[Resolved] have HJT and Malwarebytes logs need help with infect

Home Forums Contact

Welcome! Register for a free account (or login) > How does it work?

Quickly register. It will only take 60 seconds.
Start a new topic. Ask your question. Wait for an email reply.
Is your system infected? Begin reading the malware removal guide.

register button

What the Tech > Spyware / Malware / Virus Removal > Infections Removal

Closed Topic

Start new topic

[Resolved] have HJT and Malwarebytes logs need help with infect

jv0802 View Member Profile	Aug 18 2009, 09:58 PM Post #1
Authentic Member Group: Authentic Member Posts: 28 Joined: 27-May 09 Member No.: 85,988 Operating System: windows vista	my wife clicked on something and opened up a trogen or something. I need help getting rid of it. I know one of the trogens is "Windows protection suite". I cant run any spyware programs like malwarebytes without changing the .EXE file to .com Can someone please look at these logs... Any help would be much appreciated Malwarebytes' Anti-Malware 1.37 Database version: 2185 Windows 6.0.6000 8/18/2009 11:28:04 PM mbam-log-2009-08-18 (23-28-00).txt Scan type: Quick Scan Objects scanned: 97389 Time elapsed: 7 minute(s), 39 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 194 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\APVXDWIN.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashAvast.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgw.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LUALL.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Nmain.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ACKWIN32.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ANTI-TROJAN.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AUTODOWN.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCONSOL.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVE32.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVGCTRL.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVKSERV.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVNT.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVP32.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVPCC.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVPDOS32.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVPM.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVPTC32.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVPUPD.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVSCHED32.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVWIN95.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVWUPD32.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BLACKD.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BLACKICE.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CFIADMIN.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CFIAUDIT.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CFINET.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CFINET32.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CLAW95.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CLAW95CF.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CLEANER.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CLEANER3.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DVP95.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DVP95_0.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ECENGINE.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ESAFE.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\F-AGNT95.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\F-PROT.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\F-PROT95.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\F-STOPW.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FINDVIRU.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FP-WIN.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FPROT.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FRW.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IAMAPP.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IAMSERV.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IBMASN.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IBMAVSP.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICLOAD95.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICLOADNT.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICMON.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICSUPP95.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ICSUPPNT.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IFACE.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IOMON98.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\JEDI.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LOCKDOWN2000.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LOOKOUT.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MOOLIVE.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MPFTRAY.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\N32SCANW.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapsvc.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapw32.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVLU32.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVNT.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navw32.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVWNT.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NISUM.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NORMIST.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NUPGRADE.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NVC95.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PAVCL.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PAVSCHED.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PAVW.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCCWIN98.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCFWALLICON.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PERSFW.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RAV7.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RAV7WIN.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SAFEWEB.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SCAN32.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SCAN95.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SCANPM.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SCRSCAN.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SERV95.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SMC.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SPHINX.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SWEEP95.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TBSCAN.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TCA.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TDS2-98.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TDS2-NT.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VET95.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VETTRAY.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VSCAN40.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VSECOMR.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VSHWIN32.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VSSTAT.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WEBSCANX.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WFINDV32.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ZONEALARM.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_AVP32.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_AVPCC.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_AVPM.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\alertsvc.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avsynmgr.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCAPP.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\espwatch.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lucomserver.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Monitor.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nisserv.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\notstart.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nsched32.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\outpost.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\padmin.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pav.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rapapp.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedt32.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rescue.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VET32.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapro.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AgentSvr.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccSvcHst.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcsvc.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPF.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OllyDBG.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rtvscan.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VPTray.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ASHSIMPL.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVGNT.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVGUARD.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVSCAN.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdagent.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EKRN.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FAMEH32.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FCH32.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FSAV32.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FSGK32.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FSM32.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FSMA32.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FSMB32.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GUARD.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\livesrv.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MCAGENT.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MCMSCSVC.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MCNASVC.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MCPROXY.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MCSHIELD.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MCSYSMON.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MPFSRV.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Nvsvc32.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PAVFNSVR.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PAVSRV51.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PSCTRLS.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PSIMSVC.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SCHED.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TCM.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TPSRV.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsserv.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WEBPROXY.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\drwebupw.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\defwatch.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rescue32.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scam32.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symproxysvc.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TSC.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VPC32.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webtrap.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashServ.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashUpd.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswUpdSv.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avadmin.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconfig.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfp.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cfpupdat.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmdagent.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DRWEB32.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardgui.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NAVSTUB.EXE (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avltmain.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdwizreg.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccevtmgr.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcvsshld.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mghtml.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\seccenter.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcshell.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pop3trap.exe (Security.Hijack) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe (Security.Hijack) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Hijack this log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:51:03 PM, on 8/18/2009 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v8.00 (8.00.6001.18813) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe C:\Windows\RtHDVCpl.exe C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe C:\Windows\System32\rundll32.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Windows\System32\rundll32.exe C:\Windows\WindowsMobile\wmdSync.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Windows\ehome\ehtray.exe C:\Program Files\DAEMON Tools\daemon.exe C:\ProgramData\9a80e22\WI9a80.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Stardock\ObjectDock\ObjectDock.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\system32\wuauclt.exe C:\Program Files\AVG\AVG8\avgtray.com C:\program files\internet explorer\iexplore.exe C:\program files\internet explorer\iexplore.exe C:\Program Files\MSN\Toolbar\3.0.1203.0\msntask.exe C:\Windows\system32\DllHost.exe O1 - Hosts: 74.125.45.100 4-open-davinci.com O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com O1 - Hosts: 74.125.45.100 privatesecuredpayments.com O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com O1 - Hosts: 74.125.45.100 getantivirusplusnow.com O1 - Hosts: 74.125.45.100 secure-plus-payments.com O1 - Hosts: 74.125.45.100 www.getantivirusplusnow.com O1 - Hosts: 74.125.45.100 www.secure-plus-payments.com O1 - Hosts: 74.125.45.100 www.getavplusnow.com O1 - Hosts: 74.125.45.100 www.securesoftwarebill.com O1 - Hosts: 74.125.45.100 secure.paysecuresystem.com O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\1.5.5.900\HPIEAddOn.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.6.3.4500\NPIEAddOn.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.3.5.960\ssd.dll O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [VAIOSecurity] "C:\Program Files\Sony\VAIO Security Center\VSC.exe" 1 O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [NvSvc] "RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Microsoft Works Update Detection] "C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [AppMon Utility] "C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe" @@@Start O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [Windows Protection Suite] "C:\ProgramData\9a80e22\WI9a80.exe" /s /d O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Memeo AutoSync Launcher.lnk = C:\Program Files\Memeo\AutoSync\MemeoLauncher.exe O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_13.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_13.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - http://mediaplayer.walmart.com/installer/install.cab O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DownloadManager Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.1.6.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Google Update Service (gupdate1c9e9d28843f9d0) (gupdate1c9e9d28843f9d0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\Image Converter 3\IcVzMonLauncher.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 3\IcVzMon.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: lxdcCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdcserv.exe O23 - Service: lxdc_device - - C:\Windows\system32\lxdccoms.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: QuickBooks Database Manager Service (QBCFMonitorService) - - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - C:\Program Files\Macrium\Reflect\ReflectService.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\stacsv.exe O23 - Service: Sukoku Service - Unknown owner - C:\ProgramData\Sukoku\sukoku113.exe O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 16422 bytes Attached File(s) mbam_log_2009_08_18__20_36_36_.txt ( 27.99K ) Number of downloads: 22 hijackthis.txt ( 16.04K ) Number of downloads: 106

LDTate View Member Profile	Aug 22 2009, 01:13 PM Post #2
Forum God Group: Root Admin Posts: 48,278 Joined: 23-September 04 From: Missouri, USA Member No.: 15,276	1. These tools MUST be run from the executable. (.exe) 2. With Admin Rights (Right click, choose "Run as Administrator") every time you run them Please download ATF Cleaner by Atribune. Download - ATF Cleaner» Double-click ATF-Cleaner.exe to run the program. Under Main choose: Select All Click the Empty Selected button. (If you use FireFox or the Opera browser To keep saved passwords, click No at the prompt.) It's normal after running ATF cleaner that the PC will be slower to boot the first time. Next: Download ComboFix from one of these locations: Link 1 Link 2 * IMPORTANT !!! Save ComboFix.exe to your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : Protective Programs Double click on ComboFix.exe & follow the prompts. Note: Combofix will run without the Recovery Console installed. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console. Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message: Click on Yes, to continue scanning for malware. When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply. "copy/paste" a new HijackThis log file into this thread as well. Notes: 1.Do not mouse-click Combofix's window while it is running. That may cause it to stall. 2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser. 3. Combofix prevents autorun of ALL** CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper. 4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine. Give it atleast 20-30 minutes to finish if needed. Also please describe how your computer behaves at the moment.

jv0802 View Member Profile	Aug 22 2009, 07:51 PM Post #3
Authentic Member Group: Authentic Member Posts: 28 Joined: 27-May 09 Member No.: 85,988 Operating System: windows vista	Thanks for the reply I cant download the specified files. When i click on the links you gave me, the computer acts like its downloading the files (progress bar, etc.) but there is no files in the folder that I save it to. something is keeping me from downloading the files. I think its probably the same thing that is keeping me from accessing Task Manager

LDTate View Member Profile	Aug 23 2009, 07:31 AM Post #4
Forum God Group: Root Admin Posts: 48,278 Joined: 23-September 04 From: Missouri, USA Member No.: 15,276	QUOTE (jv0802 @ Aug 22 2009, 08:51 PM) Thanks for the reply I cant download the specified files. When i click on the links you gave me, the computer acts like its downloading the files (progress bar, etc.) but there is no files in the folder that I save it to. something is keeping me from downloading the files. I think its probably the same thing that is keeping me from accessing Task Manager You don't save it to a folder. Save to your desktop. Save Combofix as Combofix.com. When you ran the MBAM scan did you remove the infections? It shows No Action Taken.

jv0802 View Member Profile	Aug 23 2009, 02:26 PM Post #5
Authentic Member Group: Authentic Member Posts: 28 Joined: 27-May 09 Member No.: 85,988 Operating System: windows vista	i cant download it to my desktop either, even if i save it as Combofix.com For some reason it wont let me download anything. What should I do?

jv0802 View Member Profile	Aug 23 2009, 02:31 PM Post #6
Authentic Member Group: Authentic Member Posts: 28 Joined: 27-May 09 Member No.: 85,988 Operating System: windows vista	oh i forgot to add my latest mbam log. I did tell it to clean the cpu, but It keept freezeing up when it got to a certain file as it was deleting everything. So i told it to skip that file, and then it cleaned everything else. When I performed the scan again, Mbam doesnt find anything at all. I have attached the lastest full scan log Attached File(s) mbam_log_2009_08_23__16_13_58_.txt ( 837bytes ) Number of downloads: 13

LDTate View Member Profile	Aug 23 2009, 04:55 PM Post #7
Forum God Group: Root Admin Posts: 48,278 Joined: 23-September 04 From: Missouri, USA Member No.: 15,276	Try this one. 1. These tools MUST be run from the executable. (.exe) 2. With Admin Rights (Right click, choose "Run as Administrator") every time you run them NOTE: worksnow is actually Combofix renamed so user is able download and run Combofix Download worksnow from HERE: * IMPORTANT !!! Save worksnow to your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : Protective Programs Double click on worksnow & follow the prompts. Note: worksnow will run without the Recovery Console installed. Note: Combofix will run without the Recovery Console installed. As part of it's process, combofix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console. Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message: Click on Yes, to continue scanning for malware. When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply. "copy/paste" a new HijackThis log file into this thread as well. Notes: 1.Do not mouse-click Combofix's window while it is running. That may cause it to stall. 2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser. 3. Combofix prevents autorun of ALL** CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper. 4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine. Give it atleast 20-30 minutes to finish if needed. Also please describe how your computer behaves at the moment.

jv0802 View Member Profile	Aug 23 2009, 09:22 PM Post #8
Authentic Member Group: Authentic Member Posts: 28 Joined: 27-May 09 Member No.: 85,988 Operating System: windows vista	ok That download worked. I ran the scan. here is the log file. Thanks again for your help Attached File(s) combofix_log.txt ( 148.67K ) Number of downloads: 101

