[Resolved] Hijack This Log -- Can't find a Wireless Network

Computer forums for help with removing malicious software (malware) and improving computer security

grin Welcome to What the Tech! ( Log In | Register ) What tech support ought to be... Fast, friendly and free! Once registered - you'll have the ability to post your question in the appropriate forum below. Additionally, if you can assist another member by sharing your tech knowledge, please post a reply! Best of all - Registration and all assistance is FREE! Once you've completed registration, simply choose the appropriate forum below, click on the "new topic" button, and post your question! What are you waiting for? Register today! *Registered users see NO ADVERTISING.

What the Tech > Spyware / Malware / Virus Removal > Infections Removal

2 Pages

1 2 >

[Resolved] Hijack This Log -- Can't find a Wireless Network, Referred by paws

Options

MikeT072 View Member Profile	Jun 28 2009, 10:12 AM Post #1
Authentic Member Group: Authentic Member Posts: 24 Joined: 26-June 09 Member No.: 86,431 Operating System: Windows Vista Home Premium	Here's the short story: I posted a thread in the Networking forum stating my HP Wireless Assistant could not find any networks. Here it is: http://forums.whatthetech.com/Wirless_HP_A...ks_t104550.html I was told my computer is probably infected so I ran Hijack This to post my log here. Here is my Hijack This log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:03:50 PM, on 6/28/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\System32\hkcmd.exe C:\WINDOWS\System32\igfxpers.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Java\jre1.6.0\bin\jusched.exe C:\Program Files\Search Settings\SearchSettings.exe C:\Program Files\Lexmark 1300 Series\lxdcamon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\ehome\ehtray.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Apoint2K\Apntex.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Windows\system32\conime.exe C:\Program Files\Last.fm\LastFM.exe C:\Windows\system32\wuauclt.exe C:\Windows\System32\wsqmcons.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\iTunes\iTunes.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll O1 - Hosts: ::1 localhost O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [lxdcmon.exe] "C:\Program Files\Lexmark 1300 Series\lxdcmon.exe" O4 - HKLM\..\Run: [lxdcamon] "C:\Program Files\Lexmark 1300 Series\lxdcamon.exe" O4 - HKLM\..\Run: [promo.exe] C:\Windows\system32\promo.exe O4 - HKLM\..\Run: [C:\Windows\system32\cfrog.exe] C:\Windows\system32\cfrog.exe O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [wifi] "C:/Program Files/wifi.com/wifi.exe" -i O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ares vista] "C:\Program Files\Ares Vista\AresVista.exe" -h O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Compare Prices with &Dealio - C:\Users\Mike\AppData\LocalLow\Dealio\kb127\res\DealioSearch.html O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll O13 - Gopher Prefix: O17 - HKLM\System\CCS\Services\Tcpip\..\{704FD937-485D-451D-9B6C-5E6F3A3F122B}: NameServer = 85.255.112.138,85.255.112.9 O17 - HKLM\System\CCS\Services\Tcpip\..\{A21B410A-8C9C-434E-9690-5A364F6F3CD2}: NameServer = 85.255.112.138,85.255.112.9 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.138,85.255.112.9 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.112.138,85.255.112.9 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.138,85.255.112.9 O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: lxdcCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdcserv.exe O23 - Service: lxdc_device - - C:\Windows\system32\lxdccoms.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 13208 bytes Hopefully someone can figure out what is wrong.

CatByte View Member Profile	Jun 28 2009, 12:06 PM Post #2
SuperHelper Group: Classroom Teacher Posts: 6,620 Joined: 18-November 04 From: Canada Member No.: 18,614 Operating System: xp sp3	Hi, Yes Paws is correct you are heavily infected. Please do the following: Open HiJackThis Click on Do a system scan only Check the boxes next to ONLY the entries listed below (if still present): R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe O4 - HKLM\..\Run: [promo.exe] C:\Windows\system32\promo.exe O4 - HKLM\..\Run: [C:\Windows\system32\cfrog.exe] C:\Windows\system32\cfrog.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{704FD937-485D-451D-9B6C-5E6F3A3F122B}: NameServer = 85.255.112.138,85.255.112.9 O17 - HKLM\System\CCS\Services\Tcpip\..\{A21B410A-8C9C-434E-9690-5A364F6F3CD2}: NameServer = 85.255.112.138,85.255.112.9 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.138,85.255.112.9 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.112.138,85.255.112.9 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.138,85.255.112.9 Close all windows except Hijackthis and click Fix Checked Click Yes when prompted Close HijackThis. NEXT STEP #1 Please download DDS and save it to your desktop. Disable any script blocking protection Double click dds.pif to run the tool. When done, two DDS.txt's will open. Save both reports to your desktop. --------------------------------------------------- Please include the contents of the following in your next reply: DDS.txt Attach.txt. STEP #2 Download GMER Rootkit Scanner from here or here. Extract the contents of the zipped file to desktop. Double click GMER.exe. If asked to allow gmer.sys driver to load, please consent . If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO, then use the following settings for a more complete scan.. In the right panel, you will see several boxes that have been checked. Uncheck the following … Sections IAT/EAT Drives/Partition other than Systemdrive (typically C:\) Show All (don't miss this one) Then click the Scan button & wait for it to finish. Once done click on the [Save..] button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post. Save it where you can easily find it, such as your desktop and attach it in your next reply. Caution Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries *As a Vista user I will require that all the programs I ask you to run, be run by right clicking the icon and selecting Run as Administrator. Otherwise some programs may fail to operate correctly*

MikeT072 View Member Profile	Jun 28 2009, 11:44 PM Post #3
Authentic Member Group: Authentic Member Posts: 24 Joined: 26-June 09 Member No.: 86,431 Operating System: Windows Vista Home Premium	I attached the DDS.txt and Attach.txt files in this post. I would post the Rootkit files, but it crashed on me three times while it was scanning. The first time I got the giant "** you" blue screen. The second time it said it had to close due to a problem. The third time it shut down my computer. I will try running it again later, but hopefully you can do something with the two files I attached. Attached File(s)** Attach.txt ( 8.14K ) Number of downloads: 133 DDS.txt ( 15.38K ) Number of downloads: 102

CatByte View Member Profile	Jun 29 2009, 05:35 AM Post #4
SuperHelper Group: Classroom Teacher Posts: 6,620 Joined: 18-November 04 From: Canada Member No.: 18,614 Operating System: xp sp3	Hi, Leave the GMER scan for now. Please do the following: Please download ComboFix from Here or Here to your Desktop. Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop If you are using Firefox, make sure that your download settings are as follows: Tools->Options->Main tab Set to "Always ask me where to Save the files". During the download, rename Combofix to Combo-Fix as follows: It is important you rename Combofix during the download, but not after. Please do not rename Combofix to other names, but only to the one indicated. Close any open browsers. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. ----------------------------------------------------------- Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Click on this link* to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.* ----------------------------------------------------------- Close any open browsers. If there is no internet connection after running Combofix, then restart your computer to restore back your connection. ----------------------------------------------------------- Double click on combo-Fix.exe & follow the prompts. When finished, it will produce a report for you. Please post the "C:\Combo-Fix.txt" for further review. Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall

MikeT072 View Member Profile	Jun 29 2009, 12:19 PM Post #5
Authentic Member Group: Authentic Member Posts: 24 Joined: 26-June 09 Member No.: 86,431 Operating System: Windows Vista Home Premium	I attached the log to this post. I'll restart my computer now. This post has been edited by MikeT072: Jun 29 2009, 12:32 PM Attached File(s) ComboFix.txt ( 37.71K ) Number of downloads: 11

CatByte View Member Profile	Jun 29 2009, 12:34 PM Post #6
SuperHelper Group: Classroom Teacher Posts: 6,620 Joined: 18-November 04 From: Canada Member No.: 18,614 Operating System: xp sp3	Hi, Please do the following: Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Copy/paste the text inside the Codebox below into notepad: Here's how to do that: Click Start > Run type Notepad click OK. This will open an empty notepad file: Copy all the text inside of the code box - Press Ctrl+C (or right click on the highlighted section and choose 'copy') CODE http://forums.whatthetech.com/Hijack_Log_Can_t_find_Wireless_Network_t104594.html&view=findpost&p=573102#entry573102 Collect:: c:\windows\system32\48z7thief599.dll c:\windows\system32\5524vir9zad.bin c:\windows\system32\5962hacktz5l3419.bin c:\windows\system32\7c9bt5izf1772.bin c:\windows\system32\5b8b5teal1393z.exe c:\windows\system32\96059rzj375.dll c:\windows\system32\5da9zir2805.bin c:\windows\system32\zcct9ie53223.dll c:\windows\system32\95002n5t-a-virzsd3.exe c:\windows\system32\579zsteal11855.dll c:\windows\system32\73z1vir599.exe c:\windows\system32\45c7spy9are20z8.dll c:\windows\system32\55261vi9us3az.dll c:\windows\system32\540b59ckdzor914.exe c:\windows\system32\7aa4backzo9r11875.bin c:\windows\system32\7z09thief555.bin c:\windows\system32\80z7t5o9b.bin c:\windows\system32\fd5thr9zt6413.exe c:\windows\system32\7576do5nlzad9r676.exe c:\windows\system32\935aaddware1582z.bin c:\windows\system32\89z2virus225.bin c:\windows\system32\bdfzpyware1599.exe c:\windows\system32\5744not-azvi9us59d.bin c:\windows\system32\z6725acktool19a.dll c:\windows\system32\6daz5ir2059.exe c:\windows\system32\72cdsp5rse9z3.exe c:\windows\system32\509faddwa9e1575z.dll c:\windows\system32\971t5rzat9869.bin c:\windows\system32\716bdownl9ad5r2318z.exe c:\windows\system32\5909zteal1075.exe c:\windows\system32\5972stea5z431.exe c:\windows\system32\92z5virus7a1.exe c:\windows\system32\58a4viz18459.dll c:\windows\system32\496aspyware5409z.exe c:\windows\system32\4698spyza953056.dll Now paste the copied text into the open notepad - press CTRL+V (or right click and choose 'paste') Save this file to your desktop, Save this as "CFScript" Here's how to do that: 1.Click File; 2.Click Save As... Change the directory to your desktop; 3.Change the Save as type to "All Files"; 4.Type in the file name: CFScript 5.Click Save ... Referring to the screenshot above, drag CFScript.txt into ComboFix.exe. ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal. When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply. CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall. NOTE: Please paste the log into the thread - rather than attach it

