Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Security Alert Pop-up


  • This topic is locked This topic is locked
13 replies to this topic

#1 clicketybob

clicketybob

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:50 PM

Posted 31 August 2008 - 06:23 PM

There's my hijackthis log I got rid of most of these pop-ups and viruses with malwarebytes I can't seem to get rid of the others so can someone look at this and tell me if anything is wrong and if so how to fix it. And is it safe to enter any of my passwords for forums or other online activities. They seem to vary from window security fake pop-ups. Also I think I may have a trojan horse problem due to the fact that antivirus8 and antispyware2008 somehow uploaded on to my computer from a .zip file from the internet. Thank You for your future help

trojan-spy.win32.agent
trojan-spy.win32.greenscreen
trojan-spy.HTML.bankfraud.dq
trojan-clicker.win32.tiny.h
trojan-spy.win32.keylogger.aa



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:20:02 PM, on 8/31/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\ProgramData\xojupopi\helsnuzk.exe
C:\ProgramData\actdscapp\zepmfkts.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html?Ch...DTP&M=T5062
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch...DTP&M=T5062
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch...DTP&M=T5062
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (file missing)
O2 - BHO: Scour Toolbar - {A057A204-BACC-4D26-9A9E-3AF287E2699B} - C:\PROGRA~1\SCOURT~1\SCOURT~1.DLL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\google\BAE.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Scour Toolbar - {A057A204-BACC-4D26-9A9E-3AF287E2699B} - C:\PROGRA~1\SCOURT~1\SCOURT~1.DLL (file missing)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray
O4 - HKLM\..\Run: [BigFix] c:\program files\Bigfix\bigfix.exe /atstartup
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1184964185\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [Dell AIO Printer A920] "C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe"
O4 - HKLM\..\Run: [AceGain LiveUpdate] C:\Program Files\AceGain\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKLM\..\RunOnce: [*Restore] C:\Windows\System32\rstrui.exe /runonce
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-995996556-1816073739-136882781-1001\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe (User 'Others')
O4 - HKUS\S-1-5-21-995996556-1816073739-136882781-1001\..\Run: [SrvDscAdm] C:\ProgramData\SrvDscAdm\xwpmdyva.exe (User 'Others')
O4 - HKUS\S-1-5-21-995996556-1816073739-136882781-1001\..\Run: [1haDbr1KmD] C:\ProgramData\xojupopi\helsnuzk.exe (User 'Others')
O4 - HKUS\S-1-5-21-995996556-1816073739-136882781-1001\..\Run: [actdscapp] C:\ProgramData\actdscapp\zepmfkts.exe (User 'Others')
O4 - HKUS\S-1-5-21-995996556-1816073739-136882781-1001\..\Run: [appmsg] C:\ProgramData\appmsg\cfyxabij.exe (User 'Others')
O4 - S-1-5-21-995996556-1816073739-136882781-1001 Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Others')
O4 - S-1-5-21-995996556-1816073739-136882781-1001 User Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Others')
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/share...GamesLoader.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: dlbk_device - - C:\Windows\system32\dlbkcoms.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Services (mcmscsvc) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe (file missing)
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe (file missing)
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: McAfee Personal Firewall Service (MpfService) - Unknown owner - C:\Program Files\McAfee\MPF\MPFSrv.exe (file missing)
O23 - Service: McAfee SpamKiller Service (MSK80Service) - Unknown owner - C:\Program Files\McAfee\MSK\MskSrver.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

--
End of file - 9986 bytes

Edited by clicketybob, 01 September 2008 - 01:38 AM.


BC AdBot (Login to Remove)

 


#2 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:03:50 AM

Posted 01 September 2008 - 05:00 AM

Hello Clicketybob and welcome to BleepingComputer,

1. * Clean your Cache and Cookies in IE:
  • Close all instances of Outlook Express and Internet Explorer
  • Go to Control Panel > Internet Options > General tab
  • Under Browsing History, click Delete.
  • Click Delete Files, Delete cookies and Delete history
  • Click Close below.
* Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):
  • Go to Tools > Options.
  • Click Privacy in the menu..
  • Click the Clear now button below.. A new window will popup what to clear.
  • Select all and click the Clear button again.
  • Click OK to close the Options window
* Clean other Temporary files + Recycle bin
  • Go to start > run and type: cleanmgr and click ok.
  • Let it scan your system for files to remove.
  • Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.
  • Press OK to remove them.
2. Please visit this webpage for instructions for downloading and running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please ensure you read this guide carefully and install the Recovery Console first (not for Windows Vista users !).
The Windows Recovery Console will allow you to boot up into a special recovery mode, in case your computer has a problem after an attempted removal of malware. This allows us to help you. (WinXP SP3 users, please download the appropriate SP2 file, Home or Pro, to install the RC)

In the event you already have Combofix, and you're notified a more current version is available, please download the latest version as described in the tutorial.
It must be saved directly to your desktop.


Note: Make sure not to click ComboFix's window while it's running. That may cause it to stall or freeze.

Please post the log from ComboFix (can also be found as C:\ComboFix.txt) in your next reply. :thumbsup:

If you have any questions along the way, STOP and ask them before proceeding !!

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#3 clicketybob

clicketybob
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:50 PM

Posted 01 September 2008 - 01:46 PM

Okay here is my ComboFix log that you requested. Thank You for the help so far. Also as stated in my first post am I able to log into sites or forums or is it better to wait until my computer is completely clean?




ComboFix 08-08-31.01 - ccity 09/01/2008 14:26:42.1 - NTFSx86
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6000.0.1252.1.1033.18.242 [GMT -4:00]
Running from: C:\Users\Others\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Users\ccity\AppData\Roaming\macromedia\Flash Player\#SharedObjects\RJFM5EL6\interclick.com
C:\Users\ccity\AppData\Roaming\macromedia\Flash Player\#SharedObjects\RJFM5EL6\interclick.com\ud.sol
C:\Users\ccity\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com
C:\Users\ccity\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol
C:\Users\Others\AppData\Roaming\macromedia\Flash Player\#SharedObjects\3VYJ326C\bin.clearspring.com
C:\Users\Others\AppData\Roaming\macromedia\Flash Player\#SharedObjects\3VYJ326C\bin.clearspring.com\clearspring.sol
C:\Users\Others\AppData\Roaming\macromedia\Flash Player\#SharedObjects\3VYJ326C\interclick.com
C:\Users\Others\AppData\Roaming\macromedia\Flash Player\#SharedObjects\3VYJ326C\interclick.com\ud.sol
C:\Users\Others\AppData\Roaming\macromedia\Flash Player\#SharedObjects\3VYJ326C\static.youku.com
C:\Users\Others\AppData\Roaming\macromedia\Flash Player\#SharedObjects\3VYJ326C\static.youku.com\v1.0.0233\v\swf\qplayer.swf\youku.sol
C:\Users\Others\AppData\Roaming\macromedia\Flash Player\#SharedObjects\3VYJ326C\static.youku.com\v1.0.0270\v\swf\qplayer.swf\qplayer.sol
C:\Users\Others\AppData\Roaming\macromedia\Flash Player\#SharedObjects\3VYJ326C\static.youku.com\v1.0.0290\v\swf\qplayer.swf\qplayer.sol
C:\Users\Others\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bin.clearspring.com
C:\Users\Others\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bin.clearspring.com\settings.sol
C:\Users\Others\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com
C:\Users\Others\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol
C:\Users\Others\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static.youku.com
C:\Users\Others\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static.youku.com\settings.sol
C:\Windows\Downloaded Program Files\setup.inf
C:\Windows\qmdispatch.dll
D:\Autorun.inf
D:\RECYCLER\autorun.inf
D:\RECYCLER\desktop.ini
D:\RECYCLER\Folder.htt
D:\RECYCLER\info.exe
D:\RECYCLER\protect.ed
D:\RECYCLER\warning.bmp

.
((((((((((((((((((((((((( Files Created from 2008-08-01 to 2008-09-01 )))))))))))))))))))))))))))))))
.

2008-09-01 07:45 . 2008-09-01 07:45 <DIR> d-------- C:\Users\All Users\MsgChk
2008-09-01 07:45 . 2008-09-01 10:01 <DIR> d-------- C:\Users\All Users\CmdMonSmart
2008-09-01 07:45 . 2008-09-01 07:45 <DIR> d-------- C:\ProgramData\MsgChk
2008-09-01 07:45 . 2008-09-01 10:01 <DIR> d-------- C:\ProgramData\CmdMonSmart
2008-08-31 19:44 . 2008-08-31 19:44 <DIR> d-------- C:\Users\All Users\UtilSrv
2008-08-31 19:44 . 2008-08-31 20:09 <DIR> d-------- C:\Users\All Users\ActInfoMsg
2008-08-31 19:44 . 2008-08-31 19:44 <DIR> d-------- C:\ProgramData\UtilSrv
2008-08-31 19:44 . 2008-08-31 20:09 <DIR> d-------- C:\ProgramData\ActInfoMsg
2008-08-31 19:12 . 2008-08-31 19:12 <DIR> d-------- C:\Program Files\Trend Micro
2008-08-31 18:40 . 2008-08-31 21:28 <DIR> d-------- C:\Users\All Users\shsrv
2008-08-31 18:40 . 2008-08-31 18:40 <DIR> d-------- C:\Users\All Users\appmsg
2008-08-31 18:40 . 2008-08-31 21:28 <DIR> d-------- C:\ProgramData\shsrv
2008-08-31 18:40 . 2008-08-31 18:40 <DIR> d-------- C:\ProgramData\appmsg
2008-08-31 17:33 . 2008-08-31 18:09 <DIR> d-------- C:\Users\All Users\dbmonsh
2008-08-31 17:33 . 2008-08-31 17:33 <DIR> d-------- C:\Users\All Users\actdscapp
2008-08-31 17:33 . 2008-08-31 18:09 <DIR> d-------- C:\ProgramData\dbmonsh
2008-08-31 17:33 . 2008-08-31 17:33 <DIR> d-------- C:\ProgramData\actdscapp
2008-08-31 16:45 . 2008-08-31 16:45 <DIR> d-------- C:\Users\Others\AppData\Roaming\Malwarebytes
2008-08-31 16:33 . 2008-08-31 16:33 <DIR> d-------- C:\Users\ccity\AppData\Roaming\Malwarebytes
2008-08-31 16:33 . 2008-08-31 16:33 <DIR> d-------- C:\Users\All Users\Malwarebytes
2008-08-31 16:33 . 2008-08-31 16:33 <DIR> d-------- C:\ProgramData\Malwarebytes
2008-08-31 16:33 . 2008-08-31 16:33 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-31 16:33 . 2008-08-17 15:01 38,472 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
2008-08-31 16:33 . 2008-08-17 15:01 17,144 --a------ C:\Windows\System32\drivers\mbam.sys
2008-08-30 17:35 . 2008-09-01 10:01 <DIR> d--h----- C:\$AVG8.VAULT$
2008-08-30 17:29 . 2008-09-01 08:10 <DIR> d-------- C:\Windows\System32\drivers\Avg
2008-08-30 17:29 . 2008-08-31 10:39 97,928 --a------ C:\Windows\System32\drivers\avgldx86.sys
2008-08-30 17:29 . 2008-08-30 17:29 69,128 --a------ C:\Windows\System32\drivers\avgwfpx.sys
2008-08-30 17:29 . 2008-08-30 17:29 10,520 --a------ C:\Windows\System32\avgrsstx.dll
2008-08-30 17:29 . 2008-08-30 17:29 10,520 --a------ C:\Windows\System32\avgrsstx(300).dll
2008-08-30 17:28 . 2008-08-30 17:28 <DIR> d-------- C:\Users\All Users\avg8
2008-08-30 17:28 . 2008-08-30 17:28 <DIR> d-------- C:\ProgramData\avg8
2008-08-30 17:28 . 2008-08-30 17:28 <DIR> d-------- C:\Program Files\AVG
2008-08-30 17:00 . 2008-08-31 10:24 <DIR> d-------- C:\Users\All Users\xojupopi
2008-08-30 17:00 . 2008-08-30 19:15 <DIR> d-------- C:\Users\All Users\SysDbSrv
2008-08-30 17:00 . 2008-08-31 10:24 <DIR> d-------- C:\Users\All Users\SrvDscAdm
2008-08-30 17:00 . 2008-08-31 10:24 <DIR> d-------- C:\ProgramData\xojupopi
2008-08-30 17:00 . 2008-08-30 19:15 <DIR> d-------- C:\ProgramData\SysDbSrv
2008-08-30 17:00 . 2008-08-31 10:24 <DIR> d-------- C:\ProgramData\SrvDscAdm
2008-08-26 14:29 . 2008-07-19 01:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
2008-08-26 14:29 . 2008-07-18 23:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll
2008-08-26 14:29 . 2008-07-19 01:10 53,448 --a------ C:\Windows\System32\wuauclt.exe
2008-08-26 14:29 . 2008-07-19 01:10 45,768 --a------ C:\Windows\System32\wups2.dll
2008-08-26 14:28 . 2008-07-19 01:09 563,912 --a------ C:\Windows\System32\wuapi.dll
2008-08-26 14:28 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll
2008-08-26 14:28 . 2008-07-18 23:44 83,456 --a------ C:\Windows\System32\wudriver.dll
2008-08-26 14:28 . 2008-07-19 01:10 36,552 --a------ C:\Windows\System32\wups.dll
2008-08-26 14:28 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe
2008-08-24 15:11 . 2008-08-31 10:23 <DIR> d-------- C:\Program Files\Shockwave.com
2008-08-24 15:05 . 2008-08-31 10:23 <DIR> d-------- C:\Program Files\Nick Arcade
2008-08-17 03:05 . 2008-07-15 19:48 2,048 --a------ C:\Windows\System32\tzres.dll
2008-08-16 14:00 . 2008-04-10 01:01 737,792 --a------ C:\Windows\System32\inetcomm.dll
2008-08-16 14:00 . 2008-04-09 22:43 84,480 --a------ C:\Windows\System32\INETRES.dll
2008-08-05 13:36 . 2008-08-31 10:22 <DIR> d-------- C:\Program Files\Common Files\Adobe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-31 14:24 --------- d-----w C:\Program Files\McAfee(839)
2008-08-31 14:23 --------- d-----w C:\Program Files\McAfee.com
2008-08-31 14:23 --------- d-----w C:\Program Files\McAfee(81)
2008-08-31 14:23 --------- d-----w C:\Program Files\Google
2008-08-31 14:23 --------- d-----w C:\Program Files\Common Files\McAfee
2008-08-31 14:21 --------- d-----w C:\Program Files\Windows Sidebar
2008-08-31 14:21 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-08-31 14:21 --------- d-----w C:\Program Files\Windows Mail
2008-08-31 14:21 --------- d-----w C:\Program Files\Windows Journal
2008-08-31 14:21 --------- d-----w C:\Program Files\Windows Defender
2008-08-31 14:21 --------- d-----w C:\Program Files\Windows Collaboration
2008-08-31 14:21 --------- d-----w C:\Program Files\Windows Calendar
2008-08-31 14:21 --------- d-----w C:\Program Files\Reference Assemblies
2008-08-31 14:21 --------- d-----w C:\Program Files\MSBuild
2008-08-31 14:21 --------- d-----w C:\Program Files\Microsoft Games
2008-08-31 14:21 --------- d-----w C:\Program Files\Common Files\New Boundary
2008-08-30 21:57 --------- d-----w C:\Program Files\scourtoolbar
2008-08-18 00:32 --------- d-----w C:\Users\Others\AppData\Roaming\Azureus
2008-08-17 15:41 --------- d-----w C:\Users\Others\AppData\Roaming\LimeWireTurbo
2008-08-17 07:08 --------- d-----w C:\ProgramData\Microsoft Help
2008-08-05 19:27 --------- d-----w C:\Users\Others\AppData\Roaming\SiteAdvisor
2008-07-28 14:22 --------- d-----w C:\Program Files\P2P_Energy
2008-07-28 14:22 --------- d-----w C:\Program Files\Conduit
2008-07-28 14:21 2,560 ----a-w C:\Windows\_MSRSTRT.EXE
2008-07-28 14:18 --------- d-----w C:\Users\ccity\AppData\Roaming\scourtoolbar
2008-07-17 20:46 --------- d-----w C:\Users\ccity\AppData\Roaming\LimeWireTurbo
2008-07-17 19:08 --------- d-----w C:\Program Files\LimeWireTurbo
2008-07-09 07:10 174 --sha-w C:\Program Files\desktop.ini
2008-07-06 05:35 --------- d-----w C:\Program Files\WIDI 3.3 Pro
2008-06-27 03:54 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-06-27 03:54 826,368 ----a-w C:\Windows\System32\wininet(524).dll
2008-06-27 03:54 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-06-27 03:54 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-06-27 03:54 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-06-27 03:54 1,159,680 ----a-w C:\Windows\System32\urlmon(503).dll
2008-06-26 00:34 7,964,672 ----a-w C:\Windows\System32\NlsLexicons0024.dll
2008-06-26 00:33 9,892,864 ----a-w C:\Windows\System32\NlsLexicons000a.dll
2008-06-19 03:25 61,440 ----a-w C:\Windows\System32\winipsec.dll
2008-06-19 03:25 361,984 ----a-w C:\Windows\System32\IPSECSVC.DLL
2008-06-19 03:25 28,672 ----a-w C:\Windows\System32\FwRemoteSvr.dll
2008-06-19 03:25 272,896 ----a-w C:\Windows\System32\polstore.dll
2008-06-12 06:54 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-06-12 06:54 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-06-12 01:21 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2007-11-18 15:42 0 ----a-w C:\Users\Others\AppData\Roaming\wklnhst.dat
2008-03-06 21:24 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-03-06 21:24 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-03-06 21:24 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 08:36 201728]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03 152872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-04-06 02:21 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-04-06 02:21 8429568]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-04-06 02:21 81920]
"BigFix"="c:\program files\Bigfix\bigfix.exe" [2006-11-16 19:04 2348584]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" [2007-02-08 22:39 36904]
"AceGain LiveUpdate"="C:\Program Files\AceGain\LiveUpdate\LiveUpdate.exe" [2003-12-31 21:12 417792]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 23:33 582992]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-08-31 10:39 1235736]
"RtHDVCpl"="RtHDVCpl.exe" [2007-01-18 02:46 4349952 C:\Windows\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="C:\Windows\SMINST\launcher.exe" [2007-04-17 17:52 40072]

