View Full Version : * Virtumonde & Spyware
PCStressed
2008-09-25, 23:02
:spider:
Machine is running slower and slower everyday. Spydoctor listed virtumonde etc.
Here is the HJT. I would appreciate a look to see if this PC has been compromised. Thank you in advance. Ron
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:54:57 PM, on 9/25/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
C:\Program Files\Print Distributor 3\pd3service.exe
C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\iolo\System Mechanic Professional\AntiVirus\ioloAV.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\msdtc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iolo\System Mechanic Professional\AntiVirus\iAVEmailScanner.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Desktop Search Capture - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe
O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN
O4 - HKLM\..\Run: [iolo AntiVirus] "C:\Program Files\iolo\System Mechanic Professional\AntiVirus\ioloAV.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [aČ] "C:\Security software\a2\a2guard.exe"
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyfios.verizon.net/sdcCommon/download/FIOS/tgctlcm.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,76/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,19/mcgdmgr.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/zuma/default/popcaploader_v5.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
O23 - Service: Print Distributor 3 - Unknown owner - C:\\Program Files\\Print Distributor 3\\pd3service.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 13658 bytes
Hi PCStressed
Please post spybot report next :)
PCStressed
2008-09-27, 19:11
Thank you for taking my problem.
I am not sure what was meant by providing a spybot report, but I figured the following might be what you are looking for. If not, please explain further what you need. - Ron
--- Search result list ---
Hint of the Day: Click the bar at the right of this to see more information! ()
--- Spybot - Search & Destroy version: 1.6.0 (build: 20080729) ---
2008-08-14 blindman.exe (1.0.0.8)
2008-08-14 SDFiles.exe (1.6.0.4)
2008-08-14 SDMain.exe (1.0.0.6)
2008-08-14 SDShred.exe (1.0.2.3)
2008-08-14 SDUpdate.exe (1.6.0.9)
2008-08-14 SDWinSec.exe (1.0.0.12)
2008-07-30 SpybotSD.exe (1.6.0.31)
2008-08-18 TeaTimer.exe (1.6.2.23)
2007-03-05 unins000.exe (51.41.0.0)
2008-09-10 unins001.exe (51.49.0.0)
2008-08-14 Update.exe (1.6.0.7)
2008-08-14 advcheck.dll (1.6.1.12)
2007-04-02 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-08-14 SDHelper.dll (1.6.0.12)
2008-06-19 sqlite3.dll
2008-08-14 Tools.dll (2.1.5.7)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2008-09-02 Includes\Adware.sbi (*)
2008-09-09 Includes\AdwareC.sbi (*)
2008-06-03 Includes\Cookies.sbi (*)
2008-09-02 Includes\Dialer.sbi (*)
2008-09-09 Includes\DialerC.sbi (*)
2008-07-23 Includes\HeavyDuty.sbi (*)
2008-09-02 Includes\Hijackers.sbi (*)
2008-09-02 Includes\HijackersC.sbi (*)
2008-09-09 Includes\Keyloggers.sbi (*)
2008-09-23 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-09-09 Includes\Malware.sbi (*)
2008-09-23 Includes\MalwareC.sbi (*)
2008-09-02 Includes\PUPS.sbi (*)
2008-09-11 Includes\PUPSC.sbi (*)
2007-11-07 Includes\Revision.sbi (*)
2008-06-18 Includes\Security.sbi (*)
2008-09-02 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2008-09-09 Includes\Spyware.sbi (*)
2008-09-23 Includes\SpywareC.sbi (*)
2008-06-03 Includes\Tracks.uti
2008-09-16 Includes\Trojans.sbi (*)
2008-09-23 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-06-06 Plugins\TCPIPAddress.dll
--- System information ---
Windows XP (Build: 2600) Service Pack 3 (5.1.2600)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB928366)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ DataAccess: Microsoft Data Access Components KB870669
/ DataAccess: Security Update for Microsoft Data Access Components
/ DirectX / DX9 / SP1: DirectX 9 Hotfix - KB839643
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ MSXML4SP2: Security update for MSXML4 SP2 (KB936181)
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB898458)
/ Step By Step Interactive Training / SP2: Security Update for Step By Step Interactive Training (KB923723)
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
/ Windows Media Player / SP0: Windows Media Player Hotfix [See wm828026 for more information]
/ Windows Media Player: Windows Media Update 817787
/ Windows Media Player: Windows Media Update 828026
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB911565)
/ Windows Media Player 10: Security Update for Windows Media Player 10 (KB917734)
/ Windows Media Player 11: Security Update for Windows Media Player 11 (KB936782)
/ Windows Media Player 11: Hotfix for Windows Media Player 11 (KB939683)
/ Windows Media Player 11: Security Update for Windows Media Player 11 (KB954154)
/ Windows Media Player 6.4: Security Update for Windows Media Player 6.4 (KB925398)
/ Windows XP: Security Update for Windows XP (KB923689)
/ Windows XP: Security Update for Windows XP (KB941569)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB929969)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB933566)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB937143)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB938127)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB939653)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB942615)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB944533)
/ Windows XP / SP0: Hotfix for Windows Internet Explorer 7 (KB947864)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB950759)
/ Windows XP / SP0: Security Update for Windows Internet Explorer 7 (KB953838)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP2: Windows XP Service Pack 2
/ Windows XP / SP3: Windows XP Service Pack 3
/ Windows XP / SP4: Security Update for Windows XP (KB938464)
/ Windows XP / SP4: Security Update for Windows XP (KB946648)
/ Windows XP / SP4: Security Update for Windows XP (KB950760)
/ Windows XP / SP4: Security Update for Windows XP (KB950762)
/ Windows XP / SP4: Security Update for Windows XP (KB950974)
/ Windows XP / SP4: Security Update for Windows XP (KB951066)
/ Windows XP / SP4: Update for Windows XP (KB951072-v2)
/ Windows XP / SP4: Security Update for Windows XP (KB951376)
/ Windows XP / SP4: Security Update for Windows XP (KB951376-v2)
/ Windows XP / SP4: Security Update for Windows XP (KB951698)
/ Windows XP / SP4: Security Update for Windows XP (KB951748)
/ Windows XP / SP4: Update for Windows XP (KB951978)
/ Windows XP / SP4: Hotfix for Windows XP (KB952287)
/ Windows XP / SP4: Security Update for Windows XP (KB952954)
/ Windows XP / SP4: Security Update for Windows XP (KB953839)
--- Startup entries list ---
Located: HK_LM:Run, Adobe Reader Speed Launcher
command: "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
file: C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
size: 34672
MD5: 69B16C7B7746BA5C642FC05B3561FC73
Located: HK_LM:Run, ccApp
command: "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
file: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 115816
MD5: 25BE770865658CB79100117112819A7C
Located: HK_LM:Run, dla
command: C:\WINDOWS\system32\dla\tfswctrl.exe
file: C:\WINDOWS\system32\dla\tfswctrl.exe
size: 114741
MD5: 2BFF8A443334A034DF73D2C8D808D2A7
Located: HK_LM:Run, Google Desktop Search
command: "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
file: C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
size: 29744
MD5: 6542DC2E93BCE4D4289FA70A4D367DC2
Located: HK_LM:Run, igfxhkcmd
command: C:\WINDOWS\system32\hkcmd.exe
file: C:\WINDOWS\system32\hkcmd.exe
size: 77824
MD5: 01018F75F3F18CE629FAC9689954A2AE
Located: HK_LM:Run, igfxpers
command: C:\WINDOWS\system32\igfxpers.exe
file: C:\WINDOWS\system32\igfxpers.exe
size: 114688
MD5: 996ABAC2332DE28F3B6A179C6DA20205
Located: HK_LM:Run, igfxtray
command: C:\WINDOWS\system32\igfxtray.exe
file: C:\WINDOWS\system32\igfxtray.exe
size: 94208
MD5: 3F2C8DD08549BB3419CDA372F5999FFA
Located: HK_LM:Run, iolo AntiVirus
command: "C:\Program Files\iolo\System Mechanic Professional\AntiVirus\ioloAV.exe"
file: C:\Program Files\iolo\System Mechanic Professional\AntiVirus\ioloAV.exe
size: 1103712
MD5: F146933FBF59A274C2CD1FE25CCF3AF4
Located: HK_LM:Run, iTunesHelper
command: "C:\Program Files\iTunes\iTunesHelper.exe"
file: C:\Program Files\iTunes\iTunesHelper.exe
size: 267048
MD5: 6F6493A929BC9B5762035940E825B840
Located: HK_LM:Run, Logitech Utility
command: Logi_MwX.Exe
file: C:\WINDOWS\Logi_MwX.Exe
size: 19968
MD5: 47F4C8707DE00F5F18F6CD524DF02879
Located: HK_LM:Run, PCMService
command: "C:\Program Files\Dell\Media Experience\PCMService.exe"
file: C:\Program Files\Dell\Media Experience\PCMService.exe
size: 204800
MD5: 3F22EAAD167797F2DE16FA7968593D59
Located: HK_LM:Run, SunJavaUpdateSched
command: "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
file: C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
size: 144784
MD5: 6AB4C021FBD36DC6764924C312428D97
Located: HK_LM:Run, Symantec PIF AlertEng
command: "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
file: C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
size: 583048
MD5: DEB2A99C1AD9B9190C78E895AE60A745
Located: HK_LM:Run, TkBellExe
command: "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
file: C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 180269
MD5: D09A5F5C4DBD5D4DFF09AB1A69812062
Located: HK_LM:Run, UpdateManager
command: "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
file: C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
size: 110592
MD5: 22FD4E58D69969A9165721C797D54931
Located: HK_LM:Run, Verizon_McciTrayApp
command: C:\Program Files\Verizon\McciTrayApp.exe
file: C:\Program Files\Verizon\McciTrayApp.exe
size: 936960
MD5: 3299F2A9129EE7265DB420ECD84E3127
Located: HK_LM:Run, VerizonServicepoint.exe
command: "C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN
file: C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
size: 2061816
MD5: 98562ADB263C863394BBB40ADED9701F
Located: HK_LM:Run, zBrowser Launcher
command: C:\Program Files\Logitech\iTouch\iTouch.exe
file: C:\Program Files\Logitech\iTouch\iTouch.exe
size: 892928
MD5: 2E2400A4341E891ABFFA553BFD39161B
Located: HK_CU:Run, aČ
where: S-1-5-21-949860055-789155634-3551938204-1007...
command: "C:\Security software\a2\a2guard.exe"
file: C:\Security software\a2\a2guard.exe
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, ctfmon.exe
where: S-1-5-21-949860055-789155634-3551938204-1007...
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 5F1D5F88303D4A4DBC8E5F97BA967CC3
Located: HK_CU:Run, DW6
where: S-1-5-21-949860055-789155634-3551938204-1007...
command: "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
file: C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
size: 785520
MD5: 958925BA59B3F205A3F709F4E9379479
Located: HK_CU:Run, H/PC Connection Agent
where: S-1-5-21-949860055-789155634-3551938204-1007...
command: "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
file: C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
size: 405583
MD5: A4CE7E9913893E1B59E303CF2A43D5D6
Located: HK_CU:Run, MSMSGS
where: S-1-5-21-949860055-789155634-3551938204-1007...
command: "C:\Program Files\Messenger\msmsgs.exe" /background
file: C:\Program Files\Messenger\msmsgs.exe
size: 1695232
MD5: 3E930C641079443D4DE036167A69CAA2
Located: HK_CU:Run, Norton SystemWorks
where: S-1-5-21-949860055-789155634-3551938204-1007...
command: "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
file: C:\Program Files\Norton SystemWorks\cfgwiz.exe
size: 132248
MD5: 1E98BC56F1B8BA23ABC1EFD9073D53C0
Located: HK_CU:Run, Sonic RecordNow!
where: S-1-5-21-949860055-789155634-3551938204-1007...
command:
file:
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: HK_CU:Run, SpybotSD TeaTimer
where: S-1-5-21-949860055-789155634-3551938204-1007...
command: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
file: C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1832272
MD5: FFB5BAC9C29303904365640A2E2A6D0C
Located: HK_CU:Run, swg
where: S-1-5-21-949860055-789155634-3551938204-1007...
command: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
file: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
size: 68856
MD5: E616A6A6E91B0A86F2F6217CDE835FFE
Located: Startup (common), APC UPS Status.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\APC\APC PowerChute Personal Edition\Display.exe
file: C:\Program Files\APC\APC PowerChute Personal Edition\Display.exe
size: 209016
MD5: 5FC593F56DD78784622C482008ACBDB1
Located: Startup (common), Microsoft Office.lnk
where: C:\Documents and Settings\All Users\Start Menu\Programs\Startup...
command: C:\Program Files\Microsoft Office\Office\OSA9.EXE
file: C:\Program Files\Microsoft Office\Office\OSA9.EXE
size: 65588
MD5: 57428A94C7C1AE489E7100DD47171107
Located: WinLogon, crypt32chain
command: crypt32.dll
file: crypt32.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cryptnet
command: cryptnet.dll
file: cryptnet.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, cscdll
command: cscdll.dll
file: cscdll.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, dimsntfy
command: %SystemRoot%\System32\dimsntfy.dll
file: %SystemRoot%\System32\dimsntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, igfxcui
command: igfxdev.dll
file: igfxdev.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, ScCertProp
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, Schedule
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, SensLogn
command: WlNotify.dll
file: WlNotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, termsrv
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, WgaLogon
command: WgaLogon.dll
file: WgaLogon.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
Located: WinLogon, wlballoon
command: wlnotify.dll
file: wlnotify.dll
size: 0
MD5: D41D8CD98F00B204E9800998ECF8427E
Warning: if the file is actually larger than 0 bytes,
the checksum could not be properly calculated!
--- Browser helper object list ---
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} (AcroIEHelperStub)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: AcroIEHelperStub
CLSID name: Adobe PDF Link Helper
Path: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\
Long name: AcroIEHelperShim.dll
Short name: ACROIE~2.DLL
Date (created): 6/11/2008 9:33:16 PM
Date (last access): 11/6/2003 6:25:36 PM
Date (last write): 6/11/2008 9:33:16 PM
Filesize: 75128
Attributes: archive
MD5: E96C752BBA0E22330A43258FC800200E
CRC32: E5D72083
Version: 9.0.0.332
{53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Spybot-S&D IE Protection
description: Spybot-S&D IE Browser plugin
classification: Legitimate
known filename: SDhelper.dll
info link: http://spybot.eon.net.au/
info source: Patrick M. Kolla
Path: C:\PROGRA~1\SPYBOT~1\
Long name: SDHelper.dll
Short name:
Date (created): 3/16/2003 12:02:00 AM
Date (last access): 11/6/2003 6:25:38 PM
Date (last write): 8/14/2008 12:39:52 PM
Filesize: 1562448
Attributes: archive
MD5: B0039242FC086A45F65891756BF56D74
CRC32: B61B184B
Version: 1.6.0.12
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: SSVHelper Class
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: ssv.dll
Short name:
Date (created): 9/22/2008 9:30:36 AM
Date (last access): 11/6/2003 6:25:38 PM
Date (last write): 6/10/2008 3:27:02 AM
Filesize: 509328
Attributes: archive
MD5: F921D875A1CBD69A6A462BA2514BC831
CRC32: 38AC9EE2
Version: 6.0.70.6
{7c1ce531-09e9-4fc5-9803-1c2956615786} (Google Desktop Search Capture)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name: Google Desktop Search Capture
CLSID name: IeCaptureBho Object
Path: C:\Program Files\Google\Google Desktop Search\
Long name: GoogleDesktopIE.dll
Short name: GOOGLE~2.DLL
Date (created): 1/10/2005 10:57:52 AM
Date (last access): 11/6/2003 6:25:36 PM
Date (last write): 9/10/2008 10:15:22 AM
Filesize: 103936
Attributes: archive
MD5: C4EFF538DB0BD6D10B4ED3D53C0B2BF1
CRC32: 9BFA29AB
Version: 5.7.806.10245
{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
info link: http://toolbar.google.com/
info source: TonyKlein
Path: c:\program files\google\
Long name: GoogleToolbar3.dll
Short name: GOOGLE~3.DLL
Date (created): 1/31/2007 1:35:54 PM
Date (last access): 11/6/2003 6:25:36 PM
Date (last write): 1/19/2007 11:55:32 PM
Filesize: 2403392
Attributes: readonly archive
MD5: 6319F2D4708DBCAE37CFA03DA10782C0
CRC32: D51D8296
Version: 4.0.1601.4978
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
BHO name:
CLSID name: Google Toolbar Notifier BHO
Path: C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\
Long name: swg.dll
Short name:
Date (created): 5/11/2008 1:42:18 PM
Date (last access): 11/6/2003 6:25:38 PM
Date (last write): 5/11/2008 1:42:18 PM
Filesize: 734704
Attributes: archive
MD5: F1D0608833F726C8FF84E11A46843CDE
CRC32: 0AF4F0EF
Version: 3.0.1225.9868
--- ActiveX list ---
{01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class)
DPF name:
CLSID name: Support.com Configuration Class
Installer: C:\WINDOWS\Downloaded Program Files\tgctlcm.inf
Codebase: https://activatemyfios.verizon.net/sdcCommon/download/FIOS/tgctlcm.cab
description:
classification: Legitimate
known filename: tgctlcm.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\support.com\bin\
Long name: tgctlcm.dll
Short name:
Date (created): 1/29/2007 11:40:42 AM
Date (last access): 11/6/2003 5:48:48 AM
Date (last write): 7/27/2007 5:37:08 AM
Filesize: 284032
Attributes: archive
MD5: 3F84BDDB78FCAD64C2FCC6C2A42672A3
CRC32: DEB18A32
Version: 6.9.2555.0
{01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class)
DPF name:
CLSID name: SysProWmi Class
Installer: C:\WINDOWS\Downloaded Program Files\SysPro.inf
Codebase: http://support.dell.com/systemprofiler/SysPro.CAB
description:
classification: Legitimate
known filename: SysPro.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\System32\Dell\SystemProfiler\
Long name: SysPro.ocx
Short name:
Date (created): 1/23/2003 1:23:18 PM
Date (last access): 11/6/2003 6:12:10 AM
Date (last write): 1/23/2003 1:23:18 PM
Filesize: 86016
Attributes: archive
MD5: 2EE3E0AE6AA35F135CAE24DF2DA9B172
CRC32: A76A5BDA
Version: 2.0.0.1
{0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility)
DPF name:
CLSID name: PCPitstop Utility
Installer: C:\WINDOWS\Downloaded Program Files\PCPitstop.inf
Codebase: http://pcpitstop.com/pcpitstop/PCPitStop.CAB
description: Gateway tools
classification: Legitimate
known filename: PCPITSTOP.DLL
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\Downloaded Program Files\
Long name: PCPitstop.dll
Short name: PCPITS~1.DLL
Date (created): 8/30/2007 11:03:06 AM
Date (last access): 11/6/2003 5:53:34 AM
Date (last write): 8/30/2007 11:03:06 AM
Filesize: 337624
Attributes: archive
MD5: F3BC5768CAF4BFC0EDA467AACE516AA9
CRC32: 3E0537C0
Version: 1.0.0.177
{17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool)
DPF name:
CLSID name: Windows Genuine Advantage Validation Tool
Installer: C:\WINDOWS\Downloaded Program Files\LegitCheckControl.inf
Codebase: http://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab
description:
classification: Legitimate
known filename: LegitCheckControl.DLL
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\system32\
Long name: LegitCheckControl.DLL
Short name: LEGITC~1.DLL
Date (created): 7/12/2005 6:04:22 PM
Date (last access): 11/6/2003 6:36:58 PM
Date (last write): 4/24/2007 10:32:06 AM
Filesize: 1485696
Attributes: archive
MD5: F41FA54CD85AF8AACF8C7E084F6742F4
CRC32: 6328586B
Version: 1.7.36.0
{33564D57-0000-0010-8000-00AA00389B71} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\WMV9VCM.inf
Codebase: http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
description:
classification: Legitimate
known filename:
info link:
info source: Safer Networking Ltd.
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine)
DPF name:
CLSID name: Office Update Installation Engine
Installer: C:\WINDOWS\Downloaded Program Files\opuc.inf
Codebase: http://office.microsoft.com/officeupdate/content/opuc.cab
description:
classification: Legitimate
known filename: opuc.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\
Long name: opuc.dll
Short name:
Date (created): 8/27/2003 4:10:30 AM
Date (last access): 11/6/2003 6:30:50 PM
Date (last write): 8/27/2003 4:10:30 AM
Filesize: 314368
Attributes: archive
MD5: 1E32EC4A8A17B19926B49EA5F6B79A76
CRC32: E98FC293
Version: 11.0.5626.0
{4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\mcinsctl.inf
Codebase: http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,76/mcinsctl.cab
description:
classification: Legitimate
known filename: mcinsctl.dll
info link:
info source: Safer Networking Ltd.
{8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_07
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
description: Sun Java
classification: Legitimate
known filename: %PROGRAM FILES%\JabaSoft\JRE\*\Bin\npjava131.dll
info link:
info source: Patrick M. Kolla
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: npjpi160_07.dll
Short name: NPJPI1~1.DLL
Date (created): 6/10/2008 1:32:34 AM
Date (last access): 11/6/2003 5:45:20 AM
Date (last write): 6/10/2008 3:27:02 AM
Filesize: 132496
Attributes: archive
MD5: 7C83A2809E13950359189767AC9D5DB8
CRC32: 925C2A88
Version: 6.0.70.6
{A8658086-E6AC-4957-BC8E-7D54A7E8A78E} (SassCln Object)
DPF name:
CLSID name: SassCln Object
Installer: C:\WINDOWS\Downloaded Program Files\SASSCLN.INF
Codebase: http://www.microsoft.com/security/controls/SassCln.CAB
description:
classification: Legitimate
known filename: SassCln.dll
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: SassCln.dll
Short name:
Date (created): 5/3/2004 2:39:54 PM
Date (last access): 11/6/2003 6:35:30 PM
Date (last write): 5/3/2004 2:39:54 PM
Filesize: 118784
Attributes: archive
MD5: A1C8571FA4B64CFC5C0CDA672F3C2D21
CRC32: 06EBA55B
Version: 1.0.0.16
{BCC0FF27-31D9-4614-A68E-C18E1ADA4389} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\McGDMgr.inf
Codebase: http://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,19/mcgdmgr.cab
description:
classification: Legitimate
known filename: McGDMgr.dll
info link:
info source: Safer Networking Ltd.
{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_07
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: npjpi160_07.dll
Short name: NPJPI1~1.DLL
Date (created): 6/10/2008 1:32:34 AM
Date (last access): 11/6/2003 7:09:56 PM
Date (last write): 6/10/2008 3:27:02 AM
Filesize: 132496
Attributes: archive
MD5: 7C83A2809E13950359189767AC9D5DB8
CRC32: 925C2A88
Version: 6.0.70.6
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0)
DPF name: Java Runtime Environment 1.6.0
CLSID name: Java Plug-in 1.6.0_07
Installer:
Codebase: http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
description:
classification: Legitimate
known filename: npjpi150_06.dll
info link:
info source: Safer Networking Ltd.
Path: C:\Program Files\Java\jre1.6.0_07\bin\
Long name: npjpi160_07.dll
Short name: NPJPI1~1.DLL
Date (created): 6/10/2008 1:32:34 AM
Date (last access): 11/6/2003 7:09:56 PM
Date (last write): 6/10/2008 3:27:02 AM
Filesize: 132496
Attributes: archive
MD5: 7C83A2809E13950359189767AC9D5DB8
CRC32: 925C2A88
Version: 6.0.70.6
{CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class)
DPF name:
CLSID name: get_atlcom Class
Installer: C:\WINDOWS\Downloaded Program Files\gp.inf
Codebase: http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
Path: C:\WINDOWS\Downloaded Program Files\
Long name: gp.ocx
Short name:
Date (created): 8/29/2008 9:01:04 AM
Date (last access): 11/6/2003 5:53:32 AM
Date (last write): 8/29/2008 9:01:04 AM
Filesize: 122688
Attributes: archive
MD5: 6E21C9A18C8D0D0E3630863794A6F6E6
CRC32: 747FA724
Version: 1.5.2.29
{D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
DPF name:
CLSID name: Shockwave Flash Object
Installer: C:\WINDOWS\Downloaded Program Files\swflash.inf
Codebase: http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
description: Macromedia Shockwave Flash Player
classification: Legitimate
known filename:
info link:
info source: Patrick M. Kolla
Path: C:\WINDOWS\system32\Macromed\Flash\
Long name: Flash9f.ocx
Short name:
Date (created): 3/24/2008 9:32:42 PM
Date (last access): 11/6/2003 6:25:44 PM
Date (last write): 3/24/2008 9:32:42 PM
Filesize: 2991488
Attributes: readonly archive
MD5: 48FDF435B8595604E54125B321924510
CRC32: 12335E29
Version: 9.0.124.0
{DF780F87-FF2B-4DF8-92D0-73DB16A1543A} ()
DPF name:
CLSID name:
Installer: C:\WINDOWS\Downloaded Program Files\popcaploader.inf
Codebase: http://zone.msn.com/bingame/zuma/default/popcaploader_v5.cab
description:
classification: Legitimate
known filename: POPCAPLOADER.DLL
info link:
info source: Safer Networking Ltd.
