schlepsa

I downloaded TFC and closed all programs including security. TFC instructions said that I would be prompted to reboot if necessary. If not, it said the desktop would be restored. I ran TFC. It said it was gathering files then almost immediatly said it had stopped. That was it. Nothing more occured. No reboot instructions, no restored desktop. Since I was not sure that the job was finished, I left it alone. Five hours later, it was still the same. I shut down my computer since I could not get out of the TFC screen. Just to see if I had done anything wrong I deleted the TFC file, downloaded it again from here and ran it again. Same result although I did not wait five hours again. Did this work correctly or is there something I did wrong?

I got a bunch of emails returned. I did not send any emails. I use AOL email. Contacted them to see what was going on. They said I should change my password and security question. I did that but I'm worried that I've still got a problem. Following the instructions in "I'm infected-What do I do now?" I ran a quick scan on Malwarebytes ( and a full scan, too). Nothing showed up as infected. I downloaded and ran Defogger and posted DDS and zipped Attach files. Then ran GMER scanner and posted "ark.txt". Can somebody tell me if I have a problem and if so, what to do? ark.zip Attach.zip DDS.txt mbam_log_2010_11_28__05_52_30_.txt mbam_log_2010_12_03__01_18_01_.txt

I use AOL email. Today I got a flock of returned mail notifications. I did not send any mail to anyone. One of my co-workers opened an email from me that turned out to be some kind of work from home advertisement. I contacted AOL. They told me to change my password and security question. I did that but I am worried that this thing is still in my system. I ran Malwarebyte, Spybot and Eset. Nothing turned up but I'd like your opinions. Any ideas?

eset_scan.zipHello, again, This time I'm having trouble with the scan log. I can't figure out how to move it from the log to this message. I've tried pasting it here but I get a message that it's too big to be sent that way. I tried to put it in a zip file. That part worked but I can't get it to move over here. Eset itself will copy the log to something called a clipboard but I'll be damned if I can find that on my computer. Any suggestions?

Hello, Well, with the exception of Internet Explorer main page taking forever to load, the things that led me to send you the first message seem to be gone. I am still suspicious of the electronic gremlins that may be floating around in the PC attic so I still want to wipe them out permanently in the near future. As far as being safe at the present time, do you think it's OK to use my computer to pay bills online? I never store my card info in the computer. Ditto for passwords. Some of the companies that I deal with keep a record of my checking account number on their side of the transaction and ask if I'm still using those numbers when I make a payment. I don't bank online, either. In brief, I suppose I never got to the point that I trust the safety of the net. Right now I'm glad that was the case. Oh, can I use PayPal to shoot a little something to express my gratitude? One more thing, Thank You so much for your clear, precise and patient help. P.S. I sent both logs and the latest Malwarebytes log. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-03-17.01) Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4451 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 8/20/2010 7:08:33 AM mbam-log-2010-08-20 (07-08-33).txt Scan type: Full scan (C:\|) Objects scanned: 226799 Time elapsed: 1 hour(s), 40 minute(s), 15 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume2 Install Date: 12/26/2005 4:07:28 AM System Uptime: 8/19/2010 5:33:17 PM (11 hours ago) Motherboard: Dell Inc. | | 0JC474 Processor: Intel® Pentium® 4 CPU 3.00GHz | Microprocessor | 2992/800mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 70 GiB total, 42.141 GiB free. D: is CDROM (UDF) ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP444: 5/22/2010 9:31:21 AM - System Checkpoint RP445: 5/23/2010 10:07:22 AM - System Checkpoint RP446: 5/24/2010 10:09:26 AM - System Checkpoint RP447: 5/25/2010 10:39:46 AM - System Checkpoint RP448: 5/26/2010 2:00:16 AM - Software Distribution Service 3.0 RP449: 5/27/2010 2:31:48 AM - System Checkpoint RP450: 5/28/2010 9:40:03 PM - System Checkpoint RP451: 5/29/2010 9:42:57 PM - System Checkpoint RP452: 6/1/2010 9:38:55 PM - System Checkpoint RP453: 6/3/2010 11:13:50 PM - System Checkpoint RP454: 6/7/2010 2:26:26 AM - System Checkpoint RP455: 6/8/2010 2:47:17 AM - System Checkpoint RP456: 6/8/2010 5:29:12 AM - Installed Java 6 Update 20 RP457: 6/9/2010 5:42:02 AM - System Checkpoint RP458: 6/11/2010 1:31:05 AM - System Checkpoint RP459: 6/12/2010 2:57:28 AM - System Checkpoint RP460: 6/13/2010 3:49:59 AM - System Checkpoint RP461: 6/14/2010 5:44:35 AM - System Checkpoint RP462: 6/15/2010 5:45:21 AM - System Checkpoint RP463: 6/17/2010 1:56:14 AM - System Checkpoint RP464: 6/18/2010 6:44:53 AM - System Checkpoint RP465: 6/19/2010 7:21:14 AM - System Checkpoint RP466: 6/20/2010 11:05:54 PM - System Checkpoint RP467: 6/22/2010 9:47:53 PM - System Checkpoint RP468: 6/24/2010 12:48:18 AM - System Checkpoint RP469: 6/26/2010 7:15:23 PM - Restore Operation RP470: 6/28/2010 2:33:47 AM - System Checkpoint RP471: 6/29/2010 3:04:45 AM - System Checkpoint RP472: 6/30/2010 6:23:25 PM - System Checkpoint RP473: 7/2/2010 1:05:45 AM - System Checkpoint RP474: 7/3/2010 1:14:00 AM - System Checkpoint RP475: 7/4/2010 5:16:59 AM - System Checkpoint RP476: 7/5/2010 7:14:01 AM - System Checkpoint RP477: 7/9/2010 3:57:28 PM - System Checkpoint RP478: 7/11/2010 3:37:12 AM - System Checkpoint RP479: 7/13/2010 1:58:16 AM - System Checkpoint RP480: 7/15/2010 7:25:59 AM - System Checkpoint RP481: 7/17/2010 1:14:40 AM - System Checkpoint RP482: 7/20/2010 3:17:26 AM - System Checkpoint RP483: 7/21/2010 3:20:00 AM - System Checkpoint RP484: 7/24/2010 1:39:52 AM - System Checkpoint RP485: 7/26/2010 4:53:31 AM - System Checkpoint RP486: 7/27/2010 6:00:32 AM - System Checkpoint RP487: 7/28/2010 6:22:14 AM - System Checkpoint RP488: 7/29/2010 5:10:17 PM - System Checkpoint RP489: 7/30/2010 5:22:32 PM - System Checkpoint RP490: 7/31/2010 5:46:14 PM - System Checkpoint RP491: 8/2/2010 3:57:07 AM - System Checkpoint RP492: 8/5/2010 5:13:55 PM - System Checkpoint RP493: 8/6/2010 6:29:47 PM - System Checkpoint RP494: 8/7/2010 4:54:16 AM - Restore Operation RP495: 8/8/2010 5:59:27 AM - System Checkpoint RP496: 8/11/2010 2:56:56 AM - System Checkpoint RP497: 8/13/2010 8:09:45 PM - System Checkpoint RP498: 8/15/2010 10:15:42 AM - System Checkpoint RP499: 8/17/2010 4:09:34 AM - Software Distribution Service 3.0 RP500: 8/18/2010 4:14:40 AM - System Checkpoint RP501: 8/19/2010 9:25:44 AM - System Checkpoint ==== Installed Programs ====================== 32 Bit HP CIO Components Installer 4500_Help Acrobat.com Adobe AIR Adobe Download Manager 2.2 (Remove Only) Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.3.2 Adobe Shockwave Player 11.5 Amazon MP3 Downloader 1.0.3 AnswerWorks 4.0 Runtime - English AnswerWorks 5.0 English Runtime AOL Coach Version 2.0(Build:20041026.5 en) AOL Toolbar 5.0 AOL Uninstaller (Choose which Products to Remove) AOL You've Got Pictures Screensaver AOLIcon Apple Application Support Apple Mobile Device Support Apple Software Update Bonjour BPD_HPSU bpd_scan BPDSoftware BPDSoftware_Ini BufferChm CCleaner Conexant D850 56K V.9x DFVc Modem Critical Update for Windows Media Player 11 (KB959772) CustomerResearchQFolder Dell Digital Jukebox Driver Dell Driver Reset Tool Dell Photo Printer 720 Dell Support 3.1 Dell System Restore Destination Component DeviceDiscovery DeviceManagementQFolder Digital Content Portal Digital Line Detect DocMgr DocProc DocProcQFolder DVD Suite EducateU ESET Smart Security ESPNMotion eSupportQFolder Fast Duplicate File Finder 2.8.0.1 Fax Google Toolbar for Internet Explorer GPBaseService High Definition Audio Driver Package - KB835221 HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 10 (KB903157) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) HP Customer Participation Program 10.0 HP Document Manager 1.0 HP Imaging Device Functions 10.0 HP Officejet J4500 Series HP Photosmart Essential 2.5 HP Smart Web Printing 4.60 HP Solution Center 10.0 HP Update HPProductAssistant HPSSupply Intel® Graphics Media Accelerator Driver Intel® PRO Network Connections Drivers Intel® PROSet for Wired Connections Internet Explorer Default Page iTunes J4500 Java 2 Runtime Environment, SE v1.4.2_03 Java Auto Updater Java 6 Update 20 Malwarebytes' Anti-Malware MarketResearch Microsoft .NET Framework 1.0 Hotfix (KB953295) Microsoft .NET Framework 1.0 Hotfix (KB979904) Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Plus! Digital Media Edition Installer Microsoft Plus! Photo Story 2 LE Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Modem Helper Move Networks Media Player for Internet Explorer Mozilla Firefox (3.6.6) MSN MSXML 4.0 SP2 (KB925672) MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MyWay Search Assistant NetWaiting OCR Software by I.R.I.S. 10.0 OpenOffice.org Installer 1.0 PowerDVD 5.5 PowerProducer ProductContext PSSWCORE QuickTime RealPlayer RealUpgrade 1.0 Scan Security Update for Windows Internet Explorer 7 (KB2183461) Security Update for Windows Internet Explorer 7 (KB938127) Security Update for Windows Internet Explorer 7 (KB939653) Security Update for Windows Internet Explorer 7 (KB942615) Security Update for Windows Internet Explorer 7 (KB944533) Security Update for Windows Internet Explorer 7 (KB950759) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows Internet Explorer 7 (KB972260) Security Update for Windows Internet Explorer 7 (KB974455) Security Update for Windows Internet Explorer 7 (KB976325) Security Update for Windows Internet Explorer 7 (KB978207) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 10 (KB911565) Security Update for Windows Media Player 10 (KB917734) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977165) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978251) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981349) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Shop for HP Supplies SmartWebPrinting SolutionCenter Sonic Encoders Spelling Dictionaries Support For Adobe Reader 9 Spybot - Search & Destroy Status System Requirements Lab for Intel Toolbox TrayApp Turbo Tax Audit Support Center 2.0 TurboTax 2008 TurboTax 2008 WinPerFedFormset TurboTax 2008 WinPerProgramHelp TurboTax 2008 WinPerReleaseEngine TurboTax 2008 WinPerTaxSupport TurboTax 2008 WinPerUserEducation TurboTax 2008 wnyiper TurboTax 2008 wrapper TurboTax 2009 TurboTax 2009 WinPerFedFormset TurboTax 2009 WinPerReleaseEngine TurboTax 2009 WinPerTaxSupport TurboTax 2009 wnyiper TurboTax 2009 wrapper TurboTax Deluxe 2007 Uniblue RegistryBooster 2009 Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Windows Internet Explorer 7 (KB976749) Update for Windows Internet Explorer 7 (KB980182) Update for Windows Media Player 10 (KB910393) Update for Windows Media Player 10 (KB913800) Update for Windows Media Player 10 (KB926251) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) Update Rollup 2 for Windows XP Media Center Edition 2005 VideoToolkit01 WD SmartWare WebFldrs XP WebReg Windows 7 Upgrade Advisor Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage v1.3.0254.0 Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 Windows Media Format 11 runtime Windows Media Player 10 Windows Media Player 10 Hotfix [see EmeraldQFE2 for more information] Windows Media Player 11 Windows Media Player Firefox Plugin Windows XP Media Center Edition 2005 KB908246 Windows XP Media Center Edition 2005 KB925766 Windows XP Media Center Edition 2005 KB973768 Windows XP Service Pack 3 ==== Event Viewer Messages From Past Week ======== 8/18/2010 9:28:02 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 960 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 8/18/2010 9:28:01 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 240 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 8/18/2010 7:28:00 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 120 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 8/18/2010 1:28:01 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 480 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 8/14/2010 3:56:14 AM, error: System Error [1003] - Error code 10000050, parameter1 e47a0000, parameter2 00000000, parameter3 a6e9ec3e, parameter4 00000001. 