C:\Users\Others\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 04:45:42 101784]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
BigFix.lnk - C:\Program Files\BigFix\bigfix.exe [2007-05-11 10:16:36 2348584]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"LogonHoursAction"= 2 (0x2)
"DontDisplayLogonHoursWarnings"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.clmp3enc"= C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM
"msacm.divxa32"= divxa32.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{15B65E72-2D15-4E53-ACF2-0EE2086F55B3}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{71D41C8B-2402-4E92-B2DE-8BAD51C0F5ED}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{27CC8D00-751C-45A5-A30E-42C01A6AD144}"= Profile=Private|Profile=Public|C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
"{3D3EA83E-BA0F-4A09-9CB5-E3D0C0DD3CBE}"= UDP:C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:AOL Connectivity Service Dialer
"{6F9A2C68-2EA5-4ED5-8A27-2ACAA7EBCC40}"= TCP:C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:AOL Connectivity Service Dialer
"{8E89455F-8479-444A-ACBB-45FF60E4C368}"= UDP:C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:AOL Connectivity Service
"{35CB5A93-2BF5-46D7-878E-D7008C6663EB}"= TCP:C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:AOL Connectivity Service
"{25EA6C08-E05D-4C23-8BC0-7BBC285D74DE}"= UDP:C:\Windows\System32\dlbkcoms.exe:AIO Printer A920 Server
"{EE1B8587-8CDF-4CE9-B873-D2E246D757B7}"= TCP:C:\Windows\System32\dlbkcoms.exe:AIO Printer A920 Server
"{2F564F07-2209-43AB-A682-0EA6B0C66317}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{E27E7D15-06EA-4D3C-A415-9547299C0453}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{E097024E-6F25-4396-A520-6ADAF2F37C2B}"= C:\Program Files\AVG\AVG8\avgemc.exe:avgemc.exe
"{519ABD1B-E8E3-4C92-959D-0E244B06C130}"= C:\Program Files\AVG\AVG8\avgupd.exe:avgupd.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\Windows\system32\Drivers\avgldx86.sys [2008-08-31 10:39]
R2 avg8emc;AVG Free8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-08-31 10:39]
R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-31 10:39]
R2 dlbk_device;dlbk_device;C:\Windows\system32\dlbkcoms.exe [2007-06-25 21:17]
R3 AvgWfpX;AVG Free8 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfpx.sys [2008-08-30 17:29]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\system32\drivers\mbamswissarmy.sys [2008-08-17 15:01]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-01-09 13:00]
S3 GameConsoleService;GameConsoleService;C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe [2008-05-05 18:25]
S3 NETw2v32;Intel® PRO/Wireless 2200BG Network Connection Driver for Windows Vista;C:\Windows\system32\DRIVERS\NETw2v32.sys [2006-11-02 03:30]

*Newly Created Service* - CATCHME
*Newly Created Service* - MBAMSWISSARMY
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -

BHO-{A057A204-BACC-4D26-9A9E-3AF287E2699B} - C:\PROGRA~1\SCOURT~1\SCOURT~1.DLL
Toolbar-{A057A204-BACC-4D26-9A9E-3AF287E2699B} - C:\PROGRA~1\SCOURT~1\SCOURT~1.DLL
WebBrowser-{A057A204-BACC-4D26-9A9E-3AF287E2699B} - C:\PROGRA~1\SCOURT~1\SCOURT~1.DLL
HKLM-Run-NapsterShell - C:\Program Files\Napster\napster.exe
HKLM-Run-HostManager - C:\Program Files\Common Files\AOL\1184964185\ee\AOLSoftware.exe
HKLM-Run-Dell AIO Printer A920 - C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\ccity\AppData\Roaming\Mozilla\Firefox\Profiles\yvgdin9a.default\
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-01 14:30:37
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-09-01 14:32:25
ComboFix-quarantined-files.txt 2008-09-01 18:32:22

Pre-Run: 83,907,121,152 bytes free
Post-Run: 83,976,413,184 bytes free

247 --- E O F --- 2008-08-31 14:44:45

Edited by clicketybob, 01 September 2008 - 01:47 PM.


#4 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:03:50 AM

Posted 01 September 2008 - 04:16 PM

Hello Clicketybob,

Please hold off on surfing the net as long as your system isn't clean. :thumbsup:

Let's clean up some more :

Open Notepad - don't use any other texteditor than Notepad or the script will fail !
Copy/paste the bold, blue text below into an empty notepad window:File::
C:\Windows\_MSRSTRT.EXE
Folder::
C:\Users\All Users\MsgChk
C:\Users\All Users\CmdMonSmart
C:\ProgramData\MsgChk
C:\ProgramData\CmdMonSmart
C:\Users\All Users\UtilSrv
C:\Users\All Users\ActInfoMsg
C:\ProgramData\UtilSrv
C:\ProgramData\ActInfoMsg
C:\Users\All Users\shsrv
C:\Users\All Users\appmsg
C:\ProgramData\shsrv
C:\ProgramData\appmsg
C:\Users\All Users\dbmonsh
C:\Users\All Users\actdscapp
C:\ProgramData\dbmonsh
C:\ProgramData\actdscapp
C:\Users\All Users\xojupopi
C:\Users\All Users\SysDbSrv
C:\Users\All Users\SrvDscAdm
C:\ProgramData\xojupopi
C:\ProgramData\SysDbSrv
C:\ProgramData\SrvDscAdm
C:\Program Files\P2P_Energy
C:\Program Files\Conduit
C:\Users\ccity\AppData\Roaming\scourtoolbar

Save this as txtfile CFScript

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

Posted Image

This will start ComboFix again. Upon reboot, (in case it asks to reboot), post the contents of the Combofix log in your next reply, as well as a fresh HijackThislog.

Are you still having problems ?

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#5 clicketybob

clicketybob
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:50 PM

Posted 01 September 2008 - 07:31 PM

Here is my new ComboFix log below:


ComboFix 08-09-01.01 - ccity 09/01/2008 20:14:25.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.311 [GMT -4:00]
Running from: C:\Users\Others\Desktop\ComboFix.exe
Command switches used :: C:\Users\Others\Desktop\CFScript.txt
* Created a new restore point

FILE ::
C:\Windows\_MSRSTRT.EXE
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Conduit
C:\Program Files\P2P_Energy
C:\ProgramData\actdscapp
C:\ProgramData\actdscapp\zepmfkts.exe
C:\ProgramData\ActInfoMsg
C:\ProgramData\appmsg
C:\ProgramData\appmsg\cfyxabij.exe
C:\ProgramData\CmdMonSmart
C:\ProgramData\dbmonsh
C:\ProgramData\MsgChk
C:\ProgramData\MsgChk\wdgpgxkt.exe
C:\ProgramData\shsrv
C:\ProgramData\SrvDscAdm
C:\ProgramData\SrvDscAdm\xwpmdyva.exe
C:\ProgramData\SysDbSrv
C:\ProgramData\UtilSrv
C:\ProgramData\UtilSrv\wputatwx.exe
C:\ProgramData\xojupopi
C:\ProgramData\xojupopi\helsnuzk.exe
C:\Users\All Users\actdscapp\zepmfkts.exe
C:\Users\All Users\appmsg\cfyxabij.exe
C:\Users\All Users\MsgChk\wdgpgxkt.exe
C:\Users\All Users\SrvDscAdm\xwpmdyva.exe
C:\Users\All Users\UtilSrv\wputatwx.exe
C:\Users\All Users\xojupopi\helsnuzk.exe
C:\Users\ccity\AppData\Roaming\scourtoolbar
C:\Users\ccity\AppData\Roaming\scourtoolbar\highlight.bmp
C:\Users\ccity\AppData\Roaming\scourtoolbar\logo.bmp
C:\Users\ccity\AppData\Roaming\scourtoolbar\popup_off.bmp
C:\Users\ccity\AppData\Roaming\scourtoolbar\popup_on.bmp
C:\Users\ccity\AppData\Roaming\scourtoolbar\popup_ona.bmp
C:\Users\ccity\AppData\Roaming\scourtoolbar\slider.bmp
C:\Windows\_MSRSTRT.EXE

.
((((((((((((((((((((((((( Files Created from 2008-08-02 to 2008-09-02 )))))))))))))))))))))))))))))))
.

2008-09-01 14:42 . 2008-09-01 14:42 <DIR> d-------- C:\Users\All Users\SetAct
2008-09-01 14:42 . 2008-09-01 14:42 <DIR> d-------- C:\Users\All Users\procmntgen
2008-09-01 14:42 . 2008-09-01 14:42 <DIR> d-------- C:\ProgramData\SetAct
2008-09-01 14:42 . 2008-09-01 14:42 <DIR> d-------- C:\ProgramData\procmntgen
2008-08-31 19:12 . 2008-08-31 19:12 <DIR> d-------- C:\Program Files\Trend Micro
2008-08-31 16:45 . 2008-08-31 16:45 <DIR> d-------- C:\Users\Others\AppData\Roaming\Malwarebytes
2008-08-31 16:33 . 2008-08-31 16:33 <DIR> d-------- C:\Users\ccity\AppData\Roaming\Malwarebytes
2008-08-31 16:33 . 2008-08-31 16:33 <DIR> d-------- C:\Users\All Users\Malwarebytes
2008-08-31 16:33 . 2008-08-31 16:33 <DIR> d-------- C:\ProgramData\Malwarebytes
2008-08-31 16:33 . 2008-08-31 16:33 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-31 16:33 . 2008-08-17 15:01 38,472 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
2008-08-31 16:33 . 2008-08-17 15:01 17,144 --a------ C:\Windows\System32\drivers\mbam.sys
2008-08-30 17:35 . 2008-09-01 14:42 <DIR> d--h----- C:\$AVG8.VAULT$
2008-08-30 17:29 . 2008-09-01 08:10 <DIR> d-------- C:\Windows\System32\drivers\Avg
2008-08-30 17:29 . 2008-08-31 10:39 97,928 --a------ C:\Windows\System32\drivers\avgldx86.sys
2008-08-30 17:29 . 2008-08-30 17:29 69,128 --a------ C:\Windows\System32\drivers\avgwfpx.sys
2008-08-30 17:29 . 2008-08-30 17:29 10,520 --a------ C:\Windows\System32\avgrsstx.dll
2008-08-30 17:29 . 2008-08-30 17:29 10,520 --a------ C:\Windows\System32\avgrsstx(300).dll
2008-08-30 17:28 . 2008-08-30 17:28 <DIR> d-------- C:\Users\All Users\avg8
2008-08-30 17:28 . 2008-08-30 17:28 <DIR> d-------- C:\ProgramData\avg8
2008-08-30 17:28 . 2008-08-30 17:28 <DIR> d-------- C:\Program Files\AVG
2008-08-26 14:29 . 2008-07-19 01:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
2008-08-26 14:29 . 2008-07-18 23:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll
2008-08-26 14:29 . 2008-07-19 01:10 53,448 --a------ C:\Windows\System32\wuauclt.exe
2008-08-26 14:29 . 2008-07-19 01:10 45,768 --a------ C:\Windows\System32\wups2.dll
2008-08-26 14:28 . 2008-07-19 01:09 563,912 --a------ C:\Windows\System32\wuapi.dll
2008-08-26 14:28 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll
2008-08-26 14:28 . 2008-07-18 23:44 83,456 --a------ C:\Windows\System32\wudriver.dll
2008-08-26 14:28 . 2008-07-19 01:10 36,552 --a------ C:\Windows\System32\wups.dll
2008-08-26 14:28 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe
2008-08-24 15:11 . 2008-08-31 10:23 <DIR> d-------- C:\Program Files\Shockwave.com
2008-08-24 15:05 . 2008-08-31 10:23 <DIR> d-------- C:\Program Files\Nick Arcade
2008-08-17 03:05 . 2008-07-15 19:48 2,048 --a------ C:\Windows\System32\tzres.dll
2008-08-16 14:00 . 2008-04-10 01:01 737,792 --a------ C:\Windows\System32\inetcomm.dll
2008-08-16 14:00 . 2008-04-09 22:43 84,480 --a------ C:\Windows\System32\INETRES.dll
2008-08-05 13:36 . 2008-08-31 10:22 <DIR> d-------- C:\Program Files\Common Files\Adobe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-31 14:24 --------- d-----w C:\Program Files\McAfee(839)
2008-08-31 14:23 --------- d-----w C:\Program Files\McAfee.com
2008-08-31 14:23 --------- d-----w C:\Program Files\McAfee(81)
2008-08-31 14:23 --------- d-----w C:\Program Files\Google
2008-08-31 14:23 --------- d-----w C:\Program Files\Common Files\McAfee
2008-08-31 14:21 --------- d-----w C:\Program Files\Windows Sidebar
2008-08-31 14:21 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-08-31 14:21 --------- d-----w C:\Program Files\Windows Mail
2008-08-31 14:21 --------- d-----w C:\Program Files\Windows Journal
2008-08-31 14:21 --------- d-----w C:\Program Files\Windows Defender
2008-08-31 14:21 --------- d-----w C:\Program Files\Windows Collaboration
2008-08-31 14:21 --------- d-----w C:\Program Files\Windows Calendar
2008-08-31 14:21 --------- d-----w C:\Program Files\Reference Assemblies
2008-08-31 14:21 --------- d-----w C:\Program Files\MSBuild
2008-08-31 14:21 --------- d-----w C:\Program Files\Microsoft Games
2008-08-31 14:21 --------- d-----w C:\Program Files\Common Files\New Boundary
2008-08-30 21:57 --------- d-----w C:\Program Files\scourtoolbar
2008-08-18 00:32 --------- d-----w C:\Users\Others\AppData\Roaming\Azureus
2008-08-17 15:41 --------- d-----w C:\Users\Others\AppData\Roaming\LimeWireTurbo
2008-08-17 07:08 --------- d-----w C:\ProgramData\Microsoft Help
2008-08-05 19:27 --------- d-----w C:\Users\Others\AppData\Roaming\SiteAdvisor
2008-07-17 20:46 --------- d-----w C:\Users\ccity\AppData\Roaming\LimeWireTurbo
2008-07-17 19:08 --------- d-----w C:\Program Files\LimeWireTurbo
2008-07-09 07:10 174 --sha-w C:\Program Files\desktop.ini
2008-07-06 05:35 --------- d-----w C:\Program Files\WIDI 3.3 Pro
2008-06-27 03:54 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-06-27 03:54 826,368 ----a-w C:\Windows\System32\wininet(524).dll
2008-06-27 03:54 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-06-27 03:54 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-06-27 03:54 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-06-27 03:54 1,159,680 ----a-w C:\Windows\System32\urlmon(503).dll
2008-06-26 00:34 7,964,672 ----a-w C:\Windows\System32\NlsLexicons0024.dll
2008-06-26 00:33 9,892,864 ----a-w C:\Windows\System32\NlsLexicons000a.dll
2008-06-19 03:25 61,440 ----a-w C:\Windows\System32\winipsec.dll
2008-06-19 03:25 361,984 ----a-w C:\Windows\System32\IPSECSVC.DLL
2008-06-19 03:25 28,672 ----a-w C:\Windows\System32\FwRemoteSvr.dll
2008-06-19 03:25 272,896 ----a-w C:\Windows\System32\polstore.dll
2008-06-12 06:54 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-06-12 06:54 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-06-12 01:21 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2007-11-18 15:42 0 ----a-w C:\Users\Others\AppData\Roaming\wklnhst.dat
2008-03-06 21:24 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-03-06 21:24 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-03-06 21:24 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