{E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control)
DPF name:
CLSID name: Driver Agent ActiveX Control
Installer: C:\WINDOWS\Downloaded Program Files\driveragent.inf
Codebase: http://driveragent.com/files/driveragent.cab
description:
classification: Legitimate
known filename: driveragent.ocx
info link:
info source: Safer Networking Ltd.
Path: C:\WINDOWS\Downloaded Program Files\
Long name: driveragent.ocx
Short name: DRIVER~1.OCX
Date (created): 9/6/2007 10:28:16 AM
Date (last access): 11/6/2003 5:53:30 AM
Date (last write): 9/6/2007 10:28:16 AM
Filesize: 452056
Attributes: archive
MD5: 9B9D1969141D430C0ED51EE601CCCDBB
CRC32: 584F7FBA
Version: 2.2007.9.6
--- Process list ---
PID: 0 ( 0) [System]
PID: 572 ( 4) \SystemRoot\System32\smss.exe
size: 50688
PID: 644 ( 572) \??\C:\WINDOWS\system32\csrss.exe
size: 6144
PID: 668 ( 572) \??\C:\WINDOWS\system32\winlogon.exe
size: 507904
PID: 712 ( 668) C:\WINDOWS\system32\services.exe
size: 108544
MD5: 0E776ED5F7CC9F94299E70461B7B8185
PID: 724 ( 668) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: BF2466B3E18E970D8A976FB95FC1CA85
PID: 904 ( 712) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 972 ( 712) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1072 ( 712) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1124 ( 712) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1320 ( 712) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1408 ( 712) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
size: 108648
MD5: FE69C498B922CE835E2E2123FBD0A272
PID: 1476 ( 712) C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
size: 607576
MD5: 07AE10139D7713D69F57209FDF0425CC
PID: 1600 ( 712) C:\WINDOWS\System32\brsvc01a.exe
size: 57344
MD5: D3FACB34FFF5DB91ADB70987838F8BA7
PID: 1624 (1600) C:\WINDOWS\System32\brss01a.exe
size: 45056
MD5: 9E646CD378D4D0C996BAF9BCB18237C7
PID: 1632 ( 712) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: D8E14A61ACC1D4A6CD0D38AEBAC7FA3B
PID: 384 ( 712) C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
size: 155770
MD5: F2C15D421296FED50D809BA9CDFAAA9F
PID: 400 ( 712) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
size: 110592
MD5: 3A4982DF893F198A2DFBCCD4CE10F93A
PID: 412 ( 712) C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
size: 198336
MD5: 0FCFBD0EDAA188B3D652DDCE6D16D866
PID: 468 ( 712) C:\WINDOWS\system32\cisvc.exe
size: 5632
MD5: 1CFE720EB8D93A7158A4EBC3AB178BDE
PID: 480 ( 712) C:\WINDOWS\System32\CTsvcCDA.exe
size: 44032
MD5: 3C8B6609712F4FF78E521F6DCFC4032B
PID: 584 ( 712) C:\Program Files\iolo\common\lib\ioloServiceManager.exe
size: 596328
MD5: 7B6F046B58F03F81D02E62C28047DE20
PID: 648 ( 712) C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
size: 95328
MD5: 81E45A1E03F1FCCBDCE761D0D8845B6A
PID: 1156 ( 712) C:\Program Files\Print Distributor 3\pd3service.exe
size: 688128
MD5: EE26FA2B3B493DF282A9E3201D2F0B82
PID: 1732 ( 712) C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
size: 181416
MD5: F15D5050C234D07E85D224C346476B89
PID: 1772 ( 712) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1816 ( 712) C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
size: 1251720
MD5: FA2F6A8849219B16460BF44F9D1F3AA7
PID: 1860 ( 712) C:\WINDOWS\System32\MsPMSPSv.exe
size: 53520
MD5: 581176F60885AEF8F78C6E38DCC3CDF9
PID: 1920 ( 712) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1800 ( 712) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: 8C515081584A38AA007909CD02020B3D
PID: 2524 ( 712) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
size: 2528960
MD5: FB3A35318CA7F6A10FA3C3826A69AFFE
PID: 2948 ( 468) C:\WINDOWS\system32\cidaemon.exe
size: 8192
MD5: 582304F6F1946FA5068CF143D729D7ED
PID: 2968 ( 468) C:\WINDOWS\system32\cidaemon.exe
size: 8192
MD5: 582304F6F1946FA5068CF143D729D7ED
PID: 3348 (2508) C:\WINDOWS\Explorer.EXE
size: 1033728
MD5: 12896823FB95BFB3DC9B46BCAEDC9923
PID: 3632 (3348) C:\WINDOWS\system32\dla\tfswctrl.exe
size: 114741
MD5: 2BFF8A443334A034DF73D2C8D808D2A7
PID: 3660 (3348) C:\Program Files\Dell\Media Experience\PCMService.exe
size: 204800
MD5: 3F22EAAD167797F2DE16FA7968593D59
PID: 3200 (3348) C:\Program Files\Logitech\iTouch\iTouch.exe
size: 892928
MD5: 2E2400A4341E891ABFFA553BFD39161B
PID: 3916 (3888) C:\Program Files\Logitech\MouseWare\system\em_exec.exe
size: 37888
MD5: 3678463D8ECB6CF3C25AC2F085711461
PID: 3928 (3348) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
size: 180269
MD5: D09A5F5C4DBD5D4DFF09AB1A69812062
PID: 3980 (3348) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
size: 115816
MD5: 25BE770865658CB79100117112819A7C
PID: 3304 (3348) C:\WINDOWS\system32\hkcmd.exe
size: 77824
MD5: 01018F75F3F18CE629FAC9689954A2AE
PID: 3256 (3348) C:\WINDOWS\system32\igfxpers.exe
size: 114688
MD5: 996ABAC2332DE28F3B6A179C6DA20205
PID: 4008 (3348) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
size: 29744
MD5: 6542DC2E93BCE4D4289FA70A4D367DC2
PID: 292 (3348) C:\Program Files\iTunes\iTunesHelper.exe
size: 267048
MD5: 6F6493A929BC9B5762035940E825B840
PID: 300 (3348) C:\Program Files\Verizon\McciTrayApp.exe
size: 936960
MD5: 3299F2A9129EE7265DB420ECD84E3127
PID: 3276 (3348) C:\Program Files\iolo\System Mechanic Professional\AntiVirus\ioloAV.exe
size: 1103712
MD5: F146933FBF59A274C2CD1FE25CCF3AF4
PID: 1392 (3348) C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
size: 144784
MD5: 6AB4C021FBD36DC6764924C312428D97
PID: 848 (3348) C:\Program Files\Messenger\msmsgs.exe
size: 1695232
MD5: 3E930C641079443D4DE036167A69CAA2
PID: 2248 ( 712) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: 27C6D03BCDB8CFEB96B716F3D8BE3E18
PID: 1776 (3348) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 5F1D5F88303D4A4DBC8E5F97BA967CC3
PID: 3136 (3348) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
size: 68856
MD5: E616A6A6E91B0A86F2F6217CDE835FFE
PID: 1144 (3348) C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
size: 785520
MD5: 958925BA59B3F205A3F709F4E9379479
PID: 2112 (3348) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
size: 1832272
MD5: FFB5BAC9C29303904365640A2E2A6D0C
PID: 1200 (3348) C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
size: 405583
MD5: A4CE7E9913893E1B59E303CF2A43D5D6
PID: 1164 (2288) C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
size: 413816
MD5: 039E4E4C0E6997A289546C38C80C66CF
PID: 2636 ( 712) C:\Program Files\iPod\bin\iPodService.exe
size: 504104
MD5: 1E9ED06A30FB0410CE94892F1BA6984B
PID: 2264 (4008) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
size: 29744
MD5: 6542DC2E93BCE4D4289FA70A4D367DC2
PID: 3888 (3276) C:\Program Files\iolo\System Mechanic Professional\AntiVirus\iAVEmailScanner.exe
size: 398720
MD5: B343429573C753D211804F292E1A4075
PID: 1824 ( 712) C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
size: 177416
MD5: 29F28AC5E508B74B5C7537491EDF17B7
PID: 3308 (3348) C:\Program Files\Internet Explorer\iexplore.exe
size: 625664
MD5: 64E376A47763DAEABCDA14BD5B6EA286
PID: 3360 (3348) C:\Program Files\Internet Explorer\iexplore.exe
size: 625664
MD5: 64E376A47763DAEABCDA14BD5B6EA286
PID: 3284 (3348) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4891984
MD5: 9C8F0F34F66BB845B42F70E92A972B5F
PID: 4 ( 0) System
--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 11/6/2003 7:10:03 PM
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.google.com
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://www.google.com/ie
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.cnn.com/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://www.google.com/ie
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://www.google.com/keyword/%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://www.google.com/ie
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
--- Winsock Layered Service Provider list ---
Protocol 0: iolo AntiVirus LSP over [MSAFD Tcpip [TCP/IP]]
GUID: {3E6A3F67-F7B5-4773-A0E4-88589FD817BC}
Filename: C:\WINDOWS\system32\iavlsp.dll
Protocol 1: iolo AntiVirus LSP over [MSAFD Tcpip [UDP/IP]]
GUID: {79A49767-B79C-4328-B2E4-0377F854A72A}
Filename: C:\WINDOWS\system32\iavlsp.dll
Protocol 2: MSAFD Tcpip [TCP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 3: MSAFD Tcpip [UDP/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 4: MSAFD Tcpip [RAW/IP]
GUID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP IP protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD Tcpip
Protocol 5: RSVP UDP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 6: RSVP TCP Service Provider
GUID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Filename: %SystemRoot%\system32\rsvpsp.dll
Description: Microsoft Windows NT/2k/XP RVSP
DB filename: %SystemRoot%\system32\rsvpsp.dll
DB protocol: RSVP * Service Provider
Protocol 7: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C48CC953-10D7-48C4-9BC0-9CD4DE78D534}] SEQPACKET 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 8: MSAFD NetBIOS [\Device\NetBT_Tcpip_{C48CC953-10D7-48C4-9BC0-9CD4DE78D534}] DATAGRAM 1
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 9: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B0127B1C-6FC0-4403-96D1-B706433CDF7B}] SEQPACKET 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 10: MSAFD NetBIOS [\Device\NetBT_Tcpip_{B0127B1C-6FC0-4403-96D1-B706433CDF7B}] DATAGRAM 0
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 11: MSAFD NetBIOS [\Device\NetBT_Tcpip_{61820C7F-1F2D-4EC6-AC52-4AA4C5CE956B}] SEQPACKET 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 12: MSAFD NetBIOS [\Device\NetBT_Tcpip_{61820C7F-1F2D-4EC6-AC52-4AA4C5CE956B}] DATAGRAM 2
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 13: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E5EC0A67-7EEA-48D6-BF30-90F5C13ABCA3}] SEQPACKET 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 14: MSAFD NetBIOS [\Device\NetBT_Tcpip_{E5EC0A67-7EEA-48D6-BF30-90F5C13ABCA3}] DATAGRAM 3
GUID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Filename: %SystemRoot%\system32\mswsock.dll
Description: Microsoft Windows NT/2k/XP NetBios protocol
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: MSAFD NetBIOS *
Protocol 15: iolo AntiVirus LSP
GUID: {4BBEB896-088E-44CB-A88F-193AD0CCABEC}
Filename: C:\WINDOWS\system32\iavlsp.dll
Namespace Provider 0: Tcpip
GUID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP TCP/IP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: TCP/IP
Namespace Provider 1: NTDS
GUID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Filename: %SystemRoot%\System32\winrnr.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\winrnr.dll
DB protocol: NTDS
Namespace Provider 2: Network Location Awareness (NLA) Namespace
GUID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Filename: %SystemRoot%\System32\mswsock.dll
Description: Microsoft Windows NT/2k/XP name space provider
DB filename: %SystemRoot%\system32\mswsock.dll
DB protocol: NLA-Namespace
PCStressed
2008-09-27, 19:15
I ran spybot again and even though I had run spybot before the HJT report, spybot found Doubleclick - 1; Media Plex 2; and web trends live 1 after the scan. I had spybot fix these three items.
Ron
Those are tracking cookies and not very harmful.
I will give you tips how to prevent them coming in the future.
This is the next step:
Download random's system information tool (RSIT) by random/random from here (http://images.malwareremoval.com/random/RSIT.exe) and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
PCStressed
2008-09-27, 20:13
Because of size limitation there will be two reports.
info.txt logfile of random's system information tool 1.02 2003-11-06 19:57:55
======Uninstall list======
-->"C:\Program Files\Creative\SBLive\Program\Ctzapxx.EXE" /X /U /S /R
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\Installshield Installation Information\{08082022-2a50-4196-8196-a6f86d6e8f12}\QBReplace.exe {08082022-2a50-4196-8196-a6f86d6e8f12}#{01288593-26bb-4b3a-a04e-0a4ed28cc937}
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\System32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
-->C:\WINDOWS\System32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->C:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
-->MsiExec.exe /I{F543B12A-13F5-487E-9314-F7D25E1BBE3E}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44DC86A0-248D-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44DC86A0-248D-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48E3A9E6-FA13-11D5-8CC9-00A0C98192B6}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48E3A9E6-FA13-11D5-8CC9-00A0C98192B6}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51F5239C-197B-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{51F5239C-197B-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7337A45-3FE5-4392-ABBB-26B794D060C9}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7337A45-3FE5-4392-ABBB-26B794D060C9}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F865C2FE-25E7-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F865C2FE-25E7-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
aČ personal 1.1-->C:\Program Files\Print Distributor 3\unins000.exe
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Ad-Aware 2007-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Photoshop Album 2.0 Starter Edition-->MsiExec.exe /I{11B569C2-4BF6-4ED0-9D17-A4273943CB24}
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
allCLEAR 4.5 Viewer-->C:\WINDOWS\uninst.exe -fC:\WINDOWS\DeIsL4.isu
allCLEAR 4.5-->C:\WINDOWS\uninst.exe -fC:\WINDOWS\DeIsL2.isu
AnswerWorks 4.0 Runtime - English-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}\setup.exe" -l0x9 -removeonly
APC PowerChute Personal Edition-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5A0C892E-FD1C-4203-941E-0956AED20A6A}\Setup.exe" -l0x9
Apple Mobile Device Support-->MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ArcSoft PhotoImpression 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{68D5CEF9-0DA8-47FE-B0EB-4CBFB5AAF662}\setup.exe" -l0x9
Authentium AntiVirus SDK - 2-->MsiExec.exe /I{C67DF120-4DD3-11D4-A3CA-005004AD2A5B}
Brother 1440-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Brother\BRHL1440\DeIsL1.isu" -cbrunin144.dll
Brother HL-5040-->"C:\Program Files\Brother\BRHL5040\IsUninst.exe" -f"C:\Program Files\Brother\BRHL5040\DeIsL1.isu" -cbruninst.dll
Brownie-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Brownie\Uninst.isu"
Camera Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D1B3874F-3057-11D6-B2EA-0050BA18806B}\Setup.exe"
Canon MP Drivers-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58F8C6D9-5B55-486A-A322-4E8D87670031}\Setup.exe" -l0x9 -Uninstall
Canon MP Toolbox 4.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4669544E-20E4-4E56-8B44-2E6E1200051F}\Setup.exe" -l0x9 -Uninstall
Casper XP-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{243FA669-BEA1-4FD7-906F-DAF000D6B33A}\Setup.exe" -l0x9 -ar
ccCommon-->MsiExec.exe /I{DC367608-64A7-4BF7-92F4-8BAA25BA02DB}
Comcast High-Speed Internet Install Wizard-->C:\Program Files\support.com\uninstall\chsi_uninstaller.exe
Dell Digital Jukebox Driver-->C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
Dell Media Experience-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" -uninstall
Dell Solution Center-->MsiExec.exe /X{11F1920A-56A2-4642-B6E0-3B31A12C9288}
DellSupport-->MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
DS21Patch-->MsiExec.exe /I{9B79DCB0-AAD7-456B-8D07-433C936FA24B}
eWallet for Pocket PC-->C:\PROGRA~1\MI3AA1~1\EWALLE~1\UNWISE.EXE C:\PROGRA~1\MI3AA1~1\EWALLE~1\Install.log
eWallet for Windows PCs-->C:\PROGRA~1\ILIUMS~1\eWallet\UNWISE.EXE C:\PROGRA~1\ILIUMS~1\eWallet\INSTALL.LOG
getPlus(R) for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar3.dll"
GPRSMonitor-->C:\Program Files\Microsoft ActiveSync\GPRSMonitor\Uninstall.exe GPRSMonitor
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Intel(R) Extreme Graphics 2 Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572
Intel(R) PRO Network Adapters and Drivers-->Prounstl.exe
Intel(R) PROSet-->MsiExec.exe /I{A790BEB1-BCCF-4EC6-807B-5708B36E8A79}
Internet Explorer Default Page-->MsiExec.exe /I{35BDEFF1-A610-4956-A00D-15453C116395}
iolo technologies' System Mechanic Professional-->"C:\Program Files\iolo\System Mechanic Professional\unins000.exe"
iTunes-->MsiExec.exe /I{80FD852F-5AAC-4129-B931-06AAFFA43138}
Jasc Paint Shop Photo Album-->MsiExec.exe /I{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}
Jasc Paint Shop Pro 8 Dell Edition-->MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
LiveReg (Symantec Corporation)-->C:\Program Files\Common Files\Symantec Shared\LiveReg\VCSetup.exe /REMOVE
LiveUpdate 3.1 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x9 UNINSTALL
Logitech iTouch Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{036AA4D4-6D32-11D4-9875-00105ACE7734}\setup.exe" -l0x9 UNINSTALL
Logitech MouseWare 9.79 -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\setup.exe" -l0x9 -l0009 UNINSTALL
Logitech Resource Center-->C:\PROGRA~1\Logitech\RESOUR~1\rem\UNWISE.EXE C:\PROGRA~1\Logitech\RESOUR~1\rem\INSTALL.LOG
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft ActiveSync 3.8-->"C:\WINDOWS\ISUNINST.EXE" -f"C:\Program Files\Microsoft ActiveSync\DeIsL1.isu" -c"C:\Program Files\Microsoft ActiveSync\ceuninst.dll"
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Data Access Components KB870669-->C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Encarta Encyclopedia Standard 2004-->MsiExec.exe /I{04410044-9149-45C6-A806-F2BF9CFCE762}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Money 2004 System Pack-->MsiExec.exe /I{8C64E145-54BA-11D6-91B1-00500462BE80}
Microsoft Money 2004-->MsiExec.exe /I{1D643CD7-4DD6-11D7-A4E0-000874180BB3}
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 SR-1 Premium-->MsiExec.exe /I{00000409-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 SR-1 Small Business-->MsiExec.exe /I{00030409-78E1-11D2-B60F-006097C998E7}
Microsoft Office Project Standard 2003-->MsiExec.exe /I{913A0409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Visio Professional 2003-->MsiExec.exe /I{90510409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
MSN Music Assistant-->rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall
MSRedist-->MsiExec.exe /I{D1725BDB-BA2B-4503-A8CB-F5C835D743FA}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MUSICMATCHź Jukebox-->C:\PROGRA~1\MUSICM~1\MUSICM~2\unmatch.exe
Norton SystemWorks 2005 (Symantec Corporation)-->C:\Program Files\Common Files\Symantec Shared\SymSetup\{71E7B3F5-CFAF-4C1E-B494-528E28707937}.exe /X
Norton SystemWorks-->MsiExec.exe /I{9E23C48E-5483-4971-BA50-089F2FABCD66}
Norton Utilities-->MsiExec.exe /I{6A7867BA-B7CA-4CC9-ACAB-85BA46865EE5}
NSW_DRM_COLLECTION-->MsiExec.exe /I{900B1884-2D6F-4a70-A3C7-C3F4DA873FDB}
OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
Print Distributor 3-->"C:\Program Files\Print Distributor 3\unins000.exe"
QuickBooks Pro 2005-->msiexec.exe /I {F543B12A-13F5-487E-9314-F7D25E1BBE3E} UNIQUE_NAME="pro" QBFULLNAME="QuickBooks Pro 2005" ADDREMOVE=1
QuickBooks Pro Edition 2004-->C:\Program Files\Installshield Installation Information\{2b02f822-a9b9-458c-80e5-3ea8c0de8471}\QBReplace.exe {2b02f822-a9b9-458c-80e5-3ea8c0de8471}#{2B02F82E-A9B9-458C-80E5-3EA8C0DE8471}
QuickTime-->MsiExec.exe /I{BFD96B89-B769-4CD6-B11E-E79FFD46F067}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Security Task Manager 1.6f-->C:\Program Files\Security Task Manager\Uninstal.exe "C:\Documents and Settings\All Users\Start Menu\Programs\Security Task Manager"
Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Shockwave-->C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\Install.log
Sonic DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic RecordNow!-->MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Sonic Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
Sound Blaster Live!-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{96E16100-A77F-4B31-B9AD-FFBA040EE1BD}\setup.exe" -l0x9
Spybot - Search & Destroy 1.4-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
SwiftView Viewer-->C:\Program Files\SwiftView\svinst.exe -Uninstall
Symantec Technical Support Web Controls-->MsiExec.exe /X{5FCDE341-328B-434B-9F21-AF5BADB57852}
The Weather Channel Desktop 6-->C:\Program Files\The Weather Channel FW\Desktop\TheWeatherChannelCustomUninstall.exe
TimeTTracker MX-->MsiExec.exe /I{A3E70456-0177-4BD7-9BD5-F419288201E9}
TurboTax Business 2005-->C:\Program Files\TurboTax\Business 2005\TaxUnst.EXE "C:\Program Files\TurboTax\Business 2005\Uninstall.log" -NoGui
TurboTax Business 2006-->C:\Program Files\TurboTax\Business 2006\TaxUnst.EXE "C:\Program Files\TurboTax\Business 2006\Uninstall.log" -NoGui
TurboTax Business 2007-->C:\Program Files\TurboTax\Business 2007\TaxUnst.EXE "C:\Program Files\TurboTax\Business 2007\Uninstall.log" -NoGui
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Verizon Online Help and Support-->C:\PROGRA~1\Verizon\UNWISE.EXE C:\PROGRA~1\Verizon\INSTALL.LOG
Verizon Servicepoint 1.5.12-->"C:\Program Files\Verizon\VSP\unins000.exe"
VistaPrint Electronic Business Card-->MsiExec.exe /X{253FCC55-E03D-40D4-A407-3470BE4101C0}
Weather Services-->C:\WINDOWS\system32\control.exe C:\PROGRA~1\THEWEA~1\FRAMEW~1\wxfw.cpl,4
WexTech AnswerWorks-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}\SETUP.EXE" -l0x9 -eliminate
Windows Backup Utility-->MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122-->"C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WordPerfect Office 11-->MsiExec.exe /I{54F90B55-BEB3-4F0D-8802-228822FA5921}
======Security center information======
AV: iolo AntiVirusź
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0209
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
-----------------EOF-----------------
PCStressed
2008-09-27, 20:24
Logfile of random's system information tool 1.02 (written by random/random)
Run by Ron at 2003-11-06 19:57:17
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 58 GB (76%) free of 76 GB
Total RAM: 510 MB (33% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:57:40 PM, on 11/6/2003
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
C:\Program Files\Print Distributor 3\pd3service.exe
C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\iolo\System Mechanic Professional\AntiVirus\ioloAV.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iolo\System Mechanic Professional\AntiVirus\iAVEmailScanner.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Documents and Settings\Ron\Desktop\RSIT.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\Ron.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Desktop Search Capture - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe
O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN
O4 - HKLM\..\Run: [iolo AntiVirus] "C:\Program Files\iolo\System Mechanic Professional\AntiVirus\ioloAV.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [aČ] "C:\Security software\a2\a2guard.exe"
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyfios.verizon.net/sdcCommon/download/FIOS/tgctlcm.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,76/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,19/mcgdmgr.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/zuma/default/popcaploader_v5.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
O23 - Service: Print Distributor 3 - Unknown owner - C:\\Program Files\\Print Distributor 3\\pd3service.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 13675 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Casper XP Daily Scheduled Copy of Disk C to Disk F.job
C:\WINDOWS\tasks\Casper XP Scheduled Mnthly Copy of Disk 1 to Disk 3.job
C:\WINDOWS\tasks\Casper XP Scheduled Wkly Copy of Disk 1 to Disk 3.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-08-14 1562448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c1ce531-09e9-4fc5-9803-1c2956615786}]
IeCaptureBho Object - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll [2008-09-10 103936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar3.dll [2007-01-19 2403392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll [2008-05-11 734704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BA52B914-B692-46c4-B683-905236F6F655}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar3.dll [2007-01-19 2403392]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2003-08-06 114741]
"PCMService"=C:\Program Files\Dell\Media Experience\PCMService.exe [2003-08-26 204800]
"UpdateManager"=C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe [2003-08-19 110592]
"zBrowser Launcher"=C:\Program Files\Logitech\iTouch\iTouch.exe [2003-12-01 892928]
"Logitech Utility"=C:\WINDOWS\Logi_MwX.Exe [2003-11-07 19968]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2005-03-07 180269]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2007-01-09 115816]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-09 29744]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2007-11-28 583048]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-02-19 267048]
"Verizon_McciTrayApp"=C:\Program Files\Verizon\McciTrayApp.exe [2007-09-28 936960]
"VerizonServicepoint.exe"=C:\Program Files\Verizon\VSP\VerizonServicepoint.exe [2007-05-11 2061816]
"iolo AntiVirus"=C:\Program Files\iolo\System Mechanic Professional\AntiVirus\ioloAV.exe [2008-08-26 1103712]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sonic RecordNow!"=C:\WINDOWS\system32\
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"aČ"=C:\Security software\a2\a2guard.exe []
"Norton SystemWorks"=C:\Program Files\Norton SystemWorks\cfgwiz.exe [2004-09-09 132248]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-06-27 68856]
"DW6"=C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe [2008-06-10 785520]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-08-18 1832272]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE [2005-01-04 405583]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
APC UPS Status.lnk - C:\Program Files\APC\APC PowerChute Personal Edition\Display.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
"NoViewOnDrive"=0
"NoStartMenuEjectPC"=1
"NoUserNameInStartMenu"=1
"NoDriveAutoRun"=FFFFFF03
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:*:Enabled:ActiveSync Application"
"C:\Program Files\Real\RealOne Player\realplay.exe"="C:\Program Files\Real\RealOne Player\realplay.exe:*:Enabled:RealOne Player"
"C:\Documents and Settings\Ron\Local Settings\Temp\~os9E.tmp\ossproxy.exe"="C:\Documents and Settings\Ron\Local Settings\Temp\~os9E.tmp\ossproxy.exe:*:Enabled:ossproxy.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\TurboTax\Business 2006\32bit\ttax.exe"="C:\Program Files\TurboTax\Business 2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax"
"C:\Program Files\TurboTax\Business 2006\32bit\updatemgr.exe"="C:\Program Files\TurboTax\Business 2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\TurboTax\Business 2007\32bit\ttax.exe"="C:\Program Files\TurboTax\Business 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax"
"C:\Program Files\TurboTax\Business 2007\32bit\updatemgr.exe"="C:\Program Files\TurboTax\Business 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe"="C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\ioloAV.exe:*:Enabled:iolo AntiVirusź"
"C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\iAVEmailScanner.exe"="C:\Program Files\iolo\System Mechanic Professional 7\AntiVirus\iAVEmailScanner.exe:*:Enabled:iolo AntiVirusź Email Protection"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{20a72ace-21ff-11d9-945f-000cf1a466e6}]
shell\AutoRun\command - G:\setupSNK.exe
======File associations======
.js - open - NOTEPAD.EXE %1
.reg - open - NOTEPAD.EXE %1
.scr - open - NOTEPAD.EXE %1
.vbs - open - NOTEPAD.EXE %1
======List of files/folders created in the last 1 months======
2008-09-25 15:54:28 ----D---- C:\Program Files\Trend Micro
2008-09-25 10:50:34 ----D---- C:\Jts
2008-09-22 13:33:55 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-22 10:20:56 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-09-22 10:05:56 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2008-09-22 10:05:52 ----D---- C:\Program Files\NOS
2008-09-22 09:31:55 ----A---- C:\WINDOWS\system32\javaws.exe
2008-09-22 09:31:55 ----A---- C:\WINDOWS\system32\javaw.exe
2008-09-22 09:31:55 ----A---- C:\WINDOWS\system32\java.exe
2008-09-22 09:30:27 ----D---- C:\Program Files\Common Files\Java
2008-09-17 23:16:48 ----D---- C:\WINDOWS\pss
2008-09-17 10:10:24 ----D---- C:\Program Files\Enigma Software Group
2008-09-14 12:49:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-09-13 15:02:17 ----D---- C:\WINDOWS\Prefetch
2008-09-13 14:19:14 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-09-13 14:18:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-09-13 14:18:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-09-13 14:18:33 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-09-13 14:18:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-09-13 14:18:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-09-13 14:17:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-09-13 14:17:39 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-09-13 14:17:26 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-09-13 14:17:12 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-09-13 14:16:55 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-13 13:55:20 ----D---- C:\WINDOWS\system32\scripting
2008-09-13 13:55:10 ----D---- C:\WINDOWS\l2schemas
2008-09-13 13:55:06 ----D---- C:\WINDOWS\system32\en
2008-09-11 23:31:46 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-09-11 23:31:42 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-09-11 23:31:39 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-09-11 23:31:39 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-09-11 23:31:23 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-09-11 23:31:23 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-09-11 23:31:00 ----N---- C:\WINDOWS\system32\setupn.exe
2008-09-11 23:30:53 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-09-11 23:30:50 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-09-11 23:30:49 ----N---- C:\WINDOWS\system32\qutil.dll
2008-09-11 23:30:47 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-09-11 23:30:47 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-09-11 23:30:47 ----N---- C:\WINDOWS\system32\qagent.dll
2008-09-11 23:30:43 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-09-11 23:30:39 ----N---- C:\WINDOWS\system32\onex.dll
2008-09-11 23:30:18 ----N---- C:\WINDOWS\system32\napstat.exe
2008-09-11 23:30:17 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-09-11 23:30:17 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-09-11 23:30:15 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-09-11 23:30:15 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-09-11 23:30:10 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-09-11 23:30:10 ----N---- C:\WINDOWS\system32\mssha.dll
2008-09-11 23:29:40 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-09-11 23:29:40 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-09-11 23:29:40 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-09-11 23:29:39 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-09-11 23:29:11 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-09-11 23:29:09 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-09-11 23:29:08 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-09-11 23:29:08 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-09-11 23:29:08 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-09-11 23:29:07 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-09-11 23:28:31 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-09-11 23:28:31 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-09-11 23:28:31 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-09-11 23:28:31 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-09-11 23:28:30 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-09-11 23:28:30 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-09-11 23:28:30 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-09-11 23:28:30 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-09-11 23:28:23 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-09-11 23:28:23 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-09-11 23:28:23 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-09-11 23:28:22 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-09-11 23:28:22 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-09-11 23:28:22 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-09-11 23:28:22 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-09-11 23:28:19 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-09-11 23:28:19 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-09-11 23:28:17 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-09-11 23:28:10 ----N---- C:\WINDOWS\system32\credssp.dll
2008-09-11 23:27:56 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-09-11 23:27:55 ----N---- C:\WINDOWS\system32\azroles.dll
2008-09-11 23:27:33 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-09-10 14:02:05 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2008-09-10 14:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-09-10 09:42:16 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
2008-08-14 14:17:53 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2008-08-14 14:17:31 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2008-08-14 14:17:07 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-14 14:16:37 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2008-08-14 14:07:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-14 14:07:17 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2008-08-14 14:02:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2008-07-16 14:36:17 ----A---- C:\WINDOWS\system32\iolo.ini
2008-07-16 14:27:54 ----A---- C:\WINDOWS\system32\iavlsp.dll
2008-07-16 14:27:20 ----D---- C:\Program Files\Common Files\Authentium
2008-07-16 14:26:46 ----A---- C:\WINDOWS\system32\Incinerator.dll
2008-07-16 14:26:21 ----A---- C:\WINDOWS\system32\smrgdf.exe
2008-07-16 14:26:21 ----A---- C:\WINDOWS\system32\iolobtdfg.exe
2008-07-16 14:26:03 ----D---- C:\Program Files\iolo
2008-07-16 12:16:46 ----A---- C:\WINDOWS\system32\mfc45.dll
2008-07-16 12:15:07 ----D---- C:\Documents and Settings\Ron\Application Data\iolo
2008-07-16 12:15:07 ----D---- C:\Documents and Settings\All Users\Application Data\iolo
2008-07-10 14:01:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2008-06-22 12:39:57 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2008-06-14 18:53:33 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$
2008-06-14 18:53:04 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2008-06-14 18:52:39 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2008-06-14 18:52:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951376_0$
2008-05-30 20:57:17 ----D---- C:\Program Files\AVG
2008-05-30 14:51:40 ----D---- C:\Program Files\Sun
2008-05-27 14:01:29 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
2008-05-13 14:01:45 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
2008-04-23 15:35:57 ----D---- C:\Program Files\Schizm.1.Saves
2008-04-10 12:56:46 ----D---- C:\Documents and Settings\Ron\Application Data\Motive
2008-04-10 12:36:21 ----D---- C:\Documents and Settings\Ron\Application Data\Verizon
2008-04-10 12:33:31 ----D---- C:\Documents and Settings\All Users\Application Data\Verizon
2008-04-10 12:33:24 ----D---- C:\WINDOWS\bin
2008-04-10 12:32:01 ----D---- C:\Documents and Settings\All Users\Application Data\Motive
2008-04-10 12:31:51 ----D---- C:\Program Files\Common Files\Motive
2008-04-10 12:13:08 ----D---- C:\Program Files\Verizon
2008-04-09 14:08:19 ----HDC---- C:\WINDOWS\$NtUninstallKB948881$
2008-04-09 14:08:04 ----HDC---- C:\WINDOWS\$NtUninstallKB941693$
2008-04-09 14:05:37 ----HDC---- C:\WINDOWS\$NtUninstallKB948590$
2008-04-09 14:01:43 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$
2008-03-29 10:35:25 ----D---- C:\Program Files\iPod
2008-03-29 10:34:34 ----D---- C:\Program Files\iTunes
2008-03-29 10:18:03 ----D---- C:\Program Files\QuickTime
2008-02-12 15:03:35 ----HDC---- C:\WINDOWS\$NtUninstallKB946026$
2008-02-12 15:01:31 ----HDC---- C:\WINDOWS\$NtUninstallKB943055$
2008-02-10 19:55:01 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-02-10 19:53:51 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-02-10 11:44:38 ----D---- C:\Program Files\AdwareAlert
2008-01-09 15:01:51 ----HDC---- C:\WINDOWS\$NtUninstallKB941644$
2008-01-09 15:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB943485$
2007-12-30 14:32:43 ----D---- C:\Program Files\Syberia
2007-12-12 15:04:49 ----HDC---- C:\WINDOWS\$NtUninstallKB942763$
2007-12-12 15:04:20 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2007-12-12 15:01:39 ----HDC---- C:\WINDOWS\$NtUninstallKB941568$
2007-12-12 15:01:20 ----HDC---- C:\WINDOWS\$NtUninstallKB944653$
2007-11-14 10:15:23 ----HDC---- C:\WINDOWS\$NtUninstallKB943460$
2007-11-10 09:51:32 ----RA---- C:\WINDOWS\system32\IMAGECFG.EXE
2007-11-07 12:27:47 ----D---- C:\Program Files\Funcom
2007-10-24 00:47:38 ----A---- C:\WINDOWS\system32\mscories.dll
2007-10-24 00:47:38 ----A---- C:\WINDOWS\system32\mscorier.dll
2007-10-24 00:47:38 ----A---- C:\WINDOWS\system32\mscoree.dll
2007-10-24 00:47:28 ----A---- C:\WINDOWS\system32\dfshim.dll
2007-10-10 14:06:13 ----HDC---- C:\WINDOWS\$NtUninstallKB933729$
2007-10-10 14:01:18 ----HDC---- C:\WINDOWS\$NtUninstallKB941202$
2007-09-29 09:55:44 ----D---- C:\Program Files\Apple Software Update
2007-09-04 13:10:16 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2007-08-29 02:49:11 ----HDC---- C:\WINDOWS\$NtUninstallKB933360$
2007-08-18 14:17:04 ----HDC---- C:\WINDOWS\$NtUninstallKB936021$
2007-08-18 14:16:50 ----HDC---- C:\WINDOWS\$NtUninstallKB938828$
2007-08-18 14:16:34 ----HDC---- C:\WINDOWS\$NtUninstallKB921503$
2007-08-18 14:16:14 ----HDC---- C:\WINDOWS\$NtUninstallKB938829$
2007-08-18 14:02:47 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2007-07-11 13:46:32 ----HDC---- C:\WINDOWS\$NtUninstallKB936357$
2007-07-09 06:25:42 ----HDC---- C:\WINDOWS\ie7
2007-07-08 17:00:01 ----DC---- C:\WINDOWS\system32\DRVSTORE
2007-07-08 16:59:15 ----D---- C:\Program Files\Common Files\Apple
2007-07-08 16:59:13 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2007-06-13 14:06:20 ----HDC---- C:\WINDOWS\$NtUninstallKB929123$
2007-06-13 14:05:54 ----HDC---- C:\WINDOWS\$NtUninstallKB935840$
2007-06-13 14:02:50 ----HDC---- C:\WINDOWS\$NtUninstallKB935839$
2007-05-23 22:05:39 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2007-05-23 22:05:38 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2007-05-23 22:05:38 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2007-05-23 14:01:26 ----HDC---- C:\WINDOWS\$NtUninstallKB927891$
2007-05-09 14:02:43 ----HDC---- C:\WINDOWS\$NtUninstallKB930916$
2007-05-08 14:03:04 ----A---- C:\WINDOWS\system32\msxml4.dll
2007-04-13 14:19:52 ----A---- C:\WINDOWS\system32\lsdelete.exe
2007-04-11 14:02:03 ----HDC---- C:\WINDOWS\$NtUninstallKB931784$
2007-04-11 14:01:43 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
2007-04-11 14:01:32 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
2007-04-11 14:01:14 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$
2007-04-10 13:38:21 ----D---- C:\Program Files\DellSupport
2007-04-10 13:37:57 ----D---- C:\Dell
2007-04-03 16:38:45 ----D---- C:\Documents and Settings\Ron\Application Data\InstallShield
2007-04-03 14:01:09 ----HDC---- C:\WINDOWS\$NtUninstallKB925902$
2007-03-27 09:45:22 ----A---- C:\WINDOWS\system32\sysres.dll
2007-03-27 09:45:22 ----A---- C:\WINDOWS\system32\pcpbios.exe
2007-03-21 14:01:13 ----HDC---- C:\WINDOWS\$NtUninstallKB929338$
2007-03-21 11:51:58 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2007-02-14 15:04:48 ----HDC---- C:\WINDOWS\$NtUninstallKB927779$
2007-02-14 15:04:38 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$
2007-02-14 15:04:16 ----HDC---- C:\WINDOWS\$NtUninstallKB928255$
2007-02-14 15:04:02 ----HDC---- C:\WINDOWS\$NtUninstallKB923723$
2007-02-14 15:03:43 ----HDC---- C:\WINDOWS\$NtUninstallKB924667$
2007-02-14 15:03:32 ----HDC---- C:\WINDOWS\$NtUninstallKB931836$
2007-02-14 15:03:21 ----HDC---- C:\WINDOWS\$NtUninstallKB926436$
2007-02-14 15:02:17 ----HDC---- C:\WINDOWS\$NtUninstallKB918118$
2007-02-14 15:01:00 ----HDC---- C:\WINDOWS\$NtUninstallKB928843$
2007-01-29 11:40:39 ----D---- C:\Program Files\support.com
2007-01-29 11:40:32 ----D---- C:\Documents and Settings\All Users\Application Data\Support.com
2007-01-29 03:58:06 ----N---- C:\WINDOWS\system32\tzchange.exe
2007-01-18 10:08:48 ----D---- C:\Program Files\The Weather Channel FW
2007-01-16 09:20:26 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
2007-01-16 09:18:55 ----N---- C:\WINDOWS\system32\spmsg.dll
2007-01-16 09:18:53 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2007-01-16 09:17:59 ----D---- C:\Program Files\Windows Media Connect 2
2007-01-16 09:17:47 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2007-01-16 09:13:13 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2007-01-16 09:10:33 ----D---- C:\WINDOWS\system32\LogFiles
2007-01-16 09:10:26 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2007-01-16 09:00:13 ----D---- C:\Documents and Settings\Ron\Application Data\Apple Computer
2007-01-09 15:00:30 ----D---- C:\WINDOWS\ie7updates
2006-12-14 15:04:04 ----HDC---- C:\WINDOWS\$NtUninstallKB925398_WMP64$
2006-12-14 15:03:05 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2006-12-14 15:01:50 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$
2006-12-14 15:01:29 ----HDC---- C:\WINDOWS\$NtUninstallKB923694$
2006-12-04 10:19:14 ----D---- C:\WINDOWS\WBEM
2006-12-04 10:19:13 ----D---- C:\WINDOWS\system32\en-US
2006-12-04 10:16:46 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2006-12-04 10:16:06 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2006-12-04 10:15:16 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2006-12-04 10:15:05 ----N---- C:\WINDOWS\system32\xmllite.dll
2006-12-04 10:14:32 ----HDC---- C:\WINDOWS\$NtUninstallKB920213$
2006-12-04 10:14:22 ----D---- C:\WINDOWS\network diagnostic
2006-12-04 10:14:20 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2006-11-16 15:03:29 ----HDC---- C:\WINDOWS\$NtUninstallKB923980$
2006-11-16 15:03:10 ----HDC---- C:\WINDOWS\$NtUninstallKB924270$
2006-11-16 15:02:10 ----D---- C:\Program Files\MSXML 4.0
2006-11-16 15:01:53 ----HDC---- C:\WINDOWS\$NtUninstallKB920213_0$
2006-11-16 15:01:09 ----HDC---- C:\WINDOWS\$NtUninstallKB922760$
2006-11-10 21:14:58 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2006-11-10 21:12:28 ----D---- C:\Documents and Settings\Ron\Application Data\AdobeAUM
2006-11-07 20:03:36 ----N---- C:\WINDOWS\system32\ieui.dll
2006-11-07 20:03:36 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2006-11-07 20:03:36 ----A---- C:\WINDOWS\system32\msfeeds.dll
2006-11-07 20:03:36 ----A---- C:\WINDOWS\system32\ieframe.dll
2006-11-07 03:26:32 ----A---- C:\WINDOWS\system32\ieudinit.exe
2006-11-07 02:25:58 ----N---- C:\WINDOWS\system32\advpack.dll.mui
2006-10-21 12:27:57 ----HDC---- C:\WINDOWS\$NtUninstallKB924191$
2006-10-21 12:27:49 ----HDC---- C:\WINDOWS\$NtUninstallKB922819$
2006-10-21 12:27:39 ----HDC---- C:\WINDOWS\$NtUninstallKB923414$
2006-10-21 12:27:29 ----HDC---- C:\WINDOWS\$NtUninstallKB924496$
2006-10-21 12:27:14 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
2006-10-21 12:25:02 ----D---- C:\Documents and Settings\Ron\Application Data\Google
2006-10-20 22:09:36 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2006-10-18 21:47:22 ----N---- C:\WINDOWS\system32\WPDShServiceObj.dll
2006-10-18 21:47:22 ----N---- C:\WINDOWS\system32\wpdshextres.dll
2006-10-18 21:47:22 ----N---- C:\WINDOWS\system32\WpdShext.dll
2006-10-18 21:47:22 ----N---- C:\WINDOWS\system32\WMVXENCD.dll
2006-10-18 21:47:22 ----N---- C:\WINDOWS\system32\WMVSENCD.dll
2006-10-18 21:47:22 ----N---- C:\WINDOWS\system32\WMVSDECD.dll
2006-10-18 21:47:22 ----N---- C:\WINDOWS\system32\WMVENCOD.dll
2006-10-18 21:47:22 ----N---- C:\WINDOWS\system32\WMVDECOD.dll
2006-10-18 21:47:20 ----N---- C:\WINDOWS\system32\wmpps.dll
2006-10-18 21:47:20 ----N---- C:\WINDOWS\system32\wmpmde.dll
2006-10-18 21:47:20 ----N---- C:\WINDOWS\system32\wmpeffects.dll
2006-10-18 21:47:20 ----N---- C:\WINDOWS\system32\wmdrmsdk.dll
2006-10-18 21:47:18 ----N---- C:\WINDOWS\system32\PortableDeviceWMDRM.dll
2006-10-18 21:47:18 ----N---- C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
2006-10-18 21:47:18 ----N---- C:\WINDOWS\system32\PortableDeviceTypes.dll
2006-10-18 21:47:18 ----N---- C:\WINDOWS\system32\PortableDeviceClassExtension.dll
2006-10-18 21:47:18 ----N---- C:\WINDOWS\system32\PortableDeviceApi.dll
2006-10-18 21:47:14 ----N---- C:\WINDOWS\system32\MPG4DECD.dll
2006-10-18 21:47:14 ----N---- C:\WINDOWS\system32\MP4SDECD.dll
2006-10-18 21:47:14 ----N---- C:\WINDOWS\system32\MP43DECD.dll
2006-10-18 21:47:14 ----N---- C:\WINDOWS\system32\MFPLAT.dll
2006-10-18 20:00:46 ----N---- C:\WINDOWS\system32\drmupgds.exe
2006-10-18 20:00:14 ----N---- C:\WINDOWS\system32\wpdshextautoplay.exe
2006-10-17 11:05:58 ----N---- C:\WINDOWS\system32\WinFXDocObj.exe
2006-10-17 11:02:20 ----A---- C:\WINDOWS\system32\ieframe.dll.mui