8/13/2010 4:03:20 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 60 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 8/13/2010 3:49:44 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: IntelIde 8/13/2010 3:46:30 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume. 8/13/2010 3:33:20 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 8/13/2010 3:18:20 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 8/13/2010 12:29:42 AM, error: Service Control Manager [7022] - The Windows Image Acquisition (WIA) service hung on starting. 8/13/2010 12:28:19 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Shell Hardware Detection service to connect. 8/13/2010 11:28:54 PM, error: Ftdisk [45] - The system could not sucessfully load the crash dump driver. 8/13/2010 11:06:26 PM, error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting. 8/13/2010 11:04:55 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Themes service to connect. 8/13/2010 11:04:55 PM, error: Service Control Manager [7000] - The Themes service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 8/13/2010 11:03:30 PM, error: Ftdisk [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory. 8/13/2010 11:02:01 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 8/13/2010 11:01:00 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service netman with arguments "" in order to run the server: {BA126AD7-2166-11D1-B1D0-00805FC1270E} 8/13/2010 10:06:54 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Wireless Zero Configuration service to connect. 8/13/2010 10:06:54 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the DHCP Client service to connect. 8/13/2010 10:06:54 PM, error: Service Control Manager [7000] - The Wireless Zero Configuration service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 8/13/2010 10:06:54 PM, error: Service Control Manager [7000] - The DHCP Client service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. ==== End Of File =========================== DDS (Ver_10-03-17.01) - NTFSx86 Run by Tom Kiernan at 4:40:52.65 on Fri 08/20/2010 Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_20 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.502 [GMT -4:00] AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe svchost.exe C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\WINDOWS\system32\svchost.exe -k hpdevmgmt C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\System32\svchost.exe -k HPZ12 svchost.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\internet explorer\iexplore.exe c:\program files\aol\aol toolbar 5.0\AolTbServer.exe C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\Tom Kiernan\Desktop\dds.com ============== Pseudo HJT Report =============== uStart Page = hxxp://www.dell4me.com/myway uInternet Connection Wizard,ShellNext = iexplore mURLSearchHooks: H - No File BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll BHO: AOL Toolbar Launcher: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol\aol toolbar 5.0\aoltb.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar2.dll EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [ehTray] c:\windows\ehome\ehtray.exe mRun: [igfxtray] c:\windows\system32\igfxtray.exe mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe mRun: [igfxpers] c:\windows\system32\igfxpers.exe mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe" mRun: [iSUSPM Startup] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -startup mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [AOLDialer] c:\program files\common files\aol\acs\AOLDial.exe mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wdsmar~1.lnk - c:\program files\western digital\wd smartware\front parlor\WDSmartWare.exe IE: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-us\local\search.html IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {3369AF0D-62E9-4bda-8103-B4C75499B578} - {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223} - c:\program files\bonjour\ExplorerPlugin.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll Trusted Zone: aebn.net\template Trusted Zone: aebn.net\www Trusted Zone: intuit.com Trusted Zone: intuit.com\ttlc Trusted Zone: turbotax.com DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.1.66.0.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll mASetup: {511C90F4-EF8B-42A0-B7EC-CF5D1B129D5E} - rundll32.exe "c:\documents and settings\networkservice\application data\bitrix security\lyenrei96.dll", DllUnrer ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\tomkie~1\applic~1\mozilla\firefox\profiles\sxn7evim.default\ FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official FF - prefs.js: keyword.URL - hxxp://www.google.com/firefox FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- FF - user.js: protocol-handler.warn-external.dnUpdate - falsec:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr ef", true); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); ============= SERVICES / DRIVERS =============== R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-2-6 106208] R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2009-2-6 727720] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-7-31 304464] R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328] R2 WDDMService;WD SmartWare Drive Manager;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2010-1-21 110592] R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\western digital\wd smartware\front parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-7-31 20952] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-7-31 38224] S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336] S3 TMPassthruMP;TMPassthruMP;c:\windows\system32\drivers\tmpassthru.sys --> c:\windows\system32\drivers\TMPassthru.sys [?] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2010-6-30 11520] =============== Created Last 30 ================ 2010-08-17 08:01:40 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe 2010-08-17 05:16:25 0 dcsha-r- C:\cmdcons 2010-08-17 05:11:49 98816 ----a-w- c:\windows\sed.exe 2010-08-17 05:11:49 77312 ----a-w- c:\windows\MBR.exe 2010-08-17 05:11:49 256512 ----a-w- c:\windows\PEV.exe 2010-08-17 05:11:49 161792 ----a-w- c:\windows\SWREG.exe 2010-08-14 03:03:11 0 d-----w- c:\docume~1\tomkie~1\applic~1\Bitrix Security 2010-08-14 01:05:00 0 ----a-w- c:\documents and settings\tom kiernan\defogger_reenable 2010-08-10 05:34:29 0 d-----w- c:\program files\common files\xing shared 2010-08-07 09:15:45 0 d-----w- c:\windows\system32\wbem\Repository 2010-07-30 19:40:34 0 d--h--w- c:\documents and settings\tom kiernan\Recent(2) ==================== Find3M ==================== 2010-08-10 05:34:02 348160 ----a-w- c:\windows\system32\msvcr71.dll 2010-07-27 06:30:35 8462336 ------w- c:\windows\system32\dllcache\shell32.dll 2010-06-30 12:31:35 149504 ----a-w- c:\windows\system32\schannel.dll 2010-06-30 12:31:35 149504 ------w- c:\windows\system32\dllcache\schannel.dll 2010-06-28 07:48:30 19456 ----a-w- c:\windows\system32\IntelNic.dll 2010-06-23 13:44:04 1851904 ----a-w- c:\windows\system32\win32k.sys 2010-06-23 13:44:04 1851904 ------w- c:\windows\system32\dllcache\win32k.sys 2010-06-23 12:06:51 70656 ------w- c:\windows\system32\dllcache\ie4uinit.exe 2010-06-23 12:06:51 13824 ------w- c:\windows\system32\dllcache\ieudinit.exe 2010-06-21 15:27:11 354304 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-21 15:27:11 354304 ------w- c:\windows\system32\dllcache\srv.sys 2010-06-18 13:36:12 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe 2010-06-17 15:12:57 634656 ------w- c:\windows\system32\dllcache\iexplore.exe 2010-06-17 15:11:25 161792 ------w- c:\windows\system32\dllcache\ieakui.dll 2010-06-17 14:03:00 80384 ----a-w- c:\windows\system32\iccvid.dll 2010-06-14 07:41:45 1172480 ----a-w- c:\windows\system32\msxml3.dll 2010-06-14 07:41:45 1172480 ------w- c:\windows\system32\dllcache\msxml3.dll 2009-02-02 05:49:13 104 --sh--r- c:\windows\system32\41C1A329B6.sys 2009-02-02 05:49:13 4184 --sha-w- c:\windows\system32\KGyGaAvL.sys 2008-09-25 16:58:23 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008092520080926\index.dat ============= FINISH: 4:43:14.29 ===============

ComboFix 10-08-18.04 - Tom Kiernan 08/19/2010 17:15:04.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.450 [GMT -4:00] Running from: c:\documents and settings\Tom Kiernan\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Tom Kiernan\Desktop\CFScript.txt AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0} . ((((((((((((((((((((((((( Files Created from 2010-07-19 to 2010-08-19 ))))))))))))))))))))))))))))))) . 2010-08-17 08:01 . 2010-06-14 14:31 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe 2010-08-14 03:03 . 2010-08-14 03:03 -------- d-----w- c:\documents and settings\Tom Kiernan\Application Data\Bitrix Security 2010-08-14 02:51 . 2010-08-14 02:52 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Bitrix Security 2010-08-14 02:51 . 2010-08-14 02:51 47616 ----a-w- c:\documents and settings\NetworkService\Application Data\Bitrix Security\lyenrei96.dll 2010-08-13 04:46 . 2010-08-13 09:11 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\hpjqfjbxp 2010-08-13 01:52 . 2010-08-13 04:25 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\gyqsfgjvv 2010-08-12 05:23 . 2010-08-12 05:23 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\hulqbnydh 2010-08-11 09:04 . 2010-08-12 04:52 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\xmyvsgcxx 2010-08-10 05:35 . 2010-08-10 05:35 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll 2010-08-10 05:35 . 2010-08-10 05:35 49152 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll 2010-08-10 05:35 . 2010-08-10 05:35 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll 2010-08-10 05:35 . 2010-08-10 05:35 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll 2010-08-10 05:35 . 2010-08-10 05:35 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll 2010-08-10 05:35 . 2010-08-10 05:35 40960 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll 2010-08-10 05:35 . 2010-08-10 05:35 308808 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll 2010-08-10 05:35 . 2010-08-10 05:35 14848 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll 2010-08-10 05:35 . 2010-08-10 05:35 341600 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll 2010-08-10 05:34 . 2010-08-10 05:34 -------- d-----w- c:\program files\Common Files\xing shared 2010-08-07 09:15 . 2010-08-07 09:15 -------- d-----w- c:\windows\system32\wbem\Repository 2010-08-06 17:14 . 2010-08-07 00:43 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\fsbfnkois 2010-07-30 19:40 . 2010-08-07 09:00 -------- d--h--w- c:\documents and settings\Tom Kiernan\Recent(2) . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-19 21:05 . 2010-01-14 23:07 -------- d-----w- c:\documents and settings\Tom Kiernan\Application Data\HPAppData 2010-08-17 04:31 . 2009-03-20 10:21 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-08-10 05:35 . 2005-12-19 15:26 -------- d-----w- c:\program files\Common Files\Real 2010-08-10 05:34 . 2005-12-19 15:26 -------- d-----w- c:\program files\Real 2010-08-10 05:34 . 2008-06-03 05:36 348160 ----a-w- c:\windows\system32\msvcr71.dll 2010-08-08 09:17 . 2007-12-27 09:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-08-07 09:14 . 2010-07-02 22:08 -------- d-----w- c:\program files\Microsoft Silverlight 2010-08-07 09:14 . 2010-07-02 22:51 -------- d-----w- c:\program files\AOL 9.5 2010-08-07 09:14 . 2010-06-26 23:18 -------- d-----w- c:\program files\Common Files\aolshare 2010-08-07 09:13 . 2005-12-19 15:25 -------- d-----w- c:\program files\Common Files\AOL 2010-08-07 09:13 . 2010-07-02 22:54 -------- d-----w- c:\program files\Common Files\aolback 2010-08-07 09:13 . 2010-07-02 23:11 -------- d-----w- c:\program files\AOL 9.5a 2010-07-30 01:22 . 2008-03-31 06:43 -------- d-----w- c:\program files\Google 2010-07-02 23:11 . 2005-12-19 15:25 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL 2010-06-30 12:31 . 2005-08-16 10:18 149504 ----a-w- c:\windows\system32\schannel.dll 2010-06-30 04:15 . 2010-06-30 04:15 -------- d-----w- c:\documents and settings\All Users\Application Data\WD_SmartWareCommon 2010-06-30 04:07 . 2010-06-30 04:07 -------- d-----w- c:\documents and settings\Tom Kiernan\Application Data\Western Digital 2010-06-30 04:07 . 2010-06-30 04:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Western Digital 2010-06-30 04:06 . 2010-06-30 04:06 -------- d-----w- c:\program files\Western Digital 2010-06-28 18:18 . 