((((((((((((((((((((((((((((( snapshot@2008-09-01_14.31.32.01 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-08-31 23:43:42 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-09-01 18:41:10 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2008-08-31 23:43:42 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2008-09-01 18:41:10 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-08-31 23:45:29 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat
+ 2008-09-01 18:42:58 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat
+ 2008-09-01 18:42:58 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2008-08-31 23:45:24 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2008-09-01 18:42:53 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2008-09-01 18:42:53 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2008-09-01 18:26:34 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-09-02 00:14:14 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
- 2008-08-31 23:45:48 12,296 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-995996556-1816073739-136882781-1001_UserData.bin
+ 2008-09-01 18:43:13 12,438 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-995996556-1816073739-136882781-1001_UserData.bin
- 2008-08-31 23:45:48 64,392 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-09-01 18:43:12 64,592 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 08:36 201728]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03 152872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-04-06 02:21 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-04-06 02:21 8429568]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-04-06 02:21 81920]
"BigFix"="c:\program files\Bigfix\bigfix.exe" [2006-11-16 19:04 2348584]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" [2007-02-08 22:39 36904]
"AceGain LiveUpdate"="C:\Program Files\AceGain\LiveUpdate\LiveUpdate.exe" [2003-12-31 21:12 417792]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 23:33 582992]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-08-31 10:39 1235736]
"RtHDVCpl"="RtHDVCpl.exe" [2007-01-18 02:46 4349952 C:\Windows\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="C:\Windows\SMINST\launcher.exe" [2007-04-17 17:52 40072]

C:\Users\Others\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 04:45:42 101784]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
BigFix.lnk - C:\Program Files\BigFix\bigfix.exe [2007-05-11 10:16:36 2348584]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"LogonHoursAction"= 2 (0x2)
"DontDisplayLogonHoursWarnings"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.clmp3enc"= C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM
"msacm.divxa32"= divxa32.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{15B65E72-2D15-4E53-ACF2-0EE2086F55B3}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{71D41C8B-2402-4E92-B2DE-8BAD51C0F5ED}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{27CC8D00-751C-45A5-A30E-42C01A6AD144}"= Profile=Private|Profile=Public|C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
"{3D3EA83E-BA0F-4A09-9CB5-E3D0C0DD3CBE}"= UDP:C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:AOL Connectivity Service Dialer
"{6F9A2C68-2EA5-4ED5-8A27-2ACAA7EBCC40}"= TCP:C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:AOL Connectivity Service Dialer
"{8E89455F-8479-444A-ACBB-45FF60E4C368}"= UDP:C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:AOL Connectivity Service
"{35CB5A93-2BF5-46D7-878E-D7008C6663EB}"= TCP:C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:AOL Connectivity Service
"{25EA6C08-E05D-4C23-8BC0-7BBC285D74DE}"= UDP:C:\Windows\System32\dlbkcoms.exe:AIO Printer A920 Server
"{EE1B8587-8CDF-4CE9-B873-D2E246D757B7}"= TCP:C:\Windows\System32\dlbkcoms.exe:AIO Printer A920 Server
"{2F564F07-2209-43AB-A682-0EA6B0C66317}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{E27E7D15-06EA-4D3C-A415-9547299C0453}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{E097024E-6F25-4396-A520-6ADAF2F37C2B}"= C:\Program Files\AVG\AVG8\avgemc.exe:avgemc.exe
"{519ABD1B-E8E3-4C92-959D-0E244B06C130}"= C:\Program Files\AVG\AVG8\avgupd.exe:avgupd.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\Windows\system32\Drivers\avgldx86.sys [2008-08-31 10:39]
R2 avg8emc;AVG Free8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-08-31 10:39]
R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-31 10:39]
R2 dlbk_device;dlbk_device;C:\Windows\system32\dlbkcoms.exe [2007-06-25 21:17]
R3 AvgWfpX;AVG Free8 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfpx.sys [2008-08-30 17:29]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-01-09 13:00]
S3 GameConsoleService;GameConsoleService;C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe [2008-05-05 18:25]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\system32\drivers\mbamswissarmy.sys [2008-08-17 15:01]
S3 NETw2v32;Intel® PRO/Wireless 2200BG Network Connection Driver for Windows Vista;C:\Windows\system32\DRIVERS\NETw2v32.sys [2006-11-02 03:30]
.
Contents of the 'Scheduled Tasks' folder
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-01 20:19:16
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-09-01 20:21:30
ComboFix-quarantined-files.txt 2008-09-02 00:21:27
ComboFix2.txt 2008-09-01 18:32:26

Pre-Run: 83,393,064,960 bytes free
Post-Run: 83,364,470,784 bytes free

239 --- E O F --- 2008-08-31 14:44:45

#6 clicketybob

clicketybob
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:50 PM

Posted 01 September 2008 - 07:33 PM

And here is my new hijackthis log you requested:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:32:22 PM, on 9/1/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch...DTP&M=T5062
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\google\BAE.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [BigFix] c:\program files\Bigfix\bigfix.exe /atstartup
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [AceGain LiveUpdate] C:\Program Files\AceGain\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-995996556-1816073739-136882781-1001\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe (User 'Others')
O4 - HKUS\S-1-5-21-995996556-1816073739-136882781-1001\..\Run: [SrvDscAdm] C:\ProgramData\SrvDscAdm\xwpmdyva.exe (User 'Others')
O4 - HKUS\S-1-5-21-995996556-1816073739-136882781-1001\..\Run: [1haDbr1KmD] C:\ProgramData\xojupopi\helsnuzk.exe (User 'Others')
O4 - HKUS\S-1-5-21-995996556-1816073739-136882781-1001\..\Run: [actdscapp] C:\ProgramData\actdscapp\zepmfkts.exe (User 'Others')
O4 - HKUS\S-1-5-21-995996556-1816073739-136882781-1001\..\Run: [appmsg] C:\ProgramData\appmsg\cfyxabij.exe (User 'Others')
O4 - HKUS\S-1-5-21-995996556-1816073739-136882781-1001\..\Run: [UtilSrv] C:\ProgramData\UtilSrv\wputatwx.exe (User 'Others')
O4 - HKUS\S-1-5-21-995996556-1816073739-136882781-1001\..\Run: [MsgChk] C:\ProgramData\MsgChk\wdgpgxkt.exe (User 'Others')
O4 - HKUS\S-1-5-21-995996556-1816073739-136882781-1001\..\Run: [SetAct] C:\ProgramData\SetAct\lgvodgrq.exe (User 'Others')
O4 - S-1-5-21-995996556-1816073739-136882781-1001 Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Others')
O4 - S-1-5-21-995996556-1816073739-136882781-1001 User Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Others')
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/share...GamesLoader.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: dlbk_device - - C:\Windows\system32\dlbkcoms.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Services (mcmscsvc) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe (file missing)
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe (file missing)
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: McAfee Personal Firewall Service (MpfService) - Unknown owner - C:\Program Files\McAfee\MPF\MPFSrv.exe (file missing)
O23 - Service: McAfee SpamKiller Service (MSK80Service) - Unknown owner - C:\Program Files\McAfee\MSK\MskSrver.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

--
End of file - 9233 bytes

#7 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:03:50 AM

Posted 02 September 2008 - 07:55 AM

Hello Clicketybob,

We're not quite there yet. :thumbsup:

Let's clean up some more :

Open Notepad - don't use any other texteditor than Notepad or the script will fail !
Copy/paste the bold, blue text below into an empty notepad window:Folder::
C:\Users\All Users\SetAct
C:\Users\All Users\procmntgen
C:\ProgramData\SetAct
C:\ProgramData\procmntgen
DirLook::
C:\Program Files\McAfee(839)
C:\Program Files\McAfee(81)

Save this as txtfile CFScript

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

Posted Image

This will start ComboFix again. Upon reboot, (in case it asks to reboot), post the contents of the Combofix log in your next reply, as well as a fresh HijackThislog.

Are you still having problems ?

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#8 clicketybob

clicketybob
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:50 PM

Posted 02 September 2008 - 02:33 PM

Your first post stated to ask questions if I had any before proceeding and I have one. The last time I used ComboFix.exe and I used the script you made it reboot the computer afterwards and the ComboFix icon disappeared from the desktop and is no longer there should I uninstall it and then reinstall it?

Edit: I just looked and my AVG Free detected it as potentially harmful and put it in its virus vault and I took it out of it

Edited by clicketybob, 02 September 2008 - 02:42 PM.


#9 clicketybob

clicketybob
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:50 PM

Posted 02 September 2008 - 03:00 PM

Here is my ComboFix log:


ComboFix 08-09-01.01 - ccity 09/02/2008 15:47:02.3 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.250 [GMT -4:00]
Running from: C:\Users\Others\Desktop\ComboFix.exe
Command switches used :: C:\Users\Others\Desktop\CFScript.txt
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\ProgramData\procmntgen
C:\ProgramData\SetAct
C:\ProgramData\SetAct\lgvodgrq.exe
C:\Users\All Users\SetAct\lgvodgrq.exe

.
((((((((((((((((((((((((( Files Created from 2008-08-02 to 2008-09-02 )))))))))))))))))))))))))))))))
.

2008-08-31 19:12 . 2008-08-31 19:12 <DIR> d-------- C:\Program Files\Trend Micro
2008-08-31 16:45 . 2008-08-31 16:45 <DIR> d-------- C:\Users\Others\AppData\Roaming\Malwarebytes
2008-08-31 16:33 . 2008-08-31 16:33 <DIR> d-------- C:\Users\ccity\AppData\Roaming\Malwarebytes
2008-08-31 16:33 . 2008-08-31 16:33 <DIR> d-------- C:\Users\All Users\Malwarebytes
2008-08-31 16:33 . 2008-08-31 16:33 <DIR> d-------- C:\ProgramData\Malwarebytes
2008-08-31 16:33 . 2008-08-31 16:33 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-31 16:33 . 2008-08-17 15:01 38,472 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
2008-08-31 16:33 . 2008-08-17 15:01 17,144 --a------ C:\Windows\System32\drivers\mbam.sys
2008-08-30 17:35 . 2008-09-02 15:40 <DIR> d--h----- C:\$AVG8.VAULT$
2008-08-30 17:29 . 2008-09-02 09:58 <DIR> d-------- C:\Windows\System32\drivers\Avg
2008-08-30 17:29 . 2008-08-31 10:39 97,928 --a------ C:\Windows\System32\drivers\avgldx86.sys
2008-08-30 17:29 . 2008-08-30 17:29 69,128 --a------ C:\Windows\System32\drivers\avgwfpx.sys
2008-08-30 17:29 . 2008-08-30 17:29 10,520 --a------ C:\Windows\System32\avgrsstx.dll
2008-08-30 17:29 . 2008-08-30 17:29 10,520 --a------ C:\Windows\System32\avgrsstx(300).dll
2008-08-30 17:28 . 2008-08-30 17:28 <DIR> d-------- C:\Users\All Users\avg8
2008-08-30 17:28 . 2008-08-30 17:28 <DIR> d-------- C:\ProgramData\avg8
2008-08-30 17:28 . 2008-08-30 17:28 <DIR> d-------- C:\Program Files\AVG
2008-08-26 14:29 . 2008-07-19 01:09 1,811,656 --a------ C:\Windows\System32\wuaueng.dll
2008-08-26 14:29 . 2008-07-18 23:44 1,524,736 --a------ C:\Windows\System32\wucltux.dll
2008-08-26 14:29 . 2008-07-19 01:10 53,448 --a------ C:\Windows\System32\wuauclt.exe
2008-08-26 14:29 . 2008-07-19 01:10 45,768 --a------ C:\Windows\System32\wups2.dll
2008-08-26 14:28 . 2008-07-19 01:09 563,912 --a------ C:\Windows\System32\wuapi.dll
2008-08-26 14:28 . 2008-07-18 22:08 163,904 --a------ C:\Windows\System32\wuwebv.dll
2008-08-26 14:28 . 2008-07-18 23:44 83,456 --a------ C:\Windows\System32\wudriver.dll
2008-08-26 14:28 . 2008-07-19 01:10 36,552 --a------ C:\Windows\System32\wups.dll
2008-08-26 14:28 . 2008-07-18 20:44 31,232 --a------ C:\Windows\System32\wuapp.exe
2008-08-24 15:11 . 2008-08-31 10:23 <DIR> d-------- C:\Program Files\Shockwave.com
2008-08-24 15:05 . 2008-08-31 10:23 <DIR> d-------- C:\Program Files\Nick Arcade
2008-08-17 03:05 . 2008-07-15 19:48 2,048 --a------ C:\Windows\System32\tzres.dll
2008-08-16 14:00 . 2008-04-10 01:01 737,792 --a------ C:\Windows\System32\inetcomm.dll
2008-08-16 14:00 . 2008-04-09 22:43 84,480 --a------ C:\Windows\System32\INETRES.dll
2008-08-05 13:36 . 2008-08-31 10:22 <DIR> d-------- C:\Program Files\Common Files\Adobe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-31 14:24 --------- d-----w C:\Program Files\McAfee(839)
2008-08-31 14:23 --------- d-----w C:\Program Files\McAfee.com
2008-08-31 14:23 --------- d-----w C:\Program Files\McAfee(81)
2008-08-31 14:23 --------- d-----w C:\Program Files\Google
2008-08-31 14:23 --------- d-----w C:\Program Files\Common Files\McAfee
2008-08-31 14:21 --------- d-----w C:\Program Files\Windows Sidebar
2008-08-31 14:21 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-08-31 14:21 --------- d-----w C:\Program Files\Windows Mail
2008-08-31 14:21 --------- d-----w C:\Program Files\Windows Journal
2008-08-31 14:21 --------- d-----w C:\Program Files\Windows Defender
2008-08-31 14:21 --------- d-----w C:\Program Files\Windows Collaboration
2008-08-31 14:21 --------- d-----w C:\Program Files\Windows Calendar
2008-08-31 14:21 --------- d-----w C:\Program Files\Reference Assemblies
2008-08-31 14:21 --------- d-----w C:\Program Files\MSBuild
2008-08-31 14:21 --------- d-----w C:\Program Files\Microsoft Games
2008-08-31 14:21 --------- d-----w C:\Program Files\Common Files\New Boundary
2008-08-30 21:57 --------- d-----w C:\Program Files\scourtoolbar
2008-08-18 00:32 --------- d-----w C:\Users\Others\AppData\Roaming\Azureus
2008-08-17 15:41 --------- d-----w C:\Users\Others\AppData\Roaming\LimeWireTurbo
2008-08-17 07:08 --------- d-----w C:\ProgramData\Microsoft Help
2008-08-05 19:27 --------- d-----w C:\Users\Others\AppData\Roaming\SiteAdvisor
2008-07-17 20:46 --------- d-----w C:\Users\ccity\AppData\Roaming\LimeWireTurbo
2008-07-17 19:08 --------- d-----w C:\Program Files\LimeWireTurbo
2008-07-09 07:10 174 --sha-w C:\Program Files\desktop.ini
2008-07-06 05:35 --------- d-----w C:\Program Files\WIDI 3.3 Pro
2008-06-27 03:54 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-06-27 03:54 826,368 ----a-w C:\Windows\System32\wininet(524).dll
2008-06-27 03:54 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-06-27 03:54 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-06-27 03:54 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-06-27 03:54 1,159,680 ----a-w C:\Windows\System32\urlmon(503).dll
2008-06-26 00:34 7,964,672 ----a-w C:\Windows\System32\NlsLexicons0024.dll
2008-06-26 00:33 9,892,864 ----a-w C:\Windows\System32\NlsLexicons000a.dll
2008-06-19 03:25 61,440 ----a-w C:\Windows\System32\winipsec.dll
2008-06-19 03:25 361,984 ----a-w C:\Windows\System32\IPSECSVC.DLL
2008-06-19 03:25 28,672 ----a-w C:\Windows\System32\FwRemoteSvr.dll
2008-06-19 03:25 272,896 ----a-w C:\Windows\System32\polstore.dll
2008-06-12 06:54 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-06-12 06:54 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-06-12 01:21 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2007-11-18 15:42 0 ----a-w C:\Users\Others\AppData\Roaming\wklnhst.dat
2008-03-06 21:24 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-03-06 21:24 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-03-06 21:24 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

