Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 35

Thread: Zlob.DNSChanger

  1. #21
    Junior Member
    Join Date
    Sep 2008
    Posts
    21

    Default

    HiJackThis Log

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 4:56:21 PM, on 10/6/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.20861)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
    C:\WINDOWS\system32\crypserv.exe
    C:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\LClock\LClock.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Pure Networks\Network Magic\nmapp.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\PROGRA~1\MI3AA1~1\rapimgr.exe
    C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\WINDOWS\notepad.exe
    C:\WINDOWS\notepad.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
    O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
    O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MacDrive service (MacDriveService) - Mediafour Corporation - C:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe
    O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
    O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

    --
    End of file - 10340 bytes


    OtViewIt Log

    OTViewIt logfile created on: 10/6/2008 4:49:29 PM - Run 4
    OTViewIt by OldTimer - Version 1.0.9.2 Folder = C:\Documents and Settings\Matthew\Desktop
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
    4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092;

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 74.52 Gb Total Space | 57.18 Gb Free Space | 76.73% Space Free | Partition Type: NTFS
    Drive D: | 465.76 Gb Total Space | 239.82 Gb Free Space | 51.49% Space Free | Partition Type: NTFS
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: MATT
    Current User Name: Matthew
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Whitelist: On
    File Age = 30 Days

    ========== Processes ==========

    [2008/07/10 09:47:18 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device

    Support\bin\AppleMobileDeviceService.exe
    [2007/10/09 16:21:02 | 00,124,280 | ---- | M] (Seagate Technology LLC) -- C:\Program

    Files\Seagate\Basics\Service\SyncServicesBasics.exe
    [2006/02/28 21:10:18 | 00,069,632 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\WINDOWS\system32\Crypserv.exe
    [2008/05/02 10:28:48 | 00,150,528 | ---- | M] (Mediafour Corporation) -- C:\Program Files\Mediafour\MacDrive

    7\MacDriveService.exe
    [2003/06/19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft

    Shared\VS7DEBUG\MDM.EXE
    [2008/05/02 22:46:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
    [2008/05/16 06:11:44 | 00,648,504 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Common Files\Pure Networks

    Shared\Platform\nmsrvc.exe
    [2008/04/14 06:42:42 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
    [2004/09/19 12:27:46 | 00,065,536 | ---- | M] () -- C:\Program Files\LClock\LClock.exe
    [2008/04/14 06:42:34 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
    [2008/07/10 10:51:32 | 00,289,064 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
    [2008/01/11 19:54:31 | 00,623,992 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
    [2008/04/14 06:42:34 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
    [2008/07/09 17:33:34 | 00,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
    [2008/06/12 02:38:00 | 00,034,672 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader

    9.0\Reader\reader_sl.exe
    [2005/12/15 11:18:50 | 00,049,152 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\HP Software

    Update\hpwuSchd2.exe
    [2008/05/21 17:26:10 | 00,451,896 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Pure Networks\Network Magic\nmapp.exe
    [2008/06/10 04:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    [2007/10/09 16:21:06 | 00,169,328 | ---- | M] (Maxtor Corporation) -- C:\Program Files\Seagate\Basics\Basics

    Status\MaxMenuMgrBasics.exe
    [2006/11/13 13:39:52 | 01,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    [2005/12/15 11:40:44 | 00,282,624 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital

    Imaging\bin\hpqtra08.exe
    [2006/11/13 13:39:34 | 00,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
    [2008/07/24 23:56:45 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision

    Shared\FLEXnet Publisher\FNPLicensingService.exe
    [2008/07/10 10:51:22 | 00,532,264 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
    [2005/12/15 12:47:22 | 00,204,800 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital

    Imaging\bin\hpqste08.exe
    [2008/07/18 22:10:42 | 00,053,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
    [2008/10/30 17:05:59 | 00,419,840 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Matthew\Desktop\OTViewIt.exe

    ========== (O23) Win32 Services ==========

    [2007/03/20 16:41:24 | 00,153,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\Adobe Version

    Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3 [On_Demand | Stopped])
    [2008/07/10 09:47:18 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device

    Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
    [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) --

    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
    [2007/10/09 16:21:02 | 00,124,280 | ---- | M] (Seagate Technology LLC) -- C:\Program

    Files\Seagate\Basics\Service\SyncServicesBasics.exe -- (Basics Service [Auto | Running])
    [2007/07/24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service

    [Disabled | Stopped])
    [2008/04/14 06:42:16 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc [On_Demand |

    Stopped])
    [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) --

    c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
    [2006/02/28 21:10:18 | 00,069,632 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\WINDOWS\system32\Crypserv.exe -- (Crypkey License

    [Auto | Running])
    [2008/07/24 23:56:45 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision

    Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Running])
    [2007/10/09 12:58:12 | 00,036,864 | ---- | M] (Microsoft Corporation) --

    c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
    [2007/10/11 09:55:10 | 00,864,256 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows

    Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
    [2008/07/10 10:51:22 | 00,532,264 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service

    [On_Demand | Running])
    [2008/05/02 10:28:48 | 00,150,528 | ---- | M] (Mediafour Corporation) -- C:\Program Files\Mediafour\MacDrive

    7\MacDriveService.exe -- (MacDriveService [Auto | Running])
    [2003/06/19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft

    Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
    [2007/10/11 09:55:14 | 00,122,880 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows

    Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
    [2008/05/21 17:25:30 | 00,012,800 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Pure Networks\Network

    Magic\WebServer\bin\nmraapache.exe -- (nmraapache [On_Demand | Stopped])
    [2008/05/16 06:11:44 | 00,648,504 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Common Files\Pure Networks

    Shared\Platform\nmsrvc.exe -- (nmservice [Auto | Running])
    [2008/05/02 22:46:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
    [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source

    Engine\OSE.EXE -- (ose [On_Demand | Stopped])
    [2005/03/14 12:05:02 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Stopped])
    [2008/04/14 06:42:40 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr [Disabled |

    Stopped])
    [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe --

    (WMPNetworkSvc [On_Demand | Stopped])

    ========== Driver Services ==========

    [2005/05/12 14:39:56 | 01,287,296 | ---- | M] (C-Media Inc.) -- C:\WINDOWS\system32\drivers\cmudax.sys -- (cmudax [On_Demand |

    Running])
    [2008/01/29 12:01:28 | 00,016,168 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM

    [On_Demand | Running])
    [2008/10/30 17:07:04 | 00,085,969 | ---- | M] (GMER) -- C:\WINDOWS\system32\drivers\gmer.sys -- (gmer [On_Demand | Stopped])
    [2008/04/13 23:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\hdaudbus.sys

    -- (HDAudBus [On_Demand | Running])
    [2005/10/27 20:24:28 | 00,049,664 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412 [On_Demand |

    Stopped])
    [2005/10/27 20:24:29 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12 [On_Demand |

    Stopped])
    [2005/10/27 20:24:30 | 00,021,568 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12 [On_Demand |

    Stopped])
    [2008/04/14 01:01:34 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm

    [System | Running])
    [2005/08/04 05:51:58 | 00,026,112 | ---- | M] (Integrated Technology Express, Inc.) -- C:\WINDOWS\system32\drivers\iteraid.sys --

    (iteraid [Boot | Running])
    [2008/07/22 14:29:46 | 00,288,768 | ---- | M] (Mediafour Corporation) -- C:\WINDOWS\System32\drivers\MDFSYSNT.SYS -- (MDFSYSNT

    [Boot | Running])
    [2007/02/28 11:15:08 | 00,019,072 | ---- | M] (Mediafour Corporation) -- C:\WINDOWS\System32\drivers\MDPMGRNT.SYS -- (MDPMGRNT

    [Boot | Running])
    [2006/01/09 22:47:27 | 00,031,846 | ---- | M] () -- C:\WINDOWS\system32\Ckldrv.sys -- (NetworkX [System | Running])
    [2008/05/02 22:46:00 | 06,554,496 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand

    | Running])
    [2001/08/17 14:51:52 | 00,003,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pciide.sys -- (PCIIde [Boot

    | Running])
    [2008/05/16 06:10:32 | 00,023,992 | ---- | M] (Pure Networks, Inc.) -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp [Auto |

    Running])
    [2001/08/22 17:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys --

    (Ptilink [On_Demand | Running])
    [2008/05/16 06:10:30 | 00,025,272 | ---- | M] (Pure Networks, Inc.) -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis

    [Auto | Running])
    [2007/03/07 19:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\PxHelp20.sys -- (PxHelp20 [Boot |

    Running])
    [2008/04/14 05:10:50 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sbp2port.sys -- (sbp2port

    [Boot | Running])
    [2008/04/13 23:09:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and

    Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
    [2008/04/29 17:40:56 | 00,210,472 | ---- | M] (Silicon Image, Inc) -- C:\WINDOWS\system32\drivers\Si3114r5.sys -- (si3114r5 [Boot

    | Running])
    [2008/04/29 17:40:56 | 00,017,064 | ---- | M] (Silicon Image, Inc.) -- C:\WINDOWS\system32\drivers\SiWinAcc.sys -- (SiFilter

    [Boot | Running])
    [2008/04/29 17:40:56 | 00,012,200 | ---- | M] (Silicon Image, Inc.) -- C:\WINDOWS\system32\drivers\SiRemFil.sys -- (SiRemFil

    [Boot | Running])
    [2008/04/14 01:15:36 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci

    [On_Demand | Running])
    [2008/04/14 05:26:50 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usb8023x.sys -- (usb_rndisx

    [On_Demand | Stopped])
    [2005/01/06 11:18:40 | 00,310,656 | ---- | M] (Marvell Semiconductor, Inc) -- C:\WINDOWS\system32\drivers\mrv8ka51.sys --

    (W8100XP [On_Demand | Stopped])
    [2006/09/28 18:55:50 | 00,077,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\WudfPf.sys -- (WudfPf

    [On_Demand | Stopped])
    [2006/09/28 19:00:34 | 00,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\WudfRd.sys -- (WudfRd

    [On_Demand | Stopped])
    [2008/04/04 04:57:00 | 00,296,320 | ---- | M] (Marvell) -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp [On_Demand |

    Running])

    ========== (R ) Internet Explorer ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
    "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
    "Default_Secondary_Page_URL"=
    "Extensions Off Page"=about:NoAdd-ons
    "Local Page"=%SystemRoot%\system32\blank.htm
    "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
    "Security Risk Page"=about:SecurityRisk
    "Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
    "CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
    "SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
    "Local Page"=C:\WINDOWS\system32\blank.htm
    "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
    "Start Page"=http://www.google.com/

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "ProxyEnable" = 0
    "ProxyOverride" = *.local

    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
    "Start Page"=http://www.google.com/

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "ProxyEnable" = 0

    [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
    "Start Page"=http://www.google.com/

    [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "ProxyEnable" = 0

    [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

    [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]
    "Start Page"=http://www.google.com/

    [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "ProxyEnable" = 0

    [HKEY_USERS\S-1-5-21-1935655697-1767777339-299502267-1004\SOFTWARE\Microsoft\Internet Explorer\Main]
    "Local Page"=C:\WINDOWS\system32\blank.htm
    "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
    "Start Page"=http://www.google.com/

    [HKEY_USERS\S-1-5-21-1935655697-1767777339-299502267-1004\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-1935655697-1767777339-299502267-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "ProxyEnable" = 0
    "ProxyOverride" = *.local

    ========== (O1) Hosts File ==========

    HOSTS File = (23 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
    First 25 entries...
    127.0.0.1 localhost

    ========== (O2) BHO's ==========

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe

    Systems Incorporated)
    {074C1DC5-9320-4A9A-947D-C042949C6216} (HKLM) -- C:\Program Files\Adobe [2008/08/28 20:22:09 | 00,000,000 | ---D | M]
    {18DF081C-E8AD-4283-A596-FA578C2EBDC3} (HKLM) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe

    Systems Incorporated)
    {53707962-6F74-2D53-2644-206D7942484F} (HKLM) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking

    Limited)
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
    {AE7CD045-E861-484f-8273-0445EE161910} (HKLM) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems

    Incorporated)

    ========== (O3) Toolbars ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems

    Incorporated)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    "{517BDDE4-E3A7-4570-B21E-2B52B6139FC7}" (HKLM) -- C:\Program Files\Adobe [2008/08/28 20:22:09 | 00,000,000 | ---D | M]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
    "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems

    Incorporated)

    [HKEY_USERS\S-1-5-21-1935655697-1767777339-299502267-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
    "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems

    Incorporated)

    ========== (O4) Run Keys ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    ""= File not found
    "Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" (Adobe Systems Inc.)
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
    "Adobe_ID0EYTHM"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE (Adobe Systems Incorporated)
    "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
    "basicsmssmenu"="C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" (Maxtor Corporation)
    "Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd File not found
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Development Company, L.P.)
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
    "LClock"=C:\Program Files\LClock\LClock.exe ()
    "nmapp"="C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash (Pure Networks, Inc.)
    "NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
    "NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
    "nwiz"=nwiz.exe /install ()
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" (Sun Microsystems, Inc.)
    "WinampAgent"="C:\Program Files\Winamp\winampa.exe" ()

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AdobeUpdater"=C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-1935655697-1767777339-299502267-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AdobeUpdater"=C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" (Microsoft Corporation)

    ========== (O4) RunOnce Keys ==========

    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "nltide_3"=rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (Microsoft Corporation)
    "ShowDeskFix"=regsvr32 /s /n /i:u shell32 (Microsoft Corporation)
    "nltide_3"=rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (Microsoft Corporation)
    "ShowDeskFix"=regsvr32 /s /n /i:u shell32 (Microsoft Corporation)
    "nltide_3"=rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (Microsoft Corporation)
    "ShowDeskFix"=regsvr32 /s /n /i:u shell32 (Microsoft Corporation)

    ========== (O4) Startup Folders ==========

    [2005/12/15 11:40:44 | 00,282,624 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Documents and Settings\All

    Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    ========== (O6 & O7) Current Version Policies ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "NoDriveTypeAutoRun"=149

    [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_USERS\S-1-5-21-1935655697-1767777339-299502267-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "NoDriveTypeAutoRun"=145

    ========== (O8) IE Context Menu Extensions ==========

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
    Append to existing PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 22:47:03 | 00,321,120 | ---- |

    M] (Adobe Systems Incorporated)
    Convert link target to Adobe PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 22:47:03 |

    00,321,120 | ---- | M] (Adobe Systems Incorporated)
    Convert link target to existing PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 22:47:03 |

    00,321,120 | ---- | M] (Adobe Systems Incorporated)
    Convert selected links to Adobe PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 22:47:03 |

    00,321,120 | ---- | M] (Adobe Systems Incorporated)
    Convert selected links to existing PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 22:47:03 |

    00,321,120 | ---- | M] (Adobe Systems Incorporated)
    Convert selection to Adobe PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 22:47:03 | 00,321,120

    | ---- | M] (Adobe Systems Incorporated)
    Convert selection to existing PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 22:47:03 |

    00,321,120 | ---- | M] (Adobe Systems Incorporated)
    Convert to Adobe PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 22:47:03 | 00,321,120 | ---- |

    M] (Adobe Systems Incorporated)
    E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2003/08/13 02:34:38 | 10,073,144 | ---- | M]

    (Microsoft Corporation)

    ========== (O9) IE Extensions ==========

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\]
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Sun Java Console -- C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun

    Microsystems, Inc.)
    {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}: Create Mobile Favorite -- C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft

    Corporation)
    {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}: Create Mobile Favorite... -- C:\Program Files\Microsoft ActiveSync\INetRepl.dll

    (Microsoft Corporation)
    {92780B25-18CC-41C8-B9BE-3C9C571A8263}: Research -- C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft

    Corporation)
    {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}: AIM -- C:\Program Files\AIM\aim.exe (America Online, Inc.)
    {DFB852A3-47F8-48C4-A200-58CAB36FD2A2}: Spybot - Search & Destroy Configuration -- C:\Program Files\Spybot - Search &

    Destroy\SDHelper.dll (Safer Networking Limited)
    {e2e2dd38-d088-4134-82b7-f2ba38496583}: @xpsp3res.dll,-20001 -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft

    Corporation)

    ========== (O12) Internet Explorer Plugins ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
    PluginsPage: "" = http://activex.microsoft.com/control...ext=%s&mime=%s
    PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

    ========== (O13) Default Prefixes ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
    ""=http://

    ========== (O15) Trusted Sites ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
    40 domain(s) and sub-domain(s) not assigned to a zone.

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
    40 domain(s) and sub-domain(s) not assigned to a zone.

    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
    40 domain(s) and sub-domain(s) not assigned to a zone.

    [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
    40 domain(s) and sub-domain(s) not assigned to a zone.

    [HKEY_USERS\S-1-5-21-1935655697-1767777339-299502267-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet

    Settings\ZoneMap\Domains\]
    40 domain(s) and sub-domain(s) not assigned to a zone.

    ========== (O16) DPF ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
    {0D41B8C5-2599-4893-8183-00195EC8D5F9}: http://support.asus.com/common/asusTek_sys_ctrl.cab -- asusTek_sysctrl Class
    {8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab -- Java Plug-in

    1.6.0_07
    {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab -- Java Plug-in

    1.6.0_07
    {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab -- Java Plug-in

    1.6.0_07

    ========== (O17) DNS Name Servers ==========

    {2758145E-4A84-4120-9748-0730EFB3919A} (Servers: | Description: Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller)
    {6C6AA7EE-51C8-456F-BBAB-A10A953DE278} (Servers: | Description: ASUS 802.11b/g Wireless LAN Card)
    {B94761F6-BF1A-4FCC-9595-BF86977FC8B6} (Servers: | Description: Windows Mobile-based Device)
    {C7B75E5E-F00D-42C6-B592-264D9251F650} (Servers: | Description: 1394 Net Adapter)
    {EA7C00F6-F25B-4A22-8F5E-FCB4791FF0C0} (Servers: | Description: Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller)

    ========== (O20) Winlogon Notify Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
    WgaLogon: "DllName" = WgaLogon.dll -- C:\WINDOWS\system32\WgaLogon.dll (Microsoft Corporation)

    ========== (O21) SSODL Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    "WPDShServiceObj"={AAA288BA-9A4C-45B0-95D7-94D524869DB5} (HKLM) -- C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft

    Corporation)

    ========== Safeboot Options ==========

    "AlternateShell"=cmd.exe

    ========== CDRom AutoRun Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
    "AutoRun" = 1

    ========== Autorun Files on Drives ==========

    AUTOEXEC.BAT []
    [2008/07/24 19:49:35 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

    autorun.inf [[autorun] | shellexecute="resycled\boot.com c:" | shell\Open\command="resycled\boot.com c:" | shell=Open | ]
    [2008/10/05 23:07:53 | 00,000,103 | RHS- | M] () -- C:\autorun.inf -- [ NTFS ]

    autorun.inf [[autorun] | shellexecute="resycled\boot.com d:" | shell\Open\command="resycled\boot.com d:" | shell=Open | ]
    [2008/10/05 23:07:53 | 00,000,103 | RHS- | M] () -- D:\autorun.inf -- [ NTFS ]

    ========== MountPoints2 ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21b7c0cd-8b52-11dd-b09d-0011d8d6081d}\Shell]
    ""=Autorun

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21b7c0cd-8b52-11dd-b09d-0011d8d6081d}\Shell\A

    utoRun]
    ""=Auto&Play


    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21b7c0cd-8b52-11dd-b09d-0011d8d6081d}\Shell\A

    utoRun\command]
    ""=C:\WINDOWS\system32\shell32.dll -- [2008/04/20 14:47:17 | 12,171,776 | ---- | M] (Microsoft Corporation)


    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21b7c0cd-8b52-11dd-b09d-0011d8d6081d}\Shell\O

    pen\command]
    ""=G:\resycled\boot.com -- File not found

    ========== Files/Folders - Created Within 30 Days ==========

    [1 C:\WINDOWS\System32\*.tmp files]
    [3 C:\WINDOWS\*.tmp files]
    [2008/10/30 17:07:09 | 00,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
    [2008/10/30 17:07:04 | 00,884,736 | ---- | C] () -- C:\WINDOWS\gmer.dll
    [2008/10/30 17:07:04 | 00,811,008 | ---- | C] () -- C:\WINDOWS\gmer.exe
    [2008/10/30 17:07:04 | 00,085,969 | ---- | C] (GMER) -- C:\WINDOWS\System32\drivers\gmer.sys
    [2008/10/30 17:07:04 | 00,000,080 | ---- | C] () -- C:\WINDOWS\gmer_uninstall.cmd
    [2008/10/30 17:05:58 | 00,419,840 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Matthew\Desktop\OTViewIt.exe
    [2008/10/30 17:03:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Desktop\gmer
    [2008/10/30 17:03:19 | 00,747,873 | ---- | C] () -- C:\Documents and Settings\Matthew\Desktop\gmer.zip
    [2008/10/06 16:47:27 | 00,000,154 | ---- | C] () -- C:\Documents and Settings\Matthew\Desktop\search.bat
    [2008/10/05 21:37:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Desktop\dir615_revB_manual_240
    [2008/10/05 21:31:04 | 07,474,870 | ---- | C] () -- C:\Documents and Settings\Matthew\Desktop\dir615_revB_manual_240.zip
    [2008/10/05 00:25:06 | 00,000,000 | ---D | C] -- C:\Program Files\VSTplugins
    [2008/10/05 00:25:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Application Data\Publish Providers
    [2008/10/05 00:24:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
    @Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
    [2008/10/04 00:47:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\My Documents\Adobe
    [2008/10/02 21:31:54 | 00,000,000 | ---D | C] -- C:\_OTMoveIt
    [2008/10/02 21:28:25 | 00,335,360 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Matthew\Desktop\OTMoveIt3.exe
    [2008/10/01 17:49:57 | 00,322,707 | ---- | C] () -- C:\Documents and Settings\Matthew\Desktop\NY-S-00198.pdf
    [2008/09/29 16:28:52 | 00,000,000 | ---D | C] -- C:\rsit
    [2008/09/29 16:04:15 | 00,305,323 | ---- | C] () -- C:\Documents and Settings\Matthew\Desktop\RSIT.exe
    [2008/09/27 19:04:34 | 00,000,000 | ---D | C] -- C:\fixwareout
    [2008/09/27 19:03:59 | 00,486,449 | ---- | C] ( ) -- C:\Documents and

    Settings\Matthew\Desktop\Fixwareout.exe
    [2008/09/27 17:29:35 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Matthew\Desktop\HijackThis.lnk
    [2008/09/27 17:29:35 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2008/09/27 17:19:15 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Matthew\Desktop\HJTInstall.exe
    [2008/09/27 02:59:36 | 00,000,188 | ---- | C] () -- C:\WINDOWS\wininit.ini
    [2008/09/27 02:12:03 | 00,000,000 | ---D | C] -- C:\Program Files\InstallShield Installation Information
    [2008/09/27 02:11:54 | 00,001,964 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Drive Manager.lnk
    [2008/09/27 02:11:38 | 00,000,000 | ---D | C] -- C:\Program Files\Seagate
    [2008/09/27 02:02:31 | 00,000,861 | ---- | C] () -- C:\Documents and Settings\Matthew\Desktop\Stellar Phoenix Windows Data