LDTate View Member Profile	Aug 24 2009, 05:49 AM Post #9
Forum God Group: Root Admin Posts: 48,278 Joined: 23-September 04 From: Missouri, USA Member No.: 15,276	Please don't attach the scans. Use Copy/Paste ComboFix 09-08-22.06 - jeff 08/23/2009 23:03.3.2 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.3070.1652 [GMT -4:00] Running from: c:\users\jeff\Desktop\worksnow.exe AV: AVG Anti-Virus Free On-access scanning disabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} SP: AVG Anti-Virus Free enabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} SP: Spyware Doctor disabled (Updated) {1C3EDD79-273E-46ac-99F8-EFA9E7CBC301} SP: Windows Defender disabled (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Bro28D7.tmp C:\Bro7373.tmp c:\program files\Mozilla Firefox\searchplugins\search.xml c:\programdata\WINSPSys c:\programdata\WINSPSys\winps.cfg c:\users\jeff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Protection Suite.lnk c:\users\jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Protection Suite.lnk c:\users\jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Windows Protection Suite.lnk c:\users\jeff\AppData\Roaming\Windows Protection Suite c:\users\jeff\AppData\Roaming\Windows Protection Suite\cookies.sqlite c:\users\jeff\AppData\Roaming\Windows Protection Suite\Instructions.ini c:\users\jeff\Desktop\Windows Protection Suite.lnk c:\windows\Installer\Ref72DF.msi c:\windows\Installer\WMEncoder.msi c:\windows\system32\AVSredirect.dll c:\windows\system32\gxvxccount . ((((((((((((((((((((((((( Files Created from 2009-07-24 to 2009-08-24 ))))))))))))))))))))))))))))))) . 2009-08-24 03:12 . 2009-08-24 03:12 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-08-20 02:34 . 2009-08-20 02:35 -------- d-----w- c:\program files\Safari 2009-08-20 02:32 . 2009-08-20 02:32 -------- d-----w- c:\program files\iPod 2009-08-20 02:32 . 2009-08-20 02:32 -------- d-----w- c:\program files\iTunes 2009-08-20 02:28 . 2009-08-20 02:28 75040 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe 2009-08-19 04:08 . 2009-08-19 04:34 14 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\cid.drv 2009-08-19 03:58 . 2009-08-19 05:29 78 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\kernel32.sys 2009-08-19 03:36 . 2009-08-19 03:36 41 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\FS.sys 2009-08-19 02:54 . 2009-08-19 06:00 8 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\ANTIGEN.drv 2009-08-19 02:09 . 2009-08-19 02:09 5 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\eb.exe 2009-08-19 02:00 . 2009-08-19 02:00 9 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\pal.drv 2009-08-18 19:01 . 2009-08-18 19:01 45 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\ppal.exe 2009-08-18 18:18 . 2009-08-19 03:47 27 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\SM.drv 2009-08-18 18:18 . 2009-08-18 18:18 70 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\pal.dll 2009-08-18 18:18 . 2009-08-18 18:18 12 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\eb.drv 2009-08-18 14:28 . 2009-08-18 14:28 45 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\snl2w.exe 2009-08-18 14:28 . 2009-08-18 14:28 77 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\cb.exe 2009-08-18 14:28 . 2009-08-18 14:29 48 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\CLSV.exe 2009-08-18 14:28 . 2009-08-18 14:28 41 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\energy.drv 2009-08-18 14:28 . 2009-06-12 20:27 710136 ----a-w- c:\programdata\9a80e22\mozcrt19.dll 2009-08-18 14:28 . 2009-06-12 20:27 435704 ----a-w- c:\programdata\9a80e22\sqlite3.dll 2009-08-18 14:28 . 2009-08-19 10:38 -------- d-sh--w- c:\programdata\9a80e22 2009-08-18 14:22 . 2009-08-19 05:29 -------- d-----w- c:\program files\Common Files\Uninstall 2009-08-18 11:38 . 2009-08-13 19:43 49152 ----a-w- c:\programdata\Sukoku\sukoku113.exe 2009-08-18 11:35 . 2009-08-18 22:55 -------- d-----w- c:\program files\Sukoku 2009-08-18 11:35 . 2009-08-18 11:38 -------- d-----w- c:\programdata\Sukoku 2009-08-18 11:34 . 2009-08-19 03:18 -------- dc-h--w- c:\programdata\{F14A989E-0102-460B-ADB5-BC208314A307} 2009-08-14 16:38 . 2009-08-14 16:38 -------- d-----w- c:\program files\AviSynth 2.5 2009-08-14 16:38 . 2007-05-17 21:30 318976 ----a-w- c:\windows\system32\avisynth.dll 2009-08-14 16:38 . 2004-02-22 14:11 719872 ----a-w- c:\windows\system32\devil.dll 2009-08-14 16:38 . 2004-01-25 04:00 70656 ----a-w- c:\windows\system32\yv12vfw.dll 2009-08-14 16:38 . 2004-01-25 04:00 70656 ----a-w- c:\windows\system32\i420vfw.dll 2009-08-13 20:08 . 2008-03-16 12:30 216064 --sh--r- c:\windows\system32\nbDX.dll 2009-08-13 20:08 . 2007-02-21 10:47 31232 --sh--r- c:\windows\system32\msfDX.dll 2009-08-13 20:08 . 2006-05-03 09:06 163328 --sh--r- c:\windows\system32\flvDX.dll 2009-08-13 20:08 . 2009-08-13 20:08 -------- d-----w- c:\program files\eRightSoft 2009-08-13 20:04 . 2009-08-13 20:04 -------- d-----w- c:\program files\Adobe Media Player 2009-08-13 19:23 . 2009-08-13 19:23 -------- d-----w- c:\program files\BitTorrent 2009-08-05 03:49 . 2009-08-05 03:49 -------- d-----w- c:\programdata\Macrium 2009-08-05 03:48 . 2009-08-05 03:48 43646 ----a-r- c:\users\jeff\AppData\Roaming\Microsoft\Installer\{3BAD2D97-4900-4014-A2F5-B549802CEEE2}\_E3296CA52D73B98AE9B5F9.exe 2009-08-05 03:48 . 2009-08-05 03:48 43646 ----a-r- c:\users\jeff\AppData\Roaming\Microsoft\Installer\{3BAD2D97-4900-4014-A2F5-B549802CEEE2}\_D707CE1C009F1381803C2C.exe 2009-08-05 03:48 . 2009-08-05 03:48 43646 ----a-r- c:\users\jeff\AppData\Roaming\Microsoft\Installer\{3BAD2D97-4900-4014-A2F5-B549802CEEE2}\_BBCA226959C1D3D63C885B.exe 2009-08-05 03:48 . 2009-08-05 03:48 43646 ----a-r- c:\users\jeff\AppData\Roaming\Microsoft\Installer\{3BAD2D97-4900-4014-A2F5-B549802CEEE2}\_21F3885A18D238E15AAE81.exe 2009-08-05 03:48 . 2009-08-05 03:48 29926 ----a-r- c:\users\jeff\AppData\Roaming\Microsoft\Installer\{3BAD2D97-4900-4014-A2F5-B549802CEEE2}\_EDC08689E679B6EDDC26F8.exe 2009-08-05 03:48 . 2009-08-05 03:48 109534 ----a-r- c:\users\jeff\AppData\Roaming\Microsoft\Installer\{3BAD2D97-4900-4014-A2F5-B549802CEEE2}\_6FEFF9B68218417F98F549.exe 2009-08-05 03:48 . 2009-08-05 03:48 -------- d-----w- c:\program files\Macrium 2009-08-05 03:37 . 2009-08-05 03:37 -------- d-----w- c:\programdata\eSellerate 2009-08-05 03:34 . 2009-08-19 02:57 -------- d-----w- c:\program files\Memeo 2009-07-25 12:35 . 2009-07-25 12:35 -------- d-----w- c:\program files\Samsung 2009-07-25 10:31 . 2009-07-25 10:31 713992 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-08-24 02:59 . 2008-05-04 01:42 -------- d-----w- c:\programdata\avg8 2009-08-20 02:32 . 2007-09-30 07:43 -------- d-----w- c:\program files\Common Files\Apple 2009-08-19 04:52 . 2009-05-26 14:09 -------- d-----w- c:\program files\kill 2009-08-19 04:41 . 2009-05-26 22:24 3942047 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-08-19 03:26 . 2009-08-18 22:07 36 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\DBOLE.sys 2009-08-19 03:12 . 2007-08-22 22:57 214286 ----a-w- c:\users\jeff\AppData\Roaming\nvModes.dat 2009-08-19 02:57 . 2007-05-30 03:52 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-08-19 02:57 . 2008-06-15 03:04 -------- d-s---w- c:\programdata\Memeo 2009-08-19 02:20 . 2009-08-18 17:03 8 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\PE.sys 2009-08-19 02:00 . 2009-08-19 02:00 50 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\eb.dll 2009-08-19 02:00 . 2009-08-19 02:00 20 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\PE.drv 2009-08-19 02:00 . 2009-08-18 14:29 76 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\cb.sys 2009-08-19 02:00 . 2009-08-18 14:29 5 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\ANTIGEN.dll 2009-08-19 02:00 . 2009-08-19 02:00 70 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\cid.dll 2009-08-19 02:00 . 2009-08-18 19:01 26 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\tjd.drv 2009-08-19 02:00 . 2009-08-18 19:01 14 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\kernel32.drv 2009-08-19 02:00 . 2009-08-19 02:00 53 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\PE.exe 2009-08-19 02:00 . 2009-08-18 14:29 62 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\runddlkey.dll 2009-08-19 02:00 . 2009-08-19 02:00 51 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\eb.sys 2009-08-19 02:00 . 2009-08-19 02:00 34 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\tjd.sys 2009-08-19 01:29 . 2008-08-09 21:02 -------- d-----w- c:\users\jeff\AppData\Roaming\DNA 2009-08-18 22:56 . 2008-08-09 21:02 -------- d-----w- c:\program files\DNA 2009-08-18 22:07 . 2009-08-18 22:07 47 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\kernel32.dll 2009-08-18 22:07 . 2009-08-18 22:07 47 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\exec.sys 2009-08-18 22:07 . 2009-08-18 22:07 46 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\CLSV.sys 2009-08-18 22:07 . 2009-08-18 22:07 15 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\hymt.drv 2009-08-18 22:07 . 2009-08-18 14:29 70 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\sld.dll 2009-08-18 22:07 . 2009-08-18 22:07 34 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\dudl.sys 2009-08-18 19:01 . 2009-08-18 14:28 17 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\exec.exe 2009-08-18 17:03 . 2009-08-18 17:03 73 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\energy.exe 2009-08-18 17:03 . 2009-08-18 14:28 59 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\PE.dll 2009-08-18 14:29 . 2009-08-18 14:29 36 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\CLSV.drv 2009-08-18 14:29 . 2009-08-18 14:29 29 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\sld.drv 2009-08-18 14:29 . 2009-08-18 14:29 60 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\fix.drv 2009-08-18 14:29 . 2009-08-18 14:29 32 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\fan.sys 2009-08-18 14:29 . 2009-08-18 14:29 55 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\runddlkey.drv 2009-08-13 20:48 . 2009-04-21 19:23 -------- d-----w- c:\program files\StockPicker RT 2009-08-13 20:03 . 2007-05-30 04:02 -------- d-----w- c:\program files\Common Files\Adobe 2009-08-10 13:24 . 2008-02-12 22:29 -------- d-----w- c:\program files\Google 2009-08-07 20:48 . 2009-07-07 19:24 -------- d-----w- c:\program files\ExcelMySQlMagicDemo 2009-08-07 20:48 . 2009-07-07 16:07 -------- d-----w- c:\program files\ExcelMySQlConverterDemo 2009-08-05 03:40 . 2008-06-15 03:09 -------- d-----w- c:\program files\Picasa2 2009-08-03 17:36 . 2009-05-26 14:09 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-08-03 17:36 . 2009-05-26 14:09 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-07-24 17:04 . 2009-07-24 17:04 -------- d-----w- c:\users\jeff\AppData\Roaming\kompozer.net 2009-07-22 17:58 . 2009-07-22 17:58 -------- d-----w- c:\program files\Common Files\xing shared 2009-07-22 17:57 . 2007-08-23 06:09 -------- d-----w- c:\program files\Common Files\Real 2009-07-21 21:52 . 2009-08-14 14:37 915456 ----a-w- c:\windows\system32\wininet.dll 2009-07-21 21:47 . 2009-08-14 14:37 109056 ----a-w- c:\windows\system32\iesysprep.dll 2009-07-21 21:47 . 2009-08-14 14:37 71680 ----a-w- c:\windows\system32\iesetup.dll 2009-07-21 20:13 . 2009-08-14 14:37 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-07-09 18:29 . 2009-06-06 02:51 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-07-08 13:12 . 2007-08-28 19:39 -------- d-----w- c:\users\jeff\AppData\Roaming\OpenOffice.org2 2009-07-07 19:48 . 2008-07-09 15:24 1 ----a-w- c:\users\jeff\AppData\Roaming\OpenOffice.org2\user\uno_packages\cache\stamp.sys 2009-07-07 19:26 . 2009-07-07 19:26 -------- d-----w- c:\program files\SQL Converter 2 for Excel 2009-07-07 19:25 . 2007-09-12 00:14 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2009-07-02 12:03 . 2009-07-02 12:03 86016 ----a-w- c:\programdata\NOS\Adobe_Downloads\arh.exe 2009-07-02 12:03 . 2008-07-18 15:01 -------- d-----w- c:\programdata\NOS 2009-06-30 12:39 . 2009-06-06 02:51 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-06-30 12:39 . 2009-06-06 02:50 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-06-06 02:51 . 2009-06-06 02:51 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-05-27 11:16 . 2007-09-11 14:22 1356 ----a-w- c:\users\jeff\AppData\Local\d3d9caps.dat 2009-05-26 22:28 . 2009-05-26 22:28 410984 ----a-w- c:\windows\system32\deploytk.dll 2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll 2006-05-03 09:06 . 2009-08-13 20:08 163328 --sh--r- c:\windows\System32\flvDX.dll 2007-02-21 10:47 . 2009-08-13 20:08 31232 --sh--r- c:\windows\System32\msfDX.dll 2008-03-16 12:30 . 2009-08-13 20:08 216064 --sh--r- c:\windows\System32\nbDX.dll . ((((((((((((((((((((((((((((( SnapShot@2009-06-03_16.02.48 ))))))))))))))))))))))))))))))))))))))))) . + 2009-06-10 13:59 . 2009-04-24 15:54 52736 c:\windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.21046_none_2a73c7b3813b6302\iebrshim.dll + 2009-06-10 13:59 . 2009-04-24 16:14 52736 c:\windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.16851_none_29da8168682a2d34\iebrshim.dll + 2009-08-14 14:34 . 2009-03-08 11:32 94720 c:\windows\winsxs\x86_microsoft-windows-ie-setup_31bf3856ad364e35_8.0.6001.18702_none_7c2a7e005d93bd9b\inseng.dll + 2009-08-14 14:37 . 2009-07-22 05:58 71680 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22903_none_a94676798d617013\iesetup.dll + 2009-08-14 14:37 . 2009-07-22 05:58 55808 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22903_none_a94676798d617013\iernonce.dll + 2009-08-14 14:37 . 2009-07-21 21:47 71680 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18813_none_a8b209c2744bec3a\iesetup.dll + 2009-08-14 14:37 . 2009-07-21 21:47 55808 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18813_none_a8b209c2744bec3a\iernonce.dll + 2009-08-14 14:34 . 2009-03-08 11:32 71680 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18702_none_a8bbd77e7444b9cb\iesetup.dll + 2009-08-14 14:34 . 2009-03-08 11:32 55808 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18702_none_a8bbd77e7444b9cb\iernonce.dll + 2009-06-10 13:59 . 2009-04-24 15:54 56320 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21046_none_c44eb1437a8b8da5\iesetup.dll + 2009-06-10 13:59 . 2009-04-24 15:54 44544 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21046_none_c44eb1437a8b8da5\iernonce.dll + 2009-06-10 13:59 . 2009-04-24 13:42 70656 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21046_none_c44eb1437a8b8da5\ie4uinit.exe + 2009-06-10 13:59 . 2009-04-24 16:14 56320 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16851_none_c3b56af8617a57d7\iesetup.dll + 2009-06-10 13:59 . 2009-04-24 16:14 44544 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16851_none_c3b56af8617a57d7\iernonce.dll + 2009-06-10 13:59 . 2009-04-24 13:53 70656 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16851_none_c3b56af8617a57d7\ie4uinit.exe + 2009-06-10 13:59 . 2009-04-24 13:46 26624 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22418_none_2fe8d4ea331cfeb1\ieUnatt.exe + 2009-06-10 13:59 . 2009-04-24 13:44 26624 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18248_none_2f3ec6751a17b593\ieUnatt.exe + 2009-06-10 13:59 . 2009-04-24 13:42 26624 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21046_none_2ddffc283610c500\ieUnatt.exe + 2009-06-10 13:59 . 2009-04-24 13:53 26624 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16851_none_2d46b5dd1cff8f32\ieUnatt.exe + 2009-08-14 14:34 . 2009-03-08 11:31 59904 c:\windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_8.0.6001.18702_none_3d86a1c07a097782\icardie.dll + 2009-06-10 13:59 . 2009-04-24 15:54 63488 c:\windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_6.0.6000.21046_none_59197b8580504b5c\icardie.dll + 2009-06-10 13:59 . 2009-04-24 16:14 63488 c:\windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_6.0.6000.16851_none_5880353a673f158e\icardie.dll + 2009-08-14 14:34 . 2009-03-08 11:31 34816 c:\windows\winsxs\x86_microsoft-windows-ie-imagesupport_31bf3856ad364e35_8.0.6001.18702_none_20dfeb2e08d9ec0a\imgutil.dll + 2009-08-14 14:34 . 2009-03-08 11:32 66560 c:\windows\winsxs\x86_microsoft-windows-ie-iexpress_31bf3856ad364e35_8.0.6001.18702_none_4766ff3b547d623d\wextract.exe + 2009-08-14 14:34 . 2009-03-08 11:31 48128 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_8.0.6001.18702_none_d658a8dacff20c9e\mshtmler.dll + 2009-06-10 13:59 . 2009-04-24 13:45 48128 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6001.22418_none_f3f45b61d3451a29\mshtmler.dll + 2009-06-10 13:59 . 2009-04-24 15:57 78336 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6001.22418_none_f3f45b61d3451a29\ieencode.dll + 2006-11-02 07:33 . 2006-11-02 07:33 48128 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6001.18248_none_f34a4cecba3fd10b\mshtmler.dll + 2009-06-10 13:59 . 2009-04-24 16:02 78336 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6001.18248_none_f34a4cecba3fd10b\ieencode.dll + 2009-06-10 13:59 . 2009-04-24 12:20 48128 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6000.21046_none_f1eb829fd638e078\mshtmler.dll + 2009-06-10 13:59 . 2009-04-24 15:54 78336 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6000.21046_none_f1eb829fd638e078\ieencode.dll + 2009-06-10 13:59 . 2009-04-24 12:25 48128 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6000.16851_none_f1523c54bd27aaaa\mshtmler.dll + 2009-06-10 13:59 . 2009-04-24 16:14 78336 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6000.16851_none_f1523c54bd27aaaa\ieencode.dll + 2009-08-14 14:34 . 2009-03-08 11:31 66560 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.6001.18702_none_2b140bc159303551\mshtmled.dll + 2009-08-14 14:34 . 2009-03-08 11:31 45568 c:\windows\winsxs\x86_microsoft-windows-ie-htmlapplication_31bf3856ad364e35_8.0.6001.18702_none_3c45119b1f28ff3d\mshta.exe + 2009-08-14 14:37 . 2009-07-22 04:26 13312 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.22903_none_dfc3b05f09aa2a6a\msfeedssync.exe + 2009-08-14 14:37 . 2009-07-22 05:59 55296 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.22903_none_dfc3b05f09aa2a6a\msfeedsbs.dll + 2009-08-14 14:37 . 2009-07-21 20:13 13312 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.18813_none_df2f43a7f094a691\msfeedssync.exe + 2009-08-14 14:37 . 2009-07-21 21:48 55296 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.18813_none_df2f43a7f094a691\msfeedsbs.dll + 2009-08-14 14:34 . 2009-03-08 11:31 13312 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.18702_none_df391163f08d7422\msfeedssync.exe + 2009-08-14 14:34 . 2009-03-08 11:31 55296 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.18702_none_df391163f08d7422\msfeedsbs.dll + 2009-08-14 14:34 . 2009-03-08 11:34 43008 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_8.0.6001.18702_none_accc7a4465be292a\licmgr10.dll + 2009-08-14 14:34 . 2009-03-08 11:32 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_8.0.6001.18702_none_911d44271c9159e9\admparse.dll + 2009-06-10 13:59 . 2009-04-24 15:55 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.22418_none_aeb8f6ae1fe46774\admparse.dll + 2009-04-22 13:22 . 2008-01-19 07:33 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.18248_none_ae0ee83906df1e56\admparse.dll + 2009-06-10 13:59 . 2009-04-24 15:52 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6000.21046_none_acb01dec22d82dc3\admparse.dll + 2009-06-10 13:59 . 2009-04-24 16:11 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6000.16851_none_ac16d7a109c6f7f5\admparse.dll + 2009-08-14 14:37 . 2009-07-22 06:03 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_e55eb4d2d0bb388b\WininetPlugin.dll + 2009-08-14 14:37 . 2009-07-22 05:58 25600 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_e55eb4d2d0bb388b\jsproxy.dll + 2009-08-14 14:37 . 2009-07-21 21:52 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_e4ca481bb7a5b4b2\WininetPlugin.dll + 2009-08-14 14:37 . 2009-07-21 21:47 25600 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_e4ca481bb7a5b4b2\jsproxy.dll + 2009-08-14 14:34 . 2009-03-08 11:33 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\WininetPlugin.dll + 2009-08-14 14:34 . 2009-03-08 11:33 25600 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\jsproxy.dll + 2009-06-10 13:59 . 2009-04-24 13:33 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22121_none_04446854b8264f82\WininetPlugin.dll + 2009-06-10 13:59 . 2009-04-24 15:40 27648 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22121_none_04446854b8264f82\jsproxy.dll + 2009-06-10 13:59 . 2009-04-11 06:28 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18024_none_03bdcc679f05fbbd\WininetPlugin.dll + 2009-06-10 13:59 . 2009-04-11 06:28 27648 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18024_none_03bdcc679f05fbbd\jsproxy.dll + 2009-06-10 13:59 . 2009-04-24 16:00 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22418_none_026fc85ebaf18fce\WininetPlugin.dll + 2009-06-10 13:59 . 2009-04-24 15:58 28160 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22418_none_026fc85ebaf18fce\jsproxy.dll + 2008-04-09 05:13 . 2008-02-22 05:01 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18248_none_01c5b9e9a1ec46b0\WininetPlugin.dll + 2009-06-10 13:59 . 2009-04-24 16:02 28160 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18248_none_01c5b9e9a1ec46b0\jsproxy.dll + 2009-06-10 13:59 . 2009-04-24 16:01 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21046_none_0066ef9cbde5561d\WininetPlugin.dll + 2009-06-10 13:59 . 2009-04-24 15:55 27648 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21046_none_0066ef9cbde5561d\jsproxy.dll + 2009-06-10 13:59 . 2009-04-24 16:22 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16851_none_ffcda951a4d4204f\WininetPlugin.dll + 2009-06-10 13:59 . 2009-04-24 16:14 27648 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16851_none_ffcda951a4d4204f\jsproxy.dll + 2009-08-14 14:34 . 2009-03-08 11:33 18944 c:\windows\winsxs\x86_microsoft-windows-i..tivexpolicyprovider_31bf3856ad364e35_8.0.6001.18702_none_6f561c09617d9439\corpol.dll + 2009-08-14 14:34 . 2009-03-08 11:31 46592 c:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_8.0.6001.18702_none_d0b191832934e44c\pngfilt.dll + 2009-06-10 13:59 . 2009-04-24 16:00 44544 c:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.21046_none_ec446b482f7bb826\pngfilt.dll + 2009-06-10 13:59 . 2009-04-24 16:21 44544 c:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16851_none_ebab24fd166a8258\pngfilt.dll + 2009-06-10 14:01 . 2009-04-30 12:00 18944 c:\windows\winsxs\x86_microsoft-windows-ehome-ehtrace_31bf3856ad364e35_6.0.6000.21051_none_372af3e22ffed0a6\ehtrace.dll + 2009-06-10 14:01 . 2009-04-30 12:42 18944 c:\windows\winsxs\x86_microsoft-windows-ehome-ehtrace_31bf3856ad364e35_6.0.6000.16856_none_36a6806716dc7c4d\ehtrace.dll + 2009-06-10 14:01 . 2009-04-30 12:00 21504 c:\windows\winsxs\x86_microsoft-windows-ehome-ehdebug_31bf3856ad364e35_6.0.6000.21051_none_2e4be1e29e60eb10\ehdebug.dll + 2009-06-10 14:01 . 2009-04-30 12:41 21504 c:\windows\winsxs\x86_microsoft-windows-ehome-ehdebug_31bf3856ad364e35_6.0.6000.16856_none_2dc76e67853e96b7\ehdebug.dll + 2009-06-10 14:01 . 2009-04-30 12:09 77824 c:\windows\winsxs\msil_ehiextens_31bf3856ad364e35_6.0.6000.21051_none_fc39e70a22fc10d2\ehiExtens.dll + 2009-06-10 14:01 . 2009-04-30 12:55 77824 c:\windows\winsxs\msil_ehiextens_31bf3856ad364e35_6.0.6000.16856_none_fbb5738f09d9bc79\ehiExtens.dll + 2009-08-14 14:34 . 2009-03-08 11:32 66560 c:\windows\System32\wextract.exe + 2007-05-30 03:45 . 2009-08-23 01:40 87606 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2007-08-23 02:56 . 2009-08-23 01:40 10164 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3439640332-1277375291-2842798246-1005_UserData.bin + 2009-08-14 14:34 . 2009-03-08 11:31 46592 c:\windows\System32\pngfilt.dll - 2009-04-22 13:22 . 2009-03-03 00:44 48128 c:\windows\System32\mshtmler.dll + 2009-08-14 14:34 . 2009-03-08 11:31 48128 c:\windows\System32\mshtmler.dll + 2009-08-14 14:34 . 2009-03-08 11:31 66560 c:\windows\System32\mshtmled.dll - 2006-11-02 08:48 . 2006-11-02 09:45 45568 c:\windows\System32\mshta.exe + 2009-08-14 14:34 . 2009-03-08 11:31 45568 c:\windows\System32\mshta.exe + 2009-08-14 14:37 . 2009-07-21 20:13 13312 c:\windows\System32\msfeedssync.exe + 2009-08-14 14:37 . 2009-07-21 21:48 55296 c:\windows\System32\msfeedsbs.dll + 2009-08-14 14:37 . 2009-07-21 21:52 64512 c:\windows\System32\migration\WininetPlugin.dll - 2009-04-22 13:22 . 2009-03-03 04:20 64512 c:\windows\System32\migration\WininetPlugin.dll + 2008-02-02 18:32 . 2009-08-13 20:30 84661 c:\windows\System32\Macromed\Flash\uninstall_plugin.exe + 2009-08-14 14:34 . 2009-03-08 11:34 43008 c:\windows\System32\licmgr10.dll + 2009-08-14 14:37 . 2009-07-21 21:47 25600 c:\windows\System32\jsproxy.dll + 2009-08-14 14:34 . 2009-03-08 11:32 94720 c:\windows\System32\inseng.dll + 2009-08-14 14:34 . 2009-03-08 11:31 34816 c:\windows\System32\imgutil.dll + 2009-08-14 14:37 . 2009-07-21 21:47 55808 c:\windows\System32\iernonce.dll + 2009-08-14 14:34 . 2009-03-08 11:31 59904 c:\windows\System32\icardie.dll + 2009-06-10 15:09 . 2009-03-19 20:32 23400 c:\windows\System32\DRVSTORE\GEARAspiWD_F475AF659D36685632E9BD97B57E9D9661FF3FFD\x86\GEARAspiWDM.sys + 2009-06-05 15:42 . 2009-06-05 15:42 39424 c:\windows\System32\DriverStore\FileRepository\usbaapl.inf_867e7481\usbaapl.sys + 2009-07-25 12:36 . 2007-07-03 21:57 11944 c:\windows\System32\DriverStore\FileRepository\sscdw2k.inf_542f1bcb\i386\sscdmdfl.sys + 2009-07-25 12:36 . 2007-07-03 21:59 86824 c:\windows\System32\DriverStore\FileRepository\sscdsdm2.inf_ae69cd61\i386\sscdserd.sys + 2009-07-25 12:36 . 2007-07-03 21:54 80552 c:\windows\System32\DriverStore\FileRepository\sscdbus.inf_5421c7a9\i386\sscdbus.sys + 2009-06-05 15:42 . 2009-06-05 15:42 17408 c:\windows\System32\DriverStore\FileRepository\netaapl.inf_56082f61\netaapl.sys + 2008-05-20 12:32 . 2008-05-20 12:32 15328 c:\windows\System32\drivers\pssnap.sys + 2008-07-08 16:39 . 2008-07-08 16:39 31712 c:\windows\System32\drivers\psmounter.sys + 2009-06-10 15:09 . 2009-03-19 20:32 23400 c:\windows\System32\drivers\GEARAspiWDM.sys + 2008-12-12 15:11 . 2008-12-12 15:11 61440 c:\windows\System32\dnssd.dll + 2008-12-12 15:18 . 2008-12-12 15:18 87336 c:\windows\System32\dns-sd.exe + 2009-08-14 14:34 . 2009-03-08 11:33 18944 c:\windows\System32\corpol.dll + 2007-08-22 22:43 . 2009-08-23 21:35 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2007-08-22 22:43 . 2009-06-03 14:58 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2007-08-22 22:43 . 2009-06-03 14:58 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2007-08-22 22:43 . 2009-08-23 21:35 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2007-08-22 22:43 . 2009-08-23 21:35 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2007-08-22 22:43 . 2009-06-03 14:58 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-08-14 14:34 . 2009-03-08 11:32 72704 c:\windows\System32\admparse.dll - 2009-04-22 13:22 . 2009-03-03 04:15 72704 c:\windows\System32\admparse.dll + 2008-08-09 20:33 . 2008-08-09 20:33 54272 c:\windows\Installer\b57b2f.msi + 2009-07-09 18:35 . 2009-07-09 18:35 62464 c:\windows\Installer\a8fa5.msi + 2009-07-01 11:39 . 2009-07-01 11:39 22528 c:\windows\Installer\6af26.msi + 2009-03-24 13:12 . 2009-03-24 13:12 20480 c:\windows\Installer\49a356.msi + 2009-03-24 13:12 . 2009-03-24 13:12 26112 c:\windows\Installer\49a351.msi + 2009-08-13 20:04 . 2009-08-13 20:04 23552 c:\windows\Installer\491fc21.msi + 2009-07-25 12:35 . 2009-07-25 12:35 45056 c:\windows\Installer\{E9ED0801-253D-4FE9-AB20-F63DEFE72547}\ARPPRODUCTICON.exe + 2009-06-10 13:54 . 2009-06-10 13:54 25214 c:\windows\Installer\{CC016F21-3970-11DE-B878-005056806466}\UNINST_Uninstall_G_408FFBEED62349E08B232864A94D2864.exe + 2009-06-10 13:54 . 2009-06-10 13:54 25214 c:\windows\Installer\{CC016F21-3970-11DE-B878-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe + 2009-06-10 13:54 . 2009-06-10 13:54 25214 c:\windows\Installer\{CC016F21-3970-11DE-B878-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe + 2009-06-10 13:54 . 2009-06-10 13:54 25214 c:\windows\Installer\{CC016F21-3970-11DE-B878-005056806466}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe + 2009-06-10 13:54 . 2009-06-10 13:54 25214 c:\windows\Installer\{CC016F21-3970-11DE-B878-005056806466}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe + 2009-06-10 13:54 . 2009-06-10 13:54 25214 c:\windows\Installer\{CC016F21-3970-11DE-B878-005056806466}\ARPPRODUCTICON.exe + 2009-06-03 17:28 . 2009-06-03 17:28 27136 c:\windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe + 2009-06-10 15:06 . 2009-06-10 15:06 86016 c:\windows\Installer\{07287123-B8AC-41CE-8346-3D777245C35B}\PrntWzrdIco.exe - 2006-11-02 10:25 . 2009-04-22 19:38 86016 c:\windows\inf\infstor.dat + 2006-11-02 10:25 . 2009-07-25 12:36 86016 c:\windows\inf\infstor.dat - 2006-11-02 10:25 . 2009-04-22 19:38 86016 c:\windows\inf\infpub.dat + 2006-11-02 10:25 . 2009-07-25 12:36 86016 c:\windows\inf\infpub.dat - 2009-04-01 21:13 . 2008-12-05 04:29 18944 c:\windows\ehome\ehtrace.dll + 2009-06-10 14:01 . 2009-04-30 12:42 18944 c:\windows\ehome\ehtrace.dll - 2009-04-01 21:13 . 2008-12-05 04:30 77824 c:\windows\ehome\ehiExtens.dll + 2009-06-10 14:01 . 2009-04-30 12:55 77824 c:\windows\ehome\ehiExtens.dll + 2009-06-10 14:01 . 2009-04-30 12:41 21504 c:\windows\ehome\ehdebug.dll - 2009-04-01 21:13 . 2008-12-05 04:29 21504 c:\windows\ehome\ehdebug.dll + 2009-06-10 21:44 . 2009-06-10 21:44 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\ade62baef300f037ae756f801663f9c5\System.Windows.Presentation.ni.dll + 2009-06-10 21:43 . 2009-06-10 21:43 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\7dba5af5f1c6d3d23d3f3b2b4d7ebc14\PresentationFontCache.ni.exe + 2009-06-10 21:42 . 2009-06-10 21:42 68608 c:\windows\assembly\NativeImages_v2.0.50727_32\loadmxf\e8dd42b3c865fa72edf2cdc7bcb02a23\loadmxf.ni.exe + 2009-06-10 21:43 . 2009-06-10 21:43 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtCOM\5eee30dfad15de2e86d31981dc07e4c9\ehExtCOM.ni.dll - 2009-04-01 21:13 . 2008-12-05 04:30 77824 c:\windows\assembly\GAC_MSIL\ehiExtens\6.0.6000.0__31bf3856ad364e35\ehiExtens.dll + 2009-06-10 14:01 . 2009-04-30 12:55 77824 c:\windows\assembly\GAC_MSIL\ehiExtens\6.0.6000.0__31bf3856ad364e35\ehiExtens.dll - 2009-04-22 13:22 . 2009-03-03 04:16 52736 c:\windows\AppPatch\iebrshim.dll + 2009-06-10 13:59 . 2009-04-24 16:14 52736 c:\windows\AppPatch\iebrshim.dll + 2009-08-14 14:34 . 2009-03-08 11:35 2048 c:\windows\winsxs\x86_microsoft-windows-ie-iecompat_31bf3856ad364e35_8.0.6001.18702_none_83daaad046b59436\iecompat.dll + 2009-06-10 14:01 . 2009-04-30 12:17 6656 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.22423_none_34a0ebecf3254d51\McrMgr.dll + 2009-04-01 21:13 . 2008-01-19 07:34 6656 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.18254_none_33f7ddc1da1f1d8a\McrMgr.dll + 2009-06-10 14:01 . 2009-04-30 12:02 6656 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.21051_none_3298132af61913a0\McrMgr.dll + 2009-06-10 14:01 . 2009-04-30 12:44 6656 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.16856_none_32139fafdcf6bf47\McrMgr.dll + 2009-08-14 14:30 . 2008-01-30 00:29 2560 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.20762_none_0a86b75b0e7254fa\AcRes.dll + 2009-08-14 14:30 . 2008-01-29 00:15 2560 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.16633_none_0a1e8a9df53b7ab4\AcRes.dll + 2007-08-24 01:59 . 2009-08-10 16:34 2710 c:\windows\System32\WDI\ERCQueuedResolutions.dat - 2008-08-22 23:02 . 2009-05-15 21:00 5632 c:\windows\System32\pndx5032.dll + 2008-08-22 23:02 . 2009-07-22 17:57 5632 c:\windows\System32\pndx5032.dll + 2008-08-22 23:02 . 2009-07-22 17:57 6656 c:\windows\System32\pndx5016.dll - 2008-08-22 23:02 . 2009-05-15 21:00 6656 c:\windows\System32\pndx5016.dll + 2009-07-25 12:36 . 2007-07-03 21:56 9256 c:\windows\System32\DriverStore\FileRepository\sscdw2k.inf_542f1bcb\i386\sscdcmnt.sys + 2009-07-25 12:36 . 2007-07-03 21:56 9256 c:\windows\System32\DriverStore\FileRepository\sscdsdm2.inf_ae69cd61\i386\sscdcmnt.sys + 2009-07-25 12:36 . 2007-07-03 22:00 9256 c:\windows\System32\DriverStore\FileRepository\sscdbus.inf_5421c7a9\i386\sscdwhnt.sys + 2009-08-23 01:37 . 2009-08-23 01:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2009-06-03 16:01 . 2009-06-03 16:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2009-08-23 01:37 . 2009-08-23 01:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-06-03 16:01 . 2009-06-03 16:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-06-10 14:01 . 2009-04-30 12:44 6656 c:\windows\ehome\McrMgr.dll - 2009-04-01 21:13 . 2008-12-05 04:29 6656 c:\windows\ehome\McrMgr.dll + 2009-06-10 14:01 . 2009-04-30 12:19 293376 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6001.22423_none_dc743bad703abfa3\psisdecd.dll + 2009-06-10 14:01 . 2009-04-30 12:37 293376 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6001.18254_none_dbcb2d8257348fdc\psisdecd.dll + 2009-06-10 14:01 . 2009-04-30 12:06 292352 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6000.21051_none_da6b62eb732e85f2\psisdecd.dll + 2009-06-10 14:01 . 2009-04-30 12:52 292352 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6000.16856_none_d9e6ef705a0c3199\psisdecd.dll + 2009-06-10 14:01 . 2009-04-30 12:19 428544 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6001.22423_none_e0ef19f3a791bbf8\EncDec.dll + 2009-06-10 14:01 . 2009-04-30 12:37 428544 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6001.18254_none_e0460bc88e8b8c31\EncDec.dll + 2009-06-10 14:01 . 2009-04-30 12:00 428032 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6000.21051_none_dee64131aa858247\EncDec.dll + 2009-06-10 14:01 . 2009-04-30 12:42 428032 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6000.16856_none_de61cdb691632dee\EncDec.dll + 2009-08-14 14:34 . 2009-03-08 11:33 420352 c:\windows\winsxs\x86_microsoft-windows-scripting-vbscript_31bf3856ad364e35_8.0.6001.18702_none_2b4525a943b273a6\vbscript.dll + 2009-08-14 14:34 . 2009-03-08 11:33 726528 c:\windows\winsxs\x86_microsoft-windows-scripting-jscript_31bf3856ad364e35_8.0.6001.18702_none_65cb0af10cefc76a\jscript.dll + 2009-06-10 14:01 . 2009-04-23 12:24 784896 c:\windows\winsxs\x86_microsoft-windows-rpc-local_31bf3856ad364e35_6.0.6002.22120_none_b65513a45b6873a4\rpcrt4.dll + 2009-06-10 14:01 . 2009-04-23 12:15 784896 c:\windows\winsxs\x86_microsoft-windows-rpc-local_31bf3856ad364e35_6.0.6002.18024_none_b5cf780142473936\rpcrt4.dll + 2009-06-10 14:01 . 2009-04-23 12:39 784896 c:\windows\winsxs\x86_microsoft-windows-rpc-local_31bf3856ad364e35_6.0.6001.22417_none_b48073ae5e33b3f0\rpcrt4.dll + 2009-06-10 14:01 . 2009-04-23 12:43 784896 c:\windows\winsxs\x86_microsoft-windows-rpc-local_31bf3856ad364e35_6.0.6001.18247_none_b3d66539452e6ad2\rpcrt4.dll + 2009-06-10 14:01 . 2009-04-23 12:33 788992 c:\windows\winsxs\x86_microsoft-windows-rpc-local_31bf3856ad364e35_6.0.6000.21045_none_b2779aec61277a3f\rpcrt4.dll + 2009-06-10 14:01 . 2009-04-23 13:01 788992 c:\windows\winsxs\x86_microsoft-windows-rpc-local_31bf3856ad364e35_6.0.6000.16850_none_b1de54a148164471\rpcrt4.dll + 2009-06-10 14:01 . 2009-04-23 12:22 623616 c:\windows\winsxs\x86_microsoft-windows-p..ooler-core-localspl_31bf3856ad364e35_6.0.6002.22120_none_3275d288a9023d20\localspl.dll + 2009-06-10 14:01 . 2009-04-23 12:14 623616 c:\windows\winsxs\x86_microsoft-windows-p..ooler-core-localspl_31bf3856ad364e35_6.0.6002.18024_none_31f036e58fe102b2\localspl.dll + 2009-06-10 14:01 . 2009-04-23 12:39 636928 c:\windows\winsxs\x86_microsoft-windows-p..ooler-core-localspl_31bf3856ad364e35_6.0.6001.22417_none_30a13292abcd7d6c\localspl.dll + 2009-06-10 14:01 . 2009-04-23 12:42 636928 c:\windows\winsxs\x86_microsoft-windows-p..ooler-core-localspl_31bf3856ad364e35_6.0.6001.18247_none_2ff7241d92c8344e\localspl.dll + 2009-06-10 14:01 . 2009-04-23 12:29 697856 c:\windows\winsxs\x86_microsoft-windows-p..ooler-core-localspl_31bf3856ad364e35_6.0.6000.21045_none_2e9859d0aec143bb\localspl.dll + 2009-06-10 14:01 . 2009-04-23 12:56 696832 c:\windows\winsxs\x86_microsoft-windows-p..ooler-core-localspl_31bf3856ad364e35_6.0.6000.16850_none_2dff138595b00ded\localspl.dll + 2009-08-14 14:34 . 2009-03-08 11:22 156160 c:\windows\winsxs\x86_microsoft-windows-msls31_31bf3856ad364e35_8.0.6001.18702_none_aeeaf610b83f2e48\msls31.dll + 2009-08-14 14:34 . 2009-03-08 11:35 121344 c:\windows\winsxs\x86_microsoft-windows-js-debuggeride_31bf3856ad364e35_8.0.6001.18702_none_1de359b6148047cc\jsdebuggeride.dll + 2009-06-10 13:59 . 2009-04-24 13:42 301568 c:\windows\winsxs\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.21046_none_0bc20a59f02f616a\ieuser.exe + 2009-06-10 13:59 . 2009-04-24 13:53 301568 c:\windows\winsxs\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.16851_none_0b28c40ed71e2b9c\ieuser.exe + 2009-08-14 14:34 . 2009-03-08 11:33 256000 c:\windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_8.0.6001.18702_none_cb86fb78a76dcdde\ieinstal.exe + 2009-06-10 13:59 . 2009-04-24 13:42 263168 c:\windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.21046_none_e719d53dadb4a1b8\ieinstal.exe + 2009-06-10 13:59 . 2009-04-24 13:53 263168 c:\windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.16851_none_e6808ef294a36bea\ieinstal.exe + 2009-08-14 14:37 . 2009-07-22 05:58 164352 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.22903_none_48182df4dd072fee\ieui.dll + 2009-08-14 14:37 . 2009-07-21 21:47 164352 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.18813_none_4783c13dc3f1ac15\ieui.dll + 2009-08-14 14:34 . 2009-03-08 11:22 164352 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.18702_none_478d8ef9c3ea79a6\ieui.dll + 2009-06-10 13:59 . 2009-04-24 15:57 180736 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.22418_none_65294180c73d8731\ieui.dll + 2008-08-13 17:39 . 2008-01-19 07:34 180736 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.18248_none_647f330bae383e13\ieui.dll + 2009-06-10 13:59 . 2009-04-24 15:54 180736 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.21046_none_632068beca314d80\ieui.dll + 2009-06-10 13:59 . 2009-04-24 16:14 180736 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16851_none_62872273b12017b2\ieui.dll + 2009-08-14 14:34 . 2009-03-08 11:34 105984 c:\windows\winsxs\x86_microsoft-windows-ie-winsockautodialstub_31bf3856ad364e35_8.0.6001.18702_none_d315f3a07395d0ed\url.dll + 2009-08-14 14:34 . 2009-03-08 11:34 208384 c:\windows\winsxs\x86_microsoft-windows-ie-winfxdocobj_31bf3856ad364e35_8.0.6001.18702_none_d4a239fe30224f93\WinFXDocObj.exe + 2009-08-14 14:34 . 2009-03-08 11:33 759296 c:\windows\winsxs\x86_microsoft-windows-ie-vgx_31bf3856ad364e35_8.0.6001.18702_none_d02233c4fe8667df\VGX.dll + 2009-08-14 14:37 . 2009-07-22 05:58 109056 c:\windows\winsxs\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.22903_none_ff07db25e8e4acd8\iesysprep.dll + 2009-08-14 14:37 . 2009-07-21 21:47 109056 c:\windows\winsxs\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.18813_none_fe736e6ecfcf28ff\iesysprep.dll + 2009-08-14 14:34 . 2009-03-08 11:33 109056 c:\windows\winsxs\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.18702_none_fe7d3c2acfc7f690\iesysprep.dll + 2009-08-14 14:37 . 2009-07-22 04:27 173056 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22903_none_a94676798d617013\ie4uinit.exe + 2009-08-14 14:37 . 2009-07-21 20:13 173056 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18813_none_a8b209c2744bec3a\ie4uinit.exe + 2009-08-14 14:34 . 2009-03-08 11:32 173056 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18702_none_a8bbd77e7444b9cb\ie4uinit.exe + 2009-08-14 14:37 . 2009-07-22 06:02 129536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.22903_none_2b196baebb6c56e8\sqmapi.dll + 2009-08-14 14:37 . 2009-07-21 21:51 129536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.18813_none_2a84fef7a256d30f\sqmapi.dll + 2009-08-14 14:34 . 2009-03-08 21:09 140128 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.18702_none_2a8eccb3a24fa0a0\sqmapi.dll + 2009-06-10 13:59 . 2009-04-24 16:00 129536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.22418_none_482a7f3aa5a2ae2b\sqmapi.dll + 2009-06-10 13:59 . 2009-04-24 15:57 270848 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.22418_none_482a7f3aa5a2ae2b\iertutil.dll + 2009-04-22 13:22 . 2008-01-19 07:36 129536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.18248_none_478070c58c9d650d\sqmapi.dll + 2009-06-10 13:59 . 2009-04-24 16:02 270848 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.18248_none_478070c58c9d650d\iertutil.dll + 2009-06-10 13:59 . 2009-04-24 16:00 134144 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.21046_none_4621a678a896747a\sqmapi.dll + 2009-06-10 13:59 . 2009-04-24 15:54 268288 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.21046_none_4621a678a896747a\iertutil.dll + 2009-06-10 13:59 . 2009-04-24 16:21 134144 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.16851_none_4588602d8f853eac\sqmapi.dll + 2009-06-10 13:59 . 2009-04-24 16:14 268288 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.16851_none_4588602d8f853eac\iertutil.dll + 2009-08-14 14:34 . 2009-03-08 11:34 193536 c:\windows\winsxs\x86_microsoft-windows-ie-ratings_31bf3856ad364e35_8.0.6001.18702_none_aa7d60ae7286ab24\msrating.dll + 2009-08-14 14:34 . 2009-03-08 11:33 109568 c:\windows\winsxs\x86_microsoft-windows-ie-pdm_31bf3856ad364e35_8.0.6001.18702_none_d0610d06fe575a49\PDMSetup.exe + 2009-08-14 14:34 . 2009-01-08 01:20 355832 c:\windows\winsxs\x86_microsoft-windows-ie-pdm_31bf3856ad364e35_8.0.6001.18702_none_d0610d06fe575a49\pdm.dll + 2009-08-14 14:34 . 2009-01-08 01:20 265720 c:\windows\winsxs\x86_microsoft-windows-ie-pdm_31bf3856ad364e35_8.0.6001.18702_none_d0610d06fe575a49\msdbg2.dll + 2009-08-14 14:34 . 2009-03-08 11:34 236544 c:\windows\winsxs\x86_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_8.0.6001.18702_none_44170552678500f2\webcheck.dll + 2009-08-14 14:37 . 2009-07-22 06:01 206848 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.22903_none_1a9c2981430b3c56\occache.dll + 2009-08-14 14:37 . 2009-07-21 21:50 206848 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18813_none_1a07bcca29f5b87d\occache.dll + 2009-08-14 14:34 . 2009-03-08 11:34 109568 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18702_none_1a118a8629ee860e\occache.dll + 2009-06-10 13:59 . 2009-04-24 15:59 102912 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6001.22418_none_37ad3d0d2d419399\occache.dll + 2009-06-10 13:59 . 2009-04-24 16:04 102912 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6001.18248_none_37032e98143c4a7b\occache.dll + 2009-06-10 13:59 . 2009-04-24 16:00 102912 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6000.21046_none_35a4644b303559e8\occache.dll + 2009-06-10 13:59 . 2009-04-24 16:20 102912 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6000.16851_none_350b1e001724241a\occache.dll + 2009-08-14 14:34 . 2009-03-08 11:35 233984 c:\windows\winsxs\x86_microsoft-windows-ie-jsprofilerui_31bf3856ad364e35_8.0.6001.18702_none_d5ea1c01e3fe67ea\jsprofilerui.dll + 2009-08-14 14:34 . 2009-03-08 11:35 118272 c:\windows\winsxs\x86_microsoft-windows-ie-jsprofilercore_31bf3856ad364e35_8.0.6001.18702_none_ed92bec9472aab53\JSProfilerCore.dll + 2009-08-14 14:34 . 2009-03-08 11:35 521216 c:\windows\winsxs\x86_microsoft-windows-ie-jscriptdebugui_31bf3856ad364e35_8.0.6001.18702_none_9d577137e370ad2c\jsdbgui.dll + 2009-08-14 14:36 . 2009-07-22 06:04 638232 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22903_none_12d7c15e48e6a76e\iexplore.exe + 2009-08-14 14:37 . 2009-07-22 04:27 133632 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22903_none_12d7c15e48e6a76e\ieUnatt.exe + 2009-08-14 14:36 . 2009-07-21 21:53 638216 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18813_none_124354a72fd12395\iexplore.exe + 2009-08-14 14:37 . 2009-07-21 20:13 133632 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18813_none_124354a72fd12395\ieUnatt.exe + 2009-08-14 14:34 . 2009-03-08 21:09 638816 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_124d22632fc9f126\iexplore.exe + 2009-08-14 14:34 . 2009-03-08 11:33 132608 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_124d22632fc9f126\ieUnatt.exe + 2009-06-10 13:59 . 2009-04-24 16:01 634648 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22418_none_2fe8d4ea331cfeb1\iexplore.exe + 2009-06-10 13:59 . 2009-04-24 16:08 634632 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18248_none_2f3ec6751a17b593\iexplore.exe + 2009-06-10 13:59 . 2009-04-24 16:03 634648 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21046_none_2ddffc283610c500\iexplore.exe + 2009-06-10 13:59 . 2009-04-24 16:25 634648 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16851_none_2d46b5dd1cff8f32\iexplore.exe + 2009-08-14 14:34 . 2009-03-08 11:35 144384 c:\windows\winsxs\x86_microsoft-windows-ie-impexp-extexport_31bf3856ad364e35_8.0.6001.18702_none_10e8e2fad95106ab\ExtExport.exe + 2009-08-14 14:34 . 2009-03-08 11:32 169472 c:\windows\winsxs\x86_microsoft-windows-ie-iexpress_31bf3856ad364e35_8.0.6001.18702_none_4766ff3b547d623d\iexpress.exe + 2009-08-14 14:37 . 2009-07-22 05:58 197632 c:\windows\winsxs\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.22903_none_2b02f14ac9212978\IEShims.dll + 2009-08-14 14:37 . 2009-07-21 21:47 197632 c:\windows\winsxs\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.18813_none_2a6e8493b00ba59f\IEShims.dll + 2009-08-14 14:34 . 2009-03-08 11:33 196096 c:\windows\winsxs\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.18702_none_2a78524fb0047330\IEShims.dll + 2009-08-14 14:37 . 2009-07-22 05:58 246272 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.22903_none_73a4a5b47978c30a\ieproxy.dll + 2009-08-14 14:37 . 2009-07-21 21:47 246272 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.18813_none_731038fd60633f31\ieproxy.dll + 2009-08-14 14:34 . 2009-03-08 11:33 246784 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.18702_none_731a06b9605c0cc2\ieproxy.dll + 2009-08-14 14:34 . 2009-03-08 11:34 115712 c:\windows\winsxs\x86_microsoft-windows-ie-ielowutil_31bf3856ad364e35_8.0.6001.18702_none_e9612e8087062a88\ielowutil.exe + 2009-08-14 14:36 . 2009-06-30 11:31 101376 c:\windows\winsxs\x86_microsoft-windows-ie-iecompat_31bf3856ad364e35_8.0.6001.22895_none_8405f92d60197b7e\iecompat.dll + 2009-08-14 14:36 . 2009-06-30 03:37 101376 c:\windows\winsxs\x86_microsoft-windows-ie-iecompat_31bf3856ad364e35_8.0.6001.18805_none_83ddad9446b2dd62\iecompat.dll + 2009-08-14 14:34 . 2009-03-08 11:33 125952 c:\windows\winsxs\x86_microsoft-windows-ie-iecleanup_31bf3856ad364e35_8.0.6001.18702_none_a0d17792aa595b3e\iecleanup.exe + 2009-06-10 13:59 . 2009-04-24 15:57 477696 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.21046_none_46a6e5865f77092b\mshtmled.dll + 2009-06-10 13:59 . 2009-04-24 16:17 477696 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.16851_none_460d9f3b4665d35d\mshtmled.dll + 2009-08-14 14:34 . 2009-03-08 11:33 103936 c:\windows\winsxs\x86_microsoft-windows-ie-gc-setdepnx_31bf3856ad364e35_8.0.6001.18702_none_9396116207a33bbc\SetDepNx.exe + 2009-08-14 14:34 . 2009-03-08 11:33 107520 c:\windows\winsxs\x86_microsoft-windows-ie-gc-registeriepkeys_31bf3856ad364e35_8.0.6001.18702_none_0ad3f877399acafc\RegisterIEPKEYs.exe + 2009-08-14 14:37 . 2009-07-22 05:59 594432 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.6001.22903_none_435c4ba1695e8b43\msfeeds.dll + 2009-08-14 14:37 . 2009-07-21 21:48 594432 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.6001.18813_none_42c7deea5049076a\msfeeds.dll + 2009-08-14 14:34 . 2009-03-08 11:32 594432 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.6001.18702_none_42d1aca65041d4fb\msfeeds.dll + 2009-06-10 13:59 . 2009-04-24 15:58 458240 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6001.22418_none_606d5f2d5394e286\msfeeds.dll + 2009-06-10 13:59 . 2009-04-24 16:03 458240 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6001.18248_none_5fc350b83a8f9968\msfeeds.dll + 2009-06-10 13:59 . 2009-04-24 15:57 459264 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6000.21046_none_5e64866b5688a8d5\msfeeds.dll + 2009-06-10 13:59 . 2009-04-24 16:16 459264 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6000.16851_none_5dcb40203d777307\msfeeds.dll + 2009-08-14 14:34 . 2009-03-08 11:31 216064 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_8.0.6001.18702_none_7ab17169976f82c4\dxtrans.dll + 2009-08-14 14:34 . 2009-03-08 11:31 348160 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_8.0.6001.18702_none_7ab17169976f82c4\dxtmsft.dll + 2009-06-10 13:59 . 2009-04-24 15:53 214528 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.21046_none_96444b2e9db6569e\dxtrans.dll + 2009-06-10 13:59 . 2009-04-24 15:53 347136 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.21046_none_96444b2e9db6569e\dxtmsft.dll + 2009-06-10 13:59 . 2009-04-24 16:13 214528 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16851_none_95ab04e384a520d0\dxtrans.dll + 2009-06-10 13:59 . 2009-04-24 16:13 347136 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16851_none_95ab04e384a520d0\dxtmsft.dll + 2009-08-14 14:34 . 2009-03-08 11:35 742912 c:\windows\winsxs\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_8.0.6001.18702_none_1e902f2a55a1ce84\iedvtool.dll + 2009-08-14 14:37 . 2009-07-22 05:58 184320 c:\windows\winsxs\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.22903_none_2039460420f600ed\iepeers.dll + 2009-08-14 14:37 . 2009-07-21 21:47 184320 c:\windows\winsxs\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.18813_none_1fa4d94d07e07d14\iepeers.dll + 2009-08-14 14:34 . 2009-03-08 11:31 183808 c:\windows\winsxs\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.18702_none_1faea70907d94aa5\iepeers.dll + 2009-08-14 14:34 . 2009-03-08 11:11 445952 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_8.0.6001.18702_none_de7d38b18189fc96\ieapfltr.dll + 2009-06-10 13:59 . 2009-04-24 15:54 380928 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.21046_none_fa10127687d0d070\ieapfltr.dll + 2009-06-10 13:59 . 2009-04-24 16:14 383488 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16851_none_f976cc2b6ebf9aa2\ieapfltr.dll + 2009-08-14 14:34 . 2009-03-08 11:32 163840 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_8.0.6001.18702_none_911d44271c9159e9\ieakui.dll + 2009-08-14 14:34 . 2009-03-08 11:33 229376 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_8.0.6001.18702_none_911d44271c9159e9\ieaksie.dll + 2009-06-10 13:59 . 2009-04-24 15:57 161792 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.22418_none_aeb8f6ae1fe46774\ieakui.dll + 2009-06-10 13:59 . 2009-04-24 15:57 230400 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.22418_none_aeb8f6ae1fe46774\ieaksie.dll + 2006-11-02 07:27 . 2006-11-02 09:39 161792 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.18248_none_ae0ee83906df1e56\ieakui.dll + 2009-06-10 13:59 . 2009-04-24 16:02 230400 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.18248_none_ae0ee83906df1e56\ieaksie.dll + 2009-06-10 13:59 . 2009-04-24 15:54 161792 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6000.21046_none_acb01dec22d82dc3\ieakui.dll + 2009-06-10 13:59 . 2009-04-24 15:54 230400 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6000.21046_none_acb01dec22d82dc3\ieaksie.dll + 2009-06-10 13:59 . 2009-04-24 16:14 161792 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6000.16851_none_ac16d7a109c6f7f5\ieakui.dll + 2009-06-10 13:59 . 2009-04-24 16:14 230400 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6000.16851_none_ac16d7a109c6f7f5\ieaksie.dll + 2009-08-14 14:34 . 2009-03-08 11:33 125952 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitengine_31bf3856ad364e35_8.0.6001.18702_none_87015889ddff063f\ieakeng.dll + 2009-08-14 14:37 . 2009-07-22 05:58 386048 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.6001.22903_none_57c62dce86655952\iedkcs32.dll + 2009-08-14 14:37 . 2009-07-21 21:47 386048 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.6001.18813_none_5731c1176d4fd579\iedkcs32.dll + 2009-08-14 14:34 . 2009-03-08 21:09 391536 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.6001.18702_none_573b8ed36d48a30a\iedkcs32.dll + 2009-06-10 13:59 . 2009-04-24 15:57 389120 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_6.0.6001.22418_none_74d7415a709bb095\iedkcs32.dll + 2009-06-10 13:59 . 2009-04-24 16:02 389120 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_6.0.6001.18248_none_742d32e557966777\iedkcs32.dll + 2009-06-10 13:59 . 2009-04-24 15:54 388608 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_6.0.6000.21046_none_72ce6898738f76e4\iedkcs32.dll + 2009-06-10 13:59 . 2009-04-24 16:14 385024 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_6.0.6000.16851_none_7235224d5a7e4116\iedkcs32.dll + 2009-08-14 14:37 . 2009-07-22 06:03 915456 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_e55eb4d2d0bb388b\wininet.dll + 2009-08-14 14:37 . 2009-07-21 21:52 915456 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_e4ca481bb7a5b4b2\wininet.dll + 2009-08-14 14:34 . 2009-03-08 11:34 914944 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\wininet.dll + 2009-06-10 13:59 . 2009-04-24 15:43 828416 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22121_none_04446854b8264f82\wininet.dll + 2009-06-10 13:59 . 2009-04-23 12:15 828416 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18024_none_03bdcc679f05fbbd\wininet.dll + 2009-06-10 13:59 . 2009-04-24 16:00 828416 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22418_none_026fc85ebaf18fce\wininet.dll + 2009-06-10 13:59 . 2009-04-24 16:05 827904 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18248_none_01c5b9e9a1ec46b0\wininet.dll + 2009-06-10 13:59 . 2009-04-24 16:01 828928 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21046_none_0066ef9cbde5561d\wininet.dll + 2009-06-10 13:59 . 2009-04-24 16:22 827392 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16851_none_ffcda951a4d4204f\wininet.dll + 2009-08-14 14:34 . 2009-03-08 11:32 611840 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_8.0.6001.18702_none_c3b0c8fe923e1b1f\mstime.dll + 2009-06-10 13:59 . 2009-04-24 15:58 671232 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.22418_none_e14c7b85959128aa\mstime.dll + 2009-06-10 13:59 . 2009-04-24 16:03 671232 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.18248_none_e0a26d107c8bdf8c\mstime.dll + 2009-06-10 13:59 . 2009-04-24 15:58 671232 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.21046_none_df43a2c39884eef9\mstime.dll + 2009-06-10 13:59 . 2009-04-24 16:18 671232 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.16851_none_deaa5c787f73b92b\mstime.dll + 2009-08-14 14:34 . 2009-03-08 11:33 107008 c:\windows\winsxs\x86_microsoft-windows-i..-setieinstalleddate_31bf3856ad364e35_8.0.6001.18702_none_eb622404d6d4cb81\SetIEInstalledDate.exe + 2009-06-10 14:01 . 2009-04-30 10:34 253952 c:\windows\winsxs\x86_microsoft-windows-ehome-ehvid_31bf3856ad364e35_6.0.6001.22423_none_4bdfc1ce6de6cf39\ehvid.exe + 2009-06-10 14:01 . 2009-04-30 10:28 253952 c:\windows\winsxs\x86_microsoft-windows-ehome-ehvid_31bf3856ad364e35_6.0.6001.18254_none_4b36b3a354e09f72\ehvid.exe + 2009-06-10 14:01 . 2009-04-30 10:19 253952 c:\windows\winsxs\x86_microsoft-windows-ehome-ehvid_31bf3856ad364e35_6.0.6000.21051_none_49d6e90c70da9588\ehvid.exe + 2009-06-10 14:01 . 2009-04-30 10:42 253952 c:\windows\winsxs\x86_microsoft-windows-ehome-ehvid_31bf3856ad364e35_6.0.6000.16856_none_4952759157b8412f\ehvid.exe + 2009-06-10 14:01 . 2009-04-30 12:16 522240 c:\windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6001.22423_none_cf3b1fcee292dd5c\ehui.dll + 2009-06-10 14:01 . 2009-04-30 12:33 522240 c:\windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6001.18254_none_ce9211a3c98cad95\ehui.dll + 2009-06-10 14:01 . 2009-04-30 12:00 521728 c:\windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6000.21051_none_cd32470ce586a3ab\ehui.dll + 2009-06-10 14:01 . 2009-04-30 12:42 517632 c:\windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6000.16856_none_ccadd391cc644f52\ehui.dll + 2009-06-10 14:01 . 2009-04-30 12:16 105472 c:\windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6001.22423_none_273f9b1b7b253f90\ehPresenter.dll + 2009-06-10 14:01 . 2009-04-30 12:33 105472 c:\windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6001.18254_none_26968cf0621f0fc9\ehPresenter.dll + 2009-06-10 14:01 . 2009-04-30 12:00 105472 c:\windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6000.21051_none_2536c2597e1905df\ehPresenter.dll + 2009-06-10 14:01 . 2009-04-30 12:41 105472 c:\windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6000.16856_none_24b24ede64f6b186\ehPresenter.dll + 2009-06-10 14:01 . 2009-04-30 12:01 278528 c:\windows\winsxs\x86_microsoft-windows-ehome-ehplayer_31bf3856ad364e35_6.0.6002.22126_none_3019d864cf578034\ehPlayer.dll + 2009-06-10 14:01 . 2009-04-30 11:47 278528 c:\windows\winsxs\x86_microsoft-windows-ehome-ehplayer_31bf3856ad364e35_6.0.6002.18030_none_2f7f69f1b6476451\ehPlayer.dll + 2009-06-10 14:01 . 2009-04-30 12:16 278528 c:\windows\winsxs\x86_microsoft-windows-ehome-ehplayer_31bf3856ad364e35_6.0.6001.22423_none_2e30659ed233df0b\ehPlayer.dll + 2009-06-10 14:01 . 2009-04-30 12:33 278528 c:\windows\winsxs\x86_microsoft-windows-ehome-ehplayer_31bf3856ad364e35_6.0.6001.18254_none_2d875773b92daf44\ehPlayer.dll + 2009-06-10 14:01 . 2009-04-30 12:00 278528 c:\windows\winsxs\x86_microsoft-windows-ehome-ehplayer_31bf3856ad364e35_6.0.6000.21051_none_2c278cdcd527a55a\ehPlayer.dll + 2009-06-10 14:01 . 2009-04-30 12:16 373248 c:\windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6001.22423_none_2fb2ddfc834d299c\ehglid.dll + 2009-06-10 14:01 . 2009-04-30 12:33 373248 c:\windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6001.18254_none_2f09cfd16a46f9d5\ehglid.dll + 2009-06-10 14:01 . 2009-04-30 12:00 372736 c:\windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6000.21051_none_2daa053a8640efeb\ehglid.dll + 2009-06-10 14:01 . 2009-04-30 12:41 372224 c:\windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6000.16856_none_2d2591bf6d1e9b92\ehglid.dll + 2009-06-10 14:01 . 2009-04-30 11:47 173056 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.22423_none_34a0ebecf3254d51\McrMgr.exe + 2009-06-10 14:01 . 2009-04-30 12:00 173056 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.18254_none_33f7ddc1da1f1d8a\McrMgr.exe + 2009-06-10 14:01 . 2009-04-30 11:31 173056 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.21051_none_3298132af61913a0\McrMgr.exe + 2009-06-10 14:01 . 2009-04-30 12:09 173056 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.16856_none_32139fafdcf6bf47\McrMgr.exe + 2009-06-10 14:01 . 2009-04-30 12:16 254464 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6001.22423_none_152e7b96b8dde8f3\ehReplay.dll + 2009-06-10 14:01 . 2009-04-30 12:33 254464 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6001.18254_none_14856d6b9fd7b92c\ehReplay.dll + 2009-06-10 14:01 . 2009-04-30 12:00 254464 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6000.21051_none_1325a2d4bbd1af42\ehReplay.dll + 2009-06-10 14:01 . 2009-04-30 12:41 252416 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6000.16856_none_12a12f59a2af5ae9\ehReplay.dll + 2009-06-10 14:01 . 2009-04-30 12:19 180224 c:\windows\winsxs\x86_microsoft-windows-ehome-cbva_31bf3856ad364e35_6.0.6001.22423_none_ce9aa784e2f278f7\cbva.dll + 2009-06-10 14:01 . 2009-04-30 12:37 180224 c:\windows\winsxs\x86_microsoft-windows-ehome-cbva_31bf3856ad364e35_6.0.6001.18254_none_cdf19959c9ec4930\cbva.dll + 2009-06-10 14:01 . 2009-04-30 11:59 180224 c:\windows\winsxs\x86_microsoft-windows-ehome-cbva_31bf3856ad364e35_6.0.6000.21051_none_cc91cec2e5e63f46\cbva.dll + 2009-06-10 14:01 . 2009-04-30 12:40 180224 c:\windows\winsxs\x86_microsoft-windows-ehome-cbva_31bf3856ad364e35_6.0.6000.16856_none_cc0d5b47ccc3eaed\cbva.dll + 2009-08-14 14:34 . 2009-03-08 11:32 128512 c:\windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_8.0.6001.18702_none_8eb687d4089bfe4d\advpack.dll + 2009-06-10 13:59 . 2009-04-24 15:52 124928 c:\windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.21046_none_aa4961990ee2d227\advpack.dll + 2009-06-10 13:59 . 2009-04-24 16:11 124928 c:\windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.16851_none_a9b01b4df5d19c59\advpack.dll + 2009-08-14 14:30 . 2008-01-30 04:24 173056 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.20762_none_0a8ab8830e6eba56\AcXtrnal.dll + 2009-08-14 14:30 . 2008-01-30 04:24 537600 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.20762_none_0a8ab8830e6eba56\AcLayers.dll + 2009-08-14 14:30 . 2008-01-29 04:16 173056 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.16633_none_0a228bc5f537e010\AcXtrnal.dll + 2009-08-14 14:30 . 2008-01-29 04:16 537600 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.16633_none_0a228bc5f537e010\AcLayers.dll + 2009-08-14 14:30 . 2008-01-30 04:24 450560 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6000.20762_none_0a89b8390e6fa0ff\AcSpecfc.dll + 2009-08-14 14:30 . 2008-01-29 04:16 449536 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6000.16633_none_0a218b7bf538c6b9\AcSpecfc.dll + 2009-06-10 14:01 . 2009-04-30 12:06 212992 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6002.22126_none_27de1592e29 b9884\Microsoft.MediaCenter.dll + 2009-06-10 14:01 . 2009-04-30 11:54 212992 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6002.18030_none_2743a71fc98 b7ca1\Microsoft.MediaCenter.dll + 2009-06-10 14:01 . 2009-04-30 12:21 212992 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6001.22423_none_25f4a2cce57 7f75b\Microsoft.MediaCenter.dll + 2009-06-10 14:01 . 2009-04-30 12:42 212992 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6001.18254_none_254b94a1cc7 1c794\Microsoft.MediaCenter.dll + 2009-06-10 14:01 . 2009-04-30 12:09 225280 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6000.21051_none_23ebca0ae86 bbdaa\Microsoft.MediaCenter.dll + 2009-06-10 14:01 . 2009-04-30 12:56 225280 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6000.16856_none_2367568fcf4 96951\Microsoft.MediaCenter.dll + 2009-06-10 14:01 . 2009-04-30 12:06 188416 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6002.22126_none_c7f9169954229812\mcstore.dll + 2009-06-10 14:01 . 2009-04-30 11:54 188416 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6002.18030_none_c75ea8263b127c2f\mcstore.dll + 2009-06-10 14:01 . 2009-04-30 12:21 188416 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6001.22423_none_c60fa3d356fef6e9\mcstore.dll + 2009-06-10 14:01 . 2009-04-30 12:42 188416 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6001.18254_none_c56695a83df8c722\mcstore.dll + 2009-06-10 14:01 . 2009-04-30 12:09 212992 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6000.21051_none_c406cb1159f2bd38\mcstore.dll + 2009-06-10 14:01 . 2009-04-30 12:55 212992 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6000.16856_none_c382579640d068df\mcstore.dll + 2009-06-10 14:01 . 2009-04-30 12:06 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6002.22126_none_8d41cc615e8201b1\ehRecObj.dll + 2009-06-10 14:01 . 2009-04-30 11:54 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6002.18030_none_8ca75dee4571e5ce\ehRecObj.dll + 2009-06-10 14:01 . 2009-04-30 12:21 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6001.22423_none_8b58599b615e6088\ehRecObj.dll + 2009-06-10 14:01 . 2009-04-30 12:42 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6001.18254_none_8aaf4b70485830c1\ehRecObj.dll + 2009-06-10 14:01 . 2009-04-30 12:09 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6000.21051_none_894f80d9645226d7\ehRecObj.dll + 2009-06-10 14:01 . 2009-04-30 12:55 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6000.16856_none_88cb0d5e4b2fd27e\ehRecObj.dll + 2009-06-10 14:01 . 2009-04-30 12:09 135168 c:\windows\winsxs\msil_ehexthost_31bf3856ad364e35_6.0.6000.21051_none_bd56e025daf6b2dd\ehexthost.exe + 2009-06-10 14:01 . 2009-04-30 12:55 135168 c:\windows\winsxs\msil_ehexthost_31bf3856ad364e35_6.0.6000.16856_none_bcd26caac1d45e84\ehexthost.exe + 2009-06-10 14:01 . 2009-04-30 12:06 839680 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6002.22126_none_de03aef7e5372a6c\ehepg.dll + 2009-06-10 14:01 . 2009-04-30 11:54 839680 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6002.18030_none_dd694084cc270e89\ehepg.dll + 2009-06-10 14:01 . 2009-04-30 12:21 839680 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6001.22423_none_dc1a3c31e8138943\ehepg.dll + 2009-06-10 14:01 . 2009-04-30 12:42 839680 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6001.18254_none_db712e06cf0d597c\ehepg.dll + 2009-06-10 14:01 . 2009-04-30 12:09 876544 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6000.21051_none_da11636feb074f92\ehepg.dll + 2009-06-10 14:01 . 2009-04-30 12:55 876544 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6000.16856_none_d98ceff4d1e4fb39\ehepg.dll + 2009-07-09 18:35 . 2009-07-09 18:35 626688 c:\windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_99b61f5e8371c1d4\msvcr90.dll + 2009-07-09 18:35 . 2009-07-09 18:35 856576 c:\windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_99b61f5e8371c1d4\msvcp90.dll + 2009-07-09 18:35 . 2009-07-09 18:35 245760 c:\windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_99b61f5e8371c1d4\msvcm90.dll + 2009-08-14 14:34 . 2009-03-08 11:34 208384 c:\windows\System32\WinFXDocObj.exe + 2009-08-14 14:34 . 2009-03-08 11:34 236544 c:\windows\System32\webcheck.dll + 2006-11-02 13:05 . 2009-08-23 01:40 135882 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2009-08-14 14:34 . 2009-03-08 11:33 420352 c:\windows\System32\vbscript.dll - 2006-11-02 08:50 . 2006-11-02 09:46 105984 c:\windows\System32\url.dll + 2009-08-14 14:34 . 2009-03-08 11:34 105984 c:\windows\System32\url.dll + 2009-08-14 14:34 . 2009-03-08 11:33 107008 c:\windows\System32\SetIEInstalledDate.exe - 2007-10-14 07:01 . 2007-10-14 07:01 788992 c:\windows\System32\rpcrt4.dll + 2009-06-10 14:01 . 2009-04-23 13:01 788992 c:\windows\System32\rpcrt4.dll + 2008-08-22 23:03 . 2009-07-22 17:57 185920 c:\windows\System32\rmoc3260.dll - 2008-08-22 23:03 . 2009-05-15 21:00 185920 c:\windows\System32\rmoc3260.dll + 2009-08-14 14:34 . 2009-03-08 11:33 107520 c:\windows\System32\RegisterIEPKEYs.exe - 2009-04-01 21:13 . 2008-12-05 04:29 292352 c:\windows\System32\psisdecd.dll + 2009-06-10 14:01 . 2009-04-30 12:52 292352 c:\windows\System32\psisdecd.dll - 2008-08-22 23:02 . 2009-05-15 21:00 278528 c:\windows\System32\pncrt.dll + 2008-08-22 23:02 . 2009-07-22 17:57 278528 c:\windows\System32\pncrt.dll + 2006-11-02 10:33 . 2009-08-13 00:38 351116 c:\windows\System32\perfh009.dat - 2006-11-02 10:33 . 2009-05-26 22:04 351116 c:\windows\System32\perfh009.dat - 2006-11-02 10:33 . 2009-05-26 22:04 276162 c:\windows\System32\perfc009.dat + 2006-11-02 10:33 . 2009-08-13 00:38 276162 c:\windows\System32\perfc009.dat + 2009-08-14 14:34 . 2009-03-08 11:33 109568 c:\windows\System32\PDMSetup.exe + 2009-08-14 14:37 . 2009-07-21 21:50 206848 c:\windows\System32\occache.dll + 2009-08-14 14:34 . 2009-03-08 11:32 611840 c:\windows\System32\mstime.dll + 2009-08-14 14:34 . 2009-03-08 11:34 193536 c:\windows\System32\msrating.dll + 2009-08-14 14:34 . 2009-03-08 11:22 156160 c:\windows\System32\msls31.dll - 2006-11-02 08:38 . 2006-11-02 09:46 156160 c:\windows\System32\msls31.dll - 2007-03-12 19:02 . 2007-03-12 19:02 947472 c:\windows\System32\msjava.dll + 2008-07-31 14:16 . 2008-07-31 14:16 947472 c:\windows\System32\msjava.dll + 2009-08-14 14:37 . 2009-07-21 21:48 594432 c:\windows\System32\msfeeds.dll + 2000-06-08 12:00 . 2000-06-08 12:00 487696 c:\windows\System32\MSADO15.dll + 2009-07-18 03:21 . 2009-07-18 03:21 257440 c:\windows\System32\Macromed\Flash\NPSWF32_FlashUtil.exe + 2009-06-10 14:01 . 2009-04-23 12:56 696832 c:\windows\System32\localspl.dll + 2009-08-14 14:34 . 2009-03-08 11:33 726528 c:\windows\System32\jscript.dll + 2009-08-14 14:34 . 2009-03-08 11:32 169472 c:\windows\System32\iexpress.exe + 2009-08-14 14:37 . 2009-07-21 21:47 164352 c:\windows\System32\ieui.dll + 2009-08-14 14:37 . 2009-07-21 21:47 184320 c:\windows\System32\iepeers.dll + 2009-08-14 14:37 . 2009-07-21 21:47 386048 c:\windows\System32\iedkcs32.dll + 2009-08-14 14:34 . 2009-03-08 11:11 445952 c:\windows\System32\ieapfltr.dll + 2009-08-14 14:34 . 2009-03-08 11:32 163840 c:\windows\System32\ieakui.dll + 2009-08-14 14:34 . 2009-03-08 11:33 229376 c:\windows\System32\ieaksie.dll + 2009-08-14 14:34 . 2009-03-08 11:33 125952 c:\windows\System32\ieakeng.dll + 2009-08-14 14:37 . 2009-07-21 20:13 173056 c:\windows\System32\ie4uinit.exe + 2009-06-10 15:09 . 2008-04-17 16:12 107368 c:\windows\System32\GEARAspi.dll - 2009-04-01 21:13 . 2008-12-05 04:29 428032 c:\windows\System32\EncDec.dll + 2009-06-10 14:01 . 2009-04-30 12:42 428032 c:\windows\System32\EncDec.dll + 2009-08-14 14:34 . 2009-03-08 11:31 216064 c:\windows\System32\dxtrans.dll + 2009-08-14 14:34 . 2009-03-08 11:31 348160 c:\windows\System32\dxtmsft.dll + 2009-06-10 15:09 . 2008-04-17 16:12 107368 c:\windows\System32\DRVSTORE\GEARAspiWD_F475AF659D36685632E9BD97B57E9D9661FF3FFD\x86\GEARAspi.dll + 2009-07-25 12:36 . 2007-07-03 21:58 106792 c:\windows\System32\DriverStore\FileRepository\sscdw2k.inf_542f1bcb\i386\sscdmdm.sys + 2009-08-14 14:47 . 2009-08-20 01:59 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat + 2009-08-14 14:34 . 2009-03-08 11:32 128512 c:\windows\System32\advpack.dll + 2007-08-26 08:07 . 2009-08-19 03:16 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat - 2007-08-26 08:07 . 2008-04-09 07:05 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat - 2007-08-26 08:06 . 2008-04-09 07:03 262144 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat + 2007-08-26 08:06 . 2009-08-19 03:16 262144 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat + 2008-07-30 03:44 . 2008-07-30 03:44 652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi + 2007-08-26 23:03 . 2007-08-26 23:03 364544 c:\windows\Installer\d495ce.msi + 2007-08-26 23:02 . 2007-08-26 23:02 972800 c:\windows\Installer\d495c9.msi + 2009-05-25 12:40 . 2009-05-25 12:40 236032 c:\windows\Installer\c4aad.msi + 2009-04-01 21:18 . 2009-04-01 21:18 432640 c:\windows\Installer\c436d.msi + 2007-08-26 21:43 . 2007-08-26 21:43 965632 c:\windows\Installer\c3e057.msi + 2009-04-22 16:38 . 2009-04-22 16:38 295424 c:\windows\Installer\952d589.msi + 2008-08-08 06:28 . 2008-08-08 06:28 317952 c:\windows\Installer\8acf80c.msp + 2009-04-22 13:42 . 2009-04-22 13:42 817152 c:\windows\Installer\8acf79b.msi + 2009-04-22 13:41 . 2009-04-22 13:41 813568 c:\windows\Installer\8acf76f.msi + 2008-12-13 13:58 . 2008-12-13 13:58 754688 c:\windows\Installer\8acf764.msp + 2009-04-22 13:37 . 2009-04-22 13:37 648192 c:\windows\Installer\8acf75a.msi + 2009-08-14 14:33 . 2009-08-14 14:33 601600 c:\windows\Installer\88e8692.msi + 2007-06-05 13:19 . 2007-06-05 13:19 316928 c:\windows\Installer\6a69b.msi + 2007-06-05 13:16 . 2007-06-05 13:16 390656 c:\windows\Installer\6a68c.msi + 2009-07-07 19:26 . 2009-07-07 19:26 559616 c:\windows\Installer\6505370.msi + 2007-08-30 15:58 . 2007-08-30 15:58 691200 c:\windows\Installer\51651.msi + 2008-08-29 12:27 . 2008-08-29 12:27 838144 c:\windows\Installer\46f5a97.msi + 2007-08-23 06:10 . 2007-08-23 06:10 164352 c:\windows\Installer\459580.msi + 2007-08-26 08:02 . 2007-08-26 08:02 431104 c:\windows\Installer\4072777.msi + 2007-06-05 14:20 . 2007-06-05 14:20 202752 c:\windows\Installer\3d37cf.msi + 2007-06-05 14:17 . 2007-06-05 14:17 200704 c:\windows\Installer\3d37c8.msi + 2007-06-05 14:15 . 2007-06-05 14:15 200704 c:\windows\Installer\3d37b9.msi + 2009-08-05 03:48 . 2009-08-05 03:48 543744 c:\windows\Installer\3289fb7.msi + 2008-08-27 07:09 . 2008-08-27 07:09 431104 c:\windows\Installer\3153f12.msi + 2007-09-11 01:42 . 2007-09-11 01:42 618496 c:\windows\Installer\2cf6792.msi + 2008-02-24 20:49 . 2008-02-24 20:49 911872 c:\windows\Installer\2c49f8.msi + 2008-02-24 20:49 . 2008-02-24 20:49 953344 c:\windows\Installer\2c49f3.msi + 2008-02-24 20:49 . 2008-02-24 20:49 649728 c:\windows\Installer\2c49e4.msi + 2009-05-26 22:28 . 2009-05-26 22:28 598016 c:\windows\Installer\2b16d.msi + 2009-08-18 11:34 . 2009-08-18 11:34 276992 c:\windows\Installer\299d6.msi + 2008-05-25 02:09 . 2008-05-25 02:09 501248 c:\windows\Installer\1eb671.msi + 2008-05-25 02:08 . 2008-05-25 02:08 501248 c:\windows\Installer\1eb64e.msi + 2007-06-05 13:55 . 2007-06-05 13:55 501248 c:\windows\Installer\19b3dd.msi + 2007-06-05 13:55 . 2007-06-05 13:55 506880 c:\windows\Installer\19b3d6.msi + 2007-06-05 13:55 . 2007-06-05 13:55 516608 c:\windows\Installer\19b3ce.msi + 2007-06-05 13:54 . 2007-06-05 13:54 513024 c:\windows\Installer\19b3c5.msi + 2007-06-05 13:54 . 2007-06-05 13:54 501248 c:\windows\Installer\19b3a9.msi + 2007-10-07 02:13 . 2007-10-07 02:13 938496 c:\windows\Installer\171e8f30.msi + 2009-05-23 00:09 . 2009-05-23 00:09 152576 c:\windows\Installer\16773961.msi + 2007-05-30 03:20 . 2007-05-30 03:20 428544 c:\windows\Installer\165b8b.msi + 2008-03-02 02:24 . 2008-03-02 02:24 366592 c:\windows\Installer\12e076a.msi + 2007-09-01 17:29 . 2007-09-01 17:29 881664 c:\windows\Installer\1165a8f.msi + 2007-09-01 22:25 . 2007-09-01 22:25 331264 c:\windows\Installer\10a45d3.msi + 2009-08-20 02:35 . 2009-08-20 02:35 307200 c:\windows\Installer\{E56D39F8-2A9F-44B4-B068-A72E45A073E6}\SafariIco.exe + 2009-08-20 02:33 . 2009-08-20 02:33 102400 c:\windows\Installer\{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}\iTunesIco.exe + 2006-11-02 10:25 . 2009-07-25 12:36 143360 c:\windows\inf\infstrng.dat - 2006-11-02 10:25 . 2009-04-22 19:37 143360 c:\windows\inf\infstrng.dat + 2009-06-10 14:01 . 2009-04-30 12:09 225280 c:\windows\ehome\Microsoft.MediaCenter.dll + 2009-06-10 14:01 . 2009-04-30 12:55 212992 c:\windows\ehome\mcstore.dll - 2009-04-01 21:13 . 2008-12-05 04:29 173056 c:\windows\ehome\McrMgr.exe + 2009-06-10 14:01 . 2009-04-30 12:09 173056 c:\windows\ehome\McrMgr.exe + 2009-06-10 14:01 . 2009-04-30 10:42 253952 c:\windows\ehome\ehvid.exe - 2009-04-01 21:13 . 2008-12-05 04:29 253952 c:\windows\ehome\ehvid.exe - 2009-04-01 21:13 . 2008-12-05 04:25 521728 c:\windows\ehome\ehui.dll + 2009-06-10 14:01 . 2009-04-30 12:00 521728 c:\windows\ehome\ehui.dll + 2009-06-10 14:01 . 2009-04-30 12:41 252416 c:\windows\ehome\ehReplay.dll - 2009-04-01 21:13 . 2008-12-05 04:29 252416 c:\windows\ehome\ehReplay.dll + 2009-06-10 14:01 . 2009-04-30 12:09 532480 c:\windows\ehome\ehRecObj.dll + 2009-06-10 14:01 . 2009-04-30 12:00 105472 c:\windows\ehome\ehPresenter.dll - 2009-04-01 21:13 . 2008-12-05 04:25 105472 c:\windows\ehome\ehPresenter.dll + 2009-06-10 14:01 . 2009-04-30 12:00 278528 c:\windows\ehome\ehPlayer.dll - 2009-04-01 21:13 . 2008-12-05 04:29 372224 c:\windows\ehome\ehglid.dll + 2009-06-10 14:01 . 2009-04-30 12:41 372224 c:\windows\ehome\ehglid.dll + 2009-06-10 14:01 . 2009-04-30 12:09 135168 c:\windows\ehome\ehexthost.exe - 2009-04-01 21:13 . 2008-12-05 04:30 135168 c:\windows\ehome\ehexthost.exe + 2009-06-10 14:01 . 2009-04-30 12:55 876544 c:\windows\ehome\ehepg.dll - 2009-04-01 21:13 . 2008-12-05 04:29 180224 c:\windows\ehome\cbva.dll + 2009-06-10 14:01 . 2009-04-30 12:40 180224 c:\windows\ehome\cbva.dll + 2007-05-30 03:26 . 2007-02-20 12:17 532992 c:\windows\DRIVERS\Bluetooth Driver (Toshiba) 5.10S2Q207 - 5.10.04SO_logo\BtSwInst.msi + 2009-06-10 21:44 . 2009-06-10 21:44 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\41dcf4e0061193634534f67cea2d360e\WindowsFormsIntegration.ni.dll + 2009-06-10 21:44 . 2009-06-10 21:44 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\6f2bb0a35c228aba6e3a02a1238beb20\System.Web.DynamicData.ni.dll + 2009-06-10 21:44 . 2009-06-10 21:44 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\58de8d4959e4d79d8f992dd3ab045a72\SMSvcHost.ni.exe + 2009-06-10 21:44 . 2009-06-10 21:44 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\09f0313dbe55d6d0d843fecc42a93420\ServiceModelReg.ni.exe + 2009-06-10 21:40 . 2009-06-10 21:40 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d299c79f96ad1aaaffcefcc300507c39\PresentationFramework.Classic.ni.dll + 2009-06-10 21:40 . 2009-06-10 21:40 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5bd736acc51b6b3404eb48966f04e02b\PresentationFramework.Luna.ni.dll + 2009-06-10 21:40 . 2009-06-10 21:40 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0d856d6e0abe60939bcaf53f704eb20a\PresentationFramework.Royale.ni.dll + 2009-06-10 21:40 . 2009-06-10 21:40 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\024d3dc8d8df47a0420a382959c64fdf\PresentationFramework.Aero.ni.dll + 2009-06-10 21:43 . 2009-06-10 21:43 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\d64dd85d512244087920e240e2ead636\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2009-06-10 21:42 . 2009-06-10 21:42 254976 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\d13c7cd1a46a95d1078d0a9c863a41c4\Microsoft.MediaCenter.Shell.ni.dll + 2009-06-10 21:42 . 2009-06-10 21:42 601088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\79bac4f155c75ff5620814d1b9be8616\Microsoft.MediaCenter.ni.dll + 2009-06-10 21:42 . 2009-06-10 21:42 661504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\450461d9b5f3df3bfe9ba95c00c2ceeb\Microsoft.MediaCenter.Sports.ni.dll + 2009-06-10 21:43 . 2009-06-10 21:43 244736 c:\windows\assembly\NativeImages_v2.0.50727_32\mcupdate\15f02cd27c30fe2f4f5452fcca922136\mcupdate.ni.exe + 2009-06-10 21:42 . 2009-06-10 21:42 217600 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\d6f6fedef52eeefc6a2ed2f948eb05a0\mcstoredb.ni.dll + 2009-06-10 21:42 . 2009-06-10 21:42 654848 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\9034d233286b58771f88e250e5e1d2b7\mcstore.ni.dll + 2009-06-10 21:42 . 2009-06-10 21:42 160768 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\e3642e09479435acff2dc0c5b7ad0066\ehiExtens.ni.dll + 2009-06-10 21:42 . 2009-06-10 21:42 246272 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost\05ab80d62f34b3a7c1ddbcb9aedc647c\ehExtHost.ni.exe + 2009-06-10 21:42 . 2009-06-10 21:42 306176 c:\windows\assembly\NativeImages_v2.0.50727_32\ehepgdat\955a23fd939cd80c7ab45c063700e718\ehepgdat.ni.dll + 2009-06-10 21:43 . 2009-06-10 21:43 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\700b8218bf42b9c34c1202806960fc4e\ComSvcConfig.ni.exe + 2009-06-10 14:01 . 2009-04-30 12:09 225280 c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.dll + 2009-06-10 14:01 . 2009-04-30 12:55 212992 c:\windows\assembly\GAC_MSIL\mcstore\6.0.6000.0__31bf3856ad364e35\mcstore.dll + 2009-06-10 14:01 . 2009-04-30 12:09 532480 c:\windows\assembly\GAC_MSIL\ehRecObj\6.0.6000.0__31bf3856ad364e35\ehRecObj.dll - 2009-04-01 21:13 . 2008-12-05 04:30 135168 c:\windows\assembly\GAC_MSIL\ehexthost\6.0.6000.0__31bf3856ad364e35\ehexthost.exe + 2009-06-10 14:01 . 2009-04-30 12:09 135168 c:\windows\assembly\GAC_MSIL\ehexthost\6.0.6000.0__31bf3856ad364e35\ehexthost.exe + 2009-06-10 14:01 . 2009-04-30 12:55 876544 c:\windows\assembly\GAC_MSIL\ehepg\6.0.6000.0__31bf3856ad364e35\ehepg.dll + 2009-06-10 14:01 . 2009-04-21 11:42 2034688 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22119_none_bb61c0cdb0cab623\win32k.sys + 2009-06-10 14:01 . 2009-04-21 11:39 2034688 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18023_none_bac7525a97ba9a40\win32k.sys + 2009-06-10 14:01 . 2009-04-21 13:26 2034176 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22416_none_b9784e07b3a714fa\win32k.sys + 2009-06-10 14:01 . 2009-04-21 11:55 2033152 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18246_none_b8ce3f929aa1cbdc\win32k.sys + 2009-06-10 14:01 . 2009-04-21 11:55 2030080 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.21044_none_b76f7545b69adb49\win32k.sys + 2009-06-10 14:01 . 2009-04-21 12:04 2028032 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16849_none_b6eb01ca9d7886f0\win32k.sys + 2009-06-10 14:01 . 2009-04-14 07:03 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.22435_none_f2f64e4f84abbcec\OESpamFilter.dat + 2009-06-10 14:01 . 2009-04-14 07:04 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.18259_none_f25b10ee6b9abd39\OESpamFilter.dat + 2009-06-10 14:01 . 2009-04-14 07:18 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.21056_none_f0fb46578794b34f\OESpamFilter.dat + 2009-06-10 14:01 . 2009-04-14 07:06 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.16860_none_f060ffc26e84642a\OESpamFilter.dat + 2009-06-10 14:01 . 2009-04-30 12:02 1244672 c:\windows\winsxs\x86_microsoft-windows-m..mediadeliveryengine_31bf3856ad364e35_6.0.6000.21051_none_3d9893fe7ba30b35\mcmde.dll + 2009-06-10 14:01 . 2009-04-30 12:44 1244672 c:\windows\winsxs\x86_microsoft-windows-m..mediadeliveryengine_31bf3856ad364e35_6.0.6000.16856_none_3d1420836280b6dc\mcmde.dll + 2009-06-10 13:59 . 2009-04-24 15:57 6071296 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.22418_none_65294180c73d8731\ieframe.dll + 2009-06-10 13:59 . 2009-04-24 16:02 6069248 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.18248_none_647f330bae383e13\ieframe.dll + 2009-06-10 13:59 . 2009-04-24 15:54 6069248 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.21046_none_632068beca314d80\ieframe.dll + 2009-06-10 13:59 . 2009-04-24 16:14 6066176 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16851_none_62872273b12017b2\ieframe.dll + 2009-08-14 14:37 . 2009-07-22 05:58 1985536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.22903_none_2b196baebb6c56e8\iertutil.dll + 2009-08-14 14:37 . 2009-07-21 21:47 1985536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.18813_none_2a84fef7a256d30f\iertutil.dll + 2009-08-14 14:34 . 2009-03-08 11:32 1985024 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.18702_none_2a8eccb3a24fa0a0\iertutil.dll + 2009-08-14 14:36 . 2009-07-22 05:59 5938176 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22903_none_f6b8d3f15111a1c1\mshtml.dll + 2009-08-14 14:36 . 2009-07-21 21:48 5937152 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18813_none_f624673a37fc1de8\mshtml.dll + 2009-08-14 14:34 . 2009-03-08 11:41 5937152 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18702_none_f62e34f637f4eb79\mshtml.dll + 2009-06-10 13:59 . 2009-04-24 15:41 3598336 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22121_none_159e8773387cb8b8\mshtml.dll + 2009-06-10 13:59 . 2009-04-23 12:14 3597824 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18024_none_1517eb861f5c64f3\mshtml.dll + 2009-06-10 13:59 . 2009-04-24 15:58 3582976 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22418_none_13c9e77d3b47f904\mshtml.dll + 2009-06-10 13:59 . 2009-04-24 16:03 3581952 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18248_none_131fd9082242afe6\mshtml.dll + 2009-06-10 13:59 . 2009-04-24 15:57 3598336 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21046_none_11c10ebb3e3bbf53\mshtml.dll + 2009-06-10 13:59 . 2009-04-24 16:17 3596288 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16851_none_1127c870252a8985\mshtml.dll + 2009-08-14 14:34 . 2009-02-07 04:07 3698584 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_8.0.6001.18702_none_de7d38b18189fc96\ieapfltr.dat + 2007-08-26 08:03 . 2007-08-26 08:03 2455488 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.21046_none_fa10127687d0d070\ieapfltr.dat + 2007-08-26 08:03 . 2007-08-26 08:03 2455488 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16851_none_f976cc2b6ebf9aa2\ieapfltr.dat + 2009-08-14 14:37 . 2009-07-22 06:02 1208832 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.6001.22903_none_9858d93105b211f8\urlmon.dll + 2009-08-14 14:37 . 2009-07-21 21:52 1208832 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.6001.18813_none_97c46c79ec9c8e1f\urlmon.dll + 2009-08-14 14:34 . 2009-03-08 11:34 1206784 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.6001.18702_none_97ce3a35ec955bb0\urlmon.dll + 2009-06-10 13:59 . 2009-04-24 15:43 1167872 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6002.22121_none_b73e8cb2ed1d28ef\urlmon.dll + 2009-06-10 13:59 . 2009-04-23 12:15 1167872 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6002.18024_none_b6b7f0c5d3fcd52a\urlmon.dll + 2009-06-10 13:59 . 2009-04-24 16:00 1166848 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.22418_none_b569ecbcefe8693b\urlmon.dll + 2009-06-10 13:59 . 2009-04-24 16:05 1166336 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.18248_none_b4bfde47d6e3201d\urlmon.dll + 2009-06-10 13:59 . 2009-04-24 16:01 1163264 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.21046_none_b36113faf2dc2f8a\urlmon.dll + 2009-06-10 13:59 . 2009-04-24 16:22 1159680 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.16851_none_b2c7cdafd9caf9bc\urlmon.dll + 2009-08-14 14:30 . 2008-01-30 00:43 4247552 c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.20762_none_4064ce3fdd62eaa8\GameUXLegacyGDFs.dll + 2009-08-14 14:30 . 2008-01-30 04:26 1686528 c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.20762_none_4064ce3fdd62eaa8\gameux.dll + 2009-08-14 14:30 . 2008-01-29 00:30 4247552 c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.16633_none_3ffca182c42c1062\GameUXLegacyGDFs.dll + 2009-08-14 14:30 . 2008-01-29 04:16 1686528 c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.16633_none_3ffca182c42c1062\gameux.dll + 2009-06-10 14:01 . 2009-04-30 12:00 1498112 c:\windows\winsxs\x86_microsoft-windows-ehome-ehuihlp_31bf3856ad364e35_6.0.6000.21051_none_3a793943475c584d\ehuihlp.dll + 2009-06-10 14:01 . 2009-04-30 12:42 1497088 c:\windows\winsxs\x86_microsoft-windows-ehome-ehuihlp_31bf3856ad364e35_6.0.6000.16856_none_39f4c5c82e3a03f4\ehuihlp.dll + 2009-06-10 14:01 . 2009-04-30 12:17 1384960 c:\windows\winsxs\x86_microsoft-windows-e..-devices-mcx2filter_31bf3856ad364e35_6.0.6001.22423_none_3685ee5032972d7f\Mcx2Filter.dll + 2009-06-10 14:01 . 2009-04-30 12:34 1384960 c:\windows\winsxs\x86_microsoft-windows-e..-devices-mcx2filter_31bf3856ad364e35_6.0.6001.18254_none_35dce0251990fdb8\Mcx2Filter.dll + 2009-06-10 14:01 . 2009-04-30 12:03 1384960 c:\windows\winsxs\x86_microsoft-windows-e..-devices-mcx2filter_31bf3856ad364e35_6.0.6000.21051_none_347d158e358af3ce\Mcx2Filter.dll + 2009-06-10 14:01 . 2009-04-30 12:44 1384960 c:\windows\winsxs\x86_microsoft-windows-e..-devices-mcx2filter_31bf3856ad364e35_6.0.6000.16856_none_33f8a2131c689f75\Mcx2Filter.dll + 2009-08-14 14:30 . 2008-01-30 04:24 2144768 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6000.20762_none_0a88b7ef0e7087a8\AcGenral.dll + 2009-08-14 14:30 . 2008-01-29 04:16 2144256 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6000.16633_none_0a208b31f539ad62\AcGenral.dll + 2009-06-10 14:01 . 2009-04-30 12:06 1970176 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6002.22126_none_3582bc9f 6d832c6e\Microsoft.MediaCenter.UI.dll + 2009-06-10 14:01 . 2009-04-30 11:54 1970176 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6002.18030_none_34e84e2c 5473108b\Microsoft.MediaCenter.UI.dll + 2009-06-10 14:01 . 2009-04-30 12:21 1970176 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6001.22423_none_339949d9 705f8b45\Microsoft.MediaCenter.UI.dll + 2009-06-10 14:01 . 2009-04-30 12:42 1970176 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6001.18254_none_32f03bae 57595b7e\Microsoft.MediaCenter.UI.dll + 2009-06-10 14:01 . 2009-04-30 12:09 2363392 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6000.21051_none_31907117 73535194\Microsoft.MediaCenter.UI.dll + 2009-06-10 14:01 . 2009-04-30 12:56 2355200 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6000.16856_none_310bfd9c 5a30fd3b\Microsoft.MediaCenter.UI.dll + 2009-06-10 14:01 . 2009-04-30 12:06 1249280 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6002.22126_none_52f46 defac2f2f54\Microsoft.MediaCenter.Shell.dll + 2009-06-10 14:01 . 2009-04-30 11:54 1249280 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6002.18030_none_5259f f7c931f1371\Microsoft.MediaCenter.Shell.dll + 2009-06-10 14:01 . 2009-04-30 12:21 1249280 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6001.22423_none_510af b29af0b8e2b\Microsoft.MediaCenter.Shell.dll + 2009-06-10 14:01 . 2009-04-30 12:42 1253376 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6001.18254_none_5061e cfe96055e64\Microsoft.MediaCenter.Shell.dll + 2009-06-10 14:01 . 2009-04-30 12:09 1282048 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6000.21051_none_4f022 267b1ff547a\Microsoft.MediaCenter.Shell.dll + 2009-06-10 14:01 . 2009-04-30 12:56 1208320 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6000.16856_none_4e7da eec98dd0021\Microsoft.MediaCenter.Shell.dll + 2009-06-10 14:01 . 2009-04-30 12:06 4059136 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6002.22126_none_8df6ca3857eab8be\ehshell.dll + 2009-06-10 14:01 . 2009-04-30 11:54 4059136 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6002.18030_none_8d5c5bc53eda9cdb\ehshell.dll + 2009-06-10 14:01 . 2009-04-30 12:21 4059136 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6001.22423_none_8c0d57725ac71795\ehshell.dll + 2009-06-10 14:01 . 2009-04-30 12:42 4059136 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6001.18254_none_8b64494741c0e7ce\ehshell.dll + 2009-06-10 14:01 . 2009-04-30 12:09 4395008 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6000.21051_none_8a047eb05dbadde4\ehshell.dll + 2009-06-10 14:01 . 2009-04-30 12:55 4382720 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6000.16856_none_89800b354498898b\ehshell.dll - 2009-04-01 21:12 . 2009-02-09 01:59 2028032 c:\windows\System32\win32k.sys + 2009-06-10 14:01 . 2009-04-21 12:04 2028032 c:\windows\System32\win32k.sys + 2009-08-14 14:37 . 2009-07-21 21:52 1208832 c:\windows\System32\urlmon.dll + 2006-11-02 10:22 . 2009-08-14 14:46 6553600 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT - 2006-11-02 10:22 . 2009-05-25 12:42 6553600 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT + 2009-08-14 14:36 . 2009-07-21 21:48 5937152 c:\windows\System32\mshtml.dll - 2009-04-01 21:13 . 2008-12-05 04:29 1244672 c:\windows\System32\mcmde.dll + 2009-06-10 14:01 . 2009-04-30 12:44 1244672 c:\windows\System32\mcmde.dll + 2009-07-18 03:21 . 2009-07-18 03:21 3883424 c:\windows\System32\Macromed\Flash\NPSWF32.dll + 2009-08-14 14:37 . 2009-07-21 21:47 1985536 c:\windows\System32\iertutil.dll + 2009-08-14 14:34 . 2009-02-07 04:07 3698584 c:\windows\System32\ieapfltr.dat + 2006-11-02 12:47 . 2009-06-26 12:15 2246120 c:\windows\System32\FNTCACHE.DAT - 2006-11-02 12:47 . 2009-05-24 22:07 2246120 c:\windows\System32\FNTCACHE.DAT + 2009-06-05 15:42 . 2009-06-05 15:42 2060288 c:\windows\System32\DriverStore\FileRepository\usbaapl.inf_867e7481\usbaaplrc.dll + 2009-06-05 15:42 . 2009-06-05 15:42 1419232 c:\windows\System32\DriverStore\FileRepository\netaapl.inf_56082f61\wdfcoinstaller01005.dll + 2007-06-05 14:29 . 2006-11-02 20:00 5922304 c:\windows\sonysys\WAU\upgrade\netfx\netfx.msi + 2007-05-25 17:37 . 2007-05-25 17:37 9433600 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp + 2007-09-12 00:45 . 2007-09-12 00:45 1888256 c:\windows\Installer\f2b48.msi + 2007-09-12 00:44 . 2007-09-12 00:44 1786880 c:\windows\Installer\f2b38.msi + 2007-09-12 00:43 . 2007-09-12 00:43 1733120 c:\windows\Installer\f2b27.msi + 2007-09-12 00:43 . 2007-09-12 00:43 1768448 c:\windows\Installer\f2b22.msi + 2007-09-12 00:42 . 2007-09-12 00:42 1722880 c:\windows\Installer\f2b1d.msi + 2007-09-12 00:42 . 2007-09-12 00:42 1723904 c:\windows\Installer\f2b16.msi + 2007-09-12 00:42 . 2007-09-12 00:42 1722880 c:\windows\Installer\f2b0d.msi + 2007-09-12 00:40 . 2007-09-12 00:40 1774592 c:\windows\Installer\f2afa.msi + 2007-09-01 12:42 . 2007-09-01 12:42 2919936 c:\windows\Installer\f1c1b.msi + 2007-08-26 23:15 . 2007-08-26 23:15 1480704 c:\windows\Installer\d495f0.msi + 2007-08-26 23:13 . 2007-08-26 23:13 4020224 c:\windows\Installer\d495e8.msi + 2007-08-26 23:07 . 2007-08-26 23:07 1348096 c:\windows\Installer\d495d1.msi + 2007-08-26 21:47 . 2007-08-26 21:47 3924992 c:\windows\Installer\c3e1a8.msi + 2008-06-30 23:45 . 2008-06-30 23:45 4753408 c:\windows\Installer\b57b35.msp + 2009-01-15 07:35 . 2009-01-15 07:35 4830720 c:\windows\Installer\a31a879.msp + 2009-06-25 00:55 . 2009-06-25 00:55 1845760 c:\windows\Installer\94eb5b.msi + 2009-06-25 00:54 . 2009-06-25 00:54 1775104 c:\windows\Installer\94eb4e.msi + 2009-04-22 13:46 . 2009-04-22 13:46 6643712 c:\windows\Installer\8acf801.msi + 2009-04-22 13:43 . 2009-04-22 13:43 1087488 c:\windows\Installer\8acf7ad.msi + 2007-05-30 04:05 . 2007-05-30 04:05 1419264 c:\windows\Installer\889f8.msi + 2008-01-24 04:09 . 2008-01-24 04:09 1784832 c:\windows\Installer\717e6.msi + 2008-01-24 04:08 . 2008-01-24 04:08 2437632 c:\windows\Installer\717e0.msi + 2008-01-24 04:06 . 2008-01-24 04:06 2344448 c:\windows\Installer\717da.msi + 2008-01-24 04:05 . 2008-01-24 04:05 2771456 c:\windows\Installer\717d4.msi + 2008-01-24 04:02 . 2008-01-24 04:02 2242048 c:\windows\Installer\717ce.msi + 2008-01-24 03:51 . 2008-01-24 03:51 1727488 c:\windows\Installer\71779.msi + 2008-01-24 03:50 . 2008-01-24 03:50 1784832 c:\windows\Installer\7176f.msi + 2008-01-24 03:46 . 2008-01-24 03:46 1787904 c:\windows\Installer\7176a.msi + 2007-10-14 22:08 . 2007-10-14 22:08 1479168 c:\windows\Installer\6a44a2.msi + 2008-01-26 03:33 . 2008-01-26 03:33 2999808 c:\windows\Installer\63b9c4.msi + 2008-01-26 03:29 . 2008-01-26 03:29 3240448 c:\windows\Installer\63b9bd.msi + 2008-06-15 03:03 . 2008-06-15 03:03 1430016 c:\windows\Installer\62b8b24.msi + 2008-05-09 15:16 . 2008-05-09 15:16 4272128 c:\windows\Installer\60b4b.msi + 2008-10-05 09:12 . 2008-10-05 09:12 4784128 c:\windows\Installer\5eca200.msp + 2007-06-05 13:15 . 2007-06-05 13:15 3443712 c:\windows\Installer\58b08.msi + 2008-04-10 11:31 . 2008-04-10 11:31 1785344 c:\windows\Installer\5337f8.msi + 2008-04-10 11:31 . 2008-04-10 11:31 2399744 c:\windows\Installer\5337f2.msi + 2008-04-10 11:29 . 2008-04-10 11:29 3037184 c:\windows\Installer\5337eb.msi + 2008-04-10 11:26 . 2008-04-10 11:26 2485760 c:\windows\Installer\5337d8.msi + 2008-04-10 11:23 . 2008-04-10 11:23 2423808 c:\windows\Installer\5337c5.msi + 2008-04-10 11:21 . 2008-04-10 11:21 1786368 c:\windows\Installer\5337b2.msi + 2008-04-10 11:20 . 2008-04-10 11:20 1784832 c:\windows\Installer\5337ac.msi + 2008-04-10 11:20 . 2008-04-10 11:20 1786880 c:\windows\Installer\53379f.msi + 2008-04-10 11:19 . 2008-04-10 11:19 1898496 c:\windows\Installer\533799.msi + 2008-04-10 11:18 . 2008-04-10 11:18 1765888 c:\windows\Installer\533793.msi + 2008-04-10 11:18 . 2008-04-10 11:18 1763840 c:\windows\Installer\53377e.msi + 2008-04-10 11:17 . 2008-04-10 11:17 1794560 c:\windows\Installer\533777.msi + 2008-04-10 11:16 . 2008-04-10 11:16 1786880 c:\windows\Installer\533772.msi + 2008-04-10 11:13 . 2008-04-10 11:13 1792512 c:\windows\Installer\5336f9.msi + 2007-10-26 21:28 . 2007-10-26 21:28 4314112 c:\windows\Installer\50a7c54.msi + 2007-10-26 21:27 . 2007-10-26 21:27 2931200 c:\windows\Installer\50a7c46.msi + 2007-10-26 21:24 . 2007-10-26 21:24 9917952 c:\windows\Installer\50a7c38.msi + 2009-06-03 17:31 . 2009-06-03 17:31 8992256 c:\windows\Installer\508c15.msi + 2009-06-03 17:28 . 2009-06-03 17:28 1549312 c:\windows\Installer\5089b8.msi + 2007-06-05 14:37 . 2007-06-05 14:37 1046016 c:\windows\Installer\503ba4.msi + 2007-03-21 21:46 . 2007-03-21 21:46 8198656 c:\windows\Installer\5037c8.msp + 2007-03-21 21:46 . 2007-03-21 21:46 2047488 c:\windows\Installer\5037b5.msp + 2009-07-25 12:35 . 2009-07-25 12:35 2827776 c:\windows\Installer\4cd7a81.msi + 2007-09-12 00:15 . 2007-09-12 00:15 1784320 c:\windows\Installer\4ca311b.msi + 2009-08-13 20:07 . 2009-08-13 20:07 4057088 c:\windows\Installer\491fc27.msi + 2009-08-13 20:03 . 2009-08-13 20:03 3285504 c:\windows\Installer\491fc16.msi + 2009-08-13 20:02 . 2009-08-13 20:02 3178496 c:\windows\Installer\491fc11.msi + 2009-08-13 20:01 . 2009-08-13 20:01 3075072 c:\windows\Installer\491fc0c.msi + 2009-08-13 20:01 . 2009-08-13 20:01 3089408 c:\windows\Installer\491fc07.msi + 2009-08-13 20:00 . 2009-08-13 20:00 3078656 c:\windows\Installer\491fc02.msi + 2009-08-13 20:00 . 2009-08-13 20:00 3146240 c:\windows\Installer\491fbfd.msi + 2009-08-13 20:00 . 2009-08-13 20:00 3083776 c:\windows\Installer\491fbf8.msi + 2009-08-13 19:59 . 2009-08-13 19:59 3076096 c:\windows\Installer\491fbee.msi + 2009-08-13 19:59 . 2009-08-13 19:59 3079680 c:\windows\Installer\491fbe9.msi + 2009-08-13 19:58 . 2009-08-13 19:58 3087360 c:\windows\Installer\491fbe4.msi + 2009-08-13 19:57 . 2009-08-13 19:57 3094016 c:\windows\Installer\491fb9a.msi + 2009-08-13 19:57 . 2009-08-13 19:57 3831808 c:\windows\Installer\491fb95.msi + 2009-08-13 19:56 . 2009-08-13 19:56 3073024 c:\windows\Installer\491fb8f.msi + 2009-08-13 19:56 . 2009-08-13 19:56 3110912 c:\windows\Installer\491fb84.msi + 2009-08-13 19:55 . 2009-08-13 19:55 3150848 c:\windows\Installer\491fb77.msi + 2009-08-13 19:55 . 2009-08-13 19:55 3273216 c:\windows\Installer\491fb6f.msi + 2009-08-13 19:54 . 2009-08-13 19:54 3186176 c:\windows\Installer\491fb69.msi + 2009-08-13 19:53 . 2009-08-13 19:53 3228160 c:\windows\Installer\491fb64.msi + 2009-08-13 19:53 . 2009-08-13 19:53 3070976 c:\windows\Installer\491fb5f.msi + 2009-08-13 19:51 . 2009-08-13 19:51 3174400 c:\windows\Installer\491fb5a.msi + 2007-09-11 22:37 . 2007-09-11 22:37 1954304 c:\windows\Installer\4668513.msi + 2007-09-11 22:36 . 2007-09-11 22:36 1826816 c:\windows\Installer\466850e.msi + 2007-09-11 22:35 . 2007-09-11 22:35 2078208 c:\windows\Installer\46684e8.msi + 2007-09-11 22:33 . 2007-09-11 22:33 2159104 c:\windows\Installer\46684dd.msi + 2007-09-11 22:31 . 2007-09-11 22:31 1761792 c:\windows\Installer\46684d2.msi + 2007-09-11 22:31 . 2007-09-11 22:31 1720832 c:\windows\Installer\46684c8.msi + 2007-09-11 22:30 . 2007-09-11 22:30 2595840 c:\windows\Installer\46684c3.msi + 2007-09-11 22:26 . 2007-09-11 22:26 1826304 c:\windows\Installer\46684be.msi + 2007-09-11 22:26 . 2007-09-11 22:26 1716736 c:\windows\Installer\46684b9.msi + 2007-09-11 22:25 . 2007-09-11 22:25 1772544 c:\windows\Installer\46684b4.msi + 2008-07-09 15:21 . 2008-07-09 15:21 4372992 c:\windows\Installer\3ee3d70.msi + 2007-06-05 14:24 . 2007-06-05 14:24 8154624 c:\windows\Installer\3d37db.msi + 2009-08-05 03:39 . 2009-08-05 03:39 1066496 c:\windows\Installer\3289fb3.msi + 2008-02-15 12:54 . 2008-02-15 12:54 9736192 c:\windows\Installer\3153fda.msp + 2007-03-31 02:20 . 2007-03-31 02:20 5800960 c:\windows\Installer\3153f90.msp + 2008-04-11 22:08 . 2008-04-11 22:08 6302720 c:\windows\Installer\3153f2b.msp + 2008-04-11 22:48 . 2008-04-11 22:48 6774272 c:\windows\Installer\3153efc.msp + 2008-07-16 23:01 . 2008-07-16 23:01 5110272 c:\windows\Installer\3153ee4.msp + 2008-04-18 18:56 . 2008-04-18 18:56 6215680 c:\windows\Installer\3153eb0.msp + 2007-06-01 19:54 . 2007-06-01 19:54 9626624 c:\windows\Installer\3153e8a.msp + 2007-09-11 01:43 . 2007-09-11 01:43 5724672 c:\windows\Installer\2cf6799.msi + 2008-02-24 20:49 . 2008-02-24 20:49 1259520 c:\windows\Installer\2c49f7.msi + 2008-02-24 20:49 . 2008-02-24 20:49 1261056 c:\windows\Installer\2c49f5.msi + 2008-02-24 20:49 . 2008-02-24 20:49 1262080 c:\windows\Installer\2c49e6.msi + 2009-08-20 02:35 . 2009-08-20 02:35 2487808 c:\windows\Installer\271e3d5.msi + 2009-08-20 02:32 . 2009-08-20 02:32 4945408 c:\windows\Installer\271e3d0.msi + 2009-08-20 02:30 . 2009-08-20 02:30 3295232 c:\windows\Installer\271e085.msi + 2009-08-20 02:27 . 2009-08-20 02:27 1665024 c:\windows\Installer\271e060.msi + 2007-09-25 16:10 . 2007-09-25 16:10 1759744 c:\windows\Installer\1ee8ae3a.msi + 2007-09-25 16:10 . 2007-09-25 16:10 1758720 c:\windows\Installer\1ee8ae35.msi + 2007-09-25 16:10 . 2007-09-25 16:10 1716736 c:\windows\Installer\1ee8ae30.msi + 2007-09-25 16:09 . 2007-09-25 16:09 1720832 c:\windows\Installer\1ee8ae2b.msi + 2007-09-25 16:09 . 2007-09-25 16:09 1744384 c:\windows\Installer\1ee8ae26.msi + 2007-09-25 16:08 . 2007-09-25 16:08 1718272 c:\windows\Installer\1ee8ae21.msi + 2007-09-25 16:08 . 2007-09-25 16:08 1885184 c:\windows\Installer\1ee8ae1c.msi + 2008-05-25 02:09 . 2008-05-25 02:09 1652736 c:\windows\Installer\1eb66c.msi + 2008-05-25 02:09 . 2008-05-25 02:09 1652736 c:\windows\Installer\1eb664.msi + 2008-05-25 02:08 . 2008-05-25 02:08 2319872 c:\windows\Installer\1eb653.msi + 2008-05-25 02:08 . 2008-05-25 02:08 1647616 c:\windows\Installer\1eb649.msi + 2008-05-25 02:07 . 2008-05-25 02:07 2022912 c:\windows\Installer\1eb641.msi + 2008-01-12 00:29 . 2008-01-12 00:29 1417216 c:\windows\Installer\1a605c.msi + 2007-06-05 13:56 . 2007-06-05 13:56 9613312 c:\windows\Installer\19b401.msi + 2007-06-05 13:55 . 2007-06-05 13:55 1652736 c:\windows\Installer\19b3e4.msi + 2007-06-05 13:54 . 2007-06-05 13:54 1640960 c:\windows\Installer\19b3be.msi + 2007-06-05 13:54 . 2007-06-05 13:54 1640960 c:\windows\Installer\19b3b7.msi + 2007-06-05 13:54 . 2007-06-05 13:54 1713152 c:\windows\Installer\19b3b0.msi + 2007-06-05 13:54 . 2007-06-05 13:54 2397184 c:\windows\Installer\19b3a2.msi + 2007-06-05 13:39 . 2007-06-05 13:39 4537344 c:\windows\Installer\19b317.msi + 2007-06-05 13:36 . 2007-06-05 13:36 1487872 c:\windows\Installer\19b311.msi + 2007-10-02 21:57 . 2007-10-02 21:57 1769984 c:\windows\Installer\19ab6ac.msi + 2007-10-02 21:56 . 2007-10-02 21:56 1767424 c:\windows\Installer\19ab69e.msi + 2009-06-10 15:06 . 2009-06-10 15:06 1659392 c:\windows\Installer\1743c90c.msi + 2007-10-02 21:16 . 2007-10-02 21:16 1879040 c:\windows\Installer\17056ad.msi + 2007-10-02 21:16 . 2007-10-02 21:16 1767424 c:\windows\Installer\17056a8.msi + 2007-10-02 21:11 . 2007-10-02 21:11 1845248 c:\windows\Installer\17056a3.msi + 2007-10-02 21:10 . 2007-10-02 21:10 1768448 c:\windows\Installer\1705645.msi + 2009-06-10 13:54 . 2009-06-10 13:54 1401344 c:\windows\Installer\170220aa.msi + 2008-02-18 21:30 . 2008-02-18 21:30 2428416 c:\windows\Installer\1546ec.msi + 2008-02-18 21:25 . 2008-02-18 21:25 1767424 c:\windows\Installer\1546e3.msi + 2009-06-24 23:15 . 2009-06-24 23:15 2962432 c:\windows\Installer\1200c8.msi + 2009-06-10 14:01 . 2009-04-30 12:09 2363392 c:\windows\ehome\Microsoft.MediaCenter.UI.dll + 2009-06-10 14:01 . 2009-04-30 12:09 1282048 c:\windows\ehome\Microsoft.MediaCenter.Shell.dll - 2009-04-01 21:13 . 2008-12-05 04:29 1384960 c:\windows\ehome\Mcx2Filter.dll + 2009-06-10 14:01 . 2009-04-30 12:44 1384960 c:\windows\ehome\Mcx2Filter.dll + 2009-06-10 14:01 . 2009-04-30 12:00 1498112 c:\windows\ehome\ehuihlp.dll - 2009-04-01 21:13 . 2008-12-05 04:25 1498112 c:\windows\ehome\ehuihlp.dll + 2009-06-10 14:01 . 2009-04-30 12:09 4395008 c:\windows\ehome\ehshell.dll + 2007-10-14 20:44 . 2007-10-14 20:44 8581632 c:\windows\Downloaded Installations\{3E547985-AA94-4B1B-8ADD-21E060E5E31F}\Adobe Photoshop Album 3.2 SE.msi + 2008-10-09 04:10 . 2003-05-19 21:46 2243072 c:\windows\Cache\Adobe Reader 6.0\ENUMIN\Adobe Reader 6.0.msi + 2009-06-10 21:44 . 2009-06-10 21:44 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\770bd1f92877fcca1e7d5520deb1524b\System.WorkflowServices.ni.dll + 2009-06-10 21:44 . 2009-06-10 21:44 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\060fca61fc10971f381204ccb623fc58\System.Web.Extensions.ni.dll + 2009-06-10 21:44 . 2009-06-10 21:44 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\463d79ec2065b26873bffcd35615d00b\System.ServiceModel.Web.ni.dll + 2009-06-10 21:43 . 2009-06-10 21:43 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\9def64da16f075e10ce1b0cb97e44646\System.Printing.ni.dll + 2009-06-10 21:44 . 2009-06-10 21:44 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\58408e7157a149ee82d88687489d61ed\System.Data.Services.ni.dll + 2009-06-10 21:44 . 2009-06-10 21:44 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\bbab0671945f6dfb330735832b8db69c\ReachFramework.ni.dll + 2009-06-10 21:43 . 2009-06-10 21:43 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\bdc87c67f45de6c8798344e2625d3801\PresentationUI.ni.dll + 2009-06-10 21:43 . 2009-06-10 21:43 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f19fe1d203e18c2002cc0a7cfbcc8000\Microsoft.Transactions.Bridge.ni.dll + 2009-06-10 21:42 . 2009-06-10 21:42 5795840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\1182310f1b028bd8d3b927090cde69db\Microsoft.MediaCenter.UI.ni.dll + 2009-06-10 21:42 . 2009-06-10 21:42 1734144 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\25aee7959fac0183c89f42b872a48b55\ehRecObj.ni.dll + 2009-06-10 21:42 . 2009-06-10 21:42 2157056 c:\windows\assembly\NativeImages_v2.0.50727_32\ehepg\f1afaeeb8b86ee14f622741460adc56c\ehepg.ni.dll + 2009-06-10 14:01 . 2009-04-30 12:09 2363392 c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter.UI\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.UI.dll + 2009-06-10 14:01 . 2009-04-30 12:09 1282048 c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Shell\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.Shell.dll + 2009-06-10 14:01 . 2009-04-30 12:09 4395008 c:\windows\assembly\GAC_MSIL\ehshell\6.0.6000.0__31bf3856ad364e35\ehshell.dll + 2009-08-14 14:37 . 2009-07-22 05:58 11068416 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.22903_none_48182df4dd072fee\ieframe.dll + 2009-08-14 14:36 . 2009-07-21 21:47 11067392 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.18813_none_4783c13dc3f1ac15\ieframe.dll + 2009-08-14 14:34 . 2009-03-08 11:39 11063808 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.18702_none_478d8ef9c3ea79a6\ieframe.dll + 2009-06-10 14:01 . 2009-04-30 12:02 10111488 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6002.22126_none_546c7a3e66c6e86b\ehres.dll + 2009-06-10 14:01 . 2009-04-30 11:47 10111488 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6002.18030_none_53d20bcb4db6cc88\ehres.dll + 2009-06-10 14:01 . 2009-04-30 12:16 10111488 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6001.22423_none_5283077869a34742\ehres.dll + 2009-06-10 14:01 . 2009-04-30 12:33 10111488 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6001.18254_none_51d9f94d509d177b\ehres.dll + 2009-06-10 14:01 . 2009-04-30 12:00 10111488 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6000.21051_none_507a2eb66c970d91\ehres.dll + 2009-06-10 14:01 . 2009-04-30 12:42 10101760 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6000.16856_none_4ff5bb3b5374b938\ehres.dll + 2006-11-02 10:24 . 2009-06-01 16:51 23635392 c:\windows\System32\mrt.exe + 2009-08-14 14:36 . 2009-07-21 21:47 11067392 c:\windows\System32\ieframe.dll + 2007-06-05 14:29 . 2006-11-02 20:00 19210240 c:\windows\sonysys\WAU\upgrade\netfx\netfx.msp + 2008-01-28 05:16 . 2008-01-28 05:17 23309824 c:\windows\Installer\a8d8d0.msi + 2008-01-24 04:00 . 2008-01-24 04:00 10476544 c:\windows\Installer\717c7.msi + 2007-06-05 13:18 . 2007-06-05 13:18 67702784 c:\windows\Installer\6a693.msi + 2007-06-05 13:16 . 2007-06-05 13:16 19210240 c:\windows\Installer\6a685.msp + 2008-01-10 21:41 . 2008-01-10 21:41 10590208 c:\windows\Installer\4ebff7d.msi + 2008-03-29 20:53 . 2008-03-29 20:53 13948416 c:\windows\Installer\4e9ded7.msi + 2009-03-24 13:12 . 2009-03-24 13:12 21084160 c:\windows\Installer\49a34c.msi + 2007-08-26 08:04 . 2007-08-26 08:04 14939136 c:\windows\Installer\407278c.msp + 2008-02-16 12:41 . 2008-02-16 12:41 37983232 c:\windows\Installer\38e1f.msp + 2008-02-16 12:42 . 2008-02-16 12:42 11395584 c:\windows\Installer\38e1e.msp + 2008-02-16 12:45 . 2008-02-16 12:45 20783104 c:\windows\Installer\38e1d.msp + 2008-07-03 15:36 . 2008-07-03 15:36 11937792 c:\windows\Installer\3153fb6.msp + 2008-04-11 22:07 . 2008-04-11 22:07 13257728 c:\windows\Installer\3153f6b.msp + 2008-07-03 15:37 . 2008-07-03 15:37 11759104 c:\windows\Installer\3153f44.msp + 2007-09-11 01:45 . 2007-09-11 01:45 11673088 c:\windows\Installer\2cf67a0.msi + 2007-09-11 01:40 . 2007-09-11 01:40 15163392 c:\windows\Installer\2cf678d.msi + 2008-05-21 05:30 . 2008-05-21 05:30 14308864 c:\windows\Installer\29131.msp + 2008-07-24 02:23 . 2008-07-24 02:23 20336128 c:\windows\Installer\2466d70.msi + 2008-07-24 02:06 . 2008-07-24 02:06 13139456 c:\windows\Installer\24662f6.msi + 2008-05-25 02:18 . 2008-05-25 02:18 18181632 c:\windows\Installer\1eb8de.msi + 2007-06-05 14:00 . 2007-06-05 14:00 11121664 c:\windows\Installer\19b419.msi + 2007-06-05 13:59 . 2007-06-05 13:59 10117632 c:\windows\Installer\19b411.msi + 2009-06-10 14:01 . 2009-04-30 12:42 10101760 c:\windows\ehome\ehres.dll + 2007-08-23 04:52 . 2007-08-23 04:52 14232576 c:\windows\Downloaded Installations\{8CBA308A-6D79-44E6-9450-D3F0A0F743A8}\e-Sword.msi + 2008-08-29 11:47 . 2008-08-29 11:47 14421504 c:\windows\Downloaded Installations\{695F9BF8-89F2-4C0E-BB40-3E657C8032AF}\e-Sword.msi + 2007-06-05 13:36 . 2007-06-05 13:36 10796544 c:\windows\Downloaded Installations\{5DF3957F-216D-4BD2-B53B-EF35D9BBB8D7}\LocationFree Player.msi + 2009-06-10 21:43 . 2009-06-10 21:43 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\550d497e3f4cc73b5e323711edb1b592\System.ServiceModel.ni.dll + 2009-06-10 21:40 . 2009-06-10 21:40 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4f15f4468f90ae42f43a74b94b064fae\PresentationFramework.ni.dll + 2009-06-10 21:38 . 2009-06-10 21:38 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\8a84d9c1f313d52f24bf191df15eead2\PresentationCore.ni.dll + 2009-06-10 21:42 . 2009-06-10 21:42 11860992 c:\windows\assembly\NativeImages_v2.0.50727_32\ehshell\9c8dd3f4377f80725dbd74ea112bea83\ehshell.ni.dll + 2008-02-15 01:47 . 2009-08-14 14:37 139895894 c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440] "DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2006-11-12 157592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-09 835584] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-01-12 623992] "VAIOSecurity"="c:\program files\Sony\VAIO Security Center\VSC.exe" [2007-03-14 2322432] "VAIOCameraUtility"="c:\program files\Sony\VAIO Camera Utility\VCUServe.exe" [2007-02-08 411768] "OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-05-08 86016] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-05-08 81920] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-05-08 8429568] "Microsoft Works Update Detection"="c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2002-07-17 28672] "ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-04-02 321656] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-02-12 174872] "AppMon Utility"="c:\program files\Sony\AppMonUtil\AppMonUtility.exe" [2007-04-12 415864] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 849280] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-02-21 366400] "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2008-03-06 236016] "Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-26 148888] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-30 1948440] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-22 198160] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-21 177472] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-03-28 4390912] c:\users\jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632] Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2008-10-16 3450608] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe [2008-1-24 295606] Adobe Acrobat Synchronizer.lnk - c:\program files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2008-2-16 738968] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2007-04-24 00:19 98304 ----a-w- c:\windows\System32\VESWinlogon.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer5"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk \0SsiEfr.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk backup=c:\windows\pss\QuickBooks Update Agent.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{B2B2D27B-98F2-49F0-B07D-5A9B4373B84D}"= UDP:c:\program files\Sony\LocationFreePlayer\LFPC3\LFPC3.exe:LocationFree Player "{646451B4-FE5B-418A-9EAF-07491CCD0409}"= TCP:c:\program files\Sony\LocationFreePlayer\LFPC3\LFPC3.exe:LocationFree Player "{D1802DF7-6891-49D1-B8C8-6C49CCA9CD0B}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{3DC44E21-133D-4D43-9EE4-188960969E63}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{7AE6069F-9BCB-4897-A566-F0514E4F8940}"= Disabled:UDP:c:\program files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media "{58A6CF64-127E-425F-8801-8B518B653A1D}"= Disabled:TCP:c:\program files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media "{747AE73B-1D89-4681-BEF6-254C034E2648}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{8A9F55DF-8740-48CA-BC1F-5C2CB751D354}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{CC9F93C8-491D-4D35-96C9-519E37618A50}"= UDP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare™ "{9C2C1816-5074-4570-B1DD-07BAC599585E}"= TCP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare™ "{16BB9C54-AFA8-4956-8256-D197F5F87AF7}"= UDP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil "{CFD61583-6D0F-4ECF-90BD-C0B5471C220C}"= TCP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil "{C30C879A-2A97-4D1A-B4DA-F332D5E359E9}"= UDP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil "{6F5506B4-0D8A-4746-A760-032CAFEF58E8}"= TCP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil "{1565D5C6-F7F6-42E8-A7BE-4189D571611A}"= UDP:3703:Adobe Version Cue CS3 Server "{C555D3C1-46C9-4805-8A60-A656921C2DF6}"= UDP:3704:Adobe Version Cue CS3 Server "{E3BF3FF4-D219-4F77-A50A-5FCF17CF26EC}"= UDP:50900:Adobe Version Cue CS3 Server "{9CF68788-735D-436C-9BEF-4358ECBD0AF8}"= UDP:50901:Adobe Version Cue CS3 Server "{D609E531-7C0D-422A-8BFD-4BD68D51A9C2}"= UDP:c:\program files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server "{F72220DC-2EFC-4E46-9D3D-54741DC22CA1}"= TCP:c:\program files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server "{D8AFFEE4-C391-4082-8F6C-88F576C19389}"= UDP:3703:Adobe Version Cue CS3 Server "{EDB44D35-8E26-4BF4-9D18-6DEA1DD6B502}"= UDP:3704:Adobe Version Cue CS3 Server "{B60598B1-8221-4FF9-8095-CC8EC7DF2F5F}"= UDP:50900:Adobe Version Cue CS3 Server "{FFCC6807-22D6-4726-8AF9-023A8F047BF3}"= UDP:50901:Adobe Version Cue CS3 Server "{4AED6625-81FF-42BE-9642-0EC2DD81BEB5}"= UDP:c:\program files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server "{7E712E0F-F19B-4703-9122-326AF3E002A2}"= TCP:c:\program files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server "{58781EAA-2583-4CBA-929F-9C6B75FA6B8E}"= Disabled:UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{328719D2-742C-44DB-AA4B-ECA5C4861BB4}"= Disabled:TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{86A2DBB2-9710-46D4-87CF-B2202AE84D7C}"= UDP:c:\windows\System32\lxdccoms.exe:Lexmark Communications System "{B9336D20-22F5-4FB8-8BAB-FA1B4DECE21A}"= TCP:c:\windows\System32\lxdccoms.exe:Lexmark Communications System "{05B55E16-2730-4721-BC32-D5C6C6971529}"= UDP:c:\program files\Lexmark 1300 Series\lxdcamon.exe:Lexmark Device Monitor "{8AFE7321-C84C-46D1-A4CC-C2609A090246}"= TCP:c:\program files\Lexmark 1300 Series\lxdcamon.exe:Lexmark Device Monitor "{FBBCC76C-4C8F-45A0-B96E-05B73412310F}"= UDP:c:\program files\Lexmark 1300 Series\App4R.exe:Lexmark Imaging Studio "{857A2126-90A1-47B0-9F71-06D4318934BD}"= TCP:c:\program files\Lexmark 1300 Series\App4R.exe:Lexmark Imaging Studio "{4D6B2D22-8323-47AB-806D-CA5AC37B3B9B}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdcpswx.exe: "{B67B3776-E815-43F0-AEAD-CB7AC96E5A3B}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdcpswx.exe: "{E040BDFA-3F02-4C97-B49D-6FA0BD948336}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdcjswx.exe: "{41BF51B6-4AEC-427A-9A33-D5E1FB3526E1}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdcjswx.exe: "{F2074D86-2DFB-4974-BFB5-707B8A380A61}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdctime.exe: "{201C1480-CC0D-4E37-A002-568B2005D105}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdctime.exe: "{1FD43BDA-F75D-49BD-BB6E-2F20BD1F184A}"= TCP:6004\|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{7B2AFC58-865F-49D0-93D9-E978CFD3F91A}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{1546DC7A-BEF7-4C5B-8581-613B46233BB3}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{2012A7A8-9187-487A-BD73-DBEA0690F7AE}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe "TCP Query User{5A1D7A1C-FBC8-47D1-BF60-760AD34A35FB}c:\\program files\\adobe\\adobe dreamweaver cs3\\dreamweaver.exe"= UDP:c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe:Adobe Dreamweaver CS3 "UDP Query User{F511655C-C0D7-4621-8B73-3F8BFD71C117}c:\\program files\\adobe\\adobe dreamweaver cs3\\dreamweaver.exe"= TCP:c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe:Adobe Dreamweaver CS3 "TCP Query User{020E1CD6-D7F3-430B-8528-2B594E7377DF}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{9E9A7D27-25DD-4792-B405-04330A3F0C1A}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "{35013237-4D7A-43F8-90B7-104610B00BD0}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe "{9BF2B137-9273-41FE-8289-A0939E70F683}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In) "{E368974D-F2C3-4DE1-8D27-36DFA36C9F78}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In) "{C501CBAD-B008-49A3-91DB-B3C5AD4FED67}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{3E562249-8B0B-49CE-9780-8E2D93B5585F}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "TCP Query User{41D20C8B-B62D-4FDC-B4BB-FBBB7D26B2BC}c:\\xampp\\apache\\bin\\httpd.exe"= UDP:c:\xampp\apache\bin\httpd.exe:Apache HTTP Server "UDP Query User{73AF0AD8-39C4-4C0B-8648-89BF08A4EED7}c:\\xampp\\apache\\bin\\httpd.exe"= TCP:c:\xampp\apache\bin\httpd.exe:Apache HTTP Server "TCP Query User{240B9561-1EDA-4BAC-909A-9866645941B2}c:\\xampp\\mysql\\bin\\mysqld.exe"= UDP:c:\xampp\mysql\bin\mysqld.exe:mysqld "UDP Query User{CB322C04-95AB-415E-81C7-7EAAC7BA6A5C}c:\\xampp\\mysql\\bin\\mysqld.exe"= TCP:c:\xampp\mysql\bin\mysqld.exe:mysqld "TCP Query User{5B2AE974-E403-4110-BB84-80C4873AFFE3}c:\\program files\\adobe\\adobe contribute cs3\\contribute.exe"= UDP:c:\program files\adobe\adobe contribute cs3\contribute.exe:Contribute "UDP Query User{211E9092-22F3-4BD9-B79B-31EC164EEC59}c:\\program files\\adobe\\adobe contribute cs3\\contribute.exe"= TCP:c:\program files\adobe\adobe contribute cs3\contribute.exe:Contribute "{E3C8F973-5A4B-45D0-A6E3-267990401061}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent "{6FCAA160-64CE-481E-9B78-89EA7896768D}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent "{B1EF72B1-726B-4F67-A705-1903E120A3D6}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (TCP-In) "{F1F5AF48-1E30-4D16-9742-C89955D590BF}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (UDP-In) "{26FDD4DC-3722-412F-A25E-13666497F40B}"= UDP:5353:Adobe CSI CS4 "{152056AA-07C5-4068-B1A0-1849A64C0977}"= UDP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4 "{CF06E59E-B16B-4682-B20C-70BD5C502BEB}"= TCP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4 "TCP Query User{2FBC77AE-82E4-4710-B643-55EBB2972D73}c:\\program files\\adobe\\adobe dreamweaver cs4\\dreamweaver.exe"= UDP:c:\program files\adobe\adobe dreamweaver cs4\dreamweaver.exe:Adobe Dreamweaver CS4 "UDP Query User{CB14F040-7BF5-4326-A88B-5F169701D643}c:\\program files\\adobe\\adobe dreamweaver cs4\\dreamweaver.exe"= TCP:c:\program files\adobe\adobe dreamweaver cs4\dreamweaver.exe:Adobe Dreamweaver CS4 "{58E85713-A035-4319-966E-BD18BC7EFEF5}"= UDP:c:\programdata\9a80e22\WI9a80.exe:Windows Protection Suite "{692D744E-01F2-40D6-8F31-1DB5DFD2AC49}"= TCP:c:\programdata\9a80e22\WI9a80.exe:Windows Protection Suite "{1A166FA9-DFF5-470A-89AF-7E6FBD7AC338}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{E969FADD-F915-43B9-BA81-6A496B947242}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722\|UDP:%SystemRoot%\system32\svchost.exe\|Svc=DFSR:Allow inbound TCP traffic\| [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe::Enabled:BitTorrent R0 AFS;AFS;c:\windows\System32\drivers\AFS.SYS [1/28/2008 1:19 AM 79052] R0 pssnap;Paramount Software Snapshot Filter;c:\windows\System32\drivers\pssnap.sys [5/20/2008 8:32 AM 15328] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [6/5/2009 10:51 PM 335752] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [6/5/2009 10:51 PM 108552] R2 lxdc_device;lxdc_device;c:\windows\system32\lxdccoms.exe -service --> c:\windows\system32\lxdccoms.exe -service [?] R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [11/24/2008 10:31 PM 29263712] R2 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [8/6/2008 11:34 AM 216032] R2 regi;regi;c:\windows\System32\drivers\regi.sys [4/17/2007 11:09 PM 11032] R2 Sukoku Service;Sukoku Service;c:\programdata\Sukoku\sukoku113.exe [8/18/2009 7:38 AM 49152] R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\System32\drivers\R5U870FLx86.sys [5/29/2007 10:38 PM 73472] R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\System32\drivers\R5U870FUx86.sys [5/29/2007 10:38 PM 43904] R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\System32\drivers\SonyImgF.sys [5/29/2007 11:26 PM 31104] R3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21sony.sys [4/23/2007 2:29 PM 812544] S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [6/5/2009 10:50 PM 298776] S2 gupdate1c9e9d28843f9d0;Google Update Service (gupdate1c9e9d28843f9d0);c:\program files\Google\Update\GoogleUpdate.exe [6/10/2009 9:51 AM 133104] S2 lxdcCATSCustConnectService;lxdcCATSCustConnectService;c:\windows\System32\spool\drivers\w32x86\3\lxdcserv.exe [4/30/2007 4:04 PM 99248] S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\drivers\ASPI32.SYS [1/6/2009 10:26 AM 84832] S3 getPlus® Helper;getPlus® Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [7/18/2008 11:01 AM 66048] S3 ICScsiSV;Image Converter SCSI Service;c:\program files\Sony\Image Converter 3\ICScsiSV.exe [6/5/2007 9:36 AM 75952] S3 IcVzMonLauncher;IcVzMonLauncher;c:\program files\Sony\Image Converter 3\IcVzMonLauncher.exe [6/5/2007 9:36 AM 67760] S3 slim;Sony Lucid Integrated Mpeg encoder;c:\windows\System32\drivers\slim.sys [5/29/2007 10:51 PM 699520] S4 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [6/5/2007 10:17 AM 745472] S4 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [6/5/2007 10:17 AM 397312] S4 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [6/5/2007 10:17 AM 1089536] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Contents of the 'Scheduled Tasks' folder 2009-08-23 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-15 13:50] 2009-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 13:51] 2009-08-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 13:51] 2009-08-24 c:\windows\Tasks\User_Feed_Synchronization-{2958714F-C4A5-4623-B88B-A8A30EFE3942}.job - c:\windows\system32\msfeedssync.exe [2009-08-14 20:13] . - - - - ORPHANS REMOVED - - - - WebBrowser-{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - (no file) WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file) . ------- Supplementary Scan ------- . mStart Page = hxxp://www.google.com DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab FF - ProfilePath - c:\users\jeff\AppData\Roaming\Mozilla\Firefox\Profiles\hi30mrvu.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1601.7122\npCIDetect13.dll FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-08-23 23:12 Windows 6.0.6000 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Completion time: 2009-08-24 23:15 ComboFix-quarantined-files.txt 2009-08-24 03:15 ComboFix2.txt 2009-06-03 17:40 ComboFix3.txt 2009-06-03 16:11 Pre-Run: 17,534,107,648 bytes free Post-Run: 19,099,316,224 bytes free 1227 --- E O F --- 2009-06-10 14:10