MikeT072 View Member Profile	Jun 29 2009, 12:50 PM Post #7
Authentic Member Group: Authentic Member Posts: 24 Joined: 26-June 09 Member No.: 86,431 Operating System: Windows Vista Home Premium	ComboFix 09-06-29.01 - Mike 06/29/2009 14:39.2 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2038.1078 [GMT -4:00] Running from: c:\users\Mike\Desktop\Combo-Fix.exe Command switches used :: c:\users\Mike\Desktop\CFScript.txt AV: Norton Internet Security On-access scanning disabled (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton Internet Security disabled {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} SP: Norton Internet Security disabled (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A} SP: Windows Defender enabled (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} file zipped: c:\windows\system32\45c7spy9are20z8.dll file zipped: c:\windows\system32\4698spyza953056.dll file zipped: c:\windows\system32\48z7thief599.dll file zipped: c:\windows\system32\496aspyware5409z.exe file zipped: c:\windows\system32\509faddwa9e1575z.dll file zipped: c:\windows\system32\540b59ckdzor914.exe file zipped: c:\windows\system32\5524vir9zad.bin file zipped: c:\windows\system32\55261vi9us3az.dll file zipped: c:\windows\system32\5744not-azvi9us59d.bin file zipped: c:\windows\system32\579zsteal11855.dll file zipped: c:\windows\system32\58a4viz18459.dll file zipped: c:\windows\system32\5909zteal1075.exe file zipped: c:\windows\system32\5962hacktz5l3419.bin file zipped: c:\windows\system32\5972stea5z431.exe file zipped: c:\windows\system32\5b8b5teal1393z.exe file zipped: c:\windows\system32\5da9zir2805.bin file zipped: c:\windows\system32\6daz5ir2059.exe file zipped: c:\windows\system32\716bdownl9ad5r2318z.exe file zipped: c:\windows\system32\72cdsp5rse9z3.exe file zipped: c:\windows\system32\73z1vir599.exe file zipped: c:\windows\system32\7576do5nlzad9r676.exe file zipped: c:\windows\system32\7aa4backzo9r11875.bin file zipped: c:\windows\system32\7c9bt5izf1772.bin file zipped: c:\windows\system32\7z09thief555.bin file zipped: c:\windows\system32\80z7t5o9b.bin file zipped: c:\windows\system32\89z2virus225.bin file zipped: c:\windows\system32\92z5virus7a1.exe file zipped: c:\windows\system32\935aaddware1582z.bin file zipped: c:\windows\system32\95002n5t-a-virzsd3.exe file zipped: c:\windows\system32\96059rzj375.dll file zipped: c:\windows\system32\971t5rzat9869.bin file zipped: c:\windows\system32\bdfzpyware1599.exe file zipped: c:\windows\system32\fd5thr9zt6413.exe file zipped: c:\windows\system32\z6725acktool19a.dll file zipped: c:\windows\system32\zcct9ie53223.dll . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\4520virz8359.exe c:\windows\system32\4559virzs4de9.dll c:\windows\system32\45c7spy9are20z8.dll c:\windows\system32\45fthre9t3z333.dll c:\windows\system32\4698spyza953056.dll c:\windows\system32\4699do5nloadez879.ocx c:\windows\system32\48z7thief599.dll c:\windows\system32\494fthi5f25z0.cpl c:\windows\system32\496aspyware5409z.exe c:\windows\system32\497baczdo5r2177.dll c:\windows\system32\497zvirus54d.dll c:\windows\system32\4a90backzoor565.exe c:\windows\system32\4bae5py9are1565z.cpl c:\windows\system32\4cefviz5795.cpl c:\windows\system32\4cfzthr59t10327.dll c:\windows\system32\4d56addw95e688z.cpl c:\windows\system32\4da0downlo5de9z85.exe c:\windows\system32\4ef5addwar9137z.dll c:\windows\system32\4ef5do9nloaderz623.cpl c:\windows\system32\4ez9spy9a5e804.bin c:\windows\system32\4f5azpa9se2989.bin c:\windows\system32\4f709pzwar52921.bin c:\windows\system32\4z3fd59nloader1334.cpl c:\windows\system32\4z3worm659.ocx c:\windows\system32\50246troj191z.ocx c:\windows\system32\50934tro97z6.ocx c:\windows\system32\509faddwa9e1575z.dll c:\windows\system32\50b0thiz91174.bin c:\windows\system32\50b9tealz965.bin c:\windows\system32\50dzsteal9557.dll c:\windows\system32\5106spywa5ez2159.ocx c:\windows\system32\514fsp5rz92609.cpl c:\windows\system32\52700virus9z.cpl c:\windows\system32\5285troz2409.ocx c:\windows\system32\52cfthrzat59359.ocx c:\windows\system32\5374sp5z9otc1.bin c:\windows\system32\5396back59or1747z.ocx c:\windows\system32\53bd9ackd5oz630.ocx c:\windows\system32\5405not-a-v59us31cz.bin c:\windows\system32\540b59ckdzor914.exe c:\windows\system32\5450zo9m4f2.ocx c:\windows\system32\54c1doznl9a5er354.exe c:\windows\system32\5521zackdoor15979.exe c:\windows\system32\5524vir9zad.bin c:\windows\system32\55261vi9us3az.dll c:\windows\system32\5586sp924z.exe c:\windows\system32\559czir506.ocx c:\windows\system32\5626trzj5e9.cpl c:\windows\system32\56498vzrus7a5.ocx c:\windows\system32\566759ckdzor2832.dll c:\windows\system32\5694ztroj279.bin c:\windows\system32\56d9zyware1686.cpl c:\windows\system32\56fazpy59re1653.dll c:\windows\system32\5738n5t-a-vz9us789.ocx c:\windows\system32\5744not-azvi9us59d.bin c:\windows\system32\578189ormzed.ocx c:\windows\system32\579zsteal11855.dll c:\windows\system32\57bavir93z4.ocx c:\windows\system32\58a4viz18459.dll c:\windows\system32\5909zteal1075.exe c:\windows\system32\59294zpy973.ocx c:\windows\system32\5951not9azvirus285.ocx c:\windows\system32\5961virus7za.ocx c:\windows\system32\5962hacktz5l3419.bin c:\windows\system32\5972stea5z431.exe c:\windows\system32\5997szyware8695.ocx c:\windows\system32\5a09zhreat302795.dll c:\windows\system32\5a1d9hrezt7029.ocx c:\windows\system32\5ac5zhie92502.dll c:\windows\system32\5b16ste9lz725.dll c:\windows\system32\5b3zthi9f1929.ocx c:\windows\system32\5b625z999.cpl c:\windows\system32\5b8b5teal1393z.exe c:\windows\system32\5b9z5t9al1300.ocx c:\windows\system32\5bc7spy9aze1461.ocx c:\windows\system32\5c87zir9273.cpl c:\windows\system32\5d54sparsz249.bin c:\windows\system32\5da3threat44z9.cpl c:\windows\system32\5da9zir2805.bin c:\windows\system32\5df5tzreat16199.cpl c:\windows\system32\5e8bs5a9se15z8.ocx c:\windows\system32\5eeespazse1769.ocx c:\windows\system32\5ez95h9ef11.cpl c:\windows\system32\5ez9b5ckdoor1285.cpl c:\windows\system32\5f3zs5eal9095.cpl c:\windows\system32\5z346vi9us2a.ocx c:\windows\system32\5z56spywar922965.dll c:\windows\system32\5z87sp9ware695.dll c:\windows\system32\5zaab9ckdoor1162.cpl c:\windows\system32\60zv5r9149.bin c:\windows\system32\61a9zir13445.dll c:\windows\system32\645zvir5091.exe c:\windows\system32\655ethreat98z9.bin c:\windows\system32\6591sp5zse2914.cpl c:\windows\system32\65z9vir189.cpl c:\windows\system32\6729zorm45a5.ocx c:\windows\system32\681spazse5490.dll c:\windows\system32\6910downzo5der1179.ocx c:\windows\system32\6d55th9zf590.dll c:\windows\system32\6daz5ir2059.exe c:\windows\system32\6db95hizf2872.exe c:\windows\system32\6e18sp5waze25199.ocx c:\windows\system32\6f69ba5kdoor29z2.exe c:\windows\system32\6z41s9arse1542.cpl c:\windows\system32\6z43steal2559.cpl c:\windows\system32\6z65hacktoo9523.cpl c:\windows\system32\6z6daddwar91559.ocx c:\windows\system32\7057wor917z.ocx c:\windows\system32\713dsz9war52605.ocx c:\windows\system32\716bdownl9ad5r2318z.exe c:\windows\system32\72bcb9ckdo5r171z.ocx c:\windows\system32\72cdsp5rse9z3.exe c:\windows\system32\72z9teal25395.dll c:\windows\system32\73z1vir599.exe c:\windows\system32\74zcth95f41.cpl c:\windows\system32\7545spzware219.bin c:\windows\system32\7561spz9are852.bin c:\windows\system32\7576do5nlzad9r676.exe c:\windows\system32\759tr9j35z.cpl c:\windows\system32\75ceb9ck5zor1155.exe c:\windows\system32\7600zir19705.ocx c:\windows\system32\7602sparz912925.dll c:\windows\system32\76c5zteal5954.exe c:\windows\system32\7754ste9l61z.exe c:\windows\system32\7909sparsez535.exe c:\windows\system32\790espa5se2z65.bin c:\windows\system32\795downl9zder777.bin c:\windows\system32\79f35dzware2316.cpl c:\windows\system32\7aa4backzo9r11875.bin c:\windows\system32\7b6z5ir2629.dll c:\windows\system32\7c9bt5izf1772.bin c:\windows\system32\7d29z5r3270.dll c:\windows\system32\7d96zpy9are2325.dll c:\windows\system32\7d9e5parsz179.dll c:\windows\system32\7z09thief555.bin c:\windows\system32\7z96st5al2743.ocx c:\windows\system32\80z7t5o9b.bin c:\windows\system32\8105not-a-vir5s495z.cpl c:\windows\system32\8473not9a-virus235z.dll c:\windows\system32\856trz5519.exe c:\windows\system32\885spyz99.cpl c:\windows\system32\8955not-z-virus352.dll c:\windows\system32\89spyz9re7185.ocx c:\windows\system32\89z2virus225.bin c:\windows\system32\8bbst5a93z8.cpl c:\windows\system32\8eaad9war511z6.bin c:\windows\system32\90181zpambo5162.dll c:\windows\system32\905z5acktool627.ocx c:\windows\system32\92z5virus7a1.exe c:\windows\system32\93539vi5uz49b.ocx c:\windows\system32\93570zpy16c.ocx c:\windows\system32\935aaddware1582z.bin c:\windows\system32\9465vi5us66z9.ocx c:\windows\system32\95002n5t-a-virzsd3.exe c:\windows\system32\95482ha5ktool467z.ocx c:\windows\system32\96059rzj375.dll c:\windows\system32\967z2tr5ja2.exe c:\windows\system32\971t5rzat9869.bin c:\windows\system32\98206vir5s2zc.dll c:\windows\system32\985dbackdoor7z0.ocx c:\windows\system32\99999zirus3ab5.dll c:\windows\system32\9b4do9nloader125z.exe c:\windows\system32\9c0do5zl9ader1590.ocx c:\windows\system32\9ddfbackdoor1959z.dll c:\windows\system32\9e75zpyw5re16.ocx c:\windows\system32\9z786vir5sc4.cpl c:\windows\system32\a41sp9waze9715.ocx c:\windows\system32\aza9ack5oor1321.bin c:\windows\system32\azb9ownloader4335.cpl c:\windows\system32\b4thre9z23540.ocx c:\windows\system32\bbbthre9t589z.ocx c:\windows\system32\bdfzpyware1599.exe c:\windows\system32\c93steal1598z.ocx c:\windows\system32\ccathre9z111575.bin c:\windows\system32\cd35ir8z99.dll c:\windows\system32\dd9stezl335.exe c:\windows\system32\f0fdownl5ader19z79.bin c:\windows\system32\f7esz5ware9088.cpl c:\windows\system32\f97ad5waze3098.ocx c:\windows\system32\fd5thr9zt6413.exe c:\windows\system32\z0482ha5ktool59d.bin c:\windows\system32\z089worm95c5.exe c:\windows\system32\z09virus52f.dll c:\windows\system32\z0dbackdoor9925.ocx c:\windows\system32\z1873hac5tool1f79.ocx c:\windows\system32\z2612spambot95.bin c:\windows\system32\z39735py4da.dll c:\windows\system32\z428sparse52839.ocx c:\windows\system32\z5969spambot698.exe c:\windows\system32\z6621hackt95l59f.bin c:\windows\system32\z6673sp51f9.exe c:\windows\system32\z6725acktool19a.dll c:\windows\system32\z7593hacktool54c5.cpl c:\windows\system32\z92s5arse1439.exe c:\windows\system32\z9655py297.ocx c:\windows\system32\zb39st5al429.ocx c:\windows\system32\zcct9ie53223.dll c:\windows\system32\zd17d5wnloade92930.exe c:\windows\system32\ze77thre9t15812.ocx c:\windows\system32\zeecad59are2503.ocx . ((((((((((((((((((((((((( Files Created from 2009-05-28 to 2009-06-29 ))))))))))))))))))))))))))))))) . 2009-06-29 18:45 . 2009-06-29 18:45 -------- d-----w- c:\users\Mike\AppData\Local\temp 2009-06-28 16:03 . 2009-06-28 16:03 -------- d-----w- c:\program files\Trend Micro 2009-06-28 01:36 . 2009-06-28 01:36 -------- d-----w- C:\PerfLogs 2009-06-26 15:04 . 2009-06-26 15:04 -------- d-----w- c:\program files\DIFX 2009-06-26 14:57 . 2009-03-04 14:49 4232704 ----a-w- c:\windows\system32\drivers\NETw5v32.sys 2009-06-26 14:57 . 2008-06-20 14:33 2756608 ----a-w- c:\windows\system32\NETw5r32.dll 2009-06-26 14:57 . 2008-06-20 14:32 663552 ----a-w- c:\windows\system32\NETw5c32.dll 2009-06-26 14:20 . 2009-06-26 14:20 -------- d-----w- c:\users\Mike\AppData\Roaming\GTek 2009-06-26 05:36 . 2009-06-26 05:36 -------- d-----w- c:\programdata\WiFi-Manager Data 2009-06-25 15:47 . 2009-06-25 15:47 -------- d-----w- c:\users\Mike\AppData\Roaming\Recordpad 2009-06-23 00:11 . 2009-06-23 00:11 -------- d-----w- c:\program files\iPod 2009-06-23 00:08 . 2009-06-23 00:09 -------- d-----w- c:\program files\QuickTime 2009-06-22 23:58 . 2009-06-22 23:58 75048 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe 2009-06-22 22:54 . 2009-06-22 22:54 -------- d-----w- c:\program files\GiPo@Utilities 2009-06-22 22:54 . 2009-06-22 22:54 -------- d-----w- c:\program files\Common Files\Gibinsoft Shared 2009-06-05 15:42 . 2009-06-05 15:42 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys 2009-06-05 15:42 . 2009-06-05 15:42 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-29 14:46 . 2008-10-19 02:07 -------- d-----w- c:\programdata\Google Updater 2009-06-28 06:10 . 2009-04-23 21:57 -------- d-----w- c:\users\Mike\AppData\Roaming\TuneUpMedia 2009-06-28 01:56 . 2009-04-23 21:56 -------- d-----w- c:\programdata\TuneUpMedia 2009-06-28 01:39 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar 2009-06-28 01:39 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar 2009-06-28 01:39 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-06-28 01:39 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration 2009-06-28 01:39 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal 2009-06-28 01:39 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery 2009-06-28 01:39 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender 2009-06-28 01:36 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-06-28 01:17 . 2008-10-12 23:26 -------- d-----w- c:\users\Mike\AppData\Roaming\uTorrent 2009-06-27 23:51 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll 2009-06-27 23:51 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll 2009-06-26 05:39 . 2007-08-16 10:02 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-06-26 03:48 . 2009-05-18 21:05 -------- d-----w- c:\users\Mike\AppData\Roaming\NCH Swift Sound 2009-06-26 03:42 . 2008-11-04 22:27 -------- d-----w- c:\program files\Windows Live 2009-06-24 01:48 . 2008-10-13 00:35 -------- d-----w- c:\users\Mike\AppData\Roaming\Orbit 2009-06-23 23:19 . 2009-05-05 23:20 680 ----a-w- c:\users\Mike\AppData\Local\d3d9caps.dat 2009-06-23 16:49 . 2008-10-12 23:35 -------- d-----w- c:\users\Mike\AppData\Roaming\Apple Computer 2009-06-23 00:12 . 2008-11-30 05:42 -------- d-----w- c:\program files\iTunes 2009-06-23 00:11 . 2008-10-12 23:32 -------- d-----w- c:\program files\Common Files\Apple 2009-06-22 01:20 . 2008-10-13 00:35 -------- d-----w- c:\program files\Orbitdownloader 2009-05-29 01:47 . 2009-05-29 01:47 -------- d-----w- c:\program files\Common Files\Solveig Multimedia 2009-05-29 01:47 . 2009-05-29 01:47 -------- d-----w- c:\program files\Solveig Multimedia 2009-05-21 11:21 . 2008-10-15 11:14 -------- d-----w- c:\program files\Lx_cats 2009-05-18 21:31 . 2009-05-18 21:31 -------- d-----w- c:\program files\MP3 Splitter & Joiner 2009-05-18 21:05 . 2009-05-18 21:05 -------- d-----w- c:\programdata\NCH Swift Sound 2009-05-18 21:05 . 2008-11-01 23:22 -------- d-----w- c:\program files\NCH Software 2009-04-23 18:00 . 2009-04-23 18:00 165013 ----a-w- c:\windows\Video Cleaner Uninstaller.exe 2009-03-31 19:35 . 2009-04-26 21:11 17160 ----a-w- c:\windows\Help\OEM\scripts\HC_TotalCareAdvisorUpdate.exe 2009-01-27 01:34 . 2009-01-27 01:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-01-27 01:34 . 2009-01-27 01:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll . ((((((((((((((((((((((((((((( SnapShot@2009-06-29_18.08.21 ))))))))))))))))))))))))))))))))))))))))) . + 2007-08-16 09:58 . 2009-06-29 18:23 36126 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2006-11-02 13:05 . 2009-06-29 18:23 75168 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2008-10-13 00:00 . 2009-06-29 17:27 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-10-13 00:00 . 2009-06-29 18:26 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2008-10-13 00:00 . 2009-06-29 17:27 81920 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-10-13 00:00 . 2009-06-29 18:26 81920 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-10-13 00:00 . 2009-06-29 17:27 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-10-13 00:00 . 2009-06-29 18:26 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-10-22 15:29 . 2008-01-19 07:34 6656 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.18177_none_33e53ce1da2ca44a\McrMgr.dll + 2008-10-13 00:05 . 2009-06-29 18:23 7990 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-288317228-4290653756-3962459541-1000_UserData.bin - 2009-06-29 17:56 . 2009-06-29 17:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2009-06-29 18:21 . 2009-06-29 18:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2009-06-29 17:56 . 2009-06-29 17:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-06-29 18:21 . 2009-06-29 18:21 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-06-29 05:43 . 2009-06-29 18:30 191936 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S4.bin + 2006-11-02 10:33 . 2009-06-29 18:27 595684 c:\windows\System32\perfh009.dat - 2006-11-02 10:33 . 2009-06-29 18:01 595684 c:\windows\System32\perfh009.dat + 2006-11-02 10:33 . 2009-06-29 18:27 101350 c:\windows\System32\perfc009.dat - 2006-11-02 10:33 . 2009-06-29 18:01 101350 c:\windows\System32\perfc009.dat - 2006-11-02 10:22 . 2009-06-28 01:52 6291456 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT + 2006-11-02 10:22 . 2009-06-29 18:25 6291456 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT + 2009-06-29 18:38 . 2009-06-29 18:38 6262784 c:\windows\ERDNT\Hiv-backup\SCHEMA.DAT + 2008-10-16 07:04 . 2009-06-29 18:27 172725233 c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-03-11 159744] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-10 115816] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-04-04 138008] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-04-04 154392] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-04-04 133912] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872] "QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-02-13 159744] "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 50696] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776] "WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0\bin\jusched.exe" [2007-08-16 77824] "au"="c:\program files\Dealio\DealioAU.exe" [2008-05-26 595296] "SearchSettings"="c:\program files\Search Settings\SearchSettings.exe" [2008-06-12 991584] "Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048] "lxdcamon"="c:\program files\Lexmark 1300 Series\lxdcamon.exe" [2007-04-30 20480] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2008-10-22 1261200] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-08 44128] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048] Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{F5A89237-78BF-45D5-A273-FD7F3205321C}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{1AC2D228-FF1F-4EDD-9505-D7208AF6A4BE}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{0BC7546A-B8A9-4432-8A94-B6AA88E1A4CE}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In) "{02ED58B4-52D1-4BAB-89A5-EAEF17679AB3}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In) "TCP Query User{352F0A07-6E07-4728-86F2-F3DAD84AB73A}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows "UDP Query User{C9D2C76B-9A6C-4711-BA16-E4D980FC1CF2}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows "TCP Query User{0C5521F7-D800-4768-813D-09979ADC7F70}c:\\program files\\orbitdownloader\\orbitnet.exe"= UDP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader "UDP Query User{8885FC32-5FEF-4739-A511-92ED254F635E}c:\\program files\\orbitdownloader\\orbitnet.exe"= TCP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader "{01EAC562-0DB0-494B-BC55-8907F0E763D0}"= UDP:c:\windows\System32\lxdccoms.exe:Lexmark Communications System "{003260DF-0F3F-4926-9466-8B60FC765C20}"= TCP:c:\windows\System32\lxdccoms.exe:Lexmark Communications System "{6F6AB858-F521-4BB7-9674-B3ED65162644}"= UDP:c:\program files\Lexmark 1300 Series\lxdcamon.exe:Lexmark Device Monitor "{FFB5F34E-08E5-4A22-A309-62853DD680A8}"= TCP:c:\program files\Lexmark 1300 Series\lxdcamon.exe:Lexmark Device Monitor "{17AB372B-9ECF-4EAE-8BF0-FEA351DB9EC0}"= UDP:c:\program files\Lexmark 1300 Series\App4R.exe:Lexmark Imaging Studio "{FA40190A-62EB-45E0-8FEB-292C6BD0CB1F}"= TCP:c:\program files\Lexmark 1300 Series\App4R.exe:Lexmark Imaging Studio "{FE5F0B2A-83DE-4ECB-8709-92F157C33A49}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdctime.exe: "{4C4799B3-8A23-4983-8185-D32204A341DB}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdctime.exe: "{C7B31B0C-A4EB-44B4-8F8A-0A9B3CB192DD}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdcpswx.exe: "{F7DB9389-BE0A-4A32-8CF2-688ACA04DC9B}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdcpswx.exe: "{5BAA4174-6047-4049-B6CF-E4DCF9467690}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{26A8E3E0-95FF-4C26-BE83-EF208F3D2538}"= UDP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:Sid Meier's Civilization 4 "{7B56396D-467B-4C76-A753-010431056A2B}"= TCP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:Sid Meier's Civilization 4 "{E4D3E851-F659-4490-9513-FC6AD4F4B2C1}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{8AF57109-5173-4BEB-99EA-B631B7E5028C}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{2E23168F-EB9B-49CF-81BF-3C98CF0456CD}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{6EDC1D2D-641B-4B29-BDF0-FCB77DD1A296}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes "{DDABCFFC-ED92-45C6-AE64-CD0092A34AE5}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{0A5CDAAE-2671-4BDE-99CF-1604B41E3FE8}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "c:\\Program Files\\Orbitdownloader\\orbitdm.exe"= c:\program files\Orbitdownloader\orbitdm.exe::Enabled:Orbit "c:\\Program Files\\Orbitdownloader\\orbitnet.exe"= c:\program files\Orbitdownloader\orbitnet.exe::Enabled:Orbit "c:\\Program Files\\River Past\\Video Cleaner\\VideoCleaner.exe"= c:\program files\River Past\Video Cleaner\VideoCleaner.exe::Enabled:River Past Video Cleaner R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20081210.002\IDSvix86.sys [12/10/2008 7:54 PM 270384] R2 lxdc_device;lxdc_device;c:\windows\system32\lxdccoms.exe -service --> c:\windows\system32\lxdccoms.exe -service [?] R2 lxdcCATSCustConnectService;lxdcCATSCustConnectService;c:\windows\System32\spool\drivers\w32x86\3\lxdcserv.exe [5/25/2007 9:38 AM 99248] R3 SYMNDISV;SYMNDISV;c:\windows\System32\drivers\symndisv.sys [10/3/2008 3:14 PM 37936] R3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\System32\drivers\WsAudioDevice_383.sys [2/26/2009 12:29 AM 16640] S3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [6/26/2009 10:57 AM 4232704] --- Other Services/Drivers In Memory --- NewlyCreated* - COMHOST . Contents of the 'Scheduled Tasks' folder 2009-06-29 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-19 01:44] 2009-06-23 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - Mike.job - c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-01-14 15:09] . . ------- Supplementary Scan ------- . uStart Page = hxxp://search.orbitdownloader.com mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop uInternet Settings,ProxyOverride = .local IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204 IE: Compare Prices with &Dealio - c:\users\Mike\AppData\LocalLow\Dealio\kb127\res\DealioSearch.html IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\8rb307h0.default\ FF - prefs.js: browser.startup.homepage - www.google.com FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava11.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava12.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava13.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava14.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava32.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjpi160.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npoji610.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-06-29 14:45 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Completion time: 2009-06-29 14:47 ComboFix-quarantined-files.txt 2009-06-29 18:47 ComboFix2.txt 2009-06-29 18:10 Pre-Run: 4,273,651,712 bytes free Post-Run: 4,247,326,720 bytes free 476 --- E O F --- 2009-06-27 23:55 Upload was successful

CatByte View Member Profile	Jun 29 2009, 12:55 PM Post #8
SuperHelper Group: Classroom Teacher Posts: 6,620 Joined: 18-November 04 From: Canada Member No.: 18,614 Operating System: xp sp3	Good, Please try the GMER program now, I'd like to make sure there are no more hidden files. NEXT Download TFC to your desktop Close any open windows. Double click the TFC icon to run the program TFC will close all open programs itself in order to run, Click the Start button to begin the process. Allow TFC to run uninterrupted. The program should not take long to finish it's job Once its finished it should automatically reboot your machine, if it doesn't, manually reboot to ensure a complete clean It's normal after running TFC cleaner that the PC will be slower to boot the first time. NEXT Please download Malwarebytes' Anti-Malware Double Click mbam-setup.exe to install the application. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. If an update is found, it will download and install the latest version. Once the program has loaded, select "Perform Quick Scan", then click Scan. The scan may take some time to finish, so please be patient. When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. <-- very important When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note) The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. Copy&Paste the entire report in your next reply. Extra Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. NEXT Vista users - right click on the IE icon and run as administrator Run an on-line scan with Kaspersky Using Internet Explorer or Firefox, visit Kaspersky On-line Scanner 1. Click Accept, when prompted to download and install the program files and database of malware definitions. 2. To optimize scanning time and produce a more sensible report for review: Close any open programs Turn off the real time scanner of any existing antivirus program while performing the online scan 3. Click Run at the Security prompt. The program will then begin downloading and installing and will also update the database. Please be patient as this can take several minutes. Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan. Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it. Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined. Click View scan report at the bottom. Click the Save as Text button to save the file to your desktop so that you may post it in your next reply In your next reply please include** GMER Log MBAM Log Kaspersky report

MikeT072 View Member Profile	Jun 29 2009, 04:30 PM Post #9
Authentic Member Group: Authentic Member Posts: 24 Joined: 26-June 09 Member No.: 86,431 Operating System: Windows Vista Home Premium	MBAM Log: Malwarebytes' Anti-Malware 1.38 Database version: 2297 Windows 6.0.6001 Service Pack 1 6/29/2009 4:19:26 PM mbam-log-2009-06-29 (16-19-26).txt Scan type: Quick Scan Objects scanned: 76942 Time elapsed: 4 minute(s), 50 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 3 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 1 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\UltraVideo (Trojan.DNSChanger) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UltraVideo (Trojan.DNSChanger) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\{NSINAME} (Trojan.Agent) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: c:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UltraVideo (Trojan.DNSChanger) -> Quarantined and deleted successfully. Files Infected: c:\Users\Mike\AppData\Roaming\microsoft\Windows\start menu\Programs\ultravideo\Uninstall.lnk (Trojan.DNSChanger) -> Quarantined and deleted successfully. The last Scan was taking way too long so I will keep it running overnight. Sorry, but I have to post multiple times to fit the GMER log. [attachment=4352:ark.zip] This post has been edited by CatByte: Jun 29 2009, 05:19 PM Reason for edit: zipped and attached ark

CatByte View Member Profile	Jun 29 2009, 05:23 PM Post #10
SuperHelper Group: Classroom Teacher Posts: 6,620 Joined: 18-November 04 From: Canada Member No.: 18,614 Operating System: xp sp3	Good thanks, The Kaspersky scan can take hours...

MikeT072 View Member Profile	Jun 30 2009, 09:33 PM Post #11
Authentic Member Group: Authentic Member Posts: 24 Joined: 26-June 09 Member No.: 86,431 Operating System: Windows Vista Home Premium	Kaspersky Report: -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7.0 REPORT Tuesday, June 30, 2009 Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001) Kaspersky Online Scanner version: 7.0.26.13 Program database last update: Wednesday, July 01, 2009 03:12:55 Records in database: 2408991 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: C:\ D:\ E:\ F:\ Scan statistics: Files scanned: 133495 Threat name: 2 Infected objects: 3 Suspicious objects: 0 Duration of the scan: 02:08:28 File name / Threat name / Threats count C:\Qoobox\Quarantine\C\Program Files\Mozilla Firefox\components\iamfamous.dll.vir Infected: Packed.Win32.Tdss.c 1 C:\Qoobox\Quarantine\C\WINDOWS\System32\drivers\gaopdxlweqmvuv.sys.vir Infected: Packed.Win32.Tdss.c 1 C:\WINDOWS\System32\rasha.exe Infected: Trojan.Win32.Agent2.dqr 1 The selected area was scanned.

CatByte View Member Profile	Jun 30 2009, 10:02 PM Post #12
SuperHelper Group: Classroom Teacher Posts: 6,620 Joined: 18-November 04 From: Canada Member No.: 18,614 Operating System: xp sp3	Hi, Please do the following: Go Start > Run and copy/paste the following single-line command into the Run box and click OK: QUOTE cmd /c del /f/a/q "C:\WINDOWS\System32\rasha.exe" Please post a fresh HJT log and describe in detail how your computer is running now and any out standing issues there may be.

MikeT072 View Member Profile	Jun 30 2009, 10:50 PM Post #13
Authentic Member Group: Authentic Member Posts: 24 Joined: 26-June 09 Member No.: 86,431 Operating System: Windows Vista Home Premium	Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:48:55 AM, on 7/1/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Apoint2K\Apoint.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\System32\hkcmd.exe C:\WINDOWS\System32\igfxpers.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Search Settings\SearchSettings.exe C:\Program Files\Lexmark 1300 Series\lxdcamon.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Apoint2K\Apntex.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Windows\System32\wsqmcons.exe C:\Program Files\Orbitdownloader\orbitdm.exe C:\Program Files\Orbitdownloader\orbitnet.exe C:\Windows\system32\conime.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\Last.fm\LastFM.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\PROGRA~1\Java\jre6\bin\jp2launcher.exe C:\Program Files\Java\jre6\bin\java.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\taskmgr.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file) O1 - Hosts: ::1 localhost O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb127\Dealio.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [lxdcamon] "C:\Program Files\Lexmark 1300 Series\lxdcamon.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Compare Prices with &Dealio - C:\Users\Mike\AppData\LocalLow\Dealio\kb127\res\DealioSearch.html O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll O13 - Gopher Prefix: O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: lxdcCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdcserv.exe O23 - Service: lxdc_device - - C:\Windows\system32\lxdccoms.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 11050 bytes My computer is running a lot smoother, except for it not finding any wireless networks still.

CatByte View Member Profile	Jul 1 2009, 03:53 AM Post #14
SuperHelper Group: Classroom Teacher Posts: 6,620 Joined: 18-November 04 From: Canada Member No.: 18,614 Operating System: xp sp3	Hi, Please do the following: Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Copy/paste the text inside the Codebox below into notepad: Here's how to do that: Click Start > Run type Notepad click OK. This will open an empty notepad file: Copy all the text inside of the code box - Press Ctrl+C (or right click on the highlighted section and choose 'copy') CODE Folder:: C:\Program Files\Search Settings Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SearchSettings"=- Now paste the copied text into the open notepad - press CTRL+V (or right click and choose 'paste') Save this file to your desktop, Save this as "CFScript" Here's how to do that: 1.Click File; 2.Click Save As... Change the directory to your desktop; 3.Change the Save as type to "All Files"; 4.Type in the file name: CFScript 5.Click Save ... Referring to the screenshot above, drag CFScript.txt into ComboFix.exe. ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal. When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply. CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall. NEXT Try resetting your router to see if that helps with the wireless network issue Make sure you know the setup information for your router. You want to access the router configuration pages, and write down any information necessary to authenticate with your ISP. Please write this down, if you do not have a record elsewhere of this information. When in doubt, call your ISP and ask what is needed in the authentication fields of the router. To reset the router This can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router. Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds). If you don’t know the router's default password, you can look it up. HERE You also need to reconfigure any security settings you had in place prior to the reset. You may also need to consult with your Internet service provider to find out which DNS servers your network should be using.