2010-02-18 21:42 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS 2010-06-28 08:54 . 2010-06-28 08:54 -------- d-----w- c:\program files\SystemRequirementsLab 2010-06-28 07:48 . 2005-12-19 15:03 19456 ----a-w- c:\windows\system32\IntelNic.dll 2010-06-26 23:18 . 2010-06-26 23:18 -------- d-----w- c:\program files\AOL 9.1 2010-06-26 23:18 . 2010-06-26 23:18 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL OCP 2010-06-26 23:17 . 2010-06-18 23:42 -------- d-----w- c:\program files\AOL 9.0 2010-06-26 23:17 . 2010-06-18 23:42 -------- d-----w- c:\program files\Common Files\aolshare(2) 2010-06-26 23:17 . 2006-01-13 00:24 -------- d-----w- c:\documents and settings\Tom Kiernan\Application Data\AOL 2010-06-24 12:15 . 2005-08-16 10:18 832512 ----a-w- c:\windows\system32\wininet.dll 2010-06-24 12:15 . 2005-08-16 10:18 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-06-24 12:15 . 2005-08-16 10:18 17408 ----a-w- c:\windows\system32\corpol.dll 2010-06-23 13:44 . 2005-08-16 10:18 1851904 ----a-w- c:\windows\system32\win32k.sys 2010-06-23 00:26 . 2008-08-14 07:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Gtek 2010-06-21 15:27 . 2005-12-19 15:02 354304 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-20 22:59 . 2006-04-17 05:23 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL Downloads 2010-06-17 14:03 . 2005-08-16 10:18 80384 ----a-w- c:\windows\system32\iccvid.dll 2010-06-14 14:31 . 2005-08-16 10:40 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe 2010-06-14 07:41 . 2005-08-16 10:18 1172480 ----a-w- c:\windows\system32\msxml3.dll 2010-06-08 09:30 . 2010-06-08 09:30 503808 ----a-w- c:\documents and settings\Tom Kiernan\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-254e96c4-n\msvcp71.dll 2010-06-08 09:30 . 2010-06-08 09:30 499712 ----a-w- c:\documents and settings\Tom Kiernan\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-254e96c4-n\jmc.dll 2010-06-08 09:30 . 2010-06-08 09:30 348160 ----a-w- c:\documents and settings\Tom Kiernan\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-254e96c4-n\msvcr71.dll 2010-06-08 09:30 . 2010-06-08 09:30 61440 ----a-w- c:\documents and settings\Tom Kiernan\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-3a7cd31d-n\decora-sse.dll 2010-06-08 09:30 . 2010-06-08 09:30 12800 ----a-w- c:\documents and settings\Tom Kiernan\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-3a7cd31d-n\decora-d3d.dll 2009-02-02 05:49 . 2006-01-03 06:29 104 --sh--r- c:\windows\system32\41C1A329B6.sys 2009-02-02 05:49 . 2006-01-03 06:29 4184 --sha-w- c:\windows\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((( SnapShot@2010-08-17_07.37.17 ))))))))))))))))))))))))))))))))))))))))) . + 2010-08-19 05:33 . 2010-08-19 05:33 16384 c:\windows\Temp\Perflib_Perfdata_820.dat - 2007-12-06 09:44 . 2009-05-26 09:01 17272 c:\windows\system32\spmsg.dll + 2007-12-06 09:44 . 2009-05-26 11:40 17272 c:\windows\system32\spmsg.dll + 2010-03-31 04:16 . 2010-03-31 04:16 99176 c:\windows\system32\PresentationHostProxy.dll - 2005-08-16 10:18 . 2010-03-11 12:38 44544 c:\windows\system32\pngfilt.dll + 2005-08-16 10:18 . 2010-06-24 12:15 44544 c:\windows\system32\pngfilt.dll + 2005-08-16 10:18 . 2010-08-17 08:38 71732 c:\windows\system32\perfc009.dat - 2005-08-16 10:18 . 2010-03-15 05:05 71732 c:\windows\system32\perfc009.dat + 2009-11-07 05:07 . 2009-11-07 05:07 49488 c:\windows\system32\netfxperf.dll + 2009-11-06 02:17 . 2009-11-06 02:17 11600 c:\windows\system32\mui\0409\mscorees.dll - 2007-08-13 23:54 . 2010-03-11 12:38 52224 c:\windows\system32\msfeedsbs.dll + 2007-08-13 23:54 . 2010-06-24 12:15 52224 c:\windows\system32\msfeedsbs.dll - 2005-08-16 10:18 . 2010-03-11 12:38 27648 c:\windows\system32\jsproxy.dll + 2005-08-16 10:18 . 2010-06-24 12:15 27648 c:\windows\system32\jsproxy.dll + 2007-08-13 23:39 . 2010-06-23 12:06 13824 c:\windows\system32\ieudinit.exe - 2007-08-13 23:39 . 2010-03-10 13:18 13824 c:\windows\system32\ieudinit.exe + 2005-08-16 10:18 . 2010-06-24 12:15 44544 c:\windows\system32\iernonce.dll - 2005-08-16 10:18 . 2010-03-11 12:38 44544 c:\windows\system32\iernonce.dll + 2005-08-16 10:18 . 2010-06-23 12:06 70656 c:\windows\system32\ie4uinit.exe - 2005-08-16 10:18 . 2010-03-10 13:18 70656 c:\windows\system32\ie4uinit.exe - 2007-08-13 23:36 . 2010-03-11 12:38 63488 c:\windows\system32\icardie.dll + 2007-08-13 23:36 . 2010-06-24 12:15 63488 c:\windows\system32\icardie.dll - 2006-05-10 05:25 . 2010-03-11 12:38 44544 c:\windows\system32\dllcache\pngfilt.dll + 2006-05-10 05:25 . 2010-06-24 12:15 44544 c:\windows\system32\dllcache\pngfilt.dll - 2007-08-20 10:04 . 2010-03-11 12:38 52224 c:\windows\system32\dllcache\msfeedsbs.dll + 2007-08-20 10:04 . 2010-06-24 12:15 52224 c:\windows\system32\dllcache\msfeedsbs.dll - 2006-05-10 05:25 . 2010-03-11 12:38 27648 c:\windows\system32\dllcache\jsproxy.dll + 2006-05-10 05:25 . 2010-06-24 12:15 27648 c:\windows\system32\dllcache\jsproxy.dll + 2007-08-17 10:20 . 2010-06-23 12:06 13824 c:\windows\system32\dllcache\ieudinit.exe - 2007-08-17 10:20 . 2010-03-10 13:18 13824 c:\windows\system32\dllcache\ieudinit.exe - 2007-08-13 23:39 . 2010-03-11 12:38 44544 c:\windows\system32\dllcache\iernonce.dll + 2007-08-13 23:39 . 2010-06-24 12:15 44544 c:\windows\system32\dllcache\iernonce.dll + 2009-02-20 18:09 . 2010-06-24 12:15 78336 c:\windows\system32\dllcache\ieencode.dll - 2009-02-20 18:09 . 2010-03-11 12:38 78336 c:\windows\system32\dllcache\ieencode.dll - 2007-08-13 23:39 . 2010-03-10 13:18 70656 c:\windows\system32\dllcache\ie4uinit.exe + 2007-08-13 23:39 . 2010-06-23 12:06 70656 c:\windows\system32\dllcache\ie4uinit.exe - 2007-08-20 10:04 . 2010-03-11 12:38 63488 c:\windows\system32\dllcache\icardie.dll + 2007-08-20 10:04 . 2010-06-24 12:15 63488 c:\windows\system32\dllcache\icardie.dll + 2009-06-29 16:12 . 2010-06-24 12:15 17408 c:\windows\system32\dllcache\corpol.dll - 2009-06-29 16:12 . 2010-03-11 12:38 17408 c:\windows\system32\dllcache\corpol.dll + 2010-03-05 14:37 . 2010-03-05 14:37 65536 c:\windows\system32\dllcache\asycfilt.dll + 2005-08-16 10:18 . 2010-03-05 14:37 65536 c:\windows\system32\asycfilt.dll - 2008-07-30 00:16 . 2008-07-30 00:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll + 2010-04-08 03:48 . 2010-04-08 03:48 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll + 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll + 2010-03-23 09:31 . 2010-03-23 09:31 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe + 2010-04-01 15:42 . 2010-04-01 15:42 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll - 2008-05-28 04:49 . 2008-05-28 04:49 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll + 2010-03-31 18:51 . 2010-03-31 18:51 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll - 2008-05-28 04:49 . 2008-05-28 04:49 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll + 2010-03-31 18:51 . 2010-03-31 18:51 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll + 2010-03-31 18:51 . 2010-03-31 18:51 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll - 2008-05-28 04:49 . 2008-05-28 04:49 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll + 2010-03-31 19:32 . 2010-03-31 19:32 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe - 2008-05-28 05:30 . 2008-05-28 05:30 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe - 2003-02-21 01:19 . 2003-02-21 01:19 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll + 2010-03-31 19:32 . 2010-03-31 19:32 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll + 2005-08-16 10:38 . 2010-02-09 22:22 81920 c:\windows\Microsoft.NET\Framework\v1.0.3705\System.Security.dll + 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\SharedReg12.dll + 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll + 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll + 2009-11-07 05:07 . 2009-11-07 05:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp10.dll + 2009-11-07 05:07 . 2009-11-07 05:07 13664 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll + 2009-11-07 05:07 . 2009-11-07 05:07 13688 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll + 2009-11-07 05:07 . 2009-11-07 05:07 13664 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll + 2009-11-07 05:07 . 2009-11-07 05:07 13696 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll + 2009-11-07 05:07 . 2009-11-07 05:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll + 2009-11-07 05:07 . 2009-11-07 05:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll + 2009-11-07 05:07 . 2009-11-07 05:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll + 2009-11-07 05:07 . 2009-11-07 05:07 13672 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll + 2009-11-07 05:07 . 2009-11-07 05:07 13664 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll + 2009-11-07 05:07 . 2009-11-07 05:07 86864 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe + 2010-08-17 08:44 . 2010-03-11 12:38 44544 c:\windows\ie7updates\KB2183461-IE7\pngfilt.dll + 2010-08-17 08:44 . 2010-03-11 12:38 52224 c:\windows\ie7updates\KB2183461-IE7\msfeedsbs.dll + 2010-08-17 08:44 . 2010-03-11 12:38 27648 c:\windows\ie7updates\KB2183461-IE7\jsproxy.dll + 2010-08-17 08:44 . 2010-03-10 13:18 13824 c:\windows\ie7updates\KB2183461-IE7\ieudinit.exe + 2010-08-17 08:44 . 2010-03-11 12:38 44544 c:\windows\ie7updates\KB2183461-IE7\iernonce.dll + 2010-08-17 08:44 . 2010-03-11 12:38 78336 c:\windows\ie7updates\KB2183461-IE7\ieencode.dll + 2010-08-17 08:44 . 2010-03-10 13:18 70656 c:\windows\ie7updates\KB2183461-IE7\ie4uinit.exe + 2010-08-17 08:44 . 2010-03-11 12:38 63488 c:\windows\ie7updates\KB2183461-IE7\icardie.dll + 2010-08-17 08:44 . 2010-03-11 12:38 17408 c:\windows\ie7updates\KB2183461-IE7\corpol.dll + 2010-08-17 08:20 . 2010-08-17 08:20 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_fe1c846e\System.Drawing.Design.dll + 2010-08-17 08:20 . 2010-08-17 08:20 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_ea88ae99\CustomMarshalers.dll + 2010-08-17 08:45 . 2010-08-17 08:45 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5ec9dec678303ebff0ef018edb5ec595\UIAutomationProvider.ni.dll + 2010-08-18 05:50 . 2010-08-18 05:50 21504 c:\windows\assembly\NativeImages_v2.0.50727_32\TVM\707f217a3da4d4d6dc624b23041984cb\TVM.ni.dll + 2010-08-18 05:53 . 2010-08-18 05:53 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\46ef15b88ef577de4882c519329fc5d2\System.Windows.Presentation.ni.dll + 2010-08-18 05:53 . 2010-08-18 05:53 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\aada360296a42e0413579a19c771ec2d\System.Web.DynamicData.Design.ni.dll + 2010-08-18 05:51 . 2010-08-18 05:51 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2b5ff2c6358c483eb1439b99badb54fd\System.ComponentModel.DataAnnotations.ni.dll + 2010-08-18 05:51 . 2010-08-18 05:51 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\6125ff5a4fcd93d70a246cbff3005d42\System.AddIn.Contract.ni.dll + 2010-08-17 08:41 . 2010-08-17 08:41 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\de26af01222270c121788161496fcfe7\PresentationFontCache.ni.exe + 2010-08-17 08:40 . 2010-08-17 08:40 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3c5adeedb70e6e052a6556c6ab9b6918\PresentationCFFRasterizer.ni.dll + 2010-08-18 05:50 . 2010-08-18 05:50 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\5e5176efbfeb803b7f217525beec6844\Microsoft.Vsa.ni.dll + 2010-08-18 05:49 . 2010-08-18 05:49 15872 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\272d51526813ea113970b8e890c92ee2\Microsoft.VisualC.ni.dll + 2010-08-18 05:50 . 2010-08-18 05:50 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e1d4e0b1f112000ab33bbaf88bd9ed99\Microsoft.Build.Framework.ni.dll + 2010-08-18 05:51 . 2010-08-18 05:51 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4200cf5b7f247ec1b997808c6d1ba7d1\Microsoft.Build.Framework.ni.dll + 2010-08-18 05:50 . 2010-08-18 05:50 68608 c:\windows\assembly\NativeImages_v2.0.50727_32\Intuit.Ctg.Wte.Inte#\0067575281ff2d7bd24256ba20e5f362\Intuit.Ctg.Wte.InterviewControlLibrary.ni.dll + 2010-08-18 05:50 . 2010-08-18 05:50 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\50b7fc7f36c76313cbb434b10923e4e9\dfsvc.ni.exe + 2010-08-18 05:48 . 2010-08-18 05:48 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\5ffa548547613dbc5a92f2c5b7cad196\Accessibility.ni.dll - 2009-10-14 06:24 . 2009-10-14 06:24 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2010-08-17 08:37 . 2010-08-17 08:37 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll + 2010-08-17 08:16 . 2010-08-17 08:16 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll - 2009-01-28 11:22 . 