jv0802 View Member Profile	Aug 24 2009, 12:08 PM Post #10
Authentic Member Group: Authentic Member Posts: 28 Joined: 27-May 09 Member No.: 85,988 Operating System: windows vista	ok here is the copy and pasted log ComboFix 09-08-22.06 - jeff 08/23/2009 23:03.3.2 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.3070.1652 [GMT -4:00] Running from: c:\users\jeff\Desktop\worksnow.exe AV: AVG Anti-Virus Free On-access scanning disabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} SP: AVG Anti-Virus Free enabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} SP: Spyware Doctor disabled (Updated) {1C3EDD79-273E-46ac-99F8-EFA9E7CBC301} SP: Windows Defender disabled (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Bro28D7.tmp C:\Bro7373.tmp c:\program files\Mozilla Firefox\searchplugins\search.xml c:\programdata\WINSPSys c:\programdata\WINSPSys\winps.cfg c:\users\jeff\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Protection Suite.lnk c:\users\jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Protection Suite.lnk c:\users\jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Windows Protection Suite.lnk c:\users\jeff\AppData\Roaming\Windows Protection Suite c:\users\jeff\AppData\Roaming\Windows Protection Suite\cookies.sqlite c:\users\jeff\AppData\Roaming\Windows Protection Suite\Instructions.ini c:\users\jeff\Desktop\Windows Protection Suite.lnk c:\windows\Installer\Ref72DF.msi c:\windows\Installer\WMEncoder.msi c:\windows\system32\AVSredirect.dll c:\windows\system32\gxvxccount . ((((((((((((((((((((((((( Files Created from 2009-07-24 to 2009-08-24 ))))))))))))))))))))))))))))))) . 2009-08-24 03:12 . 2009-08-24 03:12 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-08-20 02:34 . 2009-08-20 02:35 -------- d-----w- c:\program files\Safari 2009-08-20 02:32 . 2009-08-20 02:32 -------- d-----w- c:\program files\iPod 2009-08-20 02:32 . 2009-08-20 02:32 -------- d-----w- c:\program files\iTunes 2009-08-20 02:28 . 2009-08-20 02:28 75040 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe 2009-08-19 04:08 . 2009-08-19 04:34 14 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\cid.drv 2009-08-19 03:58 . 2009-08-19 05:29 78 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\kernel32.sys 2009-08-19 03:36 . 2009-08-19 03:36 41 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\FS.sys 2009-08-19 02:54 . 2009-08-19 06:00 8 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\ANTIGEN.drv 2009-08-19 02:09 . 2009-08-19 02:09 5 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\eb.exe 2009-08-19 02:00 . 2009-08-19 02:00 9 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\pal.drv 2009-08-18 19:01 . 2009-08-18 19:01 45 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\ppal.exe 2009-08-18 18:18 . 2009-08-19 03:47 27 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\SM.drv 2009-08-18 18:18 . 2009-08-18 18:18 70 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\pal.dll 2009-08-18 18:18 . 2009-08-18 18:18 12 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\eb.drv 2009-08-18 14:28 . 2009-08-18 14:28 45 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\snl2w.exe 2009-08-18 14:28 . 2009-08-18 14:28 77 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\cb.exe 2009-08-18 14:28 . 2009-08-18 14:29 48 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\CLSV.exe 2009-08-18 14:28 . 2009-08-18 14:28 41 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\energy.drv 2009-08-18 14:28 . 2009-06-12 20:27 710136 ----a-w- c:\programdata\9a80e22\mozcrt19.dll 2009-08-18 14:28 . 2009-06-12 20:27 435704 ----a-w- c:\programdata\9a80e22\sqlite3.dll 2009-08-18 14:28 . 2009-08-19 10:38 -------- d-sh--w- c:\programdata\9a80e22 2009-08-18 14:22 . 2009-08-19 05:29 -------- d-----w- c:\program files\Common Files\Uninstall 2009-08-18 11:38 . 2009-08-13 19:43 49152 ----a-w- c:\programdata\Sukoku\sukoku113.exe 2009-08-18 11:35 . 2009-08-18 22:55 -------- d-----w- c:\program files\Sukoku 2009-08-18 11:35 . 2009-08-18 11:38 -------- d-----w- c:\programdata\Sukoku 2009-08-18 11:34 . 2009-08-19 03:18 -------- dc-h--w- c:\programdata\{F14A989E-0102-460B-ADB5-BC208314A307} 2009-08-14 16:38 . 2009-08-14 16:38 -------- d-----w- c:\program files\AviSynth 2.5 2009-08-14 16:38 . 2007-05-17 21:30 318976 ----a-w- c:\windows\system32\avisynth.dll 2009-08-14 16:38 . 2004-02-22 14:11 719872 ----a-w- c:\windows\system32\devil.dll 2009-08-14 16:38 . 2004-01-25 04:00 70656 ----a-w- c:\windows\system32\yv12vfw.dll 2009-08-14 16:38 . 2004-01-25 04:00 70656 ----a-w- c:\windows\system32\i420vfw.dll 2009-08-13 20:08 . 2008-03-16 12:30 216064 --sh--r- c:\windows\system32\nbDX.dll 2009-08-13 20:08 . 2007-02-21 10:47 31232 --sh--r- c:\windows\system32\msfDX.dll 2009-08-13 20:08 . 2006-05-03 09:06 163328 --sh--r- c:\windows\system32\flvDX.dll 2009-08-13 20:08 . 2009-08-13 20:08 -------- d-----w- c:\program files\eRightSoft 2009-08-13 20:04 . 2009-08-13 20:04 -------- d-----w- c:\program files\Adobe Media Player 2009-08-13 19:23 . 2009-08-13 19:23 -------- d-----w- c:\program files\BitTorrent 2009-08-05 03:49 . 2009-08-05 03:49 -------- d-----w- c:\programdata\Macrium 2009-08-05 03:48 . 2009-08-05 03:48 43646 ----a-r- c:\users\jeff\AppData\Roaming\Microsoft\Installer\{3BAD2D97-4900-4014-A2F5-B549802CEEE2}\_E3296CA52D73B98AE9B5F9.exe 2009-08-05 03:48 . 2009-08-05 03:48 43646 ----a-r- c:\users\jeff\AppData\Roaming\Microsoft\Installer\{3BAD2D97-4900-4014-A2F5-B549802CEEE2}\_D707CE1C009F1381803C2C.exe 2009-08-05 03:48 . 2009-08-05 03:48 43646 ----a-r- c:\users\jeff\AppData\Roaming\Microsoft\Installer\{3BAD2D97-4900-4014-A2F5-B549802CEEE2}\_BBCA226959C1D3D63C885B.exe 2009-08-05 03:48 . 2009-08-05 03:48 43646 ----a-r- c:\users\jeff\AppData\Roaming\Microsoft\Installer\{3BAD2D97-4900-4014-A2F5-B549802CEEE2}\_21F3885A18D238E15AAE81.exe 2009-08-05 03:48 . 2009-08-05 03:48 29926 ----a-r- c:\users\jeff\AppData\Roaming\Microsoft\Installer\{3BAD2D97-4900-4014-A2F5-B549802CEEE2}\_EDC08689E679B6EDDC26F8.exe 2009-08-05 03:48 . 2009-08-05 03:48 109534 ----a-r- c:\users\jeff\AppData\Roaming\Microsoft\Installer\{3BAD2D97-4900-4014-A2F5-B549802CEEE2}\_6FEFF9B68218417F98F549.exe 2009-08-05 03:48 . 2009-08-05 03:48 -------- d-----w- c:\program files\Macrium 2009-08-05 03:37 . 2009-08-05 03:37 -------- d-----w- c:\programdata\eSellerate 2009-08-05 03:34 . 2009-08-19 02:57 -------- d-----w- c:\program files\Memeo 2009-07-25 12:35 . 2009-07-25 12:35 -------- d-----w- c:\program files\Samsung 2009-07-25 10:31 . 2009-07-25 10:31 713992 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-08-24 02:59 . 2008-05-04 01:42 -------- d-----w- c:\programdata\avg8 2009-08-20 02:32 . 2007-09-30 07:43 -------- d-----w- c:\program files\Common Files\Apple 2009-08-19 04:52 . 2009-05-26 14:09 -------- d-----w- c:\program files\kill 2009-08-19 04:41 . 2009-05-26 22:24 3942047 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-08-19 03:26 . 2009-08-18 22:07 36 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\DBOLE.sys 2009-08-19 03:12 . 2007-08-22 22:57 214286 ----a-w- c:\users\jeff\AppData\Roaming\nvModes.dat 2009-08-19 02:57 . 2007-05-30 03:52 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-08-19 02:57 . 2008-06-15 03:04 -------- d-s---w- c:\programdata\Memeo 2009-08-19 02:20 . 2009-08-18 17:03 8 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\PE.sys 2009-08-19 02:00 . 2009-08-19 02:00 50 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\eb.dll 2009-08-19 02:00 . 2009-08-19 02:00 20 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\PE.drv 2009-08-19 02:00 . 2009-08-18 14:29 76 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\cb.sys 2009-08-19 02:00 . 2009-08-18 14:29 5 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\ANTIGEN.dll 2009-08-19 02:00 . 2009-08-19 02:00 70 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\cid.dll 2009-08-19 02:00 . 2009-08-18 19:01 26 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\tjd.drv 2009-08-19 02:00 . 2009-08-18 19:01 14 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\kernel32.drv 2009-08-19 02:00 . 2009-08-19 02:00 53 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\PE.exe 2009-08-19 02:00 . 2009-08-18 14:29 62 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\runddlkey.dll 2009-08-19 02:00 . 2009-08-19 02:00 51 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\eb.sys 2009-08-19 02:00 . 2009-08-19 02:00 34 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\tjd.sys 2009-08-19 01:29 . 2008-08-09 21:02 -------- d-----w- c:\users\jeff\AppData\Roaming\DNA 2009-08-18 22:56 . 2008-08-09 21:02 -------- d-----w- c:\program files\DNA 2009-08-18 22:07 . 2009-08-18 22:07 47 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\kernel32.dll 2009-08-18 22:07 . 2009-08-18 22:07 47 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\exec.sys 2009-08-18 22:07 . 2009-08-18 22:07 46 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\CLSV.sys 2009-08-18 22:07 . 2009-08-18 22:07 15 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\hymt.drv 2009-08-18 22:07 . 2009-08-18 14:29 70 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\sld.dll 2009-08-18 22:07 . 2009-08-18 22:07 34 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\dudl.sys 2009-08-18 19:01 . 2009-08-18 14:28 17 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\exec.exe 2009-08-18 17:03 . 2009-08-18 17:03 73 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\energy.exe 2009-08-18 17:03 . 2009-08-18 14:28 59 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\PE.dll 2009-08-18 14:29 . 2009-08-18 14:29 36 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\CLSV.drv 2009-08-18 14:29 . 2009-08-18 14:29 29 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\sld.drv 2009-08-18 14:29 . 2009-08-18 14:29 60 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\fix.drv 2009-08-18 14:29 . 2009-08-18 14:29 32 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\fan.sys 2009-08-18 14:29 . 2009-08-18 14:29 55 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\runddlkey.drv 2009-08-13 20:48 . 2009-04-21 19:23 -------- d-----w- c:\program files\StockPicker RT 2009-08-13 20:03 . 2007-05-30 04:02 -------- d-----w- c:\program files\Common Files\Adobe 2009-08-10 13:24 . 2008-02-12 22:29 -------- d-----w- c:\program files\Google 2009-08-07 20:48 . 2009-07-07 19:24 -------- d-----w- c:\program files\ExcelMySQlMagicDemo 2009-08-07 20:48 . 2009-07-07 16:07 -------- d-----w- c:\program files\ExcelMySQlConverterDemo 2009-08-05 03:40 . 2008-06-15 03:09 -------- d-----w- c:\program files\Picasa2 2009-08-03 17:36 . 2009-05-26 14:09 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-08-03 17:36 . 2009-05-26 14:09 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-07-24 17:04 . 2009-07-24 17:04 -------- d-----w- c:\users\jeff\AppData\Roaming\kompozer.net 2009-07-22 17:58 . 2009-07-22 17:58 -------- d-----w- c:\program files\Common Files\xing shared 2009-07-22 17:57 . 2007-08-23 06:09 -------- d-----w- c:\program files\Common Files\Real 2009-07-21 21:52 . 2009-08-14 14:37 915456 ----a-w- c:\windows\system32\wininet.dll 2009-07-21 21:47 . 2009-08-14 14:37 109056 ----a-w- c:\windows\system32\iesysprep.dll 2009-07-21 21:47 . 2009-08-14 14:37 71680 ----a-w- c:\windows\system32\iesetup.dll 2009-07-21 20:13 . 2009-08-14 14:37 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-07-09 18:29 . 2009-06-06 02:51 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-07-08 13:12 . 2007-08-28 19:39 -------- d-----w- c:\users\jeff\AppData\Roaming\OpenOffice.org2 2009-07-07 19:48 . 2008-07-09 15:24 1 ----a-w- c:\users\jeff\AppData\Roaming\OpenOffice.org2\user\uno_packages\cache\stamp.sys 2009-07-07 19:26 . 2009-07-07 19:26 -------- d-----w- c:\program files\SQL Converter 2 for Excel 2009-07-07 19:25 . 2007-09-12 00:14 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2009-07-02 12:03 . 2009-07-02 12:03 86016 ----a-w- c:\programdata\NOS\Adobe_Downloads\arh.exe 2009-07-02 12:03 . 2008-07-18 15:01 -------- d-----w- c:\programdata\NOS 2009-06-30 12:39 . 2009-06-06 02:51 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-06-30 12:39 . 2009-06-06 02:50 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-06-06 02:51 . 2009-06-06 02:51 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-05-27 11:16 . 2007-09-11 14:22 1356 ----a-w- c:\users\jeff\AppData\Local\d3d9caps.dat 2009-05-26 22:28 . 2009-05-26 22:28 410984 ----a-w- c:\windows\system32\deploytk.dll 2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll 2006-05-03 09:06 . 2009-08-13 20:08 163328 --sh--r- c:\windows\System32\flvDX.dll 2007-02-21 10:47 . 2009-08-13 20:08 31232 --sh--r- c:\windows\System32\msfDX.dll 2008-03-16 12:30 . 2009-08-13 20:08 216064 --sh--r- c:\windows\System32\nbDX.dll . ((((((((((((((((((((((((((((( SnapShot@2009-06-03_16.02.48 ))))))))))))))))))))))))))))))))))))))))) . + 2009-06-10 13:59 . 2009-04-24 15:54 52736 c:\windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.21046_none_2a73c7b3813b6302\iebrshim.dll + 2009-06-10 13:59 . 2009-04-24 16:14 52736 c:\windows\winsxs\x86_microsoft-windows-iebrshim_31bf3856ad364e35_6.0.6000.16851_none_29da8168682a2d34\iebrshim.dll + 2009-08-14 14:34 . 2009-03-08 11:32 94720 c:\windows\winsxs\x86_microsoft-windows-ie-setup_31bf3856ad364e35_8.0.6001.18702_none_7c2a7e005d93bd9b\inseng.dll + 2009-08-14 14:37 . 2009-07-22 05:58 71680 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22903_none_a94676798d617013\iesetup.dll + 2009-08-14 14:37 . 2009-07-22 05:58 55808 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22903_none_a94676798d617013\iernonce.dll + 2009-08-14 14:37 . 2009-07-21 21:47 71680 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18813_none_a8b209c2744bec3a\iesetup.dll + 2009-08-14 14:37 . 2009-07-21 21:47 55808 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18813_none_a8b209c2744bec3a\iernonce.dll + 2009-08-14 14:34 . 2009-03-08 11:32 71680 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18702_none_a8bbd77e7444b9cb\iesetup.dll + 2009-08-14 14:34 . 2009-03-08 11:32 55808 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18702_none_a8bbd77e7444b9cb\iernonce.dll + 2009-06-10 13:59 . 2009-04-24 15:54 56320 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21046_none_c44eb1437a8b8da5\iesetup.dll + 2009-06-10 13:59 . 2009-04-24 15:54 44544 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21046_none_c44eb1437a8b8da5\iernonce.dll + 2009-06-10 13:59 . 2009-04-24 13:42 70656 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.21046_none_c44eb1437a8b8da5\ie4uinit.exe + 2009-06-10 13:59 . 2009-04-24 16:14 56320 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16851_none_c3b56af8617a57d7\iesetup.dll + 2009-06-10 13:59 . 2009-04-24 16:14 44544 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16851_none_c3b56af8617a57d7\iernonce.dll + 2009-06-10 13:59 . 2009-04-24 13:53 70656 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_6.0.6000.16851_none_c3b56af8617a57d7\ie4uinit.exe + 2009-06-10 13:59 . 2009-04-24 13:46 26624 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22418_none_2fe8d4ea331cfeb1\ieUnatt.exe + 2009-06-10 13:59 . 2009-04-24 13:44 26624 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18248_none_2f3ec6751a17b593\ieUnatt.exe + 2009-06-10 13:59 . 2009-04-24 13:42 26624 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21046_none_2ddffc283610c500\ieUnatt.exe + 2009-06-10 13:59 . 2009-04-24 13:53 26624 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16851_none_2d46b5dd1cff8f32\ieUnatt.exe + 2009-08-14 14:34 . 2009-03-08 11:31 59904 c:\windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_8.0.6001.18702_none_3d86a1c07a097782\icardie.dll + 2009-06-10 13:59 . 2009-04-24 15:54 63488 c:\windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_6.0.6000.21046_none_59197b8580504b5c\icardie.dll + 2009-06-10 13:59 . 2009-04-24 16:14 63488 c:\windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_6.0.6000.16851_none_5880353a673f158e\icardie.dll + 2009-08-14 14:34 . 2009-03-08 11:31 34816 c:\windows\winsxs\x86_microsoft-windows-ie-imagesupport_31bf3856ad364e35_8.0.6001.18702_none_20dfeb2e08d9ec0a\imgutil.dll + 2009-08-14 14:34 . 2009-03-08 11:32 66560 c:\windows\winsxs\x86_microsoft-windows-ie-iexpress_31bf3856ad364e35_8.0.6001.18702_none_4766ff3b547d623d\wextract.exe + 2009-08-14 14:34 . 2009-03-08 11:31 48128 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_8.0.6001.18702_none_d658a8dacff20c9e\mshtmler.dll + 2009-06-10 13:59 . 2009-04-24 13:45 48128 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6001.22418_none_f3f45b61d3451a29\mshtmler.dll + 2009-06-10 13:59 . 2009-04-24 15:57 78336 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6001.22418_none_f3f45b61d3451a29\ieencode.dll + 2006-11-02 07:33 . 2006-11-02 07:33 48128 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6001.18248_none_f34a4cecba3fd10b\mshtmler.dll + 2009-06-10 13:59 . 2009-04-24 16:02 78336 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6001.18248_none_f34a4cecba3fd10b\ieencode.dll + 2009-06-10 13:59 . 2009-04-24 12:20 48128 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6000.21046_none_f1eb829fd638e078\mshtmler.dll + 2009-06-10 13:59 . 2009-04-24 15:54 78336 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6000.21046_none_f1eb829fd638e078\ieencode.dll + 2009-06-10 13:59 . 2009-04-24 12:25 48128 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6000.16851_none_f1523c54bd27aaaa\mshtmler.dll + 2009-06-10 13:59 . 2009-04-24 16:14 78336 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_6.0.6000.16851_none_f1523c54bd27aaaa\ieencode.dll + 2009-08-14 14:34 . 2009-03-08 11:31 66560 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.6001.18702_none_2b140bc159303551\mshtmled.dll + 2009-08-14 14:34 . 2009-03-08 11:31 45568 c:\windows\winsxs\x86_microsoft-windows-ie-htmlapplication_31bf3856ad364e35_8.0.6001.18702_none_3c45119b1f28ff3d\mshta.exe + 2009-08-14 14:37 . 2009-07-22 04:26 13312 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.22903_none_dfc3b05f09aa2a6a\msfeedssync.exe + 2009-08-14 14:37 . 2009-07-22 05:59 55296 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.22903_none_dfc3b05f09aa2a6a\msfeedsbs.dll + 2009-08-14 14:37 . 2009-07-21 20:13 13312 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.18813_none_df2f43a7f094a691\msfeedssync.exe + 2009-08-14 14:37 . 2009-07-21 21:48 55296 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.18813_none_df2f43a7f094a691\msfeedsbs.dll + 2009-08-14 14:34 . 2009-03-08 11:31 13312 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.18702_none_df391163f08d7422\msfeedssync.exe + 2009-08-14 14:34 . 2009-03-08 11:31 55296 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.18702_none_df391163f08d7422\msfeedsbs.dll + 2009-08-14 14:34 . 2009-03-08 11:34 43008 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_8.0.6001.18702_none_accc7a4465be292a\licmgr10.dll + 2009-08-14 14:34 . 2009-03-08 11:32 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_8.0.6001.18702_none_911d44271c9159e9\admparse.dll + 2009-06-10 13:59 . 2009-04-24 15:55 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.22418_none_aeb8f6ae1fe46774\admparse.dll + 2009-04-22 13:22 . 2008-01-19 07:33 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.18248_none_ae0ee83906df1e56\admparse.dll + 2009-06-10 13:59 . 2009-04-24 15:52 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6000.21046_none_acb01dec22d82dc3\admparse.dll + 2009-06-10 13:59 . 2009-04-24 16:11 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6000.16851_none_ac16d7a109c6f7f5\admparse.dll + 2009-08-14 14:37 . 2009-07-22 06:03 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_e55eb4d2d0bb388b\WininetPlugin.dll + 2009-08-14 14:37 . 2009-07-22 05:58 25600 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_e55eb4d2d0bb388b\jsproxy.dll + 2009-08-14 14:37 . 2009-07-21 21:52 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_e4ca481bb7a5b4b2\WininetPlugin.dll + 2009-08-14 14:37 . 2009-07-21 21:47 25600 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_e4ca481bb7a5b4b2\jsproxy.dll + 2009-08-14 14:34 . 2009-03-08 11:33 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\WininetPlugin.dll + 2009-08-14 14:34 . 2009-03-08 11:33 25600 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\jsproxy.dll + 2009-06-10 13:59 . 2009-04-24 13:33 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22121_none_04446854b8264f82\WininetPlugin.dll + 2009-06-10 13:59 . 2009-04-24 15:40 27648 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22121_none_04446854b8264f82\jsproxy.dll + 2009-06-10 13:59 . 2009-04-11 06:28 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18024_none_03bdcc679f05fbbd\WininetPlugin.dll + 2009-06-10 13:59 . 2009-04-11 06:28 27648 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18024_none_03bdcc679f05fbbd\jsproxy.dll + 2009-06-10 13:59 . 2009-04-24 16:00 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22418_none_026fc85ebaf18fce\WininetPlugin.dll + 2009-06-10 13:59 . 2009-04-24 15:58 28160 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22418_none_026fc85ebaf18fce\jsproxy.dll + 2008-04-09 05:13 . 2008-02-22 05:01 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18248_none_01c5b9e9a1ec46b0\WininetPlugin.dll + 2009-06-10 13:59 . 2009-04-24 16:02 28160 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18248_none_01c5b9e9a1ec46b0\jsproxy.dll + 2009-06-10 13:59 . 2009-04-24 16:01 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21046_none_0066ef9cbde5561d\WininetPlugin.dll + 2009-06-10 13:59 . 2009-04-24 15:55 27648 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21046_none_0066ef9cbde5561d\jsproxy.dll + 2009-06-10 13:59 . 2009-04-24 16:22 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16851_none_ffcda951a4d4204f\WininetPlugin.dll + 2009-06-10 13:59 . 2009-04-24 16:14 27648 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16851_none_ffcda951a4d4204f\jsproxy.dll + 2009-08-14 14:34 . 2009-03-08 11:33 18944 c:\windows\winsxs\x86_microsoft-windows-i..tivexpolicyprovider_31bf3856ad364e35_8.0.6001.18702_none_6f561c09617d9439\corpol.dll + 2009-08-14 14:34 . 2009-03-08 11:31 46592 c:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_8.0.6001.18702_none_d0b191832934e44c\pngfilt.dll + 2009-06-10 13:59 . 2009-04-24 16:00 44544 c:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.21046_none_ec446b482f7bb826\pngfilt.dll + 2009-06-10 13:59 . 2009-04-24 16:21 44544 c:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_6.0.6000.16851_none_ebab24fd166a8258\pngfilt.dll + 2009-06-10 14:01 . 2009-04-30 12:00 18944 c:\windows\winsxs\x86_microsoft-windows-ehome-ehtrace_31bf3856ad364e35_6.0.6000.21051_none_372af3e22ffed0a6\ehtrace.dll + 2009-06-10 14:01 . 2009-04-30 12:42 18944 c:\windows\winsxs\x86_microsoft-windows-ehome-ehtrace_31bf3856ad364e35_6.0.6000.16856_none_36a6806716dc7c4d\ehtrace.dll + 2009-06-10 14:01 . 2009-04-30 12:00 21504 c:\windows\winsxs\x86_microsoft-windows-ehome-ehdebug_31bf3856ad364e35_6.0.6000.21051_none_2e4be1e29e60eb10\ehdebug.dll + 2009-06-10 14:01 . 2009-04-30 12:41 21504 c:\windows\winsxs\x86_microsoft-windows-ehome-ehdebug_31bf3856ad364e35_6.0.6000.16856_none_2dc76e67853e96b7\ehdebug.dll + 2009-06-10 14:01 . 2009-04-30 12:09 77824 c:\windows\winsxs\msil_ehiextens_31bf3856ad364e35_6.0.6000.21051_none_fc39e70a22fc10d2\ehiExtens.dll + 2009-06-10 14:01 . 2009-04-30 12:55 77824 c:\windows\winsxs\msil_ehiextens_31bf3856ad364e35_6.0.6000.16856_none_fbb5738f09d9bc79\ehiExtens.dll + 2009-08-14 14:34 . 2009-03-08 11:32 66560 c:\windows\System32\wextract.exe + 2007-05-30 03:45 . 2009-08-23 01:40 87606 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2007-08-23 02:56 . 2009-08-23 01:40 10164 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3439640332-1277375291-2842798246-1005_UserData.bin + 2009-08-14 14:34 . 2009-03-08 11:31 46592 c:\windows\System32\pngfilt.dll - 2009-04-22 13:22 . 2009-03-03 00:44 48128 c:\windows\System32\mshtmler.dll + 2009-08-14 14:34 . 2009-03-08 11:31 48128 c:\windows\System32\mshtmler.dll + 2009-08-14 14:34 . 2009-03-08 11:31 66560 c:\windows\System32\mshtmled.dll - 2006-11-02 08:48 . 2006-11-02 09:45 45568 c:\windows\System32\mshta.exe + 2009-08-14 14:34 . 2009-03-08 11:31 45568 c:\windows\System32\mshta.exe + 2009-08-14 14:37 . 2009-07-21 20:13 13312 c:\windows\System32\msfeedssync.exe + 2009-08-14 14:37 . 2009-07-21 21:48 55296 c:\windows\System32\msfeedsbs.dll + 2009-08-14 14:37 . 2009-07-21 21:52 64512 c:\windows\System32\migration\WininetPlugin.dll - 2009-04-22 13:22 . 2009-03-03 04:20 64512 c:\windows\System32\migration\WininetPlugin.dll + 2008-02-02 18:32 . 2009-08-13 20:30 84661 c:\windows\System32\Macromed\Flash\uninstall_plugin.exe + 2009-08-14 14:34 . 2009-03-08 11:34 43008 c:\windows\System32\licmgr10.dll + 2009-08-14 14:37 . 2009-07-21 21:47 25600 c:\windows\System32\jsproxy.dll + 2009-08-14 14:34 . 2009-03-08 11:32 94720 c:\windows\System32\inseng.dll + 2009-08-14 14:34 . 2009-03-08 11:31 34816 c:\windows\System32\imgutil.dll + 2009-08-14 14:37 . 2009-07-21 21:47 55808 c:\windows\System32\iernonce.dll + 2009-08-14 14:34 . 2009-03-08 11:31 59904 c:\windows\System32\icardie.dll + 2009-06-10 15:09 . 2009-03-19 20:32 23400 c:\windows\System32\DRVSTORE\GEARAspiWD_F475AF659D36685632E9BD97B57E9D9661FF3FFD\x86\GEARAspiWDM.sys + 2009-06-05 15:42 . 2009-06-05 15:42 39424 c:\windows\System32\DriverStore\FileRepository\usbaapl.inf_867e7481\usbaapl.sys + 2009-07-25 12:36 . 2007-07-03 21:57 11944 c:\windows\System32\DriverStore\FileRepository\sscdw2k.inf_542f1bcb\i386\sscdmdfl.sys + 2009-07-25 12:36 . 2007-07-03 21:59 86824 c:\windows\System32\DriverStore\FileRepository\sscdsdm2.inf_ae69cd61\i386\sscdserd.sys + 2009-07-25 12:36 . 2007-07-03 21:54 80552 c:\windows\System32\DriverStore\FileRepository\sscdbus.inf_5421c7a9\i386\sscdbus.sys + 2009-06-05 15:42 . 2009-06-05 15:42 17408 c:\windows\System32\DriverStore\FileRepository\netaapl.inf_56082f61\netaapl.sys + 2008-05-20 12:32 . 2008-05-20 12:32 15328 c:\windows\System32\drivers\pssnap.sys + 2008-07-08 16:39 . 2008-07-08 16:39 31712 c:\windows\System32\drivers\psmounter.sys + 2009-06-10 15:09 . 2009-03-19 20:32 23400 c:\windows\System32\drivers\GEARAspiWDM.sys + 2008-12-12 15:11 . 2008-12-12 15:11 61440 c:\windows\System32\dnssd.dll + 2008-12-12 15:18 . 2008-12-12 15:18 87336 c:\windows\System32\dns-sd.exe + 2009-08-14 14:34 . 2009-03-08 11:33 18944 c:\windows\System32\corpol.dll + 2007-08-22 22:43 . 2009-08-23 21:35 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2007-08-22 22:43 . 2009-06-03 14:58 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2007-08-22 22:43 . 2009-06-03 14:58 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2007-08-22 22:43 . 2009-08-23 21:35 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2007-08-22 22:43 . 2009-08-23 21:35 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2007-08-22 22:43 . 2009-06-03 14:58 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-08-14 14:34 . 2009-03-08 11:32 72704 c:\windows\System32\admparse.dll - 2009-04-22 13:22 . 2009-03-03 04:15 72704 c:\windows\System32\admparse.dll + 2008-08-09 20:33 . 2008-08-09 20:33 54272 c:\windows\Installer\b57b2f.msi + 2009-07-09 18:35 . 2009-07-09 18:35 62464 c:\windows\Installer\a8fa5.msi + 2009-07-01 11:39 . 2009-07-01 11:39 22528 c:\windows\Installer\6af26.msi + 2009-03-24 13:12 . 2009-03-24 13:12 20480 c:\windows\Installer\49a356.msi + 2009-03-24 13:12 . 2009-03-24 13:12 26112 c:\windows\Installer\49a351.msi + 2009-08-13 20:04 . 2009-08-13 20:04 23552 c:\windows\Installer\491fc21.msi + 2009-07-25 12:35 . 2009-07-25 12:35 45056 c:\windows\Installer\{E9ED0801-253D-4FE9-AB20-F63DEFE72547}\ARPPRODUCTICON.exe + 2009-06-10 13:54 . 2009-06-10 13:54 25214 c:\windows\Installer\{CC016F21-3970-11DE-B878-005056806466}\UNINST_Uninstall_G_408FFBEED62349E08B232864A94D2864.exe + 2009-06-10 13:54 . 2009-06-10 13:54 25214 c:\windows\Installer\{CC016F21-3970-11DE-B878-005056806466}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe + 2009-06-10 13:54 . 2009-06-10 13:54 25214 c:\windows\Installer\{CC016F21-3970-11DE-B878-005056806466}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe + 2009-06-10 13:54 . 2009-06-10 13:54 25214 c:\windows\Installer\{CC016F21-3970-11DE-B878-005056806466}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe + 2009-06-10 13:54 . 2009-06-10 13:54 25214 c:\windows\Installer\{CC016F21-3970-11DE-B878-005056806466}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe + 2009-06-10 13:54 . 2009-06-10 13:54 25214 c:\windows\Installer\{CC016F21-3970-11DE-B878-005056806466}\ARPPRODUCTICON.exe + 2009-06-03 17:28 . 2009-06-03 17:28 27136 c:\windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe + 2009-06-10 15:06 . 2009-06-10 15:06 86016 c:\windows\Installer\{07287123-B8AC-41CE-8346-3D777245C35B}\PrntWzrdIco.exe - 2006-11-02 10:25 . 2009-04-22 19:38 86016 c:\windows\inf\infstor.dat + 2006-11-02 10:25 . 2009-07-25 12:36 86016 c:\windows\inf\infstor.dat - 2006-11-02 10:25 . 2009-04-22 19:38 86016 c:\windows\inf\infpub.dat + 2006-11-02 10:25 . 2009-07-25 12:36 86016 c:\windows\inf\infpub.dat - 2009-04-01 21:13 . 2008-12-05 04:29 18944 c:\windows\ehome\ehtrace.dll + 2009-06-10 14:01 . 2009-04-30 12:42 18944 c:\windows\ehome\ehtrace.dll - 2009-04-01 21:13 . 2008-12-05 04:30 77824 c:\windows\ehome\ehiExtens.dll + 2009-06-10 14:01 . 2009-04-30 12:55 77824 c:\windows\ehome\ehiExtens.dll + 2009-06-10 14:01 . 2009-04-30 12:41 21504 c:\windows\ehome\ehdebug.dll - 2009-04-01 21:13 . 2008-12-05 04:29 21504 c:\windows\ehome\ehdebug.dll + 2009-06-10 21:44 . 2009-06-10 21:44 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\ade62baef300f037ae756f801663f9c5\System.Windows.Presentation.ni.dll + 2009-06-10 21:43 . 2009-06-10 21:43 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\7dba5af5f1c6d3d23d3f3b2b4d7ebc14\PresentationFontCache.ni.exe + 2009-06-10 21:42 . 2009-06-10 21:42 68608 c:\windows\assembly\NativeImages_v2.0.50727_32\loadmxf\e8dd42b3c865fa72edf2cdc7bcb02a23\loadmxf.ni.exe + 2009-06-10 21:43 . 2009-06-10 21:43 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtCOM\5eee30dfad15de2e86d31981dc07e4c9\ehExtCOM.ni.dll - 2009-04-01 21:13 . 2008-12-05 04:30 77824 c:\windows\assembly\GAC_MSIL\ehiExtens\6.0.6000.0__31bf3856ad364e35\ehiExtens.dll + 2009-06-10 14:01 . 2009-04-30 12:55 77824 c:\windows\assembly\GAC_MSIL\ehiExtens\6.0.6000.0__31bf3856ad364e35\ehiExtens.dll - 2009-04-22 13:22 . 2009-03-03 04:16 52736 c:\windows\AppPatch\iebrshim.dll + 2009-06-10 13:59 . 2009-04-24 16:14 52736 c:\windows\AppPatch\iebrshim.dll + 2009-08-14 14:34 . 2009-03-08 11:35 2048 c:\windows\winsxs\x86_microsoft-windows-ie-iecompat_31bf3856ad364e35_8.0.6001.18702_none_83daaad046b59436\iecompat.dll + 2009-06-10 14:01 . 2009-04-30 12:17 6656 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.22423_none_34a0ebecf3254d51\McrMgr.dll + 2009-04-01 21:13 . 2008-01-19 07:34 6656 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.18254_none_33f7ddc1da1f1d8a\McrMgr.dll + 2009-06-10 14:01 . 2009-04-30 12:02 6656 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.21051_none_3298132af61913a0\McrMgr.dll + 2009-06-10 14:01 . 2009-04-30 12:44 6656 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.16856_none_32139fafdcf6bf47\McrMgr.dll + 2009-08-14 14:30 . 2008-01-30 00:29 2560 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.20762_none_0a86b75b0e7254fa\AcRes.dll + 2009-08-14 14:30 . 2008-01-29 00:15 2560 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c1_31bf3856ad364e35_6.0.6000.16633_none_0a1e8a9df53b7ab4\AcRes.dll + 2007-08-24 01:59 . 2009-08-10 16:34 2710 c:\windows\System32\WDI\ERCQueuedResolutions.dat - 2008-08-22 23:02 . 2009-05-15 21:00 5632 c:\windows\System32\pndx5032.dll + 2008-08-22 23:02 . 2009-07-22 17:57 5632 c:\windows\System32\pndx5032.dll + 2008-08-22 23:02 . 2009-07-22 17:57 6656 c:\windows\System32\pndx5016.dll - 2008-08-22 23:02 . 2009-05-15 21:00 6656 c:\windows\System32\pndx5016.dll + 2009-07-25 12:36 . 2007-07-03 21:56 9256 c:\windows\System32\DriverStore\FileRepository\sscdw2k.inf_542f1bcb\i386\sscdcmnt.sys + 2009-07-25 12:36 . 2007-07-03 21:56 9256 c:\windows\System32\DriverStore\FileRepository\sscdsdm2.inf_ae69cd61\i386\sscdcmnt.sys + 2009-07-25 12:36 . 2007-07-03 22:00 9256 c:\windows\System32\DriverStore\FileRepository\sscdbus.inf_5421c7a9\i386\sscdwhnt.sys + 2009-08-23 01:37 . 2009-08-23 01:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2009-06-03 16:01 . 2009-06-03 16:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2009-08-23 01:37 . 2009-08-23 01:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-06-03 16:01 . 2009-06-03 16:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-06-10 14:01 . 2009-04-30 12:44 6656 c:\windows\ehome\McrMgr.dll - 2009-04-01 21:13 . 2008-12-05 04:29 6656 c:\windows\ehome\McrMgr.dll + 2009-06-10 14:01 . 2009-04-30 12:19 293376 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6001.22423_none_dc743bad703abfa3\psisdecd.dll + 2009-06-10 14:01 . 2009-04-30 12:37 293376 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6001.18254_none_dbcb2d8257348fdc\psisdecd.dll + 2009-06-10 14:01 . 2009-04-30 12:06 292352 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6000.21051_none_da6b62eb732e85f2\psisdecd.dll + 2009-06-10 14:01 . 2009-04-30 12:52 292352 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6000.16856_none_d9e6ef705a0c3199\psisdecd.dll + 2009-06-10 14:01 . 2009-04-30 12:19 428544 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6001.22423_none_e0ef19f3a791bbf8\EncDec.dll + 2009-06-10 14:01 . 2009-04-30 12:37 428544 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6001.18254_none_e0460bc88e8b8c31\EncDec.dll + 2009-06-10 14:01 . 2009-04-30 12:00 428032 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6000.21051_none_dee64131aa858247\EncDec.dll + 2009-06-10 14:01 . 2009-04-30 12:42 428032 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6000.16856_none_de61cdb691632dee\EncDec.dll + 2009-08-14 14:34 . 2009-03-08 11:33 420352 c:\windows\winsxs\x86_microsoft-windows-scripting-vbscript_31bf3856ad364e35_8.0.6001.18702_none_2b4525a943b273a6\vbscript.dll + 2009-08-14 14:34 . 2009-03-08 11:33 726528 c:\windows\winsxs\x86_microsoft-windows-scripting-jscript_31bf3856ad364e35_8.0.6001.18702_none_65cb0af10cefc76a\jscript.dll + 2009-06-10 14:01 . 2009-04-23 12:24 784896 c:\windows\winsxs\x86_microsoft-windows-rpc-local_31bf3856ad364e35_6.0.6002.22120_none_b65513a45b6873a4\rpcrt4.dll + 2009-06-10 14:01 . 2009-04-23 12:15 784896 c:\windows\winsxs\x86_microsoft-windows-rpc-local_31bf3856ad364e35_6.0.6002.18024_none_b5cf780142473936\rpcrt4.dll + 2009-06-10 14:01 . 2009-04-23 12:39 784896 c:\windows\winsxs\x86_microsoft-windows-rpc-local_31bf3856ad364e35_6.0.6001.22417_none_b48073ae5e33b3f0\rpcrt4.dll + 2009-06-10 14:01 . 2009-04-23 12:43 784896 c:\windows\winsxs\x86_microsoft-windows-rpc-local_31bf3856ad364e35_6.0.6001.18247_none_b3d66539452e6ad2\rpcrt4.dll + 2009-06-10 14:01 . 2009-04-23 12:33 788992 c:\windows\winsxs\x86_microsoft-windows-rpc-local_31bf3856ad364e35_6.0.6000.21045_none_b2779aec61277a3f\rpcrt4.dll + 2009-06-10 14:01 . 2009-04-23 13:01 788992 c:\windows\winsxs\x86_microsoft-windows-rpc-local_31bf3856ad364e35_6.0.6000.16850_none_b1de54a148164471\rpcrt4.dll + 2009-06-10 14:01 . 2009-04-23 12:22 623616 c:\windows\winsxs\x86_microsoft-windows-p..ooler-core-localspl_31bf3856ad364e35_6.0.6002.22120_none_3275d288a9023d20\localspl.dll + 2009-06-10 14:01 . 2009-04-23 12:14 623616 c:\windows\winsxs\x86_microsoft-windows-p..ooler-core-localspl_31bf3856ad364e35_6.0.6002.18024_none_31f036e58fe102b2\localspl.dll + 2009-06-10 14:01 . 2009-04-23 12:39 636928 c:\windows\winsxs\x86_microsoft-windows-p..ooler-core-localspl_31bf3856ad364e35_6.0.6001.22417_none_30a13292abcd7d6c\localspl.dll + 2009-06-10 14:01 . 2009-04-23 12:42 636928 c:\windows\winsxs\x86_microsoft-windows-p..ooler-core-localspl_31bf3856ad364e35_6.0.6001.18247_none_2ff7241d92c8344e\localspl.dll + 2009-06-10 14:01 . 2009-04-23 12:29 697856 c:\windows\winsxs\x86_microsoft-windows-p..ooler-core-localspl_31bf3856ad364e35_6.0.6000.21045_none_2e9859d0aec143bb\localspl.dll + 2009-06-10 14:01 . 2009-04-23 12:56 696832 c:\windows\winsxs\x86_microsoft-windows-p..ooler-core-localspl_31bf3856ad364e35_6.0.6000.16850_none_2dff138595b00ded\localspl.dll + 2009-08-14 14:34 . 2009-03-08 11:22 156160 c:\windows\winsxs\x86_microsoft-windows-msls31_31bf3856ad364e35_8.0.6001.18702_none_aeeaf610b83f2e48\msls31.dll + 2009-08-14 14:34 . 2009-03-08 11:35 121344 c:\windows\winsxs\x86_microsoft-windows-js-debuggeride_31bf3856ad364e35_8.0.6001.18702_none_1de359b6148047cc\jsdebuggeride.dll + 2009-06-10 13:59 . 2009-04-24 13:42 301568 c:\windows\winsxs\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.21046_none_0bc20a59f02f616a\ieuser.exe + 2009-06-10 13:59 . 2009-04-24 13:53 301568 c:\windows\winsxs\x86_microsoft-windows-ieuser_31bf3856ad364e35_6.0.6000.16851_none_0b28c40ed71e2b9c\ieuser.exe + 2009-08-14 14:34 . 2009-03-08 11:33 256000 c:\windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_8.0.6001.18702_none_cb86fb78a76dcdde\ieinstal.exe + 2009-06-10 13:59 . 2009-04-24 13:42 263168 c:\windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.21046_none_e719d53dadb4a1b8\ieinstal.exe + 2009-06-10 13:59 . 2009-04-24 13:53 263168 c:\windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_6.0.6000.16851_none_e6808ef294a36bea\ieinstal.exe + 2009-08-14 14:37 . 2009-07-22 05:58 164352 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.22903_none_48182df4dd072fee\ieui.dll + 2009-08-14 14:37 . 2009-07-21 21:47 164352 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.18813_none_4783c13dc3f1ac15\ieui.dll + 2009-08-14 14:34 . 2009-03-08 11:22 164352 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.18702_none_478d8ef9c3ea79a6\ieui.dll + 2009-06-10 13:59 . 2009-04-24 15:57 180736 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.22418_none_65294180c73d8731\ieui.dll + 2008-08-13 17:39 . 2008-01-19 07:34 180736 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.18248_none_647f330bae383e13\ieui.dll + 2009-06-10 13:59 . 2009-04-24 15:54 180736 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.21046_none_632068beca314d80\ieui.dll + 2009-06-10 13:59 . 2009-04-24 16:14 180736 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16851_none_62872273b12017b2\ieui.dll + 2009-08-14 14:34 . 2009-03-08 11:34 105984 c:\windows\winsxs\x86_microsoft-windows-ie-winsockautodialstub_31bf3856ad364e35_8.0.6001.18702_none_d315f3a07395d0ed\url.dll + 2009-08-14 14:34 . 2009-03-08 11:34 208384 c:\windows\winsxs\x86_microsoft-windows-ie-winfxdocobj_31bf3856ad364e35_8.0.6001.18702_none_d4a239fe30224f93\WinFXDocObj.exe + 2009-08-14 14:34 . 2009-03-08 11:33 759296 c:\windows\winsxs\x86_microsoft-windows-ie-vgx_31bf3856ad364e35_8.0.6001.18702_none_d02233c4fe8667df\VGX.dll + 2009-08-14 14:37 . 2009-07-22 05:58 109056 c:\windows\winsxs\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.22903_none_ff07db25e8e4acd8\iesysprep.dll + 2009-08-14 14:37 . 2009-07-21 21:47 109056 c:\windows\winsxs\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.18813_none_fe736e6ecfcf28ff\iesysprep.dll + 2009-08-14 14:34 . 2009-03-08 11:33 109056 c:\windows\winsxs\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.18702_none_fe7d3c2acfc7f690\iesysprep.dll + 2009-08-14 14:37 . 2009-07-22 04:27 173056 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.22903_none_a94676798d617013\ie4uinit.exe + 2009-08-14 14:37 . 2009-07-21 20:13 173056 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18813_none_a8b209c2744bec3a\ie4uinit.exe + 2009-08-14 14:34 . 2009-03-08 11:32 173056 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18702_none_a8bbd77e7444b9cb\ie4uinit.exe + 2009-08-14 14:37 . 2009-07-22 06:02 129536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.22903_none_2b196baebb6c56e8\sqmapi.dll + 2009-08-14 14:37 . 2009-07-21 21:51 129536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.18813_none_2a84fef7a256d30f\sqmapi.dll + 2009-08-14 14:34 . 2009-03-08 21:09 140128 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.18702_none_2a8eccb3a24fa0a0\sqmapi.dll + 2009-06-10 13:59 . 2009-04-24 16:00 129536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.22418_none_482a7f3aa5a2ae2b\sqmapi.dll + 2009-06-10 13:59 . 2009-04-24 15:57 270848 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.22418_none_482a7f3aa5a2ae2b\iertutil.dll + 2009-04-22 13:22 . 2008-01-19 07:36 129536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.18248_none_478070c58c9d650d\sqmapi.dll + 2009-06-10 13:59 . 2009-04-24 16:02 270848 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6001.18248_none_478070c58c9d650d\iertutil.dll + 2009-06-10 13:59 . 2009-04-24 16:00 134144 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.21046_none_4621a678a896747a\sqmapi.dll + 2009-06-10 13:59 . 2009-04-24 15:54 268288 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.21046_none_4621a678a896747a\iertutil.dll + 2009-06-10 13:59 . 2009-04-24 16:21 134144 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.16851_none_4588602d8f853eac\sqmapi.dll + 2009-06-10 13:59 . 2009-04-24 16:14 268288 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_6.0.6000.16851_none_4588602d8f853eac\iertutil.dll + 2009-08-14 14:34 . 2009-03-08 11:34 193536 c:\windows\winsxs\x86_microsoft-windows-ie-ratings_31bf3856ad364e35_8.0.6001.18702_none_aa7d60ae7286ab24\msrating.dll + 2009-08-14 14:34 . 2009-03-08 11:33 109568 c:\windows\winsxs\x86_microsoft-windows-ie-pdm_31bf3856ad364e35_8.0.6001.18702_none_d0610d06fe575a49\PDMSetup.exe + 2009-08-14 14:34 . 2009-01-08 01:20 355832 c:\windows\winsxs\x86_microsoft-windows-ie-pdm_31bf3856ad364e35_8.0.6001.18702_none_d0610d06fe575a49\pdm.dll + 2009-08-14 14:34 . 2009-01-08 01:20 265720 c:\windows\winsxs\x86_microsoft-windows-ie-pdm_31bf3856ad364e35_8.0.6001.18702_none_d0610d06fe575a49\msdbg2.dll + 2009-08-14 14:34 . 2009-03-08 11:34 236544 c:\windows\winsxs\x86_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_8.0.6001.18702_none_44170552678500f2\webcheck.dll + 2009-08-14 14:37 . 2009-07-22 06:01 206848 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.22903_none_1a9c2981430b3c56\occache.dll + 2009-08-14 14:37 . 2009-07-21 21:50 206848 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18813_none_1a07bcca29f5b87d\occache.dll + 2009-08-14 14:34 . 2009-03-08 11:34 109568 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18702_none_1a118a8629ee860e\occache.dll + 2009-06-10 13:59 . 2009-04-24 15:59 102912 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6001.22418_none_37ad3d0d2d419399\occache.dll + 2009-06-10 13:59 . 2009-04-24 16:04 102912 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6001.18248_none_37032e98143c4a7b\occache.dll + 2009-06-10 13:59 . 2009-04-24 16:00 102912 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6000.21046_none_35a4644b303559e8\occache.dll + 2009-06-10 13:59 . 2009-04-24 16:20 102912 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_6.0.6000.16851_none_350b1e001724241a\occache.dll + 2009-08-14 14:34 . 2009-03-08 11:35 233984 c:\windows\winsxs\x86_microsoft-windows-ie-jsprofilerui_31bf3856ad364e35_8.0.6001.18702_none_d5ea1c01e3fe67ea\jsprofilerui.dll + 2009-08-14 14:34 . 2009-03-08 11:35 118272 c:\windows\winsxs\x86_microsoft-windows-ie-jsprofilercore_31bf3856ad364e35_8.0.6001.18702_none_ed92bec9472aab53\JSProfilerCore.dll + 2009-08-14 14:34 . 2009-03-08 11:35 521216 c:\windows\winsxs\x86_microsoft-windows-ie-jscriptdebugui_31bf3856ad364e35_8.0.6001.18702_none_9d577137e370ad2c\jsdbgui.dll + 2009-08-14 14:36 . 2009-07-22 06:04 638232 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22903_none_12d7c15e48e6a76e\iexplore.exe + 2009-08-14 14:37 . 2009-07-22 04:27 133632 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.22903_none_12d7c15e48e6a76e\ieUnatt.exe + 2009-08-14 14:36 . 2009-07-21 21:53 638216 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18813_none_124354a72fd12395\iexplore.exe + 2009-08-14 14:37 . 2009-07-21 20:13 133632 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18813_none_124354a72fd12395\ieUnatt.exe + 2009-08-14 14:34 . 2009-03-08 21:09 638816 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_124d22632fc9f126\iexplore.exe + 2009-08-14 14:34 . 2009-03-08 11:33 132608 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_124d22632fc9f126\ieUnatt.exe + 2009-06-10 13:59 . 2009-04-24 16:01 634648 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.22418_none_2fe8d4ea331cfeb1\iexplore.exe + 2009-06-10 13:59 . 2009-04-24 16:08 634632 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6001.18248_none_2f3ec6751a17b593\iexplore.exe + 2009-06-10 13:59 . 2009-04-24 16:03 634648 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.21046_none_2ddffc283610c500\iexplore.exe + 2009-06-10 13:59 . 2009-04-24 16:25 634648 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_6.0.6000.16851_none_2d46b5dd1cff8f32\iexplore.exe + 2009-08-14 14:34 . 2009-03-08 11:35 144384 c:\windows\winsxs\x86_microsoft-windows-ie-impexp-extexport_31bf3856ad364e35_8.0.6001.18702_none_10e8e2fad95106ab\ExtExport.exe + 2009-08-14 14:34 . 2009-03-08 11:32 169472 c:\windows\winsxs\x86_microsoft-windows-ie-iexpress_31bf3856ad364e35_8.0.6001.18702_none_4766ff3b547d623d\iexpress.exe + 2009-08-14 14:37 . 2009-07-22 05:58 197632 c:\windows\winsxs\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.22903_none_2b02f14ac9212978\IEShims.dll + 2009-08-14 14:37 . 2009-07-21 21:47 197632 c:\windows\winsxs\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.18813_none_2a6e8493b00ba59f\IEShims.dll + 2009-08-14 14:34 . 2009-03-08 11:33 196096 c:\windows\winsxs\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.18702_none_2a78524fb0047330\IEShims.dll + 2009-08-14 14:37 . 2009-07-22 05:58 246272 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.22903_none_73a4a5b47978c30a\ieproxy.dll + 2009-08-14 14:37 . 2009-07-21 21:47 246272 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.18813_none_731038fd60633f31\ieproxy.dll + 2009-08-14 14:34 . 2009-03-08 11:33 246784 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.18702_none_731a06b9605c0cc2\ieproxy.dll + 2009-08-14 14:34 . 2009-03-08 11:34 115712 c:\windows\winsxs\x86_microsoft-windows-ie-ielowutil_31bf3856ad364e35_8.0.6001.18702_none_e9612e8087062a88\ielowutil.exe + 2009-08-14 14:36 . 2009-06-30 11:31 101376 c:\windows\winsxs\x86_microsoft-windows-ie-iecompat_31bf3856ad364e35_8.0.6001.22895_none_8405f92d60197b7e\iecompat.dll + 2009-08-14 14:36 . 2009-06-30 03:37 101376 c:\windows\winsxs\x86_microsoft-windows-ie-iecompat_31bf3856ad364e35_8.0.6001.18805_none_83ddad9446b2dd62\iecompat.dll + 2009-08-14 14:34 . 2009-03-08 11:33 125952 c:\windows\winsxs\x86_microsoft-windows-ie-iecleanup_31bf3856ad364e35_8.0.6001.18702_none_a0d17792aa595b3e\iecleanup.exe + 2009-06-10 13:59 . 2009-04-24 15:57 477696 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.21046_none_46a6e5865f77092b\mshtmled.dll + 2009-06-10 13:59 . 2009-04-24 16:17 477696 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_6.0.6000.16851_none_460d9f3b4665d35d\mshtmled.dll + 2009-08-14 14:34 . 2009-03-08 11:33 103936 c:\windows\winsxs\x86_microsoft-windows-ie-gc-setdepnx_31bf3856ad364e35_8.0.6001.18702_none_9396116207a33bbc\SetDepNx.exe + 2009-08-14 14:34 . 2009-03-08 11:33 107520 c:\windows\winsxs\x86_microsoft-windows-ie-gc-registeriepkeys_31bf3856ad364e35_8.0.6001.18702_none_0ad3f877399acafc\RegisterIEPKEYs.exe + 2009-08-14 14:37 . 2009-07-22 05:59 594432 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.6001.22903_none_435c4ba1695e8b43\msfeeds.dll + 2009-08-14 14:37 . 2009-07-21 21:48 594432 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.6001.18813_none_42c7deea5049076a\msfeeds.dll + 2009-08-14 14:34 . 2009-03-08 11:32 594432 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.6001.18702_none_42d1aca65041d4fb\msfeeds.dll + 2009-06-10 13:59 . 2009-04-24 15:58 458240 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6001.22418_none_606d5f2d5394e286\msfeeds.dll + 2009-06-10 13:59 . 2009-04-24 16:03 458240 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6001.18248_none_5fc350b83a8f9968\msfeeds.dll + 2009-06-10 13:59 . 2009-04-24 15:57 459264 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6000.21046_none_5e64866b5688a8d5\msfeeds.dll + 2009-06-10 13:59 . 2009-04-24 16:16 459264 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_6.0.6000.16851_none_5dcb40203d777307\msfeeds.dll + 2009-08-14 14:34 . 2009-03-08 11:31 216064 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_8.0.6001.18702_none_7ab17169976f82c4\dxtrans.dll + 2009-08-14 14:34 . 2009-03-08 11:31 348160 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_8.0.6001.18702_none_7ab17169976f82c4\dxtmsft.dll + 2009-06-10 13:59 . 2009-04-24 15:53 214528 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.21046_none_96444b2e9db6569e\dxtrans.dll + 2009-06-10 13:59 . 2009-04-24 15:53 347136 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.21046_none_96444b2e9db6569e\dxtmsft.dll + 2009-06-10 13:59 . 2009-04-24 16:13 214528 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16851_none_95ab04e384a520d0\dxtrans.dll + 2009-06-10 13:59 . 2009-04-24 16:13 347136 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_6.0.6000.16851_none_95ab04e384a520d0\dxtmsft.dll + 2009-08-14 14:34 . 2009-03-08 11:35 742912 c:\windows\winsxs\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_8.0.6001.18702_none_1e902f2a55a1ce84\iedvtool.dll + 2009-08-14 14:37 . 2009-07-22 05:58 184320 c:\windows\winsxs\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.22903_none_2039460420f600ed\iepeers.dll + 2009-08-14 14:37 . 2009-07-21 21:47 184320 c:\windows\winsxs\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.18813_none_1fa4d94d07e07d14\iepeers.dll + 2009-08-14 14:34 . 2009-03-08 11:31 183808 c:\windows\winsxs\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.18702_none_1faea70907d94aa5\iepeers.dll + 2009-08-14 14:34 . 2009-03-08 11:11 445952 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_8.0.6001.18702_none_de7d38b18189fc96\ieapfltr.dll + 2009-06-10 13:59 . 2009-04-24 15:54 380928 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.21046_none_fa10127687d0d070\ieapfltr.dll + 2009-06-10 13:59 . 2009-04-24 16:14 383488 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16851_none_f976cc2b6ebf9aa2\ieapfltr.dll + 2009-08-14 14:34 . 2009-03-08 11:32 163840 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_8.0.6001.18702_none_911d44271c9159e9\ieakui.dll + 2009-08-14 14:34 . 2009-03-08 11:33 229376 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_8.0.6001.18702_none_911d44271c9159e9\ieaksie.dll + 2009-06-10 13:59 . 2009-04-24 15:57 161792 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.22418_none_aeb8f6ae1fe46774\ieakui.dll + 2009-06-10 13:59 . 2009-04-24 15:57 230400 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.22418_none_aeb8f6ae1fe46774\ieaksie.dll + 2006-11-02 07:27 . 2006-11-02 09:39 161792 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.18248_none_ae0ee83906df1e56\ieakui.dll + 2009-06-10 13:59 . 2009-04-24 16:02 230400 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6001.18248_none_ae0ee83906df1e56\ieaksie.dll + 2009-06-10 13:59 . 2009-04-24 15:54 161792 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6000.21046_none_acb01dec22d82dc3\ieakui.dll + 2009-06-10 13:59 . 2009-04-24 15:54 230400 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6000.21046_none_acb01dec22d82dc3\ieaksie.dll + 2009-06-10 13:59 . 2009-04-24 16:14 161792 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6000.16851_none_ac16d7a109c6f7f5\ieakui.dll + 2009-06-10 13:59 . 2009-04-24 16:14 230400 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_6.0.6000.16851_none_ac16d7a109c6f7f5\ieaksie.dll + 2009-08-14 14:34 . 2009-03-08 11:33 125952 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitengine_31bf3856ad364e35_8.0.6001.18702_none_87015889ddff063f\ieakeng.dll + 2009-08-14 14:37 . 2009-07-22 05:58 386048 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.6001.22903_none_57c62dce86655952\iedkcs32.dll + 2009-08-14 14:37 . 2009-07-21 21:47 386048 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.6001.18813_none_5731c1176d4fd579\iedkcs32.dll + 2009-08-14 14:34 . 2009-03-08 21:09 391536 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.6001.18702_none_573b8ed36d48a30a\iedkcs32.dll + 2009-06-10 13:59 . 2009-04-24 15:57 389120 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_6.0.6001.22418_none_74d7415a709bb095\iedkcs32.dll + 2009-06-10 13:59 . 2009-04-24 16:02 389120 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_6.0.6001.18248_none_742d32e557966777\iedkcs32.dll + 2009-06-10 13:59 . 2009-04-24 15:54 388608 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_6.0.6000.21046_none_72ce6898738f76e4\iedkcs32.dll + 2009-06-10 13:59 . 2009-04-24 16:14 385024 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_6.0.6000.16851_none_7235224d5a7e4116\iedkcs32.dll + 2009-08-14 14:37 . 2009-07-22 06:03 915456 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.22903_none_e55eb4d2d0bb388b\wininet.dll + 2009-08-14 14:37 . 2009-07-21 21:52 915456 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18813_none_e4ca481bb7a5b4b2\wininet.dll + 2009-08-14 14:34 . 2009-03-08 11:34 914944 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\wininet.dll + 2009-06-10 13:59 . 2009-04-24 15:43 828416 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.22121_none_04446854b8264f82\wininet.dll + 2009-06-10 13:59 . 2009-04-23 12:15 828416 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6002.18024_none_03bdcc679f05fbbd\wininet.dll + 2009-06-10 13:59 . 2009-04-24 16:00 828416 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.22418_none_026fc85ebaf18fce\wininet.dll + 2009-06-10 13:59 . 2009-04-24 16:05 827904 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18248_none_01c5b9e9a1ec46b0\wininet.dll + 2009-06-10 13:59 . 2009-04-24 16:01 828928 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.21046_none_0066ef9cbde5561d\wininet.dll + 2009-06-10 13:59 . 2009-04-24 16:22 827392 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6000.16851_none_ffcda951a4d4204f\wininet.dll + 2009-08-14 14:34 . 2009-03-08 11:32 611840 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_8.0.6001.18702_none_c3b0c8fe923e1b1f\mstime.dll + 2009-06-10 13:59 . 2009-04-24 15:58 671232 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.22418_none_e14c7b85959128aa\mstime.dll + 2009-06-10 13:59 . 2009-04-24 16:03 671232 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6001.18248_none_e0a26d107c8bdf8c\mstime.dll + 2009-06-10 13:59 . 2009-04-24 15:58 671232 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.21046_none_df43a2c39884eef9\mstime.dll + 2009-06-10 13:59 . 2009-04-24 16:18 671232 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_6.0.6000.16851_none_deaa5c787f73b92b\mstime.dll + 2009-08-14 14:34 . 2009-03-08 11:33 107008 c:\windows\winsxs\x86_microsoft-windows-i..-setieinstalleddate_31bf3856ad364e35_8.0.6001.18702_none_eb622404d6d4cb81\SetIEInstalledDate.exe + 2009-06-10 14:01 . 2009-04-30 10:34 253952 c:\windows\winsxs\x86_microsoft-windows-ehome-ehvid_31bf3856ad364e35_6.0.6001.22423_none_4bdfc1ce6de6cf39\ehvid.exe + 2009-06-10 14:01 . 2009-04-30 10:28 253952 c:\windows\winsxs\x86_microsoft-windows-ehome-ehvid_31bf3856ad364e35_6.0.6001.18254_none_4b36b3a354e09f72\ehvid.exe + 2009-06-10 14:01 . 2009-04-30 10:19 253952 c:\windows\winsxs\x86_microsoft-windows-ehome-ehvid_31bf3856ad364e35_6.0.6000.21051_none_49d6e90c70da9588\ehvid.exe + 2009-06-10 14:01 . 2009-04-30 10:42 253952 c:\windows\winsxs\x86_microsoft-windows-ehome-ehvid_31bf3856ad364e35_6.0.6000.16856_none_4952759157b8412f\ehvid.exe + 2009-06-10 14:01 . 2009-04-30 12:16 522240 c:\windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6001.22423_none_cf3b1fcee292dd5c\ehui.dll + 2009-06-10 14:01 . 2009-04-30 12:33 522240 c:\windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6001.18254_none_ce9211a3c98cad95\ehui.dll + 2009-06-10 14:01 . 2009-04-30 12:00 521728 c:\windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6000.21051_none_cd32470ce586a3ab\ehui.dll + 2009-06-10 14:01 . 2009-04-30 12:42 517632 c:\windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6000.16856_none_ccadd391cc644f52\ehui.dll + 2009-06-10 14:01 . 2009-04-30 12:16 105472 c:\windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6001.22423_none_273f9b1b7b253f90\ehPresenter.dll + 2009-06-10 14:01 . 2009-04-30 12:33 105472 c:\windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6001.18254_none_26968cf0621f0fc9\ehPresenter.dll + 2009-06-10 14:01 . 2009-04-30 12:00 105472 c:\windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6000.21051_none_2536c2597e1905df\ehPresenter.dll + 2009-06-10 14:01 . 2009-04-30 12:41 105472 c:\windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6000.16856_none_24b24ede64f6b186\ehPresenter.dll + 2009-06-10 14:01 . 2009-04-30 12:01 278528 c:\windows\winsxs\x86_microsoft-windows-ehome-ehplayer_31bf3856ad364e35_6.0.6002.22126_none_3019d864cf578034\ehPlayer.dll + 2009-06-10 14:01 . 2009-04-30 11:47 278528 c:\windows\winsxs\x86_microsoft-windows-ehome-ehplayer_31bf3856ad364e35_6.0.6002.18030_none_2f7f69f1b6476451\ehPlayer.dll + 2009-06-10 14:01 . 2009-04-30 12:16 278528 c:\windows\winsxs\x86_microsoft-windows-ehome-ehplayer_31bf3856ad364e35_6.0.6001.22423_none_2e30659ed233df0b\ehPlayer.dll + 2009-06-10 14:01 . 2009-04-30 12:33 278528 c:\windows\winsxs\x86_microsoft-windows-ehome-ehplayer_31bf3856ad364e35_6.0.6001.18254_none_2d875773b92daf44\ehPlayer.dll + 2009-06-10 14:01 . 2009-04-30 12:00 278528 c:\windows\winsxs\x86_microsoft-windows-ehome-ehplayer_31bf3856ad364e35_6.0.6000.21051_none_2c278cdcd527a55a\ehPlayer.dll + 2009-06-10 14:01 . 2009-04-30 12:16 373248 c:\windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6001.22423_none_2fb2ddfc834d299c\ehglid.dll + 2009-06-10 14:01 . 2009-04-30 12:33 373248 c:\windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6001.18254_none_2f09cfd16a46f9d5\ehglid.dll + 2009-06-10 14:01 . 2009-04-30 12:00 372736 c:\windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6000.21051_none_2daa053a8640efeb\ehglid.dll + 2009-06-10 14:01 . 2009-04-30 12:41 372224 c:\windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6000.16856_none_2d2591bf6d1e9b92\ehglid.dll + 2009-06-10 14:01 . 2009-04-30 11:47 173056 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.22423_none_34a0ebecf3254d51\McrMgr.exe + 2009-06-10 14:01 . 2009-04-30 12:00 173056 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.18254_none_33f7ddc1da1f1d8a\McrMgr.exe + 2009-06-10 14:01 . 2009-04-30 11:31 173056 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.21051_none_3298132af61913a0\McrMgr.exe + 2009-06-10 14:01 . 2009-04-30 12:09 173056 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.16856_none_32139fafdcf6bf47\McrMgr.exe + 2009-06-10 14:01 . 2009-04-30 12:16 254464 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6001.22423_none_152e7b96b8dde8f3\ehReplay.dll + 2009-06-10 14:01 . 2009-04-30 12:33 254464 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6001.18254_none_14856d6b9fd7b92c\ehReplay.dll + 2009-06-10 14:01 . 2009-04-30 12:00 254464 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6000.21051_none_1325a2d4bbd1af42\ehReplay.dll + 2009-06-10 14:01 . 2009-04-30 12:41 252416 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6000.16856_none_12a12f59a2af5ae9\ehReplay.dll + 2009-06-10 14:01 . 2009-04-30 12:19 180224 c:\windows\winsxs\x86_microsoft-windows-ehome-cbva_31bf3856ad364e35_6.0.6001.22423_none_ce9aa784e2f278f7\cbva.dll + 2009-06-10 14:01 . 2009-04-30 12:37 180224 c:\windows\winsxs\x86_microsoft-windows-ehome-cbva_31bf3856ad364e35_6.0.6001.18254_none_cdf19959c9ec4930\cbva.dll + 2009-06-10 14:01 . 2009-04-30 11:59 180224 c:\windows\winsxs\x86_microsoft-windows-ehome-cbva_31bf3856ad364e35_6.0.6000.21051_none_cc91cec2e5e63f46\cbva.dll + 2009-06-10 14:01 . 2009-04-30 12:40 180224 c:\windows\winsxs\x86_microsoft-windows-ehome-cbva_31bf3856ad364e35_6.0.6000.16856_none_cc0d5b47ccc3eaed\cbva.dll + 2009-08-14 14:34 . 2009-03-08 11:32 128512 c:\windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_8.0.6001.18702_none_8eb687d4089bfe4d\advpack.dll + 2009-06-10 13:59 . 2009-04-24 15:52 124928 c:\windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.21046_none_aa4961990ee2d227\advpack.dll + 2009-06-10 13:59 . 2009-04-24 16:11 124928 c:\windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_6.0.6000.16851_none_a9b01b4df5d19c59\advpack.dll + 2009-08-14 14:30 . 2008-01-30 04:24 173056 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.20762_none_0a8ab8830e6eba56\AcXtrnal.dll + 2009-08-14 14:30 . 2008-01-30 04:24 537600 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.20762_none_0a8ab8830e6eba56\AcLayers.dll + 2009-08-14 14:30 . 2008-01-29 04:16 173056 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.16633_none_0a228bc5f537e010\AcXtrnal.dll + 2009-08-14 14:30 . 2008-01-29 04:16 537600 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.0.6000.16633_none_0a228bc5f537e010\AcLayers.dll + 2009-08-14 14:30 . 2008-01-30 04:24 450560 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6000.20762_none_0a89b8390e6fa0ff\AcSpecfc.dll + 2009-08-14 14:30 . 2008-01-29 04:16 449536 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c4_31bf3856ad364e35_6.0.6000.16633_none_0a218b7bf538c6b9\AcSpecfc.dll + 2009-06-10 14:01 . 2009-04-30 12:06 212992 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6002.22126_none_27de1592e29 b9884\Microsoft.MediaCenter.dll + 2009-06-10 14:01 . 2009-04-30 11:54 212992 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6002.18030_none_2743a71fc98 b7ca1\Microsoft.MediaCenter.dll + 2009-06-10 14:01 . 2009-04-30 12:21 212992 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6001.22423_none_25f4a2cce57 7f75b\Microsoft.MediaCenter.dll + 2009-06-10 14:01 . 