    Recovery.lnk
    [2008/09/27 02:02:24 | 00,260,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSDATGRD.OCX
    [2008/09/27 02:02:24 | 00,000,000 | ---D | C] -- C:\Program Files\Stellar Phoenix Windows Data Recovery
    [2008/09/27 01:48:19 | 00,000,000 | ---D | C] -- C:\Documents and

    Settings\Matthew\Desktop\Stellar_Phoneix_Windows_Data_Recovery_v_3.0.0.1_adi231189__CW
    [2008/09/27 01:41:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ˆ
    ** - C:\WINDOWS\System32\?
    [2008/09/25 23:59:53 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.tgz
    [2008/09/25 23:59:53 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
    [2008/09/25 23:59:53 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
    [2008/09/25 23:59:53 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
    [2008/09/25 23:59:53 | 00,000,219 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.tgz
    [2008/09/25 23:59:53 | 00,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
    [2008/09/25 23:59:53 | 00,000,087 | ---- | C] () -- C:\WINDOWS\System32\ssprs.tgz
    [2008/09/25 23:59:53 | 00,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
    [2008/09/25 23:52:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Desktop\snd-Stellar.Phoenix.FAT.and.NTFS.2.1
    [2008/09/25 23:49:34 | 00,652,169 | ---- | C] () -- C:\Documents and

    Settings\Matthew\Desktop\snd-Stellar.Phoenix.FAT.and.NTFS.2.1.zip
    [2008/09/25 23:40:12 | 00,000,103 | RHS- | C] () -- C:\autorun.inf
    [2008/09/25 23:40:12 | 00,000,000 | RHSD | C] -- C:\resycled
    [2008/09/25 23:19:30 | 00,003,360 | ---- | C] () -- C:\WINDOWS\System32\esnecil.ind
    [2008/09/25 23:19:30 | 00,001,680 | ---- | C] () -- C:\WINDOWS\System32\esnecil.nlp
    [2008/09/25 23:19:30 | 00,000,004 | ---- | C] () -- C:\WINDOWS\vx86036.dat
    [2008/09/25 23:18:57 | 00,000,130 | ---- | C] () -- C:\WINDOWS\Crypkey.ini
    [2008/09/25 23:18:54 | 00,165,888 | ---- | C] (Kenonic Controls) -- C:\WINDOWS\Ckconfig.exe
    [2008/09/25 23:18:54 | 00,069,632 | ---- | C] (CrypKey (Canada) Ltd.) -- C:\WINDOWS\System32\Crypserv.exe
    [2008/09/25 23:18:54 | 00,031,846 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys
    [2008/09/25 23:18:54 | 00,027,648 | R--- | C] () -- C:\WINDOWS\Setup_ck.exe
    [2008/09/25 23:18:54 | 00,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll
    [2008/09/25 23:18:54 | 00,011,776 | ---- | C] () -- C:\WINDOWS\Ckrfresh.exe
    [2008/09/25 23:18:36 | 00,000,000 | ---D | C] -- C:\Program Files\Stellar Phoenix NTFS Data Recovery
    [2008/09/25 21:48:13 | 00,000,000 | ---D | C] -- C:\Program Files\EASIS
    [2008/09/25 18:38:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Seagate
    [2008/09/25 18:37:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
    [2008/09/24 09:58:50 | 12,639,7177 | ---- | C] () -- C:\Documents and Settings\Matthew\Desktop\Trailer_Final.mov
    [2008/09/24 00:47:34 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
    [2008/09/24 00:47:34 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
    [2008/09/18 18:52:38 | 00,001,800 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Network Magic.lnk
    [2008/09/18 18:52:33 | 00,000,000 | ---D | C] -- C:\Program Files\Pure Networks
    [2008/09/18 18:50:30 | 00,023,992 | ---- | C] (Pure Networks, Inc.) -- C:\WINDOWS\System32\drivers\pnarp.sys
    [2008/09/18 18:50:26 | 00,025,272 | ---- | C] (Pure Networks, Inc.) -- C:\WINDOWS\System32\drivers\purendis.sys
    [2008/09/18 18:50:21 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Pure Networks Shared
    [2008/09/18 18:49:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Pure Networks
    [2008/09/15 22:37:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Desktop\retouching
    [2008/09/15 22:06:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Desktop\Photo-Board-Theme
    [2008/09/15 21:21:31 | 00,027,589 | ---- | C] () -- C:\Documents and Settings\Matthew\Desktop\Photo-Board-Theme.zip
    [2008/09/14 17:16:05 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Mediafour
    [2008/09/14 17:16:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mediafour
    [2008/09/14 17:15:25 | 00,000,000 | ---D | C] -- C:\Program Files\Mediafour
    [2008/09/08 03:13:48 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
    [2008/09/08 03:13:48 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
    [2008/09/08 03:13:48 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax
    [2008/09/08 03:13:48 | 00,000,000 | ---D | C] -- C:\Program Files\Xvid
    [2008/09/07 02:48:11 | 00,000,000 | ---D | C] -- C:\Program Files\Netflix

    ========== Files - Modified Within 30 Days ==========

    [1 C:\WINDOWS\System32\*.tmp files]
    [3 C:\WINDOWS\*.tmp files]
    [2008/10/30 17:26:45 | 00,000,250 | ---- | M] () -- C:\WINDOWS\gmer.ini
    [2008/10/30 17:07:04 | 00,884,736 | ---- | M] () -- C:\WINDOWS\gmer.dll
    [2008/10/30 17:07:04 | 00,085,969 | ---- | M] (GMER) -- C:\WINDOWS\System32\drivers\gmer.sys
    [2008/10/30 17:07:04 | 00,000,080 | ---- | M] () -- C:\WINDOWS\gmer_uninstall.cmd
    [2008/10/30 17:05:59 | 00,419,840 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Matthew\Desktop\OTViewIt.exe
    [2008/10/30 17:03:20 | 00,747,873 | ---- | M] () -- C:\Documents and Settings\Matthew\Desktop\gmer.zip
    [2008/10/06 16:47:27 | 00,000,154 | ---- | M] () -- C:\Documents and Settings\Matthew\Desktop\search.bat
    [2008/10/06 16:46:55 | 00,000,678 | ---- | M] () -- C:\WINDOWS\win.ini
    [2008/10/06 16:45:22 | 00,182,441 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
    [2008/10/06 16:44:58 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2008/10/06 16:44:43 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
    [2008/10/06 16:44:40 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2008/10/05 23:07:53 | 00,000,103 | RHS- | M] () -- C:\autorun.inf
    [2008/10/05 21:35:32 | 07,474,870 | ---- | M] () -- C:\Documents and Settings\Matthew\Desktop\dir615_revB_manual_240.zip
    [2008/10/05 21:06:43 | 00,000,008 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
    [2008/10/05 03:37:02 | 00,121,856 | ---- | M] () -- C:\Documents and Settings\Matthew\Local Settings\Application

    Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2008/10/02 21:28:26 | 00,335,360 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Matthew\Desktop\OTMoveIt3.exe
    [2008/10/01 17:49:58 | 00,322,707 | ---- | M] () -- C:\Documents and Settings\Matthew\Desktop\NY-S-00198.pdf
    [2008/09/29 16:19:05 | 00,000,963 | ---- | M] () -- C:\Documents and Settings\Matthew\Desktop\Spybot - Search & Destroy.lnk
    [2008/09/29 16:04:15 | 00,305,323 | ---- | M] () -- C:\Documents and Settings\Matthew\Desktop\RSIT.exe
    [2008/09/27 19:04:00 | 00,486,449 | ---- | M] ( ) -- C:\Documents and

    Settings\Matthew\Desktop\Fixwareout.exe
    [2008/09/27 17:29:35 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Matthew\Desktop\HijackThis.lnk
    [2008/09/27 17:19:15 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Matthew\Desktop\HJTInstall.exe
    [2008/09/27 09:30:34 | 00,000,188 | ---- | M] () -- C:\WINDOWS\wininit.ini
    [2008/09/27 02:11:54 | 00,001,964 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Drive Manager.lnk
    [2008/09/27 02:03:11 | 00,003,360 | ---- | M] () -- C:\WINDOWS\System32\esnecil.ind
    [2008/09/27 02:03:11 | 00,000,004 | ---- | M] () -- C:\WINDOWS\vx86036.dat
    [2008/09/27 02:02:32 | 00,000,130 | ---- | M] () -- C:\WINDOWS\Crypkey.ini
    [2008/09/27 02:02:31 | 00,000,861 | ---- | M] () -- C:\Documents and Settings\Matthew\Desktop\Stellar Phoenix Windows Data

    Recovery.lnk
    [2008/09/26 23:54:33 | 00,000,087 | ---- | M] () -- C:\WINDOWS\System32\ssprs.tgz
    [2008/09/26 23:54:33 | 00,000,073 | ---- | M] () -- C:\WINDOWS\System32\ssprs.dll
    [2008/09/26 23:49:59 | 00,000,219 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.tgz
    [2008/09/26 23:49:59 | 00,000,205 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.dll
    [2008/09/25 23:59:53 | 00,001,025 | ---- | M] () -- C:\WINDOWS\System32\sysprs7.tgz
    [2008/09/25 23:59:53 | 00,001,025 | ---- | M] () -- C:\WINDOWS\System32\sysprs7.dll
    [2008/09/25 23:59:53 | 00,001,025 | ---- | M] () -- C:\WINDOWS\System32\clauth2.dll
    [2008/09/25 23:59:53 | 00,001,025 | ---- | M] () -- C:\WINDOWS\System32\clauth1.dll
    [2008/09/25 23:49:35 | 00,652,169 | ---- | M] () -- C:\Documents and

    Settings\Matthew\Desktop\snd-Stellar.Phoenix.FAT.and.NTFS.2.1.zip
    [2008/09/25 23:19:30 | 00,001,680 | ---- | M] () -- C:\WINDOWS\System32\esnecil.nlp
    [2008/09/24 09:58:50 | 12,639,7177 | ---- | M] () -- C:\Documents and Settings\Matthew\Desktop\Trailer_Final.mov
    [2008/09/24 01:49:43 | 00,381,228 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
    [2008/09/24 01:49:43 | 00,328,322 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2008/09/24 01:49:43 | 00,045,260 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2008/09/22 22:00:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2008/09/18 18:52:38 | 00,001,800 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Network Magic.lnk
    [2008/09/15 21:21:32 | 00,027,589 | ---- | M] () -- C:\Documents and Settings\Matthew\Desktop\Photo-Board-Theme.zip
    [2008/09/10 03:00:52 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    < End of report >

  2. #22
    Junior Member
    Join Date
    Sep 2008
    Posts
    21

    Default

    HiJackThis Log

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 4:56:21 PM, on 10/6/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.20861)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
    C:\WINDOWS\system32\crypserv.exe
    C:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\LClock\LClock.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Pure Networks\Network Magic\nmapp.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\PROGRA~1\MI3AA1~1\rapimgr.exe
    C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\WINDOWS\notepad.exe
    C:\WINDOWS\notepad.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
    O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
    O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MacDrive service (MacDriveService) - Mediafour Corporation - C:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe
    O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
    O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

    --
    End of file - 10340 bytes


    OtMoveIt Log

    Error: Unable to interpret <Code:> in the current context!
    Error: Unable to interpret <---------> in the current context!
    ========== FILES ==========
    C:\WINDOWS\SxsCaPendDel moved successfully.
    File/Folder C:\WINDOWS\System32\ not found.
    ========== COMMANDS ==========
    File delete failed. C:\DOCUME~1\Matthew\LOCALS~1\Temp\etilqs_aZAq2OOaIerQDpBGbcAK scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Matthew\LOCALS~1\Temp\hpodvd09.log scheduled to be deleted on reboot.
    File delete failed. C:\DOCUME~1\Matthew\LOCALS~1\Temp\WCESLog.log scheduled to be deleted on reboot.
    User's Temp folder emptied.
    User's Temporary Internet Files folder emptied.
    User's Internet Explorer cache folder emptied.
    Local Service Temp folder emptied.
    File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
    Local Service Temporary Internet Files folder emptied.
    Windows Temp folder emptied.
    Java cache emptied.
    File delete failed. C:\Documents and Settings\Matthew\Local Settings\Application Data\Mozilla\Firefox\Profiles\7pk9h4yn.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Matthew\Local Settings\Application Data\Mozilla\Firefox\Profiles\7pk9h4yn.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Matthew\Local Settings\Application Data\Mozilla\Firefox\Profiles\7pk9h4yn.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Matthew\Local Settings\Application Data\Mozilla\Firefox\Profiles\7pk9h4yn.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Matthew\Local Settings\Application Data\Mozilla\Firefox\Profiles\7pk9h4yn.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
    File delete failed. C:\Documents and Settings\Matthew\Local Settings\Application Data\Mozilla\Firefox\Profiles\7pk9h4yn.default\XUL.mfl scheduled to be deleted on reboot.
    FireFox cache emptied.
    Temp folders emptied.
    Error: Unable to interpret <---------> in the current context!

    OTMoveIt3 by OldTimer - Version 1.0.2.2 log created on 10062008_164233

    Files moved on Reboot...
    File C:\DOCUME~1\Matthew\LOCALS~1\Temp\etilqs_aZAq2OOaIerQDpBGbcAK not found!
    C:\DOCUME~1\Matthew\LOCALS~1\Temp\hpodvd09.log moved successfully.
    C:\DOCUME~1\Matthew\LOCALS~1\Temp\WCESLog.log moved successfully.
    File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
    C:\Documents and Settings\Matthew\Local Settings\Application Data\Mozilla\Firefox\Profiles\7pk9h4yn.default\Cache\_CACHE_001_ moved successfully.
    C:\Documents and Settings\Matthew\Local Settings\Application Data\Mozilla\Firefox\Profiles\7pk9h4yn.default\Cache\_CACHE_002_ moved successfully.
    C:\Documents and Settings\Matthew\Local Settings\Application Data\Mozilla\Firefox\Profiles\7pk9h4yn.default\Cache\_CACHE_003_ moved successfully.
    C:\Documents and Settings\Matthew\Local Settings\Application Data\Mozilla\Firefox\Profiles\7pk9h4yn.default\Cache\_CACHE_MAP_ moved successfully.
    C:\Documents and Settings\Matthew\Local Settings\Application Data\Mozilla\Firefox\Profiles\7pk9h4yn.default\urlclassifier3.sqlite moved successfully.
    C:\Documents and Settings\Matthew\Local Settings\Application Data\Mozilla\Firefox\Profiles\7pk9h4yn.default\XUL.mfl moved successfully.

  3. #23
    Junior Member
    Join Date
    Sep 2008
    Posts
    21

    Default

    OTViewIt logfile

    OTViewIt logfile created on: 10/6/2008 4:49:29 PM - Run 4
    OTViewIt by OldTimer - Version 1.0.9.2 Folder = C:\Documents and Settings\Matthew\Desktop
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
    4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092;

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 74.52 Gb Total Space | 57.18 Gb Free Space | 76.73% Space Free | Partition Type: NTFS
    Drive D: | 465.76 Gb Total Space | 239.82 Gb Free Space | 51.49% Space Free | Partition Type: NTFS
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: MATT
    Current User Name: Matthew
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Whitelist: On
    File Age = 30 Days

    ========== Processes ==========

    [2008/07/10 09:47:18 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device

    Support\bin\AppleMobileDeviceService.exe
    [2007/10/09 16:21:02 | 00,124,280 | ---- | M] (Seagate Technology LLC) -- C:\Program

    Files\Seagate\Basics\Service\SyncServicesBasics.exe
    [2006/02/28 21:10:18 | 00,069,632 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\WINDOWS\system32\Crypserv.exe
    [2008/05/02 10:28:48 | 00,150,528 | ---- | M] (Mediafour Corporation) -- C:\Program Files\Mediafour\MacDrive

    7\MacDriveService.exe
    [2003/06/19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft

    Shared\VS7DEBUG\MDM.EXE
    [2008/05/02 22:46:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
    [2008/05/16 06:11:44 | 00,648,504 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Common Files\Pure Networks

    Shared\Platform\nmsrvc.exe
    [2008/04/14 06:42:42 | 00,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
    [2004/09/19 12:27:46 | 00,065,536 | ---- | M] () -- C:\Program Files\LClock\LClock.exe
    [2008/04/14 06:42:34 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
    [2008/07/10 10:51:32 | 00,289,064 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
    [2008/01/11 19:54:31 | 00,623,992 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
    [2008/04/14 06:42:34 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
    [2008/07/09 17:33:34 | 00,036,352 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe
    [2008/06/12 02:38:00 | 00,034,672 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader

    9.0\Reader\reader_sl.exe
    [2005/12/15 11:18:50 | 00,049,152 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\HP Software

    Update\hpwuSchd2.exe
    [2008/05/21 17:26:10 | 00,451,896 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Pure Networks\Network Magic\nmapp.exe
    [2008/06/10 04:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    [2007/10/09 16:21:06 | 00,169,328 | ---- | M] (Maxtor Corporation) -- C:\Program Files\Seagate\Basics\Basics

    Status\MaxMenuMgrBasics.exe
    [2006/11/13 13:39:52 | 01,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    [2005/12/15 11:40:44 | 00,282,624 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital

    Imaging\bin\hpqtra08.exe
    [2006/11/13 13:39:34 | 00,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
    [2008/07/24 23:56:45 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision

    Shared\FLEXnet Publisher\FNPLicensingService.exe
    [2008/07/10 10:51:22 | 00,532,264 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
    [2005/12/15 12:47:22 | 00,204,800 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital

    Imaging\bin\hpqste08.exe
    [2008/07/18 22:10:42 | 00,053,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wuauclt.exe
    [2008/10/30 17:05:59 | 00,419,840 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Matthew\Desktop\OTViewIt.exe

    ========== (O23) Win32 Services ==========

    [2007/03/20 16:41:24 | 00,153,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\Adobe Version

    Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3 [On_Demand | Stopped])
    [2008/07/10 09:47:18 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device

    Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
    [2007/10/24 01:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation) --

    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
    [2007/10/09 16:21:02 | 00,124,280 | ---- | M] (Seagate Technology LLC) -- C:\Program

    Files\Seagate\Basics\Service\SyncServicesBasics.exe -- (Basics Service [Auto | Running])
    [2007/07/24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service

    [Disabled | Stopped])
    [2008/04/14 06:42:16 | 00,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc [On_Demand |

    Stopped])
    [2007/10/24 01:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation) --

    c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
    [2006/02/28 21:10:18 | 00,069,632 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\WINDOWS\system32\Crypserv.exe -- (Crypkey License

    [Auto | Running])
    [2008/07/24 23:56:45 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision

    Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Running])
    [2007/10/09 12:58:12 | 00,036,864 | ---- | M] (Microsoft Corporation) --

    c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
    [2007/10/11 09:55:10 | 00,864,256 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows

    Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
    [2008/07/10 10:51:22 | 00,532,264 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service

    [On_Demand | Running])
    [2008/05/02 10:28:48 | 00,150,528 | ---- | M] (Mediafour Corporation) -- C:\Program Files\Mediafour\MacDrive

    7\MacDriveService.exe -- (MacDriveService [Auto | Running])
    [2003/06/19 23:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft

    Shared\VS7DEBUG\MDM.EXE -- (MDM [Auto | Running])
    [2007/10/11 09:55:14 | 00,122,880 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows

    Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
    [2008/05/21 17:25:30 | 00,012,800 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Pure Networks\Network

    Magic\WebServer\bin\nmraapache.exe -- (nmraapache [On_Demand | Stopped])
    [2008/05/16 06:11:44 | 00,648,504 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Common Files\Pure Networks

    Shared\Platform\nmsrvc.exe -- (nmservice [Auto | Running])
    [2008/05/02 22:46:00 | 00,159,812 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc [Auto | Running])
    [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source

    Engine\OSE.EXE -- (ose [On_Demand | Stopped])
    [2005/03/14 12:05:02 | 00,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12 [Auto | Stopped])
    [2008/04/14 06:42:40 | 00,073,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr [Disabled |

    Stopped])
    [2006/10/18 20:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe --

    (WMPNetworkSvc [On_Demand | Stopped])

    ========== Driver Services ==========

    [2005/05/12 14:39:56 | 01,287,296 | ---- | M] (C-Media Inc.) -- C:\WINDOWS\system32\drivers\cmudax.sys -- (cmudax [On_Demand |

    Running])
    [2008/01/29 12:01:28 | 00,016,168 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM

    [On_Demand | Running])
    [2008/10/30 17:07:04 | 00,085,969 | ---- | M] (GMER) -- C:\WINDOWS\system32\drivers\gmer.sys -- (gmer [On_Demand | Stopped])
    [2008/04/13 23:06:06 | 00,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\WINDOWS\system32\drivers\hdaudbus.sys

    -- (HDAudBus [On_Demand | Running])
    [2005/10/27 20:24:28 | 00,049,664 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZid412.sys -- (HPZid412 [On_Demand |

    Stopped])
    [2005/10/27 20:24:29 | 00,016,496 | R--- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZipr12.sys -- (HPZipr12 [On_Demand |

    Stopped])
    [2005/10/27 20:24:30 | 00,021,568 | ---- | M] (HP) -- C:\WINDOWS\system32\drivers\HPZius12.sys -- (HPZius12 [On_Demand |

    Stopped])
    [2008/04/14 01:01:34 | 00,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm

    [System | Running])
    [2005/08/04 05:51:58 | 00,026,112 | ---- | M] (Integrated Technology Express, Inc.) -- C:\WINDOWS\system32\drivers\iteraid.sys --

    (iteraid [Boot | Running])
    [2008/07/22 14:29:46 | 00,288,768 | ---- | M] (Mediafour Corporation) -- C:\WINDOWS\System32\drivers\MDFSYSNT.SYS -- (MDFSYSNT

    [Boot | Running])
    [2007/02/28 11:15:08 | 00,019,072 | ---- | M] (Mediafour Corporation) -- C:\WINDOWS\System32\drivers\MDPMGRNT.SYS -- (MDPMGRNT

    [Boot | Running])
    [2006/01/09 22:47:27 | 00,031,846 | ---- | M] () -- C:\WINDOWS\system32\Ckldrv.sys -- (NetworkX [System | Running])
    [2008/05/02 22:46:00 | 06,554,496 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv [On_Demand

    | Running])
    [2001/08/17 14:51:52 | 00,003,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\pciide.sys -- (PCIIde [Boot

    | Running])
    [2008/05/16 06:10:32 | 00,023,992 | ---- | M] (Pure Networks, Inc.) -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp [Auto |

    Running])
    [2001/08/22 17:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys --

    (Ptilink [On_Demand | Running])
    [2008/05/16 06:10:30 | 00,025,272 | ---- | M] (Pure Networks, Inc.) -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis

    [Auto | Running])
    [2007/03/07 19:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\PxHelp20.sys -- (PxHelp20 [Boot |

    Running])
    [2008/04/14 05:10:50 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\sbp2port.sys -- (sbp2port

    [Boot | Running])
    [2008/04/13 23:09:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and

    Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [On_Demand | Stopped])
    [2008/04/29 17:40:56 | 00,210,472 | ---- | M] (Silicon Image, Inc) -- C:\WINDOWS\system32\drivers\Si3114r5.sys -- (si3114r5 [Boot

    | Running])
    [2008/04/29 17:40:56 | 00,017,064 | ---- | M] (Silicon Image, Inc.) -- C:\WINDOWS\system32\drivers\SiWinAcc.sys -- (SiFilter

    [Boot | Running])
    [2008/04/29 17:40:56 | 00,012,200 | ---- | M] (Silicon Image, Inc.) -- C:\WINDOWS\system32\drivers\SiRemFil.sys -- (SiRemFil

    [Boot | Running])
    [2008/04/14 01:15:36 | 00,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci

    [On_Demand | Running])
    [2008/04/14 05:26:50 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usb8023x.sys -- (usb_rndisx

    [On_Demand | Stopped])
    [2005/01/06 11:18:40 | 00,310,656 | ---- | M] (Marvell Semiconductor, Inc) -- C:\WINDOWS\system32\drivers\mrv8ka51.sys --

    (W8100XP [On_Demand | Stopped])
    [2006/09/28 18:55:50 | 00,077,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\WudfPf.sys -- (WudfPf

    [On_Demand | Stopped])
    [2006/09/28 19:00:34 | 00,082,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\WudfRd.sys -- (WudfRd

    [On_Demand | Stopped])
    [2008/04/04 04:57:00 | 00,296,320 | ---- | M] (Marvell) -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp [On_Demand |

    Running])

    ========== (R ) Internet Explorer ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
    "Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
    "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
    "Default_Secondary_Page_URL"=
    "Extensions Off Page"=about:NoAdd-ons
    "Local Page"=%SystemRoot%\system32\blank.htm
    "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
    "Security Risk Page"=about:SecurityRisk
    "Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
    "CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
    "SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
    "Local Page"=C:\WINDOWS\system32\blank.htm
    "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
    "Start Page"=http://www.google.com/

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "ProxyEnable" = 0
    "ProxyOverride" = *.local

    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
    "Start Page"=http://www.google.com/

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "ProxyEnable" = 0

    [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
    "Start Page"=http://www.google.com/

    [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "ProxyEnable" = 0

    [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]

    [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]
    "Start Page"=http://www.google.com/

    [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "ProxyEnable" = 0

    [HKEY_USERS\S-1-5-21-1935655697-1767777339-299502267-1004\SOFTWARE\Microsoft\Internet Explorer\Main]
    "Local Page"=C:\WINDOWS\system32\blank.htm
    "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
    "Start Page"=http://www.google.com/

    [HKEY_USERS\S-1-5-21-1935655697-1767777339-299502267-1004\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-1935655697-1767777339-299502267-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "ProxyEnable" = 0
    "ProxyOverride" = *.local

    ========== (O1) Hosts File ==========

    HOSTS File = (23 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
    First 25 entries...
    127.0.0.1 localhost

    ========== (O2) BHO's ==========

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (HKLM) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe

    Systems Incorporated)
    {074C1DC5-9320-4A9A-947D-C042949C6216} (HKLM) -- C:\Program Files\Adobe [2008/08/28 20:22:09 | 00,000,000 | ---D | M]
    {18DF081C-E8AD-4283-A596-FA578C2EBDC3} (HKLM) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe

    Systems Incorporated)
    {53707962-6F74-2D53-2644-206D7942484F} (HKLM) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking

    Limited)
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
    {AE7CD045-E861-484f-8273-0445EE161910} (HKLM) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems

    Incorporated)

    ========== (O3) Toolbars ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems

    Incorporated)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
    "{517BDDE4-E3A7-4570-B21E-2B52B6139FC7}" (HKLM) -- C:\Program Files\Adobe [2008/08/28 20:22:09 | 00,000,000 | ---D | M]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
    "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems

    Incorporated)

    [HKEY_USERS\S-1-5-21-1935655697-1767777339-299502267-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
    "{47833539-D0C5-4125-9FA8-0819E2EAAC93}" (HKLM) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems

    Incorporated)

    ========== (O4) Run Keys ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    ""= File not found
    "Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" (Adobe Systems Inc.)
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)
    "Adobe_ID0EYTHM"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE (Adobe Systems Incorporated)
    "AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
    "basicsmssmenu"="C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" (Maxtor Corporation)
    "Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd File not found
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Development Company, L.P.)
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
    "LClock"=C:\Program Files\LClock\LClock.exe ()
    "nmapp"="C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash (Pure Networks, Inc.)
    "NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
    "NvMediaCenter"=RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit (NVIDIA Corporation)
    "nwiz"=nwiz.exe /install ()
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" (Sun Microsystems, Inc.)
    "WinampAgent"="C:\Program Files\Winamp\winampa.exe" ()

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AdobeUpdater"=C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-1935655697-1767777339-299502267-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AdobeUpdater"=C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" (Microsoft Corporation)

    ========== (O4) RunOnce Keys ==========

    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "nltide_3"=rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (Microsoft Corporation)
    "ShowDeskFix"=regsvr32 /s /n /i:u shell32 (Microsoft Corporation)
    "nltide_3"=rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (Microsoft Corporation)
    "ShowDeskFix"=regsvr32 /s /n /i:u shell32 (Microsoft Corporation)
    "nltide_3"=rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (Microsoft Corporation)
    "ShowDeskFix"=regsvr32 /s /n /i:u shell32 (Microsoft Corporation)

    ========== (O4) Startup Folders ==========

    [2005/12/15 11:40:44 | 00,282,624 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Documents and Settings\All

    Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

    ========== (O6 & O7) Current Version Policies ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "NoDriveTypeAutoRun"=149

    [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_USERS\S-1-5-21-1935655697-1767777339-299502267-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
    "NoDriveTypeAutoRun"=145

    ========== (O8) IE Context Menu Extensions ==========

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
    Append to existing PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 22:47:03 | 00,321,120 | ---- |

    M] (Adobe Systems Incorporated)
    Convert link target to Adobe PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 22:47:03 |

    00,321,120 | ---- | M] (Adobe Systems Incorporated)
    Convert link target to existing PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 22:47:03 |

    00,321,120 | ---- | M] (Adobe Systems Incorporated)
    Convert selected links to Adobe PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 22:47:03 |

    00,321,120 | ---- | M] (Adobe Systems Incorporated)
    Convert selected links to existing PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 22:47:03 |

    00,321,120 | ---- | M] (Adobe Systems Incorporated)
    Convert selection to Adobe PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 22:47:03 | 00,321,120

    | ---- | M] (Adobe Systems Incorporated)
    Convert selection to existing PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 22:47:03 |

    00,321,120 | ---- | M] (Adobe Systems Incorporated)
    Convert to Adobe PDF: C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007/05/10 22:47:03 | 00,321,120 | ---- |

    M] (Adobe Systems Incorporated)
    E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE [2003/08/13 02:34:38 | 10,073,144 | ---- | M]

    (Microsoft Corporation)

    ========== (O9) IE Extensions ==========

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\]
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Sun Java Console -- C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun

    Microsystems, Inc.)
    {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}: Create Mobile Favorite -- C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft

    Corporation)
    {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}: Create Mobile Favorite... -- C:\Program Files\Microsoft ActiveSync\INetRepl.dll

    (Microsoft Corporation)
    {92780B25-18CC-41C8-B9BE-3C9C571A8263}: Research -- C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft

    Corporation)
    {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}: AIM -- C:\Program Files\AIM\aim.exe (America Online, Inc.)
    {DFB852A3-47F8-48C4-A200-58CAB36FD2A2}: Spybot - Search & Destroy Configuration -- C:\Program Files\Spybot - Search &

    Destroy\SDHelper.dll (Safer Networking Limited)
    {e2e2dd38-d088-4134-82b7-f2ba38496583}: @xpsp3res.dll,-20001 -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft

    Corporation)

    ========== (O12) Internet Explorer Plugins ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
    PluginsPage: "" = http://activex.microsoft.com/control...ext=%s&mime=%s
    PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery

    ========== (O13) Default Prefixes ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
    ""=http://

    ========== (O15) Trusted Sites ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
    40 domain(s) and sub-domain(s) not assigned to a zone.

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
    40 domain(s) and sub-domain(s) not assigned to a zone.

    [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
    40 domain(s) and sub-domain(s) not assigned to a zone.

    [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
    40 domain(s) and sub-domain(s) not assigned to a zone.

    [HKEY_USERS\S-1-5-21-1935655697-1767777339-299502267-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet

    Settings\ZoneMap\Domains\]
    40 domain(s) and sub-domain(s) not assigned to a zone.

    ========== (O16) DPF ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
    {0D41B8C5-2599-4893-8183-00195EC8D5F9}: http://support.asus.com/common/asusTek_sys_ctrl.cab -- asusTek_sysctrl Class
    {8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab -- Java Plug-in

    1.6.0_07
    {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab -- Java Plug-in

    1.6.0_07
    {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jin...ndows-i586.cab -- Java Plug-in

    1.6.0_07

    ========== (O17) DNS Name Servers ==========

    {2758145E-4A84-4120-9748-0730EFB3919A} (Servers: | Description: Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller)
    {6C6AA7EE-51C8-456F-BBAB-A10A953DE278} (Servers: | Description: ASUS 802.11b/g Wireless LAN Card)
    {B94761F6-BF1A-4FCC-9595-BF86977FC8B6} (Servers: | Description: Windows Mobile-based Device)
    {C7B75E5E-F00D-42C6-B592-264D9251F650} (Servers: | Description: 1394 Net Adapter)
    {EA7C00F6-F25B-4A22-8F5E-FCB4791FF0C0} (Servers: | Description: Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller)

    ========== (O20) Winlogon Notify Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
    WgaLogon: "DllName" = WgaLogon.dll -- C:\WINDOWS\system32\WgaLogon.dll (Microsoft Corporation)

    ========== (O21) SSODL Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    "WPDShServiceObj"={AAA288BA-9A4C-45B0-95D7-94D524869DB5} (HKLM) -- C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft

    Corporation)

    ========== Safeboot Options ==========

    "AlternateShell"=cmd.exe

    ========== CDRom AutoRun Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
    "AutoRun" = 1

    ========== Autorun Files on Drives ==========

    AUTOEXEC.BAT []
    [2008/07/24 19:49:35 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

    autorun.inf [[autorun] | shellexecute="resycled\boot.com c:" | shell\Open\command="resycled\boot.com c:" | shell=Open | ]
    [2008/10/05 23:07:53 | 00,000,103 | RHS- | M] () -- C:\autorun.inf -- [ NTFS ]

    autorun.inf [[autorun] | shellexecute="resycled\boot.com d:" | shell\Open\command="resycled\boot.com d:" | shell=Open | ]
    [2008/10/05 23:07:53 | 00,000,103 | RHS- | M] () -- D:\autorun.inf -- [ NTFS ]

    ========== MountPoints2 ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21b7c0cd-8b52-11dd-b09d-0011d8d6081d}\Shell]
    ""=Autorun

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21b7c0cd-8b52-11dd-b09d-0011d8d6081d}\Shell\A

    utoRun]
    ""=Auto&Play


    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21b7c0cd-8b52-11dd-b09d-0011d8d6081d}\Shell\A

    utoRun\command]
    ""=C:\WINDOWS\system32\shell32.dll -- [2008/04/20 14:47:17 | 12,171,776 | ---- | M] (Microsoft Corporation)


    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21b7c0cd-8b52-11dd-b09d-0011d8d6081d}\Shell\O

    pen\command]
    ""=G:\resycled\boot.com -- File not found

    ========== Files/Folders - Created Within 30 Days ==========

    [1 C:\WINDOWS\System32\*.tmp files]
    [3 C:\WINDOWS\*.tmp files]
    [2008/10/30 17:07:09 | 00,000,250 | ---- | C] () -- C:\WINDOWS\gmer.ini
    [2008/10/30 17:07:04 | 00,884,736 | ---- | C] () -- C:\WINDOWS\gmer.dll
    [2008/10/30 17:07:04 | 00,811,008 | ---- | C] () -- C:\WINDOWS\gmer.exe
    [2008/10/30 17:07:04 | 00,085,969 | ---- | C] (GMER) -- C:\WINDOWS\System32\drivers\gmer.sys
    [2008/10/30 17:07:04 | 00,000,080 | ---- | C] () -- C:\WINDOWS\gmer_uninstall.cmd
    [2008/10/30 17:05:58 | 00,419,840 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Matthew\Desktop\OTViewIt.exe
    [2008/10/30 17:03:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Desktop\gmer
    [2008/10/30 17:03:19 | 00,747,873 | ---- | C] () -- C:\Documents and Settings\Matthew\Desktop\gmer.zip
    [2008/10/06 16:47:27 | 00,000,154 | ---- | C] () -- C:\Documents and Settings\Matthew\Desktop\search.bat
    [2008/10/05 21:37:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Desktop\dir615_revB_manual_240
    [2008/10/05 21:31:04 | 07,474,870 | ---- | C] () -- C:\Documents and Settings\Matthew\Desktop\dir615_revB_manual_240.zip
    [2008/10/05 00:25:06 | 00,000,000 | ---D | C] -- C:\Program Files\VSTplugins
    [2008/10/05 00:25:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Application Data\Publish Providers
    [2008/10/05 00:24:52 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
    @Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86
    [2008/10/04 00:47:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\My Documents\Adobe
    [2008/10/02 21:31:54 | 00,000,000 | ---D | C] -- C:\_OTMoveIt
    [2008/10/02 21:28:25 | 00,335,360 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Matthew\Desktop\OTMoveIt3.exe
    [2008/10/01 17:49:57 | 00,322,707 | ---- | C] () -- C:\Documents and Settings\Matthew\Desktop\NY-S-00198.pdf
    [2008/09/29 16:28:52 | 00,000,000 | ---D | C] -- C:\rsit
    [2008/09/29 16:04:15 | 00,305,323 | ---- | C] () -- C:\Documents and Settings\Matthew\Desktop\RSIT.exe
    [2008/09/27 19:04:34 | 00,000,000 | ---D | C] -- C:\fixwareout
    [2008/09/27 19:03:59 | 00,486,449 | ---- | C] ( ) -- C:\Documents and

    Settings\Matthew\Desktop\Fixwareout.exe
    [2008/09/27 17:29:35 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Matthew\Desktop\HijackThis.lnk
    [2008/09/27 17:29:35 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2008/09/27 17:19:15 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Matthew\Desktop\HJTInstall.exe
    [2008/09/27 02:59:36 | 00,000,188 | ---- | C] () -- C:\WINDOWS\wininit.ini
    [2008/09/27 02:12:03 | 00,000,000 | ---D | C] -- C:\Program Files\InstallShield Installation Information
    [2008/09/27 02:11:54 | 00,001,964 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Drive Manager.lnk
    [2008/09/27 02:11:38 | 00,000,000 | ---D | C] -- C:\Program Files\Seagate
    [2008/09/27 02:02:31 | 00,000,861 | ---- | C] () -- C:\Documents and Settings\Matthew\Desktop\Stellar Phoenix Windows Data

    Recovery.lnk
    [2008/09/27 02:02:24 | 00,260,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSDATGRD.OCX
    [2008/09/27 02:02:24 | 00,000,000 | ---D | C] -- C:\Program Files\Stellar Phoenix Windows Data Recovery
    [2008/09/27 01:48:19 | 00,000,000 | ---D | C] -- C:\Documents and

    Settings\Matthew\Desktop\Stellar_Phoneix_Windows_Data_Recovery_v_3.0.0.1_adi231189__CW
    [2008/09/27 01:41:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ˆ
    ** - C:\WINDOWS\System32\?
    [2008/09/25 23:59:53 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.tgz
    [2008/09/25 23:59:53 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
    [2008/09/25 23:59:53 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
    [2008/09/25 23:59:53 | 00,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
    [2008/09/25 23:59:53 | 00,000,219 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.tgz
    [2008/09/25 23:59:53 | 00,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
    [2008/09/25 23:59:53 | 00,000,087 | ---- | C] () -- C:\WINDOWS\System32\ssprs.tgz
    [2008/09/25 23:59:53 | 00,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
    [2008/09/25 23:52:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Desktop\snd-Stellar.Phoenix.FAT.and.NTFS.2.1
    [2008/09/25 23:49:34 | 00,652,169 | ---- | C] () -- C:\Documents and

    Settings\Matthew\Desktop\snd-Stellar.Phoenix.FAT.and.NTFS.2.1.zip
    [2008/09/25 23:40:12 | 00,000,103 | RHS- | C] () -- C:\autorun.inf
    [2008/09/25 23:40:12 | 00,000,000 | RHSD | C] -- C:\resycled
    [2008/09/25 23:19:30 | 00,003,360 | ---- | C] () -- C:\WINDOWS\System32\esnecil.ind
    [2008/09/25 23:19:30 | 00,001,680 | ---- | C] () -- C:\WINDOWS\System32\esnecil.nlp
    [2008/09/25 23:19:30 | 00,000,004 | ---- | C] () -- C:\WINDOWS\vx86036.dat
    [2008/09/25 23:18:57 | 00,000,130 | ---- | C] () -- C:\WINDOWS\Crypkey.ini
    [2008/09/25 23:18:54 | 00,165,888 | ---- | C] (Kenonic Controls) -- C:\WINDOWS\Ckconfig.exe
    [2008/09/25 23:18:54 | 00,069,632 | ---- | C] (CrypKey (Canada) Ltd.) -- C:\WINDOWS\System32\Crypserv.exe
    [2008/09/25 23:18:54 | 00,031,846 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys
    [2008/09/25 23:18:54 | 00,027,648 | R--- | C] () -- C:\WINDOWS\Setup_ck.exe
    [2008/09/25 23:18:54 | 00,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll
    [2008/09/25 23:18:54 | 00,011,776 | ---- | C] () -- C:\WINDOWS\Ckrfresh.exe
    [2008/09/25 23:18:36 | 00,000,000 | ---D | C] -- C:\Program Files\Stellar Phoenix NTFS Data Recovery
    [2008/09/25 21:48:13 | 00,000,000 | ---D | C] -- C:\Program Files\EASIS
    [2008/09/25 18:38:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Seagate
    [2008/09/25 18:37:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
    [2008/09/24 09:58:50 | 12,639,7177 | ---- | C] () -- C:\Documents and Settings\Matthew\Desktop\Trailer_Final.mov
    [2008/09/24 00:47:34 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
    [2008/09/24 00:47:34 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
    [2008/09/18 18:52:38 | 00,001,800 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Network Magic.lnk
    [2008/09/18 18:52:33 | 00,000,000 | ---D | C] -- C:\Program Files\Pure Networks
    [2008/09/18 18:50:30 | 00,023,992 | ---- | C] (Pure Networks, Inc.) -- C:\WINDOWS\System32\drivers\pnarp.sys
    [2008/09/18 18:50:26 | 00,025,272 | ---- | C] (Pure Networks, Inc.) -- C:\WINDOWS\System32\drivers\purendis.sys
    [2008/09/18 18:50:21 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Pure Networks Shared
    [2008/09/18 18:49:16 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Pure Networks
    [2008/09/15 22:37:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Desktop\retouching
    [2008/09/15 22:06:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Matthew\Desktop\Photo-Board-Theme
    [2008/09/15 21:21:31 | 00,027,589 | ---- | C] () -- C:\Documents and Settings\Matthew\Desktop\Photo-Board-Theme.zip
    [2008/09/14 17:16:05 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Mediafour
    [2008/09/14 17:16:04 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mediafour
    [2008/09/14 17:15:25 | 00,000,000 | ---D | C] -- C:\Program Files\Mediafour
    [2008/09/08 03:13:48 | 00,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
    [2008/09/08 03:13:48 | 00,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
    [2008/09/08 03:13:48 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\xvid.ax
    [2008/09/08 03:13:48 | 00,000,000 | ---D | C] -- C:\Program Files\Xvid
    [2008/09/07 02:48:11 | 00,000,000 | ---D | C] -- C:\Program Files\Netflix

    ========== Files - Modified Within 30 Days ==========

    [1 C:\WINDOWS\System32\*.tmp files]
    [3 C:\WINDOWS\*.tmp files]
    [2008/10/30 17:26:45 | 00,000,250 | ---- | M] () -- C:\WINDOWS\gmer.ini
    [2008/10/30 17:07:04 | 00,884,736 | ---- | M] () -- C:\WINDOWS\gmer.dll
    [2008/10/30 17:07:04 | 00,085,969 | ---- | M] (GMER) -- C:\WINDOWS\System32\drivers\gmer.sys
    [2008/10/30 17:07:04 | 00,000,080 | ---- | M] () -- C:\WINDOWS\gmer_uninstall.cmd
    [2008/10/30 17:05:59 | 00,419,840 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Matthew\Desktop\OTViewIt.exe
    [2008/10/30 17:03:20 | 00,747,873 | ---- | M] () -- C:\Documents and Settings\Matthew\Desktop\gmer.zip
    [2008/10/06 16:47:27 | 00,000,154 | ---- | M] () -- C:\Documents and Settings\Matthew\Desktop\search.bat
    [2008/10/06 16:46:55 | 00,000,678 | ---- | M] () -- C:\WINDOWS\win.ini
    [2008/10/06 16:45:22 | 00,182,441 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
    [2008/10/06 16:44:58 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
    [2008/10/06 16:44:43 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
    [2008/10/06 16:44:40 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
    [2008/10/05 23:07:53 | 00,000,103 | RHS- | M] () -- C:\autorun.inf
    [2008/10/05 21:35:32 | 07,474,870 | ---- | M] () -- C:\Documents and Settings\Matthew\Desktop\dir615_revB_manual_240.zip
    [2008/10/05 21:06:43 | 00,000,008 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
    [2008/10/05 03:37:02 | 00,121,856 | ---- | M] () -- C:\Documents and Settings\Matthew\Local Settings\Application

    Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2008/10/02 21:28:26 | 00,335,360 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Matthew\Desktop\OTMoveIt3.exe
    [2008/10/01 17:49:58 | 00,322,707 | ---- | M] () -- C:\Documents and Settings\Matthew\Desktop\NY-S-00198.pdf
    [2008/09/29 16:19:05 | 00,000,963 | ---- | M] () -- C:\Documents and Settings\Matthew\Desktop\Spybot - Search & Destroy.lnk
    [2008/09/29 16:04:15 | 00,305,323 | ---- | M] () -- C:\Documents and Settings\Matthew\Desktop\RSIT.exe
    [2008/09/27 19:04:00 | 00,486,449 | ---- | M] ( ) -- C:\Documents and