2009-01-28 11:22 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll + 2010-08-17 08:37 . 2010-08-17 08:37 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll - 2009-10-14 06:24 . 2009-10-14 06:24 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll - 2009-10-14 06:24 . 2009-10-14 06:24 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2010-08-17 08:38 . 2010-08-17 08:38 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll + 2010-08-17 08:37 . 2010-08-17 08:37 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll - 2009-10-14 06:24 . 2009-10-14 06:24 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll + 2010-08-17 08:37 . 2010-08-17 08:37 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll - 2009-10-14 06:24 . 2009-10-14 06:24 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll - 2009-10-14 06:24 . 2009-10-14 06:24 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll + 2010-08-17 08:37 . 2010-08-17 08:37 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll - 2009-10-14 06:24 . 2009-10-14 06:24 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2010-08-17 08:37 . 2010-08-17 08:37 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll + 2010-08-17 08:37 . 2010-08-17 08:37 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll - 2009-10-14 06:24 . 2009-10-14 06:24 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll + 2010-08-17 08:37 . 2010-08-17 08:37 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll - 2009-10-14 06:24 . 2009-10-14 06:24 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll - 2009-10-14 06:24 . 2009-10-14 06:24 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll + 2010-08-17 08:37 . 2010-08-17 08:37 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll - 2009-10-14 06:24 . 2009-10-14 06:24 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll + 2010-08-17 08:37 . 2010-08-17 08:37 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll - 2009-10-14 06:24 . 2009-10-14 06:24 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2010-08-17 08:37 . 2010-08-17 08:37 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll + 2010-08-17 08:37 . 2010-08-17 08:37 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - 2009-10-14 06:24 . 2009-10-14 06:24 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll + 2010-08-17 08:20 . 2010-08-17 08:20 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll + 2010-08-17 08:18 . 2010-08-17 08:18 81920 c:\windows\assembly\GAC\System.Security\1.0.3300.0__b03f5f7f11d50a3a\System.Security.dll + 2010-08-17 08:37 . 2010-08-17 08:37 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll - 2009-10-14 06:24 . 2009-10-14 06:24 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll - 2009-10-14 06:24 . 2009-10-14 06:24 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll + 2010-08-17 08:37 . 2010-08-17 08:37 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll - 2009-10-14 06:24 . 2009-10-14 06:24 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll + 2010-08-17 08:38 . 2010-08-17 08:38 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll - 2009-10-14 06:24 . 2009-10-14 06:24 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2010-08-17 08:37 . 2010-08-17 08:37 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll + 2010-08-17 08:37 . 2010-08-17 08:37 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll - 2009-10-14 06:24 . 2009-10-14 06:24 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll - 2009-10-14 06:24 . 2009-10-14 06:24 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2010-08-17 08:37 . 2010-08-17 08:37 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll + 2010-08-17 08:37 . 2010-08-17 08:37 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll - 2009-10-14 06:24 . 2009-10-14 06:24 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll - 2005-08-16 10:18 . 2010-03-11 12:38 233472 c:\windows\system32\webcheck.dll + 2005-08-16 10:18 . 2010-06-24 12:15 233472 c:\windows\system32\webcheck.dll + 2005-08-16 10:18 . 2010-06-24 12:15 105984 c:\windows\system32\url.dll - 2005-08-16 10:18 . 2010-03-11 12:38 105984 c:\windows\system32\url.dll + 2010-03-31 04:10 . 2010-03-31 04:10 295264 c:\windows\system32\PresentationHost.exe - 2005-08-16 10:18 . 2010-03-15 05:05 442466 c:\windows\system32\perfh009.dat + 2005-08-16 10:18 . 2010-08-17 08:38 442466 c:\windows\system32\perfh009.dat + 2005-08-16 10:18 . 2010-06-24 12:15 102912 c:\windows\system32\occache.dll - 2005-08-16 10:18 . 2010-03-11 12:38 102912 c:\windows\system32\occache.dll + 2005-08-16 10:18 . 2010-06-24 12:15 671232 c:\windows\system32\mstime.dll - 2005-08-16 10:18 . 2010-03-11 12:38 671232 c:\windows\system32\mstime.dll + 2005-08-16 10:18 . 2010-06-24 12:15 193024 c:\windows\system32\msrating.dll - 2005-08-16 10:18 . 2010-03-11 12:38 193024 c:\windows\system32\msrating.dll + 2005-08-16 10:18 . 2010-06-24 12:15 477696 c:\windows\system32\mshtmled.dll - 2005-08-16 10:18 . 2010-03-11 12:38 477696 c:\windows\system32\mshtmled.dll - 2007-08-13 23:54 . 2010-03-11 12:38 459264 c:\windows\system32\msfeeds.dll + 2007-08-13 23:54 . 2010-06-24 12:15 459264 c:\windows\system32\msfeeds.dll + 2009-11-07 05:07 . 2009-11-07 05:07 297808 c:\windows\system32\mscoree.dll - 2007-08-13 23:34 . 2010-03-11 12:38 268288 c:\windows\system32\iertutil.dll + 2007-08-13 23:34 . 2010-06-24 12:15 268288 c:\windows\system32\iertutil.dll + 2005-08-16 10:18 . 2010-06-24 12:15 192512 c:\windows\system32\iepeers.dll - 2005-08-16 10:18 . 2010-03-11 12:38 192512 c:\windows\system32\iepeers.dll - 2005-08-16 10:18 . 2010-03-11 12:38 385024 c:\windows\system32\iedkcs32.dll + 2005-08-16 10:18 . 2010-06-24 12:15 385024 c:\windows\system32\iedkcs32.dll - 2007-07-11 17:27 . 2010-03-11 12:38 380928 c:\windows\system32\ieapfltr.dll + 2007-07-11 17:27 . 2010-06-24 12:15 380928 c:\windows\system32\ieapfltr.dll - 2005-08-16 10:18 . 2010-02-23 05:18 161792 c:\windows\system32\ieakui.dll + 2005-08-16 10:18 . 2010-06-17 15:11 161792 c:\windows\system32\ieakui.dll + 2005-08-16 10:18 . 2010-06-24 12:15 230400 c:\windows\system32\ieaksie.dll - 2005-08-16 10:18 . 2010-03-11 12:38 230400 c:\windows\system32\ieaksie.dll + 2005-08-16 10:18 . 2010-06-24 12:15 153088 c:\windows\system32\ieakeng.dll - 2005-08-16 10:18 . 2010-03-11 12:38 153088 c:\windows\system32\ieakeng.dll - 2005-08-16 10:27 . 2010-01-04 06:24 106216 c:\windows\system32\FNTCACHE.DAT + 2005-08-16 10:27 . 2010-08-17 09:01 106216 c:\windows\system32\FNTCACHE.DAT - 2005-08-16 10:18 . 2010-03-11 12:38 133120 c:\windows\system32\extmgr.dll + 2005-08-16 10:18 . 2010-06-24 12:15 133120 c:\windows\system32\extmgr.dll - 2005-08-16 10:18 . 2010-03-11 12:38 214528 c:\windows\system32\dxtrans.dll + 2005-08-16 10:18 . 2010-06-24 12:15 214528 c:\windows\system32\dxtrans.dll + 2005-08-16 10:18 . 2010-06-24 12:15 347136 c:\windows\system32\dxtmsft.dll - 2005-08-16 10:18 . 2010-03-11 12:38 347136 c:\windows\system32\dxtmsft.dll + 2006-05-10 05:25 . 2010-06-24 12:15 832512 c:\windows\system32\dllcache\wininet.dll - 2006-05-10 05:25 . 2010-03-11 12:38 832512 c:\windows\system32\dllcache\wininet.dll + 2007-08-13 23:54 . 2010-06-24 12:15 233472 c:\windows\system32\dllcache\webcheck.dll - 2007-08-13 23:54 . 2010-03-11 12:38 233472 c:\windows\system32\dllcache\webcheck.dll - 2007-08-13 23:44 . 2010-03-11 12:38 105984 c:\windows\system32\dllcache\url.dll + 2007-08-13 23:44 . 2010-06-24 12:15 105984 c:\windows\system32\dllcache\url.dll + 2008-10-16 09:10 . 2010-06-21 15:27 354304 c:\windows\system32\dllcache\srv.sys + 2008-12-05 06:54 . 2010-06-30 12:31 149504 c:\windows\system32\dllcache\schannel.dll + 2007-08-13 23:44 . 2010-06-24 12:15 102912 c:\windows\system32\dllcache\occache.dll - 2007-08-13 23:44 . 2010-03-11 12:38 102912 c:\windows\system32\dllcache\occache.dll + 2006-05-10 05:25 . 2010-06-24 12:15 671232 c:\windows\system32\dllcache\mstime.dll - 2006-05-10 05:25 . 2010-03-11 12:38 671232 c:\windows\system32\dllcache\mstime.dll - 2006-05-10 05:25 . 2010-03-11 12:38 193024 c:\windows\system32\dllcache\msrating.dll + 2006-05-10 05:25 . 2010-06-24 12:15 193024 c:\windows\system32\dllcache\msrating.dll - 2006-05-10 05:25 . 2010-03-11 12:38 477696 c:\windows\system32\dllcache\mshtmled.dll + 2006-05-10 05:25 . 2010-06-24 12:15 477696 c:\windows\system32\dllcache\mshtmled.dll - 2007-08-20 10:04 . 2010-03-11 12:38 459264 c:\windows\system32\dllcache\msfeeds.dll + 2007-08-20 10:04 . 2010-06-24 12:15 459264 c:\windows\system32\dllcache\msfeeds.dll + 2007-08-13 23:43 . 2010-06-17 15:12 634656 c:\windows\system32\dllcache\iexplore.exe - 2007-08-20 10:04 . 2010-03-11 12:38 268288 c:\windows\system32\dllcache\iertutil.dll + 2007-08-20 10:04 . 2010-06-24 12:15 268288 c:\windows\system32\dllcache\iertutil.dll + 2006-05-10 05:25 . 2010-06-24 12:15 192512 c:\windows\system32\dllcache\iepeers.dll - 2006-05-10 05:25 . 2010-03-11 12:38 192512 c:\windows\system32\dllcache\iepeers.dll - 2007-08-13 23:39 . 2010-03-11 12:38 385024 c:\windows\system32\dllcache\iedkcs32.dll + 2007-08-13 23:39 . 2010-06-24 12:15 385024 c:\windows\system32\dllcache\iedkcs32.dll + 2007-08-20 10:04 . 2010-06-24 12:15 380928 c:\windows\system32\dllcache\ieapfltr.dll - 2007-08-20 10:04 . 2010-03-11 12:38 380928 c:\windows\system32\dllcache\ieapfltr.dll - 2007-08-13 22:56 . 2010-02-23 05:18 161792 c:\windows\system32\dllcache\ieakui.dll + 2007-08-13 22:56 . 2010-06-17 15:11 161792 c:\windows\system32\dllcache\ieakui.dll - 2007-08-13 23:39 . 2010-03-11 12:38 230400 c:\windows\system32\dllcache\ieaksie.dll + 2007-08-13 23:39 . 2010-06-24 12:15 230400 c:\windows\system32\dllcache\ieaksie.dll - 2007-08-13 23:39 . 2010-03-11 12:38 153088 c:\windows\system32\dllcache\ieakeng.dll + 2007-08-13 23:39 . 2010-06-24 12:15 153088 c:\windows\system32\dllcache\ieakeng.dll - 2006-05-10 05:25 . 2010-03-11 12:38 133120 c:\windows\system32\dllcache\extmgr.dll + 2006-05-10 05:25 . 2010-06-24 12:15 133120 c:\windows\system32\dllcache\extmgr.dll + 2006-05-10 05:25 . 2010-06-24 12:15 214528 c:\windows\system32\dllcache\dxtrans.dll - 2006-05-10 05:25 . 2010-03-11 12:38 214528 c:\windows\system32\dllcache\dxtrans.dll - 2006-05-10 05:25 . 2010-03-11 12:38 347136 c:\windows\system32\dllcache\dxtmsft.dll + 2006-05-10 05:25 . 2010-06-24 12:15 347136 c:\windows\system32\dllcache\dxtmsft.dll + 2010-04-20 05:30 . 2010-04-20 05:30 285696 c:\windows\system32\dllcache\atmfd.dll + 2007-08-13 23:39 . 2010-06-24 12:15 124928 c:\windows\system32\dllcache\advpack.dll - 2007-08-13 23:39 . 2010-03-11 12:38 124928 c:\windows\system32\dllcache\advpack.dll + 2005-08-16 10:18 . 2010-04-20 05:30 285696 c:\windows\system32\atmfd.dll - 2005-08-16 10:18 . 2008-04-14 00:09 285696 c:\windows\system32\atmfd.dll + 2005-08-16 10:18 . 2010-06-24 12:15 124928 c:\windows\system32\advpack.dll - 2005-08-16 10:18 . 2010-03-11 12:38 124928 c:\windows\system32\advpack.dll + 2010-03-31 04:16 . 2010-03-31 04:16 130408 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll + 2010-04-08 03:48 . 2010-04-08 03:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll + 2010-04-08 03:48 . 2010-04-08 03:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll - 2008-07-30 00:16 . 2008-07-30 00:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll + 2010-03-23 09:31 . 2010-03-23 09:31 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll - 2008-07-25 16:17 . 2008-07-25 16:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll + 2010-02-09 16:22 . 2010-02-09 16:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll + 2010-05-11 10:40 . 2010-05-11 10:40 388936 c:\windows\Microsoft.NET\Framework\v2.0.50727\SOS.dll - 2009-08-08 03:51 . 2009-08-08 03:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll + 2010-05-11 10:40 . 2010-05-11 10:40 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll + 2010-03-31 18:51 . 2010-03-31 18:51 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll - 2008-05-28 04:49 . 2008-05-28 04:49 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll - 2008-05-28 04:48 . 2008-05-28 04:48 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll + 2010-03-31 18:49 . 2010-03-31 18:49 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll + 2010-03-31 19:32 . 2010-03-31 19:32 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll - 2008-05-28 05:30 . 2008-05-28 05:30 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll + 2010-02-25 04:14 . 2010-02-25 04:14 543232 c:\windows\Installer\340aa9.msp + 2010-08-17 08:44 . 2010-03-11 12:38 832512 c:\windows\ie7updates\KB2183461-IE7\wininet.dll + 2010-08-17 08:44 . 