---- Directory of C:\Program Files\McAfee(81) ----

2008-08-31 03:09 265 -rahs---- C:\Program Files\McAfee(81)\MQC(85)\qcconf.bak
2008-08-31 03:09 20487 -rahs---- C:\Program Files\McAfee(81)\MQC(85)\MRU.bak
2008-04-09 10:18 76768 --a------ C:\Program Files\McAfee(81)\MSC(86)\mscinres.dll
2008-04-09 10:18 690648 --a------ C:\Program Files\McAfee(81)\MSC(86)\mccobres.dll
2008-04-09 10:18 64408 --a------ C:\Program Files\McAfee(81)\MSC(86)\mclocres.dll
2008-04-09 10:18 633016 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcshlui.dll
2008-04-09 10:18 5020 --a------ C:\Program Files\McAfee(81)\MSC(86)\mscmain.inf
2008-04-09 10:18 2451 --a------ C:\Program Files\McAfee(81)\MSC(86)\subst.inf
2008-04-09 09:06 3529 --a------ C:\Program Files\McAfee(81)\MSC(86)\mscpost.inf
2008-03-03 11:40 361048 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcmscins.dll
2008-02-23 16:32 1333 --a------ C:\Program Files\McAfee(81)\MSC(86)\mscoobe.inf
2008-01-18 07:25 1027 --a------ C:\Program Files\McAfee(81)\MSC(86)\NMC\nmcsubst.inf
2008-01-18 07:24 80888 --a------ C:\Program Files\McAfee(81)\MSC(86)\McNmcUI.dll
2008-01-18 07:24 16568 --a------ C:\Program Files\McAfee(81)\MSC(86)\McNmcLoR.dll
2008-01-18 07:24 1623 --a------ C:\Program Files\McAfee(81)\MSC(86)\nmcins.inf
2008-01-18 07:24 14520 --a------ C:\Program Files\McAfee(81)\MSC(86)\McNmcCoR.dll
2008-01-18 07:24 12770 --a------ C:\Program Files\McAfee(81)\MSC(86)\nmcuicfg.dat
2008-01-18 07:21 637088 --a------ C:\Program Files\McAfee(81)\MSC(86)\McNmcCnt.dll
2008-01-18 07:21 385768 --a------ C:\Program Files\McAfee(81)\MSC(86)\McNmcPrv.dll
2008-01-18 07:21 248856 --a------ C:\Program Files\McAfee(81)\MSC(86)\McNmcIns.dll
2008-01-18 07:21 150928 --a------ C:\Program Files\McAfee(81)\MSC(86)\McNmcRes.dll
2008-01-18 07:21 1185048 --a------ C:\Program Files\McAfee(81)\MSC(86)\McNmcSrv.dll
2008-01-10 19:13 670048 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcuninst.exe
2008-01-09 16:50 767976 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcmscsvc.exe
2008-01-09 16:50 758712 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcuihost.exe
2008-01-09 16:50 752448 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcupdmgr.exe
2007-12-28 13:34 265000 --a------ C:\Program Files\McAfee(81)\MSC(86)\mispreg.exe
2007-12-14 08:17 66848 --a------ C:\Program Files\McAfee(81)\MSC(86)\McNmcCPS.dll
2007-12-06 15:10 431952 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcmismgr.dll
2007-12-06 13:38 300352 --a------ C:\Program Files\McAfee(81)\MSC(86)\McUpdUtl.exe
2007-12-04 13:37 75040 --a------ C:\Program Files\McAfee(81)\MQC(85)\QcRes.dll
2007-12-04 13:32 66848 --a------ C:\Program Files\McAfee(81)\MSHR(87)\ShrRes.dll
2007-12-04 13:32 591136 --a------ C:\Program Files\McAfee(81)\MQC(85)\QCMISP.dll
2007-12-04 13:32 378144 --a------ C:\Program Files\McAfee(81)\MSHR(87)\ShrMISP.dll
2007-12-04 13:32 304416 --a------ C:\Program Files\McAfee(81)\MQC(85)\QCLite.dll
2007-12-04 13:32 267552 --a------ C:\Program Files\McAfee(81)\MQC(85)\McpIns.dll
2007-12-04 13:32 222496 --a------ C:\Program Files\McAfee(81)\MQC(85)\QcConsol.exe
2007-12-04 13:32 222496 --a------ C:\Program Files\McAfee(81)\MQC(85)\McpSched.dll
2007-12-04 13:32 197920 --a------ C:\Program Files\McAfee(81)\MSHR(87)\ShrCore.dll
2007-12-04 13:32 111904 --a------ C:\Program Files\McAfee(81)\MSHR(87)\ShrCL.exe
2007-12-04 13:31 206112 --a------ C:\Program Files\McAfee(81)\MQC(85)\McpAdmin.exe
2007-11-29 14:15 556880 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcinfo.exe
2007-11-26 08:17 263 --a------ C:\Program Files\McAfee(81)\MQC(85)\qcconf.dat
2007-11-15 20:15 251216 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcsvrcnt.exe
2007-11-13 13:16 359248 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcupdui.exe
2007-11-05 17:36 320848 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcmscver.dll
2007-11-02 00:43 66848 --a------ C:\Program Files\McAfee(81)\MSC(86)\McNmcSPS.dll
2007-11-02 00:43 181536 --a------ C:\Program Files\McAfee(81)\MSC(86)\McNmcVer.dll
2007-11-01 23:32 95568 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcshllps.dll
2007-11-01 23:32 866640 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcshell.exe
2007-11-01 23:32 492880 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcsubmgr\8,1,133,0\mcsubmgr.dll
2007-11-01 23:32 357712 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcsync.exe
2007-11-01 23:32 288592 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcaltlib.dll
2007-11-01 23:31 425808 --a------ C:\Program Files\McAfee(81)\MSC(86)\mccfgpv.dll
2007-11-01 19:12 478032 --a------ C:\Program Files\McAfee(81)\MSC(86)\mclgview.exe
2007-11-01 19:12 463184 --a------ C:\Program Files\McAfee(81)\MSC(86)\mccfgmgr.dll
2007-11-01 19:12 257872 --a------ C:\Program Files\McAfee(81)\MSC(86)\McDBMgr.dll
2007-11-01 19:12 158032 --a------ C:\Program Files\McAfee(81)\MSC(86)\McLogCnt.dll
2007-10-30 17:02 550 --a------ C:\Program Files\McAfee(81)\MSC(86)\mscshll.inf
2007-09-21 16:20 9544 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\odsax.dll
2007-09-21 16:20 9032 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mvsmpres.dll
2007-09-21 16:20 62792 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\ashldres.dll
2007-09-21 16:20 570696 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\vsui.dll
2007-09-21 16:20 2178 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\subst.inf
2007-09-21 16:20 14664 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\vslogres.dll
2007-09-21 16:20 14152 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mvscpres.dll
2007-09-21 16:20 10568 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mcvspprs.dll
2007-09-21 16:20 10056 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\vscobres.dll
2007-09-21 16:19 3241 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mvsmain.inf
2007-09-21 15:46 2014 --a------ C:\Program Files\McAfee(81)\MPS(84)\subst.inf
2007-09-21 15:45 455968 --a------ C:\Program Files\McAfee(81)\MPS(84)\mpsres.dll
2007-09-21 15:45 1684 --a------ C:\Program Files\McAfee(81)\MPS(84)\mpsres.inf
2007-09-21 15:44 3067 --a------ C:\Program Files\McAfee(81)\MPS(84)\mps10.inf
2007-09-21 15:44 2815 --a------ C:\Program Files\McAfee(81)\MPS(84)\mpsmain.inf
2007-09-21 15:09 193864 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mcvsoins.dll
2007-09-21 15:09 111944 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mvsmp.dll
2007-09-21 14:27 464160 --a------ C:\Program Files\McAfee(81)\MPS(84)\mpscfg.dll
2007-09-21 11:15 5132 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mvspost.inf
2007-09-19 11:42 11380 --a------ C:\Program Files\McAfee(81)\MSHR(87)\Readme.txt
2007-09-19 11:41 11361 --a------ C:\Program Files\McAfee(81)\MQC(85)\Readme.txt
2007-09-19 10:35 12762 --a------ C:\Program Files\McAfee(81)\MSC(86)\NMC\readme.txt
2007-08-30 16:15 630560 --a------ C:\Program Files\McAfee(81)\MPS(84)\mps.dll
2007-08-30 16:15 399136 --a------ C:\Program Files\McAfee(81)\MPS(84)\MPSMisp.dll
2007-08-30 16:15 292128 --a------ C:\Program Files\McAfee(81)\MPS(84)\mpsevh.dll
2007-08-30 16:15 259360 --a------ C:\Program Files\McAfee(81)\MPS(84)\mpspii.dll
2007-08-30 16:15 230688 --a------ C:\Program Files\McAfee(81)\MPS(84)\mpspc.dll
2007-08-30 16:15 214304 --a------ C:\Program Files\McAfee(81)\MPS(84)\mpspv.dll
2007-08-30 16:15 181536 --a------ C:\Program Files\McAfee(81)\MPS(84)\MpsAlert.exe
2007-08-30 16:15 172320 --a------ C:\Program Files\McAfee(81)\MPS(84)\checkmps.dll
2007-08-30 16:15 144160 --a------ C:\Program Files\McAfee(81)\MPS(84)\mpsver.dll
2007-08-30 16:15 136480 --a------ C:\Program Files\McAfee(81)\MPS(84)\mctgrid.dll
2007-08-24 05:00 424776 --a------ C:\Program Files\McAfee(81)\MSK\MskSet.dll
2007-08-24 05:00 23880 --a------ C:\Program Files\McAfee(81)\MSK\msksrver.exe
2007-08-24 05:00 198472 --a------ C:\Program Files\McAfee(81)\MSK\mskwm.dll
2007-08-24 05:00 134984 --a------ C:\Program Files\McAfee(81)\MSK\mskengn.dll
2007-08-24 05:00 120136 --a------ C:\Program Files\McAfee(81)\MSK\mskxaif.dll
2007-08-15 14:04 1953 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mvsmisp.inf
2007-08-08 02:52 468344 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\sysmondt.dll
2007-08-03 19:42 10043 --a------ C:\Program Files\McAfee(81)\MSC(86)\mscrem.inf
2007-07-25 04:28 14624 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\esplgres.dll
2007-07-25 04:28 10528 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\vscfgw32.dll
2007-07-25 03:16 9032 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mvsdeflt.dll
2007-07-25 03:16 378184 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mcods.exe
2007-07-25 03:16 275784 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mvslog.dll
2007-07-25 03:16 271688 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mcqtax.dll
2007-07-25 03:16 22856 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mcodsps.dll
2007-07-25 03:16 185672 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mvsap.dll
2007-07-25 03:16 169288 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mvscp.dll
2007-07-25 03:16 165192 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mcctxmnu.dll
2007-07-25 03:15 361800 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mcvsshld.exe
2007-07-25 03:15 210248 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mcodsax.dll
2007-07-25 03:15 202056 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\McVsPP.dll
2007-07-25 02:42 451912 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mvsscan.dll
2007-07-25 02:42 300360 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\naiann.dll
2007-07-25 02:42 24392 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\naiannps.dll
2007-07-25 02:42 202056 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mcqtlib.dll
2007-07-25 02:42 173384 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mcvsps.dll
2007-07-25 02:41 695624 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mcsysmon.exe
2007-07-25 02:41 460104 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\EscnPlug.dll
2007-07-25 02:41 324936 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mvscfg.dll
2007-07-25 02:41 259400 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mcvsmap.exe
2007-07-25 02:41 218440 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\MvsVista.exe
2007-07-25 02:41 206152 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mvsver.dll
2007-07-25 02:41 185672 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mcvsqt.dll
2007-07-25 02:41 181576 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mcinsupd.exe
2007-07-25 02:41 181576 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mcavtsub.dll
2007-07-25 02:41 161096 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\subavt.dll
2007-07-25 02:41 152904 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\annscrp.dll
2007-07-25 02:41 140616 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\preinst.exe
2007-07-24 13:02 99648 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mytilus3_server.dll
2007-07-24 13:02 66880 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\scriptsn.dll
2007-07-24 13:02 66880 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mytilus3.dll
2007-07-24 13:02 58688 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mfebopa.dll
2007-07-24 13:02 58688 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mfeavfa.dll
2007-07-24 13:02 40768 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\ftl.dll
2007-07-24 13:02 33800 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mferkdk.sys
2007-07-24 13:02 33088 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mfehidin.exe
2007-07-24 13:02 251200 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mytilus3_worker.dll
2007-07-24 13:02 24896 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\lockdown.dll
2007-07-24 13:02 24384 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\Res00\McShield.dll
2007-07-24 13:02 19264 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mferkda.dll
2007-07-24 13:02 18752 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mfehida.dll
2007-07-24 13:02 17728 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\EntSrv.dll
2007-07-24 13:02 17216 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mfesmfa.dll
2007-07-24 13:02 144704 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\Mcshield.exe
2007-07-24 13:01 263488 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\NAIEvent.dll
2007-07-24 08:40 79304 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mfeavfk.sys
2007-07-24 08:40 10668 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mfeavfk.cat
2007-07-21 11:53 2706 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\oasdrv.inf
2007-07-21 10:08 725 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mfesmfk.inf
2007-07-21 10:08 725 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mfehidk.inf
2007-07-21 10:08 725 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mfebopk.inf
2007-07-21 10:08 725 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mfeavfk.inf
2007-07-21 10:08 40488 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mfesmfk.sys
2007-07-21 10:08 35240 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mfebopk.sys
2007-07-21 10:08 201288 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mfehidk.sys
2007-07-21 10:08 10668 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mfesmfk.cat
2007-07-21 10:08 10668 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mfehidk.cat
2007-07-21 10:08 10668 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mfebopk.cat
2007-07-19 10:34 849 --a------ C:\Program Files\McAfee(81)\MSC(86)\msclcres.inf
2007-07-18 18:07 214304 --a------ C:\Program Files\McAfee(81)\MPF(83)\L10N.dll
2007-07-18 18:07 2020 --a------ C:\Program Files\McAfee(81)\MPF(83)\subst.inf
2007-07-18 18:06 3002 --a------ C:\Program Files\McAfee(81)\MPF(83)\mpfmain.inf
2007-07-18 18:06 1482 --a------ C:\Program Files\McAfee(81)\MPF(83)\mpfcore.inf
2007-07-18 16:54 856864 --a------ C:\Program Files\McAfee(81)\MPF(83)\MpfSrv.exe
2007-07-18 16:54 730400 --a------ C:\Program Files\McAfee(81)\MPF(83)\MC\MPFP.dll
2007-07-18 16:54 56096 --a------ C:\Program Files\McAfee(81)\MPF(83)\MC\MPFPPS.dll
2007-07-18 16:54 49440 --a------ C:\Program Files\McAfee(81)\MPF(83)\MC\MpfAltPS.dll
2007-07-18 16:54 484128 --a------ C:\Program Files\McAfee(81)\MPF(83)\MC\MpfAlert.exe
2007-07-18 16:54 308512 --a------ C:\Program Files\McAfee(81)\MPF(83)\MC\MPFOEM.dll
2007-07-18 16:54 1047328 --a------ C:\Program Files\McAfee(81)\MPF(83)\MC\MpfMISP.dll
2007-07-13 08:15 435024 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcdemenu.dll
2007-07-13 08:14 80720 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcres.dll
2007-07-13 08:14 592720 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcmnumgr.dll
2007-07-13 08:14 492880 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcsubmgr\8,0,226,0\mcsubmgr.dll
2007-07-13 08:14 329040 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcprotpv.dll
2007-07-13 08:14 317776 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcprtcnt.dll
2007-07-13 08:14 300368 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcregobj\8,0,226,0\mcregobj.dll
2007-07-13 08:14 265040 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcuimgr.exe
2007-07-13 08:14 240976 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcprohlp.dll
2007-07-13 08:14 168272 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcmispps.dll
2007-07-13 08:14 116048 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcuicfg.dll
2007-07-13 04:11 672 --a------ C:\Program Files\McAfee(81)\MSC(86)\nmcclnt.inf
2007-07-13 04:11 648 --a------ C:\Program Files\McAfee(81)\MSC(86)\nmcsrv.inf
2007-07-12 06:58 2590 --a------ C:\Program Files\McAfee(81)\MQC(85)\mcqc.inf
2007-07-12 06:58 1268 --a------ C:\Program Files\McAfee(81)\MSHR(87)\mcshr.inf
2007-07-11 11:12 28453 --a------ C:\Program Files\McAfee(81)\MSC(86)\Help\mqc.chm
2007-07-11 11:12 20025 --a------ C:\Program Files\McAfee(81)\MSC(86)\Help\shr.chm
2007-07-11 10:02 47255 --a------ C:\Program Files\McAfee(81)\MSC(86)\Help\nmc.chm
2007-07-10 17:47 97367 --a------ C:\Program Files\McAfee(81)\MPS(84)\uninst.ini
2007-07-09 06:20 2724006 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\Engine\5200.2160\mcscan32.dll
2007-07-07 14:55 1190 --a------ C:\Program Files\McAfee(81)\MSC(86)\mscprmgr.inf
2007-07-07 13:52 1348 --a------ C:\Program Files\McAfee(81)\MSC(86)\mscupd.inf
2007-07-05 00:46 668 --a------ C:\Program Files\McAfee(81)\MSC(86)\nmcpost.inf
2007-07-03 18:11 11289 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\oasbin.inf
2007-07-02 16:47 7788 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mvsdeflt.inf
2007-06-25 15:38 5162 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcltvers.ini
2007-06-22 15:11 148864 --a------ C:\Program Files\McAfee(81)\MPS(84)\Uninst.dll
2007-06-18 11:15 3229 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mvsctls.inf
2007-06-13 19:40 2170 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\vistareg.ini
2007-06-13 12:33 1247 --a------ C:\Program Files\McAfee(81)\MPS(84)\mpsmisp.inf
2007-06-11 07:37 2857 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\vsmain.inf
2007-06-11 07:37 1482 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\oem.inf
2007-06-08 15:38 633 --a------ C:\Program Files\McAfee(81)\MPS(84)\mpscnfg.inf
2007-06-08 12:04 1318 --a------ C:\Program Files\McAfee(81)\MPF(83)\mpfmisp.inf
2007-06-07 14:38 2392 --a------ C:\Program Files\McAfee(81)\MSC(86)\mscsvc.inf
2007-06-04 14:48 3393 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\vspost2.inf
2007-06-04 14:48 3389 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\vspost.inf
2007-06-01 13:33 2376 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mispreg.ini
2007-05-30 09:05 4726 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\vso.inf