MikeT072 View Member Profile	Jul 1 2009, 11:54 AM Post #15
Authentic Member Group: Authentic Member Posts: 24 Joined: 26-June 09 Member No.: 86,431 Operating System: Windows Vista Home Premium	ComboFix 09-06-29.01 - Mike 07/01/2009 13:45.3 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2038.961 [GMT -4:00] Running from: c:\users\Mike\Desktop\Combo-Fix.exe Command switches used :: c:\users\Mike\Desktop\CFScript.txt AV: Norton Internet Security On-access scanning disabled (Outdated) {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton Internet Security disabled {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} SP: Norton Internet Security disabled (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A} SP: Windows Defender enabled (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Search Settings c:\program files\Search Settings\kb127\SearchSettings.dll c:\program files\Search Settings\kb127\SearchSettingsRes409.dll c:\program files\Search Settings\SearchSettings.exe . ((((((((((((((((((((((((( Files Created from 2009-06-01 to 2009-07-01 ))))))))))))))))))))))))))))))) . 2009-07-01 17:50 . 2009-07-01 17:50 -------- d-----w- c:\users\Mike\AppData\Local\temp 2009-07-01 01:13 . 2009-07-01 01:13 -------- d-----w- c:\windows\Sun 2009-07-01 01:10 . 2009-05-21 15:33 410984 ----a-w- c:\windows\system32\deploytk.dll 2009-07-01 01:07 . 2009-04-30 12:37 428544 ----a-w- c:\windows\system32\EncDec.dll 2009-07-01 01:07 . 2009-04-30 12:37 293376 ----a-w- c:\windows\system32\psisdecd.dll 2009-06-30 21:18 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll 2009-06-30 21:18 . 2009-04-21 11:55 2033152 ----a-w- c:\windows\system32\win32k.sys 2009-06-30 21:18 . 2008-04-26 08:26 891448 ----a-w- c:\windows\system32\drivers\tcpip.sys 2009-06-30 21:18 . 2008-04-05 01:21 72192 ----a-w- c:\windows\system32\drivers\pacer.sys 2009-06-30 21:18 . 2008-04-05 03:34 15360 ----a-w- c:\windows\system32\pacerprf.dll 2009-06-30 21:16 . 2009-04-24 16:05 827904 ----a-w- c:\windows\system32\wininet.dll 2009-06-30 21:16 . 2009-04-24 13:44 26624 ----a-w- c:\windows\system32\ieUnatt.exe 2009-06-30 21:16 . 2009-04-24 16:02 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-06-30 01:36 . 1997-12-17 22:33 304128 ----a-w- c:\windows\IsUninst.exe 2009-06-30 01:31 . 2009-06-30 01:39 -------- d-----w- c:\program files\Final Fantasy VII 2009-06-28 16:03 . 2009-06-28 16:03 -------- d-----w- c:\program files\Trend Micro 2009-06-28 01:36 . 2009-06-28 01:36 -------- d-----w- C:\PerfLogs 2009-06-26 15:04 . 2009-06-26 15:04 -------- d-----w- c:\program files\DIFX 2009-06-26 14:57 . 2009-03-04 14:49 4232704 ----a-w- c:\windows\system32\drivers\NETw5v32.sys 2009-06-26 14:57 . 2008-06-20 14:33 2756608 ----a-w- c:\windows\system32\NETw5r32.dll 2009-06-26 14:57 . 2008-06-20 14:32 663552 ----a-w- c:\windows\system32\NETw5c32.dll 2009-06-26 14:20 . 2009-06-26 14:20 -------- d-----w- c:\users\Mike\AppData\Roaming\GTek 2009-06-26 05:36 . 2009-06-26 05:36 -------- d-----w- c:\programdata\WiFi-Manager Data 2009-06-25 15:47 . 2009-06-25 15:47 -------- d-----w- c:\users\Mike\AppData\Roaming\Recordpad 2009-06-23 00:11 . 2009-06-23 00:11 -------- d-----w- c:\program files\iPod 2009-06-23 00:08 . 2009-06-23 00:09 -------- d-----w- c:\program files\QuickTime 2009-06-22 23:58 . 2009-06-22 23:58 75048 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe 2009-06-22 22:54 . 2009-06-22 22:54 -------- d-----w- c:\program files\GiPo@Utilities 2009-06-22 22:54 . 2009-06-22 22:54 -------- d-----w- c:\program files\Common Files\Gibinsoft Shared 2009-06-05 15:42 . 2009-06-05 15:42 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys 2009-06-05 15:42 . 2009-06-05 15:42 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-01 16:48 . 2008-10-19 02:07 -------- d-----w- c:\programdata\Google Updater 2009-07-01 07:24 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-07-01 07:23 . 2008-10-13 00:35 -------- d-----w- c:\users\Mike\AppData\Roaming\Orbit 2009-07-01 07:17 . 2007-08-16 10:53 -------- d-----w- c:\programdata\Microsoft Help 2009-07-01 07:11 . 2007-08-16 10:51 -------- d-----w- c:\program files\Microsoft Works 2009-07-01 01:15 . 2007-08-16 11:44 -------- d-----w- c:\program files\Java 2009-06-30 21:58 . 2009-04-23 21:56 -------- d-----w- c:\programdata\TuneUpMedia 2009-06-30 15:38 . 2008-10-12 23:26 -------- d-----w- c:\users\Mike\AppData\Roaming\uTorrent 2009-06-30 00:09 . 2009-04-23 21:57 -------- d-----w- c:\users\Mike\AppData\Roaming\TuneUpMedia 2009-06-29 20:13 . 2009-02-12 20:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-06-28 01:39 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar 2009-06-28 01:39 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar 2009-06-28 01:39 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration 2009-06-28 01:39 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal 2009-06-28 01:39 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery 2009-06-28 01:39 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender 2009-06-28 01:36 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-06-27 23:51 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll 2009-06-27 23:51 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll 2009-06-26 05:39 . 2007-08-16 10:02 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-06-26 03:48 . 2009-05-18 21:05 -------- d-----w- c:\users\Mike\AppData\Roaming\NCH Swift Sound 2009-06-26 03:42 . 2008-11-04 22:27 -------- d-----w- c:\program files\Windows Live 2009-06-23 23:19 . 2009-05-05 23:20 680 ----a-w- c:\users\Mike\AppData\Local\d3d9caps.dat 2009-06-23 16:49 . 2008-10-12 23:35 -------- d-----w- c:\users\Mike\AppData\Roaming\Apple Computer 2009-06-23 00:12 . 2008-11-30 05:42 -------- d-----w- c:\program files\iTunes 2009-06-23 00:11 . 2008-10-12 23:32 -------- d-----w- c:\program files\Common Files\Apple 2009-06-22 01:20 . 2008-10-13 00:35 -------- d-----w- c:\program files\Orbitdownloader 2009-06-17 15:27 . 2009-02-12 20:20 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-17 15:27 . 2009-02-12 20:20 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-05-29 01:47 . 2009-05-29 01:47 -------- d-----w- c:\program files\Common Files\Solveig Multimedia 2009-05-29 01:47 . 2009-05-29 01:47 -------- d-----w- c:\program files\Solveig Multimedia 2009-05-21 11:21 . 2008-10-15 11:14 -------- d-----w- c:\program files\Lx_cats 2009-05-18 21:31 . 2009-05-18 21:31 -------- d-----w- c:\program files\MP3 Splitter & Joiner 2009-05-18 21:05 . 2009-05-18 21:05 -------- d-----w- c:\programdata\NCH Swift Sound 2009-05-18 21:05 . 2008-11-01 23:22 -------- d-----w- c:\program files\NCH Software 2009-04-23 18:00 . 2009-04-23 18:00 165013 ----a-w- c:\windows\Video Cleaner Uninstaller.exe 2009-04-23 12:42 . 2009-06-30 21:17 636928 ----a-w- c:\windows\system32\localspl.dll 2009-01-27 01:34 . 2009-01-27 01:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-01-27 01:34 . 2009-01-27 01:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll . ((((((((((((((((((((((((((((( SnapShot@2009-06-29_18.08.21 ))))))))))))))))))))))))))))))))))))))))) . + 2009-07-01 07:13 . 2008-05-27 05:17 87552 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6001.16503_none_3b8c27e8ba3dd3 dd\SearchFilterHost.exe + 2009-07-01 07:13 . 2008-05-27 05:18 71680 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6001.16503_none_3b8c27e8ba3dd3 dd\propdefs.dll + 2009-07-01 07:13 . 2008-05-27 05:18 44032 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6001.16503_none_3b8c27e8ba3dd3 dd\msstrc.dll + 2009-07-01 07:13 . 2008-05-27 05:17 32768 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6001.16503_none_3b8c27e8ba3dd3 dd\mssprxy.dll + 2009-07-01 07:13 . 2008-05-27 05:17 87552 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6001.16503_none_3b8c27e8ba3dd3 dd\mssitlb.dll + 2009-07-01 07:13 . 2008-05-27 05:17 11776 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6001.16503_none_3b8c27e8ba3dd3 dd\msshooks.dll + 2009-07-01 07:13 . 2008-05-27 05:17 60416 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6001.16503_none_3b8c27e8ba3dd3 dd\msscntrs.dll + 2009-07-01 07:13 . 2008-05-27 05:17 34816 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6001.16503_none_3b8c27e8ba3dd3 dd\msscb.dll + 2009-07-01 07:13 . 2008-05-27 04:59 18904 c:\windows\winsxs\x86_windowssearchengine..uredqueryschema.bin_31bf3856ad364e35_7.0.6001.1650 3_none_88f88929e3c77aa3\StructuredQuerySchemaTrivial.bin + 2009-07-01 07:13 . 2008-05-27 05:18 13824 c:\windows\winsxs\x86_windowssearch-wtrservicingsupport_31bf3856ad364e35_7.0.6001.16503_none_163fe74a2171e12e\WSWTRSvc.exe + 2009-07-01 07:13 . 2008-05-27 05:18 29184 c:\windows\winsxs\x86_microsoft-windows-search-profilenotify_31bf3856ad364e35_7.0.6001.16503_none_d86cd72c8d3c237e\wsepno.dll + 2009-06-30 21:17 . 2008-05-08 05:22 36864 c:\windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.22175_none_48ab41df19abd38f\wshcon.dll + 2009-06-30 21:17 . 2008-05-08 05:17 32768 c:\windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.22175_none_48ab41df19abd38f\dispex.dll + 2008-10-22 15:29 . 2008-01-19 07:37 36864 c:\windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.18068_none_482f75de008363d9\wshcon.dll + 2008-10-22 15:29 . 2008-01-19 07:34 32768 c:\windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.18068_none_482f75de008363d9\dispex.dll + 2009-06-30 21:17 . 2008-05-08 05:22 90112 c:\windows\winsxs\x86_microsoft-windows-s..ing-shell-extension_31bf3856ad364e35_6.0.6001.22175_none_0ac4c5ed3d9567ea\wshext.dll + 2009-06-30 21:17 . 2008-05-08 21:59 90112 c:\windows\winsxs\x86_microsoft-windows-s..ing-shell-extension_31bf3856ad364e35_6.0.6001.18068_none_0a48f9ec246cf834\wshext.dll + 2009-06-30 21:18 . 2008-04-05 03:21 13824 c:\windows\winsxs\x86_microsoft-windows-qos_31bf3856ad364e35_6.0.6001.22151_none_ae9ff60970e9e6b9\wshqos.dll + 2009-06-30 21:18 . 2008-04-05 03:21 33280 c:\windows\winsxs\x86_microsoft-windows-qos_31bf3856ad364e35_6.0.6001.22151_none_ae9ff60970e9e6b9\traffic.dll + 2009-06-30 21:18 . 2008-04-05 03:20 15360 c:\windows\winsxs\x86_microsoft-windows-qos_31bf3856ad364e35_6.0.6001.22151_none_ae9ff60970e9e6b9\pacerprf.dll + 2009-06-30 21:18 . 2008-04-05 01:20 72192 c:\windows\winsxs\x86_microsoft-windows-qos_31bf3856ad364e35_6.0.6001.22151_none_ae9ff60970e9e6b9\pacer.sys + 2006-11-02 08:57 . 2006-11-02 09:46 13824 c:\windows\winsxs\x86_microsoft-windows-qos_31bf3856ad364e35_6.0.6001.18046_none_ae262a9c57bfa9b1\wshqos.dll + 2006-11-02 08:57 . 2006-11-02 09:46 33280 c:\windows\winsxs\x86_microsoft-windows-qos_31bf3856ad364e35_6.0.6001.18046_none_ae262a9c57bfa9b1\traffic.dll + 2009-06-30 21:18 . 2008-04-05 03:34 15360 c:\windows\winsxs\x86_microsoft-windows-qos_31bf3856ad364e35_6.0.6001.18046_none_ae262a9c57bfa9b1\pacerprf.dll + 2009-06-30 21:18 . 2008-04-05 01:21 72192 c:\windows\winsxs\x86_microsoft-windows-qos_31bf3856ad364e35_6.0.6001.18046_none_ae262a9c57bfa9b1\pacer.sys + 2009-06-30 21:17 . 2009-03-03 04:32 26112 c:\windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6001.22389_none_2be9bd5af4bd3b16\printfilterpipelineprxy.dll + 2009-06-30 21:17 . 2009-03-03 04:39 26112 c:\windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6001.18226_none_2b9dff39db71a7a1\printfilterpipelineprxy.dll + 2009-06-30 21:17 . 2009-03-03 04:17 26112 c:\windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6000.21023_none_2a3e34a2f76b9db7\printfilterpipelineprxy.dll + 2009-06-30 21:17 . 2009-03-03 04:19 24576 c:\windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6000.16830_none_29a6eeebde589a97\printfilterpipelineprxy.dll + 2009-06-30 21:17 . 2009-03-03 02:24 17408 c:\windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6001.22389_none_d16ab47d4f561502\iashost.exe + 2009-06-30 21:17 . 2009-03-03 04:28 47104 c:\windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6001.22389_none_d16ab47d4f561502\iasdatastore.dll + 2009-06-30 21:17 . 2009-03-03 04:28 57344 c:\windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6001.22389_none_d16ab47d4f561502\iasads.dll + 2009-06-30 21:17 . 2009-03-03 04:37 98304 c:\windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6001.18226_none_d11ef65c360a818d\iasrecst.dll + 2009-06-30 21:17 . 2009-03-03 02:38 17408 c:\windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6001.18226_none_d11ef65c360a818d\iashost.exe + 2009-06-30 21:17 . 2009-03-03 04:37 44032 c:\windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6001.18226_none_d11ef65c360a818d\iasdatastore.dll + 2009-06-30 21:17 . 2009-03-03 04:37 54784 c:\windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6001.18226_none_d11ef65c360a818d\iasads.dll + 2009-06-30 21:17 . 2009-03-03 04:14 97280 c:\windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6000.21023_none_cfbf2bc5520477a3\iasrecst.dll + 2009-06-30 21:17 . 2009-03-03 04:14 37888 c:\windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6000.21023_none_cfbf2bc5520477a3\iasdatastore.dll + 2009-06-30 21:17 . 2009-03-03 04:14 53248 c:\windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6000.21023_none_cfbf2bc5520477a3\iasads.dll + 2009-06-30 21:17 . 2009-03-03 04:16 97280 c:\windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6000.16830_none_cf27e60e38f17483\iasrecst.dll + 2009-06-30 21:17 . 2009-03-03 04:16 37888 c:\windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6000.16830_none_cf27e60e38f17483\iasdatastore.dll + 2009-06-30 21:17 . 2009-03-03 04:16 53248 c:\windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6000.16830_none_cf27e60e38f17483\iasads.dll + 2009-06-30 21:17 . 2009-02-13 08:21 72704 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\secur32.dll + 2009-06-30 21:17 . 2009-02-13 08:49 72704 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\secur32.dll + 2009-06-30 21:17 . 2009-02-13 07:15 72704 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\secur32.dll + 2009-06-30 21:17 . 2009-02-13 07:26 72704 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\secur32.dll + 2009-06-30 21:17 . 2008-08-02 03:20 36864 c:\windows\winsxs\x86_microsoft-windows-lddmcore_31bf3856ad364e35_6.0.6001.22235_none_ac36c8fdfcbe34f3\cdd.dll + 2009-06-30 21:17 . 2008-08-02 03:26 36864 c:\windows\winsxs\x86_microsoft-windows-lddmcore_31bf3856ad364e35_6.0.6001.18114_none_abc1cbc0e39143f0\cdd.dll + 2009-06-30 21:16 . 2009-04-24 15:54 52736 c:\windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.21046_none_2a73c7b3813b6302\iebrshim.dll + 2009-06-30 21:16 . 2009-04-24 16:14 52736 c:\windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.16851_none_29da8168682a2d34\iebrshim.dll + 2009-06-30 21:16 . 2009-04-24 15:54 56320 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21046_none_c44eb1437a8b8da5\iesetup.dll + 2009-06-30 21:16 . 2009-04-24 15:54 44544 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21046_none_c44eb1437a8b8da5\iernonce.dll + 2009-06-30 21:16 . 2009-04-24 13:42 70656 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21046_none_c44eb1437a8b8da5\ie4uinit.exe + 2009-06-30 21:16 . 2009-04-24 16:14 56320 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16851_none_c3b56af8617a57d7\iesetup.dll + 2009-06-30 21:16 . 2009-04-24 16:14 44544 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16851_none_c3b56af8617a57d7\iernonce.dll + 2009-06-30 21:16 . 2009-04-24 13:53 70656 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16851_none_c3b56af8617a57d7\ie4uinit.exe + 2009-06-30 21:16 . 2009-04-24 13:46 26624 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22418_none_2fe8d4ea331cfeb1\ieUnatt.exe + 2009-06-30 21:16 . 2009-04-24 13:44 26624 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18248_none_2f3ec6751a17b593\ieUnatt.exe + 2009-06-30 21:16 . 2009-04-24 13:42 26624 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21046_none_2ddffc283610c500\ieUnatt.exe + 2009-06-30 21:16 . 2009-04-24 13:53 26624 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16851_none_2d46b5dd1cff8f32\ieUnatt.exe + 2009-06-30 21:16 . 2009-04-24 15:54 63488 c:\windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_6.0.6000.21046_none_59197b8580504b5c\icardie.dll + 2009-06-30 21:16 . 2009-04-24 16:14 63488 c:\windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_6.0.6000.16851_none_5880353a673f158e\icardie.dll + 2009-06-30 21:16 . 2009-04-24 13:45 48128 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6001.22418_none_f3f45b61d3451a29\mshtmler.dll + 2009-06-30 21:16 . 2009-04-24 15:57 78336 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6001.22418_none_f3f45b61d3451a29\ieencode.dll + 2006-11-02 07:33 . 2006-11-02 07:33 48128 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6001.18248_none_f34a4cecba3fd10b\mshtmler.dll + 2009-06-30 21:16 . 2009-04-24 16:02 78336 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6001.18248_none_f34a4cecba3fd10b\ieencode.dll + 2009-06-30 21:16 . 2009-04-24 12:20 48128 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6000.21046_none_f1eb829fd638e078\mshtmler.dll + 2009-06-30 21:16 . 2009-04-24 15:54 78336 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6000.21046_none_f1eb829fd638e078\ieencode.dll + 2009-06-30 21:16 . 2009-04-24 12:25 48128 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6000.16851_none_f1523c54bd27aaaa\mshtmler.dll + 2009-06-30 21:16 . 2009-04-24 16:14 78336 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6000.16851_none_f1523c54bd27aaaa\ieencode.dll + 2009-06-30 21:16 . 2009-04-24 15:55 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.22418_none_aeb8f6ae1fe46774\admparse.dll + 2008-10-22 15:30 . 2008-01-19 07:33 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.18248_none_ae0ee83906df1e56\admparse.dll + 2009-06-30 21:16 . 2009-04-24 15:52 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6000.21046_none_acb01dec22d82dc3\admparse.dll + 2009-06-30 21:16 . 2009-04-24 16:11 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6000.16851_none_ac16d7a109c6f7f5\admparse.dll + 2009-06-30 21:16 . 2009-04-24 13:33 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22121_none_04446854b8264f82\WininetPlugin.dll + 2009-06-30 21:16 . 2009-04-24 15:40 27648 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22121_none_04446854b8264f82\jsproxy.dll + 2009-06-30 21:16 . 2009-04-11 06:28 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18024_none_03bdcc679f05fbbd\WininetPlugin.dll + 2009-06-30 21:16 . 2009-04-11 06:28 27648 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18024_none_03bdcc679f05fbbd\jsproxy.dll + 2009-06-30 21:16 . 2009-04-24 16:00 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22418_none_026fc85ebaf18fce\WininetPlugin.dll + 2009-06-30 21:16 . 2009-04-24 15:58 28160 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22418_none_026fc85ebaf18fce\jsproxy.dll + 2008-10-15 07:04 . 2008-10-15 07:04 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18248_none_01c5b9e9a1ec46b0\WininetPlugin.dll + 2009-06-30 21:16 . 2009-04-24 16:02 28160 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18248_none_01c5b9e9a1ec46b0\jsproxy.dll + 2009-06-30 21:16 . 2009-04-24 16:01 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21046_none_0066ef9cbde5561d\WininetPlugin.dll + 2009-06-30 21:16 . 2009-04-24 15:55 27648 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21046_none_0066ef9cbde5561d\jsproxy.dll + 2009-06-30 21:16 . 2009-04-24 16:22 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16851_none_ffcda951a4d4204f\WininetPlugin.dll + 2009-06-30 21:16 . 2009-04-24 16:14 27648 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16851_none_ffcda951a4d4204f\jsproxy.dll + 2009-06-30 21:16 . 2009-04-24 16:00 44544 c:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.21046_none_ec446b482f7bb826\pngfilt.dll + 2009-06-30 21:16 . 2009-04-24 16:21 44544 c:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16851_none_ebab24fd166a8258\pngfilt.dll + 2009-07-01 01:07 . 2009-04-30 12:00 18944 c:\windows\winsxs\x86_microsoft-windows-ehome-ehtrace_31bf3856ad364e35_6.0.6000.21051_none_372af3e22ffed0a6\ehtrace.dll + 2009-06-29 18:30 . 2008-12-05 04:25 18944 c:\windows\winsxs\x86_microsoft-windows-ehome-ehtrace_31bf3856ad364e35_6.0.6000.20969_none_37284e242fff840d\ehtrace.dll + 2009-07-01 01:07 . 