2010-03-11 12:38 233472 c:\windows\ie7updates\KB2183461-IE7\webcheck.dll + 2010-08-17 08:44 . 2010-03-11 12:38 105984 c:\windows\ie7updates\KB2183461-IE7\url.dll + 2010-08-17 08:44 . 2010-02-22 14:23 382840 c:\windows\ie7updates\KB2183461-IE7\spuninst\updspapi.dll + 2010-08-17 08:44 . 2010-02-22 14:23 231288 c:\windows\ie7updates\KB2183461-IE7\spuninst\spuninst.exe + 2010-08-17 08:44 . 2010-03-11 12:38 102912 c:\windows\ie7updates\KB2183461-IE7\occache.dll + 2010-08-17 08:44 . 2010-03-11 12:38 671232 c:\windows\ie7updates\KB2183461-IE7\mstime.dll + 2010-08-17 08:44 . 2010-03-11 12:38 193024 c:\windows\ie7updates\KB2183461-IE7\msrating.dll + 2010-08-17 08:44 . 2010-03-11 12:38 477696 c:\windows\ie7updates\KB2183461-IE7\mshtmled.dll + 2010-08-17 08:44 . 2010-03-11 12:38 459264 c:\windows\ie7updates\KB2183461-IE7\msfeeds.dll + 2010-08-17 08:44 . 2010-02-23 05:20 634648 c:\windows\ie7updates\KB2183461-IE7\iexplore.exe + 2010-08-17 08:44 . 2010-03-11 12:38 268288 c:\windows\ie7updates\KB2183461-IE7\iertutil.dll + 2010-08-17 08:44 . 2010-03-11 12:38 192512 c:\windows\ie7updates\KB2183461-IE7\iepeers.dll + 2010-08-17 08:44 . 2010-03-11 12:38 385024 c:\windows\ie7updates\KB2183461-IE7\iedkcs32.dll + 2010-08-17 08:44 . 2010-03-11 12:38 380928 c:\windows\ie7updates\KB2183461-IE7\ieapfltr.dll + 2010-08-17 08:44 . 2010-02-23 05:18 161792 c:\windows\ie7updates\KB2183461-IE7\ieakui.dll + 2010-08-17 08:44 . 2010-03-11 12:38 230400 c:\windows\ie7updates\KB2183461-IE7\ieaksie.dll + 2010-08-17 08:44 . 2010-03-11 12:38 153088 c:\windows\ie7updates\KB2183461-IE7\ieakeng.dll + 2010-08-17 08:44 . 2010-03-11 12:38 133120 c:\windows\ie7updates\KB2183461-IE7\extmgr.dll + 2010-08-17 08:44 . 2010-03-11 12:38 214528 c:\windows\ie7updates\KB2183461-IE7\dxtrans.dll + 2010-08-17 08:44 . 2010-03-11 12:38 347136 c:\windows\ie7updates\KB2183461-IE7\dxtmsft.dll + 2010-08-17 08:44 . 2010-03-11 12:38 124928 c:\windows\ie7updates\KB2183461-IE7\advpack.dll + 2009-10-14 06:24 . 2009-10-14 06:24 114688 c:\windows\assembly\temp\MW2IT5I42D\System.ServiceProcess.dll + 2009-10-14 06:24 . 2009-10-14 06:24 261632 c:\windows\assembly\temp\M5O3VQP4OO\System.Transactions.dll + 2009-10-14 06:24 . 2009-10-14 06:24 113664 c:\windows\assembly\temp\IYE7TNGAWP\System.EnterpriseServices.Wrapper.dll + 2009-10-14 06:24 . 2009-10-14 06:24 258048 c:\windows\assembly\temp\IYE7TNGAWP\System.EnterpriseServices.dll + 2009-10-14 06:24 . 2009-10-14 06:24 303104 c:\windows\assembly\temp\67C18LSSED\System.Runtime.Remoting.dll + 2009-10-14 06:24 . 2009-10-14 06:24 425984 c:\windows\assembly\temp\3VTFLSRJ43\System.configuration.dll + 2009-10-14 06:24 . 2009-10-14 06:24 626688 c:\windows\assembly\temp\1KT0ZZLK6D\System.Drawing.dll + 2010-08-17 08:21 . 2010-08-17 08:21 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_609029b8\System.Drawing.dll + 2010-08-17 08:21 . 2010-08-17 08:21 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_9484b658\System.Drawing.Design.dll + 2010-08-17 08:21 . 2010-08-17 08:21 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_6b7154d8\CustomMarshalers.dll + 2010-08-18 05:48 . 2010-08-18 05:48 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\a16b8bcca59515281688ec856c034698\WsatConfig.ni.exe + 2010-08-17 08:45 . 2010-08-17 08:45 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\672c4d8e3c33e309c1ed90fa4cb85aba\WindowsFormsIntegration.ni.dll + 2010-08-17 08:45 . 2010-08-17 08:45 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\cd91a32f4e36ccb2981c72c0d333e928\UIAutomationTypes.ni.dll + 2010-08-17 08:45 . 2010-08-17 08:45 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\9df760fdf8071c7b0de78f39de365e6a\UIAutomationClient.ni.dll + 2010-08-18 05:54 . 2010-08-18 05:54 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\ff53d5b5249a2841ee196294429f51cf\System.Xml.Linq.ni.dll + 2010-08-18 05:53 . 2010-08-18 05:53 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\5e16c279496a553c988c6199f0cee8aa\System.Web.Routing.ni.dll + 2010-08-18 05:49 . 2010-08-18 05:49 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\d0ae809162b55e2fa958739177476af8\System.Web.RegularExpressions.ni.dll + 2010-08-18 05:53 . 2010-08-18 05:53 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\720b28d81e987b889180b291ea19b821\System.Web.Extensions.Design.ni.dll + 2010-08-18 05:53 . 2010-08-18 05:53 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\da36fd678161cd3444ef547c894e3f35\System.Web.Entity.ni.dll + 2010-08-18 05:53 . 2010-08-18 05:53 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\49ae7c73fac8827123d5db1714c22599\System.Web.Entity.Design.ni.dll + 2010-08-18 05:53 . 2010-08-18 05:53 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\ce3aa27d3c4c052845ac5abb1374defa\System.Web.DynamicData.ni.dll + 2010-08-18 05:53 . 2010-08-18 05:53 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\95fab896ef2af14876e3e1524379773b\System.Web.Abstractions.ni.dll + 2010-08-18 05:49 . 2010-08-18 05:49 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\26d5bf1f7e700c2c19aa9b1da5519b24\System.Transactions.ni.dll + 2010-08-18 05:49 . 2010-08-18 05:49 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b000cc703c9d95593b516bf2c2ec316\System.ServiceProcess.ni.dll + 2010-08-18 05:49 . 2010-08-18 05:49 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\75e331a5d731d8e207be07adc06dec23\System.Security.ni.dll + 2010-08-18 05:49 . 2010-08-18 05:49 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dd7497aa089340600c8c5af8ab421ff7\System.Runtime.Serialization.Formatters.Soap.ni.dll + 2010-08-18 05:49 . 2010-08-18 05:49 771584 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\3de39eb60b9d32af46f32f6c7a88fc7f\System.Runtime.Remoting.ni.dll + 2010-08-18 05:50 . 2010-08-18 05:50 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\2a080994f308f347b0497bb8804861cf\System.Net.ni.dll + 2010-08-18 05:50 . 2010-08-18 05:50 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\bc1cf48ba7dc00f45d0e949c49ab677a\System.Management.ni.dll + 2010-08-18 05:52 . 2010-08-18 05:52 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\904fda53006680a67f917ab638be0305\System.Management.Instrumentation.ni.dll + 2010-08-18 05:47 . 2010-08-18 05:47 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\4490976887e2e5a3b594041edbdf5064\System.IO.Log.ni.dll + 2010-08-18 05:48 . 2010-08-18 05:48 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\77b9f6f6671aaaeb84c6907d467e792c\System.IdentityModel.Selectors.ni.dll + 2010-08-18 05:49 . 2010-08-18 05:49 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.Wrapper.dll + 2010-08-18 05:49 . 2010-08-18 05:49 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.ni.dll + 2010-08-17 08:44 . 2010-08-17 08:44 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\90199b4aa63b1b9c8ed0c3de16eec824\System.Drawing.Design.ni.dll + 2010-08-18 05:52 . 2010-08-18 05:52 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\849e98c9f428a12cb581320a23f69dbd\System.DirectoryServices.AccountManagement.ni.dll + 2010-08-18 05:49 . 2010-08-18 05:49 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7a823a4f61cf8c86aad02559f8fed07b\System.DirectoryServices.Protocols.ni.dll + 2010-08-18 05:52 . 2010-08-18 05:52 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ad95820d2e29e8d55c0d8a838214c6e5\System.Data.Services.Design.ni.dll + 2010-08-18 05:52 . 2010-08-18 05:52 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\617acb0d900bdde947ec79f7b5ccc183\System.Data.Services.Client.ni.dll + 2010-08-18 05:52 . 2010-08-18 05:52 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\488c4017d45e861644a34fae557aa80f\System.Data.Entity.Design.ni.dll + 2010-08-18 05:51 . 2010-08-18 05:51 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\41345e34f26854fc1878eae3e4d5d4a5\System.Data.DataSetExtensions.ni.dll + 2010-08-18 05:49 . 2010-08-18 05:49 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab688d0f9f333ba117832726bfb589c1\System.Configuration.ni.dll + 2010-08-18 05:49 . 2010-08-18 05:49 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\b48677ab9aa7a6830785f67b8478b4da\System.Configuration.Install.ni.dll + 2010-08-18 05:51 . 2010-08-18 05:51 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\93a0958d5557e2b380647af0171ad354\System.AddIn.ni.dll + 2010-08-18 05:48 . 2010-08-18 05:48 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\d0758f84e927e3f0a15a6cde1b96d835\SMSvcHost.ni.exe + 2010-08-18 05:48 . 2010-08-18 05:48 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8043a108e3bb2d3dcc84b547b8085e99\SMDiagnostics.ni.dll + 2010-08-18 05:48 . 2010-08-18 05:48 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\5aeb40ff7128df2881fb03c01d070b20\ServiceModelReg.ni.exe + 2010-08-17 08:41 . 2010-08-17 08:41 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e7e7321956e6822b1bf3691c35c842f6\PresentationFramework.Aero.ni.dll + 2010-08-17 08:42 . 2010-08-17 08:42 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a14488afff027f0f2985e659449097f5\PresentationFramework.Royale.ni.dll + 2010-08-17 08:41 . 2010-08-17 08:41 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\787e60c5dd562cb45887080095d2a3b7\PresentationFramework.Classic.ni.dll + 2010-08-17 08:42 . 2010-08-17 08:42 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2313ccc125dcb6a9800048ec1c51ec12\PresentationFramework.Luna.ni.dll + 2010-08-18 05:50 . 2010-08-18 05:50 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5db9c32d9f352162e6da220ca463db0d\MSBuild.ni.exe + 2010-08-18 05:48 . 2010-08-18 05:48 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fcf975f74bd134d8e0fa8f37c5bc6a8c\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2010-08-18 05:51 . 2010-08-18 05:51 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\d6b9038136600fbfbbbd7460dc19da19\Microsoft.Build.Utilities.ni.dll + 2010-08-18 05:51 . 2010-08-18 05:51 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\585cc7218599e7806521d0e737ba5ffb\Microsoft.Build.Utilities.v3.5.ni.dll + 2010-08-18 05:50 . 2010-08-18 05:50 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\3057ec53731286e69e389d103c32fa41\Microsoft.Build.Engine.ni.dll + 2010-08-18 05:50 . 2010-08-18 05:50 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\914e338ac6e92714f3e32ae5d89bf03b\Microsoft.Build.Conversion.v3.5.ni.dll + 2010-08-18 05:50 . 2010-08-18 05:50 696320 c:\windows\assembly\NativeImages_v2.0.50727_32\log4net\7233d6f52d441eb57e13fcbb7d304610\log4net.ni.dll + 2010-08-18 05:50 . 2010-08-18 05:50 657408 c:\windows\assembly\NativeImages_v2.0.50727_32\Intuit.Ctg.Wte.Serv#\a054856bba46bba1c345687aefba9baa\Intuit.Ctg.Wte.Service.Interface.ni.dll + 2010-08-18 05:50 . 2010-08-18 05:50 802304 c:\windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Share#\5ee62796bc70594e7a61dde99736f0e9\Infragistics2.Shared.v8.2.ni.dll + 2010-08-18 05:50 . 2010-08-18 05:50 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\12ae6f3635448471fc9f7d8bfe39c67d\CustomMarshalers.ni.dll + 2010-08-18 05:48 . 2010-08-18 05:48 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\daca3c9ad6d867d3fec70d14b4f20cf3\ComSvcConfig.ni.exe + 2010-08-18 05:48 . 2010-08-18 05:48 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\56aec0938ef1bbdeca65b07a5fe8cd39\AspNetMMCExt.ni.dll + 2010-08-17 08:37 . 2010-08-17 08:37 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll - 2009-10-14 06:24 . 2009-10-14 06:24 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll + 2010-08-17 08:37 . 2010-08-17 08:37 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll - 2009-10-14 06:24 . 2009-10-14 06:24 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll - 2009-10-14 06:24 . 2009-10-14 06:24 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll + 2010-08-17 08:37 . 2010-08-17 08:37 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - 2009-10-14 06:24 . 2009-10-14 06:24 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2010-08-17 08:37 . 2010-08-17 08:37 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll + 2010-08-17 08:16 . 2010-08-17 08:16 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll - 2009-10-14 06:24 . 2009-10-14 06:24 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2010-08-17 08:37 . 2010-08-17 08:37 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll + 2010-08-17 08:37 . 2010-08-17 08:37 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - 2009-10-14 06:24 . 2009-10-14 06:24 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll + 2010-08-17 08:37 . 2010-08-17 08:37 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll - 2009-10-14 06:24 . 2009-10-14 06:24 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll - 2009-10-14 06:24 . 