2007-05-22 16:38 175 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\updunreg.ini
2007-05-04 22:34 2028 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mvsres.inf
2007-05-04 16:52 663552 --a------ C:\Program Files\McAfee(81)\MPS(84)\IAImageReader.dll
2007-05-04 16:52 543232 --a------ C:\Program Files\McAfee(81)\MPS(84)\IAEngine.dll
2007-05-03 12:15 622 --a------ C:\Program Files\McAfee(81)\MPS(84)\keywords.inf
2007-04-02 02:53 558656 --a------ C:\Program Files\McAfee(81)\MSC(86)\oem\365-9\mccobres.dll
2007-04-02 02:53 421 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSC\en-US\365-9\mscoem.inf
2007-04-02 02:52 421 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSC\en-US\365-14\mscoem.inf
2007-04-02 02:51 421 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSC\en-US\365-13\mscoem.inf
2007-04-02 02:49 421 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSC\en-US\365-12\mscoem.inf
2007-04-02 02:48 421 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSC\en-US\365-11\mscoem.inf
2007-04-02 02:46 421 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSC\en-US\365-10\mscoem.inf
2007-04-02 02:44 452 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MBK\en-US\365-9\mbkoem.inf
2007-04-02 02:44 448 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-9\vsooem.inf
2007-04-02 02:44 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-9\vsous.inf
2007-04-02 02:44 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-9\vsoub.inf
2007-04-02 02:44 340 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\{e9793a47-5106-476d-bf76-534c9a4f0f1d}\en-US\regurl.inf
2007-04-02 02:43 454 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-9\mpsoem.inf
2007-04-02 02:43 449 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-9\mskoem.inf
2007-04-02 02:43 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-9\vsofs.inf
2007-04-02 02:43 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-9\mskus.inf
2007-04-02 02:43 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-9\mskub.inf
2007-04-02 02:43 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-9\mskfs.inf
2007-04-02 02:43 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-9\mpsus.inf
2007-04-02 02:43 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-9\mpsub.inf
2007-04-02 02:43 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-9\mpsfs.inf
2007-04-02 02:38 456 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-9\mpfoem.inf
2007-04-02 02:38 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-9\mpfub.inf
2007-04-02 02:37 452 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MBK\en-US\365-11\mbkoem.inf
2007-04-02 02:37 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-9\mpfus.inf
2007-04-02 02:37 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-9\mpffs.inf
2007-04-02 02:36 448 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-11\vsooem.inf
2007-04-02 02:36 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-11\vsoub.inf
2007-04-02 02:12 454 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-11\mpsoem.inf
2007-04-02 02:12 449 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-11\mskoem.inf
2007-04-02 02:12 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-11\vsous.inf
2007-04-02 02:12 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-11\vsofs.inf
2007-04-02 02:12 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-11\mskus.inf
2007-04-02 02:12 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-11\mskub.inf
2007-04-02 02:12 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-11\mskfs.inf
2007-04-02 02:12 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-11\mpsub.inf
2007-04-02 02:11 456 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-11\mpfoem.inf
2007-04-02 02:11 452 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MBK\en-US\365-10\mbkoem.inf
2007-04-02 02:11 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-11\mpsus.inf
2007-04-02 02:11 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-11\mpsfs.inf
2007-04-02 02:11 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-11\mpfus.inf
2007-04-02 02:11 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-11\mpfub.inf
2007-04-02 02:11 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-11\mpffs.inf
2007-04-02 02:10 449 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-10\mskoem.inf
2007-04-02 02:10 448 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-10\vsooem.inf
2007-04-02 02:10 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-10\vsous.inf
2007-04-02 02:10 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-10\vsoub.inf
2007-04-02 02:10 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-10\vsofs.inf
2007-04-02 02:10 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-10\mskus.inf
2007-04-02 02:10 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-10\mskub.inf
2007-04-02 02:09 456 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-10\mpfoem.inf
2007-04-02 02:09 454 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-10\mpsoem.inf
2007-04-02 02:09 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-10\mskfs.inf
2007-04-02 02:09 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-10\mpsus.inf
2007-04-02 02:09 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-10\mpsub.inf
2007-04-02 02:09 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-10\mpsfs.inf
2007-04-02 02:09 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-10\mpfus.inf
2007-04-02 02:09 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-10\mpfub.inf
2007-04-02 02:09 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-10\mpffs.inf
2007-04-02 02:08 452 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MBK\en-US\365-13\mbkoem.inf
2007-04-02 02:08 448 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-13\vsooem.inf
2007-04-02 02:08 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-13\vsous.inf
2007-04-02 02:08 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-13\vsoub.inf
2007-04-02 02:08 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-13\vsofs.inf
2007-04-02 02:07 456 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-13\mpfoem.inf
2007-04-02 02:07 454 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-13\mpsoem.inf
2007-04-02 02:07 449 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-13\mskoem.inf
2007-04-02 02:07 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-13\mskus.inf
2007-04-02 02:07 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-13\mskub.inf
2007-04-02 02:07 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-13\mskfs.inf
2007-04-02 02:07 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-13\mpsus.inf
2007-04-02 02:07 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-13\mpsub.inf
2007-04-02 02:07 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-13\mpsfs.inf
2007-04-02 02:06 452 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MBK\en-US\365-12\mbkoem.inf
2007-04-02 02:06 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-13\mpfus.inf
2007-04-02 02:06 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-13\mpfub.inf
2007-04-02 02:06 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-13\mpffs.inf
2007-04-02 02:05 454 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-12\mpsoem.inf
2007-04-02 02:05 449 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-12\mskoem.inf
2007-04-02 02:05 448 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-12\vsooem.inf
2007-04-02 02:05 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-12\vsous.inf
2007-04-02 02:05 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-12\vsoub.inf
2007-04-02 02:05 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-12\vsofs.inf
2007-04-02 02:05 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-12\mskus.inf
2007-04-02 02:05 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-12\mskub.inf
2007-04-02 02:05 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-12\mskfs.inf
2007-04-02 02:04 456 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-12\mpfoem.inf
2007-04-02 02:04 452 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MBK\en-US\365-14\mbkoem.inf
2007-04-02 02:04 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-12\mpsus.inf
2007-04-02 02:04 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-12\mpsub.inf
2007-04-02 02:04 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-12\mpsfs.inf
2007-04-02 02:04 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-12\mpfus.inf
2007-04-02 02:04 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-12\mpfub.inf
2007-04-02 02:04 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-12\mpffs.inf
2007-04-02 02:03 449 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-14\mskoem.inf
2007-04-02 02:03 448 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-14\vsooem.inf
2007-04-02 02:03 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-14\vsous.inf
2007-04-02 02:03 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-14\vsoub.inf
2007-04-02 02:03 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-14\vsofs.inf
2007-04-02 02:03 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-14\mskub.inf
2007-04-02 02:02 454 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-14\mpsoem.inf
2007-04-02 02:02 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-14\mskus.inf
2007-04-02 02:02 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-14\mskfs.inf
2007-04-02 02:02 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-14\mpsus.inf
2007-04-02 02:02 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-14\mpsub.inf
2007-04-02 02:02 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-14\mpsfs.inf
2007-04-02 02:01 487 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSAD\en-US\365-9\msadrgw.inf
2007-04-02 02:01 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-9\vsorgw.inf
2007-04-02 02:01 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-9\mskrgw.inf
2007-04-02 02:01 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-9\mpsrgw.inf
2007-04-02 02:01 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-9\mpfrgw.inf
2007-04-02 02:01 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MBK\en-US\365-9\mbkrgw.inf
2007-04-02 02:01 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MBK\en-US\365-14\mbkrgw.inf
2007-04-02 02:01 456 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-14\mpfoem.inf
2007-04-02 02:01 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-14\mpfus.inf
2007-04-02 02:01 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-14\mpfub.inf
2007-04-02 02:01 445 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-14\mpffs.inf
2007-04-02 02:00 487 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSAD\en-US\365-14\msadrgw.inf
2007-04-02 02:00 487 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSAD\en-US\365-13\msadrgw.inf
2007-04-02 02:00 487 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSAD\en-US\365-12\msadrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-14\vsorgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-13\vsorgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-12\vsorgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-11\vsorgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-14\mskrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-13\mskrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-12\mskrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-11\mskrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-14\mpsrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-13\mpsrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-12\mpsrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-14\mpfrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-13\mpfrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-12\mpfrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MBK\en-US\365-13\mbkrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MBK\en-US\365-12\mbkrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MBK\en-US\365-11\mbkrgw.inf
2007-04-02 01:59 487 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSAD\en-US\365-11\msadrgw.inf
2007-04-02 01:59 487 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSAD\en-US\365-10\msadrgw.inf
2007-04-02 01:59 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\VSO\en-US\365-10\vsorgw.inf
2007-04-02 01:59 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSK\en-US\365-10\mskrgw.inf
2007-04-02 01:59 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-11\mpsrgw.inf
2007-04-02 01:59 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPS\en-US\365-10\mpsrgw.inf
2007-04-02 01:59 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-11\mpfrgw.inf
2007-04-02 01:59 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MPF\en-US\365-10\mpfrgw.inf
2007-04-02 01:59 484 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MBK\en-US\365-10\mbkrgw.inf
2007-04-02 01:59 362 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcregoem.ini
2007-04-02 01:59 173632 --a------ C:\Program Files\McAfee(81)\MSC(86)\rwoemres.dll
2007-04-02 01:58 5872 --a------ C:\Program Files\McAfee(81)\MSC(86)\oemmap.ini
2007-04-02 00:44 829 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\vsosbt.inf
2007-04-02 00:43 759 --a------ C:\Program Files\McAfee(81)\MPS(84)\mpssbt.inf
2007-04-02 00:38 761 --a------ C:\Program Files\McAfee(81)\MPF(83)\mpfsbt.inf
2007-04-01 23:53 11102 --a------ C:\Program Files\McAfee(81)\MSC(86)\oem\365-9\oemcfg.dat
2007-04-01 23:43 588 --a------ C:\Program Files\McAfee(81)\MPS(84)\mpsuc.inf
2007-04-01 23:43 2461 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\vsouc.inf
2007-04-01 23:37 588 --a------ C:\Program Files\McAfee(81)\MPF(83)\mpfuc.inf
2007-03-12 01:43 9296 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mvsoem.dll
2007-03-07 19:01 480856 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcsubmgr\7,2,147,0\mcsubmgr.dll
2007-03-06 13:50 1646 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\preinst.inf
2007-02-26 08:58 1892 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\oasres.inf
2007-02-09 00:39 1407512 --a------ C:\Program Files\McAfee(81)\MSC(86)\sasetup.exe
2007-01-20 14:20 1254952 --a------ C:\Program Files\McAfee(81)\MSC(86)\eulares.dll
2007-01-19 04:21 58936 --a------ C:\Program Files\McAfee(81)\MPS(84)\mpsuc.dll
2007-01-19 04:18 58936 --a------ C:\Program Files\McAfee(81)\MPF(83)\mpfuc.dll
2007-01-16 08:24 370216 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcoemmgr.exe
2007-01-16 08:24 271912 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcappcfg.exe
2007-01-11 17:51 169512 --a------ C:\Program Files\McAfee(81)\MSC(86)\rwcorres.dll
2007-01-11 16:15 450600 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcregist.exe
2007-01-11 16:15 333352 --a------ C:\Program Files\McAfee(81)\MSC(86)\rwcoreui.dll
2007-01-05 19:21 290392 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcregobj\7,2,142,0\mcregobj.dll
2007-01-03 13:24 490 --a------ C:\Program Files\McAfee(81)\MPS(84)\mpsdeflt.inf
2006-12-27 14:27 20485 --a------ C:\Program Files\McAfee(81)\MQC(85)\MRU.ini
2006-12-21 11:57 1178 --a------ C:\Program Files\McAfee(81)\MPF(83)\mpfloc.inf
2006-12-20 16:08 27914 -ra------ C:\Program Files\McAfee(81)\VirusScan(89)\vscan.bof
2006-12-19 16:37 1464 --a------ C:\Program Files\McAfee(81)\MPS(84)\mpspost.inf
2006-11-29 11:28 532 --a------ C:\Program Files\McAfee(81)\MSC(86)\mscdfoem.inf
2006-10-30 14:05 378 --a------ C:\Program Files\McAfee(81)\MSC(86)\rwdimens.ini
2006-09-06 10:04 405 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSAD\en-US\365-9\msadoem.inf
2006-09-06 10:04 405 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSAD\en-US\365-14\msadoem.inf
2006-09-06 10:04 405 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSAD\en-US\365-13\msadoem.inf
2006-09-06 10:04 405 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSAD\en-US\365-12\msadoem.inf
2006-09-06 10:04 405 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSAD\en-US\365-11\msadoem.inf
2006-09-06 10:04 405 --a------ C:\Program Files\McAfee(81)\MSC(86)\OemInfo\MSAD\en-US\365-10\msadoem.inf
2006-08-16 15:02 957 --a------ C:\Program Files\McAfee(81)\MSC(86)\mscmisc.inf
2006-07-18 09:13 840 --a------ C:\Program Files\McAfee(81)\MSC(86)\nmclang.inf
2006-07-18 00:31 695 --a------ C:\Program Files\McAfee(81)\MPS(84)\mpshelp.inf
2006-07-17 14:44 801 --a------ C:\Program Files\McAfee(81)\MSHR(87)\mcshrres.inf
2006-07-17 14:34 803 --a------ C:\Program Files\McAfee(81)\MQC(85)\mcqcres.inf
2006-07-12 19:42 966 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\smonres.inf
2006-07-10 07:51 748 --a------ C:\Program Files\McAfee(81)\MQC(85)\QcLog.xml
2006-07-06 18:28 1249 --a------ C:\Program Files\McAfee(81)\MPF(83)\mpfdata.inf
2006-06-12 20:25 1261 --a------ C:\Program Files\McAfee(81)\MQC(85)\mcpmain.inf
2006-06-12 14:25 644 --a------ C:\Program Files\McAfee(81)\MQC(85)\mcpins.inf
2006-06-09 10:08 728 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\mispureg.ini
2006-05-09 17:24 621 --a------ C:\Program Files\McAfee(81)\MSC(86)\nmcpre.inf
2006-04-21 00:14 567 --a------ C:\Program Files\McAfee(81)\MSC(86)\nmcoem.inf
2006-04-21 00:14 565 --a------ C:\Program Files\McAfee(81)\MSC(86)\nmcres.inf
2006-03-31 17:42 1007 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\sysmon.inf
2006-03-29 09:54 559 --a------ C:\Program Files\McAfee(81)\MSC(86)\mscuimgr.inf
2006-03-22 13:02 77 --a------ C:\Program Files\McAfee(81)\MSHR(87)\Shredder.ini
2006-02-19 14:33 508 --a------ C:\Program Files\McAfee(81)\MSC(86)\mcmispps.inf
2006-02-16 11:33 975 --a------ C:\Program Files\McAfee(81)\VirusScan(89)\vsores.inf
2006-02-14 17:23 563 --a------ C:\Program Files\McAfee(81)\MSC(86)\msccfmgr.inf
2006-02-14 14:19 467 --a------ C:\Program Files\McAfee(81)\MSC(86)\mscres.inf
2006-02-14 12:42 582 --a------ C:\Program Files\McAfee(81)\MSC(86)\mscreg.inf
2006-02-14 12:42 543 --a------ C:\Program Files\McAfee(81)\MSC(86)\mscmnmgr.inf