2009-04-30 12:42 212992 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6001.18254_none_254b94a1cc7 1c794\Microsoft.MediaCenter.dll + 2009-06-10 14:01 . 2009-04-30 12:09 225280 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6000.21051_none_23ebca0ae86 bbdaa\Microsoft.MediaCenter.dll + 2009-06-10 14:01 . 2009-04-30 12:56 225280 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6000.16856_none_2367568fcf4 96951\Microsoft.MediaCenter.dll + 2009-06-10 14:01 . 2009-04-30 12:06 188416 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6002.22126_none_c7f9169954229812\mcstore.dll + 2009-06-10 14:01 . 2009-04-30 11:54 188416 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6002.18030_none_c75ea8263b127c2f\mcstore.dll + 2009-06-10 14:01 . 2009-04-30 12:21 188416 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6001.22423_none_c60fa3d356fef6e9\mcstore.dll + 2009-06-10 14:01 . 2009-04-30 12:42 188416 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6001.18254_none_c56695a83df8c722\mcstore.dll + 2009-06-10 14:01 . 2009-04-30 12:09 212992 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6000.21051_none_c406cb1159f2bd38\mcstore.dll + 2009-06-10 14:01 . 2009-04-30 12:55 212992 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6000.16856_none_c382579640d068df\mcstore.dll + 2009-06-10 14:01 . 2009-04-30 12:06 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6002.22126_none_8d41cc615e8201b1\ehRecObj.dll + 2009-06-10 14:01 . 2009-04-30 11:54 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6002.18030_none_8ca75dee4571e5ce\ehRecObj.dll + 2009-06-10 14:01 . 2009-04-30 12:21 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6001.22423_none_8b58599b615e6088\ehRecObj.dll + 2009-06-10 14:01 . 2009-04-30 12:42 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6001.18254_none_8aaf4b70485830c1\ehRecObj.dll + 2009-06-10 14:01 . 2009-04-30 12:09 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6000.21051_none_894f80d9645226d7\ehRecObj.dll + 2009-06-10 14:01 . 2009-04-30 12:55 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6000.16856_none_88cb0d5e4b2fd27e\ehRecObj.dll + 2009-06-10 14:01 . 2009-04-30 12:09 135168 c:\windows\winsxs\msil_ehexthost_31bf3856ad364e35_6.0.6000.21051_none_bd56e025daf6b2dd\ehexthost.exe + 2009-06-10 14:01 . 2009-04-30 12:55 135168 c:\windows\winsxs\msil_ehexthost_31bf3856ad364e35_6.0.6000.16856_none_bcd26caac1d45e84\ehexthost.exe + 2009-06-10 14:01 . 2009-04-30 12:06 839680 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6002.22126_none_de03aef7e5372a6c\ehepg.dll + 2009-06-10 14:01 . 2009-04-30 11:54 839680 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6002.18030_none_dd694084cc270e89\ehepg.dll + 2009-06-10 14:01 . 2009-04-30 12:21 839680 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6001.22423_none_dc1a3c31e8138943\ehepg.dll + 2009-06-10 14:01 . 2009-04-30 12:42 839680 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6001.18254_none_db712e06cf0d597c\ehepg.dll + 2009-06-10 14:01 . 2009-04-30 12:09 876544 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6000.21051_none_da11636feb074f92\ehepg.dll + 2009-06-10 14:01 . 2009-04-30 12:55 876544 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6000.16856_none_d98ceff4d1e4fb39\ehepg.dll + 2009-07-09 18:35 . 2009-07-09 18:35 626688 c:\windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_99b61f5e8371c1d4\msvcr90.dll + 2009-07-09 18:35 . 2009-07-09 18:35 856576 c:\windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_99b61f5e8371c1d4\msvcp90.dll + 2009-07-09 18:35 . 2009-07-09 18:35 245760 c:\windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.1_none_99b61f5e8371c1d4\msvcm90.dll + 2009-08-14 14:34 . 2009-03-08 11:34 208384 c:\windows\System32\WinFXDocObj.exe + 2009-08-14 14:34 . 2009-03-08 11:34 236544 c:\windows\System32\webcheck.dll + 2006-11-02 13:05 . 2009-08-23 01:40 135882 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2009-08-14 14:34 . 2009-03-08 11:33 420352 c:\windows\System32\vbscript.dll - 2006-11-02 08:50 . 2006-11-02 09:46 105984 c:\windows\System32\url.dll + 2009-08-14 14:34 . 2009-03-08 11:34 105984 c:\windows\System32\url.dll + 2009-08-14 14:34 . 2009-03-08 11:33 107008 c:\windows\System32\SetIEInstalledDate.exe - 2007-10-14 07:01 . 2007-10-14 07:01 788992 c:\windows\System32\rpcrt4.dll + 2009-06-10 14:01 . 2009-04-23 13:01 788992 c:\windows\System32\rpcrt4.dll + 2008-08-22 23:03 . 2009-07-22 17:57 185920 c:\windows\System32\rmoc3260.dll - 2008-08-22 23:03 . 2009-05-15 21:00 185920 c:\windows\System32\rmoc3260.dll + 2009-08-14 14:34 . 2009-03-08 11:33 107520 c:\windows\System32\RegisterIEPKEYs.exe - 2009-04-01 21:13 . 2008-12-05 04:29 292352 c:\windows\System32\psisdecd.dll + 2009-06-10 14:01 . 2009-04-30 12:52 292352 c:\windows\System32\psisdecd.dll - 2008-08-22 23:02 . 2009-05-15 21:00 278528 c:\windows\System32\pncrt.dll + 2008-08-22 23:02 . 2009-07-22 17:57 278528 c:\windows\System32\pncrt.dll + 2006-11-02 10:33 . 2009-08-13 00:38 351116 c:\windows\System32\perfh009.dat - 2006-11-02 10:33 . 2009-05-26 22:04 351116 c:\windows\System32\perfh009.dat - 2006-11-02 10:33 . 2009-05-26 22:04 276162 c:\windows\System32\perfc009.dat + 2006-11-02 10:33 . 2009-08-13 00:38 276162 c:\windows\System32\perfc009.dat + 2009-08-14 14:34 . 2009-03-08 11:33 109568 c:\windows\System32\PDMSetup.exe + 2009-08-14 14:37 . 2009-07-21 21:50 206848 c:\windows\System32\occache.dll + 2009-08-14 14:34 . 2009-03-08 11:32 611840 c:\windows\System32\mstime.dll + 2009-08-14 14:34 . 2009-03-08 11:34 193536 c:\windows\System32\msrating.dll + 2009-08-14 14:34 . 2009-03-08 11:22 156160 c:\windows\System32\msls31.dll - 2006-11-02 08:38 . 2006-11-02 09:46 156160 c:\windows\System32\msls31.dll - 2007-03-12 19:02 . 2007-03-12 19:02 947472 c:\windows\System32\msjava.dll + 2008-07-31 14:16 . 2008-07-31 14:16 947472 c:\windows\System32\msjava.dll + 2009-08-14 14:37 . 2009-07-21 21:48 594432 c:\windows\System32\msfeeds.dll + 2000-06-08 12:00 . 2000-06-08 12:00 487696 c:\windows\System32\MSADO15.dll + 2009-07-18 03:21 . 2009-07-18 03:21 257440 c:\windows\System32\Macromed\Flash\NPSWF32_FlashUtil.exe + 2009-06-10 14:01 . 2009-04-23 12:56 696832 c:\windows\System32\localspl.dll + 2009-08-14 14:34 . 2009-03-08 11:33 726528 c:\windows\System32\jscript.dll + 2009-08-14 14:34 . 2009-03-08 11:32 169472 c:\windows\System32\iexpress.exe + 2009-08-14 14:37 . 2009-07-21 21:47 164352 c:\windows\System32\ieui.dll + 2009-08-14 14:37 . 2009-07-21 21:47 184320 c:\windows\System32\iepeers.dll + 2009-08-14 14:37 . 2009-07-21 21:47 386048 c:\windows\System32\iedkcs32.dll + 2009-08-14 14:34 . 2009-03-08 11:11 445952 c:\windows\System32\ieapfltr.dll + 2009-08-14 14:34 . 2009-03-08 11:32 163840 c:\windows\System32\ieakui.dll + 2009-08-14 14:34 . 2009-03-08 11:33 229376 c:\windows\System32\ieaksie.dll + 2009-08-14 14:34 . 2009-03-08 11:33 125952 c:\windows\System32\ieakeng.dll + 2009-08-14 14:37 . 2009-07-21 20:13 173056 c:\windows\System32\ie4uinit.exe + 2009-06-10 15:09 . 2008-04-17 16:12 107368 c:\windows\System32\GEARAspi.dll - 2009-04-01 21:13 . 2008-12-05 04:29 428032 c:\windows\System32\EncDec.dll + 2009-06-10 14:01 . 2009-04-30 12:42 428032 c:\windows\System32\EncDec.dll + 2009-08-14 14:34 . 2009-03-08 11:31 216064 c:\windows\System32\dxtrans.dll + 2009-08-14 14:34 . 2009-03-08 11:31 348160 c:\windows\System32\dxtmsft.dll + 2009-06-10 15:09 . 2008-04-17 16:12 107368 c:\windows\System32\DRVSTORE\GEARAspiWD_F475AF659D36685632E9BD97B57E9D9661FF3FFD\x86\GEARAspi.dll + 2009-07-25 12:36 . 2007-07-03 21:58 106792 c:\windows\System32\DriverStore\FileRepository\sscdw2k.inf_542f1bcb\i386\sscdmdm.sys + 2009-08-14 14:47 . 2009-08-20 01:59 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat + 2009-08-14 14:34 . 2009-03-08 11:32 128512 c:\windows\System32\advpack.dll + 2007-08-26 08:07 . 2009-08-19 03:16 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat - 2007-08-26 08:07 . 2008-04-09 07:05 262144 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat - 2007-08-26 08:06 . 2008-04-09 07:03 262144 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat + 2007-08-26 08:06 . 2009-08-19 03:16 262144 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat + 2008-07-30 03:44 . 2008-07-30 03:44 652800 c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\vs_setup.msi + 2007-08-26 23:03 . 2007-08-26 23:03 364544 c:\windows\Installer\d495ce.msi + 2007-08-26 23:02 . 2007-08-26 23:02 972800 c:\windows\Installer\d495c9.msi + 2009-05-25 12:40 . 2009-05-25 12:40 236032 c:\windows\Installer\c4aad.msi + 2009-04-01 21:18 . 2009-04-01 21:18 432640 c:\windows\Installer\c436d.msi + 2007-08-26 21:43 . 2007-08-26 21:43 965632 c:\windows\Installer\c3e057.msi + 2009-04-22 16:38 . 2009-04-22 16:38 295424 c:\windows\Installer\952d589.msi + 2008-08-08 06:28 . 2008-08-08 06:28 317952 c:\windows\Installer\8acf80c.msp + 2009-04-22 13:42 . 2009-04-22 13:42 817152 c:\windows\Installer\8acf79b.msi + 2009-04-22 13:41 . 2009-04-22 13:41 813568 c:\windows\Installer\8acf76f.msi + 2008-12-13 13:58 . 2008-12-13 13:58 754688 c:\windows\Installer\8acf764.msp + 2009-04-22 13:37 . 2009-04-22 13:37 648192 c:\windows\Installer\8acf75a.msi + 2009-08-14 14:33 . 2009-08-14 14:33 601600 c:\windows\Installer\88e8692.msi + 2007-06-05 13:19 . 2007-06-05 13:19 316928 c:\windows\Installer\6a69b.msi + 2007-06-05 13:16 . 2007-06-05 13:16 390656 c:\windows\Installer\6a68c.msi + 2009-07-07 19:26 . 2009-07-07 19:26 559616 c:\windows\Installer\6505370.msi + 2007-08-30 15:58 . 2007-08-30 15:58 691200 c:\windows\Installer\51651.msi + 2008-08-29 12:27 . 2008-08-29 12:27 838144 c:\windows\Installer\46f5a97.msi + 2007-08-23 06:10 . 2007-08-23 06:10 164352 c:\windows\Installer\459580.msi + 2007-08-26 08:02 . 2007-08-26 08:02 431104 c:\windows\Installer\4072777.msi + 2007-06-05 14:20 . 2007-06-05 14:20 202752 c:\windows\Installer\3d37cf.msi + 2007-06-05 14:17 . 2007-06-05 14:17 200704 c:\windows\Installer\3d37c8.msi + 2007-06-05 14:15 . 2007-06-05 14:15 200704 c:\windows\Installer\3d37b9.msi + 2009-08-05 03:48 . 2009-08-05 03:48 543744 c:\windows\Installer\3289fb7.msi + 2008-08-27 07:09 . 2008-08-27 07:09 431104 c:\windows\Installer\3153f12.msi + 2007-09-11 01:42 . 2007-09-11 01:42 618496 c:\windows\Installer\2cf6792.msi + 2008-02-24 20:49 . 2008-02-24 20:49 911872 c:\windows\Installer\2c49f8.msi + 2008-02-24 20:49 . 2008-02-24 20:49 953344 c:\windows\Installer\2c49f3.msi + 2008-02-24 20:49 . 2008-02-24 20:49 649728 c:\windows\Installer\2c49e4.msi + 2009-05-26 22:28 . 2009-05-26 22:28 598016 c:\windows\Installer\2b16d.msi + 2009-08-18 11:34 . 2009-08-18 11:34 276992 c:\windows\Installer\299d6.msi + 2008-05-25 02:09 . 2008-05-25 02:09 501248 c:\windows\Installer\1eb671.msi + 2008-05-25 02:08 . 2008-05-25 02:08 501248 c:\windows\Installer\1eb64e.msi + 2007-06-05 13:55 . 2007-06-05 13:55 501248 c:\windows\Installer\19b3dd.msi + 2007-06-05 13:55 . 2007-06-05 13:55 506880 c:\windows\Installer\19b3d6.msi + 2007-06-05 13:55 . 2007-06-05 13:55 516608 c:\windows\Installer\19b3ce.msi + 2007-06-05 13:54 . 2007-06-05 13:54 513024 c:\windows\Installer\19b3c5.msi + 2007-06-05 13:54 . 2007-06-05 13:54 501248 c:\windows\Installer\19b3a9.msi + 2007-10-07 02:13 . 2007-10-07 02:13 938496 c:\windows\Installer\171e8f30.msi + 2009-05-23 00:09 . 2009-05-23 00:09 152576 c:\windows\Installer\16773961.msi + 2007-05-30 03:20 . 2007-05-30 03:20 428544 c:\windows\Installer\165b8b.msi + 2008-03-02 02:24 . 2008-03-02 02:24 366592 c:\windows\Installer\12e076a.msi + 2007-09-01 17:29 . 2007-09-01 17:29 881664 c:\windows\Installer\1165a8f.msi + 2007-09-01 22:25 . 2007-09-01 22:25 331264 c:\windows\Installer\10a45d3.msi + 2009-08-20 02:35 . 2009-08-20 02:35 307200 c:\windows\Installer\{E56D39F8-2A9F-44B4-B068-A72E45A073E6}\SafariIco.exe + 2009-08-20 02:33 . 2009-08-20 02:33 102400 c:\windows\Installer\{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}\iTunesIco.exe + 2006-11-02 10:25 . 2009-07-25 12:36 143360 c:\windows\inf\infstrng.dat - 2006-11-02 10:25 . 2009-04-22 19:37 143360 c:\windows\inf\infstrng.dat + 2009-06-10 14:01 . 2009-04-30 12:09 225280 c:\windows\ehome\Microsoft.MediaCenter.dll + 2009-06-10 14:01 . 2009-04-30 12:55 212992 c:\windows\ehome\mcstore.dll - 2009-04-01 21:13 . 2008-12-05 04:29 173056 c:\windows\ehome\McrMgr.exe + 2009-06-10 14:01 . 2009-04-30 12:09 173056 c:\windows\ehome\McrMgr.exe + 2009-06-10 14:01 . 2009-04-30 10:42 253952 c:\windows\ehome\ehvid.exe - 2009-04-01 21:13 . 2008-12-05 04:29 253952 c:\windows\ehome\ehvid.exe - 2009-04-01 21:13 . 2008-12-05 04:25 521728 c:\windows\ehome\ehui.dll + 2009-06-10 14:01 . 2009-04-30 12:00 521728 c:\windows\ehome\ehui.dll + 2009-06-10 14:01 . 2009-04-30 12:41 252416 c:\windows\ehome\ehReplay.dll - 2009-04-01 21:13 . 2008-12-05 04:29 252416 c:\windows\ehome\ehReplay.dll + 2009-06-10 14:01 . 2009-04-30 12:09 532480 c:\windows\ehome\ehRecObj.dll + 2009-06-10 14:01 . 2009-04-30 12:00 105472 c:\windows\ehome\ehPresenter.dll - 2009-04-01 21:13 . 2008-12-05 04:25 105472 c:\windows\ehome\ehPresenter.dll + 2009-06-10 14:01 . 2009-04-30 12:00 278528 c:\windows\ehome\ehPlayer.dll - 2009-04-01 21:13 . 2008-12-05 04:29 372224 c:\windows\ehome\ehglid.dll + 2009-06-10 14:01 . 2009-04-30 12:41 372224 c:\windows\ehome\ehglid.dll + 2009-06-10 14:01 . 2009-04-30 12:09 135168 c:\windows\ehome\ehexthost.exe - 2009-04-01 21:13 . 2008-12-05 04:30 135168 c:\windows\ehome\ehexthost.exe + 2009-06-10 14:01 . 2009-04-30 12:55 876544 c:\windows\ehome\ehepg.dll - 2009-04-01 21:13 . 2008-12-05 04:29 180224 c:\windows\ehome\cbva.dll + 2009-06-10 14:01 . 2009-04-30 12:40 180224 c:\windows\ehome\cbva.dll + 2007-05-30 03:26 . 2007-02-20 12:17 532992 c:\windows\DRIVERS\Bluetooth Driver (Toshiba) 5.10S2Q207 - 5.10.04SO_logo\BtSwInst.msi + 2009-06-10 21:44 . 2009-06-10 21:44 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\41dcf4e0061193634534f67cea2d360e\WindowsFormsIntegration.ni.dll + 2009-06-10 21:44 . 2009-06-10 21:44 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\6f2bb0a35c228aba6e3a02a1238beb20\System.Web.DynamicData.ni.dll + 2009-06-10 21:44 . 2009-06-10 21:44 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\58de8d4959e4d79d8f992dd3ab045a72\SMSvcHost.ni.exe + 2009-06-10 21:44 . 2009-06-10 21:44 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\09f0313dbe55d6d0d843fecc42a93420\ServiceModelReg.ni.exe + 2009-06-10 21:40 . 2009-06-10 21:40 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d299c79f96ad1aaaffcefcc300507c39\PresentationFramework.Classic.ni.dll + 2009-06-10 21:40 . 2009-06-10 21:40 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5bd736acc51b6b3404eb48966f04e02b\PresentationFramework.Luna.ni.dll + 2009-06-10 21:40 . 2009-06-10 21:40 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\0d856d6e0abe60939bcaf53f704eb20a\PresentationFramework.Royale.ni.dll + 2009-06-10 21:40 . 2009-06-10 21:40 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\024d3dc8d8df47a0420a382959c64fdf\PresentationFramework.Aero.ni.dll + 2009-06-10 21:43 . 2009-06-10 21:43 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\d64dd85d512244087920e240e2ead636\Microsoft.Transactions.Bridge.Dtc.ni.dll + 2009-06-10 21:42 . 2009-06-10 21:42 254976 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\d13c7cd1a46a95d1078d0a9c863a41c4\Microsoft.MediaCenter.Shell.ni.dll + 2009-06-10 21:42 . 2009-06-10 21:42 601088 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\79bac4f155c75ff5620814d1b9be8616\Microsoft.MediaCenter.ni.dll + 2009-06-10 21:42 . 2009-06-10 21:42 661504 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\450461d9b5f3df3bfe9ba95c00c2ceeb\Microsoft.MediaCenter.Sports.ni.dll + 2009-06-10 21:43 . 2009-06-10 21:43 244736 c:\windows\assembly\NativeImages_v2.0.50727_32\mcupdate\15f02cd27c30fe2f4f5452fcca922136\mcupdate.ni.exe + 2009-06-10 21:42 . 2009-06-10 21:42 217600 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstoredb\d6f6fedef52eeefc6a2ed2f948eb05a0\mcstoredb.ni.dll + 2009-06-10 21:42 . 2009-06-10 21:42 654848 c:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\9034d233286b58771f88e250e5e1d2b7\mcstore.ni.dll + 2009-06-10 21:42 . 2009-06-10 21:42 160768 c:\windows\assembly\NativeImages_v2.0.50727_32\ehiExtens\e3642e09479435acff2dc0c5b7ad0066\ehiExtens.ni.dll + 2009-06-10 21:42 . 2009-06-10 21:42 246272 c:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost\05ab80d62f34b3a7c1ddbcb9aedc647c\ehExtHost.ni.exe + 2009-06-10 21:42 . 2009-06-10 21:42 306176 c:\windows\assembly\NativeImages_v2.0.50727_32\ehepgdat\955a23fd939cd80c7ab45c063700e718\ehepgdat.ni.dll + 2009-06-10 21:43 . 2009-06-10 21:43 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\700b8218bf42b9c34c1202806960fc4e\ComSvcConfig.ni.exe + 2009-06-10 14:01 . 2009-04-30 12:09 225280 c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.dll + 2009-06-10 14:01 . 2009-04-30 12:55 212992 c:\windows\assembly\GAC_MSIL\mcstore\6.0.6000.0__31bf3856ad364e35\mcstore.dll + 2009-06-10 14:01 . 2009-04-30 12:09 532480 c:\windows\assembly\GAC_MSIL\ehRecObj\6.0.6000.0__31bf3856ad364e35\ehRecObj.dll - 2009-04-01 21:13 . 2008-12-05 04:30 135168 c:\windows\assembly\GAC_MSIL\ehexthost\6.0.6000.0__31bf3856ad364e35\ehexthost.exe + 2009-06-10 14:01 . 2009-04-30 12:09 135168 c:\windows\assembly\GAC_MSIL\ehexthost\6.0.6000.0__31bf3856ad364e35\ehexthost.exe + 2009-06-10 14:01 . 2009-04-30 12:55 876544 c:\windows\assembly\GAC_MSIL\ehepg\6.0.6000.0__31bf3856ad364e35\ehepg.dll + 2009-06-10 14:01 . 2009-04-21 11:42 2034688 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.22119_none_bb61c0cdb0cab623\win32k.sys + 2009-06-10 14:01 . 2009-04-21 11:39 2034688 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6002.18023_none_bac7525a97ba9a40\win32k.sys + 2009-06-10 14:01 . 2009-04-21 13:26 2034176 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.22416_none_b9784e07b3a714fa\win32k.sys + 2009-06-10 14:01 . 2009-04-21 11:55 2033152 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6001.18246_none_b8ce3f929aa1cbdc\win32k.sys + 2009-06-10 14:01 . 2009-04-21 11:55 2030080 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.21044_none_b76f7545b69adb49\win32k.sys + 2009-06-10 14:01 . 2009-04-21 12:04 2028032 c:\windows\winsxs\x86_microsoft-windows-win32k_31bf3856ad364e35_6.0.6000.16849_none_b6eb01ca9d7886f0\win32k.sys + 2009-06-10 14:01 . 2009-04-14 07:03 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.22435_none_f2f64e4f84abbcec\OESpamFilter.dat + 2009-06-10 14:01 . 2009-04-14 07:04 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6001.18259_none_f25b10ee6b9abd39\OESpamFilter.dat + 2009-06-10 14:01 . 2009-04-14 07:18 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.21056_none_f0fb46578794b34f\OESpamFilter.dat + 2009-06-10 14:01 . 2009-04-14 07:06 2409776 c:\windows\winsxs\x86_microsoft-windows-oespamfilter-dat_31bf3856ad364e35_6.0.6000.16860_none_f060ffc26e84642a\OESpamFilter.dat + 2009-06-10 14:01 . 2009-04-30 12:02 1244672 c:\windows\winsxs\x86_microsoft-windows-m..mediadeliveryengine_31bf3856ad364e35_6.0.6000.21051_none_3d9893fe7ba30b35\mcmde.dll + 2009-06-10 14:01 . 2009-04-30 12:44 1244672 c:\windows\winsxs\x86_microsoft-windows-m..mediadeliveryengine_31bf3856ad364e35_6.0.6000.16856_none_3d1420836280b6dc\mcmde.dll + 2009-06-10 13:59 . 2009-04-24 15:57 6071296 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.22418_none_65294180c73d8731\ieframe.dll + 2009-06-10 13:59 . 2009-04-24 16:02 6069248 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.18248_none_647f330bae383e13\ieframe.dll + 2009-06-10 13:59 . 2009-04-24 15:54 6069248 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.21046_none_632068beca314d80\ieframe.dll + 2009-06-10 13:59 . 2009-04-24 16:14 6066176 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6000.16851_none_62872273b12017b2\ieframe.dll + 2009-08-14 14:37 . 2009-07-22 05:58 1985536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.22903_none_2b196baebb6c56e8\iertutil.dll + 2009-08-14 14:37 . 2009-07-21 21:47 1985536 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.18813_none_2a84fef7a256d30f\iertutil.dll + 2009-08-14 14:34 . 2009-03-08 11:32 1985024 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.18702_none_2a8eccb3a24fa0a0\iertutil.dll + 2009-08-14 14:36 . 2009-07-22 05:59 5938176 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.22903_none_f6b8d3f15111a1c1\mshtml.dll + 2009-08-14 14:36 . 2009-07-21 21:48 5937152 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18813_none_f624673a37fc1de8\mshtml.dll + 2009-08-14 14:34 . 2009-03-08 11:41 5937152 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18702_none_f62e34f637f4eb79\mshtml.dll + 2009-06-10 13:59 . 2009-04-24 15:41 3598336 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.22121_none_159e8773387cb8b8\mshtml.dll + 2009-06-10 13:59 . 2009-04-23 12:14 3597824 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6002.18024_none_1517eb861f5c64f3\mshtml.dll + 2009-06-10 13:59 . 2009-04-24 15:58 3582976 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.22418_none_13c9e77d3b47f904\mshtml.dll + 2009-06-10 13:59 . 2009-04-24 16:03 3581952 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6001.18248_none_131fd9082242afe6\mshtml.dll + 2009-06-10 13:59 . 2009-04-24 15:57 3598336 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.21046_none_11c10ebb3e3bbf53\mshtml.dll + 2009-06-10 13:59 . 2009-04-24 16:17 3596288 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_6.0.6000.16851_none_1127c870252a8985\mshtml.dll + 2009-08-14 14:34 . 2009-02-07 04:07 3698584 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_8.0.6001.18702_none_de7d38b18189fc96\ieapfltr.dat + 2007-08-26 08:03 . 2007-08-26 08:03 2455488 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.21046_none_fa10127687d0d070\ieapfltr.dat + 2007-08-26 08:03 . 2007-08-26 08:03 2455488 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16851_none_f976cc2b6ebf9aa2\ieapfltr.dat + 2009-08-14 14:37 . 2009-07-22 06:02 1208832 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.6001.22903_none_9858d93105b211f8\urlmon.dll + 2009-08-14 14:37 . 2009-07-21 21:52 1208832 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.6001.18813_none_97c46c79ec9c8e1f\urlmon.dll + 2009-08-14 14:34 . 2009-03-08 11:34 1206784 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.6001.18702_none_97ce3a35ec955bb0\urlmon.dll + 2009-06-10 13:59 . 2009-04-24 15:43 1167872 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6002.22121_none_b73e8cb2ed1d28ef\urlmon.dll + 2009-06-10 13:59 . 2009-04-23 12:15 1167872 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6002.18024_none_b6b7f0c5d3fcd52a\urlmon.dll + 2009-06-10 13:59 . 2009-04-24 16:00 1166848 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.22418_none_b569ecbcefe8693b\urlmon.dll + 2009-06-10 13:59 . 2009-04-24 16:05 1166336 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.18248_none_b4bfde47d6e3201d\urlmon.dll + 2009-06-10 13:59 . 2009-04-24 16:01 1163264 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.21046_none_b36113faf2dc2f8a\urlmon.dll + 2009-06-10 13:59 . 2009-04-24 16:22 1159680 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6000.16851_none_b2c7cdafd9caf9bc\urlmon.dll + 2009-08-14 14:30 . 2008-01-30 00:43 4247552 c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.20762_none_4064ce3fdd62eaa8\GameUXLegacyGDFs.dll + 2009-08-14 14:30 . 2008-01-30 04:26 1686528 c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.20762_none_4064ce3fdd62eaa8\gameux.dll + 2009-08-14 14:30 . 2008-01-29 00:30 4247552 c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.16633_none_3ffca182c42c1062\GameUXLegacyGDFs.dll + 2009-08-14 14:30 . 2008-01-29 04:16 1686528 c:\windows\winsxs\x86_microsoft-windows-gameexplorer_31bf3856ad364e35_6.0.6000.16633_none_3ffca182c42c1062\gameux.dll + 2009-06-10 14:01 . 2009-04-30 12:00 1498112 c:\windows\winsxs\x86_microsoft-windows-ehome-ehuihlp_31bf3856ad364e35_6.0.6000.21051_none_3a793943475c584d\ehuihlp.dll + 2009-06-10 14:01 . 2009-04-30 12:42 1497088 c:\windows\winsxs\x86_microsoft-windows-ehome-ehuihlp_31bf3856ad364e35_6.0.6000.16856_none_39f4c5c82e3a03f4\ehuihlp.dll + 2009-06-10 14:01 . 2009-04-30 12:17 1384960 c:\windows\winsxs\x86_microsoft-windows-e..-devices-mcx2filter_31bf3856ad364e35_6.0.6001.22423_none_3685ee5032972d7f\Mcx2Filter.dll + 2009-06-10 14:01 . 2009-04-30 12:34 1384960 c:\windows\winsxs\x86_microsoft-windows-e..-devices-mcx2filter_31bf3856ad364e35_6.0.6001.18254_none_35dce0251990fdb8\Mcx2Filter.dll + 2009-06-10 14:01 . 2009-04-30 12:03 1384960 c:\windows\winsxs\x86_microsoft-windows-e..-devices-mcx2filter_31bf3856ad364e35_6.0.6000.21051_none_347d158e358af3ce\Mcx2Filter.dll + 2009-06-10 14:01 . 2009-04-30 12:44 1384960 c:\windows\winsxs\x86_microsoft-windows-e..-devices-mcx2filter_31bf3856ad364e35_6.0.6000.16856_none_33f8a2131c689f75\Mcx2Filter.dll + 2009-08-14 14:30 . 2008-01-30 04:24 2144768 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6000.20762_none_0a88b7ef0e7087a8\AcGenral.dll + 2009-08-14 14:30 . 2008-01-29 04:16 2144256 c:\windows\winsxs\x86_microsoft-windows-a..ence-mitigations-c3_31bf3856ad364e35_6.0.6000.16633_none_0a208b31f539ad62\AcGenral.dll + 2009-06-10 14:01 . 2009-04-30 12:06 1970176 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6002.22126_none_3582bc9f 6d832c6e\Microsoft.MediaCenter.UI.dll + 2009-06-10 14:01 . 2009-04-30 11:54 1970176 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6002.18030_none_34e84e2c 5473108b\Microsoft.MediaCenter.UI.dll + 2009-06-10 14:01 . 2009-04-30 12:21 1970176 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6001.22423_none_339949d9 705f8b45\Microsoft.MediaCenter.UI.dll + 2009-06-10 14:01 . 2009-04-30 12:42 1970176 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6001.18254_none_32f03bae 57595b7e\Microsoft.MediaCenter.UI.dll + 2009-06-10 14:01 . 2009-04-30 12:09 2363392 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6000.21051_none_31907117 73535194\Microsoft.MediaCenter.UI.dll + 2009-06-10 14:01 . 2009-04-30 12:56 2355200 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6000.16856_none_310bfd9c 5a30fd3b\Microsoft.MediaCenter.UI.dll + 2009-06-10 14:01 . 2009-04-30 12:06 1249280 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6002.22126_none_52f46 defac2f2f54\Microsoft.MediaCenter.Shell.dll + 2009-06-10 14:01 . 2009-04-30 11:54 1249280 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6002.18030_none_5259f f7c931f1371\Microsoft.MediaCenter.Shell.dll + 2009-06-10 14:01 . 2009-04-30 12:21 1249280 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6001.22423_none_510af b29af0b8e2b\Microsoft.MediaCenter.Shell.dll + 2009-06-10 14:01 . 2009-04-30 12:42 1253376 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6001.18254_none_5061e cfe96055e64\Microsoft.MediaCenter.Shell.dll + 2009-06-10 14:01 . 2009-04-30 12:09 1282048 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6000.21051_none_4f022 267b1ff547a\Microsoft.MediaCenter.Shell.dll + 2009-06-10 14:01 . 2009-04-30 12:56 1208320 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6000.16856_none_4e7da eec98dd0021\Microsoft.MediaCenter.Shell.dll + 2009-06-10 14:01 . 2009-04-30 12:06 4059136 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6002.22126_none_8df6ca3857eab8be\ehshell.dll + 2009-06-10 14:01 . 2009-04-30 11:54 4059136 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6002.18030_none_8d5c5bc53eda9cdb\ehshell.dll + 2009-06-10 14:01 . 2009-04-30 12:21 4059136 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6001.22423_none_8c0d57725ac71795\ehshell.dll + 2009-06-10 14:01 . 2009-04-30 12:42 4059136 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6001.18254_none_8b64494741c0e7ce\ehshell.dll + 2009-06-10 14:01 . 2009-04-30 12:09 4395008 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6000.21051_none_8a047eb05dbadde4\ehshell.dll + 2009-06-10 14:01 . 2009-04-30 12:55 4382720 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6000.16856_none_89800b354498898b\ehshell.dll - 2009-04-01 21:12 . 2009-02-09 01:59 2028032 c:\windows\System32\win32k.sys + 2009-06-10 14:01 . 2009-04-21 12:04 2028032 c:\windows\System32\win32k.sys + 2009-08-14 14:37 . 2009-07-21 21:52 1208832 c:\windows\System32\urlmon.dll + 2006-11-02 10:22 . 2009-08-14 14:46 6553600 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT - 2006-11-02 10:22 . 2009-05-25 12:42 6553600 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT + 2009-08-14 14:36 . 2009-07-21 21:48 5937152 c:\windows\System32\mshtml.dll - 2009-04-01 21:13 . 2008-12-05 04:29 1244672 c:\windows\System32\mcmde.dll + 2009-06-10 14:01 . 2009-04-30 12:44 1244672 c:\windows\System32\mcmde.dll + 2009-07-18 03:21 . 2009-07-18 03:21 3883424 c:\windows\System32\Macromed\Flash\NPSWF32.dll + 2009-08-14 14:37 . 2009-07-21 21:47 1985536 c:\windows\System32\iertutil.dll + 2009-08-14 14:34 . 2009-02-07 04:07 3698584 c:\windows\System32\ieapfltr.dat + 2006-11-02 12:47 . 2009-06-26 12:15 2246120 c:\windows\System32\FNTCACHE.DAT - 2006-11-02 12:47 . 2009-05-24 22:07 2246120 c:\windows\System32\FNTCACHE.DAT + 2009-06-05 15:42 . 2009-06-05 15:42 2060288 c:\windows\System32\DriverStore\FileRepository\usbaapl.inf_867e7481\usbaaplrc.dll + 2009-06-05 15:42 . 2009-06-05 15:42 1419232 c:\windows\System32\DriverStore\FileRepository\netaapl.inf_56082f61\wdfcoinstaller01005.dll + 2007-06-05 14:29 . 2006-11-02 20:00 5922304 c:\windows\sonysys\WAU\upgrade\netfx\netfx.msi + 2007-05-25 17:37 . 2007-05-25 17:37 9433600 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M929729\M929729Uninstall.msp + 2007-09-12 00:45 . 2007-09-12 00:45 1888256 c:\windows\Installer\f2b48.msi + 2007-09-12 00:44 . 2007-09-12 00:44 1786880 c:\windows\Installer\f2b38.msi + 2007-09-12 00:43 . 2007-09-12 00:43 1733120 c:\windows\Installer\f2b27.msi + 2007-09-12 00:43 . 2007-09-12 00:43 1768448 c:\windows\Installer\f2b22.msi + 2007-09-12 00:42 . 2007-09-12 00:42 1722880 c:\windows\Installer\f2b1d.msi + 2007-09-12 00:42 . 2007-09-12 00:42 1723904 c:\windows\Installer\f2b16.msi + 2007-09-12 00:42 . 2007-09-12 00:42 1722880 c:\windows\Installer\f2b0d.msi + 2007-09-12 00:40 . 2007-09-12 00:40 1774592 c:\windows\Installer\f2afa.msi + 2007-09-01 12:42 . 2007-09-01 12:42 2919936 c:\windows\Installer\f1c1b.msi + 2007-08-26 23:15 . 2007-08-26 23:15 1480704 c:\windows\Installer\d495f0.msi + 2007-08-26 23:13 . 2007-08-26 23:13 4020224 c:\windows\Installer\d495e8.msi + 2007-08-26 23:07 . 2007-08-26 23:07 1348096 c:\windows\Installer\d495d1.msi + 2007-08-26 21:47 . 2007-08-26 21:47 3924992 c:\windows\Installer\c3e1a8.msi + 2008-06-30 23:45 . 2008-06-30 23:45 4753408 c:\windows\Installer\b57b35.msp + 2009-01-15 07:35 . 2009-01-15 07:35 4830720 c:\windows\Installer\a31a879.msp + 2009-06-25 00:55 . 2009-06-25 00:55 1845760 c:\windows\Installer\94eb5b.msi + 2009-06-25 00:54 . 2009-06-25 00:54 1775104 c:\windows\Installer\94eb4e.msi + 2009-04-22 13:46 . 2009-04-22 13:46 6643712 c:\windows\Installer\8acf801.msi + 2009-04-22 13:43 . 2009-04-22 13:43 1087488 c:\windows\Installer\8acf7ad.msi + 2007-05-30 04:05 . 2007-05-30 04:05 1419264 c:\windows\Installer\889f8.msi + 2008-01-24 04:09 . 2008-01-24 04:09 1784832 c:\windows\Installer\717e6.msi + 2008-01-24 04:08 . 2008-01-24 04:08 2437632 c:\windows\Installer\717e0.msi + 2008-01-24 04:06 . 2008-01-24 04:06 2344448 c:\windows\Installer\717da.msi + 2008-01-24 04:05 . 2008-01-24 04:05 2771456 c:\windows\Installer\717d4.msi + 2008-01-24 04:02 . 2008-01-24 04:02 2242048 c:\windows\Installer\717ce.msi + 2008-01-24 03:51 . 2008-01-24 03:51 1727488 c:\windows\Installer\71779.msi + 2008-01-24 03:50 . 2008-01-24 03:50 1784832 c:\windows\Installer\7176f.msi + 2008-01-24 03:46 . 2008-01-24 03:46 1787904 c:\windows\Installer\7176a.msi + 2007-10-14 22:08 . 2007-10-14 22:08 1479168 c:\windows\Installer\6a44a2.msi + 2008-01-26 03:33 . 2008-01-26 03:33 2999808 c:\windows\Installer\63b9c4.msi + 2008-01-26 03:29 . 2008-01-26 03:29 3240448 c:\windows\Installer\63b9bd.msi + 2008-06-15 03:03 . 2008-06-15 03:03 1430016 c:\windows\Installer\62b8b24.msi + 2008-05-09 15:16 . 2008-05-09 15:16 4272128 c:\windows\Installer\60b4b.msi + 2008-10-05 09:12 . 2008-10-05 09:12 4784128 c:\windows\Installer\5eca200.msp + 2007-06-05 13:15 . 2007-06-05 13:15 3443712 c:\windows\Installer\58b08.msi + 2008-04-10 11:31 . 2008-04-10 11:31 1785344 c:\windows\Installer\5337f8.msi + 2008-04-10 11:31 . 2008-04-10 11:31 2399744 c:\windows\Installer\5337f2.msi + 2008-04-10 11:29 . 2008-04-10 11:29 3037184 c:\windows\Installer\5337eb.msi + 2008-04-10 11:26 . 2008-04-10 11:26 2485760 c:\windows\Installer\5337d8.msi + 2008-04-10 11:23 . 2008-04-10 11:23 2423808 c:\windows\Installer\5337c5.msi + 2008-04-10 11:21 . 2008-04-10 11:21 1786368 c:\windows\Installer\5337b2.msi + 2008-04-10 11:20 . 2008-04-10 11:20 1784832 c:\windows\Installer\5337ac.msi + 2008-04-10 11:20 . 2008-04-10 11:20 1786880 c:\windows\Installer\53379f.msi + 2008-04-10 11:19 . 2008-04-10 11:19 1898496 c:\windows\Installer\533799.msi + 2008-04-10 11:18 . 2008-04-10 11:18 1765888 c:\windows\Installer\533793.msi + 2008-04-10 11:18 . 2008-04-10 11:18 1763840 c:\windows\Installer\53377e.msi + 2008-04-10 11:17 . 2008-04-10 11:17 1794560 c:\windows\Installer\533777.msi + 2008-04-10 11:16 . 2008-04-10 11:16 1786880 c:\windows\Installer\533772.msi + 2008-04-10 11:13 . 2008-04-10 11:13 1792512 c:\windows\Installer\5336f9.msi + 2007-10-26 21:28 . 2007-10-26 21:28 4314112 c:\windows\Installer\50a7c54.msi + 2007-10-26 21:27 . 2007-10-26 21:27 2931200 c:\windows\Installer\50a7c46.msi + 2007-10-26 21:24 . 2007-10-26 21:24 9917952 c:\windows\Installer\50a7c38.msi + 2009-06-03 17:31 . 2009-06-03 17:31 8992256 c:\windows\Installer\508c15.msi + 2009-06-03 17:28 . 2009-06-03 17:28 1549312 c:\windows\Installer\5089b8.msi + 2007-06-05 14:37 . 2007-06-05 14:37 1046016 c:\windows\Installer\503ba4.msi + 2007-03-21 21:46 . 2007-03-21 21:46 8198656 c:\windows\Installer\5037c8.msp + 2007-03-21 21:46 . 2007-03-21 21:46 2047488 c:\windows\Installer\5037b5.msp + 2009-07-25 12:35 . 2009-07-25 12:35 2827776 c:\windows\Installer\4cd7a81.msi + 2007-09-12 00:15 . 2007-09-12 00:15 1784320 c:\windows\Installer\4ca311b.msi + 2009-08-13 20:07 . 2009-08-13 20:07 4057088 c:\windows\Installer\491fc27.msi + 2009-08-13 20:03 . 2009-08-13 20:03 3285504 c:\windows\Installer\491fc16.msi + 2009-08-13 20:02 . 2009-08-13 20:02 3178496 c:\windows\Installer\491fc11.msi + 2009-08-13 20:01 . 2009-08-13 20:01 3075072 c:\windows\Installer\491fc0c.msi + 2009-08-13 20:01 . 2009-08-13 20:01 3089408 c:\windows\Installer\491fc07.msi + 2009-08-13 20:00 . 2009-08-13 20:00 3078656 c:\windows\Installer\491fc02.msi + 2009-08-13 20:00 . 2009-08-13 20:00 3146240 c:\windows\Installer\491fbfd.msi + 2009-08-13 20:00 . 2009-08-13 20:00 3083776 c:\windows\Installer\491fbf8.msi + 2009-08-13 19:59 . 2009-08-13 19:59 3076096 c:\windows\Installer\491fbee.msi + 2009-08-13 19:59 . 2009-08-13 19:59 3079680 c:\windows\Installer\491fbe9.msi + 2009-08-13 19:58 . 2009-08-13 19:58 3087360 c:\windows\Installer\491fbe4.msi + 2009-08-13 19:57 . 2009-08-13 19:57 3094016 c:\windows\Installer\491fb9a.msi + 2009-08-13 19:57 . 2009-08-13 19:57 3831808 c:\windows\Installer\491fb95.msi + 2009-08-13 19:56 . 2009-08-13 19:56 3073024 c:\windows\Installer\491fb8f.msi + 2009-08-13 19:56 . 2009-08-13 19:56 3110912 c:\windows\Installer\491fb84.msi + 2009-08-13 19:55 . 2009-08-13 19:55 3150848 c:\windows\Installer\491fb77.msi + 2009-08-13 19:55 . 2009-08-13 19:55 3273216 c:\windows\Installer\491fb6f.msi + 2009-08-13 19:54 . 2009-08-13 19:54 3186176 c:\windows\Installer\491fb69.msi + 2009-08-13 19:53 . 2009-08-13 19:53 3228160 c:\windows\Installer\491fb64.msi + 2009-08-13 19:53 . 2009-08-13 19:53 3070976 c:\windows\Installer\491fb5f.msi + 2009-08-13 19:51 . 2009-08-13 19:51 3174400 c:\windows\Installer\491fb5a.msi + 2007-09-11 22:37 . 2007-09-11 22:37 1954304 c:\windows\Installer\4668513.msi + 2007-09-11 22:36 . 2007-09-11 22:36 1826816 c:\windows\Installer\466850e.msi + 2007-09-11 22:35 . 2007-09-11 22:35 2078208 c:\windows\Installer\46684e8.msi + 2007-09-11 22:33 . 2007-09-11 22:33 2159104 c:\windows\Installer\46684dd.msi + 2007-09-11 22:31 . 2007-09-11 22:31 1761792 c:\windows\Installer\46684d2.msi + 2007-09-11 22:31 . 2007-09-11 22:31 1720832 c:\windows\Installer\46684c8.msi + 2007-09-11 22:30 . 2007-09-11 22:30 2595840 c:\windows\Installer\46684c3.msi + 2007-09-11 22:26 . 2007-09-11 22:26 1826304 c:\windows\Installer\46684be.msi + 2007-09-11 22:26 . 2007-09-11 22:26 1716736 c:\windows\Installer\46684b9.msi + 2007-09-11 22:25 . 2007-09-11 22:25 1772544 c:\windows\Installer\46684b4.msi + 2008-07-09 15:21 . 2008-07-09 15:21 4372992 c:\windows\Installer\3ee3d70.msi + 2007-06-05 14:24 . 2007-06-05 14:24 8154624 c:\windows\Installer\3d37db.msi + 2009-08-05 03:39 . 2009-08-05 03:39 1066496 c:\windows\Installer\3289fb3.msi + 2008-02-15 12:54 . 2008-02-15 12:54 9736192 c:\windows\Installer\3153fda.msp + 2007-03-31 02:20 . 2007-03-31 02:20 5800960 c:\windows\Installer\3153f90.msp + 2008-04-11 22:08 . 2008-04-11 22:08 6302720 c:\windows\Installer\3153f2b.msp + 2008-04-11 22:48 . 2008-04-11 22:48 6774272 c:\windows\Installer\3153efc.msp + 2008-07-16 23:01 . 2008-07-16 23:01 5110272 c:\windows\Installer\3153ee4.msp + 2008-04-18 18:56 . 2008-04-18 18:56 6215680 c:\windows\Installer\3153eb0.msp + 2007-06-01 19:54 . 2007-06-01 19:54 9626624 c:\windows\Installer\3153e8a.msp + 2007-09-11 01:43 . 2007-09-11 01:43 5724672 c:\windows\Installer\2cf6799.msi + 2008-02-24 20:49 . 2008-02-24 20:49 1259520 c:\windows\Installer\2c49f7.msi + 2008-02-24 20:49 . 2008-02-24 20:49 1261056 c:\windows\Installer\2c49f5.msi + 2008-02-24 20:49 . 2008-02-24 20:49 1262080 c:\windows\Installer\2c49e6.msi + 2009-08-20 02:35 . 2009-08-20 02:35 2487808 c:\windows\Installer\271e3d5.msi + 2009-08-20 02:32 . 2009-08-20 02:32 4945408 c:\windows\Installer\271e3d0.msi + 2009-08-20 02:30 . 2009-08-20 02:30 3295232 c:\windows\Installer\271e085.msi + 2009-08-20 02:27 . 2009-08-20 02:27 1665024 c:\windows\Installer\271e060.msi + 2007-09-25 16:10 . 2007-09-25 16:10 1759744 c:\windows\Installer\1ee8ae3a.msi + 2007-09-25 16:10 . 2007-09-25 16:10 1758720 c:\windows\Installer\1ee8ae35.msi + 2007-09-25 16:10 . 2007-09-25 16:10 1716736 c:\windows\Installer\1ee8ae30.msi + 2007-09-25 16:09 . 2007-09-25 16:09 1720832 c:\windows\Installer\1ee8ae2b.msi + 2007-09-25 16:09 . 2007-09-25 16:09 1744384 c:\windows\Installer\1ee8ae26.msi + 2007-09-25 16:08 . 2007-09-25 16:08 1718272 c:\windows\Installer\1ee8ae21.msi + 2007-09-25 16:08 . 2007-09-25 16:08 1885184 c:\windows\Installer\1ee8ae1c.msi + 2008-05-25 02:09 . 2008-05-25 02:09 1652736 c:\windows\Installer\1eb66c.msi + 2008-05-25 02:09 . 2008-05-25 02:09 1652736 c:\windows\Installer\1eb664.msi + 2008-05-25 02:08 . 2008-05-25 02:08 2319872 c:\windows\Installer\1eb653.msi + 2008-05-25 02:08 . 2008-05-25 02:08 1647616 c:\windows\Installer\1eb649.msi + 2008-05-25 02:07 . 2008-05-25 02:07 2022912 c:\windows\Installer\1eb641.msi + 2008-01-12 00:29 . 2008-01-12 00:29 1417216 c:\windows\Installer\1a605c.msi + 2007-06-05 13:56 . 2007-06-05 13:56 9613312 c:\windows\Installer\19b401.msi + 2007-06-05 13:55 . 2007-06-05 13:55 1652736 c:\windows\Installer\19b3e4.msi + 2007-06-05 13:54 . 2007-06-05 13:54 1640960 c:\windows\Installer\19b3be.msi + 2007-06-05 13:54 . 2007-06-05 13:54 1640960 c:\windows\Installer\19b3b7.msi + 2007-06-05 13:54 . 2007-06-05 13:54 1713152 c:\windows\Installer\19b3b0.msi + 2007-06-05 13:54 . 2007-06-05 13:54 2397184 c:\windows\Installer\19b3a2.msi + 2007-06-05 13:39 . 2007-06-05 13:39 4537344 c:\windows\Installer\19b317.msi + 2007-06-05 13:36 . 2007-06-05 13:36 1487872 c:\windows\Installer\19b311.msi + 2007-10-02 21:57 . 2007-10-02 21:57 1769984 c:\windows\Installer\19ab6ac.msi + 2007-10-02 21:56 . 2007-10-02 21:56 1767424 c:\windows\Installer\19ab69e.msi + 2009-06-10 15:06 . 2009-06-10 15:06 1659392 c:\windows\Installer\1743c90c.msi + 2007-10-02 21:16 . 2007-10-02 21:16 1879040 c:\windows\Installer\17056ad.msi + 2007-10-02 21:16 . 2007-10-02 21:16 1767424 c:\windows\Installer\17056a8.msi + 2007-10-02 21:11 . 2007-10-02 21:11 1845248 c:\windows\Installer\17056a3.msi + 2007-10-02 21:10 . 2007-10-02 21:10 1768448 c:\windows\Installer\1705645.msi + 2009-06-10 13:54 . 2009-06-10 13:54 1401344 c:\windows\Installer\170220aa.msi + 2008-02-18 21:30 . 2008-02-18 21:30 2428416 c:\windows\Installer\1546ec.msi + 2008-02-18 21:25 . 2008-02-18 21:25 1767424 c:\windows\Installer\1546e3.msi + 2009-06-24 23:15 . 2009-06-24 23:15 2962432 c:\windows\Installer\1200c8.msi + 2009-06-10 14:01 . 2009-04-30 12:09 2363392 c:\windows\ehome\Microsoft.MediaCenter.UI.dll + 2009-06-10 14:01 . 2009-04-30 12:09 1282048 c:\windows\ehome\Microsoft.MediaCenter.Shell.dll - 2009-04-01 21:13 . 2008-12-05 04:29 1384960 c:\windows\ehome\Mcx2Filter.dll + 2009-06-10 14:01 . 2009-04-30 12:44 1384960 c:\windows\ehome\Mcx2Filter.dll + 2009-06-10 14:01 . 2009-04-30 12:00 1498112 c:\windows\ehome\ehuihlp.dll - 2009-04-01 21:13 . 2008-12-05 04:25 1498112 c:\windows\ehome\ehuihlp.dll + 2009-06-10 14:01 . 2009-04-30 12:09 4395008 c:\windows\ehome\ehshell.dll + 2007-10-14 20:44 . 2007-10-14 20:44 8581632 c:\windows\Downloaded Installations\{3E547985-AA94-4B1B-8ADD-21E060E5E31F}\Adobe Photoshop Album 3.2 SE.msi + 2008-10-09 04:10 . 2003-05-19 21:46 2243072 c:\windows\Cache\Adobe Reader 6.0\ENUMIN\Adobe Reader 6.0.msi + 2009-06-10 21:44 . 2009-06-10 21:44 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\770bd1f92877fcca1e7d5520deb1524b\System.WorkflowServices.ni.dll + 2009-06-10 21:44 . 2009-06-10 21:44 2403328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\060fca61fc10971f381204ccb623fc58\System.Web.Extensions.ni.dll + 2009-06-10 21:44 . 2009-06-10 21:44 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\463d79ec2065b26873bffcd35615d00b\System.ServiceModel.Web.ni.dll + 2009-06-10 21:43 . 2009-06-10 21:43 1035264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\9def64da16f075e10ce1b0cb97e44646\System.Printing.ni.dll + 2009-06-10 21:44 . 2009-06-10 21:44 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\58408e7157a149ee82d88687489d61ed\System.Data.Services.ni.dll + 2009-06-10 21:44 . 2009-06-10 21:44 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\bbab0671945f6dfb330735832b8db69c\ReachFramework.ni.dll + 2009-06-10 21:43 . 2009-06-10 21:43 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\bdc87c67f45de6c8798344e2625d3801\PresentationUI.ni.dll + 2009-06-10 21:43 . 2009-06-10 21:43 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f19fe1d203e18c2002cc0a7cfbcc8000\Microsoft.Transactions.Bridge.ni.dll + 2009-06-10 21:42 . 2009-06-10 21:42 5795840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\1182310f1b028bd8d3b927090cde69db\Microsoft.MediaCenter.UI.ni.dll + 2009-06-10 21:42 . 2009-06-10 21:42 1734144 c:\windows\assembly\NativeImages_v2.0.50727_32\ehRecObj\25aee7959fac0183c89f42b872a48b55\ehRecObj.ni.dll + 2009-06-10 21:42 . 2009-06-10 21:42 2157056 c:\windows\assembly\NativeImages_v2.0.50727_32\ehepg\f1afaeeb8b86ee14f622741460adc56c\ehepg.ni.dll + 2009-06-10 14:01 . 2009-04-30 12:09 2363392 c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter.UI\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.UI.dll + 2009-06-10 14:01 . 2009-04-30 12:09 1282048 c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Shell\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.Shell.dll + 2009-06-10 14:01 . 2009-04-30 12:09 4395008 c:\windows\assembly\GAC_MSIL\ehshell\6.0.6000.0__31bf3856ad364e35\ehshell.dll + 2009-08-14 14:37 . 2009-07-22 05:58 11068416 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.22903_none_48182df4dd072fee\ieframe.dll + 2009-08-14 14:36 . 2009-07-21 21:47 11067392 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.18813_none_4783c13dc3f1ac15\ieframe.dll + 2009-08-14 14:34 . 2009-03-08 11:39 11063808 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.18702_none_478d8ef9c3ea79a6\ieframe.dll + 2009-06-10 14:01 . 2009-04-30 12:02 10111488 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6002.22126_none_546c7a3e66c6e86b\ehres.dll + 2009-06-10 14:01 . 2009-04-30 11:47 10111488 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6002.18030_none_53d20bcb4db6cc88\ehres.dll + 2009-06-10 14:01 . 2009-04-30 12:16 10111488 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6001.22423_none_5283077869a34742\ehres.dll + 2009-06-10 14:01 . 2009-04-30 12:33 10111488 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6001.18254_none_51d9f94d509d177b\ehres.dll + 2009-06-10 14:01 . 2009-04-30 12:00 10111488 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6000.21051_none_507a2eb66c970d91\ehres.dll + 2009-06-10 14:01 . 2009-04-30 12:42 10101760 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6000.16856_none_4ff5bb3b5374b938\ehres.dll + 2006-11-02 10:24 . 2009-06-01 16:51 23635392 c:\windows\System32\mrt.exe + 2009-08-14 14:36 . 2009-07-21 21:47 11067392 c:\windows\System32\ieframe.dll + 2007-06-05 14:29 . 2006-11-02 20:00 19210240 c:\windows\sonysys\WAU\upgrade\netfx\netfx.msp + 2008-01-28 05:16 . 2008-01-28 05:17 23309824 c:\windows\Installer\a8d8d0.msi + 2008-01-24 04:00 . 2008-01-24 04:00 10476544 c:\windows\Installer\717c7.msi + 2007-06-05 13:18 . 2007-06-05 13:18 67702784 c:\windows\Installer\6a693.msi + 2007-06-05 13:16 . 2007-06-05 13:16 19210240 c:\windows\Installer\6a685.msp + 2008-01-10 21:41 . 2008-01-10 21:41 10590208 c:\windows\Installer\4ebff7d.msi + 2008-03-29 20:53 . 2008-03-29 20:53 13948416 c:\windows\Installer\4e9ded7.msi + 2009-03-24 13:12 . 2009-03-24 13:12 21084160 c:\windows\Installer\49a34c.msi + 2007-08-26 08:04 . 2007-08-26 08:04 14939136 c:\windows\Installer\407278c.msp + 2008-02-16 12:41 . 2008-02-16 12:41 37983232 c:\windows\Installer\38e1f.msp + 2008-02-16 12:42 . 2008-02-16 12:42 11395584 c:\windows\Installer\38e1e.msp + 2008-02-16 12:45 . 2008-02-16 12:45 20783104 c:\windows\Installer\38e1d.msp + 2008-07-03 15:36 . 2008-07-03 15:36 11937792 c:\windows\Installer\3153fb6.msp + 2008-04-11 22:07 . 2008-04-11 22:07 13257728 c:\windows\Installer\3153f6b.msp + 2008-07-03 15:37 . 2008-07-03 15:37 11759104 c:\windows\Installer\3153f44.msp + 2007-09-11 01:45 . 2007-09-11 01:45 11673088 c:\windows\Installer\2cf67a0.msi + 2007-09-11 01:40 . 2007-09-11 01:40 15163392 c:\windows\Installer\2cf678d.msi + 2008-05-21 05:30 . 2008-05-21 05:30 14308864 c:\windows\Installer\29131.msp + 2008-07-24 02:23 . 2008-07-24 02:23 20336128 c:\windows\Installer\2466d70.msi + 2008-07-24 02:06 . 2008-07-24 02:06 13139456 c:\windows\Installer\24662f6.msi + 2008-05-25 02:18 . 2008-05-25 02:18 18181632 c:\windows\Installer\1eb8de.msi + 2007-06-05 14:00 . 2007-06-05 14:00 11121664 c:\windows\Installer\19b419.msi + 2007-06-05 13:59 . 2007-06-05 13:59 10117632 c:\windows\Installer\19b411.msi + 2009-06-10 14:01 . 2009-04-30 12:42 10101760 c:\windows\ehome\ehres.dll + 2007-08-23 04:52 . 2007-08-23 04:52 14232576 c:\windows\Downloaded Installations\{8CBA308A-6D79-44E6-9450-D3F0A0F743A8}\e-Sword.msi + 2008-08-29 11:47 . 2008-08-29 11:47 14421504 c:\windows\Downloaded Installations\{695F9BF8-89F2-4C0E-BB40-3E657C8032AF}\e-Sword.msi + 2007-06-05 13:36 . 2007-06-05 13:36 10796544 c:\windows\Downloaded Installations\{5DF3957F-216D-4BD2-B53B-EF35D9BBB8D7}\LocationFree Player.msi + 2009-06-10 21:43 . 2009-06-10 21:43 17317888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\550d497e3f4cc73b5e323711edb1b592\System.ServiceModel.ni.dll + 2009-06-10 21:40 . 2009-06-10 21:40 14327808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4f15f4468f90ae42f43a74b94b064fae\PresentationFramework.ni.dll + 2009-06-10 21:38 . 2009-06-10 21:38 12216320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\8a84d9c1f313d52f24bf191df15eead2\PresentationCore.ni.dll + 2009-06-10 21:42 . 2009-06-10 21:42 11860992 c:\windows\assembly\NativeImages_v2.0.50727_32\ehshell\9c8dd3f4377f80725dbd74ea112bea83\ehshell.ni.dll + 2008-02-15 01:47 . 2009-08-14 14:37 139895894 c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440] "DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2006-11-12 157592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-09 835584] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-01-12 623992] "VAIOSecurity"="c:\program files\Sony\VAIO Security Center\VSC.exe" [2007-03-14 2322432] "VAIOCameraUtility"="c:\program files\Sony\VAIO Camera Utility\VCUServe.exe" [2007-02-08 411768] "OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-05-08 86016] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-05-08 81920] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-05-08 8429568] "Microsoft Works Update Detection"="c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2002-07-17 28672] "ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-04-02 321656] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-02-12 174872] "AppMon Utility"="c:\program files\Sony\AppMonUtil\AppMonUtility.exe" [2007-04-12 415864] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 849280] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-02-21 366400] "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2008-03-06 236016] "Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-26 148888] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-30 1948440] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-22 198160] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-21 177472] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-03-28 4390912] c:\users\jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632] Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2008-10-16 3450608] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe [2008-1-24 295606] Adobe Acrobat Synchronizer.lnk - c:\program files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2008-2-16 738968] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2007-04-24 00:19 98304 ----a-w- c:\windows\System32\VESWinlogon.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer5"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk \0SsiEfr.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk backup=c:\windows\pss\QuickBooks Update Agent.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{B2B2D27B-98F2-49F0-B07D-5A9B4373B84D}"= UDP:c:\program files\Sony\LocationFreePlayer\LFPC3\LFPC3.exe:LocationFree Player "{646451B4-FE5B-418A-9EAF-07491CCD0409}"= TCP:c:\program files\Sony\LocationFreePlayer\LFPC3\LFPC3.exe:LocationFree Player "{D1802DF7-6891-49D1-B8C8-6C49CCA9CD0B}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{3DC44E21-133D-4D43-9EE4-188960969E63}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{7AE6069F-9BCB-4897-A566-F0514E4F8940}"= Disabled:UDP:c:\program files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media "{58A6CF64-127E-425F-8801-8B518B653A1D}"= Disabled:TCP:c:\program files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media "{747AE73B-1D89-4681-BEF6-254C034E2648}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{8A9F55DF-8740-48CA-BC1F-5C2CB751D354}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{CC9F93C8-491D-4D35-96C9-519E37618A50}"= UDP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare™ "{9C2C1816-5074-4570-B1DD-07BAC599585E}"= TCP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare™ "{16BB9C54-AFA8-4956-8256-D197F5F87AF7}"= UDP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil "{CFD61583-6D0F-4ECF-90BD-C0B5471C220C}"= TCP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil "{C30C879A-2A97-4D1A-B4DA-F332D5E359E9}"= UDP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil "{6F5506B4-0D8A-4746-A760-032CAFEF58E8}"= TCP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil "{1565D5C6-F7F6-42E8-A7BE-4189D571611A}"= UDP:3703:Adobe Version Cue CS3 Server "{C555D3C1-46C9-4805-8A60-A656921C2DF6}"= UDP:3704:Adobe Version Cue CS3 Server "{E3BF3FF4-D219-4F77-A50A-5FCF17CF26EC}"= UDP:50900:Adobe Version Cue CS3 Server "{9CF68788-735D-436C-9BEF-4358ECBD0AF8}"= UDP:50901:Adobe Version Cue CS3 Server "{D609E531-7C0D-422A-8BFD-4BD68D51A9C2}"= UDP:c:\program files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server "{F72220DC-2EFC-4E46-9D3D-54741DC22CA1}"= TCP:c:\program files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server "{D8AFFEE4-C391-4082-8F6C-88F576C19389}"= UDP:3703:Adobe Version Cue CS3 Server "{EDB44D35-8E26-4BF4-9D18-6DEA1DD6B502}"= UDP:3704:Adobe Version Cue CS3 Server "{B60598B1-8221-4FF9-8095-CC8EC7DF2F5F}"= UDP:50900:Adobe Version Cue CS3 Server "{FFCC6807-22D6-4726-8AF9-023A8F047BF3}"= UDP:50901:Adobe Version Cue CS3 Server "{4AED6625-81FF-42BE-9642-0EC2DD81BEB5}"= UDP:c:\program files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server "{7E712E0F-F19B-4703-9122-326AF3E002A2}"= TCP:c:\program files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server "{58781EAA-2583-4CBA-929F-9C6B75FA6B8E}"= Disabled:UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{328719D2-742C-44DB-AA4B-ECA5C4861BB4}"= Disabled:TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{86A2DBB2-9710-46D4-87CF-B2202AE84D7C}"= UDP:c:\windows\System32\lxdccoms.exe:Lexmark Communications System "{B9336D20-22F5-4FB8-8BAB-FA1B4DECE21A}"= TCP:c:\windows\System32\lxdccoms.exe:Lexmark Communications System "{05B55E16-2730-4721-BC32-D5C6C6971529}"= UDP:c:\program files\Lexmark 1300 Series\lxdcamon.exe:Lexmark Device Monitor "{8AFE7321-C84C-46D1-A4CC-C2609A090246}"= TCP:c:\program files\Lexmark 1300 Series\lxdcamon.exe:Lexmark Device Monitor "{FBBCC76C-4C8F-45A0-B96E-05B73412310F}"= UDP:c:\program files\Lexmark 1300 Series\App4R.exe:Lexmark Imaging Studio "{857A2126-90A1-47B0-9F71-06D4318934BD}"= TCP:c:\program files\Lexmark 1300 Series\App4R.exe:Lexmark Imaging Studio "{4D6B2D22-8323-47AB-806D-CA5AC37B3B9B}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdcpswx.exe: "{B67B3776-E815-43F0-AEAD-CB7AC96E5A3B}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdcpswx.exe: "{E040BDFA-3F02-4C97-B49D-6FA0BD948336}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdcjswx.exe: "{41BF51B6-4AEC-427A-9A33-D5E1FB3526E1}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdcjswx.exe: "{F2074D86-2DFB-4974-BFB5-707B8A380A61}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdctime.exe: "{201C1480-CC0D-4E37-A002-568B2005D105}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdctime.exe: "{1FD43BDA-F75D-49BD-BB6E-2F20BD1F184A}"= TCP:6004\|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{7B2AFC58-865F-49D0-93D9-E978CFD3F91A}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{1546DC7A-BEF7-4C5B-8581-613B46233BB3}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{2012A7A8-9187-487A-BD73-DBEA0690F7AE}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe "TCP Query User{5A1D7A1C-FBC8-47D1-BF60-760AD34A35FB}c:\\program files\\adobe\\adobe dreamweaver cs3\\dreamweaver.exe"= UDP:c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe:Adobe Dreamweaver CS3 "UDP Query User{F511655C-C0D7-4621-8B73-3F8BFD71C117}c:\\program files\\adobe\\adobe dreamweaver cs3\\dreamweaver.exe"= TCP:c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe:Adobe Dreamweaver CS3 "TCP Query User{020E1CD6-D7F3-430B-8528-2B594E7377DF}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{9E9A7D27-25DD-4792-B405-04330A3F0C1A}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "{35013237-4D7A-43F8-90B7-104610B00BD0}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe "{9BF2B137-9273-41FE-8289-A0939E70F683}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In) "{E368974D-F2C3-4DE1-8D27-36DFA36C9F78}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In) "{C501CBAD-B008-49A3-91DB-B3C5AD4FED67}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{3E562249-8B0B-49CE-9780-8E2D93B5585F}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "TCP Query User{41D20C8B-B62D-4FDC-B4BB-FBBB7D26B2BC}c:\\xampp\\apache\\bin\\httpd.exe"= UDP:c:\xampp\apache\bin\httpd.exe:Apache HTTP Server "UDP Query User{73AF0AD8-39C4-4C0B-8648-89BF08A4EED7}c:\\xampp\\apache\\bin\\httpd.exe"= TCP:c:\xampp\apache\bin\httpd.exe:Apache HTTP Server "TCP Query User{240B9561-1EDA-4BAC-909A-9866645941B2}c:\\xampp\\mysql\\bin\\mysqld.exe"= UDP:c:\xampp\mysql\bin\mysqld.exe:mysqld "UDP Query User{CB322C04-95AB-415E-81C7-7EAAC7BA6A5C}c:\\xampp\\mysql\\bin\\mysqld.exe"= TCP:c:\xampp\mysql\bin\mysqld.exe:mysqld "TCP Query User{5B2AE974-E403-4110-BB84-80C4873AFFE3}c:\\program files\\adobe\\adobe contribute cs3\\contribute.exe"= UDP:c:\program files\adobe\adobe contribute cs3\contribute.exe:Contribute "UDP Query User{211E9092-22F3-4BD9-B79B-31EC164EEC59}c:\\program files\\adobe\\adobe contribute cs3\\contribute.exe"= TCP:c:\program files\adobe\adobe contribute cs3\contribute.exe:Contribute "{E3C8F973-5A4B-45D0-A6E3-267990401061}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent "{6FCAA160-64CE-481E-9B78-89EA7896768D}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent "{B1EF72B1-726B-4F67-A705-1903E120A3D6}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (TCP-In) "{F1F5AF48-1E30-4D16-9742-C89955D590BF}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (UDP-In) "{26FDD4DC-3722-412F-A25E-13666497F40B}"= UDP:5353:Adobe CSI CS4 "{152056AA-07C5-4068-B1A0-1849A64C0977}"= UDP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4 "{CF06E59E-B16B-4682-B20C-70BD5C502BEB}"= TCP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4 "TCP Query User{2FBC77AE-82E4-4710-B643-55EBB2972D73}c:\\program files\\adobe\\adobe dreamweaver cs4\\dreamweaver.exe"= UDP:c:\program files\adobe\adobe dreamweaver cs4\dreamweaver.exe:Adobe Dreamweaver CS4 "UDP Query User{CB14F040-7BF5-4326-A88B-5F169701D643}c:\\program files\\adobe\\adobe dreamweaver cs4\\dreamweaver.exe"= TCP:c:\program files\adobe\adobe dreamweaver cs4\dreamweaver.exe:Adobe Dreamweaver CS4 "{58E85713-A035-4319-966E-BD18BC7EFEF5}"= UDP:c:\programdata\9a80e22\WI9a80.exe:Windows Protection Suite "{692D744E-01F2-40D6-8F31-1DB5DFD2AC49}"= TCP:c:\programdata\9a80e22\WI9a80.exe:Windows Protection Suite "{1A166FA9-DFF5-470A-89AF-7E6FBD7AC338}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{E969FADD-F915-43B9-BA81-6A496B947242}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722\|UDP:%SystemRoot%\system32\svchost.exe\|Svc=DFSR:Allow inbound TCP traffic\| [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe::Enabled:BitTorrent R0 AFS;AFS;c:\windows\System32\drivers\AFS.SYS [1/28/2008 1:19 AM 79052] R0 pssnap;Paramount Software Snapshot Filter;c:\windows\System32\drivers\pssnap.sys [5/20/2008 8:32 AM 15328] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [6/5/2009 10:51 PM 335752] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [6/5/2009 10:51 PM 108552] R2 lxdc_device;lxdc_device;c:\windows\system32\lxdccoms.exe -service --> c:\windows\system32\lxdccoms.exe -service [?] R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [11/24/2008 10:31 PM 29263712] R2 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [8/6/2008 11:34 AM 216032] R2 regi;regi;c:\windows\System32\drivers\regi.sys [4/17/2007 11:09 PM 11032] R2 Sukoku Service;Sukoku Service;c:\programdata\Sukoku\sukoku113.exe [8/18/2009 7:38 AM 49152] R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\System32\drivers\R5U870FLx86.sys [5/29/2007 10:38 PM 73472] R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\System32\drivers\R5U870FUx86.sys [5/29/2007 10:38 PM 43904] R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\System32\drivers\SonyImgF.sys [5/29/2007 11:26 PM 31104] R3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21sony.sys [4/23/2007 2:29 PM 812544] S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [6/5/2009 10:50 PM 298776] S2 gupdate1c9e9d28843f9d0;Google Update Service (gupdate1c9e9d28843f9d0);c:\program files\Google\Update\GoogleUpdate.exe [6/10/2009 9:51 AM 133104] S2 lxdcCATSCustConnectService;lxdcCATSCustConnectService;c:\windows\System32\spool\drivers\w32x86\3\lxdcserv.exe [4/30/2007 4:04 PM 99248] S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\drivers\ASPI32.SYS [1/6/2009 10:26 AM 84832] S3 getPlus® Helper;getPlus® Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [7/18/2008 11:01 AM 66048] S3 ICScsiSV;Image Converter SCSI Service;c:\program files\Sony\Image Converter 3\ICScsiSV.exe [6/5/2007 9:36 AM 75952] S3 IcVzMonLauncher;IcVzMonLauncher;c:\program files\Sony\Image Converter 3\IcVzMonLauncher.exe [6/5/2007 9:36 AM 67760] S3 slim;Sony Lucid Integrated Mpeg encoder;c:\windows\System32\drivers\slim.sys [5/29/2007 10:51 PM 699520] S4 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [6/5/2007 10:17 AM 745472] S4 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [6/5/2007 10:17 AM 397312] S4 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [6/5/2007 10:17 AM 1089536] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Contents of the 'Scheduled Tasks' folder 2009-08-23 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-15 13:50] 2009-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 13:51] 2009-08-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 13:51] 2009-08-24 c:\windows\Tasks\User_Feed_Synchronization-{2958714F-C4A5-4623-B88B-A8A30EFE3942}.job - c:\windows\system32\msfeedssync.exe [2009-08-14 20:13] . - - - - ORPHANS REMOVED - - - - WebBrowser-{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - (no file) WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file) . ------- Supplementary Scan ------- . mStart Page = hxxp://www.google.com DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab FF - ProfilePath - c:\users\jeff\AppData\Roaming\Mozilla\Firefox\Profiles\hi30mrvu.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1601.7122\npCIDetect13.dll FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-08-23 23:12 Windows 6.0.6000 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Completion time: 2009-08-24 23:15 ComboFix-quarantined-files.txt 2009-08-24 03:15 ComboFix2.txt 2009-06-03 17:40 ComboFix3.txt 2009-06-03 16:11 Pre-Run: 17,534,107,648 bytes free Post-Run: 19,099,316,224 bytes free 1227 --- E O F --- 2009-06-10 14:10