2009-10-14 06:24 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2010-08-17 08:37 . 2010-08-17 08:37 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll + 2010-08-17 08:16 . 2010-08-17 08:16 438272 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll + 2010-08-17 08:37 . 2010-08-17 08:37 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - 2009-10-14 06:24 . 2009-10-14 06:24 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - 2009-10-14 06:24 . 2009-10-14 06:24 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2010-08-17 08:37 . 2010-08-17 08:37 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll + 2010-08-17 08:37 . 2010-08-17 08:37 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll - 2009-10-14 06:24 . 2009-10-14 06:24 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll + 2010-08-17 08:38 . 2010-08-17 08:38 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll - 2009-10-14 06:24 . 2009-10-14 06:24 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll - 2009-10-14 06:24 . 2009-10-14 06:24 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2010-08-17 08:38 . 2010-08-17 08:38 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll + 2010-08-17 08:38 . 2010-08-17 08:38 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - 2009-10-14 06:24 . 2009-10-14 06:24 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - 2009-10-14 06:24 . 2009-10-14 06:24 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2010-08-17 08:38 . 2010-08-17 08:38 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll + 2010-08-17 08:16 . 2010-08-17 08:16 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll - 2009-01-28 11:22 . 2009-01-28 11:22 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll - 2009-10-14 06:24 . 2009-10-14 06:24 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2010-08-17 08:37 . 2010-08-17 08:37 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll + 2010-08-17 08:37 . 2010-08-17 08:37 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2009-10-14 06:24 . 2009-10-14 06:24 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll - 2009-10-14 06:24 . 2009-10-14 06:24 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll + 2010-08-17 08:37 . 2010-08-17 08:37 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll - 2009-10-14 06:24 . 2009-10-14 06:24 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll + 2010-08-17 08:37 . 2010-08-17 08:37 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll - 2009-10-14 06:24 . 2009-10-14 06:24 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2010-08-17 08:37 . 2010-08-17 08:37 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll + 2010-08-17 08:37 . 2010-08-17 08:37 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll - 2009-10-14 06:24 . 2009-10-14 06:24 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll - 2009-10-14 06:24 . 2009-10-14 06:24 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll + 2010-08-17 08:37 . 2010-08-17 08:37 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll - 2009-10-14 06:24 . 2009-10-14 06:24 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll + 2010-08-17 08:37 . 2010-08-17 08:37 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - 2009-10-14 06:24 . 2009-10-14 06:24 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll + 2010-08-17 08:37 . 2010-08-17 08:37 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - 2009-10-14 06:24 . 2009-10-14 06:24 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2010-08-17 08:37 . 2010-08-17 08:37 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll + 2010-08-17 08:38 . 2010-08-17 08:38 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll - 2009-10-14 06:24 . 2009-10-14 06:24 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll + 2005-08-16 10:19 . 2010-04-06 08:52 2462720 c:\windows\system32\WMVCore.dll + 2005-08-16 10:18 . 2010-06-24 12:15 1168384 c:\windows\system32\urlmon.dll - 2005-08-16 10:18 . 2010-03-11 12:38 1168384 c:\windows\system32\urlmon.dll + 2005-08-16 10:18 . 2010-07-27 06:30 8462336 c:\windows\system32\shell32.dll + 2005-08-16 10:18 . 2010-02-05 18:27 1291776 c:\windows\system32\quartz.dll - 2005-08-16 10:18 . 2009-11-27 17:11 1291776 c:\windows\system32\quartz.dll + 2005-08-16 10:18 . 2010-04-27 13:59 2146304 c:\windows\system32\ntoskrnl.exe - 2005-08-16 10:18 . 2010-02-16 14:08 2146304 c:\windows\system32\ntoskrnl.exe + 2004-08-04 04:59 . 2010-04-27 13:05 2024448 c:\windows\system32\ntkrnlpa.exe - 2004-08-04 04:59 . 2010-02-16 13:25 2024448 c:\windows\system32\ntkrnlpa.exe + 2005-08-16 10:18 . 2010-06-24 12:15 3600896 c:\windows\system32\mshtml.dll + 2007-08-13 23:54 . 2010-06-24 12:15 6067200 c:\windows\system32\ieframe.dll - 2007-08-13 23:54 . 2010-03-11 12:38 6067200 c:\windows\system32\ieframe.dll + 2005-08-16 10:19 . 2010-04-06 08:52 2462720 c:\windows\system32\dllcache\WMVCore.dll + 2008-10-16 09:10 . 2010-06-23 13:44 1851904 c:\windows\system32\dllcache\win32k.sys - 2006-05-10 05:25 . 2010-03-11 12:38 1168384 c:\windows\system32\dllcache\urlmon.dll + 2006-05-10 05:25 . 2010-06-24 12:15 1168384 c:\windows\system32\dllcache\urlmon.dll + 2008-06-17 19:02 . 2010-07-27 06:30 8462336 c:\windows\system32\dllcache\shell32.dll - 2008-05-07 05:12 . 2009-11-27 17:11 1291776 c:\windows\system32\dllcache\quartz.dll + 2008-05-07 05:12 . 2010-02-05 18:27 1291776 c:\windows\system32\dllcache\quartz.dll - 2008-10-16 09:09 . 2010-02-17 13:10 2189952 c:\windows\system32\dllcache\ntoskrnl.exe + 2008-10-16 09:09 . 2010-04-28 02:25 2189952 c:\windows\system32\dllcache\ntoskrnl.exe - 2008-10-16 09:09 . 2010-02-16 13:25 2024448 c:\windows\system32\dllcache\ntkrpamp.exe + 2008-10-16 09:09 . 2010-04-27 13:05 2024448 c:\windows\system32\dllcache\ntkrpamp.exe - 2008-10-16 09:09 . 2010-02-16 13:25 2066816 c:\windows\system32\dllcache\ntkrnlpa.exe + 2008-10-16 09:09 . 2010-04-27 13:05 2066816 c:\windows\system32\dllcache\ntkrnlpa.exe + 2008-10-16 09:09 . 2010-04-27 13:59 2146304 c:\windows\system32\dllcache\ntkrnlmp.exe - 2008-10-16 09:09 . 2010-02-16 14:08 2146304 c:\windows\system32\dllcache\ntkrnlmp.exe + 2008-11-13 23:51 . 2010-06-14 07:41 1172480 c:\windows\system32\dllcache\msxml3.dll - 2008-11-13 23:51 . 2009-07-31 04:35 1172480 c:\windows\system32\dllcache\msxml3.dll + 2006-05-19 15:06 . 2010-06-24 12:15 3600896 c:\windows\system32\dllcache\mshtml.dll - 2010-03-11 10:57 . 2009-10-23 15:28 3558912 c:\windows\system32\dllcache\moviemk.exe + 2010-03-11 10:57 . 2010-06-18 13:36 3558912 c:\windows\system32\dllcache\moviemk.exe - 2007-08-20 10:04 . 2010-03-11 12:38 6067200 c:\windows\system32\dllcache\ieframe.dll + 2007-08-20 10:04 . 2010-06-24 12:15 6067200 c:\windows\system32\dllcache\ieframe.dll + 2009-11-07 05:06 . 2009-11-07 05:06 1130824 c:\windows\system32\dfshim.dll + 2010-04-08 03:48 . 2010-04-08 03:48 5967872 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll - 2008-11-25 09:59 . 2008-11-25 09:59 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll + 2010-03-23 09:32 . 2010-03-23 09:32 5242880 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll + 2010-03-23 09:32 . 2010-03-23 09:32 3182592 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.dll - 2009-08-08 03:51 . 2009-08-08 03:51 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll + 2010-05-11 10:40 . 2010-05-11 10:40 5812560 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll + 2010-05-11 10:40 . 2010-05-11 10:40 4550656 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll + 2010-04-01 15:42 . 2010-04-01 15:42 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll - 2008-05-28 05:35 . 2008-05-28 05:35 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll + 2010-04-01 15:42 . 2010-04-01 15:42 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll - 2008-05-28 05:35 . 2008-05-28 05:35 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll - 2008-05-28 04:48 . 2008-05-28 04:48 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll + 2010-03-31 18:50 . 2010-03-31 18:50 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll + 2010-03-31 18:50 . 2010-03-31 18:50 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll - 2008-05-28 04:43 . 2008-05-28 04:43 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll + 2010-04-01 15:42 . 2010-04-01 15:42 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll + 2009-11-09 04:25 . 2009-11-09 04:25 1935360 c:\windows\Installer\340ac2.msp + 2010-04-12 02:17 . 2010-04-12 02:17 2607104 c:\windows\Installer\340a7c.msp + 2010-04-12 02:17 . 2010-04-12 02:17 4210688 c:\windows\Installer\340a7b.msp + 2010-08-17 08:44 . 2010-03-11 12:38 1168384 c:\windows\ie7updates\KB2183461-IE7\urlmon.dll + 2010-08-17 08:44 . 2010-03-11 12:38 3599872 c:\windows\ie7updates\KB2183461-IE7\mshtml.dll + 2010-08-17 08:44 . 2010-03-11 12:38 6067200 c:\windows\ie7updates\KB2183461-IE7\ieframe.dll - 2008-10-16 09:09 . 2010-02-17 13:10 2189952 c:\windows\Driver Cache\i386\ntoskrnl.exe + 2008-10-16 09:09 . 2010-04-28 02:25 2189952 c:\windows\Driver Cache\i386\ntoskrnl.exe + 2008-10-16 09:09 . 2010-04-27 13:05 2024448 c:\windows\Driver Cache\i386\ntkrpamp.exe - 2008-10-16 09:09 . 2010-02-16 13:25 2024448 c:\windows\Driver Cache\i386\ntkrpamp.exe - 2008-10-16 09:09 . 2010-02-16 13:25 2066816 c:\windows\Driver Cache\i386\ntkrnlpa.exe + 2008-10-16 09:09 . 2010-04-27 13:05 2066816 c:\windows\Driver Cache\i386\ntkrnlpa.exe + 2008-10-16 09:09 . 2010-04-27 13:59 2146304 c:\windows\Driver Cache\i386\ntkrnlmp.exe - 2008-10-16 09:09 . 2010-02-16 14:08 2146304 c:\windows\Driver Cache\i386\ntkrnlmp.exe + 2009-10-14 06:24 . 2009-10-14 06:24 2933248 c:\windows\assembly\temp\URP0I1ZSQN\System.Data.dll + 2009-10-14 06:24 . 2009-10-14 06:24 3149824 c:\windows\assembly\temp\HUQ6MKNXQ8\System.dll + 2009-10-14 06:24 . 2009-10-14 06:24 2048000 c:\windows\assembly\temp\6LVTYVE4HT\System.XML.dll + 2009-10-14 06:24 . 2009-10-14 06:24 5025792 c:\windows\assembly\temp\5LZL740RNL\System.Windows.Forms.dll + 2010-08-17 08:20 . 2010-08-17 08:20 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_ad71641f\System.dll + 2010-08-17 08:21 . 2010-08-17 08:21 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_7781169e\System.dll + 2010-08-17 08:21 . 2010-08-17 08:21 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_afc54e91\System.Xml.dll + 2010-08-17 08:21 . 2010-08-17 08:21 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_65b510fe\System.Xml.dll + 2010-08-17 08:21 . 2010-08-17 08:21 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_a1c4c1a9\System.Windows.Forms.dll + 2010-08-17 08:21 . 2010-08-17 08:21 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_79d28e64\System.Windows.Forms.dll + 2010-08-17 08:22 . 2010-08-17 08:22 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_ed45c0d4\System.Drawing.dll + 2010-08-17 08:21 . 2010-08-17 08:21 1470464 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_70e6b7c1\System.Design.dll + 2010-08-17 08:21 . 2010-08-17 08:21 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_2282d845\System.Design.dll + 2010-08-17 08:21 . 2010-08-17 08:21 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_948f54d1\mscorlib.dll + 2010-08-17 08:22 . 2010-08-17 08:22 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_11c1c97e\mscorlib.dll + 2010-08-17 08:40 . 2010-08-17 08:40 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cec7ecb8eac09dd630d180ce87d23b80\WindowsBase.ni.dll + 2010-08-17 08:45 . 2010-08-17 08:45 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\b7f6e7b265f9aae807ddc4284563e550\UIAutomationClientsideProviders.ni.dll + 2010-08-18 05:49 . 2010-08-18 05:49 4170240 c:\windows\assembly\NativeImages_v2.0.50727_32\ttax\3971e1945b8e1b075b1fc4bc0c95509e\ttax.ni.dll + 2010-08-17 08:40 . 2010-08-17 08:40 7949824 c:\windows\assembly\NativeImages_v2.0.50727_32\System\08ffa4d388d5f007869aa7651c458e7c\System.ni.dll + 2010-08-17 08:45 . 2010-08-17 08:45 5450752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\a6dbe24cbfe3ab6b318ed3095cc572d8\System.Xml.ni.dll + 2010-08-18 05:54 . 2010-08-18 05:54 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\60b3c9a63b2065a6952d16256545c25d\System.WorkflowServices.ni.dll + 2010-08-18 05:54 . 2010-08-18 05:54 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\5cc2a23ce8ac371c7a97b5e542ee27ed\System.Workflow.Runtime.ni.dll + 2010-08-18 05:54 . 2010-08-18 05:54 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\c0aabf67e7ef98dc10c3e174c136731b\System.Workflow.ComponentModel.ni.dll + 2010-08-18 05:53 . 