---- Directory of C:\Program Files\McAfee(839) ----

2008-08-30 17:03 20485 --a------ C:\Program Files\McAfee(839)\MQC(85)\MRU.ini
2008-04-09 10:18 76768 --a------ C:\Program Files\McAfee(839)\MSC(86)\mscinres.dll
2008-04-09 10:18 690648 --a------ C:\Program Files\McAfee(839)\MSC(86)\mccobres.dll
2008-04-09 10:18 64408 --a------ C:\Program Files\McAfee(839)\MSC(86)\mclocres.dll
2008-04-09 10:18 633016 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcshlui.dll
2008-04-09 10:18 5020 --a------ C:\Program Files\McAfee(839)\MSC(86)\mscmain.inf
2008-04-09 10:18 2451 --a------ C:\Program Files\McAfee(839)\MSC(86)\subst.inf
2008-04-09 09:06 3529 --a------ C:\Program Files\McAfee(839)\MSC(86)\mscpost.inf
2008-03-03 11:40 361048 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcmscins.dll
2008-02-23 16:32 1333 --a------ C:\Program Files\McAfee(839)\MSC(86)\mscoobe.inf
2008-01-18 07:25 1027 --a------ C:\Program Files\McAfee(839)\MSC(86)\NMC\nmcsubst.inf
2008-01-18 07:24 80888 --a------ C:\Program Files\McAfee(839)\MSC(86)\McNmcUI.dll
2008-01-18 07:24 16568 --a------ C:\Program Files\McAfee(839)\MSC(86)\McNmcLoR.dll
2008-01-18 07:24 1623 --a------ C:\Program Files\McAfee(839)\MSC(86)\nmcins.inf
2008-01-18 07:24 14520 --a------ C:\Program Files\McAfee(839)\MSC(86)\McNmcCoR.dll
2008-01-18 07:21 637088 --a------ C:\Program Files\McAfee(839)\MSC(86)\McNmcCnt.dll
2008-01-18 07:21 385768 --a------ C:\Program Files\McAfee(839)\MSC(86)\McNmcPrv.dll
2008-01-18 07:21 248856 --a------ C:\Program Files\McAfee(839)\MSC(86)\McNmcIns.dll
2008-01-18 07:21 150928 --a------ C:\Program Files\McAfee(839)\MSC(86)\McNmcRes.dll
2008-01-18 07:21 1185048 --a------ C:\Program Files\McAfee(839)\MSC(86)\McNmcSrv.dll
2008-01-10 19:13 670048 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcuninst.exe
2008-01-09 16:50 767976 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcmscsvc.exe
2008-01-09 16:50 758712 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcuihost.exe
2008-01-09 16:50 752448 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcupdmgr.exe
2007-12-28 13:34 265000 --a------ C:\Program Files\McAfee(839)\MSC(86)\mispreg.exe
2007-12-14 08:17 66848 --a------ C:\Program Files\McAfee(839)\MSC(86)\McNmcCPS.dll
2007-12-06 15:10 431952 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcmismgr.dll
2007-12-06 13:38 300352 --a------ C:\Program Files\McAfee(839)\MSC(86)\McUpdUtl.exe
2007-12-04 13:37 75040 --a------ C:\Program Files\McAfee(839)\MQC(85)\QcRes.dll
2007-12-04 13:32 66848 --a------ C:\Program Files\McAfee(839)\MSHR(87)\ShrRes.dll
2007-12-04 13:32 591136 --a------ C:\Program Files\McAfee(839)\MQC(85)\QCMISP.dll
2007-12-04 13:32 378144 --a------ C:\Program Files\McAfee(839)\MSHR(87)\ShrMISP.dll
2007-12-04 13:32 304416 --a------ C:\Program Files\McAfee(839)\MQC(85)\QCLite.dll
2007-12-04 13:32 267552 --a------ C:\Program Files\McAfee(839)\MQC(85)\McpIns.dll
2007-12-04 13:32 222496 --a------ C:\Program Files\McAfee(839)\MQC(85)\QcConsol.exe
2007-12-04 13:32 222496 --a------ C:\Program Files\McAfee(839)\MQC(85)\McpSched.dll
2007-12-04 13:32 197920 --a------ C:\Program Files\McAfee(839)\MSHR(87)\ShrCore.dll
2007-12-04 13:32 111904 --a------ C:\Program Files\McAfee(839)\MSHR(87)\ShrCL.exe
2007-12-04 13:31 206112 --a------ C:\Program Files\McAfee(839)\MQC(85)\McpAdmin.exe
2007-11-29 14:15 556880 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcinfo.exe
2007-11-15 20:15 251216 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcsvrcnt.exe
2007-11-13 13:16 359248 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcupdui.exe
2007-11-05 17:36 320848 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcmscver.dll
2007-11-01 23:32 95568 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcshllps.dll
2007-11-01 23:32 866640 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcshell.exe
2007-11-01 23:32 492880 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcsubmgr\8,1,133,0\mcsubmgr.dll
2007-11-01 23:32 357712 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcsync.exe
2007-11-01 23:32 288592 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcaltlib.dll
2007-11-01 23:31 425808 --a------ C:\Program Files\McAfee(839)\MSC(86)\mccfgpv.dll
2007-11-01 19:12 478032 --a------ C:\Program Files\McAfee(839)\MSC(86)\mclgview.exe
2007-11-01 19:12 463184 --a------ C:\Program Files\McAfee(839)\MSC(86)\mccfgmgr.dll
2007-11-01 19:12 257872 --a------ C:\Program Files\McAfee(839)\MSC(86)\McDBMgr.dll
2007-11-01 19:12 158032 --a------ C:\Program Files\McAfee(839)\MSC(86)\McLogCnt.dll
2007-10-30 17:02 550 --a------ C:\Program Files\McAfee(839)\MSC(86)\mscshll.inf
2007-09-21 16:20 9544 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\odsax.dll
2007-09-21 16:20 9032 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mvsmpres.dll
2007-09-21 16:20 62792 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\ashldres.dll
2007-09-21 16:20 570696 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\vsui.dll
2007-09-21 16:20 2178 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\subst.inf
2007-09-21 16:20 14664 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\vslogres.dll
2007-09-21 16:20 14152 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mvscpres.dll
2007-09-21 16:20 10568 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mcvspprs.dll
2007-09-21 16:20 10056 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\vscobres.dll
2007-09-21 16:19 3241 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mvsmain.inf
2007-09-21 15:46 2014 --a------ C:\Program Files\McAfee(839)\MPS(84)\subst.inf
2007-09-21 15:45 455968 --a------ C:\Program Files\McAfee(839)\MPS(84)\mpsres.dll
2007-09-21 15:45 1684 --a------ C:\Program Files\McAfee(839)\MPS(84)\mpsres.inf
2007-09-21 15:44 3067 --a------ C:\Program Files\McAfee(839)\MPS(84)\mps10.inf
2007-09-21 15:44 2815 --a------ C:\Program Files\McAfee(839)\MPS(84)\mpsmain.inf
2007-09-21 15:09 193864 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mcvsoins.dll
2007-09-21 15:09 111944 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mvsmp.dll
2007-09-21 14:27 464160 --a------ C:\Program Files\McAfee(839)\MPS(84)\mpscfg.dll
2007-09-21 11:15 5132 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mvspost.inf
2007-09-19 08:20 54048 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskres.dll
2007-09-19 08:20 1972 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\subst.inf
2007-09-19 07:15 329032 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mcapbho.dll
2007-08-30 16:15 630560 --a------ C:\Program Files\McAfee(839)\MPS(84)\mps.dll
2007-08-30 16:15 399136 --a------ C:\Program Files\McAfee(839)\MPS(84)\MPSMisp.dll
2007-08-30 16:15 292128 --a------ C:\Program Files\McAfee(839)\MPS(84)\mpsevh.dll
2007-08-30 16:15 259360 --a------ C:\Program Files\McAfee(839)\MPS(84)\mpspii.dll
2007-08-30 16:15 230688 --a------ C:\Program Files\McAfee(839)\MPS(84)\mpspc.dll
2007-08-30 16:15 214304 --a------ C:\Program Files\McAfee(839)\MPS(84)\mpspv.dll
2007-08-30 16:15 181536 --a------ C:\Program Files\McAfee(839)\MPS(84)\MpsAlert.exe
2007-08-30 16:15 172320 --a------ C:\Program Files\McAfee(839)\MPS(84)\checkmps.dll
2007-08-30 16:15 144160 --a------ C:\Program Files\McAfee(839)\MPS(84)\mpsver.dll
2007-08-30 16:15 136480 --a------ C:\Program Files\McAfee(839)\MPS(84)\mctgrid.dll
2007-08-29 17:06 362824 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\msktb.dll
2007-08-24 05:00 83784 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\tbirdins.dll
2007-08-24 05:00 549192 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskmisp.dll
2007-08-24 05:00 464200 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\Mskeuplg.dll
2007-08-24 05:00 444232 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskolplg.dll
2007-08-24 05:00 424776 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\MskSet.dll
2007-08-24 05:00 389960 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskgre.dll
2007-08-24 05:00 344904 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskmsf.dll
2007-08-24 05:00 23880 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\msksrver.exe
2007-08-24 05:00 212296 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskmcmn.dll
2007-08-24 05:00 198472 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskwm.dll
2007-08-24 05:00 188744 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskoeplg.dll
2007-08-24 05:00 180552 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskmb52.dll
2007-08-24 05:00 174408 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\AbImpSch.dll
2007-08-24 05:00 165704 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskmrls.dll
2007-08-24 05:00 159048 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mcabimp.dll
2007-08-24 05:00 141640 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskagent.exe
2007-08-24 05:00 134984 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskengn.dll
2007-08-24 05:00 131400 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskmuf.dll
2007-08-24 05:00 120136 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskxaif.dll
2007-08-24 05:00 119112 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskpxplg.dll
2007-08-24 05:00 117576 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskxagnt.exe
2007-08-24 05:00 115528 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskmfw.dll
2007-08-24 05:00 114504 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\McAPFilt.dll
2007-08-24 05:00 108872 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\rptspam.dll
2007-08-15 14:04 1953 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mvsmisp.inf
2007-08-08 02:52 468344 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\sysmondt.dll
2007-08-03 19:42 10043 --a------ C:\Program Files\McAfee(839)\MSC(86)\mscrem.inf
2007-07-25 04:28 14624 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\esplgres.dll
2007-07-25 04:28 10528 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\vscfgw32.dll
2007-07-25 03:16 9032 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mvsdeflt.dll
2007-07-25 03:16 378184 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mcods.exe
2007-07-25 03:16 275784 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mvslog.dll
2007-07-25 03:16 271688 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mcqtax.dll
2007-07-25 03:16 22856 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mcodsps.dll
2007-07-25 03:16 185672 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mvsap.dll
2007-07-25 03:16 169288 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mvscp.dll
2007-07-25 03:16 165192 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mcctxmnu.dll
2007-07-25 03:15 361800 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mcvsshld.exe
2007-07-25 03:15 210248 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mcodsax.dll
2007-07-25 03:15 202056 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\McVsPP.dll
2007-07-25 02:42 451912 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mvsscan.dll
2007-07-25 02:42 300360 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\naiann.dll
2007-07-25 02:42 24392 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\naiannps.dll
2007-07-25 02:42 202056 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mcqtlib.dll
2007-07-25 02:42 173384 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mcvsps.dll
2007-07-25 02:41 695624 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mcsysmon.exe
2007-07-25 02:41 460104 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\EscnPlug.dll
2007-07-25 02:41 324936 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mvscfg.dll
2007-07-25 02:41 259400 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mcvsmap.exe
2007-07-25 02:41 218440 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\MvsVista.exe
2007-07-25 02:41 206152 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mvsver.dll
2007-07-25 02:41 185672 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mcvsqt.dll
2007-07-25 02:41 181576 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mcinsupd.exe
2007-07-25 02:41 181576 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mcavtsub.dll
2007-07-25 02:41 161096 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\subavt.dll
2007-07-25 02:41 152904 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\annscrp.dll
2007-07-25 02:41 140616 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\preinst.exe
2007-07-24 13:02 99648 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mytilus3_server.dll
2007-07-24 13:02 66880 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\scriptsn.dll
2007-07-24 13:02 66880 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mytilus3.dll
2007-07-24 13:02 58688 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mfebopa.dll
2007-07-24 13:02 58688 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mfeavfa.dll
2007-07-24 13:02 40768 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\ftl.dll
2007-07-24 13:02 33800 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mferkdk.sys
2007-07-24 13:02 33088 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mfehidin.exe
2007-07-24 13:02 251200 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mytilus3_worker.dll
2007-07-24 13:02 24896 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\lockdown.dll
2007-07-24 13:02 24384 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\Res00\McShield.dll
2007-07-24 13:02 19264 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mferkda.dll
2007-07-24 13:02 18752 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mfehida.dll
2007-07-24 13:02 17728 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\EntSrv.dll
2007-07-24 13:02 17216 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mfesmfa.dll
2007-07-24 13:02 144704 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\Mcshield.exe
2007-07-24 13:01 263488 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\NAIEvent.dll
2007-07-24 08:40 79304 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mfeavfk.sys
2007-07-24 08:40 10668 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mfeavfk.cat
2007-07-21 11:53 2706 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\oasdrv.inf
2007-07-21 10:08 725 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mfesmfk.inf
2007-07-21 10:08 725 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mfehidk.inf
2007-07-21 10:08 725 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mfebopk.inf
2007-07-21 10:08 725 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mfeavfk.inf
2007-07-21 10:08 40488 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mfesmfk.sys
2007-07-21 10:08 35240 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mfebopk.sys
2007-07-21 10:08 201288 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mfehidk.sys
2007-07-21 10:08 10668 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mfesmfk.cat
2007-07-21 10:08 10668 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mfehidk.cat
2007-07-21 10:08 10668 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mfebopk.cat
2007-07-19 10:34 849 --a------ C:\Program Files\McAfee(839)\MSC(86)\msclcres.inf
2007-07-19 05:17 66848 --a------ C:\Program Files\McAfee(839)\MSC(86)\McNmcSPS.dll
2007-07-19 05:17 181536 --a------ C:\Program Files\McAfee(839)\MSC(86)\McNmcVer.dll
2007-07-18 18:07 214304 --a------ C:\Program Files\McAfee(839)\MPF(83)\L10N.dll
2007-07-18 18:07 2020 --a------ C:\Program Files\McAfee(839)\MPF(83)\subst.inf
2007-07-18 18:06 3002 --a------ C:\Program Files\McAfee(839)\MPF(83)\mpfmain.inf
2007-07-18 18:06 1482 --a------ C:\Program Files\McAfee(839)\MPF(83)\mpfcore.inf
2007-07-18 16:54 856864 --a------ C:\Program Files\McAfee(839)\MPF(83)\MpfSrv.exe
2007-07-18 16:54 730400 --a------ C:\Program Files\McAfee(839)\MPF(83)\MC\MPFP.dll
2007-07-18 16:54 56096 --a------ C:\Program Files\McAfee(839)\MPF(83)\MC\MPFPPS.dll
2007-07-18 16:54 49440 --a------ C:\Program Files\McAfee(839)\MPF(83)\MC\MpfAltPS.dll
2007-07-18 16:54 484128 --a------ C:\Program Files\McAfee(839)\MPF(83)\MC\MpfAlert.exe
2007-07-18 16:54 308512 --a------ C:\Program Files\McAfee(839)\MPF(83)\MC\MPFOEM.dll
2007-07-18 16:54 1047328 --a------ C:\Program Files\McAfee(839)\MPF(83)\MC\MpfMISP.dll
2007-07-13 08:15 435024 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcdemenu.dll
2007-07-13 08:14 80720 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcres.dll
2007-07-13 08:14 592720 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcmnumgr.dll
2007-07-13 08:14 492880 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcsubmgr\8,0,226,0\mcsubmgr.dll
2007-07-13 08:14 329040 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcprotpv.dll
2007-07-13 08:14 317776 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcprtcnt.dll
2007-07-13 08:14 300368 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcregobj\8,0,226,0\mcregobj.dll
2007-07-13 08:14 265040 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcuimgr.exe
2007-07-13 08:14 240976 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcprohlp.dll
2007-07-13 08:14 168272 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcmispps.dll
2007-07-13 08:14 116048 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcuicfg.dll
2007-07-13 04:11 672 --a------ C:\Program Files\McAfee(839)\MSC(86)\nmcclnt.inf
2007-07-13 04:11 648 --a------ C:\Program Files\McAfee(839)\MSC(86)\nmcsrv.inf
2007-07-12 06:58 2590 --a------ C:\Program Files\McAfee(839)\MQC(85)\mcqc.inf
2007-07-12 06:58 1268 --a------ C:\Program Files\McAfee(839)\MSHR(87)\mcshr.inf
2007-07-10 17:47 97367 --a------ C:\Program Files\McAfee(839)\MPS(84)\uninst.ini
2007-07-09 06:20 2724006 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\Engine\5200.2160\mcscan32.dll
2007-07-07 14:55 1190 --a------ C:\Program Files\McAfee(839)\MSC(86)\mscprmgr.inf
2007-07-07 13:52 1348 --a------ C:\Program Files\McAfee(839)\MSC(86)\mscupd.inf
2007-07-05 00:46 668 --a------ C:\Program Files\McAfee(839)\MSC(86)\nmcpost.inf
2007-07-03 18:11 11289 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\oasbin.inf
2007-07-02 16:47 7788 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mvsdeflt.inf
2007-06-25 15:38 5162 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcltvers.ini
2007-06-22 15:11 148864 --a------ C:\Program Files\McAfee(839)\MPS(84)\Uninst.dll
2007-06-18 11:15 3229 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mvsctls.inf
2007-06-13 19:40 2170 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\vistareg.ini
2007-06-13 12:33 1247 --a------ C:\Program Files\McAfee(839)\MPS(84)\mpsmisp.inf
2007-06-11 07:37 2857 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\vsmain.inf
2007-06-11 07:37 1482 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\oem.inf
2007-06-08 15:38 633 --a------ C:\Program Files\McAfee(839)\MPS(84)\mpscnfg.inf
2007-06-08 12:04 1318 --a------ C:\Program Files\McAfee(839)\MPF(83)\mpfmisp.inf
2007-06-07 14:38 2392 --a------ C:\Program Files\McAfee(839)\MSC(86)\mscsvc.inf
2007-06-04 14:48 3393 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\vspost2.inf
2007-06-04 14:48 3389 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\vspost.inf
2007-06-01 13:33 2376 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mispreg.ini
2007-05-30 09:05 4726 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\vso.inf