2009-04-30 12:42 18944 c:\windows\winsxs\x86_microsoft-windows-ehome-ehtrace_31bf3856ad364e35_6.0.6000.16856_none_36a6806716dc7c4d\ehtrace.dll + 2009-06-29 18:30 . 2008-12-05 04:29 18944 c:\windows\winsxs\x86_microsoft-windows-ehome-ehtrace_31bf3856ad364e35_6.0.6000.16784_none_36840e2916f6a04b\ehtrace.dll + 2009-07-01 01:07 . 2009-04-30 12:00 21504 c:\windows\winsxs\x86_microsoft-windows-ehome-ehdebug_31bf3856ad364e35_6.0.6000.21051_none_2e4be1e29e60eb10\ehdebug.dll + 2009-06-29 18:30 . 2008-12-05 04:25 21504 c:\windows\winsxs\x86_microsoft-windows-ehome-ehdebug_31bf3856ad364e35_6.0.6000.20969_none_2e493c249e619e77\ehdebug.dll + 2009-07-01 01:07 . 2009-04-30 12:41 21504 c:\windows\winsxs\x86_microsoft-windows-ehome-ehdebug_31bf3856ad364e35_6.0.6000.16856_none_2dc76e67853e96b7\ehdebug.dll + 2009-06-29 18:30 . 2008-12-05 04:29 21504 c:\windows\winsxs\x86_microsoft-windows-ehome-ehdebug_31bf3856ad364e35_6.0.6000.16784_none_2da4fc298558bab5\ehdebug.dll + 2009-06-30 21:17 . 2008-06-26 03:15 45056 c:\windows\winsxs\x86_microsoft-windows-dataclen_31bf3856ad364e35_6.0.6001.22211_none_f7260480ac9a8c27\dataclen.dll + 2009-06-30 21:17 . 2008-06-26 03:29 45056 c:\windows\winsxs\x86_microsoft-windows-dataclen_31bf3856ad364e35_6.0.6001.18098_none_f64ce87593b7801f\dataclen.dll + 2009-07-01 07:13 . 2008-05-27 05:18 38400 c:\windows\winsxs\x86_microsoft-windows-content-filter-rtf_31bf3856ad364e35_7.0.6001.16503_none_485964bf76e0570a\rtffilt.dll + 2009-07-01 07:13 . 2008-05-27 05:18 40448 c:\windows\winsxs\x86_microsoft-windows-content-filter-mime_31bf3856ad364e35_7.0.6001.16503_none_10a358dd3f57c0de\mimefilt.dll + 2009-07-01 07:13 . 2008-05-27 05:18 56320 c:\windows\winsxs\x86_microsoft-windows-content-filter-html_31bf3856ad364e35_7.0.6001.16503_none_13ff1de93d266b97\xmlfilter.dll + 2009-06-30 21:17 . 2008-06-06 03:25 38912 c:\windows\winsxs\x86_microsoft-windows-com-dtc-client_31bf3856ad364e35_6.0.6001.22197_none_4d223d3bd2ae154b\xolehlp.dll + 2009-06-30 21:17 . 2008-06-06 03:27 38912 c:\windows\winsxs\x86_microsoft-windows-com-dtc-client_31bf3856ad364e35_6.0.6001.18085_none_4ca16fc8b98a26e2\xolehlp.dll + 2009-06-30 21:17 . 2008-06-06 03:23 30208 c:\windows\winsxs\x86_microsoft-windows-com-dtc-client_31bf3856ad364e35_6.0.6000.20852_none_4b623eb9d56b930a\xolehlp.dll + 2009-06-30 21:17 . 2008-06-05 04:50 30208 c:\windows\winsxs\x86_microsoft-windows-com-dtc-client_31bf3856ad364e35_6.0.6000.16697_none_4ab261cabc69e490\xolehlp.dll + 2009-06-30 21:17 . 2009-03-21 03:14 13824 c:\windows\winsxs\x86_microsoft-windows-a..lity-infrastructure_31bf3856ad364e35_6.0.6001.22399_none_7b098a66fa8bd087\apilogen.dll + 2009-06-30 21:17 . 2009-03-21 03:14 40960 c:\windows\winsxs\x86_microsoft-windows-a..lity-infrastructure_31bf3856ad364e35_6.0.6001.22399_none_7b098a66fa8bd087\apihex86.dll + 2009-06-30 21:17 . 2009-03-21 03:14 24064 c:\windows\winsxs\x86_microsoft-windows-a..lity-infrastructure_31bf3856ad364e35_6.0.6001.22399_none_7b098a66fa8bd087\amxread.dll + 2009-06-30 21:17 . 2009-03-17 03:38 13824 c:\windows\winsxs\x86_microsoft-windows-a..lity-infrastructure_31bf3856ad364e35_6.0.6001.18230_none_7ab7ca89e145a508\apilogen.dll + 2009-06-30 21:17 . 2009-03-17 03:38 40960 c:\windows\winsxs\x86_microsoft-windows-a..lity-infrastructure_31bf3856ad364e35_6.0.6001.18230_none_7ab7ca89e145a508\apihex86.dll + 2009-06-30 21:17 . 2009-03-17 03:38 24064 c:\windows\winsxs\x86_microsoft-windows-a..lity-infrastructure_31bf3856ad364e35_6.0.6001.18230_none_7ab7ca89e145a508\amxread.dll + 2009-06-30 21:17 . 2009-03-17 03:19 14848 c:\windows\winsxs\x86_microsoft-windows-a..lity-infrastructure_31bf3856ad364e35_6.0.6000.21029_none_796ed356fd2caf41\apilogen.dll + 2009-06-30 21:17 . 2009-03-17 03:19 40960 c:\windows\winsxs\x86_microsoft-windows-a..lity-infrastructure_31bf3856ad364e35_6.0.6000.21029_none_796ed356fd2caf41\apihex86.dll + 2009-06-30 21:17 . 2009-03-17 03:19 25600 c:\windows\winsxs\x86_microsoft-windows-a..lity-infrastructure_31bf3856ad364e35_6.0.6000.21029_none_796ed356fd2caf41\amxread.dll + 2009-06-30 21:17 . 2009-03-17 03:16 14848 c:\windows\winsxs\x86_microsoft-windows-a..lity-infrastructure_31bf3856ad364e35_6.0.6000.16834_none_78d58d0be41b7973\apilogen.dll + 2009-06-30 21:17 . 2009-03-17 03:16 40960 c:\windows\winsxs\x86_microsoft-windows-a..lity-infrastructure_31bf3856ad364e35_6.0.6000.16834_none_78d58d0be41b7973\apihex86.dll + 2009-06-30 21:17 . 2009-03-17 03:16 25600 c:\windows\winsxs\x86_microsoft-windows-a..lity-infrastructure_31bf3856ad364e35_6.0.6000.16834_none_78d58d0be41b7973\amxread.dll + 2009-07-01 01:07 . 2009-04-30 12:09 77824 c:\windows\winsxs\msil_ehiextens_31bf3856ad364e35_6.0.6000.21051_none_fc39e70a22fc10d2\ehiExtens.dll + 2009-06-29 18:30 . 2008-12-05 04:30 77824 c:\windows\winsxs\msil_ehiextens_31bf3856ad364e35_6.0.6000.20969_none_fc37414c22fcc439\ehiExtens.dll + 2009-07-01 01:07 . 2009-04-30 12:55 77824 c:\windows\winsxs\msil_ehiextens_31bf3856ad364e35_6.0.6000.16856_none_fbb5738f09d9bc79\ehiExtens.dll + 2009-06-29 18:30 . 2008-12-05 04:30 77824 c:\windows\winsxs\msil_ehiextens_31bf3856ad364e35_6.0.6000.16784_none_fb93015109f3e077\ehiExtens.dll - 2008-10-22 15:33 . 2008-01-19 07:37 38912 c:\windows\System32\xolehlp.dll + 2009-06-30 21:17 . 2008-06-06 03:27 38912 c:\windows\System32\xolehlp.dll + 2009-07-01 07:13 . 2008-05-27 05:18 56320 c:\windows\System32\xmlfilter.dll + 2009-06-30 21:17 . 2008-05-08 21:59 90112 c:\windows\System32\wshext.dll - 2008-10-22 15:32 . 2008-01-19 07:37 90112 c:\windows\System32\wshext.dll + 2009-07-01 07:13 . 2008-05-27 05:18 29184 c:\windows\System32\wsepno.dll + 2007-08-16 09:58 . 2009-06-29 21:32 37732 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2006-11-02 13:05 . 2009-06-29 21:32 75508 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2009-07-01 07:13 . 2008-05-27 04:59 18904 c:\windows\System32\StructuredQuerySchemaTrivial.bin - 2008-10-22 15:32 . 2008-01-19 07:36 72704 c:\windows\System32\secur32.dll + 2009-06-30 21:17 . 2009-02-13 08:49 72704 c:\windows\System32\secur32.dll + 2009-07-01 07:13 . 2008-05-27 05:17 87552 c:\windows\System32\SearchFilterHost.exe + 2009-07-01 07:13 . 2008-05-27 05:18 38400 c:\windows\System32\rtffilt.dll + 2009-07-01 07:13 . 2008-05-27 05:18 71680 c:\windows\System32\propdefs.dll + 2009-06-30 21:17 . 2009-03-03 04:39 26112 c:\windows\System32\printfilterpipelineprxy.dll - 2008-10-22 15:31 . 2008-01-19 07:36 26112 c:\windows\System32\printfilterpipelineprxy.dll + 2009-07-01 07:13 . 2008-05-27 05:18 44032 c:\windows\System32\msstrc.dll + 2009-07-01 07:13 . 2008-05-27 05:17 32768 c:\windows\System32\mssprxy.dll + 2009-07-01 07:13 . 2008-05-27 05:17 87552 c:\windows\System32\mssitlb.dll + 2009-07-01 07:13 . 2008-05-27 05:17 11776 c:\windows\System32\msshooks.dll + 2009-07-01 07:13 . 2008-05-27 05:17 60416 c:\windows\System32\msscntrs.dll + 2009-07-01 07:13 . 2008-05-27 05:17 34816 c:\windows\System32\msscb.dll + 2009-07-01 07:13 . 2008-05-27 05:18 40448 c:\windows\System32\mimefilt.dll - 2003-09-04 19:14 . 2003-09-04 19:14 94208 c:\windows\System32\Macromed\Flash\GetFlash.exe + 2003-09-04 18:14 . 2003-09-04 18:14 94208 c:\windows\System32\Macromed\Flash\GetFlash.exe - 2009-02-10 18:57 . 2009-01-15 06:08 28160 c:\windows\System32\jsproxy.dll + 2009-06-30 21:16 . 2009-04-24 16:02 28160 c:\windows\System32\jsproxy.dll - 2008-10-22 15:32 . 2008-01-19 07:34 98304 c:\windows\System32\iasrecst.dll + 2009-06-30 21:17 . 2009-03-03 04:37 98304 c:\windows\System32\iasrecst.dll - 2008-10-22 15:32 . 2008-01-19 07:33 17408 c:\windows\System32\iashost.exe + 2009-06-30 21:17 . 2009-03-03 02:38 17408 c:\windows\System32\iashost.exe - 2008-10-22 15:32 . 2008-01-19 07:34 44032 c:\windows\System32\iasdatastore.dll + 2009-06-30 21:17 . 2009-03-03 04:37 44032 c:\windows\System32\iasdatastore.dll - 2008-10-22 15:31 . 2008-01-19 07:34 54784 c:\windows\System32\iasads.dll + 2009-06-30 21:17 . 2009-03-03 04:37 54784 c:\windows\System32\iasads.dll - 2006-11-02 12:34 . 2006-11-02 12:34 45056 c:\windows\System32\dataclen.dll + 2009-06-30 21:17 . 2008-06-26 03:29 45056 c:\windows\System32\dataclen.dll - 2008-10-13 00:00 . 2009-06-29 17:27 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-10-13 00:00 . 2009-07-01 17:43 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-09-17 19:29 . 2008-09-17 19:29 20040 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\IdentityCRL\production\ppcrlconfig.dll + 2009-07-01 01:28 . 2009-07-01 01:28 20480 c:\windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\6baea4fe-123b3d9f-n\jogl_awt.dll + 2009-07-01 01:28 . 2009-07-01 01:28 20480 c:\windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\4f710eed-320f6a63-n\gluegen-rt.dll + 2009-07-01 01:28 . 2009-07-01 01:28 61440 c:\windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\58fb3e0f-1e76e212-n\decora-sse.dll + 2009-07-01 01:28 . 2009-07-01 01:28 12800 c:\windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\58fb3e0f-1e76e212-n\decora-d3d.dll + 2008-10-13 00:00 . 2009-07-01 17:43 81920 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-10-13 00:00 . 2009-06-29 17:27 81920 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-10-13 00:00 . 2009-06-29 17:27 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-10-13 00:00 . 2009-07-01 17:43 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-06-30 21:17 . 2008-08-02 03:26 36864 c:\windows\System32\cdd.dll - 2008-10-22 15:30 . 2008-01-19 07:26 36864 c:\windows\System32\cdd.dll - 2008-10-22 15:30 . 2008-01-19 07:33 13824 c:\windows\System32\apilogen.dll + 2009-06-30 21:17 . 2009-03-17 03:38 13824 c:\windows\System32\apilogen.dll - 2008-10-22 15:30 . 2008-01-19 07:33 24064 c:\windows\System32\amxread.dll + 2009-06-30 21:17 . 2009-03-17 03:38 24064 c:\windows\System32\amxread.dll - 2007-08-16 10:55 . 2008-12-11 08:10 35088 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe + 2007-08-16 10:55 . 2009-07-01 07:15 35088 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe - 2007-08-16 10:55 . 2008-12-11 08:10 18704 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe + 2007-08-16 10:55 . 2009-07-01 07:15 18704 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe - 2007-08-16 10:55 . 2008-12-11 08:10 20240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe + 2007-08-16 10:55 . 2009-07-01 07:15 20240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe + 2008-10-23 23:48 . 2009-07-01 07:12 35088 c:\windows\Installer\{91120000-0019-0000-0000-0000000FF1CE}\oisicon.exe - 2008-10-23 23:48 . 2008-12-11 08:03 35088 c:\windows\Installer\{91120000-0019-0000-0000-0000000FF1CE}\oisicon.exe + 2008-10-23 23:48 . 2009-07-01 07:12 18704 c:\windows\Installer\{91120000-0019-0000-0000-0000000FF1CE}\mspicons.exe - 2008-10-23 23:48 . 2008-12-11 08:03 18704 c:\windows\Installer\{91120000-0019-0000-0000-0000000FF1CE}\mspicons.exe - 2008-10-23 23:48 . 2008-12-11 08:03 20240 c:\windows\Installer\{91120000-0019-0000-0000-0000000FF1CE}\cagicon.exe + 2008-10-23 23:48 . 2009-07-01 07:12 20240 c:\windows\Installer\{91120000-0019-0000-0000-0000000FF1CE}\cagicon.exe - 2007-08-16 10:51 . 2008-12-11 08:04 17534 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\gtngstrtd.exe + 2007-08-16 10:51 . 2009-07-01 07:11 17534 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\gtngstrtd.exe - 2007-08-16 10:51 . 2008-12-11 08:04 65536 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_B8B1511D9331_467C_9B1B_E8204012E95B.exe + 2007-08-16 10:51 . 2009-07-01 07:11 65536 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_B8B1511D9331_467C_9B1B_E8204012E95B.exe - 2007-08-16 10:51 . 2008-12-11 08:04 65536 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_630CEEA9B210_4765_A2B1_FC24596048D7.exe + 2007-08-16 10:51 . 2009-07-01 07:11 65536 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_630CEEA9B210_4765_A2B1_FC24596048D7.exe + 2007-08-16 10:51 . 2009-07-01 07:11 65536 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_4E403E143BE9_4CD1_B8DF_8012EBBE9E82.exe - 2007-08-16 10:51 . 2008-12-11 08:04 65536 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_4E403E143BE9_4CD1_B8DF_8012EBBE9E82.exe + 2006-10-27 04:13 . 2006-10-27 04:13 72472 c:\windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\XL12CNVP.DLL - 2008-10-24 01:24 . 2008-08-06 03:27 18944 c:\windows\ehome\ehtrace.dll + 2009-07-01 01:07 . 2009-04-30 12:42 18944 c:\windows\ehome\ehtrace.dll + 2009-07-01 07:32 . 2009-07-01 07:32 86016 c:\windows\assembly\NativeImages_v2.0.50727_32\loadmxf\9694f5f714e9559dbc08d726b01c8cd1\loadmxf.ni.exe + 2009-07-01 07:32 . 2009-07-01 07:32 44544 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtCOM\d48c3d66463a5cb2ed79b310c6e2108f\ehExtCOM.ni.dll + 2009-06-30 07:06 . 2009-06-30 07:06 44544 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtCOM\a02d78dcbbf544263a04749e55c5fdab\ehExtCOM.ni.dll - 2008-10-22 15:30 . 2008-01-19 07:33 40960 c:\windows\AppPatch\apihex86.dll + 2009-06-30 21:17 . 2009-03-17 03:38 40960 c:\windows\AppPatch\apihex86.dll + 2009-06-30 21:17 . 2008-12-16 04:31 7680 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22331_none_0bd3f43c684ec0d7\spwmp.dll + 2009-06-30 21:17 . 2008-12-16 04:32 4096 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22331_none_0bd3f43c684ec0d7\dxmasf.dll + 2009-06-30 21:17 . 2008-12-16 05:31 7680 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18185_none_0b1847174f5614f7\spwmp.dll + 2009-06-30 21:17 . 2008-12-16 05:31 4096 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18185_none_0b1847174f5614f7\dxmasf.dll + 2009-06-30 21:17 . 2008-12-16 05:36 7680 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.20976_none_09c777586b441e5d\spwmp.dll + 2009-06-30 21:17 . 2008-12-16 05:37 4096 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.20976_none_09c777586b441e5d\dxmasf.dll + 2009-06-30 21:17 . 2008-12-16 05:53 7680 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16789_none_09360999522be962\spwmp.dll + 2009-06-30 21:17 . 2008-12-16 05:53 4096 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16789_none_09360999522be962\dxmasf.dll + 2009-06-30 21:17 . 2009-02-13 08:20 9728 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe + 2008-10-22 15:31 . 2008-01-19 07:33 9728 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe + 2009-06-30 21:17 . 2009-02-13 04:58 7680 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe + 2009-06-30 21:17 . 2009-02-13 07:26 7680 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe + 2009-07-01 01:07 . 2009-04-30 12:17 6656 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.22423_none_34a0ebecf3254d51\McrMgr.dll + 2009-06-29 18:30 . 2008-12-05 04:34 6656 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.22322_none_349fe9bcf32636d3\McrMgr.dll + 2008-10-22 15:29 . 2008-01-19 07:34 6656 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.18254_none_33f7ddc1da1f1d8a\McrMgr.dll + 2008-10-22 15:29 . 2008-01-19 07:34 6656 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.18177_none_33e53ce1da2ca44a\McrMgr.dll + 2009-07-01 01:07 . 2009-04-30 12:02 6656 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.21051_none_3298132af61913a0\McrMgr.dll + 2009-06-29 18:30 . 2008-12-05 04:26 6656 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.20969_none_32956d6cf619c707\McrMgr.dll + 2009-07-01 01:07 . 2009-04-30 12:44 6656 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.16856_none_32139fafdcf6bf47\McrMgr.dll + 2009-06-29 18:30 . 2008-12-05 04:29 6656 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.16784_none_31f12d71dd10e345\McrMgr.dll + 2008-10-13 00:05 . 2009-06-29 21:32 8222 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-288317228-4290653756-3962459541-1000_UserData.bin + 2009-06-30 21:17 . 2008-12-16 05:31 7680 c:\windows\System32\spwmp.dll - 2008-10-22 15:29 . 2008-01-19 07:36 7680 c:\windows\System32\spwmp.dll + 2009-06-30 21:17 . 2008-12-16 05:31 4096 c:\windows\System32\dxmasf.dll - 2008-10-22 15:28 . 2008-01-19 07:36 4096 c:\windows\System32\dxmasf.dll + 2009-07-01 07:27 . 2009-07-01 07:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2009-06-29 17:56 . 2009-06-29 17:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2009-07-01 07:27 . 2009-07-01 07:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-06-29 17:56 . 2009-06-29 17:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2007-08-16 10:51 . 2009-07-01 07:11 4710 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\WSBico.exe - 2007-08-16 10:51 . 2008-12-11 08:04 4710 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\WSBico.exe + 2007-08-16 10:51 . 2009-07-01 07:11 4710 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\Win2Kico.exe - 2007-08-16 10:51 . 2008-12-11 08:04 4710 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\Win2Kico.exe + 2009-07-01 07:13 . 2008-05-27 05:18 184832 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6001.16503_none_3b8c27e8ba3dd3 dd\SearchProtocolHost.exe + 2009-07-01 07:13 . 2008-05-27 05:18 439808 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6001.16503_none_3b8c27e8ba3dd3 dd\SearchIndexer.exe + 2009-07-01 07:13 . 2008-05-27 05:18 670208 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6001.16503_none_3b8c27e8ba3dd3 dd\mssvp.dll + 2009-07-01 07:13 . 2008-05-27 05:18 203776 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6001.16503_none_3b8c27e8ba3dd3 dd\mssphtb.dll + 2009-07-01 07:13 . 2008-05-27 05:18 350208 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6001.16503_none_3b8c27e8ba3dd3 dd\mssph.dll + 2009-07-01 07:13 . 2008-05-27 04:59 106605 c:\windows\winsxs\x86_windowssearchengine..uredqueryschema.bin_31bf3856ad364e35_7.0.6001.1650 3_none_88f88929e3c77aa3\StructuredQuerySchema.bin + 2009-07-01 07:13 . 2008-05-27 05:18 231936 c:\windows\winsxs\x86_windowssearchengine-structuredquery_31bf3856ad364e35_7.0.6001.16503_none_98586419f9103903\msshsq.dll + 2009-06-30 21:17 . 2008-12-06 04:26 376832 c:\windows\winsxs\x86_microsoft.windows.winhttp_31bf3856ad364e35_5.1.6001.22323_none_2544fb0b db4e81f9\winhttp.dll + 2009-06-30 21:17 . 2008-12-06 04:42 376832 c:\windows\winsxs\x86_microsoft.windows.winhttp_31bf3856ad364e35_5.1.6001.18178_none_248a4e30 c254ef70\winhttp.dll + 2009-06-30 21:17 . 2008-12-08 04:19 377344 c:\windows\winsxs\x86_microsoft.windows.winhttp_31bf3856ad364e35_5.1.6000.20971_none_2326ac35 de524a0f\winhttp.dll + 2009-06-30 21:17 . 2008-12-08 04:34 376832 c:\windows\winsxs\x86_microsoft.windows.winhttp_31bf3856ad364e35_5.1.6000.16786_none_22973f0a c53847c2\winhttp.dll + 2009-06-30 21:17 . 2009-03-03 02:03 247296 c:\windows\winsxs\x86_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.0.6001.22389_none_109ee25ca4bb6776\WmiPrvSE.exe + 2009-06-30 21:17 . 2009-03-03 04:33 499200 c:\windows\winsxs\x86_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.0.6001.22389_none_109ee25ca4bb6776\WmiPrvSD.dll + 2009-06-30 21:17 . 2009-03-03 04:33 129024 c:\windows\winsxs\x86_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.0.6001.22389_none_109ee25ca4bb6776\WmiDcPrv.dll + 2009-06-30 21:17 . 2009-03-03 02:16 247296 c:\windows\winsxs\x86_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.0.6001.18226_none_1053243b8b6fd401\WmiPrvSE.exe + 2009-06-30 21:17 . 2009-03-03 04:40 499200 c:\windows\winsxs\x86_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.0.6001.18226_none_1053243b8b6fd401\WmiPrvSD.dll + 2009-06-30 21:17 . 2009-03-03 04:40 129024 c:\windows\winsxs\x86_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.0.6001.18226_none_1053243b8b6fd401\WmiDcPrv.dll + 2009-06-30 21:17 . 2009-03-03 01:57 247296 c:\windows\winsxs\x86_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.0.6000.21023_none_0ef359a4a769ca17\WmiPrvSE.exe + 2009-06-30 21:17 . 2009-03-03 04:18 501760 c:\windows\winsxs\x86_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.0.6000.21023_none_0ef359a4a769ca17\WmiPrvSD.dll + 2009-06-30 21:17 . 2009-03-03 04:18 130560 c:\windows\winsxs\x86_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.0.6000.21023_none_0ef359a4a769ca17\WmiDcPrv.dll + 2009-06-30 21:17 . 2009-03-03 01:59 247296 c:\windows\winsxs\x86_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.0.6000.16830_none_0e5c13ed8e56c6f7\WmiPrvSE.exe + 2009-06-30 21:17 . 