LDTate View Member Profile	Aug 24 2009, 12:28 PM Post #11
Forum God Group: Root Admin Posts: 48,278 Joined: 23-September 04 From: Missouri, USA Member No.: 15,276	Copy/paste the text in the Codebox below into notepad: Here's how to do that: Click Start > Run type Notepad click OK. This will open an empty notepad file: Take your mouse, and place your cursor at the beginning of the text in the box below, then click and hold the left mouse button, while pulling your mouse over the text. This should highlight the text. Now release the left mouse button. Now, with the cursor over the highlighted text, right click the mouse for options, and select 'copy'. Now over the empty Notepad box, right click your mouse again, and select 'paste' and you will have copied and pasted the text. CODE File:: c:\programdata\Sukoku\sukoku113.exe Folder:: c:\program files\Sukoku c:\programdata\Sukoku Driver:: Registry:: Save this file to your desktop, Save this as "CFScript" Here's how to do that: 1.Click File; 2.Click Save As... Change the directory to your desktop; 3.Change the Save as type to "All Files"; 4.Type in the file name: CFScript 5.Click Save ... Drag CFScript.txt into ComboFix.exe Then post the results log and a new HijackThis log. Also please describe how your computer behaves at the moment.

jv0802 View Member Profile	Aug 25 2009, 08:39 AM Post #12
Authentic Member Group: Authentic Member Posts: 28 Joined: 27-May 09 Member No.: 85,988 Operating System: windows vista	ok i copied that script and put it into combofix which is renamed worksnow. At first i got a message saying you can not run combo fix while it is renamed worksnow, rename it with alphanumeric symbols, or something like that. So i renamed it worksnow1 and it seemed to run fine. My computer wont allow me to access my AVG, so i cant turn it off to run combofix. I didnt seem to cause a problem here is the log ComboFix 09-08-22.06 - jeff 08/25/2009 9:53.4.2 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.3070.1572 [GMT -4:00] Running from: c:\users\jeff\Desktop\worksnow1.exe Command switches used :: c:\users\jeff\Desktop\CFScript.txt AV: AVG Anti-Virus Free On-access scanning disabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} SP: AVG Anti-Virus Free enabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} SP: Spyware Doctor disabled (Updated) {1C3EDD79-273E-46ac-99F8-EFA9E7CBC301} SP: Windows Defender disabled (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} FILE :: "c:\programdata\Sukoku\sukoku113.exe" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Sukoku c:\program files\Sukoku\sukoku.dll c:\program files\Sukoku\sukoku.exe c:\program files\Sukoku\uninstall.exe c:\programdata\Sukoku c:\programdata\Sukoku\sukoku113.exe . ((((((((((((((((((((((((( Files Created from 2009-07-25 to 2009-08-25 ))))))))))))))))))))))))))))))) . 2009-08-25 14:01 . 2009-08-25 14:01 -------- d-----w- c:\users\Public\AppData\Local\temp 2009-08-25 14:01 . 2009-08-25 14:01 -------- d-----w- c:\users\dvd-rip\AppData\Local\temp 2009-08-25 14:01 . 2009-08-25 14:01 -------- d-----w- c:\users\Default\AppData\Local\temp 2009-08-25 14:01 . 2009-08-25 14:01 -------- d-----w- c:\users\Administrator\AppData\Local\temp 2009-08-25 13:48 . 2009-08-25 13:48 -------- d-s---w- C:\worksnow 2009-08-20 02:34 . 2009-08-20 02:35 -------- d-----w- c:\program files\Safari 2009-08-20 02:32 . 2009-08-20 02:32 -------- d-----w- c:\program files\iPod 2009-08-20 02:32 . 2009-08-20 02:32 -------- d-----w- c:\program files\iTunes 2009-08-20 02:28 . 2009-08-20 02:28 75040 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe 2009-08-19 04:08 . 2009-08-19 04:34 14 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\cid.drv 2009-08-19 03:58 . 2009-08-19 05:29 78 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\kernel32.sys 2009-08-19 03:36 . 2009-08-19 03:36 41 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\FS.sys 2009-08-19 02:54 . 2009-08-19 06:00 8 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\ANTIGEN.drv 2009-08-19 02:09 . 2009-08-19 02:09 5 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\eb.exe 2009-08-19 02:00 . 2009-08-19 02:00 9 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\pal.drv 2009-08-18 19:01 . 2009-08-18 19:01 45 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\ppal.exe 2009-08-18 18:18 . 2009-08-19 03:47 27 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\SM.drv 2009-08-18 18:18 . 2009-08-18 18:18 70 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\pal.dll 2009-08-18 18:18 . 2009-08-18 18:18 12 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\eb.drv 2009-08-18 14:28 . 2009-08-18 14:28 45 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\snl2w.exe 2009-08-18 14:28 . 2009-08-18 14:28 77 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\cb.exe 2009-08-18 14:28 . 2009-08-18 14:29 48 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\CLSV.exe 2009-08-18 14:28 . 2009-08-18 14:28 41 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\energy.drv 2009-08-18 14:28 . 2009-06-12 20:27 710136 ----a-w- c:\programdata\9a80e22\mozcrt19.dll 2009-08-18 14:28 . 2009-06-12 20:27 435704 ----a-w- c:\programdata\9a80e22\sqlite3.dll 2009-08-18 14:28 . 2009-08-19 10:38 -------- d-sh--w- c:\programdata\9a80e22 2009-08-18 14:22 . 2009-08-19 05:29 -------- d-----w- c:\program files\Common Files\Uninstall 2009-08-18 11:34 . 2009-08-19 03:18 -------- dc-h--w- c:\programdata\{F14A989E-0102-460B-ADB5-BC208314A307} 2009-08-14 16:38 . 2009-08-14 16:38 -------- d-----w- c:\program files\AviSynth 2.5 2009-08-14 16:38 . 2007-05-17 21:30 318976 ----a-w- c:\windows\system32\avisynth.dll 2009-08-14 16:38 . 2004-02-22 14:11 719872 ----a-w- c:\windows\system32\devil.dll 2009-08-14 16:38 . 2004-01-25 04:00 70656 ----a-w- c:\windows\system32\yv12vfw.dll 2009-08-14 16:38 . 2004-01-25 04:00 70656 ----a-w- c:\windows\system32\i420vfw.dll 2009-08-13 20:08 . 2008-03-16 12:30 216064 --sh--r- c:\windows\system32\nbDX.dll 2009-08-13 20:08 . 2007-02-21 10:47 31232 --sh--r- c:\windows\system32\msfDX.dll 2009-08-13 20:08 . 2006-05-03 09:06 163328 --sh--r- c:\windows\system32\flvDX.dll 2009-08-13 20:08 . 2009-08-13 20:08 -------- d-----w- c:\program files\eRightSoft 2009-08-13 20:04 . 2009-08-13 20:04 -------- d-----w- c:\program files\Adobe Media Player 2009-08-13 19:23 . 2009-08-13 19:23 -------- d-----w- c:\program files\BitTorrent 2009-08-05 03:49 . 2009-08-05 03:49 -------- d-----w- c:\programdata\Macrium 2009-08-05 03:48 . 2009-08-05 03:48 43646 ----a-r- c:\users\jeff\AppData\Roaming\Microsoft\Installer\{3BAD2D97-4900-4014-A2F5-B549802CEEE2}\_E3296CA52D73B98AE9B5F9.exe 2009-08-05 03:48 . 2009-08-05 03:48 43646 ----a-r- c:\users\jeff\AppData\Roaming\Microsoft\Installer\{3BAD2D97-4900-4014-A2F5-B549802CEEE2}\_D707CE1C009F1381803C2C.exe 2009-08-05 03:48 . 2009-08-05 03:48 43646 ----a-r- c:\users\jeff\AppData\Roaming\Microsoft\Installer\{3BAD2D97-4900-4014-A2F5-B549802CEEE2}\_BBCA226959C1D3D63C885B.exe 2009-08-05 03:48 . 2009-08-05 03:48 43646 ----a-r- c:\users\jeff\AppData\Roaming\Microsoft\Installer\{3BAD2D97-4900-4014-A2F5-B549802CEEE2}\_21F3885A18D238E15AAE81.exe 2009-08-05 03:48 . 2009-08-05 03:48 29926 ----a-r- c:\users\jeff\AppData\Roaming\Microsoft\Installer\{3BAD2D97-4900-4014-A2F5-B549802CEEE2}\_EDC08689E679B6EDDC26F8.exe 2009-08-05 03:48 . 2009-08-05 03:48 109534 ----a-r- c:\users\jeff\AppData\Roaming\Microsoft\Installer\{3BAD2D97-4900-4014-A2F5-B549802CEEE2}\_6FEFF9B68218417F98F549.exe 2009-08-05 03:48 . 2009-08-05 03:48 -------- d-----w- c:\program files\Macrium 2009-08-05 03:37 . 2009-08-05 03:37 -------- d-----w- c:\programdata\eSellerate 2009-08-05 03:34 . 2009-08-19 02:57 -------- d-----w- c:\program files\Memeo . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-08-24 02:59 . 2008-05-04 01:42 -------- d-----w- c:\programdata\avg8 2009-08-20 02:32 . 2007-09-30 07:43 -------- d-----w- c:\program files\Common Files\Apple 2009-08-19 04:52 . 2009-05-26 14:09 -------- d-----w- c:\program files\kill 2009-08-19 04:41 . 2009-05-26 22:24 3942047 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-08-19 03:26 . 2009-08-18 22:07 36 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\DBOLE.sys 2009-08-19 03:12 . 2007-08-22 22:57 214286 ----a-w- c:\users\jeff\AppData\Roaming\nvModes.dat 2009-08-19 02:57 . 2007-05-30 03:52 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-08-19 02:57 . 2008-06-15 03:04 -------- d-s---w- c:\programdata\Memeo 2009-08-19 02:20 . 2009-08-18 17:03 8 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\PE.sys 2009-08-19 02:00 . 2009-08-19 02:00 50 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\eb.dll 2009-08-19 02:00 . 2009-08-19 02:00 20 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\PE.drv 2009-08-19 02:00 . 2009-08-18 14:29 76 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\cb.sys 2009-08-19 02:00 . 2009-08-18 14:29 5 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\ANTIGEN.dll 2009-08-19 02:00 . 2009-08-19 02:00 70 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\cid.dll 2009-08-19 02:00 . 2009-08-18 19:01 26 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\tjd.drv 2009-08-19 02:00 . 2009-08-18 19:01 14 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\kernel32.drv 2009-08-19 02:00 . 2009-08-19 02:00 53 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\PE.exe 2009-08-19 02:00 . 2009-08-18 14:29 62 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\runddlkey.dll 2009-08-19 02:00 . 2009-08-19 02:00 51 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\eb.sys 2009-08-19 02:00 . 2009-08-19 02:00 34 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\tjd.sys 2009-08-19 01:29 . 2008-08-09 21:02 -------- d-----w- c:\users\jeff\AppData\Roaming\DNA 2009-08-18 22:56 . 2008-08-09 21:02 -------- d-----w- c:\program files\DNA 2009-08-18 22:07 . 2009-08-18 22:07 47 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\kernel32.dll 2009-08-18 22:07 . 2009-08-18 22:07 47 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\exec.sys 2009-08-18 22:07 . 2009-08-18 22:07 46 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\CLSV.sys 2009-08-18 22:07 . 2009-08-18 22:07 15 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\hymt.drv 2009-08-18 22:07 . 2009-08-18 14:29 70 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\sld.dll 2009-08-18 22:07 . 2009-08-18 22:07 34 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\dudl.sys 2009-08-18 19:01 . 2009-08-18 14:28 17 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\exec.exe 2009-08-18 17:03 . 2009-08-18 17:03 73 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\energy.exe 2009-08-18 17:03 . 2009-08-18 14:28 59 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\PE.dll 2009-08-18 14:29 . 2009-08-18 14:29 36 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\CLSV.drv 2009-08-18 14:29 . 2009-08-18 14:29 29 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\sld.drv 2009-08-18 14:29 . 2009-08-18 14:29 60 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\fix.drv 2009-08-18 14:29 . 2009-08-18 14:29 32 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\fan.sys 2009-08-18 14:29 . 2009-08-18 14:29 55 ----a-w- c:\users\jeff\AppData\Roaming\Microsoft\Windows\Recent\runddlkey.drv 2009-08-13 20:48 . 2009-04-21 19:23 -------- d-----w- c:\program files\StockPicker RT 2009-08-13 20:03 . 2007-05-30 04:02 -------- d-----w- c:\program files\Common Files\Adobe 2009-08-10 13:24 . 2008-02-12 22:29 -------- d-----w- c:\program files\Google 2009-08-07 20:48 . 2009-07-07 19:24 -------- d-----w- c:\program files\ExcelMySQlMagicDemo 2009-08-07 20:48 . 2009-07-07 16:07 -------- d-----w- c:\program files\ExcelMySQlConverterDemo 2009-08-05 03:40 . 2008-06-15 03:09 -------- d-----w- c:\program files\Picasa2 2009-08-03 17:36 . 2009-05-26 14:09 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-08-03 17:36 . 2009-05-26 14:09 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-07-25 12:35 . 2009-07-25 12:35 -------- d-----w- c:\program files\Samsung 2009-07-25 10:31 . 2009-07-25 10:31 713992 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2009-07-24 17:04 . 2009-07-24 17:04 -------- d-----w- c:\users\jeff\AppData\Roaming\kompozer.net 2009-07-22 17:58 . 2009-07-22 17:58 -------- d-----w- c:\program files\Common Files\xing shared 2009-07-22 17:57 . 2007-08-23 06:09 -------- d-----w- c:\program files\Common Files\Real 2009-07-21 21:52 . 2009-08-14 14:37 915456 ----a-w- c:\windows\system32\wininet.dll 2009-07-21 21:47 . 2009-08-14 14:37 109056 ----a-w- c:\windows\system32\iesysprep.dll 2009-07-21 21:47 . 2009-08-14 14:37 71680 ----a-w- c:\windows\system32\iesetup.dll 2009-07-21 20:13 . 2009-08-14 14:37 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-07-09 18:29 . 2009-06-06 02:51 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-07-08 13:12 . 2007-08-28 19:39 -------- d-----w- c:\users\jeff\AppData\Roaming\OpenOffice.org2 2009-07-07 19:48 . 2008-07-09 15:24 1 ----a-w- c:\users\jeff\AppData\Roaming\OpenOffice.org2\user\uno_packages\cache\stamp.sys 2009-07-07 19:26 . 2009-07-07 19:26 -------- d-----w- c:\program files\SQL Converter 2 for Excel 2009-07-07 19:25 . 2007-09-12 00:14 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2009-07-02 12:03 . 2009-07-02 12:03 86016 ----a-w- c:\programdata\NOS\Adobe_Downloads\arh.exe 2009-07-02 12:03 . 2008-07-18 15:01 -------- d-----w- c:\programdata\NOS 2009-06-30 12:39 . 2009-06-06 02:51 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-06-30 12:39 . 2009-06-06 02:50 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-06-06 02:51 . 2009-06-06 02:51 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll 2006-05-03 09:06 . 2009-08-13 20:08 163328 --sh--r- c:\windows\System32\flvDX.dll 2007-02-21 10:47 . 2009-08-13 20:08 31232 --sh--r- c:\windows\System32\msfDX.dll 2008-03-16 12:30 . 2009-08-13 20:08 216064 --sh--r- c:\windows\System32\nbDX.dll . ((((((((((((((((((((((((((((( SnapShot_2009-08-24_03.12.50 ))))))))))))))))))))))))))))))))))))))))) . - 2007-08-22 22:43 . 2009-08-23 21:35 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2007-08-22 22:43 . 2009-08-23 01:39 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2007-08-22 22:43 . 2009-08-23 21:35 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2007-08-22 22:43 . 2009-08-23 01:39 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2007-08-22 22:43 . 2009-08-23 21:35 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2007-08-22 22:43 . 2009-08-23 01:39 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-08-23 01:37 . 2009-08-23 01:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2009-08-25 14:03 . 2009-08-25 14:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2009-08-25 14:03 . 2009-08-25 14:03 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-08-23 01:37 . 2009-08-23 01:37 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440] "DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2006-11-12 157592] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-09 835584] "Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2008-01-12 623992] "VAIOSecurity"="c:\program files\Sony\VAIO Security Center\VSC.exe" [2007-03-14 2322432] "VAIOCameraUtility"="c:\program files\Sony\VAIO Camera Utility\VCUServe.exe" [2007-02-08 411768] "OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-05-08 86016] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-05-08 81920] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-05-08 8429568] "Microsoft Works Update Detection"="c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2002-07-17 28672] "ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-04-02 321656] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-02-12 174872] "AppMon Utility"="c:\program files\Sony\AppMonUtil\AppMonUtility.exe" [2007-04-12 415864] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2007-02-05 849280] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2007-02-21 366400] "RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2008-03-06 236016] "Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2006-11-02 215552] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-26 148888] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-30 1948440] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-22 198160] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-21 177472] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-03-28 4390912] c:\users\jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632] Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2008-10-16 3450608] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe [2008-1-24 295606] Adobe Acrobat Synchronizer.lnk - c:\program files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe [2008-2-16 738968] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2007-04-24 00:19 98304 ----a-w- c:\windows\System32\VESWinlogon.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer5"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk \0SsiEfr.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk backup=c:\windows\pss\QuickBooks Update Agent.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{B2B2D27B-98F2-49F0-B07D-5A9B4373B84D}"= UDP:c:\program files\Sony\LocationFreePlayer\LFPC3\LFPC3.exe:LocationFree Player "{646451B4-FE5B-418A-9EAF-07491CCD0409}"= TCP:c:\program files\Sony\LocationFreePlayer\LFPC3\LFPC3.exe:LocationFree Player "{D1802DF7-6891-49D1-B8C8-6C49CCA9CD0B}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{3DC44E21-133D-4D43-9EE4-188960969E63}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{7AE6069F-9BCB-4897-A566-F0514E4F8940}"= Disabled:UDP:c:\program files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media "{58A6CF64-127E-425F-8801-8B518B653A1D}"= Disabled:TCP:c:\program files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media "{747AE73B-1D89-4681-BEF6-254C034E2648}"= UDP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{8A9F55DF-8740-48CA-BC1F-5C2CB751D354}"= TCP:c:\windows\System32\PnkBstrA.exe:PnkBstrA "{CC9F93C8-491D-4D35-96C9-519E37618A50}"= UDP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare™ "{9C2C1816-5074-4570-B1DD-07BAC599585E}"= TCP:c:\program files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty® 4 - Modern Warfare™ "{16BB9C54-AFA8-4956-8256-D197F5F87AF7}"= UDP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil "{CFD61583-6D0F-4ECF-90BD-C0B5471C220C}"= TCP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil "{C30C879A-2A97-4D1A-B4DA-F332D5E359E9}"= UDP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil "{6F5506B4-0D8A-4746-A760-032CAFEF58E8}"= TCP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil "{1565D5C6-F7F6-42E8-A7BE-4189D571611A}"= UDP:3703:Adobe Version Cue CS3 Server "{C555D3C1-46C9-4805-8A60-A656921C2DF6}"= UDP:3704:Adobe Version Cue CS3 Server "{E3BF3FF4-D219-4F77-A50A-5FCF17CF26EC}"= UDP:50900:Adobe Version Cue CS3 Server "{9CF68788-735D-436C-9BEF-4358ECBD0AF8}"= UDP:50901:Adobe Version Cue CS3 Server "{D609E531-7C0D-422A-8BFD-4BD68D51A9C2}"= UDP:c:\program files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server "{F72220DC-2EFC-4E46-9D3D-54741DC22CA1}"= TCP:c:\program files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server "{D8AFFEE4-C391-4082-8F6C-88F576C19389}"= UDP:3703:Adobe Version Cue CS3 Server "{EDB44D35-8E26-4BF4-9D18-6DEA1DD6B502}"= UDP:3704:Adobe Version Cue CS3 Server "{B60598B1-8221-4FF9-8095-CC8EC7DF2F5F}"= UDP:50900:Adobe Version Cue CS3 Server "{FFCC6807-22D6-4726-8AF9-023A8F047BF3}"= UDP:50901:Adobe Version Cue CS3 Server "{4AED6625-81FF-42BE-9642-0EC2DD81BEB5}"= UDP:c:\program files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server "{7E712E0F-F19B-4703-9122-326AF3E002A2}"= TCP:c:\program files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server "{58781EAA-2583-4CBA-929F-9C6B75FA6B8E}"= Disabled:UDP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{328719D2-742C-44DB-AA4B-ECA5C4861BB4}"= Disabled:TCP:c:\windows\System32\PnkBstrB.exe:PnkBstrB "{86A2DBB2-9710-46D4-87CF-B2202AE84D7C}"= UDP:c:\windows\System32\lxdccoms.exe:Lexmark Communications System "{B9336D20-22F5-4FB8-8BAB-FA1B4DECE21A}"= TCP:c:\windows\System32\lxdccoms.exe:Lexmark Communications System "{05B55E16-2730-4721-BC32-D5C6C6971529}"= UDP:c:\program files\Lexmark 1300 Series\lxdcamon.exe:Lexmark Device Monitor "{8AFE7321-C84C-46D1-A4CC-C2609A090246}"= TCP:c:\program files\Lexmark 1300 Series\lxdcamon.exe:Lexmark Device Monitor "{FBBCC76C-4C8F-45A0-B96E-05B73412310F}"= UDP:c:\program files\Lexmark 1300 Series\App4R.exe:Lexmark Imaging Studio "{857A2126-90A1-47B0-9F71-06D4318934BD}"= TCP:c:\program files\Lexmark 1300 Series\App4R.exe:Lexmark Imaging Studio "{4D6B2D22-8323-47AB-806D-CA5AC37B3B9B}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdcpswx.exe: "{B67B3776-E815-43F0-AEAD-CB7AC96E5A3B}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdcpswx.exe: "{E040BDFA-3F02-4C97-B49D-6FA0BD948336}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdcjswx.exe: "{41BF51B6-4AEC-427A-9A33-D5E1FB3526E1}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdcjswx.exe: "{F2074D86-2DFB-4974-BFB5-707B8A380A61}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdctime.exe: "{201C1480-CC0D-4E37-A002-568B2005D105}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdctime.exe: "{1FD43BDA-F75D-49BD-BB6E-2F20BD1F184A}"= TCP:6004\|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{7B2AFC58-865F-49D0-93D9-E978CFD3F91A}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{1546DC7A-BEF7-4C5B-8581-613B46233BB3}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{2012A7A8-9187-487A-BD73-DBEA0690F7AE}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe "TCP Query User{5A1D7A1C-FBC8-47D1-BF60-760AD34A35FB}c:\\program files\\adobe\\adobe dreamweaver cs3\\dreamweaver.exe"= UDP:c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe:Adobe Dreamweaver CS3 "UDP Query User{F511655C-C0D7-4621-8B73-3F8BFD71C117}c:\\program files\\adobe\\adobe dreamweaver cs3\\dreamweaver.exe"= TCP:c:\program files\adobe\adobe dreamweaver cs3\dreamweaver.exe:Adobe Dreamweaver CS3 "TCP Query User{020E1CD6-D7F3-430B-8528-2B594E7377DF}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{9E9A7D27-25DD-4792-B405-04330A3F0C1A}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "{35013237-4D7A-43F8-90B7-104610B00BD0}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe "{9BF2B137-9273-41FE-8289-A0939E70F683}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In) "{E368974D-F2C3-4DE1-8D27-36DFA36C9F78}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In) "{C501CBAD-B008-49A3-91DB-B3C5AD4FED67}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{3E562249-8B0B-49CE-9780-8E2D93B5585F}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "TCP Query User{41D20C8B-B62D-4FDC-B4BB-FBBB7D26B2BC}c:\\xampp\\apache\\bin\\httpd.exe"= UDP:c:\xampp\apache\bin\httpd.exe:Apache HTTP Server "UDP Query User{73AF0AD8-39C4-4C0B-8648-89BF08A4EED7}c:\\xampp\\apache\\bin\\httpd.exe"= TCP:c:\xampp\apache\bin\httpd.exe:Apache HTTP Server "TCP Query User{240B9561-1EDA-4BAC-909A-9866645941B2}c:\\xampp\\mysql\\bin\\mysqld.exe"= UDP:c:\xampp\mysql\bin\mysqld.exe:mysqld "UDP Query User{CB322C04-95AB-415E-81C7-7EAAC7BA6A5C}c:\\xampp\\mysql\\bin\\mysqld.exe"= TCP:c:\xampp\mysql\bin\mysqld.exe:mysqld "TCP Query User{5B2AE974-E403-4110-BB84-80C4873AFFE3}c:\\program files\\adobe\\adobe contribute cs3\\contribute.exe"= UDP:c:\program files\adobe\adobe contribute cs3\contribute.exe:Contribute "UDP Query User{211E9092-22F3-4BD9-B79B-31EC164EEC59}c:\\program files\\adobe\\adobe contribute cs3\\contribute.exe"= TCP:c:\program files\adobe\adobe contribute cs3\contribute.exe:Contribute "{E3C8F973-5A4B-45D0-A6E3-267990401061}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent "{6FCAA160-64CE-481E-9B78-89EA7896768D}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent "{B1EF72B1-726B-4F67-A705-1903E120A3D6}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (TCP-In) "{F1F5AF48-1E30-4D16-9742-C89955D590BF}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (UDP-In) "{26FDD4DC-3722-412F-A25E-13666497F40B}"= UDP:5353:Adobe CSI CS4 "{152056AA-07C5-4068-B1A0-1849A64C0977}"= UDP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4 "{CF06E59E-B16B-4682-B20C-70BD5C502BEB}"= TCP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:Adobe CSI CS4 "TCP Query User{2FBC77AE-82E4-4710-B643-55EBB2972D73}c:\\program files\\adobe\\adobe dreamweaver cs4\\dreamweaver.exe"= UDP:c:\program files\adobe\adobe dreamweaver cs4\dreamweaver.exe:Adobe Dreamweaver CS4 "UDP Query User{CB14F040-7BF5-4326-A88B-5F169701D643}c:\\program files\\adobe\\adobe dreamweaver cs4\\dreamweaver.exe"= TCP:c:\program files\adobe\adobe dreamweaver cs4\dreamweaver.exe:Adobe Dreamweaver CS4 "{58E85713-A035-4319-966E-BD18BC7EFEF5}"= UDP:c:\programdata\9a80e22\WI9a80.exe:Windows Protection Suite "{692D744E-01F2-40D6-8F31-1DB5DFD2AC49}"= TCP:c:\programdata\9a80e22\WI9a80.exe:Windows Protection Suite "{1A166FA9-DFF5-470A-89AF-7E6FBD7AC338}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{E969FADD-F915-43B9-BA81-6A496B947242}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722\|UDP:%SystemRoot%\system32\svchost.exe\|Svc=DFSR:Allow inbound TCP traffic\| [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe::Enabled:BitTorrent R0 AFS;AFS;c:\windows\System32\drivers\AFS.SYS [1/28/2008 1:19 AM 79052] R0 pssnap;Paramount Software Snapshot Filter;c:\windows\System32\drivers\pssnap.sys [5/20/2008 8:32 AM 15328] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [6/5/2009 10:51 PM 335752] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [6/5/2009 10:51 PM 108552] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [6/5/2009 10:50 PM 298776] R2 lxdc_device;lxdc_device;c:\windows\system32\lxdccoms.exe -service --> c:\windows\system32\lxdccoms.exe -service [?] R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [11/24/2008 10:31 PM 29263712] R2 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [8/6/2008 11:34 AM 216032] R2 regi;regi;c:\windows\System32\drivers\regi.sys [4/17/2007 11:09 PM 11032] R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\System32\drivers\R5U870FLx86.sys [5/29/2007 10:38 PM 73472] R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\System32\drivers\R5U870FUx86.sys [5/29/2007 10:38 PM 43904] R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\System32\drivers\SonyImgF.sys [5/29/2007 11:26 PM 31104] R3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21sony.sys [4/23/2007 2:29 PM 812544] S2 gupdate1c9e9d28843f9d0;Google Update Service (gupdate1c9e9d28843f9d0);c:\program files\Google\Update\GoogleUpdate.exe [6/10/2009 9:51 AM 133104] S2 lxdcCATSCustConnectService;lxdcCATSCustConnectService;c:\windows\System32\spool\drivers\w32x86\3\lxdcserv.exe [4/30/2007 4:04 PM 99248] S2 Sukoku Service;Sukoku Service;"c:\programdata\Sukoku\sukoku113.exe" "c:\program files\Sukoku\sukoku.dll" Service --> c:\programdata\Sukoku\sukoku113.exe [?] S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\drivers\ASPI32.SYS [1/6/2009 10:26 AM 84832] S3 getPlus® Helper;getPlus® Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [7/18/2008 11:01 AM 66048] S3 ICScsiSV;Image Converter SCSI Service;c:\program files\Sony\Image Converter 3\ICScsiSV.exe [6/5/2007 9:36 AM 75952] S3 IcVzMonLauncher;IcVzMonLauncher;c:\program files\Sony\Image Converter 3\IcVzMonLauncher.exe [6/5/2007 9:36 AM 67760] S3 slim;Sony Lucid Integrated Mpeg encoder;c:\windows\System32\drivers\slim.sys [5/29/2007 10:51 PM 699520] S4 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [6/5/2007 10:17 AM 745472] S4 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [6/5/2007 10:17 AM 397312] S4 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [6/5/2007 10:17 AM 1089536] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Contents of the 'Scheduled Tasks' folder 2009-08-25 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-15 13:50] 2009-08-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 13:51] 2009-08-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-10 13:51] 2009-08-25 c:\windows\Tasks\User_Feed_Synchronization-{2958714F-C4A5-4623-B88B-A8A30EFE3942}.job - c:\windows\system32\msfeedssync.exe [2009-08-14 20:13] . . ------- Supplementary Scan ------- . mStart Page = hxxp://www.google.com DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab FF - ProfilePath - c:\users\jeff\AppData\Roaming\Mozilla\Firefox\Profiles\hi30mrvu.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1601.7122\npCIDetect13.dll FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll . ************************************************************************ scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: ********************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . ------------------------ Other Running Processes ------------------------ . c:\windows\System32\audiodg.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Intel\Intel Matrix Storage Manager\IAANTmon.exe c:\windows\System32\lxdccoms.exe c:\progra~1\AVG\AVG8\avgrsx.exe c:\program files\AVG\AVG8\avgcsrvx.exe c:\progra~1\AVG\AVG8\avgnsx.exe c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\windows\System32\stacsv.exe c:\program files\Sony\VAIO Event Service\VESMgr.exe c:\windows\System32\drivers\XAudio.exe c:\program files\Sony\VAIO Event Service\VESMgrSub.exe c:\windows\System32\WUDFHost.exe c:\program files\Sony\Wireless Switch Setting Utility\Switcher.exe c:\program files\Sony\VAIO Update 3\VAIOUpdt.exe c:\program files\Sony\VAIO Power Management\SPMgr.exe c:\windows\servicing\TrustedInstaller.exe c:\windows\System32\wbem\unsecapp.exe . ************************************************************************ . Completion time: 2009-08-25 10:16 - machine was rebooted ComboFix-quarantined-files.txt 2009-08-25 14:16 ComboFix2.txt 2009-08-24 03:15 ComboFix3.txt 2009-06-03 17:40 ComboFix4.txt 2009-06-03 16:11 Pre-Run: 20,500,000,768 bytes free Post-Run: 20,377,305,088 bytes free 414 --- E O F --- 2009-06-10 14:10