2007-05-23 07:42 1929 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskplg.inf
2007-05-23 07:42 1593 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\msksrv.inf
2007-05-22 16:38 175 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\updunreg.ini
2007-05-15 12:36 964 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskcnt.inf
2007-05-15 12:36 963 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskres.inf
2007-05-15 12:36 783 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskmisp.inf
2007-05-15 12:36 771 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskplg32.inf
2007-05-15 12:36 1439 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\antphish.inf
2007-05-04 22:34 2028 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mvsres.inf
2007-05-04 16:52 663552 --a------ C:\Program Files\McAfee(839)\MPS(84)\IAImageReader.dll
2007-05-04 16:52 543232 --a------ C:\Program Files\McAfee(839)\MPS(84)\IAEngine.dll
2007-05-03 12:15 622 --a------ C:\Program Files\McAfee(839)\MPS(84)\keywords.inf
2007-04-10 17:20 143952 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\McAdaptr.dll
2007-04-02 02:53 558656 --a------ C:\Program Files\McAfee(839)\MSC(86)\oem\365-9\mccobres.dll
2007-04-02 02:53 421 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSC\en-US\365-9\mscoem.inf
2007-04-02 02:52 421 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSC\en-US\365-14\mscoem.inf
2007-04-02 02:51 421 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSC\en-US\365-13\mscoem.inf
2007-04-02 02:49 421 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSC\en-US\365-12\mscoem.inf
2007-04-02 02:48 421 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSC\en-US\365-11\mscoem.inf
2007-04-02 02:46 421 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSC\en-US\365-10\mscoem.inf
2007-04-02 02:44 452 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MBK\en-US\365-9\mbkoem.inf
2007-04-02 02:44 448 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-9\vsooem.inf
2007-04-02 02:44 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-9\vsous.inf
2007-04-02 02:44 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-9\vsoub.inf
2007-04-02 02:44 340 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\{e9793a47-5106-476d-bf76-534c9a4f0f1d}\en-US\regurl.inf
2007-04-02 02:43 454 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-9\mpsoem.inf
2007-04-02 02:43 449 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-9\mskoem.inf
2007-04-02 02:43 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-9\vsofs.inf
2007-04-02 02:43 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-9\mskus.inf
2007-04-02 02:43 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-9\mskub.inf
2007-04-02 02:43 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-9\mskfs.inf
2007-04-02 02:43 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-9\mpsus.inf
2007-04-02 02:43 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-9\mpsub.inf
2007-04-02 02:43 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-9\mpsfs.inf
2007-04-02 02:38 456 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-9\mpfoem.inf
2007-04-02 02:38 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-9\mpfub.inf
2007-04-02 02:37 452 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MBK\en-US\365-11\mbkoem.inf
2007-04-02 02:37 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-9\mpfus.inf
2007-04-02 02:37 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-9\mpffs.inf
2007-04-02 02:36 448 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-11\vsooem.inf
2007-04-02 02:36 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-11\vsoub.inf
2007-04-02 02:12 454 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-11\mpsoem.inf
2007-04-02 02:12 449 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-11\mskoem.inf
2007-04-02 02:12 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-11\vsous.inf
2007-04-02 02:12 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-11\vsofs.inf
2007-04-02 02:12 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-11\mskus.inf
2007-04-02 02:12 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-11\mskub.inf
2007-04-02 02:12 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-11\mskfs.inf
2007-04-02 02:12 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-11\mpsub.inf
2007-04-02 02:11 456 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-11\mpfoem.inf
2007-04-02 02:11 452 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MBK\en-US\365-10\mbkoem.inf
2007-04-02 02:11 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-11\mpsus.inf
2007-04-02 02:11 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-11\mpsfs.inf
2007-04-02 02:11 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-11\mpfus.inf
2007-04-02 02:11 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-11\mpfub.inf
2007-04-02 02:11 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-11\mpffs.inf
2007-04-02 02:10 449 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-10\mskoem.inf
2007-04-02 02:10 448 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-10\vsooem.inf
2007-04-02 02:10 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-10\vsous.inf
2007-04-02 02:10 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-10\vsoub.inf
2007-04-02 02:10 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-10\vsofs.inf
2007-04-02 02:10 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-10\mskus.inf
2007-04-02 02:10 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-10\mskub.inf
2007-04-02 02:09 456 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-10\mpfoem.inf
2007-04-02 02:09 454 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-10\mpsoem.inf
2007-04-02 02:09 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-10\mskfs.inf
2007-04-02 02:09 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-10\mpsus.inf
2007-04-02 02:09 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-10\mpsub.inf
2007-04-02 02:09 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-10\mpsfs.inf
2007-04-02 02:09 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-10\mpfus.inf
2007-04-02 02:09 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-10\mpfub.inf
2007-04-02 02:09 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-10\mpffs.inf
2007-04-02 02:08 452 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MBK\en-US\365-13\mbkoem.inf
2007-04-02 02:08 448 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-13\vsooem.inf
2007-04-02 02:08 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-13\vsous.inf
2007-04-02 02:08 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-13\vsoub.inf
2007-04-02 02:08 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-13\vsofs.inf
2007-04-02 02:07 456 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-13\mpfoem.inf
2007-04-02 02:07 454 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-13\mpsoem.inf
2007-04-02 02:07 449 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-13\mskoem.inf
2007-04-02 02:07 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-13\mskus.inf
2007-04-02 02:07 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-13\mskub.inf
2007-04-02 02:07 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-13\mskfs.inf
2007-04-02 02:07 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-13\mpsus.inf
2007-04-02 02:07 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-13\mpsub.inf
2007-04-02 02:07 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-13\mpsfs.inf
2007-04-02 02:06 452 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MBK\en-US\365-12\mbkoem.inf
2007-04-02 02:06 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-13\mpfus.inf
2007-04-02 02:06 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-13\mpfub.inf
2007-04-02 02:06 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-13\mpffs.inf
2007-04-02 02:05 454 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-12\mpsoem.inf
2007-04-02 02:05 449 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-12\mskoem.inf
2007-04-02 02:05 448 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-12\vsooem.inf
2007-04-02 02:05 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-12\vsous.inf
2007-04-02 02:05 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-12\vsoub.inf
2007-04-02 02:05 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-12\vsofs.inf
2007-04-02 02:05 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-12\mskus.inf
2007-04-02 02:05 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-12\mskub.inf
2007-04-02 02:05 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-12\mskfs.inf
2007-04-02 02:04 456 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-12\mpfoem.inf
2007-04-02 02:04 452 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MBK\en-US\365-14\mbkoem.inf
2007-04-02 02:04 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-12\mpsus.inf
2007-04-02 02:04 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-12\mpsub.inf
2007-04-02 02:04 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-12\mpsfs.inf
2007-04-02 02:04 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-12\mpfus.inf
2007-04-02 02:04 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-12\mpfub.inf
2007-04-02 02:04 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-12\mpffs.inf
2007-04-02 02:03 449 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-14\mskoem.inf
2007-04-02 02:03 448 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-14\vsooem.inf
2007-04-02 02:03 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-14\vsous.inf
2007-04-02 02:03 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-14\vsoub.inf
2007-04-02 02:03 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-14\vsofs.inf
2007-04-02 02:03 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-14\mskub.inf
2007-04-02 02:02 454 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-14\mpsoem.inf
2007-04-02 02:02 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-14\mskus.inf
2007-04-02 02:02 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-14\mskfs.inf
2007-04-02 02:02 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-14\mpsus.inf
2007-04-02 02:02 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-14\mpsub.inf
2007-04-02 02:02 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-14\mpsfs.inf
2007-04-02 02:01 487 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSAD\en-US\365-9\msadrgw.inf
2007-04-02 02:01 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-9\vsorgw.inf
2007-04-02 02:01 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-9\mskrgw.inf
2007-04-02 02:01 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-9\mpsrgw.inf
2007-04-02 02:01 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-9\mpfrgw.inf
2007-04-02 02:01 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MBK\en-US\365-9\mbkrgw.inf
2007-04-02 02:01 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MBK\en-US\365-14\mbkrgw.inf
2007-04-02 02:01 456 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-14\mpfoem.inf
2007-04-02 02:01 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-14\mpfus.inf
2007-04-02 02:01 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-14\mpfub.inf
2007-04-02 02:01 445 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-14\mpffs.inf
2007-04-02 02:00 487 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSAD\en-US\365-14\msadrgw.inf
2007-04-02 02:00 487 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSAD\en-US\365-13\msadrgw.inf
2007-04-02 02:00 487 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSAD\en-US\365-12\msadrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-14\vsorgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-13\vsorgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-12\vsorgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-11\vsorgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-14\mskrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-13\mskrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-12\mskrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-11\mskrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-14\mpsrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-13\mpsrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-12\mpsrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-14\mpfrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-13\mpfrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-12\mpfrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MBK\en-US\365-13\mbkrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MBK\en-US\365-12\mbkrgw.inf
2007-04-02 02:00 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MBK\en-US\365-11\mbkrgw.inf
2007-04-02 01:59 487 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSAD\en-US\365-11\msadrgw.inf
2007-04-02 01:59 487 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSAD\en-US\365-10\msadrgw.inf
2007-04-02 01:59 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\VSO\en-US\365-10\vsorgw.inf
2007-04-02 01:59 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSK\en-US\365-10\mskrgw.inf
2007-04-02 01:59 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-11\mpsrgw.inf
2007-04-02 01:59 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPS\en-US\365-10\mpsrgw.inf
2007-04-02 01:59 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-11\mpfrgw.inf
2007-04-02 01:59 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MPF\en-US\365-10\mpfrgw.inf
2007-04-02 01:59 484 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MBK\en-US\365-10\mbkrgw.inf
2007-04-02 01:59 362 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcregoem.ini
2007-04-02 01:59 173632 --a------ C:\Program Files\McAfee(839)\MSC(86)\rwoemres.dll
2007-04-02 01:58 5872 --a------ C:\Program Files\McAfee(839)\MSC(86)\oemmap.ini
2007-04-02 00:44 829 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\vsosbt.inf
2007-04-02 00:43 759 --a------ C:\Program Files\McAfee(839)\MPS(84)\mpssbt.inf
2007-04-02 00:43 754 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\msksbt.inf
2007-04-02 00:38 761 --a------ C:\Program Files\McAfee(839)\MPF(83)\mpfsbt.inf
2007-04-01 23:43 588 --a------ C:\Program Files\McAfee(839)\MPS(84)\mpsuc.inf
2007-04-01 23:43 558 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskuc.inf
2007-04-01 23:43 2461 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\vsouc.inf
2007-04-01 23:37 588 --a------ C:\Program Files\McAfee(839)\MPF(83)\mpfuc.inf
2007-03-16 00:45 4247 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskmain.inf
2007-03-12 01:43 9296 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mvsoem.dll
2007-03-07 19:01 480856 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcsubmgr\7,2,147,0\mcsubmgr.dll
2007-03-06 13:50 1646 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\preinst.inf
2007-02-26 08:58 1892 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\oasres.inf
2007-02-09 00:39 1407512 --a------ C:\Program Files\McAfee(839)\MSC(86)\sasetup.exe
2007-01-20 14:20 1254952 --a------ C:\Program Files\McAfee(839)\MSC(86)\eulares.dll
2007-01-19 04:23 58936 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskuc.dll
2007-01-19 04:21 58936 --a------ C:\Program Files\McAfee(839)\MPS(84)\mpsuc.dll
2007-01-19 04:18 58936 --a------ C:\Program Files\McAfee(839)\MPF(83)\mpfuc.dll
2007-01-17 20:30 133712 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskp3plg.dll
2007-01-17 15:30 50768 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\MskAltPS.dll
2007-01-17 15:29 137808 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\MskAlert.exe
2007-01-16 08:24 370216 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcoemmgr.exe
2007-01-16 08:24 271912 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcappcfg.exe
2007-01-11 17:51 169512 --a------ C:\Program Files\McAfee(839)\MSC(86)\rwcorres.dll
2007-01-11 16:15 450600 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcregist.exe
2007-01-11 16:15 333352 --a------ C:\Program Files\McAfee(839)\MSC(86)\rwcoreui.dll
2007-01-05 19:21 290392 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcregobj\7,2,142,0\mcregobj.dll
2007-01-03 13:24 490 --a------ C:\Program Files\McAfee(839)\MPS(84)\mpsdeflt.inf
2006-12-21 11:57 1178 --a------ C:\Program Files\McAfee(839)\MPF(83)\mpfloc.inf
2006-12-20 16:08 27914 -ra------ C:\Program Files\McAfee(839)\VirusScan(89)\vscan.bof
2006-12-19 16:37 1464 --a------ C:\Program Files\McAfee(839)\MPS(84)\mpspost.inf
2006-12-09 15:15 866 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskrules.inf
2006-11-29 11:28 532 --a------ C:\Program Files\McAfee(839)\MSC(86)\mscdfoem.inf
2006-10-30 14:05 378 --a------ C:\Program Files\McAfee(839)\MSC(86)\rwdimens.ini
2006-09-06 10:04 405 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSAD\en-US\365-9\msadoem.inf
2006-09-06 10:04 405 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSAD\en-US\365-14\msadoem.inf
2006-09-06 10:04 405 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSAD\en-US\365-13\msadoem.inf
2006-09-06 10:04 405 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSAD\en-US\365-12\msadoem.inf
2006-09-06 10:04 405 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSAD\en-US\365-11\msadoem.inf
2006-09-06 10:04 405 --a------ C:\Program Files\McAfee(839)\MSC(86)\OemInfo\MSAD\en-US\365-10\msadoem.inf
2006-08-16 15:02 957 --a------ C:\Program Files\McAfee(839)\MSC(86)\mscmisc.inf
2006-07-18 09:13 840 --a------ C:\Program Files\McAfee(839)\MSC(86)\nmclang.inf
2006-07-18 00:31 695 --a------ C:\Program Files\McAfee(839)\MPS(84)\mpshelp.inf
2006-07-17 14:44 801 --a------ C:\Program Files\McAfee(839)\MSHR(87)\mcshrres.inf
2006-07-17 14:34 803 --a------ C:\Program Files\McAfee(839)\MQC(85)\mcqcres.inf
2006-07-12 19:42 966 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\smonres.inf
2006-07-06 18:28 1249 --a------ C:\Program Files\McAfee(839)\MPF(83)\mpfdata.inf
2006-06-12 20:25 1261 --a------ C:\Program Files\McAfee(839)\MQC(85)\mcpmain.inf
2006-06-12 14:25 644 --a------ C:\Program Files\McAfee(839)\MQC(85)\mcpins.inf
2006-06-09 10:08 728 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\mispureg.ini
2006-05-09 17:24 621 --a------ C:\Program Files\McAfee(839)\MSC(86)\nmcpre.inf
2006-04-26 17:55 848 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\mskdict.inf
2006-04-24 11:53 910 --a------ C:\Program Files\McAfee(839)\MSK(88)(840)\phishcnt.inf
2006-04-21 00:14 567 --a------ C:\Program Files\McAfee(839)\MSC(86)\nmcoem.inf
2006-04-21 00:14 565 --a------ C:\Program Files\McAfee(839)\MSC(86)\nmcres.inf
2006-03-31 17:42 1007 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\sysmon.inf
2006-03-29 09:54 559 --a------ C:\Program Files\McAfee(839)\MSC(86)\mscuimgr.inf
2006-03-22 13:02 77 --a------ C:\Program Files\McAfee(839)\MSHR(87)\Shredder.ini
2006-02-19 14:33 508 --a------ C:\Program Files\McAfee(839)\MSC(86)\mcmispps.inf
2006-02-16 11:33 975 --a------ C:\Program Files\McAfee(839)\VirusScan(89)\vsores.inf
2006-02-14 17:23 563 --a------ C:\Program Files\McAfee(839)\MSC(86)\msccfmgr.inf
2006-02-14 14:19 467 --a------ C:\Program Files\McAfee(839)\MSC(86)\mscres.inf
2006-02-14 12:42 582 --a------ C:\Program Files\McAfee(839)\MSC(86)\mscreg.inf
2006-02-14 12:42 543 --a------ C:\Program Files\McAfee(839)\MSC(86)\mscmnmgr.inf