2009-03-03 04:20 501760 c:\windows\winsxs\x86_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.0.6000.16830_none_0e5c13ed8e56c6f7\WmiPrvSD.dll + 2009-06-30 21:17 . 2009-03-03 04:20 130560 c:\windows\winsxs\x86_microsoft-windows-wmi-core-providerhost_31bf3856ad364e35_6.0.6000.16830_none_0e5c13ed8e56c6f7\WmiDcPrv.dll + 2009-06-30 21:17 . 2009-03-03 04:28 615424 c:\windows\winsxs\x86_microsoft-windows-wmi-core-fastprox-dll_31bf3856ad364e35_6.0.6001.22389_none_fb85772b93130197\fastprox.dll + 2009-06-30 21:17 . 2009-03-03 04:36 615424 c:\windows\winsxs\x86_microsoft-windows-wmi-core-fastprox-dll_31bf3856ad364e35_6.0.6001.18226_none_fb39b90a79c76e22\fastprox.dll + 2009-06-30 21:17 . 2009-03-03 04:14 614912 c:\windows\winsxs\x86_microsoft-windows-wmi-core-fastprox-dll_31bf3856ad364e35_6.0.6000.21023_none_f9d9ee7395c16438\fastprox.dll + 2009-06-30 21:17 . 2009-03-03 04:16 614912 c:\windows\winsxs\x86_microsoft-windows-wmi-core-fastprox-dll_31bf3856ad364e35_6.0.6000.16830_none_f942a8bc7cae6118\fastprox.dll + 2009-07-01 07:13 . 2008-05-27 05:17 143872 c:\windows\winsxs\x86_microsoft-windows-w..eakerstemmer-korean_31bf3856ad364e35_7.0.6001.16503_none_14072d09797cf93d\korwbrkr.dll + 2009-07-01 07:13 . 2008-05-27 05:17 313344 c:\windows\winsxs\x86_microsoft-windows-w..breakerstemmer-thai_31bf3856ad364e35_7.0.6001.16503_none_d40428cfc6b6fdf9\thawbrkr.dll + 2009-07-01 01:07 . 2009-04-30 12:19 293376 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6001.22423_none_dc743bad703abfa3\psisdecd.dll + 2009-06-29 18:30 . 2008-12-05 04:34 293376 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6001.22322_none_dc73397d703ba925\psisdecd.dll + 2009-07-01 01:07 . 2009-04-30 12:37 293376 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6001.18254_none_dbcb2d8257348fdc\psisdecd.dll + 2009-06-29 18:30 . 2008-12-05 04:32 293376 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6001.18177_none_dbb88ca25742169c\psisdecd.dll + 2009-07-01 01:07 . 2009-04-30 12:06 292352 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6000.21051_none_da6b62eb732e85f2\psisdecd.dll + 2009-06-29 18:30 . 2008-12-05 04:28 292352 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6000.20969_none_da68bd2d732f3959\psisdecd.dll + 2009-07-01 01:07 . 2009-04-30 12:52 292352 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6000.16856_none_d9e6ef705a0c3199\psisdecd.dll + 2009-06-29 18:30 . 2008-12-05 04:29 292352 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6000.16784_none_d9c47d325a265597\psisdecd.dll + 2009-07-01 01:07 . 2009-04-30 12:19 428544 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6001.22423_none_e0ef19f3a791bbf8\EncDec.dll + 2009-06-29 18:30 . 2008-12-05 04:34 428544 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6001.22322_none_e0ee17c3a792a57a\EncDec.dll + 2009-07-01 01:07 . 2009-04-30 12:37 428544 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6001.18254_none_e0460bc88e8b8c31\EncDec.dll + 2009-06-29 18:30 . 2008-12-05 04:32 428544 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6001.18177_none_e0336ae88e9912f1\EncDec.dll + 2009-07-01 01:07 . 2009-04-30 12:00 428032 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6000.21051_none_dee64131aa858247\EncDec.dll + 2009-06-29 18:30 . 2008-12-05 04:25 428032 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6000.20969_none_dee39b73aa8635ae\EncDec.dll + 2009-07-01 01:07 . 2009-04-30 12:42 428032 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6000.16856_none_de61cdb691632dee\EncDec.dll + 2009-06-29 18:30 . 2008-12-05 04:29 428032 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6000.16784_none_de3f5b78917d51ec\EncDec.dll + 2009-06-30 21:18 . 2008-04-26 08:08 891448 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys + 2009-06-30 21:18 . 2008-04-26 08:26 891448 c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys + 2009-06-30 21:17 . 2008-05-08 02:47 211968 c:\windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.22175_none_88e77a5264c08f99\mrxsmb10.sys + 2009-06-30 21:17 . 2008-05-08 19:21 211968 c:\windows\winsxs\x86_microsoft-windows-smb10-minirdr_31bf3856ad364e35_6.0.6001.18068_none_886bae514b981fe3\mrxsmb10.sys + 2009-06-30 21:17 . 2008-12-02 04:36 268288 c:\windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.0.6001.22320_none_228a4bcd6e70a8bb\schannel.dll + 2009-06-30 21:17 . 2008-11-27 04:43 268288 c:\windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.0.6001.18175_none_21cf9ef255771632\schannel.dll + 2009-06-30 21:17 . 2008-12-02 04:25 269824 c:\windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.0.6000.20967_none_207fcf7d716438ef\schannel.dll + 2009-06-30 21:17 . 2008-11-27 04:42 269824 c:\windows\winsxs\x86_microsoft-windows-security-schannel_31bf3856ad364e35_6.0.6000.16782_none_1fdb8f82585b552d\schannel.dll + 2009-06-30 21:17 . 2008-05-08 03:12 155648 c:\windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.22175_none_48ab41df19abd38f\wscript.exe + 2009-06-30 21:17 . 2008-05-08 05:21 172032 c:\windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.22175_none_48ab41df19abd38f\scrrun.dll + 2009-06-30 21:17 . 2008-05-08 05:21 180224 c:\windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.22175_none_48ab41df19abd38f\scrobj.dll + 2009-06-30 21:17 . 2008-05-08 03:12 135168 c:\windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.22175_none_48ab41df19abd38f\cscript.exe + 2009-06-30 21:17 . 2008-05-08 21:59 155648 c:\windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.18068_none_482f75de008363d9\wscript.exe + 2009-06-30 21:17 . 2008-05-08 21:59 172032 c:\windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.18068_none_482f75de008363d9\scrrun.dll + 2009-06-30 21:17 . 2008-05-08 21:59 180224 c:\windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.18068_none_482f75de008363d9\scrobj.dll + 2009-06-30 21:17 . 2008-05-08 21:58 135168 c:\windows\winsxs\x86_microsoft-windows-scripting_31bf3856ad364e35_6.0.6001.18068_none_482f75de008363d9\cscript.exe + 2009-06-30 21:17 . 2008-05-08 05:22 430080 c:\windows\winsxs\x86_microsoft-windows-scripting-vbscript_31bf3856ad364e35_6.0.6001.22175_none_489cf2184738e55d\vbscript.dll + 2009-06-30 21:17 . 2008-05-08 21:59 430080 c:\windows\winsxs\x86_microsoft-windows-scripting-vbscript_31bf3856ad364e35_6.0.6001.18068_none_482126172e1075a7\vbscript.dll + 2009-06-30 21:17 . 2008-05-08 05:18 512000 c:\windows\winsxs\x86_microsoft-windows-scripting-jscript_31bf3856ad364e35_6.0.6001.22175_none_8322d76010763921\jscript.dll + 2009-06-30 21:17 . 2008-05-08 21:59 512000 c:\windows\winsxs\x86_microsoft-windows-scripting-jscript_31bf3856ad364e35_6.0.6001.18068_none_82a70b5ef74dc96b\jscript.dll + 2009-06-30 21:18 . 2009-04-23 12:24 784896 c:\windows\winsxs\x86_microsoft-windows-rpc-local_31bf3856ad364e35_6.0.6002.22120_none_b65513a45b6873a4\rpcrt4.dll + 2009-06-30 21:18 . 2009-04-23 12:15 784896 c:\windows\winsxs\x86_microsoft-windows-rpc-local_31bf3856ad364e35_6.0.6002.18024_none_b5cf780142473936\rpcrt4.dll + 2009-06-30 21:18 . 2009-04-23 12:39 784896 c:\windows\winsxs\x86_microsoft-windows-rpc-local_31bf3856ad364e35_6.0.6001.22417_none_b48073ae5e33b3f0\rpcrt4.dll + 2009-06-30 21:18 . 2008-04-12 03:16 784896 c:\windows\winsxs\x86_microsoft-windows-rpc-local_31bf3856ad364e35_6.0.6001.22156_none_b4542e025e5512e8\rpcrt4.dll + 2009-06-30 21:18 . 2009-04-23 12:43 784896 c:\windows\winsxs\x86_microsoft-windows-rpc-local_31bf3856ad364e35_6.0.6001.18247_none_b3d66539452e6ad2\rpcrt4.dll + 2009-06-30 21:18 . 2008-04-12 03:32 784896 c:\windows\winsxs\x86_microsoft-windows-rpc-local_31bf3856ad364e35_6.0.6001.18051_none_b3c58fc5453bf46b\rpcrt4.dll + 2009-06-30 21:18 . 2009-04-23 12:33 788992 c:\windows\winsxs\x86_microsoft-windows-rpc-local_31bf3856ad364e35_6.0.6000.21045_none_b2779aec61277a3f\rpcrt4.dll + 2009-06-30 21:18 . 2009-04-23 13:01 788992 c:\windows\winsxs\x86_microsoft-windows-rpc-local_31bf3856ad364e35_6.0.6000.16850_none_b1de54a148164471\rpcrt4.dll + 2009-07-01 07:13 . 2008-05-27 05:17 754176 c:\windows\winsxs\x86_microsoft-windows-propsys_31bf3856ad364e35_7.0.6001.16503_none_f3d11aeeb9526bbb\propsys.dll + 2009-06-30 21:17 . 2009-04-23 12:22 623616 c:\windows\winsxs\x86_microsoft-windows-p..ooler-core-localspl_31bf3856ad364e35_6.0.6002.22120_none_3275d288a9023d20\localspl.dll + 2009-06-30 21:17 . 2009-04-23 12:14 623616 c:\windows\winsxs\x86_microsoft-windows-p..ooler-core-localspl_31bf3856ad364e35_6.0.6002.18024_none_31f036e58fe102b2\localspl.dll + 2009-06-30 21:17 . 2009-04-23 12:39 636928 c:\windows\winsxs\x86_microsoft-windows-p..ooler-core-localspl_31bf3856ad364e35_6.0.6001.22417_none_30a13292abcd7d6c\localspl.dll + 2009-06-30 21:17 . 2009-04-23 12:42 636928 c:\windows\winsxs\x86_microsoft-windows-p..ooler-core-localspl_31bf3856ad364e35_6.0.6001.18247_none_2ff7241d92c8344e\localspl.dll + 2009-06-30 21:17 . 2009-04-23 12:29 697856 c:\windows\winsxs\x86_microsoft-windows-p..ooler-core-localspl_31bf3856ad364e35_6.0.6000.21045_none_2e9859d0aec143bb\localspl.dll + 2009-06-30 21:17 . 2009-04-23 12:56 696832 c:\windows\winsxs\x86_microsoft-windows-p..ooler-core-localspl_31bf3856ad364e35_6.0.6000.16850_none_2dff138595b00ded\localspl.dll + 2009-06-30 21:17 . 2009-03-03 02:49 666624 c:\windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6001.22389_none_2be9bd5af4bd3b16\printfilterpipelinesvc.exe + 2009-06-30 21:17 . 2009-03-03 03:04 666624 c:\windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6001.18226_none_2b9dff39db71a7a1\printfilterpipelinesvc.exe + 2009-06-30 21:17 . 2009-03-03 02:37 659456 c:\windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6000.21023_none_2a3e34a2f76b9db7\printfilterpipelinesvc.exe + 2009-06-30 21:17 . 2009-03-03 02:40 654336 c:\windows\winsxs\x86_microsoft-windows-p..oler-filterpipeline_31bf3856ad364e35_6.0.6000.16830_none_29a6eeebde589a97\printfilterpipelinesvc.exe + 2009-06-30 21:18 . 2008-05-28 03:19 438272 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22188_none_cd5f8fa443e22213\IKEEXT.DLL + 2009-06-30 21:18 . 2008-05-28 03:19 595456 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22188_none_cd5f8fa443e22213\FWPUCLNT.DLL + 2009-06-30 21:18 . 2008-05-28 03:28 101432 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22188_none_cd5f8fa443e22213\FWPKCLNT.SYS + 2009-06-30 21:18 . 2008-05-28 03:17 328704 c:\windows\winsxs\x86_microsoft-windows-network-security_31bf3856ad364e35_6.0.6001.22188_none_cd5f8fa443e22213\BFE.DLL + 2009-06-30 21:18 . 2008-05-28 03:27 223288 c:\windows\winsxs\x86_microsoft-windows-netio-infrastructure_31bf3856ad364e35_6.0.6001.22188_none_56d68c90cea4d169\netio.sys + 2009-06-30 21:17 . 2008-05-20 02:00 148480 c:\windows\winsxs\x86_microsoft-windows-native-80211_31bf3856ad364e35_6.0.6001.22183_none_4f3ec759a84e5197\nwifi.sys + 2009-06-30 21:17 . 2008-05-20 02:07 148480 c:\windows\winsxs\x86_microsoft-windows-native-80211_31bf3856ad364e35_6.0.6001.18075_none_4ec1fb0e8f26c88a\nwifi.sys + 2009-06-30 21:17 . 2009-03-03 04:32 324608 c:\windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6001.22389_none_d16ab47d4f561502\sdohlp.dll + 2009-06-30 21:17 . 2009-03-03 04:28 119296 c:\windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6001.22389_none_d16ab47d4f561502\iasrecst.dll + 2009-06-30 21:17 . 2009-03-03 04:39 183296 c:\windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6001.18226_none_d11ef65c360a818d\sdohlp.dll + 2009-06-30 21:17 . 2009-03-03 04:17 158720 c:\windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6000.21023_none_cfbf2bc5520477a3\sdohlp.dll + 2009-06-30 21:17 . 2009-03-03 04:19 158720 c:\windows\winsxs\x86_microsoft-windows-n..n_service_datastore_31bf3856ad364e35_6.0.6000.16830_none_cf27e60e38f17483\sdohlp.dll + 2009-06-30 21:17 . 2008-12-16 02:38 107520 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22331_none_0bd3f43c684ec0d7\wmpshare.exe + 2009-06-30 21:17 . 2008-12-16 02:38 168960 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22331_none_0bd3f43c684ec0d7\wmplayer.exe + 2009-06-30 21:17 . 2008-12-16 02:38 107520 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22331_none_0bd3f43c684ec0d7\wmpconfig.exe + 2009-06-30 21:17 . 2008-12-16 05:31 107520 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18185_none_0b1847174f5614f7\wmpshare.exe + 2009-06-30 21:17 . 2008-12-16 05:31 168960 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18185_none_0b1847174f5614f7\wmplayer.exe + 2009-06-30 21:17 . 2008-12-16 05:31 107520 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18185_none_0b1847174f5614f7\wmpconfig.exe + 2009-06-30 21:17 . 2008-12-16 03:49 107520 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.20976_none_09c777586b441e5d\wmpshare.exe + 2009-06-30 21:17 . 2008-12-16 03:49 168960 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.20976_none_09c777586b441e5d\wmplayer.exe + 2009-06-30 21:17 . 2008-12-16 03:49 107520 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.20976_none_09c777586b441e5d\wmpconfig.exe + 2009-06-30 21:17 . 2008-12-16 05:53 107520 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16789_none_09360999522be962\wmpshare.exe + 2009-06-30 21:17 . 2008-12-16 05:53 168960 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16789_none_09360999522be962\wmplayer.exe + 2009-06-30 21:17 . 2008-12-16 05:53 107520 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16789_none_09360999522be962\wmpconfig.exe + 2009-06-30 21:17 . 2009-01-30 00:29 441400 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\ksecdd.sys + 2008-10-22 15:33 . 2008-01-19 07:43 441400 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\ksecdd.sys + 2006-11-02 08:43 . 2006-11-02 09:51 407144 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\ksecdd.sys + 2006-11-02 08:43 . 2006-11-02 09:51 407144 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\ksecdd.sys + 2009-06-30 21:17 . 2008-08-02 00:59 625152 c:\windows\winsxs\x86_microsoft-windows-lddmcore_31bf3856ad364e35_6.0.6001.22235_none_ac36c8fdfcbe34f3\dxgkrnl.sys + 2009-06-30 21:17 . 2008-08-02 01:01 625152 c:\windows\winsxs\x86_microsoft-windows-lddmcore_31bf3856ad364e35_6.0.6001.18114_none_abc1cbc0e39143f0\dxgkrnl.sys + 2009-06-30 21:17 . 2009-02-13 08:21 890880 c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll + 2009-06-30 21:17 . 2009-02-13 08:49 888832 c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll + 2009-06-30 21:17 . 2009-02-13 07:13 875520 c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll + 2009-06-30 21:17 . 2009-02-13 07:26 875520 c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll + 2009-06-30 21:16 . 2009-04-24 13:42 301568 c:\windows\winsxs\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.21046_none_0bc20a59f02f616a\ieuser.exe + 2009-06-30 21:16 . 2009-04-24 13:53 301568 c:\windows\winsxs\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.16851_none_0b28c40ed71e2b9c\ieuser.exe + 2009-06-30 21:16 . 2009-04-24 13:42 263168 c:\windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.21046_none_e719d53dadb4a1b8\ieinstal.exe + 2009-06-30 21:16 . 2009-04-24 13:53 263168 c:\windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.16851_none_e6808ef294a36bea\ieinstal.exe + 2009-06-30 21:16 . 2009-04-24 15:57 180736 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.22418_none_65294180c73d8731\ieui.dll + 2008-10-15 07:04 . 2008-10-15 07:04 180736 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.18248_none_647f330bae383e13\ieui.dll + 2009-06-30 21:16 . 2009-04-24 15:54 180736 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.21046_none_632068beca314d80\ieui.dll + 2009-06-30 21:16 . 2009-04-24 16:14 180736 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16851_none_62872273b12017b2\ieui.dll + 2009-06-30 21:16 . 2009-04-24 16:00 129536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.22418_none_482a7f3aa5a2ae2b\sqmapi.dll + 2009-06-30 21:16 . 2009-04-24 15:57 270848 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.22418_none_482a7f3aa5a2ae2b\iertutil.dll + 2008-10-15 07:04 . 2008-10-15 07:04 129536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.18248_none_478070c58c9d650d\sqmapi.dll + 2009-06-30 21:16 . 2009-04-24 16:02 270848 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.18248_none_478070c58c9d650d\iertutil.dll + 2009-06-30 21:16 . 2009-04-24 16:00 134144 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.21046_none_4621a678a896747a\sqmapi.dll + 2009-06-30 21:16 . 2009-04-24 15:54 268288 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.21046_none_4621a678a896747a\iertutil.dll + 2009-06-30 21:16 . 2009-04-24 16:21 134144 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.16851_none_4588602d8f853eac\sqmapi.dll + 2009-06-30 21:16 . 2009-04-24 16:14 268288 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.16851_none_4588602d8f853eac\iertutil.dll + 2009-06-30 21:16 . 2009-04-24 15:59 102912 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6001.22418_none_37ad3d0d2d419399\occache.dll + 2009-06-30 21:16 . 2009-04-24 16:04 102912 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6001.18248_none_37032e98143c4a7b\occache.dll + 2009-06-30 21:16 . 2009-04-24 16:00 102912 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6000.21046_none_35a4644b303559e8\occache.dll + 2009-06-30 21:16 . 2009-04-24 16:20 102912 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6000.16851_none_350b1e001724241a\occache.dll + 2009-06-30 21:16 . 2009-04-24 16:01 634648 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22418_none_2fe8d4ea331cfeb1\iexplore.exe + 2009-06-30 21:16 . 2009-04-24 16:08 634632 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18248_none_2f3ec6751a17b593\iexplore.exe + 2009-06-30 21:16 . 2009-04-24 16:03 634648 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21046_none_2ddffc283610c500\iexplore.exe + 2009-06-30 21:16 . 2009-04-24 16:25 634648 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16851_none_2d46b5dd1cff8f32\iexplore.exe + 2009-06-30 21:16 . 2009-04-24 15:57 477696 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.21046_none_46a6e5865f77092b\mshtmled.dll + 2009-06-30 21:16 . 2009-04-24 16:17 477696 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.16851_none_460d9f3b4665d35d\mshtmled.dll + 2009-06-30 21:16 . 2009-04-24 15:58 458240 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6001.22418_none_606d5f2d5394e286\msfeeds.dll + 2009-06-30 21:16 . 2009-04-24 16:03 458240 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6001.18248_none_5fc350b83a8f9968\msfeeds.dll + 2009-06-30 21:16 . 2009-04-24 15:57 459264 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6000.21046_none_5e64866b5688a8d5\msfeeds.dll + 2009-06-30 21:16 . 2009-04-24 16:16 459264 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6000.16851_none_5dcb40203d777307\msfeeds.dll + 2009-06-30 21:16 . 2009-04-24 15:53 214528 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.21046_none_96444b2e9db6569e\dxtrans.dll + 2009-06-30 21:16 . 2009-04-24 15:53 347136 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.21046_none_96444b2e9db6569e\dxtmsft.dll + 2009-06-30 21:16 . 2009-04-24 16:13 214528 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16851_none_95ab04e384a520d0\dxtrans.dll + 2009-06-30 21:16 . 2009-04-24 16:13 347136 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16851_none_95ab04e384a520d0\dxtmsft.dll + 2009-06-30 21:16 . 2009-04-24 15:54 380928 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.21046_none_fa10127687d0d070\ieapfltr.dll + 2009-06-30 21:16 . 2009-04-24 16:14 383488 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16851_none_f976cc2b6ebf9aa2\ieapfltr.dll + 2009-06-30 21:16 . 2009-04-24 15:57 161792 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.22418_none_aeb8f6ae1fe46774\ieakui.dll + 2009-06-30 21:16 . 2009-04-24 15:57 230400 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.22418_none_aeb8f6ae1fe46774\ieaksie.dll + 2006-11-02 07:27 . 2006-11-02 09:39 161792 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.18248_none_ae0ee83906df1e56\ieakui.dll + 2009-06-30 21:16 . 