2010-08-18 05:53 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\66682c8a064608ba4ffd0463cf09aef9\System.Workflow.Activities.ni.dll + 2010-08-18 05:49 . 2010-08-18 05:49 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\2d662564b8d9c57a34c588cc2970902b\System.Web.Services.ni.dll + 2010-08-18 05:53 . 2010-08-18 05:53 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\9b455702c9b7b02c5708406f87986751\System.Web.Mobile.ni.dll + 2010-08-18 05:53 . 2010-08-18 05:53 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\49c7a1c78ed9502ba97c11e6bd993f63\System.Web.Extensions.ni.dll + 2010-08-17 08:44 . 2010-08-17 08:44 1917952 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\5eb08849d17b272ed2a393420cb0305b\System.Speech.ni.dll + 2010-08-18 05:52 . 2010-08-18 05:52 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\f5790a1b7b41e7b8d05f01b549c80f39\System.ServiceModel.Web.ni.dll + 2010-08-18 05:47 . 2010-08-18 05:47 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8061a0f5c1c2ee0549e19224352f67fa\System.Runtime.Serialization.ni.dll + 2010-08-17 08:44 . 2010-08-17 08:44 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\99767d4df92b83fdfb06012512722ec1\System.Printing.ni.dll + 2010-08-18 05:47 . 2010-08-18 05:47 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\0885f31c21b796465fde6297dba20981\System.IdentityModel.ni.dll + 2010-08-17 08:43 . 2010-08-17 08:43 1587200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dcc0244092fe52e6885b50be25ef3b31\System.Drawing.ni.dll + 2010-08-18 05:49 . 2010-08-18 05:49 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\d20b7e58607ddb1ded9b687627ae8c21\System.DirectoryServices.ni.dll + 2010-08-18 05:49 . 2010-08-18 05:49 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\daa33674d4250e38a24b70180d209ac8\System.Deployment.ni.dll + 2010-08-17 08:42 . 2010-08-17 08:42 6616576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f04ef00e652a8655a717639e8aeb7b63\System.Data.ni.dll + 2010-08-18 05:49 . 2010-08-18 05:49 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f0470c2be4e6bb1dadbeed43e4e8af5c\System.Data.SqlXml.ni.dll + 2010-08-18 05:52 . 2010-08-18 05:52 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\23cf0498f2ebe4c8ffa5cc79efca2dc5\System.Data.Services.ni.dll + 2010-08-18 05:49 . 2010-08-18 05:49 1115136 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.OracleC#\58202ed61096113d08815c0a78313b66\System.Data.OracleClient.ni.dll + 2010-08-17 08:43 . 2010-08-17 08:43 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c18c236a09e715138daec2e25be205bb\System.Data.Linq.ni.dll + 2010-08-18 05:52 . 2010-08-18 05:52 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6ce886492d9b6a34555be3f328682ec2\System.Data.Entity.ni.dll + 2010-08-17 08:42 . 2010-08-17 08:42 2295296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\faeda674832135a080bc73eda51813ff\System.Core.ni.dll + 2010-08-17 08:42 . 2010-08-17 08:42 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\3e85c3d63ce3c3f37061aa626feb2a52\ReachFramework.ni.dll + 2010-08-17 08:42 . 2010-08-17 08:42 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\bf67db30179ff6e8cb1bdbaa290d122e\PresentationUI.ni.dll + 2010-08-17 08:40 . 2010-08-17 08:40 1451008 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\835786d8a0caabae09ad440f6e3abfc6\PresentationBuildTasks.ni.dll + 2010-08-18 05:50 . 2010-08-18 05:50 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\9732a7c993055f82040642966db07ccf\Microsoft.VisualBasic.ni.dll + 2010-08-18 05:48 . 2010-08-18 05:48 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\773d7bf69a9a0c0556aa41f53e75ab05\Microsoft.Transactions.Bridge.ni.dll + 2010-08-18 05:50 . 2010-08-18 05:50 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\16ff33f07efdb9da2a18e27585c604be\Microsoft.JScript.ni.dll + 2010-08-18 05:51 . 2010-08-18 05:51 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\d0fb91b296616a1a844bf265947018ee\Microsoft.Build.Tasks.ni.dll + 2010-08-18 05:51 . 2010-08-18 05:51 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\892e993c8df1c75081113131dc429c15\Microsoft.Build.Tasks.v3.5.ni.dll + 2010-08-18 05:50 . 2010-08-18 05:50 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d0beebd2c9045158cdcd4bd5987b717b\Microsoft.Build.Engine.ni.dll + 2010-08-18 05:50 . 2010-08-18 05:50 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\Intuit.Ctg.Map\131957737f75872fc7cb1056dee843cb\Intuit.Ctg.Map.ni.dll + 2010-08-18 05:50 . 2010-08-18 05:50 2597376 c:\windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.M#\2d0d02d1ab503f8dd07b117e80af0107\Infragistics2.Win.Misc.v8.2.ni.dll + 2010-08-17 08:31 . 2010-08-17 08:31 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll + 2010-08-17 08:38 . 2010-08-17 08:38 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll - 2009-10-14 06:24 . 2009-10-14 06:24 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll + 2010-08-17 08:37 . 2010-08-17 08:37 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - 2009-10-14 06:24 . 2009-10-14 06:24 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2010-08-17 08:37 . 2010-08-17 08:37 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll + 2010-08-17 08:16 . 2010-08-17 08:16 5967872 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll - 2009-10-14 06:24 . 2009-10-14 06:24 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2010-08-17 08:37 . 2010-08-17 08:37 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll + 2010-08-17 08:31 . 2010-08-17 08:31 5279744 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll + 2010-08-17 08:37 . 2010-08-17 08:37 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll - 2009-10-14 06:24 . 2009-10-14 06:24 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll - 2009-10-14 06:24 . 2009-10-14 06:24 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll + 2010-08-17 08:38 . 2010-08-17 08:38 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - 2009-01-28 11:22 . 2009-01-28 11:22 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll + 2010-08-17 08:31 . 2010-08-17 08:31 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll + 2010-08-17 08:37 . 2010-08-17 08:37 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll - 2009-10-14 06:21 . 2009-10-14 06:21 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll + 2010-08-17 08:20 . 2010-08-17 08:20 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll + 2010-08-17 08:20 . 2010-08-17 08:20 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll - 2009-10-14 06:21 . 2009-10-14 06:21 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll + 2005-12-31 03:18 . 2010-08-03 15:09 35962312 c:\windows\system32\MRT.exe + 2010-04-02 23:29 . 2010-04-02 23:29 11413504 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp + 2010-05-19 17:08 . 2010-05-19 17:08 11408896 c:\windows\Installer\340ad8.msp + 2010-03-31 05:23 . 2010-03-31 05:23 15638528 c:\windows\Installer\340ace.msp + 2010-04-02 16:30 . 2010-04-02 16:30 17456640 c:\windows\Installer\340aa3.msp + 2010-04-12 02:17 . 2010-04-12 02:17 14599680 c:\windows\Installer\340a8a.msp + 2010-08-17 08:44 . 2010-08-17 08:44 12430848 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\439c466b60614915587c5273eaf0ca7f\System.Windows.Forms.ni.dll + 2010-08-18 05:49 . 2010-08-18 05:49 11798016 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\411a627d6f5cb83509332253406988e5\System.Web.ni.dll + 2010-08-18 05:48 . 2010-08-18 05:48 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\f523a69e7c93ee4f245c996eac4b3a57\System.ServiceModel.ni.dll + 2010-08-17 08:43 . 2010-08-17 08:43 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\b307acf63075b997d02a97a7492d0d9c\System.Design.ni.dll + 2010-08-17 08:41 . 2010-08-17 08:41 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a632f3ef85ffd35341b383eed577cb93\PresentationFramework.ni.dll + 2010-08-17 08:40 . 2010-08-17 08:40 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f00db8db51f5707c7fe52c0683dc6136\PresentationCore.ni.dll + 2010-08-17 08:39 . 2010-08-17 08:39 11490816 c:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7bffd7ff2009f421fe5d229927588496\mscorlib.ni.dll + 2010-08-18 05:50 . 2010-08-18 05:50 10334208 c:\windows\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.v#\b28590ae33df1896ab13e8ceb5fb018b\Infragistics2.Win.v8.2.ni.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-07-20 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-07-20 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-07-20 114688] "DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-06-10 249856] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920] "AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2006-10-23 71216] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152] "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-01-23 141608] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-08-10 202256] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2005-12-19 24576] WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-1-21 2057536] WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2010-1-21 9136960] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"= "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"= "c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"= "c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"= "c:\\Program Files\\Common Files\\AOL\\1206437017\\EE\\AOLServiceHost.exe"= "c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"= "c:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"= "c:\\Program Files\\AOL 9.1\\waol.exe"= "c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"= "c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"= "c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"= R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2/6/2009 11:56 AM 106208] R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2/6/2009 11:57 AM 727720] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/31/2009 8:21 PM 304464] R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [1/21/2010 4:24 PM 110592] R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [6/16/2009 8:58 AM 20480] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/31/2009 8:21 PM 20952] S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [12/18/2009 10:58 AM 11336] S3 TMPassthruMP;TMPassthruMP;c:\windows\system32\DRIVERS\TMPassthru.sys --> c:\windows\system32\DRIVERS\TMPassthru.sys [?] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [6/30/2010 12:07 AM 11520] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{511C90F4-EF8B-42A0-B7EC-CF5D1B129D5E}] 2010-08-14 02:51 47616 ----a-w- c:\documents and settings\NetworkService\Application Data\Bitrix Security\lyenrei96.dll . Contents of the 'Scheduled Tasks' folder 2010-08-18 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 16:34] 2010-08-19 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3428795369-2916434407-691850253-1005.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 07:02] 2010-08-19 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3428795369-2916434407-691850253-1005.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 07:02] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.dell4me.com/myway uInternet Connection Wizard,ShellNext = iexplore IE: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-US\local\search.html Trusted Zone: aebn.net\template Trusted Zone: aebn.net\www Trusted Zone: intuit.com Trusted Zone: intuit.com\ttlc Trusted Zone: turbotax.com TCP: {3B584FFA-318C-46B9-8848-4E1C7B31A061} = 68.237.161.12 71.250.0.12 FF - ProfilePath - c:\documents and settings\Tom Kiernan\Application Data\Mozilla\Firefox\Profiles\sxn7evim.default\ FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official FF - prefs.js: keyword.URL - hxxp://www.google.com/firefox FF - component: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- FF - user.js: protocol-handler.warn-external.dnUpdate - falsec:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pr ef", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-08-19 17:22 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-3428795369-2916434407-691850253-1005\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(3896) c:\windows\system32\WININET.dll c:\windows\system32\ieframe.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Completion time: 2010-08-19 17:26:47 ComboFix-quarantined-files.txt 2010-08-19 21:26 ComboFix2.txt 2010-08-17 07:45 Pre-Run: 45,219,033,088 bytes free Post-Run: 45,390,880,768 bytes free - - End Of File - - 7906B2B65D2ED9B49ACCE1A3E60F379B I followed the instructions and the above was the result. How'd I do?