2006-10-17 10:58:32 ----N---- C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 10:58:20 ----A---- C:\WINDOWS\system32\icardie.dll
2006-10-17 10:57:20 ----A---- C:\WINDOWS\system32\iertutil.dll
2006-10-17 10:27:56 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2006-10-04 14:01:01 ----HDC---- C:\WINDOWS\$NtUninstallKB925486$
2006-10-03 18:47:52 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2006-10-02 15:28:42 ----N---- C:\WINDOWS\system32\msdelta.dll
2006-09-28 20:13:26 ----N---- C:\WINDOWS\system32\WUDFCoinstaller.dll
2006-09-28 18:56:38 ----N---- C:\WINDOWS\system32\WUDFx.dll
2006-09-28 18:56:38 ----N---- C:\WINDOWS\system32\WudfHost.exe
2006-09-28 18:56:16 ----N---- C:\WINDOWS\system32\WudfPlatform.dll
2006-09-28 18:56:14 ----N---- C:\WINDOWS\system32\WudfSvc.dll
2006-09-18 07:53:02 ----HDC---- C:\WINDOWS\$NtUninstallKB920872$
2006-09-14 14:01:44 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
2006-09-14 14:01:34 ----HDC---- C:\WINDOWS\$NtUninstallKB919007$
2006-09-14 14:01:16 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$
2006-08-11 14:02:52 ----HDC---- C:\WINDOWS\$NtUninstallKB920214$
2006-08-11 14:02:43 ----HDC---- C:\WINDOWS\$NtUninstallKB922616$
2006-08-11 14:02:31 ----HDC---- C:\WINDOWS\$NtUninstallKB921398$
2006-08-11 14:01:41 ----HDC---- C:\WINDOWS\$NtUninstallKB918899$
2006-08-11 14:01:30 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
2006-08-11 14:01:22 ----HDC---- C:\WINDOWS\$NtUninstallKB917422$
2006-08-11 14:01:11 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
2006-08-10 14:00:53 ----HDC---- C:\WINDOWS\$NtUninstallKB921883$
2006-07-26 15:16:22 ----D---- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2006-07-26 15:16:16 ----D---- C:\Program Files\Security Task Manager
2006-07-12 14:01:33 ----HDC---- C:\WINDOWS\$NtUninstallKB917159$
2006-07-12 14:01:26 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
2006-07-12 14:01:12 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$
2006-07-03 14:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
2006-06-29 08:05:44 ----N---- C:\WINDOWS\system32\normaliz.dll
2006-06-29 08:05:44 ----N---- C:\WINDOWS\system32\idndl.dll
2006-06-28 17:59:26 ----N---- C:\WINDOWS\system32\nlsdl.dll
2006-06-17 14:02:59 ----HDC---- C:\WINDOWS\$NtUninstallKB917734_WMP10$
2006-06-17 14:01:40 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$
2006-06-17 14:01:32 ----HDC---- C:\WINDOWS\$NtUninstallKB917344$
2006-06-17 14:01:22 ----HDC---- C:\WINDOWS\$NtUninstallKB917953$
2006-06-17 14:00:53 ----HDC---- C:\WINDOWS\$NtUninstallKB916281$
2006-06-17 14:00:36 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
2006-06-09 16:10:38 ----HDC---- C:\WINDOWS\$NtUninstallKB891122$
2006-05-23 16:25:52 ----N---- C:\WINDOWS\system32\WgaTray.exe
2006-05-23 16:25:52 ----A---- C:\WINDOWS\system32\WgaLogon.dll
2006-05-11 17:05:50 ----D---- C:\Program Files\HighJack
2006-05-10 14:00:52 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
2006-04-26 14:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB900485$
2006-04-22 16:32:12 ----D---- C:\Program Files\MsnMusic
2006-04-18 14:07:52 ----A---- C:\WINDOWS\system32\igfxres.dll
2006-04-15 05:08:12 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2006-04-12 14:02:28 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
2006-04-12 14:02:17 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
2006-04-12 14:01:12 ----HDC---- C:\WINDOWS\$NtUninstallKB912812$
2006-04-12 14:00:51 ----HDC---- C:\WINDOWS\$NtUninstallKB911567$
2006-04-11 15:09:09 ----RA---- C:\WINDOWS\patchw32.dll
2006-04-11 15:08:36 ----RA---- C:\WINDOWS\pw32a.dll
2006-03-21 14:46:46 ----D---- C:\Program Files\Picasa2
2006-03-16 19:38:01 ----N---- C:\WINDOWS\system32\verclsid.exe
2006-03-15 00:58:05 ----D---- C:\Program Files\TurboTax
2006-03-09 17:37:20 ----D---- C:\Program Files\Intuit
2006-02-21 15:01:47 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2006-02-21 15:01:25 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
2006-02-21 15:00:55 ----HDC---- C:\WINDOWS\$NtUninstallKB911565$
2006-02-16 08:05:00 ----HDC---- C:\WINDOWS\$NtUninstallKB913446$
2006-01-12 08:51:57 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
2006-01-11 16:46:47 ----D---- C:\Program Files\Future Systems Solutions
2006-01-06 22:20:50 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2006-01-06 15:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB912919$
2005-12-15 22:20:19 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
2005-12-15 22:19:52 ----HDC---- C:\WINDOWS\$NtUninstallKB905915$
2005-11-09 15:00:40 ----HDC---- C:\WINDOWS\$NtUninstallKB896424$
2005-10-25 22:25:32 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
2005-10-25 22:25:07 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
2005-10-25 22:24:43 ----HDC---- C:\WINDOWS\$NtUninstallKB896688$
2005-10-25 22:24:34 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
2005-10-25 22:24:13 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
2005-10-25 22:23:58 ----HDC---- C:\WINDOWS\$NtUninstallKB904706$
2005-10-25 22:23:43 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2005-09-20 08:52:34 ----A---- C:\WINDOWS\system32\iAlmCoIn_v4396.dll
2005-09-20 08:44:50 ----A---- C:\WINDOWS\system32\igldev32.dll
2005-09-20 08:43:00 ----A---- C:\WINDOWS\system32\iglicd32.dll
2005-09-20 08:37:06 ----A---- C:\WINDOWS\system32\ialmuTRK.dll
2005-09-20 08:37:06 ----A---- C:\WINDOWS\system32\ialmuTHA.dll
2005-09-20 08:37:06 ----A---- C:\WINDOWS\system32\ialmuSVE.dll
2005-09-20 08:37:06 ----A---- C:\WINDOWS\system32\ialmuRUS.dll
2005-09-20 08:37:06 ----A---- C:\WINDOWS\system32\ialmuPTG.dll
2005-09-20 08:37:06 ----A---- C:\WINDOWS\system32\ialmuPTB.dll
2005-09-20 08:37:06 ----A---- C:\WINDOWS\system32\ialmuHUN.dll
2005-09-20 08:37:06 ----A---- C:\WINDOWS\system32\ialmuELL.dll
2005-09-20 08:37:06 ----A---- C:\WINDOWS\system32\ialmuCSY.dll
2005-09-20 08:37:04 ----A---- C:\WINDOWS\system32\ialmuPLK.dll
2005-09-20 08:37:04 ----A---- C:\WINDOWS\system32\ialmuNOR.dll
2005-09-20 08:37:04 ----A---- C:\WINDOWS\system32\ialmuNLD.dll
2005-09-20 08:37:04 ----A---- C:\WINDOWS\system32\ialmuKOR.dll
2005-09-20 08:37:04 ----A---- C:\WINDOWS\system32\ialmuJPN.dll
2005-09-20 08:37:04 ----A---- C:\WINDOWS\system32\ialmuITA.dll
2005-09-20 08:37:04 ----A---- C:\WINDOWS\system32\ialmuHEB.dll
2005-09-20 08:37:04 ----A---- C:\WINDOWS\system32\ialmuFRC.dll
2005-09-20 08:37:04 ----A---- C:\WINDOWS\system32\ialmuFRA.dll
2005-09-20 08:37:02 ----A---- C:\WINDOWS\system32\ialmuFIN.dll
2005-09-20 08:37:02 ----A---- C:\WINDOWS\system32\ialmuESP.dll
2005-09-20 08:37:02 ----A---- C:\WINDOWS\system32\ialmuENG.dll
2005-09-20 08:37:02 ----A---- C:\WINDOWS\system32\ialmuDEU.dll
2005-09-20 08:37:02 ----A---- C:\WINDOWS\system32\ialmuDAN.dll
2005-09-20 08:37:02 ----A---- C:\WINDOWS\system32\ialmuCHT.dll
2005-09-20 08:37:02 ----A---- C:\WINDOWS\system32\ialmuCHS.dll
2005-09-20 08:37:02 ----A---- C:\WINDOWS\system32\ialmuARB.dll
2005-09-20 08:37:00 ----A---- C:\WINDOWS\system32\ialmudlg.exe
2005-09-20 08:37:00 ----A---- C:\WINDOWS\system32\ialmuARA.dll
2005-09-20 08:36:20 ----A---- C:\WINDOWS\system32\igfxpers.exe
2005-09-20 08:32:16 ----A---- C:\WINDOWS\system32\igfxsrvc.exe
2005-09-19 07:51:21 ----D---- C:\Documents and Settings\Ron\Application Data\IsolatedStorage
2005-08-14 17:09:09 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$
2005-08-14 17:09:02 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
2005-08-14 17:08:56 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$
2005-08-14 17:08:48 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
2005-08-14 17:08:34 ----HDC---- C:\WINDOWS\$NtUninstallKB896727$
2005-08-14 17:08:07 ----HDC---- C:\WINDOWS\$NtUninstallKB899588$
2005-08-14 17:07:54 ----HDC---- C:\WINDOWS\$NtUninstallKB894391$
2005-07-13 14:00:39 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$
2005-07-13 14:00:31 ----HDC---- C:\WINDOWS\$NtUninstallKB903235$
2005-07-12 18:04:22 ----A---- C:\WINDOWS\system32\LegitCheckControl.DLL
2005-07-12 18:04:22 ----A---- C:\WINDOWS\system32\GWFSPidGen.dll
2005-07-11 13:06:32 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2005-06-29 14:00:35 ----D---- C:\WINDOWS\system32\PreInstall
2005-06-29 14:00:32 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2005-06-16 14:01:43 ----HDC---- C:\WINDOWS\$NtUninstallKB896422$
2005-06-16 14:01:31 ----HDC---- C:\WINDOWS\$NtUninstallKB883939$
2005-06-16 14:01:21 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
2005-06-16 14:00:55 ----HDC---- C:\WINDOWS\$NtUninstallKB898458$
2005-06-16 14:00:46 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
2005-06-16 14:00:30 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2005-06-10 07:29:49 ----HD---- C:\Documents and Settings\Ron\Application Data\GTek
2005-06-10 07:29:43 ----AHD---- C:\Documents and Settings\All Users\Application Data\GTek
2005-06-02 15:15:56 ----HD---- C:\WINDOWS\PIF
2005-05-26 03:16:30 ----A---- C:\WINDOWS\system32\wups2.dll
2005-05-19 14:00:49 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2005-05-16 19:25:35 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2005-05-12 14:00:21 ----A---- C:\WINDOWS\system32\MRT.exe
2005-04-15 14:01:55 ----HDC---- C:\WINDOWS\$NtUninstallKB893066$
2005-04-15 14:01:30 ----HDC---- C:\WINDOWS\$NtUninstallKB890923$
2005-04-15 14:01:18 ----HDC---- C:\WINDOWS\$NtUninstallKB893086$
2005-04-15 14:01:08 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
2005-04-15 14:00:46 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803$
2005-04-13 19:07:33 ----A---- C:\WINDOWS\PerWin.ini
2005-04-09 13:38:36 ----D---- C:\Program Files\Norton SystemWorks
2005-04-09 13:38:33 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2005-04-09 13:37:57 ----D---- C:\Documents and Settings\Ron\Application Data\Symantec
2005-04-09 13:37:48 ----A---- C:\WINDOWS\system32\capicom.dll
2005-04-09 13:37:47 ----D---- C:\Program Files\Symantec
2005-04-09 13:37:42 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2005-04-09 13:37:38 ----D---- C:\Program Files\Common Files\Symantec Shared
2005-03-23 23:16:29 ----D---- C:\temp
2005-03-23 23:01:28 ----A---- C:\WINDOWS\system32\wxmsw253u_stc_vc_fcs.dll
2005-03-23 23:01:28 ----A---- C:\WINDOWS\system32\wxmsw253u_core_vc_fcs.dll
2005-03-23 23:01:28 ----A---- C:\WINDOWS\system32\wxmsw253u_adv_vc_fcs.dll
2005-03-23 23:01:28 ----A---- C:\WINDOWS\system32\wxbase253u_vc_fcs.dll
2005-03-23 23:01:27 ----D---- C:\Program Files\Print Distributor 3
2005-03-23 23:01:27 ----A---- C:\WINDOWS\system32\pdpm3.dll
2005-03-22 08:09:28 ----D---- C:\Documents and Settings\Ron\Application Data\ArcSoft
2005-03-22 08:09:24 ----A---- C:\WINDOWS\marscam.ini
2005-03-22 08:06:27 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2005-03-22 08:03:53 ----A---- C:\WINDOWS\PCDLIB32.DLL
2005-03-22 08:02:44 ----D---- C:\Program Files\ArcSoft
2005-03-22 07:59:06 ----D---- C:\Program Files\MARS
2005-03-22 07:59:06 ----A---- C:\WINDOWS\system32\VIC32.DLL
2005-03-22 07:59:06 ----A---- C:\WINDOWS\system32\ijl15.dll
2005-03-22 07:59:06 ----A---- C:\WINDOWS\mr310twc.ini
2005-03-22 07:59:05 ----RA---- C:\WINDOWS\system32\mr310exv.dll
2005-03-22 07:59:05 ----RA---- C:\WINDOWS\system32\mr310exd.dll
2005-03-22 07:59:05 ----A---- C:\WINDOWS\system32\mr310ipc.dll
2005-03-22 07:59:05 ----A---- C:\WINDOWS\system32\mr310ifc.dll
2005-03-07 18:07:42 ----A---- C:\WINDOWS\system32\sporder.dll
2005-03-07 18:07:41 ----D---- C:\Program Files\Free Offers from Freeze.com
2005-03-07 15:17:40 ----D---- C:\Program Files\Common Files\xing shared
2005-02-23 15:00:27 ----HDC---- C:\WINDOWS\$NtUninstallKB887742$
2005-02-13 15:02:24 ----HDC---- C:\WINDOWS\$NtUninstallKB885250$
2005-02-13 15:02:12 ----HDC---- C:\WINDOWS\$NtUninstallKB888113$
2005-02-13 15:01:59 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$
2005-02-13 15:01:47 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$
2005-02-13 15:01:23 ----HDC---- C:\WINDOWS\$NtUninstallKB867282$
2005-02-13 15:01:07 ----HDC---- C:\WINDOWS\$NtUninstallKB873333$
2005-02-13 15:00:47 ----HDC---- C:\WINDOWS\$NtUninstallKB890047$
2005-02-13 15:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2005-02-08 07:56:53 ----A---- C:\WINDOWS\iTouch.ini
2005-02-08 07:54:37 ----R---- C:\WINDOWS\bwUnin-6.1.4.61-8876480L.exe
2005-02-08 07:51:27 ----A---- C:\WINDOWS\system32\LMOUSE32.DLL
2005-02-08 07:51:27 ----A---- C:\WINDOWS\system32\LMOUSE16.DLL
2005-02-08 07:51:27 ----A---- C:\WINDOWS\system32\LGUICOM.DLL
2005-02-08 07:51:27 ----A---- C:\WINDOWS\system32\ifc21.dll
2005-02-08 07:51:27 ----A---- C:\WINDOWS\system32\FEELIT.DLL
2005-02-08 07:51:27 ----A---- C:\WINDOWS\system32\COMNCTR.DLL
2005-02-08 07:51:24 ----N---- C:\WINDOWS\LOGI_MWX.EXE
2005-02-08 07:51:23 ----N---- C:\WINDOWS\system32\lmoufrc.dll
2005-02-08 07:51:23 ----A---- C:\WINDOWS\system32\LCoInst.Dll
2005-02-08 07:50:28 ----A---- C:\itouch_crash_info.txt
2005-02-08 07:50:27 ----D---- C:\Program Files\Common Files\Logitech
2005-02-08 07:50:26 ----D---- C:\Program Files\Logitech
2005-02-07 13:01:14 ----D---- C:\Documents and Settings\Ron\Application Data\McAfee.com
2005-02-07 09:53:10 ----D---- C:\Documents and Settings\Ron\Application Data\Intuit
2005-02-07 09:48:12 ----A---- C:\WINDOWS\system32\tsccvid.dll
2005-02-07 09:48:10 ----D---- C:\Documents and Settings\All Users\Application Data\Intuit
2005-01-23 19:53:05 ----D---- C:\Documents and Settings\Ron\Application Data\Canon
2005-01-23 14:58:29 ----RA---- C:\WINDOWS\system32\CNCUPM2K.dll
2005-01-23 14:58:27 ----RA---- C:\WINDOWS\system32\cocpyinf.dll
2005-01-23 14:58:27 ----RA---- C:\WINDOWS\system32\cncifco.dll
2005-01-23 14:58:27 ----RA---- C:\WINDOWS\system32\CNCFSV50.DLL
2005-01-23 14:58:27 ----RA---- C:\WINDOWS\system32\CNCFIM50.DLL
2005-01-23 14:58:27 ----RA---- C:\WINDOWS\system32\CNCAWS50.dll
2005-01-23 14:58:27 ----RA---- C:\WINDOWS\system32\CNCASv50.ini
2005-01-23 14:58:27 ----RA---- C:\WINDOWS\system32\CNCAPf50.exe
2005-01-23 14:58:27 ----RA---- C:\WINDOWS\system32\CNCAMg50.dll
2005-01-23 14:58:27 ----RA---- C:\WINDOWS\system32\CNCAAi50.dll
2005-01-23 14:58:27 ----RA---- C:\WINDOWS\system32\CNCAAb50.exe
2005-01-23 14:58:26 ----RA---- C:\WINDOWS\system32\CNCUPM2K.tmp
2005-01-23 14:58:26 ----RA---- C:\WINDOWS\system32\CNCFUT50.DLL
2005-01-23 14:58:26 ----RA---- C:\WINDOWS\system32\CNCFTR50.DLL
2005-01-23 14:58:26 ----RA---- C:\WINDOWS\system32\CNCFIF50.DLL
2005-01-23 14:58:26 ----RA---- C:\WINDOWS\system32\CNCFDs50.exe
2005-01-23 14:58:26 ----RA---- C:\WINDOWS\system32\CNCFDO50.DLL
2005-01-23 14:58:26 ----RA---- C:\WINDOWS\system32\CNCFDl50.dll
2005-01-23 14:58:26 ----RA---- C:\WINDOWS\system32\CNCFCM50.DLL
2005-01-23 14:58:15 ----RA---- C:\WINDOWS\system32\CNCSUT50.DLL
2005-01-23 14:58:15 ----RA---- C:\WINDOWS\system32\CNCSTR50.DLL
2005-01-23 14:58:15 ----RA---- C:\WINDOWS\system32\CNCSIF50.DLL
2005-01-23 14:58:15 ----RA---- C:\WINDOWS\system32\CNCSDO50.DLL
2005-01-23 14:58:15 ----RA---- C:\WINDOWS\system32\CNCSCM50.DLL
2005-01-23 14:58:15 ----RA---- C:\WINDOWS\system32\CNCMP50.INI
2005-01-23 14:58:15 ----RA---- C:\WINDOWS\system32\cncisco.dll
2005-01-23 14:58:13 ----RA---- C:\WINDOWS\system32\UCS32P.DLL
2005-01-23 14:58:12 ----RA---- C:\WINDOWS\system32\CNCL730.DLL
2005-01-23 14:58:12 ----RA---- C:\WINDOWS\system32\CNCI730.DLL
2005-01-23 14:58:11 ----RA---- C:\WINDOWS\system32\CNCC730.DLL
2005-01-23 14:54:26 ----D---- C:\Program Files\Canon
2005-01-23 09:55:54 ----A---- C:\WINDOWS\system32\iAlmCoIn_v4020.dll
2005-01-23 09:36:44 ----A---- C:\WINDOWS\system32\igfxzoom.exe
2005-01-12 15:00:21 ----HDC---- C:\WINDOWS\$NtUninstallKB890175$
2004-12-15 17:18:02 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$
2004-12-15 17:17:54 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$
2004-12-15 17:17:44 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$
2004-12-15 17:17:25 ----HDC---- C:\WINDOWS\$NtUninstallKB885835$
2004-10-14 14:00:28 ----HDC---- C:\WINDOWS\$NtUninstallKB834707$
PCStressed
2008-09-27, 20:25
2004-10-14 14:00:27 ----HD---- C:\WINDOWS\$hf_mig$
2004-10-06 17:29:09 ----D---- C:\Program Files\APC
2004-10-06 10:16:51 ----A---- C:\WINDOWS\opt_1440.ini
2004-10-06 10:16:51 ----A---- C:\WINDOWS\Brohl144.ini
2004-10-06 10:13:43 ----A---- C:\WINDOWS\system32\BRSPL01A.EXE
2004-10-06 10:13:43 ----A---- C:\WINDOWS\system32\BRSPL01A.DLL
2004-10-06 10:13:42 ----A---- C:\WINDOWS\HL-1440.INI
2004-10-06 10:13:42 ----A---- C:\WINDOWS\brunin147.dll
2004-10-06 10:13:42 ----A---- C:\WINDOWS\brunin144.dll
2004-10-06 10:13:31 ----A---- C:\WINDOWS\system32\BRINSS147.DLL
2004-09-22 17:46:38 ----A---- C:\WINDOWS\system32\wpdtrace.dll
2004-09-22 17:46:38 ----A---- C:\WINDOWS\system32\wpd_ci.dll
2004-09-22 17:46:36 ----A---- C:\WINDOWS\system32\wpdsp.dll
2004-09-22 17:46:36 ----A---- C:\WINDOWS\system32\wpdmtpus.dll
2004-09-22 17:46:36 ----A---- C:\WINDOWS\system32\wpdmtpdr.dll
2004-09-22 17:46:36 ----A---- C:\WINDOWS\system32\wpdmtp.dll
2004-09-22 17:46:36 ----A---- C:\WINDOWS\system32\wpdconns.dll
2004-09-22 17:46:32 ----A---- C:\WINDOWS\system32\WMVADVE.DLL
2004-09-22 17:46:32 ----A---- C:\WINDOWS\system32\WMVADVD.dll
2004-09-22 17:46:24 ----A---- C:\WINDOWS\system32\wmpsrcwp.dll
2004-09-22 17:46:20 ----A---- C:\WINDOWS\system32\wmpencen.dll
2004-09-22 17:46:14 ----A---- C:\WINDOWS\system32\wmdrmnet.dll
2004-09-22 17:46:12 ----A---- C:\WINDOWS\system32\wmdrmdev.dll
2004-09-22 17:46:10 ----A---- C:\WINDOWS\system32\wdfmgr.exe
2004-09-22 17:46:10 ----A---- C:\WINDOWS\system32\wdfapi.dll
2004-09-22 17:46:10 ----A---- C:\WINDOWS\system32\uwdf.exe
2004-09-22 17:45:36 ----A---- C:\WINDOWS\system32\audiodev.dll
2004-09-18 10:24:31 ----D---- C:\Documents and Settings\All Users\Application Data\PopCap
2004-09-16 19:09:41 ----D---- C:\Documents and Settings\Ron\Application Data\Lavasoft
2004-09-13 22:12:48 ----A---- C:\WINDOWS\sview.ini
2004-09-13 16:48:36 ----D---- C:\Program Files\SwiftView
2004-09-11 12:26:59 ----N---- C:\WINDOWS\system32\proxycfg.exe
2004-09-11 12:26:59 ----N---- C:\WINDOWS\system32\logman.exe
2004-09-11 12:26:31 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2004-09-11 12:26:31 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2004-09-11 12:26:31 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2004-09-11 12:26:31 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2004-09-11 12:26:30 ----N---- C:\WINDOWS\system32\blastcln.exe
2004-09-11 12:26:30 ----N---- C:\WINDOWS\system32\auditusr.exe
2004-09-11 12:26:30 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2004-09-11 12:26:30 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2004-09-11 12:26:30 ----N---- C:\WINDOWS\system32\ati3duag.dll
2004-09-11 12:26:29 ----N---- C:\WINDOWS\system32\cmsetacl.dll
2004-09-11 12:26:29 ----N---- C:\WINDOWS\system32\btpanui.dll
2004-09-11 12:26:29 ----N---- C:\WINDOWS\system32\bthserv.dll
2004-09-11 12:26:29 ----N---- C:\WINDOWS\system32\bthci.dll
2004-09-11 12:26:27 ----N---- C:\WINDOWS\system32\fwcfg.dll
2004-09-11 12:26:27 ----N---- C:\WINDOWS\system32\fsquirt.exe
2004-09-11 12:26:27 ----A---- C:\WINDOWS\system32\fltmc.exe
2004-09-11 12:26:27 ----A---- C:\WINDOWS\system32\fltlib.dll
2004-09-11 12:26:27 ----A---- C:\WINDOWS\system32\extmgr.dll
2004-09-11 12:26:26 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2004-09-11 12:26:26 ----A---- C:\WINDOWS\system32\httpapi.dll
2004-09-11 12:26:25 ----A---- C:\WINDOWS\system32\ieencode.dll
2004-09-11 12:26:22 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll
2004-09-11 12:26:22 ----N---- C:\WINDOWS\system32\kbdno1.dll
2004-09-11 12:26:22 ----N---- C:\WINDOWS\system32\kbdmlt48.dll
2004-09-11 12:26:22 ----N---- C:\WINDOWS\system32\kbdmlt47.dll
2004-09-11 12:26:22 ----N---- C:\WINDOWS\system32\kbdmaori.dll
2004-09-11 12:26:22 ----N---- C:\WINDOWS\system32\kbdinmal.dll
2004-09-11 12:26:22 ----N---- C:\WINDOWS\system32\kbdinben.dll
2004-09-11 12:26:22 ----N---- C:\WINDOWS\system32\kbdinbe1.dll
2004-09-11 12:26:22 ----N---- C:\WINDOWS\system32\kbdfi1.dll
2004-09-11 12:26:21 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2004-09-11 12:26:21 ----N---- C:\WINDOWS\system32\kbdukx.dll
2004-09-11 12:26:21 ----N---- C:\WINDOWS\system32\kbdsmsno.dll
2004-09-11 12:26:20 ----N---- C:\WINDOWS\system32\msdadiag.dll
2004-09-11 12:26:19 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2004-09-11 12:26:18 ----N---- C:\WINDOWS\system32\powercfg.exe
2004-09-11 12:26:18 ----N---- C:\WINDOWS\system32\pnrpnsp.dll
2004-09-11 12:26:18 ----N---- C:\WINDOWS\system32\p2psvc.dll
2004-09-11 12:26:18 ----N---- C:\WINDOWS\system32\p2pnetsh.dll
2004-09-11 12:26:18 ----N---- C:\WINDOWS\system32\p2pgraph.dll
2004-09-11 12:26:18 ----N---- C:\WINDOWS\system32\p2pgasvc.dll
2004-09-11 12:26:18 ----N---- C:\WINDOWS\system32\p2p.dll
2004-09-11 12:26:17 ----N---- C:\WINDOWS\system32\s3gnb.dll
2004-09-11 12:26:16 ----N---- C:\WINDOWS\system32\smbinst.exe
2004-09-11 12:26:16 ----N---- C:\WINDOWS\system32\slserv.exe
2004-09-11 12:26:16 ----N---- C:\WINDOWS\system32\slrundll.exe
2004-09-11 12:26:16 ----N---- C:\WINDOWS\system32\slgen.dll
2004-09-11 12:26:16 ----N---- C:\WINDOWS\system32\slextspk.dll
2004-09-11 12:26:16 ----N---- C:\WINDOWS\system32\slcoinst.dll
2004-09-11 12:26:16 ----N---- C:\WINDOWS\system32\sdhcinst.dll
2004-09-11 12:26:16 ----A---- C:\WINDOWS\system32\strmfilt.dll
2004-09-11 12:26:15 ----N---- C:\WINDOWS\system32\twext.dll
2004-09-11 12:26:15 ----A---- C:\WINDOWS\system32\w3ssl.dll
2004-09-11 12:26:14 ----N---- C:\WINDOWS\system32\winshfhc.dll
2004-09-11 12:26:11 ----N---- C:\WINDOWS\system32\wshbth.dll
2004-09-11 12:26:11 ----N---- C:\WINDOWS\system32\wscntfy.exe
2004-09-11 12:26:11 ----A---- C:\WINDOWS\system32\wscsvc.dll
2004-09-11 12:26:10 ----N---- C:\WINDOWS\system32\xmlprovi.dll
2004-09-11 12:26:10 ----N---- C:\WINDOWS\system32\xmlprov.dll
2004-09-11 12:26:09 ----N---- C:\WINDOWS\slrundll.exe
2004-09-11 12:26:03 ----D---- C:\WINDOWS\peernet
2004-09-11 12:26:00 ----D---- C:\WINDOWS\provisioning
2004-09-11 12:22:05 ----D---- C:\WINDOWS\ServicePackFiles
2004-09-11 12:12:36 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2004-09-11 12:06:24 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2004-09-11 12:06:17 ----D---- C:\WINDOWS\EHome
2004-09-01 19:50:31 ----A---- C:\WINDOWS\system32\mfc70u.dll
2004-09-01 19:50:31 ----A---- C:\WINDOWS\system32\atl70.dll
2004-09-01 14:31:58 ----RA---- C:\WINDOWS\system32\CNMVSya.DLL
2004-09-01 14:31:58 ----RA---- C:\WINDOWS\system32\CNMLMya.DLL
2004-09-01 14:31:58 ----RA---- C:\WINDOWS\system32\cncipst.dll
2004-09-01 14:31:58 ----HD---- C:\BJPrinter
2004-09-01 14:18:38 ----HD---- C:\CanonMP
2004-08-26 16:33:08 ----A---- C:\WINDOWS\IMWMF2.INI
2004-08-26 16:33:08 ----A---- C:\WINDOWS\EMWMF2.INI
2004-08-26 16:33:08 ----A---- C:\WINDOWS\EMPS_2.INI
2004-08-26 16:33:08 ----A---- C:\WINDOWS\EMPCT2.INI
2004-08-26 16:33:08 ----A---- C:\WINDOWS\EMCGM2.INI