2009-04-24 16:02 230400 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.18248_none_ae0ee83906df1e56\ieaksie.dll + 2009-06-30 21:16 . 2009-04-24 15:54 161792 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6000.21046_none_acb01dec22d82dc3\ieakui.dll + 2009-06-30 21:16 . 2009-04-24 15:54 230400 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6000.21046_none_acb01dec22d82dc3\ieaksie.dll + 2009-06-30 21:16 . 2009-04-24 16:14 161792 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6000.16851_none_ac16d7a109c6f7f5\ieakui.dll + 2009-06-30 21:16 . 2009-04-24 16:14 230400 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6000.16851_none_ac16d7a109c6f7f5\ieaksie.dll + 2009-06-30 21:16 . 2009-04-24 15:57 389120 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_6.0.6001.22418_none_74d7415a709bb095\iedkcs32.dll + 2009-06-30 21:16 . 2009-04-24 16:02 389120 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_6.0.6001.18248_none_742d32e557966777\iedkcs32.dll + 2009-06-30 21:16 . 2009-04-24 15:54 388608 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_6.0.6000.21046_none_72ce6898738f76e4\iedkcs32.dll + 2009-06-30 21:16 . 2009-04-24 16:14 385024 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_6.0.6000.16851_none_7235224d5a7e4116\iedkcs32.dll + 2009-06-30 21:16 . 2009-04-24 15:43 828416 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22121_none_04446854b8264f82\wininet.dll + 2009-06-30 21:16 . 2009-04-23 12:15 828416 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18024_none_03bdcc679f05fbbd\wininet.dll + 2009-06-30 21:16 . 2009-04-24 16:00 828416 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22418_none_026fc85ebaf18fce\wininet.dll + 2009-06-30 21:16 . 2009-04-24 16:05 827904 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18248_none_01c5b9e9a1ec46b0\wininet.dll + 2009-06-30 21:16 . 2009-04-24 16:01 828928 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21046_none_0066ef9cbde5561d\wininet.dll + 2009-06-30 21:16 . 2009-04-24 16:22 827392 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16851_none_ffcda951a4d4204f\wininet.dll + 2009-06-30 21:16 . 2009-04-24 15:58 671232 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.22418_none_e14c7b85959128aa\mstime.dll + 2009-06-30 21:16 . 2009-04-24 16:03 671232 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.18248_none_e0a26d107c8bdf8c\mstime.dll + 2009-06-30 21:16 . 2009-04-24 15:58 671232 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.21046_none_df43a2c39884eef9\mstime.dll + 2009-06-30 21:16 . 2009-04-24 16:18 671232 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.16851_none_deaa5c787f73b92b\mstime.dll + 2009-06-30 21:17 . 2008-09-20 04:00 125952 c:\windows\winsxs\x86_microsoft-windows-feedback-service_31bf3856ad364e35_6.0.6001.22271_none_7a0ae2e8aa3b1988\wersvc.dll + 2009-06-30 21:17 . 2008-09-18 04:56 125952 c:\windows\winsxs\x86_microsoft-windows-feedback-service_31bf3856ad364e35_6.0.6001.18145_none_79a5b70991018b47\wersvc.dll + 2009-06-30 21:17 . 2008-09-20 04:00 860160 c:\windows\winsxs\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.0.6001.22271_none_70460c29561ecb18\WerFaultSecure.exe + 2009-06-30 21:17 . 2008-09-20 04:00 217088 c:\windows\winsxs\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.0.6001.22271_none_70460c29561ecb18\WerFault.exe + 2009-06-30 21:17 . 2008-09-20 04:00 147456 c:\windows\winsxs\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.0.6001.22271_none_70460c29561ecb18\Faultrep.dll + 2008-10-22 15:33 . 2008-01-19 07:33 860160 c:\windows\winsxs\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.0.6001.18145_none_6fe0e04a3ce53cd7\WerFaultSecure.exe + 2008-10-22 15:32 . 2008-01-19 07:33 217088 c:\windows\winsxs\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.0.6001.18145_none_6fe0e04a3ce53cd7\WerFault.exe + 2009-06-30 21:17 . 2008-09-18 04:56 147456 c:\windows\winsxs\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_6.0.6001.18145_none_6fe0e04a3ce53cd7\Faultrep.dll + 2009-07-01 01:07 . 2009-04-30 10:34 253952 c:\windows\winsxs\x86_microsoft-windows-ehome-ehvid_31bf3856ad364e35_6.0.6001.22423_none_4bdfc1ce6de6cf39\ehvid.exe + 2009-06-29 18:30 . 2008-12-05 04:33 253952 c:\windows\winsxs\x86_microsoft-windows-ehome-ehvid_31bf3856ad364e35_6.0.6001.22322_none_4bdebf9e6de7b8bb\ehvid.exe + 2009-07-01 01:07 . 2009-04-30 10:28 253952 c:\windows\winsxs\x86_microsoft-windows-ehome-ehvid_31bf3856ad364e35_6.0.6001.18254_none_4b36b3a354e09f72\ehvid.exe + 2009-06-29 18:30 . 2008-12-05 04:31 253952 c:\windows\winsxs\x86_microsoft-windows-ehome-ehvid_31bf3856ad364e35_6.0.6001.18177_none_4b2412c354ee2632\ehvid.exe + 2009-07-01 01:07 . 2009-04-30 10:19 253952 c:\windows\winsxs\x86_microsoft-windows-ehome-ehvid_31bf3856ad364e35_6.0.6000.21051_none_49d6e90c70da9588\ehvid.exe + 2009-06-29 18:30 . 2008-12-05 02:33 253952 c:\windows\winsxs\x86_microsoft-windows-ehome-ehvid_31bf3856ad364e35_6.0.6000.20969_none_49d4434e70db48ef\ehvid.exe + 2009-07-01 01:07 . 2009-04-30 10:42 253952 c:\windows\winsxs\x86_microsoft-windows-ehome-ehvid_31bf3856ad364e35_6.0.6000.16856_none_4952759157b8412f\ehvid.exe + 2009-06-29 18:30 . 2008-12-05 04:29 253952 c:\windows\winsxs\x86_microsoft-windows-ehome-ehvid_31bf3856ad364e35_6.0.6000.16784_none_4930035357d2652d\ehvid.exe + 2009-07-01 01:07 . 2009-04-30 12:16 522240 c:\windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6001.22423_none_cf3b1fcee292dd5c\ehui.dll + 2009-06-29 18:30 . 2008-12-05 04:34 522240 c:\windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6001.22322_none_cf3a1d9ee293c6de\ehui.dll + 2009-07-01 01:07 . 2009-04-30 12:33 522240 c:\windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6001.18254_none_ce9211a3c98cad95\ehui.dll + 2009-06-29 18:30 . 2008-12-05 04:32 522240 c:\windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6001.18177_none_ce7f70c3c99a3455\ehui.dll + 2009-07-01 01:07 . 2009-04-30 12:00 521728 c:\windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6000.21051_none_cd32470ce586a3ab\ehui.dll + 2009-06-29 18:30 . 2008-12-05 04:25 521728 c:\windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6000.20969_none_cd2fa14ee5875712\ehui.dll + 2009-07-01 01:07 . 2009-04-30 12:42 517632 c:\windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6000.16856_none_ccadd391cc644f52\ehui.dll + 2009-06-29 18:30 . 2008-12-05 04:29 517120 c:\windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6000.16784_none_cc8b6153cc7e7350\ehui.dll + 2009-07-01 01:07 . 2009-04-30 12:16 105472 c:\windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6001.22423_none_273f9b1b7b253f90\ehPresenter.dll + 2009-06-29 18:30 . 2008-12-05 04:34 105472 c:\windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6001.22322_none_273e98eb7b262912\ehPresenter.dll + 2009-07-01 01:07 . 2009-04-30 12:33 105472 c:\windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6001.18254_none_26968cf0621f0fc9\ehPresenter.dll + 2009-06-29 18:30 . 2008-12-05 04:32 105472 c:\windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6001.18177_none_2683ec10622c9689\ehPresenter.dll + 2009-07-01 01:07 . 2009-04-30 12:00 105472 c:\windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6000.21051_none_2536c2597e1905df\ehPresenter.dll + 2009-06-29 18:30 . 2008-12-05 04:25 105472 c:\windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6000.20969_none_25341c9b7e19b946\ehPresenter.dll + 2009-07-01 01:07 . 2009-04-30 12:41 105472 c:\windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6000.16856_none_24b24ede64f6b186\ehPresenter.dll + 2009-06-29 18:30 . 2008-12-05 04:29 105472 c:\windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6000.16784_none_248fdca06510d584\ehPresenter.dll + 2009-07-01 01:07 . 2009-04-30 12:01 278528 c:\windows\winsxs\x86_microsoft-windows-ehome-ehplayer_31bf3856ad364e35_6.0.6002.22126_none_3019d864cf578034\ehPlayer.dll + 2009-07-01 01:07 . 2009-04-30 11:47 278528 c:\windows\winsxs\x86_microsoft-windows-ehome-ehplayer_31bf3856ad364e35_6.0.6002.18030_none_2f7f69f1b6476451\ehPlayer.dll + 2009-07-01 01:07 . 2009-04-30 12:16 278528 c:\windows\winsxs\x86_microsoft-windows-ehome-ehplayer_31bf3856ad364e35_6.0.6001.22423_none_2e30659ed233df0b\ehPlayer.dll + 2009-07-01 01:07 . 2009-04-30 12:33 278528 c:\windows\winsxs\x86_microsoft-windows-ehome-ehplayer_31bf3856ad364e35_6.0.6001.18254_none_2d875773b92daf44\ehPlayer.dll + 2009-07-01 01:07 . 2009-04-30 12:00 278528 c:\windows\winsxs\x86_microsoft-windows-ehome-ehplayer_31bf3856ad364e35_6.0.6000.21051_none_2c278cdcd527a55a\ehPlayer.dll + 2009-07-01 01:07 . 2009-04-30 12:16 373248 c:\windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6001.22423_none_2fb2ddfc834d299c\ehglid.dll + 2009-06-29 18:30 . 2008-12-05 04:34 373248 c:\windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6001.22322_none_2fb1dbcc834e131e\ehglid.dll + 2009-07-01 01:07 . 2009-04-30 12:33 373248 c:\windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6001.18254_none_2f09cfd16a46f9d5\ehglid.dll + 2009-06-29 18:30 . 2008-12-05 04:32 373248 c:\windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6001.18177_none_2ef72ef16a548095\ehglid.dll + 2009-07-01 01:07 . 2009-04-30 12:00 372736 c:\windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6000.21051_none_2daa053a8640efeb\ehglid.dll + 2009-06-29 18:30 . 2008-12-05 04:25 372736 c:\windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6000.20969_none_2da75f7c8641a352\ehglid.dll + 2009-07-01 01:07 . 2009-04-30 12:41 372224 c:\windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6000.16856_none_2d2591bf6d1e9b92\ehglid.dll + 2009-06-29 18:30 . 2008-12-05 04:29 372224 c:\windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6000.16784_none_2d031f816d38bf90\ehglid.dll + 2009-07-01 01:07 . 2009-04-30 11:47 173056 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.22423_none_34a0ebecf3254d51\McrMgr.exe + 2009-06-29 18:30 . 2008-12-05 04:33 173056 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.22322_none_349fe9bcf32636d3\McrMgr.exe + 2009-07-01 01:07 . 2009-04-30 12:00 173056 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.18254_none_33f7ddc1da1f1d8a\McrMgr.exe + 2009-06-29 18:30 . 2008-12-05 04:32 173056 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.18177_none_33e53ce1da2ca44a\McrMgr.exe + 2009-07-01 01:07 . 2009-04-30 11:31 173056 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.21051_none_3298132af61913a0\McrMgr.exe + 2009-06-29 18:30 . 2008-12-05 03:58 173056 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.20969_none_32956d6cf619c707\McrMgr.exe + 2009-07-01 01:07 . 2009-04-30 12:09 173056 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.16856_none_32139fafdcf6bf47\McrMgr.exe + 2009-06-29 18:30 . 2008-12-05 04:29 173056 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.16784_none_31f12d71dd10e345\McrMgr.exe + 2009-07-01 01:07 . 2009-04-30 12:16 254464 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6001.22423_none_152e7b96b8dde8f3\ehReplay.dll + 2009-06-29 18:30 . 2008-12-05 04:34 254464 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6001.22322_none_152d7966b8ded275\ehReplay.dll + 2009-07-01 01:07 . 2009-04-30 12:33 254464 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6001.18254_none_14856d6b9fd7b92c\ehReplay.dll + 2009-06-29 18:30 . 2008-12-05 04:32 254464 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6001.18177_none_1472cc8b9fe53fec\ehReplay.dll + 2009-07-01 01:07 . 2009-04-30 12:00 254464 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6000.21051_none_1325a2d4bbd1af42\ehReplay.dll + 2009-06-29 18:30 . 2008-12-05 04:25 254464 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6000.20969_none_1322fd16bbd262a9\ehReplay.dll + 2009-07-01 01:07 . 2009-04-30 12:41 252416 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6000.16856_none_12a12f59a2af5ae9\ehReplay.dll + 2009-06-29 18:30 . 2008-12-05 04:29 252416 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6000.16784_none_127ebd1ba2c97ee7\ehReplay.dll + 2009-07-01 01:07 . 2009-04-30 12:19 180224 c:\windows\winsxs\x86_microsoft-windows-ehome-cbva_31bf3856ad364e35_6.0.6001.22423_none_ce9aa784e2f278f7\cbva.dll + 2009-06-29 18:30 . 2008-12-05 04:34 180224 c:\windows\winsxs\x86_microsoft-windows-ehome-cbva_31bf3856ad364e35_6.0.6001.22322_none_ce99a554e2f36279\cbva.dll + 2009-07-01 01:07 . 2009-04-30 12:37 180224 c:\windows\winsxs\x86_microsoft-windows-ehome-cbva_31bf3856ad364e35_6.0.6001.18254_none_cdf19959c9ec4930\cbva.dll + 2009-06-29 18:30 . 2008-12-05 04:32 180224 c:\windows\winsxs\x86_microsoft-windows-ehome-cbva_31bf3856ad364e35_6.0.6001.18177_none_cddef879c9f9cff0\cbva.dll + 2009-07-01 01:07 . 2009-04-30 11:59 180224 c:\windows\winsxs\x86_microsoft-windows-ehome-cbva_31bf3856ad364e35_6.0.6000.21051_none_cc91cec2e5e63f46\cbva.dll + 2009-06-29 18:30 . 2008-12-05 04:25 180224 c:\windows\winsxs\x86_microsoft-windows-ehome-cbva_31bf3856ad364e35_6.0.6000.20969_none_cc8f2904e5e6f2ad\cbva.dll + 2009-07-01 01:07 . 2009-04-30 12:40 180224 c:\windows\winsxs\x86_microsoft-windows-ehome-cbva_31bf3856ad364e35_6.0.6000.16856_none_cc0d5b47ccc3eaed\cbva.dll + 2009-06-29 18:30 . 2008-12-05 04:29 180224 c:\windows\winsxs\x86_microsoft-windows-ehome-cbva_31bf3856ad364e35_6.0.6000.16784_none_cbeae909ccde0eeb\cbva.dll + 2009-06-30 21:17 . 2008-06-26 03:15 565248 c:\windows\winsxs\x86_microsoft-windows-e..emorydevicesservice_31bf3856ad364e35_6.0.6001.22211_none_9f0bbb5e0fdf3375\emdmgmt.dll + 2009-06-30 21:18 . 2008-05-10 03:17 564736 c:\windows\winsxs\x86_microsoft-windows-e..emorydevicesservice_31bf3856ad364e35_6.0.6001.22176_none_9ecfdb62100b5ca7\emdmgmt.dll + 2009-06-30 21:17 . 2008-06-26 03:29 565248 c:\windows\winsxs\x86_microsoft-windows-e..emorydevicesservice_31bf3856ad364e35_6.0.6001.18098_none_9e329f52f6fc276d\emdmgmt.dll + 2009-06-30 21:18 . 2008-05-10 03:35 564736 c:\windows\winsxs\x86_microsoft-windows-e..emorydevicesservice_31bf3856ad364e35_6.0.6001.18069_none_9e540f60f6e2ecf1\emdmgmt.dll + 2009-07-01 07:13 . 2008-05-27 05:17 194560 c:\windows\winsxs\x86_microsoft-windows-content-filter-office_31bf3856ad364e35_7.0.6001.16503_none_fab3f42bbfadf408\offfilt.dll + 2009-07-01 07:13 . 2008-05-27 05:18 136704 c:\windows\winsxs\x86_microsoft-windows-content-filter-html_31bf3856ad364e35_7.0.6001.16503_none_13ff1de93d266b97\nlhtml.dll + 2009-06-30 21:17 . 2008-06-06 03:23 562176 c:\windows\winsxs\x86_microsoft-windows-com-dtc-client_31bf3856ad364e35_6.0.6001.22197_none_4d223d3bd2ae154b\msdtcprx.dll + 2009-06-30 21:17 . 2008-06-06 03:27 562176 c:\windows\winsxs\x86_microsoft-windows-com-dtc-client_31bf3856ad364e35_6.0.6001.18085_none_4ca16fc8b98a26e2\msdtcprx.dll + 2009-06-30 21:17 . 2008-06-06 03:21 500736 c:\windows\winsxs\x86_microsoft-windows-com-dtc-client_31bf3856ad364e35_6.0.6000.20852_none_4b623eb9d56b930a\msdtcprx.dll + 2009-06-30 21:17 . 2008-06-05 04:50 500736 c:\windows\winsxs\x86_microsoft-windows-com-dtc-client_31bf3856ad364e35_6.0.6000.16697_none_4ab261cabc69e490\msdtcprx.dll + 2009-06-30 21:17 . 2009-03-03 04:32 551424 c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.22389_none_6a06ffcd57365beb\rpcss.dll + 2009-06-30 21:17 . 2009-03-03 04:39 551424 c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_69bb41ac3deac876\rpcss.dll + 2009-06-30 21:17 . 2009-03-03 04:17 550400 c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.21023_none_685b771559e4be8c\rpcss.dll + 2009-06-30 21:17 . 2009-03-03 04:19 549888 c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16830_none_67c4315e40d1bb6c\rpcss.dll + 2009-06-30 21:16 . 2009-04-24 15:52 124928 c:\windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.21046_none_aa4961990ee2d227\advpack.dll + 2009-06-30 21:16 . 2009-04-24 16:11 124928 c:\windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.16851_none_a9b01b4df5d19c59\advpack.dll + 2009-07-01 07:13 . 2008-05-27 05:17 301568 c:\windows\winsxs\x86_desktop_shell-search-srchadmin_31bf3856ad364e35_7.0.6001.16503_none_13fcab3737a334c2\srchadmin.dll + 2009-07-01 01:07 . 2009-04-30 12:06 212992 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6002.22126_none_27de1592e29 b9884\Microsoft.MediaCenter.dll + 2009-07-01 01:07 . 2009-04-30 11:54 212992 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6002.18030_none_2743a71fc98 b7ca1\Microsoft.MediaCenter.dll + 2009-07-01 01:07 . 2009-04-30 12:21 212992 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6001.22423_none_25f4a2cce57 7f75b\Microsoft.MediaCenter.dll + 2009-07-01 01:07 . 2009-04-30 12:42 212992 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6001.18254_none_254b94a1cc7 1c794\Microsoft.MediaCenter.dll + 2009-07-01 01:07 . 2009-04-30 12:09 225280 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6000.21051_none_23ebca0ae86 bbdaa\Microsoft.MediaCenter.dll + 2009-06-29 18:30 . 2008-12-05 04:30 217088 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6000.20969_none_23e9244ce86 c7111\Microsoft.MediaCenter.dll + 2009-07-01 01:07 . 2009-04-30 12:56 225280 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6000.16856_none_2367568fcf4 96951\Microsoft.MediaCenter.dll + 2009-06-29 18:30 . 2008-12-05 04:31 217088 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6000.16784_none_2344e451cf6 38d4f\Microsoft.MediaCenter.dll + 2009-07-01 01:07 . 2009-04-30 12:06 188416 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6002.22126_none_c7f9169954229812\mcstore.dll + 2009-07-01 01:07 . 2009-04-30 11:54 188416 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6002.18030_none_c75ea8263b127c2f\mcstore.dll + 2009-07-01 01:07 . 2009-04-30 12:21 188416 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6001.22423_none_c60fa3d356fef6e9\mcstore.dll + 2009-07-01 01:07 . 2009-04-30 12:42 188416 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6001.18254_none_c56695a83df8c722\mcstore.dll + 2009-07-01 01:07 . 2009-04-30 12:09 212992 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6000.21051_none_c406cb1159f2bd38\mcstore.dll + 2009-07-01 01:07 . 2009-04-30 12:55 212992 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6000.16856_none_c382579640d068df\mcstore.dll + 2009-07-01 01:07 . 2009-04-30 12:06 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6002.22126_none_8d41cc615e8201b1\ehRecObj.dll + 2009-07-01 01:07 . 2009-04-30 11:54 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6002.18030_none_8ca75dee4571e5ce\ehRecObj.dll + 2009-07-01 01:07 . 2009-04-30 12:21 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6001.22423_none_8b58599b615e6088\ehRecObj.dll + 2009-07-01 01:07 . 2009-04-30 12:42 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6001.18254_none_8aaf4b70485830c1\ehRecObj.dll + 2009-07-01 01:07 . 2009-04-30 12:09 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6000.21051_none_894f80d9645226d7\ehRecObj.dll + 2009-07-01 01:07 . 2009-04-30 12:55 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6000.16856_none_88cb0d5e4b2fd27e\ehRecObj.dll + 2009-07-01 01:07 . 2009-04-30 12:09 135168 c:\windows\winsxs\msil_ehexthost_31bf3856ad364e35_6.0.6000.21051_none_bd56e025daf6b2dd\ehexthost.exe + 2009-06-29 18:30 . 2008-12-05 04:30 135168 c:\windows\winsxs\msil_ehexthost_31bf3856ad364e35_6.0.6000.20969_none_bd543a67daf76644\ehexthost.exe + 2009-07-01 01:07 . 2009-04-30 12:55 135168 c:\windows\winsxs\msil_ehexthost_31bf3856ad364e35_6.0.6000.16856_none_bcd26caac1d45e84\ehexthost.exe + 2009-06-29 18:30 . 2008-12-05 04:30 135168 c:\windows\winsxs\msil_ehexthost_31bf3856ad364e35_6.0.6000.16784_none_bcaffa6cc1ee8282\ehexthost.exe + 2009-07-01 01:07 . 2009-04-30 12:06 839680 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6002.22126_none_de03aef7e5372a6c\ehepg.dll + 2009-07-01 01:07 . 2009-04-30 11:54 839680 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6002.18030_none_dd694084cc270e89\ehepg.dll + 2009-07-01 01:07 . 2009-04-30 12:21 839680 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6001.22423_none_dc1a3c31e8138943\ehepg.dll + 2009-07-01 01:07 . 2009-04-30 12:42 839680 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6001.18254_none_db712e06cf0d597c\ehepg.dll + 2009-07-01 01:07 . 2009-04-30 12:09 876544 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6000.21051_none_da11636feb074f92\ehepg.dll + 2009-06-29 18:30 . 