((((((((((((((((((((((((((((( snapshot@2008-09-01_14.31.32.01 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-08-31 23:43:42 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-09-02 00:27:31 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2008-08-31 23:43:42 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2008-09-02 00:27:31 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-08-31 23:45:29 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat
+ 2008-09-02 00:29:19 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat
- 2008-08-31 23:45:24 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2008-09-02 00:29:13 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2008-09-02 00:29:13 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2008-09-01 18:26:34 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-09-02 00:14:14 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
- 2008-08-31 23:45:48 12,296 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-995996556-1816073739-136882781-1001_UserData.bin
+ 2008-09-02 00:29:30 12,534 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-995996556-1816073739-136882781-1001_UserData.bin
- 2008-08-31 23:45:48 64,392 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-09-02 00:29:30 64,640 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 08:36 201728]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 19:03 152872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-04-06 02:21 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-04-06 02:21 8429568]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-04-06 02:21 81920]
"BigFix"="c:\program files\Bigfix\bigfix.exe" [2006-11-16 19:04 2348584]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" [2007-02-08 22:39 36904]
"AceGain LiveUpdate"="C:\Program Files\AceGain\LiveUpdate\LiveUpdate.exe" [2003-12-31 21:12 417792]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 23:33 582992]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-08-31 10:39 1235736]
"RtHDVCpl"="RtHDVCpl.exe" [2007-01-18 02:46 4349952 C:\Windows\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="C:\Windows\SMINST\launcher.exe" [2007-04-17 17:52 40072]

C:\Users\Others\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 04:45:42 101784]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
BigFix.lnk - C:\Program Files\BigFix\bigfix.exe [2007-05-11 10:16:36 2348584]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"LogonHoursAction"= 2 (0x2)
"DontDisplayLogonHoursWarnings"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.clmp3enc"= C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM
"msacm.divxa32"= divxa32.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{15B65E72-2D15-4E53-ACF2-0EE2086F55B3}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{71D41C8B-2402-4E92-B2DE-8BAD51C0F5ED}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{27CC8D00-751C-45A5-A30E-42C01A6AD144}"= Profile=Private|Profile=Public|C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
"{3D3EA83E-BA0F-4A09-9CB5-E3D0C0DD3CBE}"= UDP:C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:AOL Connectivity Service Dialer
"{6F9A2C68-2EA5-4ED5-8A27-2ACAA7EBCC40}"= TCP:C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:AOL Connectivity Service Dialer
"{8E89455F-8479-444A-ACBB-45FF60E4C368}"= UDP:C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:AOL Connectivity Service
"{35CB5A93-2BF5-46D7-878E-D7008C6663EB}"= TCP:C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:AOL Connectivity Service
"{25EA6C08-E05D-4C23-8BC0-7BBC285D74DE}"= UDP:C:\Windows\System32\dlbkcoms.exe:AIO Printer A920 Server
"{EE1B8587-8CDF-4CE9-B873-D2E246D757B7}"= TCP:C:\Windows\System32\dlbkcoms.exe:AIO Printer A920 Server
"{2F564F07-2209-43AB-A682-0EA6B0C66317}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{E27E7D15-06EA-4D3C-A415-9547299C0453}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{E097024E-6F25-4396-A520-6ADAF2F37C2B}"= C:\Program Files\AVG\AVG8\avgemc.exe:avgemc.exe
"{519ABD1B-E8E3-4C92-959D-0E244B06C130}"= C:\Program Files\AVG\AVG8\avgupd.exe:avgupd.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\Windows\system32\Drivers\avgldx86.sys [2008-08-31 10:39]
R2 avg8emc;AVG Free8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-08-31 10:39]
R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-31 10:39]
R2 dlbk_device;dlbk_device;C:\Windows\system32\dlbkcoms.exe [2007-06-25 21:17]
R3 AvgWfpX;AVG Free8 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfpx.sys [2008-08-30 17:29]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-01-09 13:00]
S3 GameConsoleService;GameConsoleService;C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe [2008-05-05 18:25]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\system32\drivers\mbamswissarmy.sys [2008-08-17 15:01]
S3 NETw2v32;Intel® PRO/Wireless 2200BG Network Connection Driver for Windows Vista;C:\Windows\system32\DRIVERS\NETw2v32.sys [2006-11-02 03:30]
.
Contents of the 'Scheduled Tasks' folder
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-02 15:52:06
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-09-02 15:54:01
ComboFix-quarantined-files.txt 2008-09-02 19:53:57
ComboFix2.txt 2008-09-02 00:21:32
ComboFix3.txt 2008-09-01 18:32:26

Pre-Run: 82,728,923,136 bytes free
Post-Run: 82,694,868,992 bytes free

1079 --- E O F --- 2008-08-31 14:44:45

#10 clicketybob

clicketybob
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:50 PM

Posted 02 September 2008 - 03:01 PM

And here is my HiJackThis Log:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:00:54 PM, on 9/2/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\BigFix\bigfix.exe
C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html?Ch...DTP&M=T5062
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\google\BAE.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [BigFix] c:\program files\Bigfix\bigfix.exe /atstartup
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
O4 - HKLM\..\Run: [AceGain LiveUpdate] C:\Program Files\AceGain\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-995996556-1816073739-136882781-1001\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe (User 'Others')
O4 - HKUS\S-1-5-21-995996556-1816073739-136882781-1001\..\Run: [SrvDscAdm] C:\ProgramData\SrvDscAdm\xwpmdyva.exe (User 'Others')
O4 - HKUS\S-1-5-21-995996556-1816073739-136882781-1001\..\Run: [1haDbr1KmD] C:\ProgramData\xojupopi\helsnuzk.exe (User 'Others')
O4 - HKUS\S-1-5-21-995996556-1816073739-136882781-1001\..\Run: [actdscapp] C:\ProgramData\actdscapp\zepmfkts.exe (User 'Others')
O4 - HKUS\S-1-5-21-995996556-1816073739-136882781-1001\..\Run: [appmsg] C:\ProgramData\appmsg\cfyxabij.exe (User 'Others')
O4 - HKUS\S-1-5-21-995996556-1816073739-136882781-1001\..\Run: [UtilSrv] C:\ProgramData\UtilSrv\wputatwx.exe (User 'Others')
O4 - HKUS\S-1-5-21-995996556-1816073739-136882781-1001\..\Run: [MsgChk] C:\ProgramData\MsgChk\wdgpgxkt.exe (User 'Others')
O4 - HKUS\S-1-5-21-995996556-1816073739-136882781-1001\..\Run: [SetAct] C:\ProgramData\SetAct\lgvodgrq.exe (User 'Others')
O4 - S-1-5-21-995996556-1816073739-136882781-1001 Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Others')
O4 - S-1-5-21-995996556-1816073739-136882781-1001 User Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Others')
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\bigfix.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://www.worldwinner.com/games/v47/share...GamesLoader.cab
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} (Bejeweled Control) - http://www.worldwinner.com/games/v46/bejeweled/bejeweled.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: dlbk_device - - C:\Windows\system32\dlbkcoms.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Services (mcmscsvc) - Unknown owner - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe (file missing)
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe (file missing)
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: McAfee Personal Firewall Service (MpfService) - Unknown owner - C:\Program Files\McAfee\MPF\MPFSrv.exe (file missing)
O23 - Service: McAfee SpamKiller Service (MSK80Service) - Unknown owner - C:\Program Files\McAfee\MSK\MskSrver.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

--
End of file - 9233 bytes

#11 clicketybob

clicketybob
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:50 PM

Posted 02 September 2008 - 04:39 PM

Okay my AVG Free keeps picking up ComboFix.exe as Spyware. Should I just let AVG keep it in its Virus Vault when my computer is clean or does ComboFix really have Spyware in it?

Edited by clicketybob, 02 September 2008 - 04:40 PM.


#12 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:03:50 AM

Posted 02 September 2008 - 05:18 PM

Hello Clicketybob,

That's probably a reaction to some disabled malware files in the Quarantaine box. :thumbsup:

Since your system looks clean now,
you can remove all used tools and folders created in the process.
To remove ComboFix :
Go to Start > Run, and copy and paste next command in the field:ComboFix /u
Make sure there's a space between Combofix and /u
Then press Enter.
This will uninstall Combofix, delete its related folders and files, restore your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.

Your JavaVM is also out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version Java components and update.

Updating Java:
  • Download the latest version of Java Runtime Environment (JRE) 6 Update7.
  • Scroll down to where it says The Java SE Runtime Environment (JRE) allows end-users to run Java applications.
  • Click the Download button to the right.
  • Check the box that says: Accept License Agreement
  • The page will refresh.
  • Click on the link to download Windows Offline Installation (jre-6u7-windows-i586-p.exe) and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u7-windowsi586-p.exe to install the newest version.
Finally, it might be a good idea to get rid of all those McAfee leftovers,
by cleaning out all entries in both the Software list (Control Panel > Software) and by using the search function in Windows Explorer.
If you have any problems with that, you can use the McAfee removal tool : http://service.mcafee.com/FAQDocument.aspx...083&lc=1033

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#13 clicketybob

clicketybob
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:50 PM

Posted 02 September 2008 - 06:48 PM

Okay, finished. Thank you so much for everything you helped me with it was either someone helped me step by step, or I was going to wipe my entire hard drive and hoped that fixed it. You were very helpful and if I ever have trouble in the future I'll talk to you for help. Thanks again.


-Louis-

Edited by clicketybob, 02 September 2008 - 09:19 PM.


#14 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:03:50 AM

Posted 03 September 2008 - 03:11 AM

Glad we could help, Louis :thumbsup:

Please read this Prevention page with lots of info and tips how to prevent this in the future.
And if you want to improve speed/system performance after malware removal, take a look here.
Extra note: Make sure your programs are up to date - because older versions may contain Security Leaks.
To find out what programs need to be updated, please run the Secunia Software Inspector Scan.

Please also read Tony Klein's excellent article: How I got Infected in the First Place
and/or Grinlers tutorial on how malware is hidden and installed

Since this issue appears resolved ... this Topic is closed.
If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users