2004-08-26 16:33:08 ----A---- C:\WINDOWS\EBTIF2.INI
2004-08-26 16:33:08 ----A---- C:\WINDOWS\EBPNG2.INI
2004-08-26 16:33:08 ----A---- C:\WINDOWS\EBJPG2.INI
2004-08-26 16:33:08 ----A---- C:\WINDOWS\EBBMP2.INI
2004-08-26 16:31:39 ----D---- C:\Program Files\allCLEAR4.5
2004-08-24 17:10:38 ----A---- C:\WINDOWS\system32\MPG4DMOD.dll
2004-08-24 17:10:37 ----A---- C:\WINDOWS\system32\wmvdmod.dll
2004-08-24 17:10:37 ----A---- C:\WINDOWS\system32\wmsdmod.dll
2004-08-24 17:10:37 ----A---- C:\WINDOWS\system32\WMADMOD.dll
2004-08-24 17:10:36 ----A---- C:\WINDOWS\system32\WMNetMgr.dll
2004-08-24 17:10:36 ----A---- C:\WINDOWS\system32\WMADMOE.dll
2004-08-24 17:10:36 ----A---- C:\WINDOWS\system32\qasf.dll
2004-08-24 17:10:36 ----A---- C:\WINDOWS\system32\logagent.exe
2004-08-24 17:10:36 ----A---- C:\WINDOWS\system32\LAPRXY.dll
2004-08-24 17:10:35 ----A---- C:\WINDOWS\system32\wmvcore.dll
2004-08-24 17:10:35 ----A---- C:\WINDOWS\system32\wmasf.dll
2004-08-24 17:10:32 ----A---- C:\WINDOWS\system32\msnetobj.dll
2004-08-24 17:10:32 ----A---- C:\WINDOWS\system32\drmv2clt.dll
2004-08-24 17:10:32 ----A---- C:\WINDOWS\system32\drmstor.dll
2004-08-24 17:10:32 ----A---- C:\WINDOWS\system32\drmclien.dll
2004-08-24 17:10:32 ----A---- C:\WINDOWS\system32\blackbox.dll
2004-08-23 11:32:09 ----D---- C:\Program Files\Google
2004-08-23 11:05:19 ----A---- C:\WINDOWS\cdPlayer.ini
2004-08-16 16:51:39 ----D---- C:\WINDOWS\SoftwareDistribution
2004-08-16 16:51:31 ----A---- C:\WINDOWS\system32\wuweb.dll
2004-08-16 16:51:31 ----A---- C:\WINDOWS\system32\wups.dll
2004-08-16 16:51:31 ----A---- C:\WINDOWS\system32\wucltui.dll
2004-08-16 16:51:31 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2004-08-16 16:51:31 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2004-08-16 16:51:31 ----A---- C:\WINDOWS\system32\wuapi.dll
2004-08-06 09:17:49 ----D---- C:\Program Files\VistaPrint
2004-08-03 23:56:58 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2004-08-03 23:56:58 ----N---- C:\WINDOWS\system32\spnpinst.exe
2004-08-03 23:56:58 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2004-08-03 23:56:50 ----N---- C:\WINDOWS\system32\faxpatch.exe
2004-07-18 02:06:55 ----HDC---- C:\WINDOWS\$NtUninstallKB839645$
2004-07-18 02:06:53 ----A---- C:\WINDOWS\system32\sxs.dll
2004-07-18 02:06:53 ----A---- C:\WINDOWS\system32\shell32.dll
2004-07-18 02:06:53 ----A---- C:\WINDOWS\system32\fldrclnr.dll
2004-07-18 02:06:34 ----HDC---- C:\WINDOWS\$NtUninstallKB841873$
2004-07-18 02:06:32 ----N---- C:\WINDOWS\system32\xpsp2res.dll
2004-07-18 02:06:32 ----A---- C:\WINDOWS\system32\netapi32.dll
2004-07-18 02:06:32 ----A---- C:\WINDOWS\system32\mstinit.exe
2004-07-18 02:06:32 ----A---- C:\WINDOWS\system32\mstask.dll
2004-07-18 02:06:31 ----A---- C:\WINDOWS\system32\schedsvc.dll
2004-07-18 02:06:15 ----HDC---- C:\WINDOWS\$NtUninstallKB840315$
2004-07-18 02:06:14 ----N---- C:\WINDOWS\system32\itss.dll
2004-07-18 02:05:55 ----D---- C:\WINDOWS\system32\bits
2004-07-18 02:05:44 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$
2004-07-18 02:05:37 ----A---- C:\WINDOWS\system32\xpob2res.dll
2004-07-18 02:05:37 ----A---- C:\WINDOWS\system32\winhttp.dll
2004-07-18 02:05:37 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2004-07-18 02:05:37 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2004-07-18 02:05:37 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2004-07-12 09:28:49 ----D---- C:\Documents and Settings\Ron\Application Data\Macromedia
2004-07-08 18:10:59 ----D---- C:\Documents and Settings\Ron\Application Data\AdobeUM
2004-07-08 18:09:58 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2004-07-08 18:08:27 ----D---- C:\WINDOWS\Cache
2004-07-07 17:48:42 ----A---- C:\WINDOWS\system32\shlwapi.dll
2004-07-07 17:37:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2004-06-24 13:30:19 ----A---- C:\WINDOWS\system32\Hh.exe
2004-06-24 13:30:19 ----A---- C:\WINDOWS\system32\crpe32.dll
2004-06-24 13:30:19 ----A---- C:\WINDOWS\system32\crpaig32.dll
2004-06-24 13:30:19 ----A---- C:\WINDOWS\system32\Cp5dll32.dll
2004-06-24 13:30:19 ----A---- C:\WINDOWS\system32\Cp4dll32.dll
2004-06-24 13:30:18 ----D---- C:\WINDOWS\Crystal
2004-06-24 13:30:18 ----A---- C:\WINDOWS\system32\Pdirdao.dll
2004-06-24 13:30:18 ----A---- C:\WINDOWS\system32\Pdctdao.dll
2004-06-24 13:30:18 ----A---- C:\WINDOWS\system32\Pdbdao.dll
2004-06-24 13:30:18 ----A---- C:\WINDOWS\system32\p2irdao.dll
2004-06-24 13:30:18 ----A---- C:\WINDOWS\system32\p2ctdao.dll
2004-06-24 13:30:18 ----A---- C:\WINDOWS\system32\p2bdao.dll
2004-06-24 13:30:18 ----A---- C:\WINDOWS\system32\implode.dll
2004-06-24 13:30:17 ----A---- C:\WINDOWS\system32\Msrd2x35.dll
2004-06-24 13:30:16 ----A---- C:\WINDOWS\system32\Vb5db.dll
2004-06-24 13:30:01 ----A---- C:\WINDOWS\system32\vbar2232.dll
2004-06-24 13:30:01 ----A---- C:\WINDOWS\system32\MSRD2X32.dll
2004-06-24 13:30:01 ----A---- C:\WINDOWS\system32\msjter32.dll
2004-06-24 13:30:01 ----A---- C:\WINDOWS\system32\msjt3032.dll
2004-06-24 13:30:01 ----A---- C:\WINDOWS\system32\msjint32.dll
2004-06-24 13:30:00 ----A---- C:\WINDOWS\uninst.exe
2004-06-24 13:23:59 ----D---- C:\Program Files\ProClose
2004-06-23 10:56:45 ----D---- C:\Documents and Settings\Ron\Application Data\Microsoft Web Folders
2004-06-18 13:40:50 ----A---- C:\WINDOWS\muninst.exe
2004-06-13 13:46:56 ----HDC---- C:\WINDOWS\$NtUninstallKB839643-DirectX9$
2004-06-07 13:19:46 ----A---- C:\WINDOWS\system32\inetcomm.dll
2004-06-03 13:56:36 ----A---- C:\WINDOWS\system32\wmpui.dll
2004-06-03 13:56:36 ----A---- C:\WINDOWS\system32\wmpshell.dll
2004-06-03 13:56:36 ----A---- C:\WINDOWS\system32\wmploc.dll
2004-06-03 13:56:36 ----A---- C:\WINDOWS\system32\wmpcore.dll
2004-06-03 13:56:36 ----A---- C:\WINDOWS\system32\wmpcd.dll
2004-06-03 13:56:36 ----A---- C:\WINDOWS\system32\asferror.dll
2004-06-03 13:56:33 ----A---- C:\WINDOWS\system32\wmdmps.dll
2004-06-03 13:56:33 ----A---- C:\WINDOWS\system32\wmdmlog.dll
2004-06-03 13:56:33 ----A---- C:\WINDOWS\system32\mswmdm.dll
2004-06-03 13:56:33 ----A---- C:\WINDOWS\system32\msscp.dll
2004-06-03 13:56:33 ----A---- C:\WINDOWS\system32\mspmsp.dll
2004-06-03 13:56:33 ----A---- C:\WINDOWS\system32\cewmdm.dll
2004-05-21 07:30:25 ----D---- C:\Program Files\Sparx Systems
2004-05-20 16:24:32 ----D---- C:\Documents and Settings\Ron\Application Data\SharpReader
2004-05-18 09:41:12 ----A---- C:\WINDOWS\QBTIMER.INI
2004-05-18 08:51:40 ----A---- C:\WINDOWS\UNINST16.EXE
2004-05-13 08:16:56 ----D---- C:\WINDOWS\Minidump
2004-05-13 07:27:41 ----HDC---- C:\WINDOWS\$NtUninstallKB840374$
2004-05-09 19:28:28 ----D---- C:\Program Files\Lavasoft
2004-05-09 19:19:09 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2004-05-09 19:18:59 ----D---- C:\Program Files\Spybot - Search & Destroy
2004-05-06 14:27:03 ----D---- C:\Program Files\Security software
2004-05-04 21:41:37 ----HDC---- C:\WINDOWS\$NtUninstallKB820291$
2004-05-04 21:40:55 ----HDC---- C:\WINDOWS\$NtUninstallKB821253$
2004-05-04 21:40:13 ----HDC---- C:\WINDOWS\$NtUninstallKB826942$
2004-05-04 21:40:13 ----A---- C:\WINDOWS\system32\wzcsvc.dll
2004-05-04 21:40:13 ----A---- C:\WINDOWS\system32\wzcsapi.dll
2004-05-04 21:40:13 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2004-05-04 21:40:13 ----A---- C:\WINDOWS\system32\netshell.dll
2004-05-04 21:25:17 ----A---- C:\WINDOWS\system32\wmpns.dll
2004-05-04 21:25:15 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2004-05-04 21:25:15 ----A---- C:\WINDOWS\system32\wmpasf.dll
2004-05-04 21:25:15 ----A---- C:\WINDOWS\system32\wmerror.dll
2004-04-30 08:20:55 ----D---- C:\WINDOWS\system32\Dell
2004-04-20 16:09:06 ----HDC---- C:\WINDOWS\$NtUninstallKB835732$
2004-04-20 16:09:03 ----A---- C:\WINDOWS\system32\mf3216.dll
2004-04-20 16:09:02 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2004-04-20 16:09:02 ----A---- C:\WINDOWS\system32\h323msp.dll
2004-04-20 16:08:47 ----HDC---- C:\WINDOWS\$NtUninstallKB828741$
2004-04-20 16:08:44 ----A---- C:\WINDOWS\system32\rpcss.dll
2004-04-20 16:08:44 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2004-04-20 16:08:44 ----A---- C:\WINDOWS\system32\mtxoci.dll
2004-04-20 16:08:44 ----A---- C:\WINDOWS\system32\mtxclu.dll
2004-04-20 16:08:44 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2004-04-20 16:08:44 ----A---- C:\WINDOWS\system32\msdtctm.dll
2004-04-20 16:08:44 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2004-04-20 16:08:44 ----A---- C:\WINDOWS\system32\comuid.dll
2004-04-20 16:08:43 ----A---- C:\WINDOWS\system32\txflog.dll
2004-04-20 16:08:43 ----A---- C:\WINDOWS\system32\ole32.dll
2004-04-20 16:08:43 ----A---- C:\WINDOWS\system32\es.dll
2004-04-20 16:08:43 ----A---- C:\WINDOWS\system32\comsvcs.dll
2004-04-20 16:08:43 ----A---- C:\WINDOWS\system32\colbact.dll
2004-04-20 16:08:43 ----A---- C:\WINDOWS\system32\clbcatq.dll
2004-04-20 16:08:43 ----A---- C:\WINDOWS\system32\clbcatex.dll
2004-04-20 16:08:43 ----A---- C:\WINDOWS\system32\catsrvut.dll
2004-04-20 16:08:43 ----A---- C:\WINDOWS\system32\catsrv.dll
2004-04-20 16:08:25 ----HDC---- C:\WINDOWS\$NtUninstallKB837001$
2004-04-20 16:08:17 ----A---- C:\WINDOWS\system32\vbajet32.dll
2004-04-20 16:08:17 ----A---- C:\WINDOWS\system32\msxbde40.dll
2004-04-20 16:08:17 ----A---- C:\WINDOWS\system32\mstext40.dll
2004-04-20 16:08:17 ----A---- C:\WINDOWS\system32\msrepl40.dll
2004-04-20 16:08:17 ----A---- C:\WINDOWS\system32\mspbde40.dll
2004-04-20 16:08:17 ----A---- C:\WINDOWS\system32\msjtes40.dll
2004-04-20 16:08:17 ----A---- C:\WINDOWS\system32\msjter40.dll
2004-04-20 16:08:17 ----A---- C:\WINDOWS\system32\msjint40.dll
2004-04-20 16:08:17 ----A---- C:\WINDOWS\system32\msjetoledb40.dll
2004-04-20 16:08:17 ----A---- C:\WINDOWS\system32\msjet40.dll
2004-04-20 16:08:17 ----A---- C:\WINDOWS\system32\msexcl40.dll
2004-04-20 16:08:17 ----A---- C:\WINDOWS\system32\msexch40.dll
2004-04-20 16:08:17 ----A---- C:\WINDOWS\system32\expsrv.dll
2004-04-20 16:08:16 ----A---- C:\WINDOWS\system32\mswstr10.dll
2004-04-20 16:08:16 ----A---- C:\WINDOWS\system32\mswdat10.dll
2004-04-20 16:08:16 ----A---- C:\WINDOWS\system32\msrd3x40.dll
2004-04-20 16:08:16 ----A---- C:\WINDOWS\system32\msrd2x40.dll
2004-04-20 16:08:16 ----A---- C:\WINDOWS\system32\msltus40.dll
2004-04-14 13:56:46 ----A---- C:\WINDOWS\system32\dplayx.dll
2004-04-12 22:11:26 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2004-03-12 18:21:52 ----D---- C:\Documents and Settings\Ron\Application Data\Leadertech
2004-03-12 15:05:25 ----D---- C:\Program Files\OfficeUpdate11
2004-03-11 14:13:14 ----A---- C:\WINDOWS\system32\FM20.DLL
2004-03-09 21:17:18 ----A---- C:\WINDOWS\system32\rapi.dll
2004-03-09 21:17:18 ----A---- C:\WINDOWS\system32\ceutil.dll
2004-02-27 21:26:30 ----D---- C:\WINDOWS\system32\NtmsData
2004-02-27 16:59:44 ----D---- C:\Program Files\Microsoft.NET
2004-02-23 17:39:52 ----D---- C:\WINDOWS\Sun
2004-02-17 16:31:45 ----RD---- C:\Documents and Settings\Ron\Application Data\Brother
2004-02-15 19:23:57 ----N---- C:\WINDOWS\system32\InetClnt.dll
2004-02-15 19:23:52 ----D---- C:\Program Files\Common Files\AnswerWorks 4.0
2004-02-15 19:23:34 ----D---- C:\Program Files\Common Files\Intuit
2004-02-15 19:23:18 ----A---- C:\WINDOWS\system32\cdintf.dll
2004-02-15 19:23:14 ----A---- C:\WINDOWS\system32\vba6.dll
2004-02-15 19:23:14 ----A---- C:\WINDOWS\system32\spr32d30.dll
2004-02-15 19:23:14 ----A---- C:\WINDOWS\system32\msvcr70.dll
2004-02-15 19:23:14 ----A---- C:\WINDOWS\system32\msvcp70.dll
2004-02-15 19:23:13 ----A---- C:\WINDOWS\system32\msvci70.dll
2004-02-15 19:23:13 ----A---- C:\WINDOWS\system32\mfc70.dll
2004-02-15 19:20:42 ----D---- C:\WINDOWS\Intuit
2004-02-11 16:06:25 ----D---- C:\Program Files\RFCons
2004-02-11 16:02:12 ----D---- C:\WINDOWS\Downloaded Installations
2004-02-11 15:40:00 ----D---- C:\Program Files\Ilium Software
2004-02-11 15:17:14 ----HDC---- C:\WINDOWS\$NtUninstallKB810217$
2004-02-11 15:16:31 ----HDC---- C:\WINDOWS\$NtUninstallKB828028$
2004-02-10 20:38:00 ----D---- C:\Program Files\AvantGo Connect
2004-02-10 20:37:55 ----A---- C:\WINDOWS\system32\uicom.dll
2004-02-10 20:37:55 ----A---- C:\WINDOWS\system32\ppvexp.dll
2004-02-10 20:37:55 ----A---- C:\WINDOWS\system32\ppcload.dll
2004-02-10 20:37:55 ----A---- C:\WINDOWS\system32\pmailext.dll
2004-02-10 20:37:55 ----A---- C:\WINDOWS\system32\MsgStRPC.dll
2004-02-10 20:37:55 ----A---- C:\WINDOWS\system32\malslib.dll
2004-02-10 20:13:05 ----D---- C:\Program Files\Microsoft ActiveSync
2004-02-10 20:12:14 ----D---- C:\Program Files\Downloads
2004-02-10 08:45:57 ----D---- C:\Program Files\Microsoft Visual Studio
2004-02-09 14:06:33 ----HDC---- C:\WINDOWS\$NtUninstallQ828026$
2004-02-09 14:05:55 ----HDC---- C:\WINDOWS\$NtUninstallQ810577$
2004-02-09 14:05:20 ----HDC---- C:\WINDOWS\$NtUninstallQ810833$
2004-02-09 14:04:45 ----HDC---- C:\WINDOWS\$NtUninstallQ810565$
2004-02-09 14:04:06 ----HDC---- C:\WINDOWS\$NtUninstallQ328310$
2004-02-09 14:03:31 ----HDC---- C:\WINDOWS\$NtUninstallQ329170$
2004-02-09 14:02:27 ----HDC---- C:\WINDOWS\$NtUninstallQ329115$
2004-02-09 14:02:21 ----HDC---- C:\WINDOWS\$NtUninstallQ329390$
2004-02-09 14:02:09 ----HDC---- C:\WINDOWS\$NtUninstallQ329834$
2004-02-09 14:01:59 ----HDC---- C:\WINDOWS\$NtUninstallQ814033$
2004-02-09 14:01:22 ----HDC---- C:\WINDOWS\$NtUninstallQ329441$
2004-02-09 14:00:55 ----A---- C:\WINDOWS\system32\srrstr.dll
2004-02-09 14:00:46 ----HDC---- C:\WINDOWS\$NtUninstallQ815021$
2004-02-09 14:00:07 ----HDC---- C:\WINDOWS\$NtUninstallQ817287$
2004-02-09 13:59:06 ----HDC---- C:\WINDOWS\$NtUninstallQ811493$
2004-02-09 13:58:26 ----HDC---- C:\WINDOWS\$NtUninstallQ817606$
2004-02-09 13:57:47 ----HDC---- C:\WINDOWS\$NtUninstallKB821557$
2004-02-09 13:57:05 ----HDC---- C:\WINDOWS\$NtUninstallKB824141$
2004-02-09 13:56:29 ----HDC---- C:\WINDOWS\$NtUninstallKB823182$
2004-02-09 13:55:46 ----HDC---- C:\WINDOWS\$NtUninstallKB824105$
2004-02-09 13:55:05 ----HDC---- C:\WINDOWS\$NtUninstallKB825119$
2004-02-09 07:57:38 ----A---- C:\WINDOWS\NCUNINST.EXE
2004-02-09 07:51:06 ----D---- C:\Program Files\Common Files\SWF Studio
2004-02-07 08:30:52 ----D---- C:\Program Files\Common Files\Sonic
2004-02-06 17:05:06 ----A---- C:\WINDOWS\system32\wininet.dll
2004-02-06 14:36:26 ----A---- C:\WINDOWS\ODBC.INI
2004-02-06 14:35:37 ----D---- C:\Program Files\Common Files\Designer
2004-02-06 14:33:36 ----D---- C:\Program Files\Microsoft Office
2004-02-06 14:27:56 ----D---- C:\Documents and Settings\Ron\Application Data\Template
2004-02-06 14:18:48 ----D---- C:\Documents and Settings\Ron\Application Data\Corel
2004-02-05 23:11:02 ----D---- C:\Documents and Settings\Ron\Application Data\Help
2004-02-05 22:58:47 ----D---- C:\Program Files\Common Files\Adobe
2004-02-05 22:58:47 ----D---- C:\Program Files\Adobe
2004-02-05 22:58:47 ----D---- C:\Documents and Settings\Ron\Application Data\Adobe
2004-02-05 22:58:15 ----A---- C:\WINDOWS\opt_5040.ini
2004-02-05 22:58:15 ----A---- C:\WINDOWS\BRVIDEO.INI
2004-02-05 22:58:15 ----A---- C:\WINDOWS\Brownie.ini
2004-02-05 22:58:15 ----A---- C:\WINDOWS\BROHL504.INI
2004-02-05 22:58:15 ----A---- C:\WINDOWS\brmx2001.ini
2004-02-05 22:58:15 ----A---- C:\WINDOWS\BRDIAG.INI
2004-02-05 22:58:13 ----A---- C:\WINDOWS\system32\BRVPDNTA.DLL
2004-02-05 22:58:13 ----A---- C:\WINDOWS\system32\BRVPD95A.DLL
2004-02-05 22:58:13 ----A---- C:\WINDOWS\system32\BRRBTOOL.EXE
2004-02-05 22:58:13 ----A---- C:\WINDOWS\system32\BROSNMP.DLL
2004-02-05 22:58:13 ----A---- C:\WINDOWS\system32\BRGSRC32.DLL
2004-02-05 22:58:13 ----A---- C:\WINDOWS\system32\BRGSRC16.DLL
2004-02-05 22:58:13 ----A---- C:\WINDOWS\system32\Brdiag2.exe
2004-02-05 22:58:11 ----D---- C:\Program Files\Brownie
2004-02-05 22:58:11 ----A---- C:\WINDOWS\HL-5040.INI
2004-02-05 22:58:10 ----A---- C:\WINDOWS\BRWMARK.INI
2004-02-05 22:58:10 ----A---- C:\WINDOWS\BRPP2KA.INI
2004-02-05 22:58:03 ----A---- C:\WINDOWS\system32\BRSS01A.ini
2004-02-05 22:55:58 ----A---- C:\WINDOWS\system32\BRSVC01A.EXE
2004-02-05 22:55:58 ----A---- C:\WINDOWS\system32\BRSS01A.EXE
2004-02-05 22:55:57 ----A---- C:\WINDOWS\system32\PDRVINST.DLL
2004-02-05 22:55:56 ----N---- C:\WINDOWS\system32\BRWEBUP.EXE
2004-02-05 22:55:56 ----N---- C:\WINDOWS\system32\BrWebIns.dll
2004-02-05 22:55:54 ----D---- C:\Program Files\Brother
2004-02-05 07:09:01 ----A---- C:\WINDOWS\system32\mcini.ini
2004-02-04 23:24:05 ----A---- C:\WINDOWS\system32\iuengine.dll
2004-02-04 23:16:28 ----SH---- C:\Documents and Settings\Ron\Application Data\DESKTOP.INI
2004-02-04 23:16:20 ----SD---- C:\Documents and Settings\Ron\Application Data\Microsoft
2004-02-04 23:16:20 ----D---- C:\Documents and Settings\Ron\Application Data\Sun
2004-02-04 23:16:20 ----D---- C:\Documents and Settings\Ron\Application Data\Sonic
2004-02-04 23:16:20 ----D---- C:\Documents and Settings\Ron\Application Data\Real
2004-02-04 23:16:20 ----D---- C:\Documents and Settings\Ron\Application Data\Jasc Software Inc
2004-02-04 23:16:20 ----D---- C:\Documents and Settings\Ron\Application Data\Identities
2004-02-04 23:11:34 ----A---- C:\WINDOWS\system32\hidserv.dll
2004-01-30 22:17:30 ----SHD---- C:\RECYCLER
2004-01-30 22:17:30 ----A---- C:\WINDOWS\smscfg.ini
2004-01-30 22:15:57 ----D---- C:\Program Files\Your Company Name
2004-01-30 22:15:06 ----D---- C:\Program Files\Jasc Software Inc
2004-01-30 22:15:06 ----D---- C:\Program Files\Dell Computer
2004-01-30 22:14:43 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll
2004-01-30 22:14:43 ----A---- C:\WINDOWS\system32\WMSPDMOE.dll
2004-01-30 22:14:43 ----A---- C:\WINDOWS\system32\WMSPDMOD.dll
2004-01-30 22:14:43 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll
2004-01-30 22:14:43 ----A---- C:\WINDOWS\system32\wmidx.dll
2004-01-30 22:14:43 ----A---- C:\WINDOWS\system32\MP4SDMOD.dll
2004-01-30 22:14:43 ----A---- C:\WINDOWS\system32\MP43DMOD.dll
2004-01-30 22:14:02 ----A---- C:\WINDOWS\UNWISE.EXE
2004-01-30 22:13:38 ----D---- C:\Program Files\MUSICMATCH
2004-01-30 22:13:03 ----D---- C:\Documents and Settings\All Users\Application Data\Dell
2004-01-30 22:11:28 ----D---- C:\Program Files\Microsoft Money
2004-01-30 22:11:01 ----D---- C:\Program Files\Microsoft Encarta
2004-01-30 22:10:41 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee.com
2004-01-30 22:10:20 ----A---- C:\WINDOWS\system32\BDEMERGE.INI
2004-01-30 22:10:03 ----D---- C:\Program Files\Common Files\Borland Shared
2004-01-30 22:09:55 ----D---- C:\WINDOWS\ShellNew
2004-01-30 22:09:43 ----D---- C:\Program Files\WordPerfect Office 11
2004-01-30 22:09:43 ----D---- C:\Program Files\Common Files\Corel
2004-01-30 22:09:26 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2004-01-30 22:09:22 ----D---- C:\Program Files\Real
2004-01-30 22:09:22 ----D---- C:\Program Files\Common Files\Real
2004-01-30 22:09:22 ----A---- C:\WINDOWS\system32\pndx5032.dll
2004-01-30 22:09:22 ----A---- C:\WINDOWS\system32\pndx5016.dll
2004-01-30 22:09:00 ----N---- C:\WINDOWS\Updreg.EXE
2004-01-30 22:08:59 ----N---- C:\WINDOWS\system32\SFCVRT32.DLL
2004-01-30 22:08:59 ----N---- C:\WINDOWS\system32\CTWFLT32.DLL
2004-01-30 22:08:59 ----N---- C:\WINDOWS\system32\CTL3D.DLL
2004-01-30 22:08:59 ----N---- C:\WINDOWS\system32\AC3API.DLL
2004-01-30 22:08:59 ----N---- C:\WINDOWS\CTRES.DLL
2004-01-30 22:08:59 ----N---- C:\WINDOWS\CTCCW.DLL
2004-01-30 22:08:59 ----N---- C:\WINDOWS\AC3API.INI
2004-01-30 22:08:59 ----A---- C:\WINDOWS\system32\CTDevCRes.dll
2004-01-30 22:08:45 ----N---- C:\WINDOWS\P16x.ini
2004-01-30 22:08:45 ----D---- C:\WINDOWS\system32\Data
2004-01-30 22:08:45 ----A---- C:\WINDOWS\system32\P16X.ini
2004-01-30 22:08:45 ----A---- C:\WINDOWS\system32\ctzapxx.ini
2004-01-30 22:08:45 ----A---- C:\WINDOWS\MIXERDEF.EXE
2004-01-30 22:08:45 ----A---- C:\WINDOWS\MIXDEF.INI
2004-01-30 22:08:45 ----A---- C:\WINDOWS\MIDIDEF.EXE
2004-01-30 22:08:45 ----A---- C:\WINDOWS\INRES.DLL
2004-01-30 22:08:29 ----N---- C:\WINDOWS\system32\CTsvcCtl.EXE
2004-01-30 22:08:29 ----N---- C:\WINDOWS\system32\CTsvcCDA.EXE
2004-01-30 22:08:28 ----N---- C:\WINDOWS\system32\CTMERes.DLL
2004-01-30 22:08:28 ----N---- C:\WINDOWS\system32\CTIntRes.dll
2004-01-30 22:08:28 ----N---- C:\WINDOWS\system32\CTDrmRes.dll
2004-01-30 22:08:28 ----N---- C:\WINDOWS\system32\CTDetres.dll
2004-01-30 22:08:28 ----D---- C:\Media
2004-01-30 22:08:27 ----A---- C:\WINDOWS\system32\CTMedEng.DLL
2004-01-30 22:08:27 ----A---- C:\WINDOWS\system32\CTDRMUI.dll
2004-01-30 22:08:20 ----D---- C:\Documents and Settings\All Users\Application Data\Creative
2004-01-30 22:08:15 ----A---- C:\WINDOWS\SBWIN.INI
2004-01-30 22:08:08 ----D---- C:\Program Files\Creative
2004-01-30 22:07:32 ----HD---- C:\Program Files\InstallShield Installation Information
2004-01-30 22:07:19 ----D---- C:\WINDOWS\system32\dla
2004-01-30 22:07:19 ----A---- C:\WINDOWS\wininit.ini
2004-01-30 22:07:19 ----A---- C:\WINDOWS\system32\tfswapi.dll
2004-01-30 22:07:19 ----A---- C:\WINDOWS\dla.exe
2004-01-30 22:07:10 ----D---- C:\Program Files\Sonic
2004-01-30 22:07:10 ----D---- C:\Program Files\Common Files\SureThing Shared
2004-01-30 22:07:07 ----A---- C:\WINDOWS\system32\DellSys.dll
2004-01-30 22:06:00 ----D---- C:\WINDOWS\DellPCH
2004-01-30 22:05:43 ----D---- C:\Program Files\Intel
2004-01-30 22:05:15 ----D---- C:\Documents and Settings\All Users\Application Data\SBSI
2004-01-30 22:04:12 ----A---- C:\WINDOWS\orun32.ini
2004-01-30 22:04:11 ----A---- C:\WINDOWS\IsUninst.exe
2004-01-30 22:03:22 ----RSD---- C:\WINDOWS\assembly
2004-01-30 22:03:22 ----D---- C:\WINDOWS\Microsoft.NET
2004-01-30 22:03:21 ----D---- C:\WINDOWS\system32\URTTemp
2004-01-30 22:03:08 ----D---- C:\Program Files\Dell
2004-01-30 22:03:06 ----D---- C:\Program Files\Common Files\InstallShield
2004-01-30 21:57:38 ----D---- C:\Program Files\Java
2004-01-30 21:55:29 ----A---- C:\WINDOWS\system32\xpsp1hfm.exe
2004-01-30 21:50:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2004-01-30 21:49:32 ----D---- C:\WINDOWS\RegisteredPackages
2004-01-30 21:49:15 ----A---- C:\WINDOWS\system32\wstdecod.dll
2004-01-30 21:49:15 ----A---- C:\WINDOWS\system32\psisdecd.dll
2004-01-30 21:49:15 ----A---- C:\WINDOWS\system32\msyuv.dll
2004-01-30 21:49:15 ----A---- C:\WINDOWS\system32\msvidctl.dll
2004-01-30 21:49:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2004-01-30 21:48:44 ----A---- C:\WINDOWS\system32\usbui.dll
2004-01-30 21:46:55 ----D---- C:\WINDOWS\system32\ReinstallBackups
2004-01-30 21:41:38 ----ASH---- C:\BOOT.INI
2004-01-30 21:37:44 ----A---- C:\WINDOWS\system32\OEMINFO.INI
2004-01-30 21:36:10 ----D---- C:\I386
2004-01-30 21:36:08 ----SHD---- C:\System Volume Information
2004-01-30 21:36:08 ----HD---- C:\Program Files\Uninstall Information
2004-01-30 21:36:08 ----D---- C:\Program Files\XEROX
2004-01-30 21:36:08 ----D---- C:\Program Files\Movie Maker
2004-01-30 21:36:08 ----D---- C:\Program Files\microsoft frontpage
2004-01-30 21:36:06 ----HD---- C:\Program Files\WindowsUpdate