2008-12-05 04:30 864256 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6000.20969_none_da0ebdb1eb0802f9\ehepg.dll + 2009-07-01 01:07 . 2009-04-30 12:55 876544 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6000.16856_none_d98ceff4d1e4fb39\ehepg.dll + 2009-06-29 18:30 . 2008-12-05 04:30 864256 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6000.16784_none_d96a7db6d1ff1f37\ehepg.dll + 2009-06-30 21:17 . 2008-05-08 21:59 155648 c:\windows\System32\wscript.exe - 2008-10-22 15:32 . 2008-01-19 07:33 155648 c:\windows\System32\wscript.exe + 2009-06-30 21:17 . 2008-12-06 04:42 376832 c:\windows\System32\winhttp.dll - 2008-10-22 15:33 . 2008-01-19 07:36 376832 c:\windows\System32\winhttp.dll - 2008-10-22 15:32 . 2008-01-19 07:36 125952 c:\windows\System32\wersvc.dll + 2009-06-30 21:17 . 2008-09-18 04:56 125952 c:\windows\System32\wersvc.dll + 2009-06-29 05:43 . 2009-06-29 18:30 191936 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S4.bin + 2009-06-28 03:11 . 2009-07-01 07:00 219746 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2009-06-30 21:17 . 2009-03-03 02:16 247296 c:\windows\System32\wbem\WmiPrvSE.exe + 2009-06-30 21:17 . 2009-03-03 04:40 499200 c:\windows\System32\wbem\WmiPrvSD.dll + 2009-06-30 21:17 . 2009-03-03 04:40 129024 c:\windows\System32\wbem\WmiDcPrv.dll + 2009-06-30 21:17 . 2009-03-03 04:36 615424 c:\windows\System32\wbem\fastprox.dll + 2009-06-30 21:17 . 2008-05-08 21:59 430080 c:\windows\System32\vbscript.dll - 2008-10-22 15:33 . 2008-01-19 07:36 430080 c:\windows\System32\vbscript.dll + 2009-07-01 07:13 . 2008-05-27 05:17 313344 c:\windows\System32\thawbrkr.dll - 2006-11-02 09:10 . 2006-11-02 09:46 313344 c:\windows\System32\thawbrkr.dll + 2009-07-01 07:13 . 2008-05-27 04:59 106605 c:\windows\System32\StructuredQuerySchema.bin + 2009-07-01 07:13 . 2008-05-27 05:17 301568 c:\windows\System32\srchadmin.dll + 2009-07-01 07:13 . 2008-05-27 05:18 184832 c:\windows\System32\SearchProtocolHost.exe + 2009-07-01 07:13 . 2008-05-27 05:18 439808 c:\windows\System32\SearchIndexer.exe - 2008-10-22 15:33 . 2008-01-19 07:36 183296 c:\windows\System32\sdohlp.dll + 2009-06-30 21:17 . 2009-03-03 04:39 183296 c:\windows\System32\sdohlp.dll + 2009-06-30 21:17 . 2008-05-08 21:59 172032 c:\windows\System32\scrrun.dll - 2008-10-22 15:33 . 2008-01-19 07:36 172032 c:\windows\System32\scrrun.dll - 2008-10-22 15:32 . 2008-01-19 07:36 180224 c:\windows\System32\scrobj.dll + 2009-06-30 21:17 . 2008-05-08 21:59 180224 c:\windows\System32\scrobj.dll - 2008-10-22 15:33 . 2008-01-19 07:36 268288 c:\windows\System32\schannel.dll + 2009-06-30 21:17 . 2008-11-27 04:43 268288 c:\windows\System32\schannel.dll + 2009-06-30 21:17 . 2009-03-03 04:39 551424 c:\windows\System32\rpcss.dll + 2009-07-01 07:13 . 2008-05-27 05:17 754176 c:\windows\System32\propsys.dll + 2009-06-30 21:17 . 2009-03-03 03:04 666624 c:\windows\System32\printfilterpipelinesvc.exe - 2006-11-02 10:33 . 2009-06-29 18:01 595684 c:\windows\System32\perfh009.dat + 2006-11-02 10:33 . 2009-07-01 07:34 595684 c:\windows\System32\perfh009.dat + 2006-11-02 10:33 . 2009-07-01 07:34 101350 c:\windows\System32\perfc009.dat - 2006-11-02 10:33 . 2009-06-29 18:01 101350 c:\windows\System32\perfc009.dat + 2009-07-01 07:13 . 2008-05-27 05:17 194560 c:\windows\System32\offfilt.dll - 2008-10-22 15:31 . 2008-01-19 07:36 194560 c:\windows\System32\offfilt.dll - 2008-10-22 15:31 . 2008-01-19 07:36 102912 c:\windows\System32\occache.dll + 2009-06-30 21:16 . 2009-04-24 16:04 102912 c:\windows\System32\occache.dll + 2009-07-01 07:13 . 2008-05-27 05:18 136704 c:\windows\System32\nlhtml.dll - 2009-02-10 18:57 . 2009-01-15 06:08 671232 c:\windows\System32\mstime.dll + 2009-06-30 21:16 . 2009-04-24 16:03 671232 c:\windows\System32\mstime.dll + 2009-07-01 07:13 . 2008-05-27 05:18 670208 c:\windows\System32\mssvp.dll + 2009-07-01 07:13 . 2008-05-27 05:18 203776 c:\windows\System32\mssphtb.dll + 2009-07-01 07:13 . 2008-05-27 05:18 350208 c:\windows\System32\mssph.dll + 2009-07-01 07:13 . 2008-05-27 05:18 231936 c:\windows\System32\msshsq.dll + 2009-06-30 21:16 . 2009-04-24 16:03 458240 c:\windows\System32\msfeeds.dll - 2009-02-10 18:57 . 2009-01-15 06:08 458240 c:\windows\System32\msfeeds.dll + 2009-06-30 21:17 . 2008-06-06 03:27 562176 c:\windows\System32\msdtcprx.dll + 2009-07-01 07:13 . 2008-05-27 05:17 143872 c:\windows\System32\korwbrkr.dll + 2009-06-30 21:17 . 2009-02-13 08:49 888832 c:\windows\System32\kernel32.dll - 2008-10-22 15:33 . 2008-01-19 07:34 512000 c:\windows\System32\jscript.dll + 2009-06-30 21:17 . 2008-05-08 21:59 512000 c:\windows\System32\jscript.dll + 2009-07-01 01:15 . 2009-05-21 15:34 148888 c:\windows\System32\javaws.exe + 2009-07-01 01:15 . 2009-05-21 15:34 144792 c:\windows\System32\javaw.exe + 2009-07-01 01:15 . 2009-05-21 15:34 144792 c:\windows\System32\java.exe + 2009-06-30 21:16 . 2009-04-24 16:02 270848 c:\windows\System32\iertutil.dll + 2009-06-30 21:16 . 2009-04-24 16:02 389120 c:\windows\System32\iedkcs32.dll - 2008-10-22 15:31 . 2008-01-19 07:34 230400 c:\windows\System32\ieaksie.dll + 2009-06-30 21:16 . 2009-04-24 16:02 230400 c:\windows\System32\ieaksie.dll - 2006-11-02 12:47 . 2009-06-28 01:45 435648 c:\windows\System32\FNTCACHE.DAT + 2006-11-02 12:47 . 2009-07-01 07:27 435648 c:\windows\System32\FNTCACHE.DAT - 2008-10-22 15:32 . 2008-01-19 07:34 147456 c:\windows\System32\Faultrep.dll + 2009-06-30 21:17 . 2008-09-18 04:56 147456 c:\windows\System32\Faultrep.dll + 2009-06-30 21:17 . 2008-06-26 03:29 565248 c:\windows\System32\emdmgmt.dll - 2008-10-22 15:32 . 2008-01-19 05:53 148480 c:\windows\System32\drivers\nwifi.sys + 2009-06-30 21:17 . 2008-05-20 02:07 148480 c:\windows\System32\drivers\nwifi.sys - 2008-10-22 15:33 . 2008-01-19 05:36 625152 c:\windows\System32\drivers\dxgkrnl.sys + 2009-06-30 21:17 . 2008-08-02 01:01 625152 c:\windows\System32\drivers\dxgkrnl.sys + 2009-06-30 21:17 . 2008-05-08 21:58 135168 c:\windows\System32\cscript.exe + 2009-07-01 01:28 . 2009-07-01 01:28 114688 c:\windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\6baea4fe-123b3d9f-n\jogl_cg.dll + 2009-07-01 01:28 . 2009-07-01 01:28 315392 c:\windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\6baea4fe-123b3d9f-n\jogl.dll + 2009-07-01 01:28 . 2009-07-01 01:28 348160 c:\windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\58fb3e0f-1e76e212-n\msvcr71.dll + 2009-07-01 01:28 . 2009-07-01 01:28 503808 c:\windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\58fb3e0f-1e76e212-n\msvcp71.dll + 2009-07-01 01:28 . 2009-07-01 01:28 499712 c:\windows\System32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\58fb3e0f-1e76e212-n\jmc.dll - 2007-08-16 10:55 . 2008-12-11 08:10 888080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe + 2007-08-16 10:55 . 2009-07-01 07:15 888080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe + 2007-08-16 10:55 . 2009-07-01 07:15 922384 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe - 2007-08-16 10:55 . 2008-12-11 08:10 922384 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe - 2007-08-16 10:55 . 2008-12-11 08:10 217864 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe + 2007-08-16 10:55 . 2009-07-01 07:15 217864 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe - 2007-08-16 10:55 . 2008-12-11 08:10 184080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe + 2007-08-16 10:55 . 2009-07-01 07:15 184080 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe - 2008-10-23 23:48 . 2008-12-11 08:03 272648 c:\windows\Installer\{91120000-0019-0000-0000-0000000FF1CE}\pubs.exe + 2008-10-23 23:48 . 2009-07-01 07:12 272648 c:\windows\Installer\{91120000-0019-0000-0000-0000000FF1CE}\pubs.exe - 2008-10-23 23:48 . 2008-12-11 08:03 217864 c:\windows\Installer\{91120000-0019-0000-0000-0000000FF1CE}\misc.exe + 2008-10-23 23:48 . 2009-07-01 07:12 217864 c:\windows\Installer\{91120000-0019-0000-0000-0000000FF1CE}\misc.exe - 2008-12-11 08:01 . 2008-12-11 08:01 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe + 2009-07-01 07:12 . 2009-07-01 07:12 217864 c:\windows\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe + 2007-08-16 10:51 . 2009-07-01 07:11 184320 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_9FA356B1395F_4530_8CB3_946ED0B3291E.exe - 2007-08-16 10:51 . 2008-12-11 08:04 184320 c:\windows\Installer\{6D52C408-B09A-4520-9B18-475B81D393F1}\_9FA356B1395F_4530_8CB3_946ED0B3291E.exe + 2005-08-23 03:16 . 2005-08-23 03:16 929792 c:\windows\Installer\$PatchCache$\Managed\804C25D6A90B0254B98174B5183D391F\8.5.818\F20987_wkwpqd.dll + 2005-08-23 03:18 . 2005-08-23 03:18 147456 c:\windows\Installer\$PatchCache$\Managed\804C25D6A90B0254B98174B5183D391F\8.5.818\F20985_wkwpqrtf.dll + 2009-07-01 01:07 . 2009-04-30 12:42 212992 c:\windows\ehome\Microsoft.MediaCenter.dll + 2009-07-01 01:07 . 2009-04-30 12:42 188416 c:\windows\ehome\mcstore.dll - 2008-10-24 01:24 . 2008-08-05 09:49 173056 c:\windows\ehome\McrMgr.exe + 2009-07-01 01:07 . 2009-04-30 12:00 173056 c:\windows\ehome\McrMgr.exe + 2009-07-01 01:07 . 2009-04-30 10:28 253952 c:\windows\ehome\ehvid.exe + 2009-07-01 01:07 . 2009-04-30 12:33 522240 c:\windows\ehome\ehui.dll - 2008-10-24 01:24 . 2008-08-05 09:49 522240 c:\windows\ehome\ehui.dll + 2009-07-01 01:07 . 2009-04-30 12:33 254464 c:\windows\ehome\ehReplay.dll - 2008-10-24 01:24 . 2008-08-05 09:49 254464 c:\windows\ehome\ehReplay.dll + 2009-07-01 01:07 . 2009-04-30 12:42 532480 c:\windows\ehome\ehRecObj.dll - 2008-10-24 01:24 . 2008-08-05 09:49 105472 c:\windows\ehome\ehPresenter.dll + 2009-07-01 01:07 . 2009-04-30 12:33 105472 c:\windows\ehome\ehPresenter.dll + 2009-07-01 01:07 . 2009-04-30 12:33 278528 c:\windows\ehome\ehPlayer.dll + 2009-07-01 01:07 . 2009-04-30 12:33 373248 c:\windows\ehome\ehglid.dll - 2008-10-24 01:24 . 2008-08-05 09:49 373248 c:\windows\ehome\ehglid.dll + 2009-07-01 01:07 . 2009-04-30 12:42 839680 c:\windows\ehome\ehepg.dll - 2008-10-22 15:31 . 2008-01-19 07:36 180224 c:\windows\ehome\cbva.dll + 2009-07-01 01:07 . 2009-04-30 12:37 180224 c:\windows\ehome\cbva.dll + 2009-07-01 07:31 . 2009-07-01 07:31 704512 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\cc5a7e1670da7c8e235d9d2d4fd355be\Microsoft.MediaCenter.Sports.ni.dll + 2009-06-30 07:06 . 2009-06-30 07:06 704512 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\c9cf0ad1ef75155a40d98951dff749f1\Microsoft.MediaCenter.Sports.ni.dll + 2009-07-01 07:31 . 2009-07-01 07:31 626688 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\c343496aa24e263e49cab884c37af143\Microsoft.MediaCenter.ni.dll + 2009-06-30 07:06 . 2009-06-30 07:06 253952 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\5964fedd528c09a5a5adc846a00528db\Microsoft.MediaCenter.Shell.ni.dll + 2009-07-01 07:31 . 2009-07-01 07:31 262144 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\3495f7d8b00bd3044da575f587183528\Microsoft.MediaCenter.Shell.ni.dll + 2009-06-30 07:06 . 2009-06-30 07:06 618496 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\049436785868ef1f876091c1791c2855\Microsoft.MediaCenter.ni.dll + 2009-06-30 07:06 . 2009-06-30 07:06 274432 c:\windows\assembly\NativeImages_v2.0.50727_32\mcupdate\6c4c85eb9116e04eb42b5ed3497a95a1\mcupdate.ni.exe + 2009-07-01 07:32 . 2009-07-01 07:32 274432 c:\windows\assembly\NativeImages_v2.0.50727_32\mcupdate\3513d5306cd7920fa8c9399f4fc58c92\mcupdate.ni.exe + 2009-07-01 07:31 . 2009-07-01 07:31 315392 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\c2c225c0d48ec126d9e0cc6af15d2217\mcstoredb.ni.dll + 2009-06-30 07:06 . 2009-06-30 07:06 737280 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\958daa7a855f3752729a090627ba2863\mcstore.ni.dll + 2009-07-01 07:31 . 2009-07-01 07:31 749568 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\1ebee2b3053be72a7733bf4944c9c80e\mcstore.ni.dll + 2009-06-30 07:06 . 2009-06-30 07:06 270336 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost\a72c61ab3969229d0f1c459ebf9501c0\ehExtHost.ni.exe + 2009-07-01 07:32 . 2009-07-01 07:32 270336 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost\a19366487b0a48915a6c61efd6c01671\ehExtHost.ni.exe + 2009-07-01 07:31 . 2009-07-01 07:31 360448 c:\windows\assembly\NativeImages_v2.0.50727_32\ehepgdat\45e557a88e0e84efb260c3043f828202\ehepgdat.ni.dll + 2009-07-01 01:07 . 2009-04-30 12:42 212992 c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.dll + 2009-07-01 01:07 . 2009-04-30 12:42 188416 c:\windows\assembly\GAC_MSIL\mcstore\6.0.6000.0__31bf3856ad364e35\mcstore.dll + 2009-07-01 01:07 . 2009-04-30 12:42 532480 c:\windows\assembly\GAC_MSIL\ehRecObj\6.0.6000.0__31bf3856ad364e35\ehRecObj.dll + 2009-07-01 01:07 . 2009-04-30 12:42 839680 c:\windows\assembly\GAC_MSIL\ehepg\6.0.6000.0__31bf3856ad364e35\ehepg.dll + 2009-07-01 07:08 . 2009-07-01 07:08 350064 c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll + 2009-07-01 07:13 . 2008-05-27 05:21 1582592 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6001.16503_none_3b8c27e8ba3dd3 dd\tquery.dll + 2009-07-01 07:13 . 2008-05-27 05:21 1418240 c:\windows\winsxs\x86_windowssearchengine_31bf3856ad364e35_7.0.6001.16503_none_3b8c27e8ba3dd3 dd\mssrch.dll + 2009-06-30 21:18 . 2009-04-21 11:42 2034688 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22119_none_bb61c0cdb0cab623\win32k.sys + 2009-06-30 21:18 . 2009-04-21 11:39 2034688 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18023_none_bac7525a97ba9a40\win32k.sys + 2009-06-30 21:18 . 2009-04-21 13:26 2034176 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22416_none_b9784e07b3a714fa\win32k.sys + 2009-06-30 21:18 . 2009-04-21 11:55 2033152 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18246_none_b8ce3f929aa1cbdc\win32k.sys + 2009-06-30 21:18 . 2009-04-21 11:55 2030080 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.21044_none_b76f7545b69adb49\win32k.sys + 2009-06-30 21:18 . 2009-04-21 12:04 2028032 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16849_none_b6eb01ca9d7886f0\win32k.sys + 2009-07-01 07:13 . 2008-05-27 05:17 1671680 c:\windows\winsxs\x86_microsoft-windows-w..r-chinesesimplified_31bf3856ad364e35_7.0.6001.16503_none_4cbdb704b61543d2\chsbrkr.dll + 2009-07-01 07:13 . 2008-05-27 05:17 6103040 c:\windows\winsxs\x86_microsoft-windows-w..-chinesetraditional_31bf3856ad364e35_7.0.6001.16503_none_df2000cce0d8c017\chtbrkr.dll + 2009-06-30 21:17 . 2009-03-03 04:37 3548656 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_6c6c8571cd797017\ntoskrnl.exe + 2009-06-30 21:17 . 2009-03-03 04:37 3600880 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22389_none_6c6c8571cd797017\ntkrnlpa.exe + 2009-06-30 21:18 . 2008-04-26 08:11 3549240 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_6c8020e9cd6b0b39\ntoskrnl.exe + 2009-06-30 21:18 . 2008-04-26 08:11 3601464 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.22167_none_6c8020e9cd6b0b39\ntkrnlpa.exe + 2009-06-30 21:17 . 2009-03-03 04:46 3547632 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_6c20c750b42ddca2\ntoskrnl.exe + 2009-06-30 21:17 . 2009-03-03 04:46 3599328 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18226_none_6c20c750b42ddca2\ntkrnlpa.exe + 2009-06-30 21:18 . 2008-04-26 08:25 3549240 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_6bf282f6b4510613\ntoskrnl.exe + 2009-06-30 21:18 . 2008-04-26 08:25 3600952 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6001.18063_none_6bf282f6b4510613\ntkrnlpa.exe + 2009-06-30 21:17 . 2009-03-03 04:22 3471328 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_6ac0fcb9d027d2b8\ntoskrnl.exe + 2009-06-30 21:17 . 2009-03-03 04:22 3505120 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.21023_none_6ac0fcb9d027d2b8\ntkrnlpa.exe + 2009-06-30 21:17 . 2009-03-03 04:24 3469280 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_6a29b702b714cf98\ntoskrnl.exe + 2009-06-30 21:17 . 2009-03-03 04:24 3503584 c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.0.6000.16830_none_6a29b702b714cf98\ntkrnlpa.exe + 2009-06-30 21:17 . 2009-04-14 07:03 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.22435_none_f2f64e4f84abbcec\OESpamFilter.dat + 2009-06-30 21:17 . 2009-04-14 07:04 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.18259_none_f25b10ee6b9abd39\OESpamFilter.dat + 2009-06-30 21:17 . 2009-04-14 07:18 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.21056_none_f0fb46578794b34f\OESpamFilter.dat + 2009-06-30 21:17 . 2009-04-14 07:06 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.16860_none_f060ffc26e84642a\OESpamFilter.dat + 2009-06-30 21:17 . 2008-12-16 02:39 8147456 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22331_none_0bd3f43c684ec0d7\wmploc.DLL + 2009-06-30 21:17 . 2008-12-16 03:29 8147456 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18185_none_0b1847174f5614f7\wmploc.DLL + 2009-06-30 21:17 . 2008-12-16 03:49 8147968 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.20976_none_09c777586b441e5d\wmploc.DLL + 2009-06-30 21:17 . 2008-12-16 04:00 8147968 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16789_none_09360999522be962\wmploc.DLL + 2009-07-01 01:07 . 2009-04-30 12:02 1244672 c:\windows\winsxs\x86_microsoft-windows-m..mediadeliveryengine_31bf3856ad364e35_6.0.6000.21051_none_3d9893fe7ba30b35\mcmde.dll + 2009-06-29 18:30 . 2008-12-05 04:26 1244672 c:\windows\winsxs\x86_microsoft-windows-m..mediadeliveryengine_31bf3856ad364e35_6.0.6000.20969_none_3d95ee407ba3be9c\mcmde.dll + 2009-07-01 01:07 . 2009-04-30 12:44 1244672 c:\windows\winsxs\x86_microsoft-windows-m..mediadeliveryengine_31bf3856ad364e35_6.0.6000.16856_none_3d1420836280b6dc\mcmde.dll + 2009-06-29 18:30 . 2008-12-05 04:29 1244672 c:\windows\winsxs\x86_microsoft-windows-m..mediadeliveryengine_31bf3856ad364e35_6.0.6000.16784_none_3cf1ae45629adada\mcmde.dll + 2009-06-30 21:17 . 2009-02-13 08:21 1257472 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsasrv.dll + 2009-06-30 21:17 . 2009-02-13 08:49 1255936 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsasrv.dll + 2009-06-30 21:17 . 2009-02-13 07:13 1234432 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsasrv.dll + 2009-06-30 21:17 . 2009-02-13 07:26 1233408 c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsasrv.dll + 2009-06-30 21:16 . 2009-04-24 15:57 6071296 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.22418_none_65294180c73d8731\ieframe.dll + 2009-06-30 21:16 . 2009-04-24 16:02 6069248 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.18248_none_647f330bae383e13\ieframe.dll + 2009-06-30 21:16 . 2009-04-24 15:54 6069248 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.21046_none_632068beca314d80\ieframe.dll + 2009-06-30 21:16 . 2009-04-24 16:14 6066176 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16851_none_62872273b12017b2\ieframe.dll + 2009-06-30 21:17 . 2009-04-24 15:41 3598336 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22121_none_159e8773387cb8b8\mshtml.dll + 2009-06-30 21:17 . 2009-04-23 12:14 3597824 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18024_none_1517eb861f5c64f3\mshtml.dll + 2009-06-30 21:16 . 2009-04-24 15:58 3582976 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22418_none_13c9e77d3b47f904\mshtml.dll + 2009-06-30 21:16 . 2009-04-24 16:03 3581952 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18248_none_131fd9082242afe6\mshtml.dll + 2009-06-30 21:16 . 2009-04-24 15:57 3598336 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21046_none_11c10ebb3e3bbf53\mshtml.dll + 2009-06-30 21:16 . 2009-04-24 16:17 3596288 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16851_none_1127c870252a8985\mshtml.dll + 2008-10-15 07:05 . 2008-10-15 07:05 2455488 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.21046_none_fa10127687d0d070\ieapfltr.dat + 2008-10-15 07:05 . 2008-10-15 07:05 2455488 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16851_none_f976cc2b6ebf9aa2\ieapfltr.dat + 2009-06-30 21:16 . 2009-04-24 15:43 1167872 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6002.22121_none_b73e8cb2ed1d28ef\urlmon.dll + 2009-06-30 21:16 . 2009-04-23 12:15 1167872 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6002.18024_none_b6b7f0c5d3fcd52a\urlmon.dll + 2009-06-30 21:16 . 2009-04-24 16:00 1166848 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.22418_none_b569ecbcefe8693b\urlmon.dll + 2009-06-30 21:16 . 