    Settings\Matthew\Desktop\Fixwareout.exe
    [2008/09/27 17:29:35 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Matthew\Desktop\HijackThis.lnk
    [2008/09/27 17:19:15 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Matthew\Desktop\HJTInstall.exe
    [2008/09/27 09:30:34 | 00,000,188 | ---- | M] () -- C:\WINDOWS\wininit.ini
    [2008/09/27 02:11:54 | 00,001,964 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Drive Manager.lnk
    [2008/09/27 02:03:11 | 00,003,360 | ---- | M] () -- C:\WINDOWS\System32\esnecil.ind
    [2008/09/27 02:03:11 | 00,000,004 | ---- | M] () -- C:\WINDOWS\vx86036.dat
    [2008/09/27 02:02:32 | 00,000,130 | ---- | M] () -- C:\WINDOWS\Crypkey.ini
    [2008/09/27 02:02:31 | 00,000,861 | ---- | M] () -- C:\Documents and Settings\Matthew\Desktop\Stellar Phoenix Windows Data

    Recovery.lnk
    [2008/09/26 23:54:33 | 00,000,087 | ---- | M] () -- C:\WINDOWS\System32\ssprs.tgz
    [2008/09/26 23:54:33 | 00,000,073 | ---- | M] () -- C:\WINDOWS\System32\ssprs.dll
    [2008/09/26 23:49:59 | 00,000,219 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.tgz
    [2008/09/26 23:49:59 | 00,000,205 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.dll
    [2008/09/25 23:59:53 | 00,001,025 | ---- | M] () -- C:\WINDOWS\System32\sysprs7.tgz
    [2008/09/25 23:59:53 | 00,001,025 | ---- | M] () -- C:\WINDOWS\System32\sysprs7.dll
    [2008/09/25 23:59:53 | 00,001,025 | ---- | M] () -- C:\WINDOWS\System32\clauth2.dll
    [2008/09/25 23:59:53 | 00,001,025 | ---- | M] () -- C:\WINDOWS\System32\clauth1.dll
    [2008/09/25 23:49:35 | 00,652,169 | ---- | M] () -- C:\Documents and

    Settings\Matthew\Desktop\snd-Stellar.Phoenix.FAT.and.NTFS.2.1.zip
    [2008/09/25 23:19:30 | 00,001,680 | ---- | M] () -- C:\WINDOWS\System32\esnecil.nlp
    [2008/09/24 09:58:50 | 12,639,7177 | ---- | M] () -- C:\Documents and Settings\Matthew\Desktop\Trailer_Final.mov
    [2008/09/24 01:49:43 | 00,381,228 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
    [2008/09/24 01:49:43 | 00,328,322 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
    [2008/09/24 01:49:43 | 00,045,260 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
    [2008/09/22 22:00:00 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [2008/09/18 18:52:38 | 00,001,800 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Network Magic.lnk
    [2008/09/15 21:21:32 | 00,027,589 | ---- | M] () -- C:\Documents and Settings\Matthew\Desktop\Photo-Board-Theme.zip
    [2008/09/10 03:00:52 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
    < End of report >

  4. #24
    Junior Member
    Join Date
    Sep 2008
    Posts
    21

    Default

    Extras

    OTViewIt Extras logfile created on: 10/6/2008 4:49:29 PM - Run 4
    OTViewIt by OldTimer - Version 1.0.9.2 Folder = C:\Documents and Settings\Matthew\Desktop
    Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
    Internet Explorer (Version = 7.0.5730.13)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 100.00% Memory free
    4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
    Paging file location(s): C:\pagefile.sys 2046 4092;

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 74.52 Gb Total Space | 57.18 Gb Free Space | 76.73% Space Free | Partition Type: NTFS
    Drive D: | 465.76 Gb Total Space | 239.82 Gb Free Space | 51.49% Space Free | Partition Type: NTFS
    E: Drive not present or media not loaded
    F: Drive not present or media not loaded
    G: Drive not present or media not loaded
    H: Drive not present or media not loaded
    I: Drive not present or media not loaded

    Computer Name: MATT
    Current User Name: Matthew
    Logged in as Administrator.

    Current Boot Mode: Normal
    Scan Mode: All users
    Whitelist: On
    File Age = 30 Days

    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirstRunDisabled"=1
    "AntiVirusDisableNotify"=0
    "FirewallDisableNotify"=0
    "UpdatesDisableNotify"=0
    "AntiVirusOverride"=0
    "FirewallOverride"=0
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications

    \List]
    [2008/04/14 01:23:34 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network

    Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
    [2008/04/14 06:42:36 | 00,141,312 | ---- | M] (Microsoft Corporation) --

    %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
    [2006/08/01 15:35:36 | 00,067,112 | ---- | M] (America Online, Inc.) -- C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant

    Messenger
    [2006/11/13 13:39:34 | 00,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft

    ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
    [2006/11/13 13:39:52 | 01,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft

    ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
    [2006/11/13 13:39:54 | 04,270,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft

    ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplicatio

    ns\List]
    [2008/04/14 01:23:34 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network

    Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
    [2008/04/14 06:42:36 | 00,141,312 | ---- | M] (Microsoft Corporation) --

    %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
    [2007/07/24 15:17:08 | 00,229,376 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
    [2008/07/10 10:51:26 | 20,246,824 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
    [2007/03/20 16:41:24 | 00,153,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\Adobe Version

    Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server
    [2008/07/28 04:07:31 | 09,080,832 | ---- | M] (Final Draft Inc.) -- C:\Program Files\Final Draft 7\Final

    Draft.exe:*:Enabled:Final Draft
    File not found -- C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader
    File not found -- C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM
    [2006/08/01 15:35:36 | 00,067,112 | ---- | M] (America Online, Inc.) -- C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant

    Messenger
    [2005/12/15 11:40:44 | 00,282,624 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital

    Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe
    [2005/12/15 12:47:22 | 00,204,800 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital

    Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe
    [2006/01/23 18:40:30 | 00,225,280 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital

    Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe
    [2006/01/23 18:40:04 | 00,040,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital

    Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe
    [2006/01/23 18:35:14 | 00,081,920 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital

    Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe
    [2005/09/20 21:40:04 | 00,196,608 | ---- | M] () -- C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe
    [2005/09/20 21:01:22 | 01,081,344 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital

    Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe
    [2006/01/23 19:09:36 | 00,172,032 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital

    Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe
    [2005/09/20 21:25:22 | 00,151,635 | ---- | M] (Hewlett-Packard) -- C:\Program Files\HP\Digital

    Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe
    [2006/01/23 18:38:52 | 00,438,272 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital

    Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe
    [2005/09/16 00:29:38 | 00,421,888 | ---- | M] () -- C:\Program Files\HP\Digital

    Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe
    [2005/09/16 00:34:18 | 00,733,184 | ---- | M] ( ) -- C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe
    [2006/01/23 19:03:00 | 00,057,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital

    Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe
    [2005/12/15 12:51:46 | 00,139,264 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital

    Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe
    [2008/09/27 02:29:00 | 00,307,712 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla

    Firefox\firefox.exe:*:Enabled:Firefox
    File not found -- C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
    [2006/11/13 13:39:34 | 00,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft

    ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
    [2006/11/13 13:39:52 | 01,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft

    ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
    [2006/11/13 13:39:54 | 04,270,888 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft

    ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
    [2008/05/16 06:11:44 | 00,648,504 | ---- | M] (Pure Networks, Inc.) -- C:\Program Files\Common Files\Pure Networks

    Shared\Platform\nmsrvc.exe:LocalSubNet:Enabled:Pure Networks Platform Service

    ========== (O10) Winsock2 Catalogs ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
    NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] -- C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

    ========== HKEY_USERS Protocol Defaults ==========


    [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols
    @ivt -- @ivt protocol not assigned
    file -- file protocol not assigned
    ftp -- ftp protocol not assigned
    http -- http protocol not assigned
    https -- https protocol not assigned
    shell -- shell protocol not assigned

    ========== (O18) Protocol Handlers ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
    ipp: [HKLM - No CLSID value]
    [2003/07/11 02:25:22 | 00,842,816 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL

    ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
    msdaipp: [HKLM - No CLSID value]
    [2003/07/11 02:25:22 | 00,842,816 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL

    msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]
    [2003/07/11 02:25:22 | 00,842,816 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL

    msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]
    [2000/04/19 18:47:36 | 00,520,117 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Information

    Retrieval\MSITSS.DLL (ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} (HKLM) [Microsoft Infotech Storage Protocol for IE 4.0])
    [2003/08/04 13:19:34 | 07,330,360 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Web

    Components\10\OWC10.DLL (mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} (HKLM) [Data Page Pluggable Protocol mso-offdap

    Handler])
    [2003/08/01 15:09:04 | 08,086,072 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Web

    Components\11\OWC11.DLL (mso-offdap11:{32505114-5902-49B2-880A-1F7738E5A384} (HKLM) [Data Page Plugable Protocal mso-offdap11

    Handler])
    [2008/08/03 14:50:56 | 00,144,696 | ---- | M] (Pure Networks, Inc.) C:\Program Files\Common Files\Pure Networks

    Shared\Platform\puresp4.dll (pure-go:{4746C79A-2042-4332-8650-48966E44ABA8} (HKLM) [CPureGoProtoInfo Object])

    ========== (O18) Protocol Filters ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\] - Protocol Filters
    [2003/07/14 22:45:12 | 00,039,488 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft

    Shared\OFFICE11\MSOXMLMF.DLL text/xml:{807553E5-5146-11D5-A672-00B0D022E945} (HKLM) [Reg Error: Value does not exist or could

    not be read.]

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{00203668-8170-44A0-BE44-B632FA4D780F}"=Adobe AIR
    "{0046FA01-C5B9-4985-BACB-398DC480FC05}"=Adobe Photoshop CS3
    "{0224CACC-994D-45F8-B973-D65056EA9C2F}"=Adobe XMP DVA Panels CS3
    "{02DFF6B1-1654-411C-8D7B-FD6052EF016F}"=Apple Software Update
    "{0327FA9D-975C-448C-A086-577D57BB25B8}"=Adobe Soundbooth CS3 Codecs
    "{05C56753-F144-44BC-BA67-83CC5DBF395C}"=F300
    "{08B32819-6EEF-4057-AEDA-5AB681A36A23}"=Adobe Bridge Start Meeting
    "{08CA9554-B5FE-4313-938F-D4A417B81175}"=QuickTime
    "{0BF5FBE7-3907-4A1F-9E48-8B66E52850D6}"=TrayApp
    "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}"=Adobe WinSoft Linguistics Plugin
    "{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}"=Adobe After Effects CS3 Presets
    "{1D58229F-C505-45CA-8223-F35F3A34B963}"=Adobe Version Cue CS3 Server
    "{1DDB76B6-9B33-47DE-8577-78EBFD3E2FF3}"=Adobe Setup
    "{1E1F1E70-14D8-4380-8652-BD1A895A7D65}"=Status
    "{23B35809-5E4A-4F14-8332-1CDEDDFAC089}"=CP_Package_Variety2
    "{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}"=Destinations
    "{29E5EA97-5F74-4A57-B8B2-D4F169117183}"=Adobe Stock Photos CS3
    "{2BA00471-0328-3743-93BD-FA813353A783}"=Microsoft .NET Framework 3.0 Service Pack 1
    "{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}"=Adobe Flash Video Encoder
    "{2FC099BD-AC9B-33EB-809C-D332E1B27C40}"=Microsoft .NET Framework 3.5
    "{31263605-FC84-4787-B847-BA445B147E24}"=ScannerCopy
    "{3248F0A8-6813-11D6-A77B-00B0D0160070}"=Java(TM) 6 Update 7
    "{33F09ED5-3355-470A-AD79-6DFA8FC553E3}"=MacDrive 7
    "{34F3FCF1-817B-4D61-B6AF-19D9486AFEA0}"=Unload
    "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
    "{35B91753-5789-4517-9CF1-2CCE3A8CF4F1}"=Apple Mobile Device Support
    "{4041C245-7099-4C96-9738-5EBC23827B3C}"=BufferChm
    "{4458C442-7376-4CF9-AF58-E8CEA6722363}"=Adobe Setup
    "{485ACF57-F364-440A-8496-E1E81C8FA1AA}"=Adobe Premiere Pro CS3 Third Party Content
    "{48B0F38D-1913-44F3-99AA-D4C55A2B038E}"=Drive Manager
    "{4BE53DB2-C1F2-44D1-A9AB-1630BA7F2AF1}"=SolutionCenter
    "{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}"=Adobe Premiere Pro CS3 Functional Content
    "{51846830-E7B2-4218-8968-B77F0FF475B8}"=Adobe Color EU Extra Settings
    "{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1}"=CP_Package_Variety1
    "{54793AA1-5001-42F4-ABB6-C364617C6078}"=Adobe Linguistics CS3
    "{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}"=Adobe Encore CS3
    "{578B6EF9-119B-4FB8-8377-7DAFA9588B97}"=Network Magic
    "{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}"=Adobe Premiere Pro CS3
    "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}"=eSupportQFolder
    "{68763C27-235D-4165-A961-FDEA228CE504}"=AiOSoftwareNPI
    "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}"=Adobe Fonts All
    "{6B52140A-F189-4945-BFFC-DB3F00B8C589}"=Adobe Flash CS3
    "{6B708481-748A-4EB4-97C1-CD386244FF77}"=Adobe MotionPicture Color Files
    "{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}"=AHV content for Acrobat and Flash
    "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}"=Adobe Asset Services CS3
    "{71D9B000-CD43-4DE9-9729-49434415B8F7}"=F300Trb
    "{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
    "{736C803C-DD3B-4015-BC51-AFB9E67B9076}"=Readme
    "{77DCDCE3-2DED-62F3-8154-05E745472D07}"=Acrobat.com
    "{78D62D17-D970-42DA-B8CF-5E5576293B33}"=Final Draft 7
    "{7ACFB90E-8FD0-4397-AD3A-5195412623A3}"=Adobe Help Viewer CS3
    "{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}"=Adobe Dreamweaver CS3
    "{7DFC1012-D346-46CE-B03E-FF79125AE029}"=Adobe Fireworks CS3
    "{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}"=ProductContextNPI
    "{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}"=Adobe Video Profiles
    "{8718DC03-D066-4957-94E5-50C3C5042E8E}"=Adobe Creative Suite 3 Master Collection
    "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}"=Adobe Device Central CS3
    "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}"=Adobe Type Support
    "{90110409-6000-11D3-8CFE-0150048383C9}"=Microsoft Office Professional Edition 2003
    "{90176341-0A8B-4CCC-A78D-F862228A6B95}"=Adobe Anchor Service CS3
    "{95655ED4-7CA5-46DF-907F-7144877A32E5}"=Adobe Color NA Recommended Settings
    "{99052DB7-9592-4522-A558-5417BBAD48EE}"=Microsoft ActiveSync
    "{9C9824D9-9000-4373-A6A5-D0E5D4831394}"=Adobe Bridge CS3
    "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}"=Adobe CMaps
    "{A2D81E70-2A98-4A08-A628-94388B063C5E}"=Adobe Color - Photoshop Specific
    "{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}"=Adobe Soundbooth CS3
    "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}"=DeviceManagementQFolder
    "{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}"=PDF Settings
    "{AC76BA86-1033-0000-7760-000000000003}"=Adobe Acrobat 8 Professional
    "{AC76BA86-7AD7-1033-7B44-A90000000001}"=Adobe Reader 9
    "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}"=Adobe Camera Raw 4.0
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1"=Spybot - Search & Destroy
    "{B508B3F1-A24A-32C0-B310-85786919EF28}"=Microsoft .NET Framework 2.0 Service Pack 1
    "{B57F2FF0-5A25-4332-B503-4592B370C02F}"=CP_Package_Variety3
    "{B671CBFD-4109-4D35-9252-3062D3CCB7B2}"=Adobe SING CS3
    "{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}"=Adobe BridgeTalk Plugin CS3
    "{B7E2A724-2774-4AC2-9F0A-B58C7319B6E6}"=Sony Vegas Pro 8.0
    "{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}"=Adobe Encore CS3 Codecs
    "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}"=Adobe Default Language CS3
    "{BB05D173-9681-4812-A7FA-BD4042A3DA00}"=Alky for Applications (Windows XP)
    "{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}"=Adobe Flash Player 9 ActiveX
    "{BCE72AED-3332-4863-9567-C5DCB9052CA2}"=Netflix Movie Viewer
    "{BE5F3842-8309-4754-92D5-83E02E6077A3}"=Adobe Extension Manager CS3
    "{BF4E9ED0-EF26-4A4C-A123-6A6A1ABEE411}"=DocProc
    "{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}"=Adobe ExtendScript Toolkit 2
    "{C5BD220A-EFE8-48A5-B70E-9503D535FACE}"=Adobe WAS CS3
    "{C6812939-B117-48E6-A3BA-1709C14A3C8C}"=Scan
    "{C8753E28-2680-49BF-BD48-DD38FD086EFE}"=AiO_Scan_CDA
    "{C9507D0D-1A9C-486E-91D6-33A71CCA55F2}"=Pure Networks Platform
    "{C98E8D9D-21DE-4F87-A9B7-142BB89840FC}"=Toolbox
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1
    "{CB3F8375-B600-4B9F-83C9-238ED1E583FD}"=Adobe InDesign CS3
    "{D0DFF92A-492E-4C40-B862-A74A173C25C5}"=Adobe Version Cue CS3 Client
    "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}"=Adobe PDF Library Files
    "{D5A31AB1-345D-47C7-A87B-036A669F6DF1}"=Adobe XMP Panels CS3
    "{D7CAE58E-26DE-49B7-A75D-EAEDF76726BE}"=HP Photosmart Essential
    "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}"=Adobe Color Common Settings
    "{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}"=Adobe Color JA Extra Settings
    "{DEBB2986-15B0-4D28-95FA-5C966A396589}"=HPProductAssistant
    "{E1230694-33DA-4E74-82E1-06CC9D545E9B}"=Windows Vista Sounds Pack
    "{E5966E4C-0A93-4F59-A981-BD3173D4799F}"=F300_Help
    "{E5A8DDAB-AE80-48C6-A75B-D0FAB83B299D}"=HP PSC & OfficeJet 6.1.A
    "{E69AE897-9E0B-485C-8552-7841F48D42D8}"=Adobe Update Manager CS3
    "{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}"=Adobe InDesign CS3 Icon Handler
    "{EB0202F7-016A-410C-ADE4-40F848CCC661}"=Adobe After Effects CS3
    "{EC2715CE-C182-483C-84CC-81D7D914CF14}"=WebReg
    "{EC3B29CD-76FF-4689-9647-8CCE67AC1D25}"=Data LifeSaver
    "{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93}"=HP Software Update
    "{EF6C4600-306D-4F6A-A119-C2A877D25B4A}"=iTunes
    "{F08E8D2E-F132-4742-9C87-D5FF223A016A}"=Adobe Illustrator CS3
    "{F6076EF9-08E1-442F-B6A2-BFB61B295A14}"=Fax_CDA
    "{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}"=NewCopy_CDA
    "{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}"=Adobe Contribute CS3
    "Adobe Acrobat 8 Professional"=Adobe Acrobat 8.1.2 Professional
    "Adobe AIR"=Adobe AIR
    "Adobe Flash Player Plugin"=Adobe Flash Player Plugin
    "Adobe_4dcfd9b7e901b57f81f667144603236"=Add or Remove Adobe Creative Suite 3 Master Collection
    "Adobe_5ac697db6c6103f6f8b5198d25f73f7"=Add or Remove Adobe Creative Suite 3 Master Collection
    "AOL Instant Messenger"=AOL Instant Messenger
    "CCleaner"=CCleaner (remove only)
    "C-Media Audio Driver"=C-Media High Definition Audio Driver
    "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1"=Acrobat.com
    "Core FTP LE 2.1"=Core FTP LE 2.1
    "DamnNFOViewer"=DAMN NFO Viewer v2.10.0032.RC3 (Remove Only)
    "HijackThis"=HijackThis 2.0.2
    "HP Imaging Device Functions"=HP Imaging Device Functions 6.1
    "HP Solution Center & Imaging Support Tools"=HP Solution Center and Imaging Support Tools 6.1
    "IconPackager"=IconPackager
    "InstallShield_{48B0F38D-1913-44F3-99AA-D4C55A2B038E}"=Drive Manager
    "Kristanix Right Click Image Converter"=Right Click Image Converter
    "LClock"=LClock
    "Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 3.5"=Microsoft .NET Framework 3.5
    "Mozilla Firefox (3.0.3)"=Mozilla Firefox (3.0.3)
    "MSCompPackV1"=Microsoft Compression Client Pack 1.0 for Windows XP
    "Network MagicUninstall"=Network Magic
    "NVIDIA Drivers"=NVIDIA Drivers
    "PeerGuardian_is1"=PeerGuardian 2.0
    "Resource Hacker 3.4.0"=Resource Hacker 3.4.0
    "Stellar Phoenix Windows Data Recovery_is1"=Stellar Phoenix Windows Data Recovery V3.0
    "Unlocker"=Unlocker 1.8.5
    "Winamp"=Winamp
    "Windows Media Format Runtime"=Windows Media Format 11 runtime
    "Windows Media Player"=Windows Media Player 11
    "WinRAR archiver"=WinRAR archiver
    "WMFDist11"=Windows Media Format 11 runtime
    "wmp11"=Windows Media Player 11
    "Wudf01000"=Microsoft User-Mode Driver Framework Feature Pack 1.0
    "XpsEPSC"=XML Paper Specification Shared Components Pack 1.0
    "Xvid_is1"=Xvid 1.1.3 final uninstall

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 8/22/2008 8:14:19 PM | Computer Name = MATT | Source = Application Hang | ID = 1002
    Description = Hanging application OIS.EXE, version 11.0.5510.0, hang module hungapp,
    version 0.0.0.0, hang address 0x00000000.

    Error - 9/9/2008 11:54:52 PM | Computer Name = MATT | Source = Application Error | ID = 1000
    Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
    module , version 0.0.0.0, fault address 0x00000000.

    Error - 9/25/2008 8:48:51 PM | Computer Name = MATT | Source = Application Hang | ID = 1002
    Description = Hanging application PandoraRecovery.exe, version 2.0.1.0, hang module
    hungapp, version 0.0.0.0, hang address 0x00000000.

    Error - 9/25/2008 8:48:51 PM | Computer Name = MATT | Source = Application Hang | ID = 1002
    Description = Hanging application PandoraRecovery.exe, version 2.0.1.0, hang module
    hungapp, version 0.0.0.0, hang address 0x00000000.

    Error - 9/26/2008 7:27:09 AM | Computer Name = MATT | Source = Application Error | ID = 1000
    Description = Faulting application firefox.exe, version 1.9.0.3180, faulting module
    npswf32.dll, version 9.0.124.0, fault address 0x0000d676.

    Error - 9/27/2008 9:33:09 AM | Computer Name = MATT | Source = Application Error | ID = 1000
    Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
    module unknown, version 0.0.0.0, fault address 0x01c04130.