jv0802 View Member Profile	Aug 25 2009, 09:50 AM Post #13
Authentic Member Group: Authentic Member Posts: 28 Joined: 27-May 09 Member No.: 85,988 Operating System: windows vista	forgot the HJT log here it is ( i can access taskmgr now) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:48:47 AM, on 8/25/2009 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v8.00 (8.00.6001.18813) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe C:\Windows\RtHDVCpl.exe C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe C:\Windows\System32\rundll32.exe C:\Program Files\Sony\ISB Utility\ISBMgr.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Windows\System32\rundll32.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Windows\WindowsMobile\wmdSync.exe C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\AVG\AVG8\avgtray.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\ehome\ehtray.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrobat_sl.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Stardock\ObjectDock\ObjectDock.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\taskeng.exe C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\SearchFilterHost.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [VAIOSecurity] "C:\Program Files\Sony\VAIO Security Center\VSC.exe" 1 O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [NvSvc] "RUNDLL32.EXE" C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Microsoft Works Update Detection] "C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [AppMon Utility] "C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe" @@@Start O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_13.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\npjpi160_13.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} (VaioInfo.CMClass) - http://esupport.sony.com/VaioInfo.CAB O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - http://mediaplayer.walmart.com/installer/install.cab O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/...tiveXPlugin.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DownloadManager Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.1.6.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Google Update Service (gupdate1c9e9d28843f9d0) (gupdate1c9e9d28843f9d0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\Image Converter 3\IcVzMonLauncher.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 3\IcVzMon.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: lxdcCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdcserv.exe O23 - Service: lxdc_device - - C:\Windows\system32\lxdccoms.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: QuickBooks Database Manager Service (QBCFMonitorService) - - C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe O23 - Service: Macrium Reflect Image Mounting Service (ReflectService) - Unknown owner - C:\Program Files\Macrium\Reflect\ReflectService.exe O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\stacsv.exe O23 - Service: Sukoku Service - Unknown owner - C:\ProgramData\Sukoku\sukoku113.exe (file missing) O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 15734 bytes