2009-04-24 16:05 1166336 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.18248_none_b4bfde47d6e3201d\urlmon.dll + 2009-06-30 21:16 . 2009-04-24 16:01 1163264 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.21046_none_b36113faf2dc2f8a\urlmon.dll + 2009-06-30 21:16 . 2009-04-24 16:22 1159680 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.16851_none_b2c7cdafd9caf9bc\urlmon.dll + 2009-07-01 01:07 . 2009-04-30 12:00 1498112 c:\windows\winsxs\x86_microsoft-windows-ehome-ehuihlp_31bf3856ad364e35_6.0.6000.21051_none_3a793943475c584d\ehuihlp.dll + 2009-06-29 18:30 . 2008-12-05 04:25 1498112 c:\windows\winsxs\x86_microsoft-windows-ehome-ehuihlp_31bf3856ad364e35_6.0.6000.20969_none_3a769385475d0bb4\ehuihlp.dll + 2009-07-01 01:07 . 2009-04-30 12:42 1497088 c:\windows\winsxs\x86_microsoft-windows-ehome-ehuihlp_31bf3856ad364e35_6.0.6000.16856_none_39f4c5c82e3a03f4\ehuihlp.dll + 2009-06-29 18:30 . 2008-12-05 04:29 1497600 c:\windows\winsxs\x86_microsoft-windows-ehome-ehuihlp_31bf3856ad364e35_6.0.6000.16784_none_39d2538a2e5427f2\ehuihlp.dll + 2009-07-01 01:07 . 2009-04-30 12:17 1384960 c:\windows\winsxs\x86_microsoft-windows-e..-devices-mcx2filter_31bf3856ad364e35_6.0.6001.22423_none_3685ee5032972d7f\Mcx2Filter.dll + 2009-06-29 18:30 . 2008-12-05 04:34 1384960 c:\windows\winsxs\x86_microsoft-windows-e..-devices-mcx2filter_31bf3856ad364e35_6.0.6001.22322_none_3684ec2032981701\Mcx2Filter.dll + 2009-07-01 01:07 . 2009-04-30 12:34 1384960 c:\windows\winsxs\x86_microsoft-windows-e..-devices-mcx2filter_31bf3856ad364e35_6.0.6001.18254_none_35dce0251990fdb8\Mcx2Filter.dll + 2009-06-29 18:30 . 2008-12-05 04:32 1384960 c:\windows\winsxs\x86_microsoft-windows-e..-devices-mcx2filter_31bf3856ad364e35_6.0.6001.18177_none_35ca3f45199e8478\Mcx2Filter.dll + 2009-07-01 01:07 . 2009-04-30 12:03 1384960 c:\windows\winsxs\x86_microsoft-windows-e..-devices-mcx2filter_31bf3856ad364e35_6.0.6000.21051_none_347d158e358af3ce\Mcx2Filter.dll + 2009-06-29 18:30 . 2008-12-05 04:26 1384960 c:\windows\winsxs\x86_microsoft-windows-e..-devices-mcx2filter_31bf3856ad364e35_6.0.6000.20969_none_347a6fd0358ba735\Mcx2Filter.dll + 2009-07-01 01:07 . 2009-04-30 12:44 1384960 c:\windows\winsxs\x86_microsoft-windows-e..-devices-mcx2filter_31bf3856ad364e35_6.0.6000.16856_none_33f8a2131c689f75\Mcx2Filter.dll + 2009-06-29 18:30 . 2008-12-05 04:29 1384960 c:\windows\winsxs\x86_microsoft-windows-e..-devices-mcx2filter_31bf3856ad364e35_6.0.6000.16784_none_33d62fd51c82c373\Mcx2Filter.dll + 2009-07-01 01:07 . 2009-04-30 12:06 1970176 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6002.22126_none_3582bc9f 6d832c6e\Microsoft.MediaCenter.UI.dll + 2009-07-01 01:07 . 2009-04-30 11:54 1970176 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6002.18030_none_34e84e2c 5473108b\Microsoft.MediaCenter.UI.dll + 2009-07-01 01:07 . 2009-04-30 12:21 1970176 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6001.22423_none_339949d9 705f8b45\Microsoft.MediaCenter.UI.dll + 2009-06-29 18:30 . 2008-12-05 04:36 1957888 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6001.22322_none_339847a9 706074c7\Microsoft.MediaCenter.UI.dll + 2009-07-01 01:07 . 2009-04-30 12:42 1970176 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6001.18254_none_32f03bae 57595b7e\Microsoft.MediaCenter.UI.dll + 2009-06-29 18:30 . 2008-12-05 04:35 1957888 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6001.18177_none_32dd9ace 5766e23e\Microsoft.MediaCenter.UI.dll + 2009-07-01 01:07 . 2009-04-30 12:09 2363392 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6000.21051_none_31907117 73535194\Microsoft.MediaCenter.UI.dll + 2009-06-29 18:30 . 2008-12-05 04:30 2351104 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6000.20969_none_318dcb59 735404fb\Microsoft.MediaCenter.UI.dll + 2009-07-01 01:07 . 2009-04-30 12:56 2355200 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6000.16856_none_310bfd9c 5a30fd3b\Microsoft.MediaCenter.UI.dll + 2009-06-29 18:30 . 2008-12-05 04:31 2342912 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6000.16784_none_30e98b5e 5a4b2139\Microsoft.MediaCenter.UI.dll + 2009-07-01 01:07 . 2009-04-30 12:06 1249280 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6002.22126_none_52f46 defac2f2f54\Microsoft.MediaCenter.Shell.dll + 2009-07-01 01:07 . 2009-04-30 11:54 1249280 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6002.18030_none_5259f f7c931f1371\Microsoft.MediaCenter.Shell.dll + 2009-07-01 01:07 . 2009-04-30 12:21 1249280 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6001.22423_none_510af b29af0b8e2b\Microsoft.MediaCenter.Shell.dll + 2009-07-01 01:07 . 2009-04-30 12:42 1253376 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6001.18254_none_5061e cfe96055e64\Microsoft.MediaCenter.Shell.dll + 2009-07-01 01:07 . 2009-04-30 12:09 1282048 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6000.21051_none_4f022 267b1ff547a\Microsoft.MediaCenter.Shell.dll + 2009-06-29 18:30 . 2008-12-05 04:30 1269760 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6000.20969_none_4eff7 ca9b20007e1\Microsoft.MediaCenter.Shell.dll + 2009-07-01 01:07 . 2009-04-30 12:56 1208320 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6000.16856_none_4e7da eec98dd0021\Microsoft.MediaCenter.Shell.dll + 2009-06-29 18:30 . 2008-12-05 04:31 1196032 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6000.16784_none_4e5b3 cae98f7241f\Microsoft.MediaCenter.Shell.dll + 2009-07-01 01:07 . 2009-04-30 12:06 4059136 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6002.22126_none_8df6ca3857eab8be\ehshell.dll + 2009-07-01 01:07 . 2009-04-30 11:54 4059136 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6002.18030_none_8d5c5bc53eda9cdb\ehshell.dll + 2009-07-01 01:07 . 2009-04-30 12:21 4059136 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6001.22423_none_8c0d57725ac71795\ehshell.dll + 2009-06-29 18:30 . 2008-12-05 04:36 4046848 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6001.22322_none_8c0c55425ac80117\ehshell.dll + 2009-07-01 01:07 . 2009-04-30 12:42 4059136 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6001.18254_none_8b64494741c0e7ce\ehshell.dll + 2009-06-29 18:30 . 2008-12-05 04:34 4046848 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6001.18177_none_8b51a86741ce6e8e\ehshell.dll + 2009-07-01 01:07 . 2009-04-30 12:09 4395008 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6000.21051_none_8a047eb05dbadde4\ehshell.dll + 2009-06-29 18:30 . 2008-12-05 04:30 4382720 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6000.20969_none_8a01d8f25dbb914b\ehshell.dll + 2009-07-01 01:07 . 2009-04-30 12:55 4382720 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6000.16856_none_89800b354498898b\ehshell.dll + 2009-06-29 18:30 . 2008-12-05 04:30 4374528 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6000.16784_none_895d98f744b2ad89\ehshell.dll + 2009-06-30 21:17 . 2008-12-16 03:29 8147456 c:\windows\System32\wmploc.DLL - 2008-10-22 15:28 . 2008-01-19 06:06 8147456 c:\windows\System32\wmploc.DLL - 2009-02-10 18:57 . 2009-01-15 06:11 1166336 c:\windows\System32\urlmon.dll + 2009-06-30 21:16 . 2009-04-24 16:05 1166336 c:\windows\System32\urlmon.dll + 2009-07-01 07:13 . 2008-05-27 05:21 1582592 c:\windows\System32\tquery.dll + 2006-11-02 10:22 . 2009-07-01 07:28 6553600 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT + 2009-06-30 21:17 . 2009-03-03 04:46 3547632 c:\windows\System32\ntoskrnl.exe + 2009-06-30 21:17 . 2009-03-03 04:46 3599328 c:\windows\System32\ntkrnlpa.exe + 2009-07-01 07:13 . 2008-05-27 05:21 1418240 c:\windows\System32\mssrch.dll + 2009-06-30 21:16 . 2009-04-24 16:03 3581952 c:\windows\System32\mshtml.dll + 2009-06-30 21:17 . 2009-02-13 08:49 1255936 c:\windows\System32\lsasrv.dll - 2008-10-22 15:34 . 2008-01-19 07:36 1255936 c:\windows\System32\lsasrv.dll + 2009-06-30 21:16 . 2009-04-24 16:02 6069248 c:\windows\System32\ieframe.dll - 2009-02-10 18:57 . 2009-01-15 06:07 6069248 c:\windows\System32\ieframe.dll + 2009-07-01 07:13 . 2008-05-27 05:17 6103040 c:\windows\System32\chtbrkr.dll - 2008-10-22 15:29 . 2008-01-19 07:34 6103040 c:\windows\System32\chtbrkr.dll + 2009-07-01 07:13 . 2008-05-27 05:17 1671680 c:\windows\System32\chsbrkr.dll + 2006-11-02 12:47 . 2009-07-01 07:28 2639411 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareLicensing\tokens.dat - 2006-11-02 12:47 . 2009-06-28 01:53 2639411 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareLicensing\tokens.dat + 2007-08-16 10:55 . 2009-07-01 07:15 1172240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe - 2007-08-16 10:55 . 2008-12-11 08:10 1172240 c:\windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe + 2009-06-29 18:38 . 2009-07-01 17:44 6299648 c:\windows\ERDNT\Hiv-backup\SCHEMA.DAT + 2009-07-01 01:07 . 2009-04-30 12:42 1970176 c:\windows\ehome\Microsoft.MediaCenter.UI.dll + 2009-07-01 01:07 . 2009-04-30 12:42 1253376 c:\windows\ehome\Microsoft.MediaCenter.Shell.dll - 2008-10-22 15:32 . 2008-01-19 07:34 1384960 c:\windows\ehome\Mcx2Filter.dll + 2009-07-01 01:07 . 2009-04-30 12:34 1384960 c:\windows\ehome\Mcx2Filter.dll + 2009-07-01 01:07 . 2009-04-30 12:42 4059136 c:\windows\ehome\ehshell.dll + 2009-07-01 07:31 . 2009-07-01 07:31 5869568 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\e924ded7748ca73c0101e5e6abbeca96\Microsoft.MediaCenter.UI.ni.dll + 2009-06-30 07:06 . 2009-06-30 07:06 5861376 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\de8c782f449f1c52badf9a7c8984eec6\Microsoft.MediaCenter.UI.ni.dll + 2009-07-01 07:31 . 2009-07-01 07:31 1961984 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\fa97063b2ae691e86dc3fd167dbd1b37\ehRecObj.ni.dll + 2009-06-30 07:06 . 2009-06-30 07:06 1949696 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\d10fec414da0055401439e541854cc60\ehRecObj.ni.dll + 2009-06-30 07:06 . 2009-06-30 07:06 2428928 c:\windows\assembly\NativeImages_v2.0.50727_32\ehepg\c1ab30f112302fa6323a95cecc89dc9a\ehepg.ni.dll + 2009-07-01 07:31 . 2009-07-01 07:31 2437120 c:\windows\assembly\NativeImages_v2.0.50727_32\ehepg\6f55b6a9e37edbf6644a56ce0903abd5\ehepg.ni.dll + 2009-07-01 01:07 . 2009-04-30 12:42 1970176 c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter.UI\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.UI.dll + 2009-07-01 01:07 . 2009-04-30 12:42 1253376 c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Shell\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.Shell.dll + 2009-07-01 01:07 . 2009-04-30 12:42 4059136 c:\windows\assembly\GAC_MSIL\ehshell\6.0.6000.0__31bf3856ad364e35\ehshell.dll + 2009-06-30 21:17 . 2008-12-16 04:32 10624512 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.22331_none_0bd3f43c684ec0d7\wmp.dll + 2009-06-30 21:17 . 2008-12-16 05:31 10622976 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6001.18185_none_0b1847174f5614f7\wmp.dll + 2009-06-30 21:17 . 2008-12-16 05:37 10619904 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.20976_none_09c777586b441e5d\wmp.dll + 2009-06-30 21:17 . 2008-12-16 05:53 10619904 c:\windows\winsxs\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.0.6000.16789_none_09360999522be962\wmp.dll + 2009-07-01 01:07 . 2009-04-30 12:02 10111488 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6002.22126_none_546c7a3e66c6e86b\ehres.dll + 2009-07-01 01:07 . 2009-04-30 11:47 10111488 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6002.18030_none_53d20bcb4db6cc88\ehres.dll + 2009-07-01 01:07 . 2009-04-30 12:16 10111488 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6001.22423_none_5283077869a34742\ehres.dll + 2009-07-01 01:07 . 2009-04-30 12:33 10111488 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6001.18254_none_51d9f94d509d177b\ehres.dll + 2009-07-01 01:07 . 2009-04-30 12:00 10111488 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6000.21051_none_507a2eb66c970d91\ehres.dll + 2009-06-29 18:30 . 2008-12-05 04:25 10103808 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6000.20969_none_507788f86c97c0f8\ehres.dll + 2009-07-01 01:07 . 2009-04-30 12:42 10101760 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6000.16856_none_4ff5bb3b5374b938\ehres.dll + 2009-06-29 18:30 . 2008-12-05 04:24 10094080 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6000.16784_none_4fd348fd538edd36\ehres.dll + 2009-06-30 21:17 . 2008-12-16 05:31 10622976 c:\windows\System32\wmp.dll + 2006-11-02 10:24 . 2009-06-01 13:51 23635392 c:\windows\System32\mrt.exe + 2009-07-01 01:07 . 2009-04-30 12:33 10111488 c:\windows\ehome\ehres.dll + 2009-06-30 07:06 . 2009-06-30 07:06 12742656 c:\windows\assembly\NativeImages_v2.0.50727_32\ehshell\eef6673d152e39bb107fc610087fb8fa\ehshell.ni.dll + 2009-07-01 07:32 . 2009-07-01 07:32 12750848 c:\windows\assembly\NativeImages_v2.0.50727_32\ehshell\098310a4c3ef013f2abe16647da44e64\ehshell.ni.dll + 2008-10-16 07:04 . 2009-07-01 07:13 187873820 c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-03-11 159744] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-10 115816] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-04-04 138008] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-04-04 154392] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-04-04 133912] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872] "QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-02-13 159744] "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 50696] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776] "WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152] "au"="c:\program files\Dealio\DealioAU.exe" [2008-05-26 595296] "Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048] "lxdcamon"="c:\program files\Lexmark 1300 Series\lxdcamon.exe" [2007-04-30 20480] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-06-17 1287440] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-21 148888] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-08 44128] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048] Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{F5A89237-78BF-45D5-A273-FD7F3205321C}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{1AC2D228-FF1F-4EDD-9505-D7208AF6A4BE}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{0BC7546A-B8A9-4432-8A94-B6AA88E1A4CE}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In) "{02ED58B4-52D1-4BAB-89A5-EAEF17679AB3}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In) "TCP Query User{352F0A07-6E07-4728-86F2-F3DAD84AB73A}c:\\program files\\ares\\ares.exe"= UDP:c:\program files\ares\ares.exe:Ares p2p for windows "UDP Query User{C9D2C76B-9A6C-4711-BA16-E4D980FC1CF2}c:\\program files\\ares\\ares.exe"= TCP:c:\program files\ares\ares.exe:Ares p2p for windows "TCP Query User{0C5521F7-D800-4768-813D-09979ADC7F70}c:\\program files\\orbitdownloader\\orbitnet.exe"= UDP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader "UDP Query User{8885FC32-5FEF-4739-A511-92ED254F635E}c:\\program files\\orbitdownloader\\orbitnet.exe"= TCP:c:\program files\orbitdownloader\orbitnet.exe:P2P service of Orbit Downloader "{01EAC562-0DB0-494B-BC55-8907F0E763D0}"= UDP:c:\windows\System32\lxdccoms.exe:Lexmark Communications System "{003260DF-0F3F-4926-9466-8B60FC765C20}"= TCP:c:\windows\System32\lxdccoms.exe:Lexmark Communications System "{6F6AB858-F521-4BB7-9674-B3ED65162644}"= UDP:c:\program files\Lexmark 1300 Series\lxdcamon.exe:Lexmark Device Monitor "{FFB5F34E-08E5-4A22-A309-62853DD680A8}"= TCP:c:\program files\Lexmark 1300 Series\lxdcamon.exe:Lexmark Device Monitor "{17AB372B-9ECF-4EAE-8BF0-FEA351DB9EC0}"= UDP:c:\program files\Lexmark 1300 Series\App4R.exe:Lexmark Imaging Studio "{FA40190A-62EB-45E0-8FEB-292C6BD0CB1F}"= TCP:c:\program files\Lexmark 1300 Series\App4R.exe:Lexmark Imaging Studio "{FE5F0B2A-83DE-4ECB-8709-92F157C33A49}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdctime.exe: "{4C4799B3-8A23-4983-8185-D32204A341DB}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdctime.exe: "{C7B31B0C-A4EB-44B4-8F8A-0A9B3CB192DD}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdcpswx.exe: "{F7DB9389-BE0A-4A32-8CF2-688ACA04DC9B}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdcpswx.exe: "{5BAA4174-6047-4049-B6CF-E4DCF9467690}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{26A8E3E0-95FF-4C26-BE83-EF208F3D2538}"= UDP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:Sid Meier's Civilization 4 "{7B56396D-467B-4C76-A753-010431056A2B}"= TCP:c:\program files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe:Sid Meier's Civilization 4 "{E4D3E851-F659-4490-9513-FC6AD4F4B2C1}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{8AF57109-5173-4BEB-99EA-B631B7E5028C}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{2E23168F-EB9B-49CF-81BF-3C98CF0456CD}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{6EDC1D2D-641B-4B29-BDF0-FCB77DD1A296}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes "{DDABCFFC-ED92-45C6-AE64-CD0092A34AE5}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{0A5CDAAE-2671-4BDE-99CF-1604B41E3FE8}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "c:\\Program Files\\Orbitdownloader\\orbitdm.exe"= c:\program files\Orbitdownloader\orbitdm.exe::Enabled:Orbit "c:\\Program Files\\Orbitdownloader\\orbitnet.exe"= c:\program files\Orbitdownloader\orbitnet.exe::Enabled:Orbit "c:\\Program Files\\River Past\\Video Cleaner\\VideoCleaner.exe"= c:\program files\River Past\Video Cleaner\VideoCleaner.exe::Enabled:River Past Video Cleaner R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20081210.002\IDSvix86.sys [12/10/2008 7:54 PM 270384] R2 lxdc_device;lxdc_device;c:\windows\system32\lxdccoms.exe -service --> c:\windows\system32\lxdccoms.exe -service [?] R2 lxdcCATSCustConnectService;lxdcCATSCustConnectService;c:\windows\System32\spool\drivers\w32x86\3\lxdcserv.exe [5/25/2007 9:38 AM 99248] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [12/10/2008 3:40 PM 99376] R3 SYMNDISV;SYMNDISV;c:\windows\System32\drivers\symndisv.sys [10/3/2008 3:14 PM 37936] R3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\System32\drivers\WsAudioDevice_383.sys [2/26/2009 12:29 AM 16640] S3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [6/26/2009 10:57 AM 4232704] --- Other Services/Drivers In Memory --- NewlyCreated* - COMHOST . Contents of the 'Scheduled Tasks' folder 2009-07-01 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-19 01:44] 2009-06-30 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - Mike.job - c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-01-14 15:09] . . ------- Supplementary Scan ------- . uStart Page = hxxp://search.orbitdownloader.com mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop uInternet Settings,ProxyOverride = .local IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204 IE: Compare Prices with &Dealio - c:\users\Mike\AppData\LocalLow\Dealio\kb127\res\DealioSearch.html IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\8rb307h0.default\ FF - prefs.js: browser.startup.homepage - www.google.com FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true. *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-01 13:50 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Completion time: 2009-07-01 13:52 ComboFix-quarantined-files.txt 2009-07-01 17:52 ComboFix2.txt 2009-06-29 18:47 ComboFix3.txt 2009-06-29 18:10 Pre-Run: 6,564,708,352 bytes free Post-Run: 6,622,412,800 bytes free 1048 --- E O F --- 2009-07-01 07:17 I've also reset my router multiple times. No avail.

« Next Oldest · Infections Removal · Next Newest »

2 Pages

1 2 >

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Topic Title	Replies	Topic Starter	Views	Last Action
Browsers, Internet and email Wireless Connection is lost when i plug into the local area connection	3	TommyJW	24	7 minutes ago Last post by: appleoddity
Networking Wireless network is messed up! 123	34	CrucifieD	416	Today, 07:08 AM Last post by: paws
Infections Removal [Resolved] Need help removing re-generating virus/trojan 12	17	Granny Mouse	255	Today, 05:04 AM Last post by: CatByte
Infections Removal [Resolved] Computer Infected Please Help... 123» 8	118	Joecastle	1,281	Today, 05:03 AM Last post by: CatByte