    Error - 10/29/2008 9:33:51 PM | Computer Name = MATT | Source = Application Hang | ID = 1002
    Description = Hanging application Fireworks.exe, version 9.0.0.1188, hang module
    hungapp, version 0.0.0.0, hang address 0x00000000.

    Error - 10/5/2008 3:17:01 AM | Computer Name = MATT | Source = Application Error | ID = 1000
    Description = Faulting application adobe premiere pro.exe, version 3.0.0.0, faulting
    module unknown, version 0.0.0.0, fault address 0xcccccccc.

    Error - 10/5/2008 3:41:49 AM | Computer Name = MATT | Source = Application Error | ID = 1000
    Description = Faulting application adobe premiere pro.exe, version 3.0.0.0, faulting
    module unknown, version 0.0.0.0, fault address 0x00000006.

    Error - 10/5/2008 4:12:06 AM | Computer Name = MATT | Source = Application Error | ID = 1000
    Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
    module unknown, version 0.0.0.0, fault address 0x01ad4130.

    [ System Events ]
    Error - 9/26/2008 12:35:56 AM | Computer Name = MATT | Source = Disk | ID = 262151
    Description = The device, \Device\Harddisk1\D, has a bad block.

    Error - 9/26/2008 12:36:00 AM | Computer Name = MATT | Source = Ntfs | ID = 262199
    Description = The file system structure on the disk is corrupt and unusable. Please
    run the chkdsk utility on the volume F:.

    Error - 10/29/2008 8:40:27 PM | Computer Name = MATT | Source = Windows Update Agent | ID = 16
    Description = Unable to Connect: Windows is unable to connect to the automatic updates
    service and therefore cannot download and install updates according to the set
    schedule. Windows will continue to try to establish a connection.

    Error - 10/29/2008 9:33:42 PM | Computer Name = MATT | Source = Service Control Manager | ID = 7034
    Description = The FLEXnet Licensing Service service terminated unexpectedly. It
    has done this 1 time(s).

    Error - 10/30/2008 6:36:00 AM | Computer Name = MATT | Source = Dhcp | ID = 1000
    Description = Your computer has lost the lease to its IP address 192.168.0.199 on
    the Network Card with network address 0011D8D604D3.

    Error - 10/30/2008 6:36:19 AM | Computer Name = MATT | Source = W32Time | ID = 39452706
    Description = The time service has detected that the system time needs to be changed
    by -2591995 seconds. The time service will not change the system time by more than
    -54000 seconds. Verify that your time and time zone are correct, and that the time
    source time.windows.com (ntp.m|0x1|192.168.0.199:123->207.46.232.182:123) is working
    properly.

    Error - 10/3/2008 5:01:24 AM | Computer Name = MATT | Source = Service Control Manager | ID = 7034
    Description = The Application Layer Gateway Service service terminated unexpectedly.
    It has done this 1 time(s).

    Error - 10/5/2008 4:11:56 AM | Computer Name = MATT | Source = Service Control Manager | ID = 7034
    Description = The MacDrive service service terminated unexpectedly. It has done
    this 1 time(s).

    Error - 10/5/2008 12:37:35 PM | Computer Name = MATT | Source = PlugPlayManager | ID = 12
    Description = The device 'WDC WD5000KS-00MNB0' (IDE\DiskWDC_WD5000KS-00MNB0_____________________07.02E07\5&3a08c9d0&0&0.1.0)
    disappeared from the system without first being prepared for removal.

    Error - 10/5/2008 4:58:40 PM | Computer Name = MATT | Source = Windows Update Agent | ID = 16
    Description = Unable to Connect: Windows is unable to connect to the automatic updates
    service and therefore cannot download and install updates according to the set
    schedule. Windows will continue to try to establish a connection.


