40 544768 ----a-w- c:\windows\sm56hlpr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] 2005-09-22 16:42 90112 ----a-w- c:\windows\soundman.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] 2006-01-01 04:36 1238352 ----a-w- c:\program files\Steam\Steam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall Adobe Download Manager] 2010-03-29 12:51 68000 ----a-w- c:\program files\NOS\bin\getPlus_Helper.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Hewlett-Packard\\PhotoSmart\\Photo Imaging\\Hpi_JetSend.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\Steam\\steamapps\\trantwd\\half-life 2 deathmatch\\hl2.exe"= "c:\\Program Files\\Steam\\steamapps\\trantwd\\zombie panic! source\\hl2.exe"= "c:\\Program Files\\Steam\\steamapps\\trantwd\\insurgency\\hl2.exe"= "c:\\Program Files\\Steam\\steam.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Steam\\steamapps\\trantwd\\half-life\\hl.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Steam\\steamapps\\common\\r.u.s.e. beta\\Ruse.exe"= "c:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"= R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [6/8/2010 9:55 PM 64288] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [5/28/2010 8:02 PM 102448] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2/4/2010 11:52 AM 1352320] S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [3/14/2007 7:48 PM 116416] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] getPlusHelper REG_MULTI_SZ getPlusHelper . Contents of the 'Scheduled Tasks' folder 2010-06-12 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 01:54] . . ------- Supplementary Scan ------- . uInternet Settings,ProxyOverride = *.local LSP: %SYSTEMROOT%\system32\nvappfilter.dll DPF: {1FA44E01-A60B-4449-BF97-66CDAA200433} - hxxps://mysmartoffice2.ez-data.com/downloads/SOConfig6.cab DPF: {D22621D3-E219-4B03-AF3E-5E8AEF7CC70B} - hxxps://mysmartoffice2.ez-data.com/downloads/SmartOfficeLink6.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-06-12 06:17 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-659982787-1598851146-1861264994-1005\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(792) c:\windows\system32\Ati2evxx.dll c:\windows\system32\atiadlxx.dll - - - - - - - > 'lsass.exe'(852) c:\windows\system32\nvappfilter.dll . Completion time: 2010-06-12 06:18:54 ComboFix-quarantined-files.txt 2010-06-12 10:18 ComboFix2.txt 2010-06-12 03:49 Pre-Run: 61,433,925,632 bytes free Post-Run: 61,427,425,280 bytes free - - End Of File - - 38B27B7E16A669CFD0F1278D32D66CC8

I have ran malwarebytes and it removed the files or so I thought. Now I am getting browser redirects to different websites at random when using IE. My computer is also randomly locking up. Please help me. I don't want to format my hard drive but I am getting close to doing it. Thanks you in advance for any help that can be provided. Log from most previous scan that had a trojan is attached as well as another scan that had a registry key infected. If I scan now it shows it is clean but I am still getting the browser redirects Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4188 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 6/11/2010 8:17:51 AM mbam-log-2010-06-11 (08-17-51).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 52522 Time elapsed: 14 minute(s), 5 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Documents and Settings\William Trantham\My Documents\Flash.Player.HD.v10.0.exe (Trojan.DNSChanger) -> Quarantined and deleted successfully. Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4188 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 6/11/2010 8:02:08 AM mbam-log-2010-06-11 (08-02-08).txt Scan type: Quick scan Objects scanned: 142065 Time elapsed: 9 minute(s), 2 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntiVirus) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)