2004-01-30 21:36:06 ----D---- C:\Program Files\Windows Media Player
2004-01-30 21:36:06 ----D---- C:\Program Files\Outlook Express
2004-01-30 21:36:06 ----D---- C:\Program Files\Online Services
2004-01-30 21:36:06 ----D---- C:\Program Files\NetMeeting
2004-01-30 21:36:06 ----D---- C:\Program Files\Internet Explorer
2004-01-30 21:36:06 ----D---- C:\Program Files\ComPlus Applications
2004-01-30 21:36:04 ----D---- C:\Program Files\MSN Gaming Zone
2004-01-30 21:36:04 ----D---- C:\Program Files\Messenger
2004-01-30 21:36:02 ----D---- C:\Program Files\Windows NT
2004-01-30 21:36:02 ----D---- C:\Program Files\MSN
2004-01-30 21:36:02 ----D---- C:\Program Files\Common Files\System
2004-01-30 21:36:02 ----D---- C:\Program Files\Common Files\Services
2004-01-30 21:36:02 ----D---- C:\Program Files\Common Files\ODBC
2004-01-30 21:36:02 ----D---- C:\Program Files\Common Files\MSSoap
2004-01-30 21:36:00 ----D---- C:\Program Files\Common Files\SpeechEngines
2004-01-30 21:36:00 ----D---- C:\Program Files\Common Files\Microsoft Shared
2004-01-30 21:36:00 ----D---- C:\Program Files\Common Files
2004-01-30 21:36:00 ----D---- C:\Program Files
2004-01-30 21:35:58 ----SHD---- C:\WINDOWS\Installer
2004-01-30 21:35:58 ----SD---- C:\WINDOWS\Tasks
2004-01-30 21:35:58 ----SD---- C:\WINDOWS\Downloaded Program Files
2004-01-30 21:35:58 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2004-01-30 21:35:58 ----RD---- C:\WINDOWS\Offline Web Pages
2004-01-30 21:35:58 ----D---- C:\DRIVERS
2004-01-30 21:35:58 ----D---- C:\Documents and Settings
2004-01-30 21:35:56 ----D---- C:\WINDOWS\SRCHASST
2004-01-30 21:35:52 ----D---- C:\WINDOWS\Registration
2004-01-30 21:35:52 ----D---- C:\WINDOWS\PCHealth
2004-01-30 21:35:52 ----D---- C:\WINDOWS\IME
2004-01-30 21:35:50 ----D---- C:\WINDOWS\WinSxS
2004-01-30 21:35:50 ----D---- C:\WINDOWS\TWAIN_32
2004-01-30 21:35:50 ----D---- C:\WINDOWS\Temp
2004-01-30 21:35:50 ----D---- C:\WINDOWS\SECURITY
2004-01-30 21:35:50 ----D---- C:\WINDOWS\Resources
2004-01-30 21:35:50 ----D---- C:\WINDOWS\MUI
2004-01-30 21:35:50 ----D---- C:\WINDOWS\MSAPPS
2004-01-30 21:35:50 ----D---- C:\WINDOWS\Debug
2004-01-30 21:35:50 ----D---- C:\WINDOWS\AppPatch
2004-01-30 21:35:36 ----RD---- C:\WINDOWS\Web
2004-01-30 21:35:36 ----D---- C:\WINDOWS\Driver Cache
2004-01-30 21:35:36 ----D---- C:\WINDOWS\Connection Wizard
2004-01-30 21:35:36 ----D---- C:\WINDOWS\ADDINS
2004-01-30 21:35:34 ----D---- C:\WINDOWS\MSAGENT
2004-01-30 21:35:34 ----D---- C:\WINDOWS\Media
2004-01-30 21:35:34 ----D---- C:\WINDOWS\Cursors
2004-01-30 21:35:34 ----D---- C:\WINDOWS\Config
2004-01-30 21:35:32 ----RSD---- C:\WINDOWS\Fonts
2004-01-30 21:35:24 ----D---- C:\WINDOWS\Help
2004-01-30 21:35:22 ----HD---- C:\WINDOWS\INF
2004-01-30 21:35:20 ----SD---- C:\WINDOWS\system32\Microsoft
2004-01-30 21:35:20 ----D---- C:\WINDOWS\system32\XIRCOM
2004-01-30 21:35:20 ----D---- C:\WINDOWS\system32\Restore
2004-01-30 21:35:20 ----D---- C:\WINDOWS\system32\Macromed
2004-01-30 21:35:20 ----D---- C:\WINDOWS\system32\DirectX
2004-01-30 21:35:20 ----D---- C:\WINDOWS\SYSTEM
2004-01-30 21:35:20 ----D---- C:\WINDOWS\REPAIR
2004-01-30 21:35:18 ----D---- C:\WINDOWS\system32\MsDtc
2004-01-30 21:35:18 ----D---- C:\WINDOWS\system32\Com
2004-01-30 21:35:14 ----D---- C:\WINDOWS\system32\CatRoot2
2004-01-30 21:35:14 ----D---- C:\WINDOWS\system32\CatRoot
2004-01-30 21:34:44 ----D---- C:\WINDOWS\system32\USMT
2004-01-30 21:34:44 ----D---- C:\WINDOWS\system32\INETSRV
2004-01-30 21:34:44 ----D---- C:\WINDOWS\system32\IME
2004-01-30 21:34:44 ----D---- C:\WINDOWS\system32\3COM_DMI
2004-01-30 21:34:44 ----D---- C:\WINDOWS\system32\3076
2004-01-30 21:34:44 ----D---- C:\WINDOWS\system32\2052
2004-01-30 21:34:44 ----D---- C:\WINDOWS\system32\1054
2004-01-30 21:34:44 ----D---- C:\WINDOWS\system32\1042
2004-01-30 21:34:44 ----D---- C:\WINDOWS\system32\1041
2004-01-30 21:34:44 ----D---- C:\WINDOWS\system32\1037
2004-01-30 21:34:44 ----D---- C:\WINDOWS\system32\1033
2004-01-30 21:34:44 ----D---- C:\WINDOWS\system32\1031
2004-01-30 21:34:44 ----D---- C:\WINDOWS\system32\1028
2004-01-30 21:34:44 ----D---- C:\WINDOWS\system32\1025
2004-01-30 21:34:42 ----RSHD---- C:\WINDOWS\system32\DLLCACHE
2004-01-30 21:34:42 ----D---- C:\WINDOWS\system32\OOBE
2004-01-30 21:34:42 ----D---- C:\WINDOWS\system32\NPP
2004-01-30 21:34:42 ----D---- C:\WINDOWS\system32\MUI
2004-01-30 21:34:42 ----D---- C:\WINDOWS\system32\ICSXML
2004-01-30 21:34:42 ----D---- C:\WINDOWS\system32\IAS
2004-01-30 21:34:42 ----D---- C:\WINDOWS\system32\EXPORT
2004-01-30 21:34:40 ----D---- C:\WINDOWS\system32\WINS
2004-01-30 21:34:40 ----D---- C:\WINDOWS\system32\WBEM
2004-01-30 21:34:40 ----D---- C:\WINDOWS\system32\SPOOL
2004-01-30 21:34:40 ----D---- C:\WINDOWS\system32\ShellExt
2004-01-30 21:34:40 ----D---- C:\WINDOWS\system32\Setup
2004-01-30 21:34:40 ----D---- C:\WINDOWS\system32\RAS
2004-01-30 21:34:40 ----D---- C:\WINDOWS\system32\DHCP
2004-01-30 21:34:38 ----D---- C:\WINDOWS\system32\DRIVERS
2004-01-30 21:34:36 ----D---- C:\WINDOWS\system32\CONFIG
2004-01-30 21:34:36 ----D---- C:\WINDOWS\SYSTEM32
2004-01-30 21:34:36 ----D---- C:\WINDOWS
2004-01-21 16:21:08 ----A---- C:\WINDOWS\system32\browseui.dll
2004-01-21 16:20:40 ----A---- C:\WINDOWS\system32\urlmon.dll
2004-01-21 16:15:50 ----A---- C:\WINDOWS\system32\shdocvw.dll
2003-11-06 19:57:17 ----D---- C:\rsit
2003-11-05 23:19:27 ----D---- C:\WINDOWS\LastGood
2003-10-27 20:13:16 ----A---- C:\WINDOWS\system32\odbcbcp.dll
2003-10-27 20:13:06 ----A---- C:\WINDOWS\system32\odbccp32.dll
2003-10-27 20:12:44 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2003-10-27 20:12:42 ----A---- C:\WINDOWS\system32\dbnetlib.dll
2003-10-27 20:09:50 ----A---- C:\WINDOWS\system32\msdart.dll
2003-10-27 20:09:44 ----A---- C:\WINDOWS\system32\odbc32.dll
2003-10-21 18:06:42 ----A---- C:\WINDOWS\system32\wkssvc.dll
2003-10-21 18:06:42 ----A---- C:\WINDOWS\system32\msgsvc.dll
======List of files/folders modified in the last 1 months======
2008-09-13 15:04:28 ----A---- C:\WINDOWS\OEWABLog.txt
2008-09-13 15:02:16 ----A---- C:\WINDOWS\SETUPLOG.TXT
2008-09-13 14:19:25 ----A---- C:\WINDOWS\imsins.BAK
2008-07-18 21:10:48 ----A---- C:\WINDOWS\system32\cdm.dll
2008-07-18 21:10:42 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-07-18 21:09:42 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-06-24 11:43:16 ----A---- C:\WINDOWS\system32\mscms.dll
2008-06-23 11:57:41 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-06-23 11:57:40 ----A---- C:\WINDOWS\system32\url.dll
2008-06-23 11:57:40 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-06-23 11:57:40 ----A---- C:\WINDOWS\system32\occache.dll
2008-06-23 11:57:40 ----A---- C:\WINDOWS\system32\mstime.dll
2008-06-23 11:57:39 ----A---- C:\WINDOWS\system32\msrating.dll
2008-06-23 11:57:39 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-06-23 11:57:35 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-06-23 11:57:33 ----A---- C:\WINDOWS\system32\iernonce.dll
2008-06-23 11:57:29 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2008-06-23 11:57:29 ----A---- C:\WINDOWS\system32\ieaksie.dll
2008-06-23 11:57:29 ----A---- C:\WINDOWS\system32\ieakeng.dll
2008-06-23 11:57:27 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-06-23 11:57:27 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-06-23 11:57:27 ----A---- C:\WINDOWS\system32\advpack.dll
2008-06-23 04:20:25 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2008-06-21 00:23:54 ----A---- C:\WINDOWS\system32\ieakui.dll
2008-06-20 12:46:57 ----A---- C:\WINDOWS\system32\mswsock.dll
2008-06-20 12:46:57 ----A---- C:\WINDOWS\system32\dnsapi.dll
2008-05-09 05:53:40 ----A---- C:\WINDOWS\system32\wshext.dll
2008-05-09 05:53:40 ----A---- C:\WINDOWS\system32\vbscript.dll
2008-05-09 05:53:40 ----A---- C:\WINDOWS\system32\scrrun.dll
2008-05-09 05:53:39 ----A---- C:\WINDOWS\system32\scrobj.dll
2008-05-09 05:53:39 ----A---- C:\WINDOWS\system32\jscript.dll
2008-05-08 06:24:44 ----A---- C:\WINDOWS\system32\wscript.exe
2008-05-07 04:07:23 ----A---- C:\WINDOWS\system32\cscript.exe
2008-05-07 00:12:40 ----A---- C:\WINDOWS\system32\quartz.dll
2008-04-14 04:42:06 ----A---- C:\WINDOWS\system32\setupapi.dll
2008-04-14 04:41:58 ----A---- C:\WINDOWS\system32\licdll.dll
2008-04-13 19:16:51 ----A---- C:\WINDOWS\system32\netsetup.exe
2008-04-13 19:13:22 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-04-13 19:13:22 ----A---- C:\WINDOWS\system32\rdpdd.dll
2008-04-13 19:13:21 ----A---- C:\WINDOWS\system32\tsddd.dll
2008-04-13 19:12:42 ----A---- C:\WINDOWS\system32\tree.com
2008-04-13 19:12:42 ----A---- C:\WINDOWS\system32\more.com
2008-04-13 19:12:42 ----A---- C:\WINDOWS\system32\format.com
2008-04-13 19:12:41 ----A---- C:\WINDOWS\system32\xcopy.exe
2008-04-13 19:12:41 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2008-04-13 19:12:40 ----A---- C:\WINDOWS\system32\wpabaln.exe
2008-04-13 19:12:40 ----A---- C:\WINDOWS\system32\winver.exe
2008-04-13 19:12:39 ----A---- C:\WINDOWS\winhlp32.exe
2008-04-13 19:12:39 ----A---- C:\WINDOWS\system32\winlogon.exe
2008-04-13 19:12:39 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2008-04-13 19:12:39 ----A---- C:\WINDOWS\system32\wextract.exe
2008-04-13 19:12:38 ----A---- C:\WINDOWS\system32\vssvc.exe
2008-04-13 19:12:38 ----A---- C:\WINDOWS\system32\utilman.exe
2008-04-13 19:12:38 ----A---- C:\WINDOWS\system32\userinit.exe
2008-04-13 19:12:38 ----A---- C:\WINDOWS\system32\ups.exe
2008-04-13 19:12:38 ----A---- C:\WINDOWS\system32\upnpcont.exe
2008-04-13 19:12:38 ----A---- C:\WINDOWS\system32\tracert.exe
2008-04-13 19:12:38 ----A---- C:\WINDOWS\system32\tourstart.exe
2008-04-13 19:12:37 ----A---- C:\WINDOWS\system32\telnet.exe
2008-04-13 19:12:37 ----A---- C:\WINDOWS\system32\taskmgr.exe
2008-04-13 19:12:37 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2008-04-13 19:12:36 ----A---- C:\WINDOWS\system32\svchost.exe
2008-04-13 19:12:36 ----A---- C:\WINDOWS\system32\stimon.exe
2008-04-13 19:12:36 ----A---- C:\WINDOWS\system32\spoolsv.exe
2008-04-13 19:12:36 ----A---- C:\WINDOWS\system32\spider.exe
2008-04-13 19:12:36 ----A---- C:\WINDOWS\system32\sort.exe
2008-04-13 19:12:36 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-04-13 19:12:36 ----A---- C:\WINDOWS\system32\smss.exe
2008-04-13 19:12:35 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2008-04-13 19:12:35 ----A---- C:\WINDOWS\system32\skeys.exe
2008-04-13 19:12:35 ----A---- C:\WINDOWS\system32\sigverif.exe
2008-04-13 19:12:35 ----A---- C:\WINDOWS\system32\shutdown.exe
2008-04-13 19:12:35 ----A---- C:\WINDOWS\system32\shrpubw.exe
2008-04-13 19:12:35 ----A---- C:\WINDOWS\system32\shmgrate.exe
2008-04-13 19:12:34 ----A---- C:\WINDOWS\system32\setup.exe
2008-04-13 19:12:34 ----A---- C:\WINDOWS\system32\sethc.exe
2008-04-13 19:12:34 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-04-13 19:12:34 ----A---- C:\WINDOWS\system32\services.exe
2008-04-13 19:12:34 ----A---- C:\WINDOWS\system32\sdbinst.exe
2008-04-13 19:12:33 ----A---- C:\WINDOWS\system32\scardsvr.exe
2008-04-13 19:12:33 ----A---- C:\WINDOWS\system32\savedump.exe
2008-04-13 19:12:33 ----A---- C:\WINDOWS\system32\runonce.exe
2008-04-13 19:12:33 ----A---- C:\WINDOWS\system32\rundll32.exe
2008-04-13 19:12:33 ----A---- C:\WINDOWS\system32\rtcshare.exe
2008-04-13 19:12:33 ----A---- C:\WINDOWS\system32\rsh.exe
2008-04-13 19:12:33 ----A---- C:\WINDOWS\system32\rexec.exe
2008-04-13 19:12:32 ----A---- C:\WINDOWS\system32\regsvr32.exe
2008-04-13 19:12:32 ----A---- C:\WINDOWS\system32\reg.exe
2008-04-13 19:12:32 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-04-13 19:12:32 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-04-13 19:12:32 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-04-13 19:12:32 ----A---- C:\WINDOWS\system32\rcp.exe
2008-04-13 19:12:32 ----A---- C:\WINDOWS\system32\rcimlby.exe
2008-04-13 19:12:32 ----A---- C:\WINDOWS\system32\rasphone.exe
2008-04-13 19:12:32 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-04-13 19:12:32 ----A---- C:\WINDOWS\system32\proquota.exe
2008-04-13 19:12:32 ----A---- C:\WINDOWS\regedit.exe
2008-04-13 19:12:31 ----A---- C:\WINDOWS\system32\progman.exe
2008-04-13 19:12:31 ----A---- C:\WINDOWS\system32\ping.exe
2008-04-13 19:12:31 ----A---- C:\WINDOWS\system32\perfmon.exe
2008-04-13 19:12:31 ----A---- C:\WINDOWS\system32\packager.exe
2008-04-13 19:12:31 ----A---- C:\WINDOWS\system32\osk.exe
2008-04-13 19:12:30 ----A---- C:\WINDOWS\system32\odbcconf.exe
2008-04-13 19:12:30 ----A---- C:\WINDOWS\system32\odbcad32.exe
2008-04-13 19:12:30 ----A---- C:\WINDOWS\system32\ntvdm.exe
2008-04-13 19:12:29 ----A---- C:\WINDOWS\system32\nslookup.exe
2008-04-13 19:12:29 ----A---- C:\WINDOWS\system32\notepad.exe
2008-04-13 19:12:29 ----A---- C:\WINDOWS\system32\netstat.exe
2008-04-13 19:12:29 ----A---- C:\WINDOWS\system32\netsh.exe
2008-04-13 19:12:29 ----A---- C:\WINDOWS\system32\netdde.exe
2008-04-13 19:12:29 ----A---- C:\WINDOWS\system32\net1.exe
2008-04-13 19:12:29 ----A---- C:\WINDOWS\system32\net.exe
2008-04-13 19:12:29 ----A---- C:\WINDOWS\system32\nddeapir.exe
2008-04-13 19:12:29 ----A---- C:\WINDOWS\system32\narrator.exe
2008-04-13 19:12:29 ----A---- C:\WINDOWS\notepad.exe
2008-04-13 19:12:28 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-04-13 19:12:28 ----A---- C:\WINDOWS\system32\msiexec.exe
2008-04-13 19:12:27 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-04-13 19:12:27 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-04-13 19:12:26 ----A---- C:\WINDOWS\system32\mobsync.exe
2008-04-13 19:12:25 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-04-13 19:12:25 ----A---- C:\WINDOWS\system32\mmc.exe
2008-04-13 19:12:25 ----A---- C:\WINDOWS\system32\makecab.exe
2008-04-13 19:12:24 ----A---- C:\WINDOWS\system32\magnify.exe
2008-04-13 19:12:24 ----A---- C:\WINDOWS\system32\lsass.exe
2008-04-13 19:12:24 ----A---- C:\WINDOWS\system32\logonui.exe
2008-04-13 19:12:24 ----A---- C:\WINDOWS\system32\locator.exe
2008-04-13 19:12:23 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-04-13 19:12:23 ----A---- C:\WINDOWS\system32\ipxroute.exe
2008-04-13 19:12:23 ----A---- C:\WINDOWS\system32\ipv6.exe
2008-04-13 19:12:22 ----A---- C:\WINDOWS\system32\ipconfig.exe
2008-04-13 19:12:22 ----A---- C:\WINDOWS\system32\imapi.exe
2008-04-13 19:12:22 ----A---- C:\WINDOWS\system32\iexpress.exe
2008-04-13 19:12:21 ----N---- C:\WINDOWS\hh.exe
2008-04-13 19:12:21 ----A---- C:\WINDOWS\system32\help.exe
2008-04-13 19:12:21 ----A---- C:\WINDOWS\system32\grpconv.exe
2008-04-13 19:12:20 ----A---- C:\WINDOWS\system32\ftp.exe
2008-04-13 19:12:20 ----A---- C:\WINDOWS\system32\forcedos.exe
2008-04-13 19:12:20 ----A---- C:\WINDOWS\system32\fontview.exe
2008-04-13 19:12:20 ----A---- C:\WINDOWS\system32\findstr.exe
2008-04-13 19:12:19 ----A---- C:\WINDOWS\system32\extrac32.exe
2008-04-13 19:12:19 ----A---- C:\WINDOWS\system32\eudcedit.exe
2008-04-13 19:12:19 ----A---- C:\WINDOWS\explorer.exe
2008-04-13 19:12:18 ----A---- C:\WINDOWS\system32\dxdiag.exe
2008-04-13 19:12:18 ----A---- C:\WINDOWS\system32\dwwin.exe
2008-04-13 19:12:18 ----A---- C:\WINDOWS\system32\dvdupgrd.exe
2008-04-13 19:12:18 ----A---- C:\WINDOWS\system32\dumprep.exe
2008-04-13 19:12:18 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2008-04-13 19:12:17 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2008-04-13 19:12:17 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2008-04-13 19:12:17 ----A---- C:\WINDOWS\system32\dmremote.exe
2008-04-13 19:12:17 ----A---- C:\WINDOWS\system32\dmadmin.exe
2008-04-13 19:12:17 ----A---- C:\WINDOWS\system32\dllhost.exe
2008-04-13 19:12:17 ----A---- C:\WINDOWS\system32\diskpart.exe
2008-04-13 19:12:17 ----A---- C:\WINDOWS\system32\diantz.exe
2008-04-13 19:12:16 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2008-04-13 19:12:16 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2008-04-13 19:12:16 ----A---- C:\WINDOWS\system32\defrag.exe
2008-04-13 19:12:16 ----A---- C:\WINDOWS\system32\ddeshare.exe
2008-04-13 19:12:16 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-04-13 19:12:16 ----A---- C:\WINDOWS\system32\ctfmon.exe
2008-04-13 19:12:15 ----A---- C:\WINDOWS\system32\csrss.exe
2008-04-13 19:12:15 ----A---- C:\WINDOWS\system32\conime.exe
2008-04-13 19:12:15 ----A---- C:\WINDOWS\system32\cmstp.exe
2008-04-13 19:12:15 ----A---- C:\WINDOWS\system32\cmmon32.exe
2008-04-13 19:12:14 ----A---- C:\WINDOWS\system32\cmdl32.exe
2008-04-13 19:12:14 ----A---- C:\WINDOWS\system32\cmd.exe
2008-04-13 19:12:14 ----A---- C:\WINDOWS\system32\clipsrv.exe
2008-04-13 19:12:14 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-04-13 19:12:14 ----A---- C:\WINDOWS\system32\cliconfg.exe
2008-04-13 19:12:14 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2008-04-13 19:12:14 ----A---- C:\WINDOWS\system32\cisvc.exe
2008-04-13 19:12:13 ----A---- C:\WINDOWS\system32\cacls.exe
2008-04-13 19:12:13 ----A---- C:\WINDOWS\system32\autolfn.exe
2008-04-13 19:12:13 ----A---- C:\WINDOWS\system32\autofmt.exe
2008-04-13 19:12:12 ----A---- C:\WINDOWS\system32\autoconv.exe
2008-04-13 19:12:12 ----A---- C:\WINDOWS\system32\autochk.exe
2008-04-13 19:12:12 ----A---- C:\WINDOWS\system32\attrib.exe
2008-04-13 19:12:12 ----A---- C:\WINDOWS\system32\atmadm.exe
PCStressed
2008-09-27, 20:27
2008-04-13 19:12:12 ----A---- C:\WINDOWS\system32\at.exe
2008-04-13 19:12:12 ----A---- C:\WINDOWS\system32\alg.exe
2008-04-13 19:12:12 ----A---- C:\WINDOWS\system32\ahui.exe
2008-04-13 19:12:12 ----A---- C:\WINDOWS\system32\actmovie.exe
2008-04-13 19:12:11 ----A---- C:\WINDOWS\system32\zipfldr.dll
2008-04-13 19:12:11 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-04-13 19:12:11 ----A---- C:\WINDOWS\system32\xactsrv.dll
2008-04-13 19:12:11 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-04-13 19:12:11 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-04-13 19:12:10 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2008-04-13 19:12:10 ----A---- C:\WINDOWS\system32\wsock32.dll
2008-04-13 19:12:10 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2008-04-13 19:12:10 ----A---- C:\WINDOWS\system32\wshtcpip.dll
2008-04-13 19:12:10 ----A---- C:\WINDOWS\system32\wshrm.dll
2008-04-13 19:12:10 ----A---- C:\WINDOWS\system32\wship6.dll
2008-04-13 19:12:10 ----A---- C:\WINDOWS\system32\wshcon.dll
2008-04-13 19:12:10 ----A---- C:\WINDOWS\system32\ws2help.dll
2008-04-13 19:12:10 ----A---- C:\WINDOWS\system32\ws2_32.dll
2008-04-13 19:12:10 ----A---- C:\WINDOWS\system32\wow32.dll
2008-04-13 19:12:10 ----A---- C:\WINDOWS\system32\wmstream.dll
2008-04-13 19:12:09 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2008-04-13 19:12:09 ----A---- C:\WINDOWS\system32\wlnotify.dll
2008-04-13 19:12:09 ----A---- C:\WINDOWS\system32\wldap32.dll
2008-04-13 19:12:09 ----A---- C:\WINDOWS\system32\wintrust.dll
2008-04-13 19:12:09 ----A---- C:\WINDOWS\system32\winsta.dll
2008-04-13 19:12:09 ----A---- C:\WINDOWS\system32\winsrv.dll
2008-04-13 19:12:09 ----A---- C:\WINDOWS\system32\winscard.dll
2008-04-13 19:12:09 ----A---- C:\WINDOWS\system32\winrnr.dll
2008-04-13 19:12:09 ----A---- C:\WINDOWS\system32\winmm.dll
2008-04-13 19:12:09 ----A---- C:\WINDOWS\system32\winipsec.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\win32spl.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\wiavideo.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\wiashext.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\wiaservc.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\wiascr.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\wiadss.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\wiadefui.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\webvw.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\webclnt.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\wdigest.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\wavemsp.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\w32time.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\vssapi.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\version.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\verifier.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\vdmredir.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\vdmdbg.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\uxtheme.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\usp10.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\userenv.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\user32.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\usbmon.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\upnpui.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\upnphost.dll
2008-04-13 19:12:08 ----A---- C:\WINDOWS\system32\upnp.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\twain_32.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\untfs.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\uniplat.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\unimdmat.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\umandlg.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\ulib.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\udhisapi.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\trkwks.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\themeui.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\termmgr.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\tcpmon.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\tcpmib.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\tapisrv.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\tapi32.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\tapi3.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\t2embed.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\syssetup.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\syncui.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\synceng.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\strmdll.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\storprop.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\stobject.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\sti_ci.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\sti.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\stclient.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\srvsvc.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-04-13 19:12:07 ----A---- C:\WINDOWS\system32\srclient.dll
2008-04-13 19:12:06 ----A---- C:\WINDOWS\system32\sqlunirl.dll
2008-04-13 19:12:06 ----A---- C:\WINDOWS\system32\spoolss.dll
2008-04-13 19:12:06 ----A---- C:\WINDOWS\system32\snmpsnap.dll
2008-04-13 19:12:06 ----A---- C:\WINDOWS\system32\snmpapi.dll
2008-04-13 19:12:06 ----A---- C:\WINDOWS\system32\smlogcfg.dll
2008-04-13 19:12:06 ----A---- C:\WINDOWS\system32\slbiop.dll