    < End of report >

  5. #25
    Junior Member
    Join Date
    Sep 2008
    Posts
    21

    Default

    Look32

    Volume in drive C has no label.
    Volume Serial Number is 70D4-A8BA

    Directory of C:\WINDOWS\system32

    10/06/2008 04:45 PM 182,441 nvapps.xml
    10/06/2008 04:44 PM 2,206 wpa.dbl
    10/05/2008 09:06 PM 8 nvModes.dat
    09/27/2008 02:03 AM 3,360 esnecil.ind
    09/26/2008 11:54 PM 87 ssprs.tgz
    09/26/2008 11:54 PM 73 ssprs.dll
    09/26/2008 11:49 PM 205 lsprst7.dll
    09/26/2008 11:49 PM 219 lsprst7.tgz
    09/25/2008 11:59 PM 1,025 clauth2.dll
    09/25/2008 11:59 PM 1,025 sysprs7.tgz
    09/25/2008 11:59 PM 1,025 clauth1.dll
    09/25/2008 11:59 PM 1,025 sysprs7.dll
    09/25/2008 11:19 PM 1,680 esnecil.nlp
    09/24/2008 01:49 AM 328,322 perfh009.dat
    09/24/2008 01:49 AM 45,260 perfc009.dat
    09/24/2008 01:49 AM 381,228 PerfStringBackup.INI
    09/11/2008 08:37 PM 6,587 jupdate-1.6.0_07-b06.log
    08/26/2008 04:28 PM 16,208,504 MRT.exe
    08/14/2008 03:01 AM 359,790 TZLog.log
    08/06/2008 03:47 PM 1,545,320 FNTCACHE.DAT
    07/24/2008 08:04 PM 849 $winnt$.inf
    07/24/2008 08:03 PM 23,392 nscompat.tlb
    07/24/2008 08:03 PM 16,832 amcompat.tlb
    07/24/2008 08:00 PM 6,341 jupdate-1.6.0_06-b02.log
    07/24/2008 07:49 PM 2,577 CONFIG.NT
    07/24/2008 07:48 PM 488 logonui.exe.manifest
    07/24/2008 07:48 PM 488 WindowsLogon.manifest
    07/24/2008 07:48 PM 749 cdplayer.exe.manifest
    07/24/2008 07:48 PM 749 nwc.cpl.manifest
    07/24/2008 07:48 PM 749 sapi.cpl.manifest
    07/24/2008 07:48 PM 749 wuaucpl.cpl.manifest
    07/24/2008 07:48 PM 749 ncpa.cpl.manifest
    07/24/2008 07:46 PM 21,640 emptyregdb.dat
    07/24/2008 03:38 PM 0 h323log.txt
    07/24/2008 03:28 PM 4,444 pid.PNF
    07/18/2008 10:10 PM 94,920 cdm.dll
    07/18/2008 10:10 PM 53,448 wuauclt.exe
    07/18/2008 10:10 PM 45,768 wups2.dll
    07/18/2008 10:10 PM 33,992 wucltui.dll.mui
    07/18/2008 10:10 PM 36,552 wups.dll
    07/18/2008 10:09 PM 325,832 wucltui.dll
    07/18/2008 10:09 PM 215,752 wuaucpl.cpl
    07/18/2008 10:09 PM 205,000 wuweb.dll
    07/18/2008 10:09 PM 563,912 wuapi.dll
    07/18/2008 10:09 PM 25,800 wuapi.dll.mui
    07/18/2008 10:09 PM 1,811,656 wuaueng.dll
    07/18/2008 10:09 PM 25,800 wuaucpl.cpl.mui
    07/18/2008 10:08 PM 20,680 wuaueng.dll.mui
    07/11/2008 08:42 AM 62,976 tzchange.exe
    07/07/2008 04:26 PM 253,952 es.dll
    06/24/2008 06:12 PM 295,936 wmpeffects.dll
    06/24/2008 12:43 PM 74,240 mscms.dll
    06/23/2008 12:01 PM 1,162,752 urlmon.dll
    06/23/2008 12:01 PM 827,904 wininet.dll
    06/23/2008 12:01 PM 233,472 webcheck.dll
    06/23/2008 12:01 PM 105,984 url.dll
    06/23/2008 12:01 PM 102,912 occache.dll
    06/23/2008 12:01 PM 44,544 pngfilt.dll
    06/23/2008 12:01 PM 671,232 mstime.dll
    06/23/2008 12:01 PM 193,024 msrating.dll
    06/23/2008 12:01 PM 477,696 mshtmled.dll
    06/23/2008 12:01 PM 3,594,240 mshtml.dll
    06/23/2008 12:01 PM 1,831,424 inetcpl.cpl
    06/23/2008 12:01 PM 459,264 msfeeds.dll
    06/23/2008 12:01 PM 27,648 jsproxy.dll
    06/23/2008 12:01 PM 52,224 msfeedsbs.dll
    06/23/2008 12:01 PM 267,776 iertutil.dll
    06/23/2008 12:01 PM 44,544 iernonce.dll
    06/23/2008 12:01 PM 6,068,736 ieframe.dll
    06/23/2008 12:01 PM 383,488 ieapfltr.dll
    06/23/2008 12:01 PM 388,608 iedkcs32.dll
    06/23/2008 12:01 PM 214,528 dxtrans.dll
    06/23/2008 12:01 PM 230,400 ieaksie.dll
    06/23/2008 12:01 PM 63,488 icardie.dll
    06/23/2008 12:01 PM 153,088 ieakeng.dll
    06/23/2008 12:01 PM 132,608 extmgr.dll
    06/23/2008 12:01 PM 124,928 advpack.dll
    06/23/2008 12:01 PM 347,136 dxtmsft.dll
    06/23/2008 04:23 AM 70,656 ie4uinit.exe
    06/23/2008 04:23 AM 13,824 ieudinit.exe
    06/21/2008 01:23 AM 161,792 ieakui.dll
    06/20/2008 01:46 PM 245,248 mswsock.dll
    06/20/2008 01:46 PM 147,968 dnsapi.dll
    06/10/2008 02:32 AM 73,728 javacpl.cpl
    06/10/2008 02:32 AM 139,264 javaws.exe
    06/10/2008 01:21 AM 135,168 javaw.exe
    06/10/2008 01:21 AM 135,168 java.exe
    05/27/2008 10:50 AM 90,112 QuickTimeVR.qtx
    05/27/2008 10:50 AM 57,344 QuickTime.qts
    05/21/2008 05:29 PM 487,424 msvcp70.dll
    05/21/2008 05:29 PM 344,064 msvcr70.dll
    05/09/2008 07:23 PM 135,168 wshom.ocx
    05/09/2008 06:53 AM 90,112 wshext.dll
    05/09/2008 06:53 AM 172,032 scrrun.dll
    05/09/2008 06:53 AM 430,080 vbscript.dll
    05/09/2008 06:53 AM 512,000 jscript.dll
    05/09/2008 06:53 AM 180,224 scrobj.dll
    05/08/2008 07:24 AM 155,648 wscript.exe
    05/07/2008 05:07 AM 135,168 cscript.exe
    05/07/2008 01:12 AM 1,288,192 quartz.dll
    05/02/2008 10:46 PM 1,486,848 nview.dll
    05/02/2008 10:46 PM 3,391,488 nvgames.dll
    05/02/2008 10:46 PM 313,888 nvexpbar.dll
    05/02/2008 10:46 PM 1,339,392 nvdspsch.exe
    05/02/2008 10:46 PM 181,895 nvdsp.chm
    05/02/2008 10:46 PM 6,582,272 nvdisps.dll
    05/02/2008 10:46 PM 18,070 nvdisp.nvu
    05/02/2008 10:46 PM 1,241,088 nvcuda.dll
    05/02/2008 10:46 PM 768,544 nvcplui.exe
    05/02/2008 10:46 PM 13,529,088 nvcpl.dll
    05/02/2008 10:46 PM 420,384 nvcpl.cpl
    05/02/2008 10:46 PM 121,529 nvcpl.chm
    05/02/2008 10:46 PM 147,456 nvcolor.exe
    05/02/2008 10:46 PM 41,984 nvcodins.dll
    05/02/2008 10:46 PM 41,984 nvcod.dll
    05/02/2008 10:46 PM 45,056 nvmccsrs.dll
    05/02/2008 10:46 PM 442,368 nvappbar.exe
    05/02/2008 10:46 PM 425,984 nvapi.dll
    05/02/2008 10:46 PM 6,108,160 nv4_disp.dll
    05/02/2008 10:46 PM 116,384 nv3d.chm
    05/02/2008 10:46 PM 8,769,536 nvoglnt.dll
    05/02/2008 10:46 PM 466,944 nvshell.dll
    05/02/2008 10:46 PM 159,812 nvsvc32.exe
    05/02/2008 10:46 PM 73,728 nvtuicpl.cpl
    05/02/2008 10:46 PM 442,368 nvudisp.exe
    05/02/2008 10:46 PM 3,776,512 nvvitvs.dll
    05/02/2008 10:46 PM 81,920 nvwddi.dll
    05/02/2008 10:46 PM 1,703,936 nvwdmcpl.dll
    05/02/2008 10:46 PM 1,019,904 nvwimg.dll
    05/02/2008 10:46 PM 1,630,208 nwiz.exe
    05/02/2008 10:46 PM 425,984 keystone.exe
    05/02/2008 10:46 PM 229,376 nvmccs.dll
    05/02/2008 10:46 PM 1,257,472 nvmobls.dll
    05/02/2008 10:46 PM 86,016 nvmctray.dll
    05/02/2008 10:46 PM 286,720 nvnt4cpl.dll
    05/02/2008 10:46 PM 54,988 nvmob.chm
    05/02/2008 10:46 PM 2,629,632 nvwss.dll
    05/02/2008 10:46 PM 188,416 nvmccss.dll
    04/30/2008 05:27 PM 442,368 NVUNINST.EXE
    04/29/2008 05:40 PM 83,496 SilSupp.cpl
    04/23/2008 10:45 AM 28,672 setupold.exe
    04/23/2008 10:45 AM 3,038 presetup.cmd
    04/23/2008 10:36 AM 52,224 dmutil.dll
    04/23/2008 10:36 AM 47,616 iyuv_32.dll
    04/23/2008 10:36 AM 16,896 msyuv.dll
    04/23/2008 10:36 AM 20,992 hid.dll
    04/23/2008 10:36 AM 52,736 wzcsapi.dll
    04/23/2008 10:36 AM 483,840 wzcsvc.dll
    04/23/2008 10:36 AM 35,328 pid.dll
    04/23/2008 10:36 AM 294,912 msh263.drv
    04/23/2008 10:36 AM 2,023,936 ntkrnlpa.exe
    04/23/2008 10:35 AM 8,192 tsbyuv.dll
    04/23/2008 10:35 AM 157,696 paqsp.dll
    04/23/2008 10:35 AM 147,968 mdwmdmsp.dll
    04/23/2008 10:35 AM 41,019 usrsvpia.dll
    04/23/2008 10:35 AM 49,211 usrsdpia.dll
    04/23/2008 10:35 AM 77,883 usrrtosa.dll
    04/23/2008 10:35 AM 49,211 usrvpa.dll
    04/23/2008 10:35 AM 45,116 usrvoica.dll
    04/23/2008 10:35 AM 102,457 usrv42a.dll
    04/23/2008 10:35 AM 69,632 spnike.dll
    04/23/2008 10:35 AM 70,656 sprio600.dll
    04/23/2008 10:35 AM 72,192 sprio800.dll
    04/23/2008 10:35 AM 61,508 usrprbda.exe
    04/23/2008 10:35 AM 8,192 streamci.dll
    04/23/2008 10:35 AM 49,209 usrv80a.dll
    04/23/2008 10:35 AM 77,891 usrmlnka.exe
    04/23/2008 10:35 AM 55,296 dvdplay.exe
    04/23/2008 10:35 AM 69,700 usrshuta.exe
    04/23/2008 10:35 AM 61,500 usrcntra.dll
    04/23/2008 10:35 AM 69,699 usrcoina.dll
    04/23/2008 10:35 AM 77,890 usrdpa.dll
    04/23/2008 10:35 AM 53,305 usrlbva.dll
    04/23/2008 10:35 AM 323,641 usrdtea.dll
    04/23/2008 10:35 AM 86,073 usrfaxa.dll
    04/23/2008 10:32 AM 140,288 sfc_os.dll
    04/23/2008 10:32 AM 990,208 syssetup.dll
    04/23/2008 10:32 AM 66,384 normnfkc.nls
    04/23/2008 10:32 AM 39,284 normnfd.nls
    04/23/2008 10:32 AM 45,794 normnfc.nls
    04/23/2008 10:32 AM 60,294 normnfkd.nls
    04/23/2008 10:32 AM 59,342 normidna.nls
    04/23/2008 10:32 AM 23,552 normaliz.dll
    04/23/2008 10:32 AM 180,736 ieui.dll
    04/23/2008 10:32 AM 24,576 nlsdl.dll
    04/23/2008 10:32 AM 2,455,488 ieapfltr.dat
    04/23/2008 10:32 AM 26,112 idndl.dll
    04/23/2008 10:32 AM 121,856 xmllite.dll
    04/23/2008 10:31 AM 1,497,088 shdocvw.dll
    04/23/2008 10:31 AM 474,112 shlwapi.dll
    04/23/2008 10:31 AM 66,560 tdc.ocx
    04/23/2008 10:31 AM 156,160 msls31.dll
    04/23/2008 10:31 AM 48,128 mshtmler.dll
    04/23/2008 10:31 AM 1,383,424 mshtml.tlb
    04/23/2008 10:31 AM 40,960 licmgr10.dll
    04/23/2008 10:31 AM 45,568 mshta.exe
    04/23/2008 10:31 AM 56,695 ieuinit.inf
    04/23/2008 10:31 AM 78,336 ieencode.dll
    04/23/2008 10:31 AM 55,296 iesetup.dll
    04/23/2008 10:31 AM 191,488 iepeers.dll
    04/23/2008 10:31 AM 443,904 html.iec
    04/23/2008 10:31 AM 17,408 corpol.dll
    04/23/2008 10:31 AM 1,022,976 browseui.dll
    04/23/2008 10:31 AM 71,680 admparse.dll
    04/23/2008 10:31 AM 16,384 lcid.exe
    04/23/2008 10:31 AM 176,640 taskmgr.exe
    04/23/2008 10:30 AM 81,768 xinput1_3.dll
    04/23/2008 10:30 AM 62,744 xinput1_2.dll
    04/23/2008 10:30 AM 62,672 xinput1_1.dll
    04/23/2008 10:30 AM 267,272 xactengine2_10.dll
    04/23/2008 10:30 AM 267,112 xactengine2_9.dll
    04/23/2008 10:30 AM 61,136 xinput9_1_0.dll
    04/23/2008 10:30 AM 238,088 xactengine3_0.dll
    04/23/2008 10:30 AM 261,480 xactengine2_7.dll
    04/23/2008 10:30 AM 255,848 xactengine2_6.dll
    04/23/2008 10:30 AM 251,672 xactengine2_5.dll
    04/23/2008 10:30 AM 266,088 xactengine2_8.dll
    04/23/2008 10:30 AM 229,584 xactengine2_1.dll
    04/23/2008 10:30 AM 230,168 xactengine2_2.dll
    04/23/2008 10:30 AM 236,824 xactengine2_3.dll
    04/23/2008 10:30 AM 237,848 xactengine2_4.dll
    04/23/2008 10:30 AM 479,752 XAudio2_0.dll
    04/23/2008 10:30 AM 230,096 xactengine2_0.dll
    04/23/2008 10:30 AM 25,608 X3DAudio1_3.dll
    04/23/2008 10:30 AM 15,128 x3daudio1_1.dll
    04/23/2008 10:30 AM 17,928 X3DAudio1_2.dll
    04/23/2008 10:30 AM 1,420,824 D3DCompiler_37.dll
    04/23/2008 10:30 AM 14,032 x3daudio1_0.dll
    04/23/2008 10:30 AM 1,374,232 D3DCompiler_36.dll
    04/23/2008 10:30 AM 1,358,192 D3DCompiler_35.dll
    04/23/2008 10:30 AM 1,124,720 D3DCompiler_34.dll
    04/23/2008 10:30 AM 1,123,696 D3DCompiler_33.dll
    04/23/2008 10:30 AM 462,864 d3dx10_37.dll
    04/23/2008 10:30 AM 444,776 d3dx10_35.dll
    04/23/2008 10:30 AM 444,776 d3dx10_36.dll
    04/23/2008 10:30 AM 443,752 d3dx10_33.dll
    04/23/2008 10:30 AM 443,752 d3dx10_34.dll
    04/23/2008 10:30 AM 3,786,760 D3DX9_37.dll
    04/23/2008 10:30 AM 3,734,536 d3dx9_36.dll
    04/23/2008 10:30 AM 3,727,720 d3dx9_35.dll
    04/23/2008 10:30 AM 3,497,832 d3dx9_34.dll
    04/23/2008 10:30 AM 3,495,784 d3dx9_33.dll
    04/23/2008 10:30 AM 3,426,072 d3dx9_32.dll
    04/23/2008 10:29 AM 2,414,360 d3dx9_31.dll
    04/23/2008 10:29 AM 2,388,176 d3dx9_30.dll
    04/23/2008 10:29 AM 2,332,368 d3dx9_29.dll
    04/23/2008 10:29 AM 2,323,664 d3dx9_28.dll
    04/23/2008 10:29 AM 2,319,568 d3dx9_27.dll
    04/23/2008 10:29 AM 2,297,552 d3dx9_26.dll
    04/23/2008 10:29 AM 2,337,488 d3dx9_25.dll
    04/23/2008 10:29 AM 2,222,800 d3dx9_24.dll
    04/23/2008 10:29 AM 336,768 WgaTray.exe
    04/23/2008 10:29 AM 236,928 WgaLogon.dll
    04/23/2008 10:29 AM 394,240 HMTCD.dll
    04/23/2008 10:29 AM 114,688 cabarc.exe
    04/23/2008 10:29 AM 61,440 CopyToSendTo.dll
    04/23/2008 10:26 AM 200 nlite.cmd
    04/23/2008 01:58 AM 2,306,560 ntoskrnl.exe
    04/22/2008 03:03 PM 10,307,584 winntbbu.dll
    04/20/2008 05:31 PM 714,752 sysdm.cpl
    04/20/2008 02:47 PM 12,171,776 shell32.dll
    04/19/2008 01:28 PM 6,147,584 logonui.exe
    04/14/2008 10:42 AM 23,552 wdmaud.drv
    04/14/2008 10:42 AM 129,536 ksproxy.ax
    04/14/2008 10:42 AM 159,232 ptpusd.dll
    04/14/2008 10:41 AM 4,096 ksuser.dll
    04/14/2008 06:55 AM 1,804 Dcache.bin
    04/14/2008 06:46 AM 329,728 netsetup.exe
    04/14/2008 06:43 AM 92,424 rdpdd.dll
    04/14/2008 06:43 AM 87,176 rdpwsx.dll
    04/14/2008 06:43 AM 12,168 tsddd.dll
    04/14/2008 06:43 AM 299,520 drmclien.dll
    04/14/2008 06:42 AM 146,432 winspool.drv
    04/14/2008 06:42 AM 33,280 kmddsp.tsp
    04/14/2008 06:42 AM 17,408 ipconf.tsp
    04/14/2008 06:42 AM 206,848 unimdm.tsp
    04/14/2008 06:42 AM 76,800 remotesp.tsp
    04/14/2008 06:42 AM 265,728 h323.tsp
    04/14/2008 06:42 AM 56,832 ndptsp.tsp
    04/14/2008 06:42 AM 29,696 hidphone.tsp
    04/14/2008 06:42 AM 278,559 wmv8ds32.ax
    04/14/2008 06:42 AM 69,632 msscds32.ax
    04/14/2008 06:42 AM 258,048 wmvds32.ax
    04/14/2008 06:42 AM 221,184 msadds32.ax
    04/14/2008 06:42 AM 29,696 format.com
    04/14/2008 06:42 AM 262,144 mpg4ds32.ax
    04/14/2008 06:42 AM 154,624 ivfsrc.ax
    04/14/2008 06:42 AM 12,800 tree.com
    04/14/2008 06:42 AM 9,216 scrnsave.scr
    04/14/2008 06:42 AM 239,616 wstrenderer.ax
    04/14/2008 06:42 AM 148,992 mpg2splt.ax
    04/14/2008 06:42 AM 118,272 mpeg2data.ax
    04/14/2008 06:42 AM 164,352 wstpager.ax
    04/14/2008 06:42 AM 16,896 more.com
    04/14/2008 06:42 AM 30,208 vbisurf.ax
    04/14/2008 06:42 AM 848,384 ir41_32.ax
    04/14/2008 06:42 AM 199,680 iac25_32.ax
    04/14/2008 06:42 AM 53,248 vbicodec.ax
    04/14/2008 06:42 AM 5,632 winver.exe
    04/14/2008 06:42 AM 155,136 hdwwiz.cpl
    04/14/2008 06:42 AM 114,688 powercfg.cpl
    04/14/2008 06:42 AM 380,416 irprops.cpl
    04/14/2008 06:42 AM 135,168 desk.cpl
    04/14/2008 06:42 AM 129,536 intl.cpl
    04/14/2008 06:42 AM 110,592 bthprops.cpl
    04/14/2008 06:42 AM 30,720 xcopy.exe
    04/14/2008 06:42 AM 257,024 nusrmgr.cpl
    04/14/2008 06:42 AM 80,896 firewall.cpl
    04/14/2008 06:42 AM 32,256 wpabaln.exe
    04/14/2008 06:42 AM 11,264 wpnpinst.exe
    04/14/2008 06:42 AM 148,480 wscui.cpl
    04/14/2008 06:42 AM 25,600 netsetup.cpl
    04/14/2008 06:42 AM 68,608 access.cpl
    04/14/2008 06:42 AM 68,608 joy.cpl
    04/14/2008 06:42 AM 618,496 mmsys.cpl
    04/14/2008 06:42 AM 111,104 wuauclt.exe.wusetup.238656.bak
    04/14/2008 06:42 AM 165,888 wuauclt1.exe
    04/14/2008 06:42 AM 162,304 wuaucpl.cpl.wusetup.238796.bak
    04/14/2008 06:42 AM 549,888 appwiz.cpl
    04/14/2008 06:42 AM 94,208 timedate.cpl
    04/14/2008 06:42 AM 32,768 odbccp32.cpl
    04/14/2008 06:42 AM 13,824 wscntfy.exe
    04/14/2008 06:42 AM 26,112 userinit.exe
    04/14/2008 06:42 AM 50,176 utilman.exe
    04/14/2008 06:42 AM 433,664 wiaacmgr.exe
    04/14/2008 06:42 AM 28,672 verclsid.exe
    04/14/2008 06:42 AM 507,904 winlogon.exe
    04/14/2008 06:42 AM 12,288 tracert.exe
    04/14/2008 06:42 AM 289,792 vssvc.exe
    04/14/2008 06:42 AM 18,432 ups.exe
    04/14/2008 06:42 AM 259,584 tracerpt.exe
    04/14/2008 06:42 AM 73,216 tlntsvr.exe
    04/14/2008 06:42 AM 16,896 upnpcont.exe
    04/14/2008 06:42 AM 65,024 wextract.exe
    04/14/2008 06:42 AM 75,776 telnet.exe
    04/14/2008 06:42 AM 57,856 spoolsv.exe
    04/14/2008 06:42 AM 78,336 tlntsess.exe
    04/14/2008 06:42 AM 71,680 systeminfo.exe
    04/14/2008 06:42 AM 24,576 sort.exe
    04/14/2008 06:42 AM 50,688 smss.exe
    04/14/2008 06:42 AM 14,336 svchost.exe
    04/14/2008 06:42 AM 61,440 tlntadmn.exe
    04/14/2008 06:42 AM 76,288 taskkill.exe
    04/14/2008 06:42 AM 77,824 tasklist.exe
    04/14/2008 06:42 AM 14,848 stimon.exe
    04/14/2008 06:42 AM 106,496 sysocmgr.exe
    04/14/2008 06:42 AM 11,264 spnpinst.exe
    04/14/2008 06:42 AM 8,192 smbinst.exe
    04/14/2008 06:42 AM 26,112 skeys.exe
    04/14/2008 06:42 AM 121,856 schtasks.exe
    04/14/2008 06:42 AM 70,144 sigverif.exe
    04/14/2008 06:42 AM 32,768 setupn.exe
    04/14/2008 06:42 AM 23,040 setup.exe
    04/14/2008 06:42 AM 45,056 shmgrate.exe
    04/14/2008 06:42 AM 77,312 sdbinst.exe
    04/14/2008 06:42 AM 18,944 secedit.exe
    04/14/2008 06:42 AM 19,456 shutdown.exe
    04/14/2008 06:42 AM 31,232 sethc.exe
    04/14/2008 06:42 AM 77,824 shrpubw.exe
    04/14/2008 06:42 AM 108,544 services.exe
    04/14/2008 06:42 AM 141,312 sessmgr.exe
    04/14/2008 06:42 AM 89,600 smlogsvc.exe
    04/14/2008 06:42 AM 67,072 rdshost.exe
    04/14/2008 06:42 AM 13,824 rdsaddin.exe
    04/14/2008 06:42 AM 9,216 proxycfg.exe
    04/14/2008 06:42 AM 14,336 runonce.exe
    04/14/2008 06:42 AM 62,976 rdpclip.exe
    04/14/2008 06:42 AM 95,744 scardsvr.exe
    04/14/2008 06:42 AM 21,504 rcp.exe
    04/14/2008 06:42 AM 50,176 proquota.exe
    04/14/2008 06:42 AM 33,280 rundll32.exe
    04/14/2008 06:42 AM 35,840 rcimlby.exe
    04/14/2008 06:42 AM 56,832 rasphone.exe
    04/14/2008 06:42 AM 19,968 qprocess.exe
    04/14/2008 06:42 AM 50,176 reg.exe
    04/14/2008 06:42 AM 13,312 savedump.exe
    04/14/2008 06:42 AM 11,776 regsvr32.exe
    04/14/2008 06:42 AM 13,824 rexec.exe
    04/14/2008 06:42 AM 14,848 rsh.exe
    04/14/2008 06:42 AM 107,520 rsnotify.exe
    04/14/2008 06:42 AM 15,872 perfmon.exe
    04/14/2008 06:42 AM 49,152 powercfg.exe
    04/14/2008 06:42 AM 67,584 openfiles.exe
    04/14/2008 06:42 AM 32,768 odbcad32.exe
    04/14/2008 06:42 AM 58,368 packager.exe
    04/14/2008 06:42 AM 215,552 osk.exe
    04/14/2008 06:42 AM 420,864 ntvdm.exe
    04/14/2008 06:42 AM 17,920 ping.exe
    04/14/2008 06:42 AM 69,632 odbcconf.exe
    04/14/2008 06:42 AM 109,568 progman.exe
    04/14/2008 06:42 AM 1,200,640 ntbackup.exe
    04/14/2008 06:42 AM 111,104 netdde.exe
    04/14/2008 06:42 AM 12,288 mstinit.exe
    04/14/2008 06:42 AM 124,928 net1.exe
    04/14/2008 06:42 AM 176,640 napstat.exe
    04/14/2008 06:42 AM 42,496 net.exe
    04/14/2008 06:42 AM 343,040 mspaint.exe
    04/14/2008 06:42 AM 78,848 msiexec.exe
    04/14/2008 06:42 AM 76,800 nslookup.exe
    04/14/2008 06:42 AM 4,096 nddeapir.exe
    04/14/2008 06:42 AM 69,120 notepad.exe
    04/14/2008 06:42 AM 53,760 narrator.exe
    04/14/2008 06:42 AM 36,864 netstat.exe
    04/14/2008 06:42 AM 86,016 netsh.exe
    04/14/2008 06:42 AM 4,608 mqsvc.exe
    04/14/2008 06:42 AM 143,360 mobsync.exe
    04/14/2008 06:42 AM 19,968 mqbkup.exe
    04/14/2008 06:42 AM 123,392 mplay32.exe
    04/14/2008 06:42 AM 6,144 msdtc.exe
    04/14/2008 06:42 AM 117,248 mqtgsvc.exe
    04/14/2008 06:42 AM 33,792 mmcperf.exe
    04/14/2008 06:42 AM 59,392 logman.exe
    04/14/2008 06:42 AM 1,414,656 mmc.exe
    04/14/2008 06:42 AM 57,344 makecab.exe
    04/14/2008 06:42 AM 75,264 locator.exe
    04/14/2008 06:42 AM 72,704 magnify.exe
    04/14/2008 06:42 AM 13,312 lsass.exe
    04/14/2008 06:42 AM 55,808 ipconfig.exe
    04/14/2008 06:42 AM 23,552 ipxroute.exe
    04/14/2008 06:42 AM 150,528 imapi.exe
    04/14/2008 06:42 AM 53,248 ipv6.exe
    04/14/2008 06:42 AM 114,688 iexpress.exe
    04/14/2008 06:42 AM 677,888 mstsc.exe
    04/14/2008 06:42 AM 39,424 grpconv.exe
    04/14/2008 06:42 AM 42,496 ftp.exe
    04/14/2008 06:42 AM 7,680 forcedos.exe
    04/14/2008 06:42 AM 193,024 fsquirt.exe
    04/14/2008 06:42 AM 59,904 getmac.exe
    04/14/2008 06:42 AM 27,136 findstr.exe
    04/14/2008 06:42 AM 23,040 fltMc.exe
    04/14/2008 06:42 AM 15,872 help.exe
    04/14/2008 06:42 AM 120,832 gpresult.exe
    04/14/2008 06:42 AM 20,992 fontview.exe
    04/14/2008 06:42 AM 82,944 eventtriggers.exe
    04/14/2008 06:42 AM 10,752 dumprep.exe
    04/14/2008 06:42 AM 193,024 eudcedit.exe
    04/14/2008 06:42 AM 1,298,432 dxdiag.exe
    04/14/2008 06:42 AM 24,064 extrac32.exe
    04/14/2008 06:42 AM 50,688 eventcreate.exe
    04/14/2008 06:42 AM 83,456 dpvsetup.exe
    04/14/2008 06:42 AM 62,976 driverquery.exe
    04/14/2008 06:42 AM 180,224 dwwin.exe
    04/14/2008 06:42 AM 17,920 dvdupgrd.exe
    04/14/2008 06:42 AM 163,840 diskpart.exe
    04/14/2008 06:42 AM 6,144 dcomcnfg.exe
    04/14/2008 06:42 AM 25,088 defrag.exe
    04/14/2008 06:42 AM 29,696 dplaysvr.exe
    04/14/2008 06:42 AM 17,920 dpnsvr.exe
    04/14/2008 06:42 AM 224,768 dmadmin.exe
    04/14/2008 06:42 AM 87,040 diantz.exe
    04/14/2008 06:42 AM 30,208 ddeshare.exe
    04/14/2008 06:42 AM 15,872 dmremote.exe
    04/14/2008 06:42 AM 5,120 dllhost.exe
    04/14/2008 06:42 AM 105,472 dfrgntfs.exe
    04/14/2008 06:42 AM 15,360 ctfmon.exe
    04/14/2008 06:42 AM 82,944 dfrgfat.exe
    04/14/2008 06:42 AM 64,000 cleanmgr.exe
    04/14/2008 06:42 AM 25,600 cmdl32.exe
    04/14/2008 06:42 AM 6,144 csrss.exe
    04/14/2008 06:42 AM 39,936 cmmon32.exe
    04/14/2008 06:42 AM 20,480 cliconfg.exe
    04/14/2008 06:42 AM 33,280 clipsrv.exe
    04/14/2008 06:42 AM 389,120 cmd.exe
    04/14/2008 06:42 AM 56,832 cipher.exe
    04/14/2008 06:42 AM 63,488 cmstp.exe
    04/14/2008 06:42 AM 5,632 cisvc.exe
    04/14/2008 06:42 AM 102,912 clipbrd.exe
    04/14/2008 06:42 AM 27,648 conime.exe
    04/14/2008 06:42 AM 98,304 ahui.exe
    04/14/2008 06:42 AM 4,096 actmovie.exe
    04/14/2008 06:42 AM 44,544 alg.exe
    04/14/2008 06:42 AM 32,768 asr_pfu.exe
    04/14/2008 06:42 AM 14,336 auditusr.exe
    04/14/2008 06:42 AM 12,288 attrib.exe
    04/14/2008 06:42 AM 19,968 cacls.exe
    04/14/2008 06:42 AM 588,800 autochk.exe
    04/14/2008 06:42 AM 580,608 autofmt.exe
    04/14/2008 06:42 AM 602,624 autoconv.exe
    04/14/2008 06:42 AM 142,848 bootcfg.exe
    04/14/2008 06:42 AM 71,680 blastcln.exe
    04/14/2008 06:42 AM 30,208 asr_fmt.exe
    04/14/2008 06:42 AM 11,264 autolfn.exe
    04/14/2008 06:42 AM 11,264 atmadm.exe
    04/14/2008 06:42 AM 25,088 at.exe
    04/14/2008 06:42 AM 91,648 xactsrv.dll
    04/14/2008 06:42 AM 383,488 wzcdlg.dll
    04/14/2008 06:42 AM 6,656 wuauserv.dll
    04/14/2008 06:42 AM 183,296 wuaueng1.dll
    04/14/2008 06:42 AM 338,432 zipfldr.dll
    04/14/2008 06:42 AM 50,176 xmlprovi.dll
    04/14/2008 06:42 AM 11,776 xolehlp.dll
    04/14/2008 06:42 AM 1,135,616 wuaueng.dll.wusetup.238859.bak
    04/14/2008 06:42 AM 184,320 accwiz.exe
    04/14/2008 06:42 AM 430,592 wuapi.dll.wusetup.238593.bak
    04/14/2008 06:42 AM 18,432 wtsapi32.dll
    04/14/2008 06:42 AM 50,688 wstdecod.dll
    04/14/2008 06:42 AM 22,528 wsock32.dll
    04/14/2008 06:42 AM 41,984 wsnmp32.dll
    04/14/2008 06:42 AM 19,456 wshtcpip.dll
    04/14/2008 06:42 AM 303,616 wmstream.dll
    04/14/2008 06:42 AM 264,192 wow32.dll
    04/14/2008 06:42 AM 11,264 WshRm.dll
    04/14/2008 06:42 AM 14,336 wship6.dll
    04/14/2008 06:42 AM 36,864 wshcon.dll
    04/14/2008 06:42 AM 108,032 wshbth.dll
    04/14/2008 06:42 AM 604,160 wsecedit.dll
    04/14/2008 06:42 AM 80,896 wscsvc.dll
    04/14/2008 06:42 AM 82,432 ws2_32.dll
    04/14/2008 06:42 AM 129,024 xmlprov.dll
    04/14/2008 06:42 AM 19,968 ws2help.dll
    04/14/2008 06:42 AM 589,312 wiashext.dll
    04/14/2008 06:42 AM 115,200 wmsdmoe.dll
    04/14/2008 06:42 AM 20,480 wmpui.dll
    04/14/2008 06:42 AM 221,184 wmpns.dll
    04/14/2008 06:42 AM 276,992 wmphoto.dll
    04/14/2008 06:42 AM 20,480 wmpcore.dll
    04/14/2008 06:42 AM 20,480 wmpcd.dll
    04/14/2008 06:42 AM 92,672 wlnotify.dll
    04/14/2008 06:42 AM 172,032 wldap32.dll
    04/14/2008 06:42 AM 69,120 wlanapi.dll
    04/14/2008 06:42 AM 132,096 wkssvc.dll
    04/14/2008 06:42 AM 176,640 wintrust.dll
    04/14/2008 06:42 AM 53,760 winsta.dll
    04/14/2008 06:42 AM 293,376 winsrv.dll
    04/14/2008 06:42 AM 133,632 upnp.dll
    04/14/2008 06:42 AM 185,856 upnphost.dll
    04/14/2008 06:42 AM 239,616 upnpui.dll
    04/14/2008 06:42 AM 16,896 usbmon.dll
    04/14/2008 06:42 AM 74,240 usbui.dll
    04/14/2008 06:42 AM 578,560 user32.dll
    04/14/2008 06:42 AM 727,040 userenv.dll
    04/14/2008 06:42 AM 406,016 usp10.dll
    04/14/2008 06:42 AM 17,408 winshfhc.dll
    04/14/2008 06:42 AM 99,328 winscard.dll
    04/14/2008 06:42 AM 16,896 winrnr.dll
    04/14/2008 06:42 AM 30,749 vbajet32.dll
    04/14/2008 06:42 AM 26,112 vdmdbg.dll
    04/14/2008 06:42 AM 51,712 vdmredir.dll
    04/14/2008 06:42 AM 26,624 verifier.dll
    04/14/2008 06:42 AM 18,944 version.dll
    04/14/2008 06:42 AM 430,592 vssapi.dll
    04/14/2008 06:42 AM 175,104 w32time.dll
    04/14/2008 06:42 AM 176,128 winmm.dll
    04/14/2008 06:42 AM 215,552 wavemsp.dll
    04/14/2008 06:42 AM 32,256 winipsec.dll
    04/14/2008 06:42 AM 354,304 winhttp.dll
    04/14/2008 06:42 AM 49,152 wdigest.dll
    04/14/2008 06:42 AM 68,096 webclnt.dll
    04/14/2008 06:42 AM 135,680 webvw.dll
    04/14/2008 06:42 AM 463,360 wiadefui.dll
    04/14/2008 06:42 AM 124,416 wiadss.dll
    04/14/2008 06:42 AM 346,112 windowscodecsext.dll
    04/14/2008 06:42 AM 712,704 windowscodecs.dll
    04/14/2008 06:42 AM 75,776 wiascr.dll
    04/14/2008 06:42 AM 102,400 win32spl.dll
    04/14/2008 06:42 AM 111,104 wiavideo.dll
    04/14/2008 06:42 AM 333,824 wiaservc.dll
    04/14/2008 06:42 AM 15,872 w3ssl.dll
    04/14/2008 06:42 AM 117,760 t2embed.dll
    04/14/2008 06:42 AM 858,624 tapi3.dll
    04/14/2008 06:42 AM 181,760 tapi32.dll
    04/14/2008 06:42 AM 249,856 tapisrv.dll
    04/14/2008 06:42 AM 14,848 tcpmib.dll
    04/14/2008 06:42 AM 191,488 syncui.dll
    04/14/2008 06:42 AM 45,568 tcpmon.dll
    04/14/2008 06:42 AM 45,568 tcpmonui.dll