LDTate View Member Profile	Aug 25 2009, 03:01 PM Post #14
Forum God Group: Root Admin Posts: 48,278 Joined: 23-September 04 From: Missouri, USA Member No.: 15,276	Good job The following will implement some cleanup procedures as well as reset System Restore points: Click START then RUN Now type Combofix /u in the runbox and click OK. Note the space between the X and the U, it needs to be there. To be on the safe side, I would also change all my passwords. Here's my usual all clean post Log looks good Make your Internet Explorer more secure - This can be done by following these simple instructions: From within Internet Explorer click on the Tools menu and then click on Options. Click once on the Security tab Click once on the Internet icon so it becomes highlighted. Click once on the Custom Level button. Change the Download signed ActiveX controls to Prompt Change the Download unsigned ActiveX controls to Disable Change the Initialize and script ActiveX controls not marked as safe to Disable Change the Installation of desktop items to Prompt Change the Launching programs and files in an IFRAME to Prompt Change the Navigate sub-frames across different domains to Prompt When all these settings have been made, click on the OK button. If it prompts you as to whether or not you want to save the settings, press the Yes button. Next press the Apply button and then the OK to exit the Internet Properties page. Update your AntiVirus Software - It is imperative that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out. Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly. Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates. Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released. Only run one Anti-Virus and Firewall program. I would suggest you read How to Prevent Malware:

LDTate View Member Profile	Aug 28 2009, 05:38 PM Post #15
Forum God Group: Root Admin Posts: 48,278 Joined: 23-September 04 From: Missouri, USA Member No.: 15,276	Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance. If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread. Everyone else please begin a New Topic.

« Next Oldest · Infections Removal · Next Newest »

Closed Topic

Start new topic

Similar Topics

Similar Topics

Similar Topics

		Topic Title	Replies	Topic Starter	Views	Last Action
		Infections Removal [Resolved] Google redirect (via Firefox) 12	18	notaguru	161	Today, 01:41 PM Last post by: SweetTech
		Infections Removal [Resolved] Antivirus XP 2010 VIRUS 12	16	stacks	568	Yesterday, 09:25 PM Last post by: CatByte
		Infections Removal [Resolved] Advanced Browser Hijack	13	Demos30	536	Yesterday, 09:24 AM Last post by: jpshortstuff
		Infections Removal [Resolved] Infection? 12	22	michael1071	469	Yesterday, 06:07 AM Last post by: Tomk

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Time is now: 14th March 2010 - 02:53 PM

Advertisements do not imply our endorsement of that product or service. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk.
Member site: Alliance of Security Analysis Professionals | UNITE Against Malware
Memory Forums | Auto Repair Forum
© Geeks to Go, Inc. | All Rights Reserved | Privacy Policy

Powered By IP.Board © 2010 IPS, Inc.