2008-04-13 19:12:06 ----A---- C:\WINDOWS\system32\slayerxp.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\sigtab.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\shsvcs.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\shscrap.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\shmedia.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\shimgvw.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\shimeng.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\shgina.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\shfolder.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\sfcfiles.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\sfc_os.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\sfc.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\sensapi.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\sens.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\sendmail.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\sendcmsg.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\security.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\secur32.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\seclogon.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\sclgntfy.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\schannel.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\scesrv.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\scecli.dll
2008-04-13 19:12:05 ----A---- C:\WINDOWS\system32\sccsccp.dll
2008-04-13 19:12:04 ----A---- C:\WINDOWS\system32\scarddlg.dll
2008-04-13 19:12:04 ----A---- C:\WINDOWS\system32\sbeio.dll
2008-04-13 19:12:04 ----A---- C:\WINDOWS\system32\sbe.dll
2008-04-13 19:12:04 ----A---- C:\WINDOWS\system32\samsrv.dll
2008-04-13 19:12:04 ----A---- C:\WINDOWS\system32\samlib.dll
2008-04-13 19:12:04 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-04-13 19:12:04 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-04-13 19:12:04 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-04-13 19:12:04 ----A---- C:\WINDOWS\system32\rtutils.dll
2008-04-13 19:12:04 ----A---- C:\WINDOWS\system32\rtipxmib.dll
2008-04-13 19:12:04 ----A---- C:\WINDOWS\system32\rsvpsp.dll
2008-04-13 19:12:04 ----A---- C:\WINDOWS\system32\rsmps.dll
2008-04-13 19:12:04 ----A---- C:\WINDOWS\system32\rshx32.dll
2008-04-13 19:12:04 ----A---- C:\WINDOWS\system32\riched20.dll
2008-04-13 19:12:04 ----A---- C:\WINDOWS\system32\resutils.dll
2008-04-13 19:12:04 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-04-13 19:12:04 ----A---- C:\WINDOWS\system32\regwizc.dll
2008-04-13 19:12:04 ----A---- C:\WINDOWS\system32\regsvc.dll
2008-04-13 19:12:04 ----A---- C:\WINDOWS\system32\regapi.dll
2008-04-13 19:12:04 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\rcbdyctl.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\rastls.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\rastapi.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\rassapi.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\rasppp.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\rasmans.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\rasman.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\rasdlg.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\raschap.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\rasauto.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\rasapi32.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\rasadhlp.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\query.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\qedit.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\qdvd.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\qdv.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\qcap.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\pstorsvc.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\pstorec.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\psbase.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\psapi.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\profmap.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\printui.dll
2008-04-13 19:12:03 ----A---- C:\WINDOWS\system32\powrprof.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\polstore.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\pjlmon.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\pid.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\photowiz.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\perfproc.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\perfos.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\perfnet.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\perfdisk.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\perfctrs.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\pdh.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\pautoenr.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\osuninst.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\opengl32.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\olepro32.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\oleprn.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\oledlg.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\olecnv32.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\olecli32.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\oleaut32.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\offfilt.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\odtext32.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\odpdx32.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\odfox32.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\odexl32.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\oddbse32.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\odbctrac.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\odbcjt32.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\odbccu32.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\odbccr32.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\odbcconf.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\odbc32gt.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\ocmanage.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\objsel.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\oakley.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\nwprovau.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\ntvdmd.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\ntshrui.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\ntprint.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\ntmssvc.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\ntmsmgr.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\ntmsdba.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\ntmsapi.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\ntmarta.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\ntlanman.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\ntdsapi.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\npptools.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\nlhtml.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\newdev.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\netui1.dll
2008-04-13 19:12:02 ----A---- C:\WINDOWS\system32\netui0.dll
2008-04-13 19:12:01 ----A---- C:\WINDOWS\system32\netrap.dll
2008-04-13 19:12:01 ----A---- C:\WINDOWS\system32\netplwiz.dll
2008-04-13 19:12:01 ----A---- C:\WINDOWS\system32\netman.dll
2008-04-13 19:12:01 ----A---- C:\WINDOWS\system32\netlogon.dll
2008-04-13 19:12:01 ----A---- C:\WINDOWS\system32\netid.dll
2008-04-13 19:12:01 ----A---- C:\WINDOWS\system32\netcfgx.dll
2008-04-13 19:12:01 ----A---- C:\WINDOWS\system32\nddenb32.dll
2008-04-13 19:12:01 ----A---- C:\WINDOWS\system32\nddeapi.dll
2008-04-13 19:12:01 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2008-04-13 19:12:01 ----A---- C:\WINDOWS\system32\mydocs.dll
2008-04-13 19:12:01 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-04-13 19:12:01 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-04-13 19:12:01 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-04-13 19:12:01 ----A---- C:\WINDOWS\system32\msxml3.dll
2008-04-13 19:12:01 ----A---- C:\WINDOWS\system32\msxml2.dll
2008-04-13 19:12:01 ----A---- C:\WINDOWS\system32\msxml.dll
2008-04-13 19:12:01 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2008-04-13 19:12:01 ----A---- C:\WINDOWS\system32\msw3prt.dll
2008-04-13 19:12:01 ----A---- C:\WINDOWS\system32\msvfw32.dll
2008-04-13 19:12:01 ----A---- C:\WINDOWS\system32\msvcrt.dll
2008-04-13 19:12:01 ----A---- C:\WINDOWS\system32\msvcp60.dll
2008-04-13 19:12:01 ----A---- C:\WINDOWS\system32\msvcirt.dll
2008-04-13 19:12:00 ----A---- C:\WINDOWS\system32\msvbvm60.dll
2008-04-13 19:12:00 ----A---- C:\WINDOWS\system32\msv1_0.dll
2008-04-13 19:12:00 ----A---- C:\WINDOWS\system32\msutb.dll
2008-04-13 19:12:00 ----A---- C:\WINDOWS\system32\mstlsapi.dll
2008-04-13 19:12:00 ----A---- C:\WINDOWS\system32\mssap.dll
2008-04-13 19:12:00 ----A---- C:\WINDOWS\system32\msrle32.dll
2008-04-13 19:12:00 ----A---- C:\WINDOWS\system32\mspatcha.dll
2008-04-13 19:12:00 ----A---- C:\WINDOWS\system32\msorcl32.dll
2008-04-13 19:12:00 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-04-13 19:12:00 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-04-13 19:12:00 ----A---- C:\WINDOWS\system32\msnsspc.dll
2008-04-13 19:12:00 ----A---- C:\WINDOWS\system32\mslbui.dll
2008-04-13 19:11:59 ----A---- C:\WINDOWS\system32\msisip.dll
2008-04-13 19:11:59 ----A---- C:\WINDOWS\system32\msimtf.dll
2008-04-13 19:11:59 ----A---- C:\WINDOWS\system32\msimg32.dll
2008-04-13 19:11:59 ----A---- C:\WINDOWS\system32\msihnd.dll
2008-04-13 19:11:59 ----A---- C:\WINDOWS\system32\msieftp.dll
2008-04-13 19:11:59 ----A---- C:\WINDOWS\system32\msidle.dll
2008-04-13 19:11:59 ----A---- C:\WINDOWS\system32\msident.dll
2008-04-13 19:11:59 ----A---- C:\WINDOWS\system32\msi.dll
2008-04-13 19:11:59 ----A---- C:\WINDOWS\system32\msgina.dll
2008-04-13 19:11:59 ----A---- C:\WINDOWS\system32\msftedit.dll
2008-04-13 19:11:59 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-04-13 19:11:59 ----A---- C:\WINDOWS\system32\msdmo.dll
2008-04-13 19:11:58 ----A---- C:\WINDOWS\system32\msctfp.dll
2008-04-13 19:11:58 ----A---- C:\WINDOWS\system32\msctf.dll
2008-04-13 19:11:58 ----A---- C:\WINDOWS\system32\mscpxl32.dll
2008-04-13 19:11:58 ----A---- C:\WINDOWS\system32\msconf.dll
2008-04-13 19:11:58 ----A---- C:\WINDOWS\system32\msasn1.dll
2008-04-13 19:11:58 ----A---- C:\WINDOWS\system32\msapsspc.dll
2008-04-13 19:11:58 ----A---- C:\WINDOWS\system32\msacm32.dll
2008-04-13 19:11:57 ----A---- C:\WINDOWS\system32\mprdim.dll
2008-04-13 19:11:57 ----A---- C:\WINDOWS\system32\mprapi.dll
2008-04-13 19:11:57 ----A---- C:\WINDOWS\system32\mpr.dll
2008-04-13 19:11:57 ----A---- C:\WINDOWS\system32\modemui.dll
2008-04-13 19:11:57 ----A---- C:\WINDOWS\system32\mobsync.dll
2008-04-13 19:11:57 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-04-13 19:11:57 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-04-13 19:11:57 ----A---- C:\WINDOWS\system32\mmcshext.dll
2008-04-13 19:11:57 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2008-04-13 19:11:57 ----A---- C:\WINDOWS\system32\mmcbase.dll
2008-04-13 19:11:57 ----A---- C:\WINDOWS\system32\mlang.dll
2008-04-13 19:11:57 ----A---- C:\WINDOWS\system32\mimefilt.dll
2008-04-13 19:11:57 ----A---- C:\WINDOWS\system32\miglibnt.dll
2008-04-13 19:11:57 ----A---- C:\WINDOWS\system32\midimap.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\mfcsubs.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\mfc42.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\mfc40u.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\mdminst.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\mciwave.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\mciseq.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\mciqtz32.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\mciavi32.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\mcastmib.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\lsasrv.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\lprhelp.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\lpk.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\localui.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\localspl.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\localsec.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\loadperf.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\lmrt.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\linkinfo.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\keymgr.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\kernel32.dll
2008-04-13 19:11:56 ----A---- C:\WINDOWS\system32\kerberos.dll
2008-04-13 19:11:55 ----N---- C:\WINDOWS\system32\itircl.dll
2008-04-13 19:11:55 ----N---- C:\WINDOWS\system32\ir50_qcx.dll
2008-04-13 19:11:55 ----N---- C:\WINDOWS\system32\ir50_qc.dll
2008-04-13 19:11:55 ----N---- C:\WINDOWS\system32\ir50_32.dll
2008-04-13 19:11:55 ----N---- C:\WINDOWS\system32\ir41_qcx.dll
2008-04-13 19:11:55 ----N---- C:\WINDOWS\system32\ir41_qc.dll
2008-04-13 19:11:55 ----A---- C:\WINDOWS\system32\jgpl400.dll
2008-04-13 19:11:55 ----A---- C:\WINDOWS\system32\jgdw400.dll
2008-04-13 19:11:55 ----A---- C:\WINDOWS\system32\iyuv_32.dll
2008-04-13 19:11:55 ----A---- C:\WINDOWS\system32\ixsso.dll
2008-04-13 19:11:55 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-04-13 19:11:55 ----A---- C:\WINDOWS\system32\isign32.dll
2008-04-13 19:11:55 ----A---- C:\WINDOWS\system32\ipxwan.dll
2008-04-13 19:11:55 ----A---- C:\WINDOWS\system32\ipv6mon.dll
2008-04-13 19:11:55 ----A---- C:\WINDOWS\system32\ipsmsnap.dll
2008-04-13 19:11:55 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
2008-04-13 19:11:55 ----A---- C:\WINDOWS\system32\ipsecsnp.dll
2008-04-13 19:11:55 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2008-04-13 19:11:55 ----A---- C:\WINDOWS\system32\ippromon.dll
2008-04-13 19:11:55 ----A---- C:\WINDOWS\system32\ipmontr.dll
2008-04-13 19:11:55 ----A---- C:\WINDOWS\system32\iphlpapi.dll
2008-04-13 19:11:55 ----A---- C:\WINDOWS\system32\input.dll
2008-04-13 19:11:55 ----A---- C:\WINDOWS\system32\initpki.dll
2008-04-13 19:11:55 ----A---- C:\WINDOWS\system32\inetppui.dll
2008-04-13 19:11:55 ----A---- C:\WINDOWS\system32\inetpp.dll
2008-04-13 19:11:55 ----A---- C:\WINDOWS\system32\inetmib1.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\imm32.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\imeshare.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\imagehlp.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\ils.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\igmpagnt.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\ifmon.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\idq.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\icm32.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\iccvid.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\iasrad.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\i81xdnt5.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\htui.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\hotplug.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\hnetwiz.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\hlink.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\hid.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\hhsetup.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\hccoin.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\glu32.dll
2008-04-13 19:11:54 ----A---- C:\WINDOWS\system32\gdi32.dll
2008-04-13 19:11:53 ----A---- C:\WINDOWS\system32\fontsub.dll
2008-04-13 19:11:53 ----A---- C:\WINDOWS\system32\fontext.dll
2008-04-13 19:11:53 ----A---- C:\WINDOWS\system32\filemgmt.dll
2008-04-13 19:11:53 ----A---- C:\WINDOWS\system32\feclient.dll
2008-04-13 19:11:53 ----A---- C:\WINDOWS\system32\faultrep.dll
2008-04-13 19:11:53 ----A---- C:\WINDOWS\system32\exts.dll
2008-04-13 19:11:53 ----A---- C:\WINDOWS\system32\eventlog.dll
2008-04-13 19:11:53 ----A---- C:\WINDOWS\system32\esent.dll
2008-04-13 19:11:53 ----A---- C:\WINDOWS\system32\ersvc.dll
2008-04-13 19:11:53 ----A---- C:\WINDOWS\system32\encdec.dll
2008-04-13 19:11:53 ----A---- C:\WINDOWS\system32\encapi.dll
2008-04-13 19:11:53 ----A---- C:\WINDOWS\system32\els.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dxmasf.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dx8vb.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dx7vb.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\duser.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dswave.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dsuiext.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dssec.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dsquery.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dsprop.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dsound3d.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dsound.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dskquoui.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dskquota.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dsdmo.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\ds32gt.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\drprov.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dpvvox.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dpvoice.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dpvacm.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dpnet.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dpmodemx.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\docprop2.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dmutil.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dmusic.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dmsynth.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dmstyle.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dmserver.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dmscript.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dmloader.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dmime.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dmdskmgr.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dmdlgs.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dmcompos.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dmband.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dispex.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\diskcopy.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dinput8.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dinput.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\digest.dll
2008-04-13 19:11:52 ----A---- C:\WINDOWS\system32\dhcpmon.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\dgnet.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\dfsshlex.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\dfrgui.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\devmgr.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\devenum.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\ddrawex.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\ddraw.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\dciman32.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\dbnmpntw.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\dbghelp.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\davclnt.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\datime.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\dataclen.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\danim.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\d3dim700.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\d3d9.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\d3d8.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\csrsrv.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\cscui.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\cscdll.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\cryptui.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\cryptsvc.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\cryptnet.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\cryptext.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\cryptdll.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\cryptdlg.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\crypt32.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\credui.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\corpol.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\confmsp.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\comres.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\compstui.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\compatui.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\comdlg32.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\comctl32.dll
2008-04-13 19:11:51 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\cnbjmon.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\cmutil.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\cmdial32.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\cmcfg32.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\clusapi.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\cliconfg.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\ciodm.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\cic.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\certmgr.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\certcli.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\cdosys.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\cdfview.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\capesnpn.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\camocx.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\cabview.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\cabinet.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\browsewm.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\browser.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\bidispl.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\batt.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\batmeter.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\basesrv.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\avifil32.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\authz.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\audiosrv.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\atmlib.dll
2008-04-13 19:11:50 ----A---- C:\WINDOWS\system32\atl.dll
2008-04-13 19:11:49 ----A---- C:\WINDOWS\system32\asycfilt.dll
2008-04-13 19:11:49 ----A---- C:\WINDOWS\system32\apphelp.dll