    04/14/2008 06:42 AM 57,856 synceng.dll
    04/14/2008 06:42 AM 713,216 sxs.dll
    04/14/2008 06:42 AM 358,400 termmgr.dll
    04/14/2008 06:42 AM 75,776 strmfilt.dll
    04/14/2008 06:42 AM 295,424 termsrv.dll
    04/14/2008 06:42 AM 385,536 themeui.dll
    04/14/2008 06:42 AM 246,814 strmdll.dll
    04/14/2008 06:42 AM 316,416 untfs.dll
    04/14/2008 06:42 AM 74,752 storprop.dll
    04/14/2008 06:42 AM 13,824 uniplat.dll
    04/14/2008 06:42 AM 74,240 unimdmat.dll
    04/14/2008 06:42 AM 123,392 umpnpmgr.dll
    04/14/2008 06:42 AM 121,856 stobject.dll
    04/14/2008 06:42 AM 25,088 slayerxp.dll
    04/14/2008 06:42 AM 136,704 sti_ci.dll
    04/14/2008 06:42 AM 35,840 umandlg.dll
    04/14/2008 06:42 AM 275,456 ulib.dll
    04/14/2008 06:42 AM 98,304 slbiop.dll
    04/14/2008 06:42 AM 7,168 tlntsvrp.dll
    04/14/2008 06:42 AM 26,624 udhisapi.dll
    04/14/2008 06:42 AM 68,096 sti.dll
    04/14/2008 06:42 AM 362,496 smlogcfg.dll
    04/14/2008 06:42 AM 59,392 stclient.dll
    04/14/2008 06:42 AM 101,376 txflog.dll
    04/14/2008 06:42 AM 57,856 twext.dll
    04/14/2008 06:42 AM 71,680 ssdpsrv.dll
    04/14/2008 06:42 AM 34,816 ssdpapi.dll
    04/14/2008 06:42 AM 96,768 srvsvc.dll
    04/14/2008 06:42 AM 171,008 srsvc.dll
    04/14/2008 06:42 AM 239,104 srrstr.dll
    04/14/2008 06:42 AM 67,584 srclient.dll
    04/14/2008 06:42 AM 180,800 sqlunirl.dll
    04/14/2008 06:42 AM 442,368 sqlsrv32.dll
    04/14/2008 06:42 AM 50,688 tspkg.dll
    04/14/2008 06:42 AM 53,248 tsgqec.dll
    04/14/2008 06:42 AM 75,264 spoolss.dll
    04/14/2008 06:42 AM 93,696 tscfgwmi.dll
    04/14/2008 06:42 AM 90,112 trkwks.dll
    04/14/2008 06:42 AM 182,272 snmpsnap.dll
    04/14/2008 06:42 AM 18,944 snmpapi.dll
    04/14/2008 06:42 AM 399,360 rpcss.dll
    04/14/2008 06:42 AM 18,944 rsmps.dll
    04/14/2008 06:42 AM 584,704 rpcrt4.dll
    04/14/2008 06:42 AM 92,672 rsvpsp.dll
    04/14/2008 06:42 AM 31,744 rtipxmib.dll
    04/14/2008 06:42 AM 433,664 riched20.dll
    04/14/2008 06:42 AM 44,032 rtutils.dll
    04/14/2008 06:42 AM 290,304 rhttpaa.dll
    04/14/2008 06:42 AM 58,880 resutils.dll
    04/14/2008 06:42 AM 60,416 remotepg.dll
    04/14/2008 06:42 AM 397,824 regwizc.dll
    04/14/2008 06:42 AM 43,520 safrcdlg.dll
    04/14/2008 06:42 AM 29,696 safrdm.dll
    04/14/2008 06:42 AM 13,312 sigtab.dll
    04/14/2008 06:42 AM 45,568 safrslv.dll
    04/14/2008 06:42 AM 135,168 shsvcs.dll
    04/14/2008 06:42 AM 27,648 shscrap.dll
    04/14/2008 06:42 AM 64,000 samlib.dll
    04/14/2008 06:42 AM 415,744 samsrv.dll
    04/14/2008 06:42 AM 59,904 regsvc.dll
    04/14/2008 06:42 AM 152,064 shmedia.dll
    04/14/2008 06:42 AM 49,664 regapi.dll
    04/14/2008 06:42 AM 19,968 rdpsnd.dll
    04/14/2008 06:42 AM 438,272 shimgvw.dll
    04/14/2008 06:42 AM 270,848 sbe.dll
    04/14/2008 06:42 AM 65,024 shimeng.dll
    04/14/2008 06:42 AM 68,096 shgina.dll
    04/14/2008 06:42 AM 159,232 sbeio.dll
    04/14/2008 06:42 AM 25,088 shfolder.dll
    04/14/2008 06:42 AM 69,632 scarddlg.dll
    04/14/2008 06:42 AM 171,008 sccsccp.dll
    04/14/2008 06:42 AM 181,248 scecli.dll
    04/14/2008 06:42 AM 1,614,848 sfcfiles.dll
    04/14/2008 06:42 AM 314,880 scesrv.dll
    04/14/2008 06:42 AM 144,384 schannel.dll
    04/14/2008 06:42 AM 5,120 sfc.dll
    04/14/2008 06:42 AM 192,512 schedsvc.dll
    04/14/2008 06:42 AM 20,480 sclgntfy.dll
    04/14/2008 06:42 AM 29,184 sdhcinst.dll
    04/14/2008 06:42 AM 39,936 rshx32.dll
    04/14/2008 06:42 AM 18,944 seclogon.dll
    04/14/2008 06:42 AM 56,320 secur32.dll
    04/14/2008 06:42 AM 985,088 setupapi.dll
    04/14/2008 06:42 AM 5,632 security.dll
    04/14/2008 06:42 AM 29,184 sendcmsg.dll
    04/14/2008 06:42 AM 54,784 sendmail.dll
    04/14/2008 06:42 AM 39,424 sens.dll
    04/14/2008 06:42 AM 7,168 sensapi.dll
    04/14/2008 06:42 AM 56,320 servdeps.dll
    04/14/2008 06:42 AM 488,448 ntmsmgr.dll
    04/14/2008 06:42 AM 435,200 ntmssvc.dll
    04/14/2008 06:42 AM 91,136 ntprint.dll
    04/14/2008 06:42 AM 179,200 ntmsdba.dll
    04/14/2008 06:42 AM 40,960 ntmsapi.dll
    04/14/2008 06:42 AM 313,856 p2pgraph.dll
    04/14/2008 06:42 AM 118,784 ntmarta.dll
    04/14/2008 06:42 AM 8,192 ntlsapi.dll
    04/14/2008 06:42 AM 115,712 p2pnetsh.dll
    04/14/2008 06:42 AM 143,360 ntshrui.dll
    04/14/2008 06:42 AM 554,496 p2psvc.dll
    04/14/2008 06:42 AM 15,360 ntvdmd.dll
    04/14/2008 06:42 AM 64,000 nwapi32.dll
    04/14/2008 06:42 AM 44,032 ntlanman.dll
    04/14/2008 06:42 AM 67,072 ntdsapi.dll
    04/14/2008 06:42 AM 67,584 pautoenr.dll
    04/14/2008 06:42 AM 142,336 nwprovau.dll
    04/14/2008 06:42 AM 284,160 pdh.dll
    04/14/2008 06:42 AM 39,936 perfctrs.dll
    04/14/2008 06:42 AM 18,944 qmgrprxy.dll
    04/14/2008 06:42 AM 54,784 npptools.dll
    04/14/2008 06:42 AM 105,472 p2pgasvc.dll
    04/14/2008 06:42 AM 26,624 perfdisk.dll
    04/14/2008 06:42 AM 65,536 nwwks.dll
    04/14/2008 06:42 AM 17,920 perfnet.dll
    04/14/2008 06:42 AM 247,808 newdev.dll
    04/14/2008 06:42 AM 270,336 oakley.dll
    04/14/2008 06:42 AM 245,760 netui1.dll
    04/14/2008 06:42 AM 80,896 netui0.dll
    04/14/2008 06:42 AM 25,088 perfos.dll
    04/14/2008 06:42 AM 1,703,936 netshell.dll
    04/14/2008 06:42 AM 34,816 perfproc.dll
    04/14/2008 06:42 AM 1,435,648 query.dll
    04/14/2008 06:42 AM 153,600 p2p.dll
    04/14/2008 06:42 AM 76,800 qutil.dll
    04/14/2008 06:42 AM 43,520 racpldlg.dll
    04/14/2008 06:42 AM 7,680 rasadhlp.dll
    04/14/2008 06:42 AM 237,056 rasapi32.dll
    04/14/2008 06:42 AM 412,160 photometadatahandler.dll
    04/14/2008 06:42 AM 176,128 photowiz.dll
    04/14/2008 06:42 AM 88,576 rasauto.dll
    04/14/2008 06:42 AM 58,880 pnrpnsp.dll
    04/14/2008 06:42 AM 67,584 osuninst.dll
    04/14/2008 06:42 AM 286,208 objsel.dll
    04/14/2008 06:42 AM 105,472 polstore.dll
    04/14/2008 06:42 AM 713,728 opengl32.dll
    04/14/2008 06:42 AM 409,088 qmgr.dll
    04/14/2008 06:42 AM 79,872 raschap.dll
    04/14/2008 06:42 AM 17,408 powrprof.dll
    04/14/2008 06:42 AM 658,432 rasdlg.dll
    04/14/2008 06:42 AM 560,640 printui.dll
    04/14/2008 06:42 AM 67,584 ocmanage.dll
    04/14/2008 06:42 AM 249,856 odbc32.dll
    04/14/2008 06:42 AM 61,440 rasman.dll
    04/14/2008 06:42 AM 186,368 rasmans.dll
    04/14/2008 06:42 AM 16,384 odbc32gt.dll
    04/14/2008 06:42 AM 144,384 onex.dll
    04/14/2008 06:42 AM 27,648 profmap.dll
    04/14/2008 06:42 AM 84,992 olepro32.dll
    04/14/2008 06:42 AM 210,944 rasppp.dll
    04/14/2008 06:42 AM 61,952 rasqec.dll
    04/14/2008 06:42 AM 16,384 rassapi.dll
    04/14/2008 06:42 AM 58,368 rastapi.dll
    04/14/2008 06:42 AM 23,040 psapi.dll
    04/14/2008 06:42 AM 96,768 psbase.dll
    04/14/2008 06:42 AM 150,016 rastls.dll
    04/14/2008 06:42 AM 102,400 rcbdyctl.dll
    04/14/2008 06:42 AM 43,520 pstorec.dll
    04/14/2008 06:42 AM 34,304 pstorsvc.dll
    04/14/2008 06:42 AM 147,968 rdchost.dll
    04/14/2008 06:42 AM 150,528 qagent.dll
    04/14/2008 06:42 AM 24,576 odbcbcp.dll
    04/14/2008 06:42 AM 291,328 qagentrt.dll
    04/14/2008 06:42 AM 192,512 qcap.dll
    04/14/2008 06:42 AM 62,464 qcliprov.dll
    04/14/2008 06:42 AM 107,008 oleprn.dll
    04/14/2008 06:42 AM 135,168 odbcconf.dll
    04/14/2008 06:42 AM 106,496 odbccp32.dll
    04/14/2008 06:42 AM 122,880 oledlg.dll
    04/14/2008 06:42 AM 65,536 odbccr32.dll
    04/14/2008 06:42 AM 279,040 qdv.dll
    04/14/2008 06:42 AM 65,536 odbccu32.dll
    04/14/2008 06:42 AM 386,048 qdvd.dll
    04/14/2008 06:42 AM 278,559 odbcjt32.dll
    04/14/2008 06:42 AM 147,456 odbctrac.dll
    04/14/2008 06:42 AM 20,511 oddbse32.dll
    04/14/2008 06:42 AM 37,376 olecnv32.dll
    04/14/2008 06:42 AM 20,510 odexl32.dll
    04/14/2008 06:42 AM 562,176 qedit.dll
    04/14/2008 06:42 AM 20,510 odfox32.dll
    04/14/2008 06:42 AM 20,510 odpdx32.dll
    04/14/2008 06:42 AM 20,511 odtext32.dll
    04/14/2008 06:42 AM 192,000 offfilt.dll
    04/14/2008 06:42 AM 1,287,168 ole32.dll
    04/14/2008 06:42 AM 551,936 oleaut32.dll
    04/14/2008 06:42 AM 98,304 nlhtml.dll
    04/14/2008 06:42 AM 74,752 olecli32.dll
    04/14/2008 06:42 AM 413,696 msvcp60.dll
    04/14/2008 06:42 AM 343,040 msvcrt.dll
    04/14/2008 06:42 AM 121,344 msvfw32.dll
    04/14/2008 06:42 AM 1,428,992 msvidctl.dll
    04/14/2008 06:42 AM 57,344 msvcirt.dll
    04/14/2008 06:42 AM 72,704 msw3prt.dll
    04/14/2008 06:42 AM 1,384,479 msvbvm60.dll
    04/14/2008 06:42 AM 203,776 mswebdvd.dll
    04/14/2008 06:42 AM 506,368 msxml.dll
    04/14/2008 06:42 AM 132,608 msv1_0.dll
    04/14/2008 06:42 AM 701,440 msxml2.dll
    04/14/2008 06:42 AM 1,104,896 msxml3.dll
    04/14/2008 06:42 AM 195,072 msutb.dll
    04/14/2008 06:42 AM 116,224 mstlsapi.dll
    04/14/2008 06:42 AM 274,944 mstask.dll
    04/14/2008 06:42 AM 155,136 mssha.dll
    04/14/2008 06:42 AM 1,306,624 msxml6.dll
    04/14/2008 06:42 AM 134,656 mssap.dll
    04/14/2008 06:42 AM 11,264 msrle32.dll
    04/14/2008 06:42 AM 66,560 mtxclu.dll
    04/14/2008 06:42 AM 29,696 mspatcha.dll
    04/14/2008 06:42 AM 143,360 msorcl32.dll
    04/14/2008 06:42 AM 30,720 mtxdm.dll
    04/14/2008 06:42 AM 4,096 mtxex.dll
    04/14/2008 06:42 AM 34,304 mtxlegih.dll
    04/14/2008 06:42 AM 91,648 mtxoci.dll
    04/14/2008 06:42 AM 90,624 mydocs.dll
    04/14/2008 06:42 AM 30,208 napipsec.dll
    04/14/2008 06:42 AM 151,583 msjint40.dll
    04/14/2008 06:42 AM 193,024 napmontr.dll
    04/14/2008 06:42 AM 36,352 ncobjapi.dll
    04/14/2008 06:42 AM 17,920 nddeapi.dll
    04/14/2008 06:42 AM 18,944 nddenb32.dll
    04/14/2008 06:42 AM 622,592 netcfgx.dll
    04/14/2008 06:42 AM 139,264 netid.dll
    04/14/2008 06:42 AM 407,040 netlogon.dll
    04/14/2008 06:42 AM 198,144 netman.dll
    04/14/2008 06:42 AM 875,008 netplwiz.dll
    04/14/2008 06:42 AM 105,984 msoert2.dll
    04/14/2008 06:42 AM 11,776 netrap.dll
    04/14/2008 06:42 AM 252,928 msoeacct.dll
    04/14/2008 06:42 AM 25,088 mslbui.dll
    04/14/2008 06:42 AM 290,816 msnsspc.dll
    04/14/2008 06:42 AM 337,408 netapi32.dll
    04/14/2008 06:42 AM 15,360 msisip.dll
    04/14/2008 06:42 AM 159,232 MSIMTF.dll
    04/14/2008 06:42 AM 4,608 msimg32.dll
    04/14/2008 06:42 AM 271,360 msihnd.dll
    04/14/2008 06:42 AM 248,832 msieftp.dll
    04/14/2008 06:42 AM 6,656 msidle.dll
    04/14/2008 06:42 AM 51,712 msident.dll
    04/14/2008 06:42 AM 2,843,136 msi.dll
    04/14/2008 06:42 AM 33,792 msgsvc.dll
    04/14/2008 06:42 AM 187,392 mqtrig.dll
    04/14/2008 06:42 AM 539,136 msftedit.dll
    04/14/2008 06:42 AM 161,792 msdtcuiu.dll
    04/14/2008 06:42 AM 956,928 msdtctm.dll
    04/14/2008 06:42 AM 427,008 msdtcprx.dll
    04/14/2008 06:42 AM 58,880 msdtclog.dll
    04/14/2008 06:42 AM 14,336 msdmo.dll
    04/14/2008 06:42 AM 151,552 msdart.dll
    04/14/2008 06:42 AM 118,784 msdadiag.dll
    04/14/2008 06:42 AM 68,608 MSCTFP.dll
    04/14/2008 06:42 AM 297,984 MSCTF.dll
    04/14/2008 06:42 AM 36,864 mscpxl32.dLL
    04/14/2008 06:42 AM 57,344 msasn1.dll
    04/14/2008 06:42 AM 86,016 msapsspc.dll
    04/14/2008 06:42 AM 71,680 msacm32.dll
    04/14/2008 06:42 AM 471,552 mqutil.dll
    04/14/2008 06:42 AM 49,152 mqupgrd.dll
    04/14/2008 06:42 AM 517,632 mqsnap.dll
    04/14/2008 06:41 AM 2,061,824 mstscax.dll
    04/14/2008 06:41 AM 95,744 mqsec.dll
    04/14/2008 06:41 AM 123,904 mqrtdep.dll
    04/14/2008 06:41 AM 177,152 mqrt.dll
    04/14/2008 06:41 AM 663,040 mqqm.dll
    04/14/2008 06:41 AM 225,280 mqoa.dll
    04/14/2008 06:41 AM 89,088 mqlogmgr.dll
    04/14/2008 06:41 AM 16,896 mqise.dll
    04/14/2008 06:41 AM 47,616 mqdscli.dll
    04/14/2008 06:41 AM 138,240 mqad.dll
    04/14/2008 06:41 AM 53,248 mprdim.dll
    04/14/2008 06:41 AM 87,040 mprapi.dll
    04/14/2008 06:41 AM 59,904 mpr.dll
    04/14/2008 06:41 AM 153,600 modemui.dll
    04/14/2008 06:41 AM 207,360 mobsync.dll
    04/14/2008 06:41 AM 17,408 mmfutil.dll
    04/14/2008 06:41 AM 61,440 mmcshext.dll
    04/14/2008 06:41 AM 299,520 kerberos.dll
    04/14/2008 06:41 AM 989,696 kernel32.dll
    04/14/2008 06:41 AM 1,872,896 mmcndmgr.dll
    04/14/2008 06:41 AM 106,496 mmcfxcommon.dll
    04/14/2008 06:41 AM 397,312 mmcex.dll
    04/14/2008 06:41 AM 150,528 keymgr.dll
    04/14/2008 06:41 AM 163,328 mmcbase.dll
    04/14/2008 06:41 AM 586,240 mlang.dll
    04/14/2008 06:41 AM 61,440 kmsvc.dll
    04/14/2008 06:41 AM 29,696 mimefilt.dll
    04/14/2008 06:41 AM 60,928 miglibnt.dll
    04/14/2008 06:41 AM 18,944 midimap.dll
    04/14/2008 06:41 AM 184,320 microsoft.managementconsole.dll
    04/14/2008 06:41 AM 37,376 l2gpstore.dll
    04/14/2008 06:41 AM 14,848 mgmtapi.dll
    04/14/2008 06:41 AM 22,528 mfcsubs.dll
    04/14/2008 06:41 AM 1,028,096 mfc42.dll
    04/14/2008 06:41 AM 927,504 mfc40u.dll
    04/14/2008 06:41 AM 40,960 mf3216.dll
    04/14/2008 06:41 AM 118,272 mdminst.dll
    04/14/2008 06:41 AM 23,552 mciwave.dll
    04/14/2008 06:41 AM 23,040 mciseq.dll
    04/14/2008 06:41 AM 35,328 mciqtz32.dll
    04/14/2008 06:41 AM 84,480 mciavi32.dll
    04/14/2008 06:41 AM 14,336 mcastmib.dll
    04/14/2008 06:41 AM 423,936 licdll.dll
    04/14/2008 06:41 AM 728,064 lsasrv.dll
    04/14/2008 06:41 AM 58,880 licwmi.dll
    04/14/2008 06:41 AM 10,240 lprhelp.dll
    04/14/2008 06:41 AM 19,968 linkinfo.dll
    04/14/2008 06:41 AM 13,824 lmhsvc.dll
    04/14/2008 06:41 AM 399,872 lmrt.dll
    04/14/2008 06:41 AM 22,016 lpk.dll
    04/14/2008 06:41 AM 11,776 localui.dll
    04/14/2008 06:41 AM 97,280 loadperf.dll
    04/14/2008 06:41 AM 343,040 localspl.dll
    04/14/2008 06:41 AM 221,696 localsec.dll
    04/14/2008 06:41 AM 110,080 imm32.dll
    04/14/2008 06:41 AM 144,384 imagehlp.dll
    04/14/2008 06:41 AM 27,648 jgpl400.dll
    04/14/2008 06:41 AM 8,192 igmpagnt.dll
    04/14/2008 06:41 AM 135,680 ifmon.dll
    04/14/2008 06:41 AM 274,432 inetcfg.dll
    04/14/2008 06:41 AM 32,768 inetmib1.dll
    04/14/2008 06:41 AM 75,264 inetpp.dll
    04/14/2008 06:41 AM 120,832 idq.dll
    04/14/2008 06:41 AM 15,872 inetppui.dll
    04/14/2008 06:41 AM 163,840 jgdw400.dll
    04/14/2008 06:41 AM 147,456 initpki.dll
    04/14/2008 06:41 AM 65,536 icwphbk.dll
    04/14/2008 06:41 AM 54,272 ixsso.dll
    04/14/2008 06:41 AM 285,184 gdi32.dll
    04/14/2008 06:41 AM 73,728 icwdial.dll
    04/14/2008 06:41 AM 191,488 iuengine.dll
    04/14/2008 06:41 AM 254,976 icm32.dll
    04/14/2008 06:41 AM 138,240 itss.dll
    04/14/2008 06:41 AM 155,136 itircl.dll
    04/14/2008 06:41 AM 80,384 iccvid.dll
    04/14/2008 06:41 AM 81,920 isign32.dll
    04/14/2008 06:41 AM 123,392 input.dll
    04/14/2008 06:41 AM 94,720 iphlpapi.dll
    04/14/2008 06:41 AM 183,808 ir50_qcx.dll
    04/14/2008 06:41 AM 11,264 icaapi.dll
    04/14/2008 06:41 AM 200,192 ir50_qc.dll
    04/14/2008 06:41 AM 161,280 ipmontr.dll
    04/14/2008 06:41 AM 119,808 iasrad.dll
    04/14/2008 06:41 AM 755,200 ir50_32.dll
    04/14/2008 06:41 AM 338,432 ir41_qcx.dll
    04/14/2008 06:41 AM 122,880 glu32.dll
    04/14/2008 06:41 AM 120,320 ir41_qc.dll
    04/14/2008 06:41 AM 22,016 ipxwan.dll
    04/14/2008 06:41 AM 347,136 hypertrm.dll
    04/14/2008 06:41 AM 41,984 htui.dll
    04/14/2008 06:41 AM 199,680 gptext.dll
    04/14/2008 06:41 AM 59,904 ipv6mon.dll
    04/14/2008 06:41 AM 24,576 httpapi.dll
    04/14/2008 06:41 AM 384,000 ipsmsnap.dll
    04/14/2008 06:41 AM 614,912 h323msp.dll
    04/14/2008 06:41 AM 7,168 hccoin.dll
    04/14/2008 06:41 AM 183,808 ipsecsvc.dll
    04/14/2008 06:41 AM 41,472 hhsetup.dll
    04/14/2008 06:41 AM 144,896 hotplug.dll
    04/14/2008 06:41 AM 349,696 ipsecsnp.dll
    04/14/2008 06:41 AM 177,152 iprtrmgr.dll
    04/14/2008 06:41 AM 72,704 hlink.dll
    04/14/2008 06:41 AM 36,921 imeshare.dll
    04/14/2008 06:41 AM 330,752 ippromon.dll
    04/14/2008 06:41 AM 344,064 hnetcfg.dll
    04/14/2008 06:41 AM 331,264 ipnathlp.dll
    04/14/2008 06:41 AM 330,752 hnetwiz.dll
    04/14/2008 06:41 AM 379,904 dhcpmon.dll
    04/14/2008 06:41 AM 126,976 eappcfg.dll
    04/14/2008 06:41 AM 48,640 dhcpqec.dll
    04/14/2008 06:41 AM 68,608 digest.dll
    04/14/2008 06:41 AM 19,456 dimsntfy.dll
    04/14/2008 06:41 AM 39,936 dimsroam.dll
    04/14/2008 06:41 AM 158,720 dinput.dll
    04/14/2008 06:41 AM 184,832 eapp3hst.dll
    04/14/2008 06:41 AM 30,720 eapolqec.dll
    04/14/2008 06:41 AM 498,742 dxmasf.dll
    04/14/2008 06:41 AM 2,113,536 dxdiagn.dll
    04/14/2008 06:41 AM 1,227,264 dx8vb.dll
    04/14/2008 06:41 AM 94,208 eappgnui.dll
    04/14/2008 06:41 AM 304,128 duser.dll
    04/14/2008 06:41 AM 180,224 eapphost.dll
    04/14/2008 06:41 AM 19,456 dswave.dll
    04/14/2008 06:41 AM 113,152 dsuiext.dll
    04/14/2008 06:41 AM 40,960 eappprxy.dll
    04/14/2008 06:41 AM 181,760 dinput8.dll
    04/14/2008 06:41 AM 59,392 eapqec.dll
    04/14/2008 06:41 AM 33,792 eapsvc.dll
    04/14/2008 06:41 AM 26,624 efsadu.dll
    04/14/2008 06:41 AM 239,104 dsquery.dll
    04/14/2008 06:41 AM 142,848 dsprop.dll
    04/14/2008 06:41 AM 183,296 els.dll
    04/14/2008 06:41 AM 1,293,824 dsound3d.dll
    04/14/2008 06:41 AM 20,480 encapi.dll
    04/14/2008 06:41 AM 367,616 dsound.dll
    04/14/2008 06:41 AM 155,648 dskquoui.dll
    04/14/2008 06:41 AM 92,672 dskquota.dll
    04/14/2008 06:41 AM 71,680 dsdmoprp.dll
    04/14/2008 06:41 AM 186,880 encdec.dll
    04/14/2008 06:41 AM 23,040 ersvc.dll
    04/14/2008 06:41 AM 1,082,368 esent.dll
    04/14/2008 06:41 AM 56,320 eventlog.dll
    04/14/2008 06:41 AM 181,248 dsdmo.dll
    04/14/2008 06:41 AM 380,445 expsrv.dll
    04/14/2008 06:41 AM 16,384 ds32gt.dll
    04/14/2008 06:41 AM 14,336 drprov.dll
    04/14/2008 06:41 AM 125,952 exts.dll
    04/14/2008 06:41 AM 87,040 drmstor.dll
    04/14/2008 06:41 AM 1,504,256 diskcopy.dll
    04/14/2008 06:41 AM 32,768 dispex.dll
    04/14/2008 06:41 AM 60,416 fwcfg.dll
    04/14/2008 06:41 AM 80,384 faultrep.dll
    04/14/2008 06:41 AM 57,344 dpwsockx.dll
    04/14/2008 06:41 AM 116,736 dpvvox.dll
    04/14/2008 06:41 AM 124,928 fde.dll
    04/14/2008 06:41 AM 212,480 dpvoice.dll
    04/14/2008 06:41 AM 21,504 dpvacm.dll
    04/14/2008 06:41 AM 60,928 dpnhupnp.dll
    04/14/2008 06:41 AM 35,328 dpnhpast.dll
    04/14/2008 06:41 AM 375,296 dpnet.dll
    04/14/2008 06:41 AM 23,552 dpmodemx.dll
    04/14/2008 06:41 AM 229,888 dplayx.dll
    04/14/2008 06:41 AM 650,752 dot3ui.dll
    04/14/2008 06:41 AM 132,096 dot3svc.dll
    04/14/2008 06:41 AM 56,320 dot3msm.dll
    04/14/2008 06:41 AM 39,936 dot3gpclnt.dll
    04/14/2008 06:41 AM 9,216 dot3dlg.dll
    04/14/2008 06:41 AM 57,856 dot3cfg.dll
    04/14/2008 06:41 AM 26,112 dot3api.dll
    04/14/2008 06:41 AM 48,128 docprop2.dll
    04/14/2008 06:41 AM 45,568 dnsrslvr.dll
    04/14/2008 06:41 AM 73,728 fdeploy.dll
    04/14/2008 06:41 AM 21,504 feclient.dll
    04/14/2008 06:41 AM 337,920 filemgmt.dll
    04/14/2008 06:41 AM 87,552 fldrclnr.dll
    04/14/2008 06:41 AM 104,448 dmusic.dll
    04/14/2008 06:41 AM 103,424 dmsynth.dll
    04/14/2008 06:41 AM 16,896 fltlib.dll
    04/14/2008 06:41 AM 105,984 dmstyle.dll
    04/14/2008 06:41 AM 23,552 dmserver.dll
    04/14/2008 06:41 AM 80,896 fontsub.dll
    04/14/2008 06:41 AM 82,432 dmscript.dll
    04/14/2008 06:41 AM 28,672 dmband.dll
    04/14/2008 06:41 AM 619,008 dx7vb.dll
    04/14/2008 06:41 AM 382,976 fontext.dll
    04/14/2008 06:41 AM 35,840 dmloader.dll
    04/14/2008 06:41 AM 181,248 dmime.dll
    04/14/2008 06:41 AM 200,704 dmdskmgr.dll
    04/14/2008 06:41 AM 285,184 dmdlgs.dll
    04/14/2008 06:41 AM 61,440 dmcompos.dll
    04/14/2008 06:41 AM 51,200 dssec.dll
    04/14/2008 06:41 AM 252,928 compatUI.dll
    04/14/2008 06:41 AM 344,064 cmdial32.dll
    04/14/2008 06:41 AM 13,312 cmsetACL.dll
    04/14/2008 06:41 AM 62,464 authz.dll
    04/14/2008 06:41 AM 194,560 certcli.dll
    04/14/2008 06:41 AM 2,091,520 cdosys.dll
    04/14/2008 06:41 AM 151,040 cdfview.dll
    04/14/2008 06:41 AM 39,424 cmutil.dll
    04/14/2008 06:41 AM 498,688 clbcatq.dll
    04/14/2008 06:41 AM 42,496 audiosrv.dll
    04/14/2008 06:41 AM 77,824 cliconfg.dll
    04/14/2008 06:41 AM 625,664 catsrvut.dll
    04/14/2008 06:41 AM 457,728 certmgr.dll
    04/14/2008 06:41 AM 85,504 catsrvps.dll
    04/14/2008 06:41 AM 84,992 avifil32.dll
    04/14/2008 06:41 AM 226,304 catsrv.dll
    04/14/2008 06:41 AM 150,016 capesnpn.dll
    04/14/2008 06:41 AM 50,688 camocx.dll
    04/14/2008 06:41 AM 30,208 atmlib.dll
    04/14/2008 06:41 AM 84,480 cabview.dll
    04/14/2008 06:41 AM 60,416 cabinet.dll
    04/14/2008 06:41 AM 126,976 dhcpcsvc.dll
    04/14/2008 06:41 AM 111,104 dgnet.dll
    04/14/2008 06:41 AM 28,672 dfsshlex.dll
    04/14/2008 06:41 AM 124,416 dfrgui.dll
    04/14/2008 06:41 AM 39,424 dfrgsnap.dll
    04/14/2008 06:41 AM 282,624 devmgr.dll
    04/14/2008 06:41 AM 59,904 devenum.dll
    04/14/2008 06:41 AM 27,136 ddrawex.dll
    04/14/2008 06:41 AM 279,552 ddraw.dll
    04/14/2008 06:41 AM 229,376 compstui.dll
    04/14/2008 06:41 AM 50,688 btpanui.dll
    04/14/2008 06:41 AM 30,208 bthserv.dll
    04/14/2008 06:41 AM 8,704 dciman32.dll
    04/14/2008 06:41 AM 20,992 bthci.dll
    04/14/2008 06:41 AM 78,336 browsewm.dll
    04/14/2008 06:41 AM 77,824 browser.dll
    04/14/2008 06:41 AM 28,672 dbnmpntw.dll
    04/14/2008 06:41 AM 110,592 dbnetlib.dll
    04/14/2008 06:41 AM 24,576 dbmsrpcn.dll
    04/14/2008 06:41 AM 7,168 bitsprx4.dll
    04/14/2008 06:41 AM 640,000 dbghelp.dll
    04/14/2008 06:41 AM 7,168 bitsprx3.dll
    04/14/2008 06:41 AM 25,088 davclnt.dll
    04/14/2008 06:41 AM 165,376 datime.dll
    04/14/2008 06:41 AM 8,192 bitsprx2.dll
    04/14/2008 06:41 AM 17,408 bidispl.dll
    04/14/2008 06:41 AM 8,704 batt.dll
    04/14/2008 06:41 AM 54,272 dataclen.dll
    04/14/2008 06:41 AM 1,054,208 danim.dll
    04/14/2008 06:41 AM 38,912 cfgbkend.dll
    04/14/2008 06:41 AM 824,320 d3dim700.dll
    04/14/2008 06:41 AM 1,689,088 d3d9.dll
    04/14/2008 06:41 AM 69,120 ciodm.dll
    04/14/2008 06:41 AM 8,192 d3d8thk.dll
    04/14/2008 06:41 AM 1,179,648 d3d8.dll
    04/14/2008 06:41 AM 29,184 batmeter.dll
    04/14/2008 06:41 AM 32,256 csrsrv.dll
    04/14/2008 06:41 AM 276,992 comdlg32.dll
    04/14/2008 06:41 AM 326,656 cscui.dll
    04/14/2008 06:41 AM 101,888 cscdll.dll
    04/14/2008 06:41 AM 52,736 basesrv.dll
    04/14/2008 06:41 AM 148,480 cic.dll
    04/14/2008 06:41 AM 512,512 cryptui.dll
    04/14/2008 06:41 AM 62,464 cryptsvc.dll
    04/14/2008 06:41 AM 64,512 cryptnet.dll
    04/14/2008 06:41 AM 53,760 cryptext.dll
    04/14/2008 06:41 AM 33,280 cryptdll.dll
    04/14/2008 06:41 AM 617,472 comctl32.dll
    04/14/2008 06:41 AM 58,880 atl.dll
    04/14/2008 06:41 AM 28,160 comaddin.dll
    04/14/2008 06:41 AM 74,752 cryptdlg.dll
    04/14/2008 06:41 AM 15,872 cmcfg32.dll
    04/14/2008 06:41 AM 599,040 crypt32.dll
    04/14/2008 06:41 AM 58,368 clusapi.dll
    04/14/2008 06:41 AM 110,592 clbcatex.dll
    04/14/2008 06:41 AM 163,840 credui.dll
    04/14/2008 06:41 AM 60,416 colbact.dll
    04/14/2008 06:41 AM 233,472 azroles.dll
    04/14/2008 06:41 AM 12,800 credssp.dll
    04/14/2008 06:41 AM 357,888 confmsp.dll
    04/14/2008 06:41 AM 539,648 comuid.dll
    04/14/2008 06:41 AM 1,267,200 comsvcs.dll
    04/14/2008 06:41 AM 167,424 comsnap.dll
    04/14/2008 06:41 AM 792,064 comres.dll
    04/14/2008 06:41 AM 97,792 comrepl.dll
    04/14/2008 06:41 AM 185,344 cmprops.dll
    04/14/2008 06:41 AM 65,024 asycfilt.dll
    04/14/2008 06:41 AM 100,352 6to4svc.dll
    04/14/2008 06:41 AM 136,192 aaclient.dll
    04/14/2008 06:41 AM 115,712 aclui.dll
    04/14/2008 06:41 AM 617,472 advapi32.dll
    04/14/2008 06:41 AM 17,408 alrsvc.dll
    04/14/2008 06:41 AM 70,656 amstream.dll
    04/14/2008 06:41 AM 263,680 adsnt.dll
    04/14/2008 06:41 AM 125,952 apphelp.dll
    04/14/2008 06:41 AM 167,936 appmgmts.dll
    04/14/2008 06:41 AM 295,936 appmgr.dll
    04/14/2008 06:41 AM 193,536 activeds.dll
    04/14/2008 06:41 AM 98,304 actxprxy.dll
    04/14/2008 06:41 AM 175,616 adsldp.dll
    04/14/2008 06:41 AM 68,096 adsmsext.dll
    04/14/2008 06:41 AM 143,360 adsldpc.dll
    04/14/2008 06:41 AM 123,392 adsnw.dll
    04/14/2008 06:41 AM 706,048 ntdll.dll
    04/14/2008 06:41 AM 20,480 wmp.ocx
    04/14/2008 06:41 AM 5,632 wmi.dll
    04/14/2008 06:40 AM 218,624 sysmon.ocx
    04/14/2008 06:40 AM 86,016 sl_anet.acm
    04/14/2008 06:40 AM 102,912 dpcdll.dll
    04/14/2008 06:40 AM 81,920 proctexe.ocx
    04/14/2008 06:40 AM 53,279 odbcji32.dll
    04/14/2008 06:40 AM 110,592 msscript.ocx
    04/14/2008 06:40 AM 4,126 msdxmlc.dll
    04/14/2008 06:40 AM 844,314 msdxm.ocx
    04/14/2008 06:40 AM 294,912 msaud32.acm
    04/14/2008 06:40 AM 14,848 msadp32.acm
    04/14/2008 06:40 AM 3,584 msafd.dll
    04/14/2008 06:40 AM 177,152 MSCTFIME.IME
    04/14/2008 06:39 AM 290,816 l3codeca.acm
    04/14/2008 06:39 AM 6,144 kbdnepr.dll
    04/14/2008 06:39 AM 6,144 kbdinben.dll
    04/14/2008 06:39 AM 5,632 kbdmaori.dll
    04/14/2008 06:39 AM 6,144 kbdpash.dll
    04/14/2008 06:39 AM 7,168 kbdnec.dll
    04/14/2008 06:39 AM 6,144 kbdbhc.dll
    04/14/2008 06:39 AM 6,144 kbdmlt48.dll
    04/14/2008 06:39 AM 6,144 kbdmlt47.dll
    04/14/2008 06:39 AM 6,144 kbdinbe1.dll
    04/14/2008 06:39 AM 7,680 kbdsmsno.dll