Wow! This was worse than I ever thought. I think the smart thing to do is wipe the whole thing clean and start over. That seems like a monumental job right now so I'll clean the system using the instructions you provided. I got home late from work tonight so I'll hold off until tomorrow evening. I'd like to make a donation but I'm not sure I should do so online until this mess is cleaned up. Any suggestions in that area?

ComboFix 10-08-16.03 - Tom Kiernan 08/17/2010 3:22.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.420 [GMT -4:00] Running from: c:\documents and settings\Tom Kiernan\Desktop\ComboFix.exe AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\ynh.dx Infected copy of c:\windows\system32\drivers\rdpcdd.sys was found and disinfected Restored copy from - Kitty had a snack . ((((((((((((((((((((((((( Files Created from 2010-07-17 to 2010-08-17 ))))))))))))))))))))))))))))))) . 2010-08-14 03:03 . 2010-08-14 03:03 -------- d-----w- c:\documents and settings\Tom Kiernan\Application Data\Bitrix Security 2010-08-14 02:51 . 2010-08-14 02:52 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Bitrix Security 2010-08-14 02:51 . 2010-08-14 02:51 47616 ----a-w- c:\documents and settings\NetworkService\Application Data\Bitrix Security\lyenrei96.dll 2010-08-13 04:46 . 2010-08-13 09:11 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\hpjqfjbxp 2010-08-13 01:52 . 2010-08-13 04:25 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\gyqsfgjvv 2010-08-12 05:23 . 2010-08-12 05:23 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\hulqbnydh 2010-08-11 09:04 . 2010-08-12 04:52 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\xmyvsgcxx 2010-08-10 05:35 . 2010-08-10 05:35 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimwmp.dll 2010-08-10 05:35 . 2010-08-10 05:35 49152 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Components\nprpffbrowserrecordext.dll 2010-08-10 05:35 . 2010-08-10 05:35 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimswf.dll 2010-08-10 05:35 . 2010-08-10 05:35 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimrp.dll 2010-08-10 05:35 . 2010-08-10 05:35 45056 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\ThinShims\rpnpshimqt.dll 2010-08-10 05:35 . 2010-08-10 05:35 40960 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll 2010-08-10 05:35 . 2010-08-10 05:35 308808 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Common\rpmainbrowserrecordplugin.dll 2010-08-10 05:35 . 2010-08-10 05:35 14848 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll 2010-08-10 05:35 . 2010-08-10 05:35 341600 ----a-w- c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll 2010-08-10 05:34 . 2010-08-10 05:34 -------- d-----w- c:\program files\Common Files\xing shared 2010-08-07 09:15 . 2010-08-07 09:15 -------- d-----w- c:\windows\system32\wbem\Repository 2010-08-06 17:14 . 2010-08-07 00:43 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\fsbfnkois 2010-07-30 19:40 . 2010-08-07 09:00 -------- d--h--w- c:\documents and settings\Tom Kiernan\Recent(2) . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-17 04:56 . 2010-01-14 23:07 -------- d-----w- c:\documents and settings\Tom Kiernan\Application Data\HPAppData 2010-08-17 04:31 . 2009-03-20 10:21 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-08-10 05:35 . 2005-12-19 15:26 -------- d-----w- c:\program files\Common Files\Real 2010-08-10 05:34 . 2005-12-19 15:26 -------- d-----w- c:\program files\Real 2010-08-10 05:34 . 2008-06-03 05:36 348160 ----a-w- c:\windows\system32\msvcr71.dll 2010-08-08 09:17 . 2007-12-27 09:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-08-07 09:14 . 2010-07-02 22:08 -------- d-----w- c:\program files\Microsoft Silverlight 2010-08-07 09:14 . 2010-07-02 22:51 -------- d-----w- c:\program files\AOL 9.5 2010-08-07 09:14 . 2010-06-26 23:18 -------- d-----w- c:\program files\Common Files\aolshare 2010-08-07 09:13 . 2005-12-19 15:25 -------- d-----w- c:\program files\Common Files\AOL 2010-08-07 09:13 . 2010-07-02 22:54 -------- d-----w- c:\program files\Common Files\aolback 2010-08-07 09:13 . 2010-07-02 23:11 -------- d-----w- c:\program files\AOL 9.5a 2010-07-30 01:22 . 2008-03-31 06:43 -------- d-----w- c:\program files\Google 2010-07-02 23:11 . 2005-12-19 15:25 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL 2010-06-30 04:15 . 2010-06-30 04:15 -------- d-----w- c:\documents and settings\All Users\Application Data\WD_SmartWareCommon 2010-06-30 04:07 . 2010-06-30 04:07 -------- d-----w- c:\documents and settings\Tom Kiernan\Application Data\Western Digital 2010-06-30 04:07 . 2010-06-30 04:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Western Digital 2010-06-30 04:06 . 2010-06-30 04:06 -------- d-----w- c:\program files\Western Digital 2010-06-28 18:18 . 2010-02-18 21:42 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS 2010-06-28 08:54 . 2010-06-28 08:54 -------- d-----w- c:\program files\SystemRequirementsLab 2010-06-28 07:48 . 2005-12-19 15:03 19456 ----a-w- c:\windows\system32\IntelNic.dll 2010-06-26 23:18 . 2010-06-26 23:18 -------- d-----w- c:\program files\AOL 9.1 2010-06-26 23:18 . 2010-06-26 23:18 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL OCP 2010-06-26 23:17 . 2010-06-18 23:42 -------- d-----w- c:\program files\AOL 9.0 2010-06-26 23:17 . 2010-06-18 23:42 -------- d-----w- c:\program files\Common Files\aolshare(2) 2010-06-26 23:17 . 2006-01-13 00:24 -------- d-----w- c:\documents and settings\Tom Kiernan\Application Data\AOL 2010-06-23 00:26 . 2008-08-14 07:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Gtek 2010-06-20 22:59 . 2006-04-17 05:23 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL Downloads 2010-06-08 09:30 . 2010-06-08 09:30 503808 ----a-w- c:\documents and settings\Tom Kiernan\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-254e96c4-n\msvcp71.dll 2010-06-08 09:30 . 2010-06-08 09:30 499712 ----a-w- c:\documents and settings\Tom Kiernan\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-254e96c4-n\jmc.dll 2010-06-08 09:30 . 2010-06-08 09:30 348160 ----a-w- c:\documents and settings\Tom Kiernan\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-254e96c4-n\msvcr71.dll 2010-06-08 09:30 . 2010-06-08 09:30 61440 ----a-w- c:\documents and settings\Tom Kiernan\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-3a7cd31d-n\decora-sse.dll 2010-06-08 09:30 . 2010-06-08 09:30 12800 ----a-w- c:\documents and settings\Tom Kiernan\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-3a7cd31d-n\decora-d3d.dll 2009-02-02 05:49 . 2006-01-03 06:29 104 --sh--r- c:\windows\system32\41C1A329B6.sys 2009-02-02 05:49 . 2006-01-03 06:29 4184 --sha-w- c:\windows\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-07-20 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-07-20 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-07-20 114688] "DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 53248] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-06-10 249856] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920] "AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2006-10-23 71216] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152] "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-01-23 141608] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-08-10 202256] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2005-12-19 24576] WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-1-21 2057536] WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2010-1-21 9136960] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"= "c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"= "c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"= "c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"= "c:\\Program Files\\Common Files\\AOL\\1206437017\\EE\\AOLServiceHost.exe"= "c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"= "c:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"= "c:\\Program Files\\AOL 9.1\\waol.exe"= "c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"= "c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxs08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqfxt08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"= "c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Smart Web Printing\\SmartWebPrintExe.exe"= R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2/6/2009 11:56 AM 106208] R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2/6/2009 11:57 AM 727720] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/31/2009 8:21 PM 304464] R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [1/21/2010 4:24 PM 110592] R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [6/16/2009 8:58 AM 20480] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/31/2009 8:21 PM 20952] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [7/31/2009 8:21 PM 38224] S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [12/18/2009 10:58 AM 11336] S3 TMPassthruMP;TMPassthruMP;c:\windows\system32\DRIVERS\TMPassthru.sys --> c:\windows\system32\DRIVERS\TMPassthru.sys [?] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [6/30/2010 12:07 AM 11520] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{511C90F4-EF8B-42A0-B7EC-CF5D1B129D5E}] 2010-08-14 02:51 47616 ----a-w- c:\documents and settings\NetworkService\Application Data\Bitrix Security\lyenrei96.dll . Contents of the 'Scheduled Tasks' folder 2010-08-11 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 16:34] 2010-08-17 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3428795369-2916434407-691850253-1005.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 07:02] 2010-08-16 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3428795369-2916434407-691850253-1005.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 07:02] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.dell4me.com/myway uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyServer = http=127.0.0.1:6522 uInternet Settings,ProxyOverride = <local> IE: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-US\local\search.html Trusted Zone: aebn.net\template Trusted Zone: aebn.net\www Trusted Zone: intuit.com Trusted Zone: intuit.com\ttlc Trusted Zone: turbotax.com FF - ProfilePath - c:\documents and settings\Tom Kiernan\Application Data\Mozilla\Firefox\Profiles\sxn7evim.default\ FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official FF - prefs.js: keyword.URL - hxxp://www.google.com/firefox FF - component: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- FF - user.js: protocol-handler.warn-external.dnUpdate - falsec:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . - - - - ORPHANS REMOVED - - - - HKCU-Run-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe HKCU-Run-Uniblue RegistryBooster 2009 - c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe HKLM-Run-ACD mPower Tools - c:\program files\ACD Systems\mPower Tools\1.0\mPowerTools.exe AddRemove-12133444-BF36-4d4e-B7FB-A3424C645DE4 - c:\program files\GemMaster\uninstallgemmaster.exe AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-08-17 03:37 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-3428795369-2916434407-691850253-1005\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . Completion time: 2010-08-17 03:45:29 ComboFix-quarantined-files.txt 2010-08-17 07:45 Pre-Run: 45,680,697,344 bytes free Post-Run: 46,405,971,968 bytes free - - End Of File - - 2E9684716E36B9B64091AA9809A4F3AF Thank you for answering my message. I'm no computer whiz so I'll ask your forgiveness beforehand if I screw things up. I ran the Combifix as you directed. The first time I tried it, the computer froze. I had to shut down and start over. It worked the second time. The file above is the result. When the Combifix was finished I restarted my eset antivirus. That's where I am right now. Thank you again for the help.

I hope I did all the right things. These are the logs that the instructions said I should post. DDS_file.txt ark.zip Attach.zip protection_log_2010_08_13.zip