2008-04-13 19:11:49 ----A---- C:\WINDOWS\system32\amstream.dll
2008-04-13 19:11:49 ----A---- C:\WINDOWS\system32\alrsvc.dll
2008-04-13 19:11:48 ----A---- C:\WINDOWS\system32\advapi32.dll
2008-04-13 19:11:48 ----A---- C:\WINDOWS\system32\adsnt.dll
2008-04-13 19:11:48 ----A---- C:\WINDOWS\system32\adsmsext.dll
2008-04-13 19:11:48 ----A---- C:\WINDOWS\system32\adsldpc.dll
2008-04-13 19:11:48 ----A---- C:\WINDOWS\system32\adsldp.dll
2008-04-13 19:11:48 ----A---- C:\WINDOWS\system32\actxprxy.dll
2008-04-13 19:11:48 ----A---- C:\WINDOWS\system32\activeds.dll
2008-04-13 19:11:48 ----A---- C:\WINDOWS\system32\aclui.dll
2008-04-13 19:11:48 ----A---- C:\WINDOWS\system32\6to4svc.dll
2008-04-13 19:11:24 ----A---- C:\WINDOWS\system32\ntdll.dll
2008-04-13 19:11:15 ----A---- C:\WINDOWS\system32\wmi.dll
2008-04-13 19:11:11 ----A---- C:\WINDOWS\system32\winntbbu.dll
2008-04-13 19:10:31 ----A---- C:\WINDOWS\system32\odbcji32.dll
2008-04-13 19:10:08 ----A---- C:\WINDOWS\system32\msdxmlc.dll
2008-04-13 19:10:06 ----A---- C:\WINDOWS\system32\msafd.dll
2008-04-13 19:09:55 ----A---- C:\WINDOWS\system32\kbdnec.dll
2008-04-13 19:09:40 ----A---- C:\WINDOWS\system32\icmp.dll
2008-04-13 19:09:33 ----A---- C:\WINDOWS\system32\framebuf.dll
2008-04-13 19:09:20 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2008-04-13 19:09:19 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2008-04-13 19:09:05 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
2008-04-13 19:09:01 ----A---- C:\WINDOWS\system32\atmfd.dll
2008-04-13 16:00:49 ----A---- C:\WINDOWS\system32\dpcdll.dll
2008-04-13 14:27:53 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-04-13 13:35:22 ----A---- C:\WINDOWS\system32\pidgen.dll
2008-04-13 13:31:35 ----A---- C:\WINDOWS\system32\kd1394.dll
2008-04-13 13:31:28 ----A---- C:\WINDOWS\system32\HAL.DLL
2008-04-13 13:31:21 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-13 13:30:46 ----N---- C:\WINDOWS\system32\msvcrt40.dll
2008-04-13 12:39:22 ----A---- C:\WINDOWS\system32\xpsp1res.dll
2008-04-13 12:37:57 ----A---- C:\WINDOWS\system32\rsaenh.dll
2008-04-13 12:37:57 ----A---- C:\WINDOWS\system32\dssenh.dll
2008-04-13 12:26:07 ----A---- C:\WINDOWS\system32\mscpx32r.dll
2008-04-13 12:26:05 ----A---- C:\WINDOWS\system32\odbcp32r.dll
2008-04-13 12:26:05 ----A---- C:\WINDOWS\system32\odbcint.dll
2008-04-13 12:24:14 ----A---- C:\WINDOWS\system32\msorc32r.dll
2008-04-13 12:21:32 ----A---- C:\WINDOWS\system32\qedwipes.dll
2008-04-13 12:09:30 ----A---- C:\WINDOWS\system32\dsprpres.dll
2008-04-13 12:03:24 ----A---- C:\WINDOWS\system32\browselc.dll
2008-04-13 12:03:19 ----A---- C:\WINDOWS\system32\shdoclc.dll
2008-04-13 11:48:53 ----A---- C:\WINDOWS\system32\winbrand.dll
2008-04-13 11:45:30 ----A---- C:\WINDOWS\system32\moricons.dll
2008-04-13 11:23:31 ----A---- C:\WINDOWS\system32\msprivs.dll
2008-04-13 11:22:12 ----A---- C:\WINDOWS\system32\inetres.dll
2008-04-13 10:39:43 ----A---- C:\WINDOWS\system32\msimsg.dll
2007-06-11 22:51:12 ----A---- C:\WINDOWS\system32\wmp.dll
2007-01-16 09:18:15 ----A---- C:\WINDOWS\WIN.INI
2006-12-30 20:26:44 ----A---- C:\WINDOWS\system32\gpkrsrc.dll
2006-11-07 20:03:36 ----A---- C:\WINDOWS\system32\msls31.dll
2006-11-07 20:03:36 ----A---- C:\WINDOWS\system32\iepeers.dll
2006-11-07 02:26:44 ----A---- C:\WINDOWS\system32\admparse.dll
2006-11-07 02:26:42 ----A---- C:\WINDOWS\system32\iesetup.dll
2006-11-07 02:26:24 ----A---- C:\WINDOWS\system32\inseng.dll
2006-10-18 21:47:16 ----A---- C:\WINDOWS\system32\mspmsnsv.dll
2006-10-17 11:05:10 ----A---- C:\WINDOWS\system32\licmgr10.dll
2006-10-17 10:57:58 ----A---- C:\WINDOWS\system32\imgutil.dll
2006-10-17 10:56:10 ----A---- C:\WINDOWS\system32\mshta.exe
2006-10-17 10:28:56 ----A---- C:\WINDOWS\system32\mshtmler.dll
2006-10-14 03:13:25 ----A---- C:\WINDOWS\system32\mfc42u.dll
2005-09-20 08:59:56 ----A---- C:\WINDOWS\system32\ialmdd5.dll
2005-09-20 08:52:38 ----A---- C:\WINDOWS\system32\ialmrnt5.dll
2005-09-20 08:52:36 ----A---- C:\WINDOWS\system32\ialmrem.dll
2005-09-20 08:52:32 ----A---- C:\WINDOWS\system32\ialmdnt5.dll
2005-09-20 08:52:22 ----A---- C:\WINDOWS\system32\ialmdev5.dll
2005-09-20 08:36:14 ----A---- C:\WINDOWS\system32\igfxext.exe
2005-09-20 08:36:14 ----A---- C:\WINDOWS\system32\igfxexps.dll
2005-09-20 08:35:40 ----A---- C:\WINDOWS\system32\igfxtray.exe
2005-09-20 08:35:28 ----A---- C:\WINDOWS\system32\igfxress.dll
2005-09-20 08:35:24 ----A---- C:\WINDOWS\system32\igfxpph.dll
2005-09-20 08:35:02 ----A---- C:\WINDOWS\system32\igfxcfg.exe
2005-09-20 08:32:30 ----A---- C:\WINDOWS\system32\igfxdo.dll
2005-09-20 08:32:24 ----A---- C:\WINDOWS\system32\hkcmd.exe
2005-09-20 08:32:16 ----A---- C:\WINDOWS\system32\igfxsrvc.dll
2005-09-20 08:31:28 ----A---- C:\WINDOWS\system32\igfxdev.dll
2005-09-20 08:31:12 ----A---- C:\WINDOWS\system32\hccutils.dll
2005-01-23 09:54:56 ----A---- C:\WINDOWS\system32\ialmgdev.dll
2005-01-23 09:52:44 ----A---- C:\WINDOWS\system32\ialmgicd.dll
2004-10-15 06:02:43 ----A---- C:\WINDOWS\VBADDIN.INI
2004-09-11 12:15:37 ----RASH---- C:\NTDETECT.COM
2004-08-03 21:59:28 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2004-08-03 21:51:22 ----A---- C:\WINDOWS\system32\dosx.exe
2004-08-03 21:51:12 ----A---- C:\WINDOWS\system32\mmsystem.dll
2004-08-03 21:49:34 ----A---- C:\WINDOWS\system32\krnl386.exe
2004-08-03 21:48:46 ----A---- C:\WINDOWS\system32\redir.exe
2004-08-03 21:31:44 ----A---- C:\WINDOWS\system32\slbcsp.dll
2004-07-17 10:46:14 ----A---- C:\WINDOWS\system32\tcpmon.ini
2004-07-17 10:39:16 ----A---- C:\WINDOWS\system32\xenroll.dll
2004-05-18 09:41:15 ----A---- C:\WINDOWS\SYSTEM.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 FileDisk;FileDisk; C:\WINDOWS\system32\drivers\FileDisk.sys [2006-07-24 9341]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 omci;OMCI WDM Device Driver; C:\WINDOWS\System32\DRIVERS\omci.sys [2002-11-08 17217]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2003-07-14 5621]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2003-07-14 23219]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-08-29 12032]
R2 BrPar;BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [2000-07-24 19537]
R2 CSS DVP;Dynamic Virus Protection; C:\WINDOWS\system32\DRIVERS\css-dvp.sys [2007-07-09 834448]
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2003-06-20 40448]
R2 dsunidrv;DellSupport UniDriver; C:\WINDOWS\system32\DRIVERS\dsunidrv.sys [2007-02-25 5376]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\System32\PfModNT.sys []
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2003-08-06 25685]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2003-08-06 34837]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2003-08-06 4117]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2003-08-06 2233]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2003-08-06 83284]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2003-08-06 14229]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2003-08-06 6357]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2003-08-06 98068]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2003-08-06 100373]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\DRIVERS\ctsfm2k.sys [2003-09-22 130192]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2003-03-04 145408]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 itchfltr;iTouch Keyboard Filter; C:\WINDOWS\system32\DRIVERS\itchfltr.sys [2003-11-08 12953]
R3 L8042pr2;Logitech PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042pr2.Sys [2003-11-07 51486]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys [2003-11-07 70798]
R3 MxlW2k;MxlW2k; C:\WINDOWS\system32\drivers\MxlW2k.sys [2004-08-24 28352]
R3 NPDriver;Norton Unerase Protection Driver; \??\C:\WINDOWS\system32\Drivers\NPDRIVER.SYS []
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\System32\DRIVERS\ctoss2k.sys [2003-09-22 178672]
R3 P16X;Creative SB Live! Series (WDM); C:\WINDOWS\system32\drivers\P16X.sys [2003-09-22 1330048]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-05-06 580992]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S1 P3;Intel PentiumIII Processor Driver; C:\WINDOWS\System32\DRIVERS\p3.sys [2008-04-13 42752]
S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-04-15 113504]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-04-15 78752]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DSproct;DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys []
S3 EL90XBC;3Com EtherLink XL 90XB/C Adapter Driver; C:\WINDOWS\System32\DRIVERS\el90xbc5.sys [2001-08-17 66591]
S3 HidBatt;HID UPS Battery Driver; C:\WINDOWS\System32\DRIVERS\HidBatt.sys [2008-04-13 20352]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 i81x;i81x; C:\WINDOWS\System32\DRIVERS\i81xnt5.sys [2004-08-03 161020]
S3 iAimFP0;iAimFP0; C:\WINDOWS\System32\DRIVERS\wADV01nt.sys [2004-08-03 12415]
S3 iAimFP1;iAimFP1; C:\WINDOWS\System32\DRIVERS\wADV02NT.sys [2004-08-03 12127]
S3 iAimFP2;iAimFP2; C:\WINDOWS\System32\DRIVERS\wADV05NT.sys [2004-08-03 11775]
S3 iAimFP3;iAimFP3; C:\WINDOWS\System32\DRIVERS\wSiINTxx.sys [2004-08-03 12063]
S3 iAimFP4;iAimFP4; C:\WINDOWS\System32\DRIVERS\wVchNTxx.sys [2004-08-03 19455]
S3 iAimTV0;iAimTV0; C:\WINDOWS\System32\DRIVERS\wATV01nt.sys [2004-08-03 29311]
S3 iAimTV1;iAimTV1; C:\WINDOWS\System32\DRIVERS\wATV02NT.sys [2004-08-03 19551]
S3 iAimTV2;iAimTV2; C:\WINDOWS\System32\DRIVERS\wATV03nt.sys []
S3 iAimTV3;iAimTV3; C:\WINDOWS\System32\DRIVERS\wATV04nt.sys [2004-08-03 33599]
S3 iAimTV4;iAimTV4; C:\WINDOWS\System32\DRIVERS\wCh7xxNT.sys [2004-08-03 23615]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MR97310_USB_DUAL_CAMERA;MR97310 CIF Dual Mode Camera; C:\WINDOWS\system32\DRIVERS\mr97310c.sys [2002-12-13 129875]
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 SDdriver;SDdriver; \??\C:\WINDOWS\system32\Drivers\sddriver.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [2003-09-01 104064]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\System32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\System32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 IntelIde;IntelIde; C:\WINDOWS\System32\DRIVERS\intelide.sys [2008-04-13 5504]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\System32\DRIVERS\viaagp.sys [2008-04-13 42240]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2008-05-10 607576]
R2 APC UPS Service;APC UPS Service; C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe [2003-06-11 155770]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-09-06 110592]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-09-02 198336]
R2 Brother XP spl Service;BrSplService; C:\WINDOWS\System32\brsvc01a.exe [2002-04-11 57344]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\System32\CTsvcCDA.exe [1999-12-13 44032]
R2 dvpapi;DvpApi; C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe [2007-07-09 177416]
R2 ioloFileInfoList;iolo FileInfoList Service; C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2008-08-15 596328]
R2 ioloSystemService;iolo System Service; C:\Program Files\iolo\common\lib\ioloServiceManager.exe [2008-08-15 596328]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]
R2 NProtectService;Norton Unerase Protection; C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE [2004-08-30 95328]
R2 Print Distributor 3;Print Distributor 3; C:\\Program Files\\Print Distributor 3\\pd3service.exe [2005-02-02 688128]
R2 Speed Disk service;Speed Disk service; C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE [2004-08-30 181416]
R2 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2008-02-01 1251720]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\System32\MsPMSPSv.exe [2000-06-26 53520]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-02-19 504104]
R3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-09-02 2528960]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-09 108648]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2007-11-28 583048]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 ccPwdSvc;Symantec Password Validation; C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe [2005-03-23 79472]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 DSBrokerService;DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [2007-03-07 76848]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-09 29744]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-31 138168]
S3 NetSvc;Intel NCS NetService; C:\Program Files\Intel\NCS\Sync\NetSvc.exe [2003-03-03 143360]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
The End
Please go to Kaspersky website (http://www.kaspersky.com/kos/eng/partner/default/kavwebscan.html) and perform an online antivirus scan.
Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
Read through the requirements and privacy statement and click on Accept button.
It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
When the downloads have finished, click on Settings.
Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button: Spyware, Adware, Dialers, and other potentially dangerous programs
Archives
Click on My Computer under Scan.
Once the scan is complete, it will display the results. Click on View Scan Report.
You will see a list of infected items there. Click on Save Report As....
Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
Please post this log in your next reply along with a fresh HijackThis log.
If you need a tutorial, see here (http://i275.photobucket.com/albums/jj285/Bleeping/KAS/KAS9.gif)
PCStressed
2008-09-27, 22:41
:rolleyes: I finally got the Kaspersky scan to start. Several times I got a message about "The application's digital signature has an error etc. After serveral K starts and a reload of the Java software, I spotted a message "License key creation date is invalid. Check system." I had noticed the clock display time was wrong but I have seen Combofix do something like that. Sure enough something had changed the current date to 11/6/03 and moved the time 6 hrs ahead! After I corrected the date/time I was able to get Kaspersky to load, update and start the scan. I should have the report later. Ron
PCStressed
2008-09-28, 05:38
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Saturday, September 27, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Saturday, September 27, 2008 20:43:35
Records in database: 1266393
--------------------------------------------------------------------------------
Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area - My Computer:
A:\
C:\
D:\
F:\
Scan statistics:
Files scanned: 187883
Threat name: 8
Infected objects: 34
Suspicious objects: 2
Duration of the scan: 04:14:38
File name / Threat name / Threats count
C:\Documents and Settings\Ron\Desktop\SmitfraudFix.zip Infected: not-a-virus:RiskTool.Win32.Reboot.f 1
C:\Documents and Settings\Ron\Local Settings\Application Data\Microsoft\Outlook\outlook.pst Suspicious: Trojan-Spy.HTML.Fraud.gen 1
C:\Documents and Settings\Ron\My Documents\Was Shared Documents\marine2free.exe Infected: not-a-virus:AdTool.Win32.WhenU.a 1
C:\Documents and Settings\Ron\My Documents\Was Shared Documents\marine2free.exe Infected: not-a-virus:AdWare.Win32.NewDotNet 1
C:\Documents and Settings\Ron\My Documents\Was Shared Documents\marine2free.exe Infected: not-a-virus:AdWare.Win32.WebHancer 5
C:\Documents and Settings\Ron\My Documents\Was Shared Documents\marine2free.exe Infected: not-a-virus:Server-Proxy.Win32.MarketScore.h 1
C:\Documents and Settings\Ron\My Documents\Was Shared Documents\marine2free.exe Infected: not-a-virus:Server-Proxy.Win32.MarketScore.k 1
C:\Program Files\Downloads\marinefree_289.exe Infected: not-a-virus:AdWare.Win32.SaveNow.z 1
C:\Program Files\Downloads\marinefree_289.exe Infected: not-a-virus:AdWare.Win32.NewDotNet 1
C:\Program Files\Downloads\marinefree_289.exe Infected: not-a-virus:AdWare.Win32.WebHancer 5
F:\Documents and Settings\Ron\Desktop\SmitfraudFix.zip Infected: not-a-virus:RiskTool.Win32.Reboot.f 1
F:\Documents and Settings\Ron\Local Settings\Application Data\Microsoft\Outlook\outlook.pst Suspicious: Trojan-Spy.HTML.Fraud.gen 1
F:\Documents and Settings\Ron\My Documents\Was Shared Documents\marine2free.exe Infected: not-a-virus:AdTool.Win32.WhenU.a 1
F:\Documents and Settings\Ron\My Documents\Was Shared Documents\marine2free.exe Infected: not-a-virus:AdWare.Win32.NewDotNet 1
F:\Documents and Settings\Ron\My Documents\Was Shared Documents\marine2free.exe Infected: not-a-virus:AdWare.Win32.WebHancer 5
F:\Documents and Settings\Ron\My Documents\Was Shared Documents\marine2free.exe Infected: not-a-virus:Server-Proxy.Win32.MarketScore.h 1
F:\Documents and Settings\Ron\My Documents\Was Shared Documents\marine2free.exe Infected: not-a-virus:Server-Proxy.Win32.MarketScore.k 1
F:\Program Files\Downloads\marinefree_289.exe Infected: not-a-virus:AdWare.Win32.SaveNow.z 1
F:\Program Files\Downloads\marinefree_289.exe Infected: not-a-virus:AdWare.Win32.NewDotNet 1
F:\Program Files\Downloads\marinefree_289.exe Infected: not-a-virus:AdWare.Win32.WebHancer 5
The selected area was scanned.
*********
***********
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:36:38 PM, on 9/27/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iolo\common\lib\ioloServiceManager.exe
C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\Program Files\iolo\System Mechanic Professional\AntiVirus\ioloAV.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Print Distributor 3\pd3service.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\iolo\System Mechanic Professional\AntiVirus\iAVEmailScanner.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Documents and Settings\Ron\Local Settings\Temp\jkos-Ron\binaries\ScanningProcess.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\msdtc.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Desktop Search Capture - {7c1ce531-09e9-4fc5-9803-1c2956615786} - C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe
O4 - HKLM\..\Run: [VerizonServicepoint.exe] "C:\Program Files\Verizon\VSP\VerizonServicepoint.exe" /AUTORUN
O4 - HKLM\..\Run: [iolo AntiVirus] "C:\Program Files\iolo\System Mechanic Professional\AntiVirus\ioloAV.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [aČ] "C:\Security software\a2\a2guard.exe"
O4 - HKCU\..\Run: [Norton SystemWorks] "C:\Program Files\Norton SystemWorks\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\iavlsp.dll
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyfios.verizon.net/sdcCommon/download/FIOS/tgctlcm.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,76/mcinsctl.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,19/mcgdmgr.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://zone.msn.com/bingame/zuma/default/popcaploader_v5.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iolo FileInfoList Service (ioloFileInfoList) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iolo System Service (ioloSystemService) - Unknown owner - C:\Program Files\iolo\common\lib\ioloServiceManager.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\NPROTECT.EXE
O23 - Service: Print Distributor 3 - Unknown owner - C:\\Program Files\\Print Distributor 3\\pd3service.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 13632 bytes
Please download the OTMoveIt3 by OldTimer (http://oldtimer.geekstogo.com/OTMoveIt3.exe).
Save it to your desktop.
Please double-click OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
:files
C:\Documents and Settings\Ron\My Documents\Was Shared Documents\marine2free.exe
C:\Program Files\Downloads\marinefree_289.exe
F:\Documents and Settings\Ron\My Documents\Was Shared Documents\marine2free.exe
F:\Program Files\Downloads\marinefree_289.exe
:commands
[EmptyTemp]
Return to OTMoveIt3, right click in the "Paste List of Files/Folders to Move" window (under the yellow bar) and choose Paste.
Click the red Moveit! button.
Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
Close OTMoveIt3
Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
PCStressed
2008-09-28, 18:53
After a couple of pgm & folder deletes, reloads and re-runs, I got the following log. I think I was trying to copy the run log too soon and the prgm would freez.
Again, thank you for your continued interest in cleaning up the bad code in my PC.
========== FILES ==========
File/Folder C:\Documents and Settings\Ron\My Documents\Was Shared Documents\marine2free.exe not found.
File/Folder C:\Program Files\Downloads\marinefree_289.exe not found.
File/Folder F:\Documents and Settings\Ron\My Documents\Was Shared Documents\marine2free.exe not found.
File/Folder F:\Program Files\Downloads\marinefree_289.exe not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Ron\LOCALS~1\Temp\~DF6639.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Ron\LOCALS~1\Temp\~DF860E.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\fb_1140.lck scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_5c0.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.
OTMoveIt3 by OldTimer - Version 1.0.2.2 log created on 09282008_124039
Files moved on Reboot...
C:\DOCUME~1\Ron\LOCALS~1\Temp\~DF6639.tmp moved successfully.
File C:\DOCUME~1\Ron\LOCALS~1\Temp\~DF860E.tmp not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT scheduled to be moved on reboot.
File C:\WINDOWS\temp\fb_1140.lck not found!
C:\WINDOWS\temp\Perflib_Perfdata_5c0.dat moved successfully.
Ron
That looks good :)
Still problems?
PCStressed
2008-09-28, 23:18
Thank you for the last direction. This PC performs a lot better than it did when we started. I re-ran Spybot and it only found "Doubleclick". I let spybot fix.
However, I then ran Adaware 2007 and it found:
index.dat ads.pointall.com PRid, PRimp, PRca, PRcp etc. and
index.dat doubleclick.net id and
index.dat atdmt.com AA002. I let Adaware clean these up as well.
This PC is working much better after "cleaning". It still runs a little slower than it did a long way back but that may be because I need to add more memory.
If you still think the machine is now clean, I would like your input on prevention and maintenance.
Thank you for the time you have taken to help me clean this machine up. The gumming up of windows machines has gotten way out of hand. We are all taking too much time to keep them clean and to clean up infections. I am greatful that there are security helpers like yourself to help us with this infection problem.
Ron
For general slowness, see here (http://www.malwareremoval.com/tutorials/runningslowly.php) and post back if it helped :)
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.
Note: If it has been five days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.
If it has been less than five days since your last response and you need the thread re-opened, please send me or your helper a private message (pm). A valid, working link to the closed topic is required.