  6. #26
    Junior Member
    Join Date
    Sep 2008
    Posts
    21

    Default

    (continued Look32)

    04/14/2008 06:39 AM 6,656 kbdinmal.dll
    04/14/2008 06:39 AM 7,168 kbdno1.dll
    04/14/2008 06:39 AM 7,168 kbdukx.dll
    04/14/2008 06:39 AM 6,144 kbdiultn.dll
    04/14/2008 06:39 AM 7,680 kbdsmsfi.dll
    04/14/2008 06:39 AM 7,168 kbdfi1.dll
    04/14/2008 06:39 AM 16,384 imaadp32.acm
    04/14/2008 06:39 AM 3,584 icmp.dll
    04/14/2008 06:39 AM 545,280 hhctrl.ocx
    04/14/2008 06:39 AM 566,784 gpedit.dll
    04/14/2008 06:39 AM 9,344 framebuf.dll
    04/14/2008 06:39 AM 24,064 pidgen.dll
    04/14/2008 06:39 AM 3,072 dpnlobby.dll
    04/14/2008 06:39 AM 3,072 dpnaddr.dll
    04/14/2008 06:39 AM 153,088 daxctle.ocx
    04/14/2008 06:39 AM 16,896 cfgmgr32.dll
    04/14/2008 06:39 AM 285,696 atmfd.dll
    04/14/2008 06:39 AM 114,688 asctrls.ocx
    04/14/2008 02:00 AM 1,845,632 win32k.sys
    04/14/2008 01:15 AM 17,664 watchdog.sys
    04/14/2008 01:13 AM 12,800 spiisupd.exe
    04/14/2008 01:01 AM 7,424 kd1394.dll
    04/14/2008 01:01 AM 134,400 hal.dll
    04/14/2008 01:00 AM 61,440 msvcrt40.dll
    04/14/2008 12:45 AM 76,800 msshavmsg.dll
    04/14/2008 12:09 AM 438,784 xpob2res.dll
    04/14/2008 12:09 AM 689,152 xpsp3res.dll
    04/14/2008 12:09 AM 2,897,920 xpsp2res.dll
    04/14/2008 12:09 AM 187,392 xpsp1res.dll
    04/14/2008 12:08 AM 101,888 gpkcsp.dll
    04/14/2008 12:08 AM 169,984 sccbase.dll
    04/14/2008 12:08 AM 306,176 slbcsp.dll
    04/14/2008 12:07 AM 138,752 dssenh.dll
    04/14/2008 12:07 AM 208,384 rsaenh.dll
    04/13/2008 11:57 PM 79,872 msxml6r.dll
    04/13/2008 11:56 PM 24,576 cliconfg.rll
    04/13/2008 11:56 PM 90,112 sqlsrv32.rll
    04/13/2008 11:56 PM 4,310 odbcconf.rsp
    04/13/2008 11:56 PM 12,288 mscpx32r.dLL
    04/13/2008 11:56 PM 12,288 odbcp32r.dll
    04/13/2008 11:56 PM 94,208 odbcint.dll
    04/13/2008 11:54 PM 16,384 simpdata.tlb
    04/13/2008 11:54 PM 20,480 msorc32r.dll
    04/13/2008 11:54 PM 12,288 msdatsrc.tlb
    04/13/2008 11:51 PM 733,696 qedwipes.dll
    04/13/2008 11:39 PM 4,096 dsprpres.dll
    04/13/2008 11:33 PM 63,488 browselc.dll
    04/13/2008 11:33 PM 549,376 shdoclc.dll
    04/13/2008 11:24 PM 53,840 dosx.exe
    04/13/2008 11:24 PM 5,120 winnls.dll
    04/13/2008 11:24 PM 68,768 mmsystem.dll
    04/13/2008 11:23 PM 92,224 krnl386.exe
    04/13/2008 11:22 PM 3,338 redir.exe
    04/13/2008 11:20 PM 42,537 keyboard.sys
    04/13/2008 11:19 PM 34,560 ntio404.sys
    04/13/2008 11:19 PM 35,424 ntio412.sys
    04/13/2008 11:19 PM 34,560 ntio804.sys
    04/13/2008 11:19 PM 33,840 ntio.sys
    04/13/2008 11:19 PM 35,648 ntio411.sys
    04/13/2008 11:18 PM 1,647,616 winbrand.dll
    04/13/2008 11:15 PM 216,064 moricons.dll
    04/13/2008 10:58 PM 929 homepage.inf
    04/13/2008 10:53 PM 48,128 msprivs.dll
    04/13/2008 10:52 PM 48,128 inetres.dll
    04/13/2008 10:12 PM 16,896 stdole2.tlb
    04/13/2008 10:09 PM 884,736 msimsg.dll
    04/11/2008 03:04 PM 691,712 inetcomm.dll
    03/20/2008 06:06 PM 1,480,232 LegitCheckControl.dll
    03/12/2008 08:54 PM 1,344,512 msgina.dll
    02/29/2008 04:40 PM 265,948 locale.nls
    01/29/2008 12:02 PM 107,368 GEARAspi.dll
    01/10/2008 05:34 PM 218,624 uxtheme.dll
    11/30/2007 08:39 AM 17,272 spmsg.dll
    10/27/2007 05:40 PM 222,720 wmasf.dll
    10/24/2007 01:47 AM 282,112 mscoree.dll
    10/24/2007 01:47 AM 158,720 mscorier.dll
    10/24/2007 01:47 AM 84,480 mscories.dll
    10/24/2007 01:47 AM 96,760 dfshim.dll
    10/22/2007 04:00 PM 1,516,568 msjet40.dll
    10/11/2007 09:55 AM 579,584 icardagt.exe
    10/11/2007 09:55 AM 595,464 icardres.dll.mui
    10/11/2007 09:55 AM 88,576 infocardapi.dll
    10/11/2007 09:55 AM 28,160 infocardcpl.cpl
    10/11/2007 09:55 AM 11,776 icardres.dll
    10/09/2007 01:03 PM 1,986,072 milcore.dll
    10/09/2007 01:03 PM 493,080 evr.dll
    10/09/2007 01:03 PM 779,800 PresentationNative_v0300.dll
    10/09/2007 01:03 PM 161,304 UIAutomationCore.dll
    10/09/2007 01:03 PM 350,744 PresentationHost.exe
    10/09/2007 01:03 PM 106,520 PresentationCFFRasterizerNative_v0300.dll
    10/09/2007 01:03 PM 33,304 PresentationHostProxy.dll
    10/09/2007 01:03 PM 73,752 dxva2.dll
    10/09/2007 12:58 PM 16,896 tswpfwrp.exe
    08/13/2007 06:45 PM 206,336 winfxdocobj.exe
    08/13/2007 06:39 PM 92,672 inseng.dll
    08/13/2007 06:38 PM 10,240 advpack.dll.mui
    08/13/2007 06:36 PM 12,288 msfeedssync.exe
    08/13/2007 06:36 PM 36,352 imgutil.dll
    07/24/2007 03:17 PM 61,440 dnssd.dll
    07/24/2007 03:17 PM 81,920 dns-sd.exe
    06/28/2007 06:55 PM 77,824 xvid.ax
    06/28/2007 06:54 PM 180,224 xvidvfw.dll
    06/28/2007 06:52 PM 765,952 xvidcore.dll
    06/21/2007 12:22 PM 974 pid.inf
    06/11/2007 11:51 PM 10,834,944 wmp.dll
    05/08/2007 03:03 PM 1,275,392 msxml4.dll
    04/03/2007 09:44 AM 981,760 mfc42u.dll
    04/03/2007 12:04 AM 53,478 tcpmon.ini
    04/02/2007 10:29 PM 862 termcap
    04/02/2007 10:29 PM 487 login.cmd
    04/02/2007 10:06 PM 956,990 instcat.sql
    04/02/2007 08:35 PM 4,656 ds16gt.dLL
    04/02/2007 08:35 PM 26,224 odbc16gt.dll
    04/02/2007 07:22 PM 355,104 msxbde40.dll
    04/02/2007 07:21 PM 621,344 mswstr10.dll
    04/02/2007 07:21 PM 838,432 mswdat10.dll
    04/02/2007 07:21 PM 264,992 mstext40.dll
    04/02/2007 07:21 PM 559,904 msrepl40.dll
    04/02/2007 07:20 PM 322,336 msrd3x40.dll
    04/02/2007 07:20 PM 432,928 msrd2x40.dll
    04/02/2007 07:20 PM 355,104 mspbde40.dll
    04/02/2007 07:19 PM 219,936 msltus40.dll
    04/02/2007 07:19 PM 248,608 msjtes40.dll
    04/02/2007 07:19 PM 60,192 msjter40.dll
    04/02/2007 07:19 PM 355,112 msjetoledb40.dll
    04/02/2007 07:18 PM 326,432 msexcl40.dll
    04/02/2007 07:17 PM 518,944 msexch40.dll
    03/23/2007 06:07 AM 1,683,280 XpsSvcs.dll
    03/23/2007 06:07 AM 583,504 XPSSHHDR.dll
    03/22/2007 08:25 PM 124,928 prntvpt.dll
    03/21/2007 08:54 PM 77,312 TWAIN_32.DLL
    03/21/2007 08:54 PM 48,560 TWUNK_16.EXE
    03/21/2007 08:54 PM 69,632 TWUNK_32.EXE
    03/12/2007 02:02 PM 947,472 msjava.dll
    03/08/2007 07:10 AM 991,232 ieframe.dll.mui
    03/07/2007 07:51 PM 547,576 px.dll
    03/07/2007 07:51 PM 39,672 vxblock.dll
    03/07/2007 07:51 PM 379,640 pxwave.dll
    03/07/2007 07:51 PM 64,760 pxcpya64.exe
    03/07/2007 07:51 PM 129,784 pxafs.dll
    03/07/2007 07:51 PM 1,628,920 pxsfs.dll
    03/07/2007 07:51 PM 187,128 pxmas.dll
    03/07/2007 07:51 PM 64,760 pxinsa64.exe
    03/07/2007 07:51 PM 72,440 pxhpinst.exe
    03/07/2007 07:51 PM 510,712 pxdrv.dll
    02/20/2007 04:04 PM 190,696 NPSWF32_FlashUtil.exe
    02/20/2007 04:04 PM 2,463,976 NPSWF32.dll
    01/24/2007 07:15 PM 382,976 Vista.scr
    01/01/2007 10:14 PM 1,326,080 webfldrs.msi
    12/31/2006 09:57 AM 7,208 secupd.sig
    12/31/2006 09:57 AM 4,569 secupd.dat
    12/31/2006 09:11 AM 174,200 xenroll.dll
    12/31/2006 08:56 AM 9,728 gpkrsrc.dll
    12/30/2006 01:38 AM 23,044 sorttbls.nls
    12/30/2006 01:38 AM 262,148 sortkey.nls
    12/30/2006 01:24 AM 66,082 c_28603.nls
    12/29/2006 08:34 PM 7,168 stdole32.tlb
    12/24/2006 07:45 PM 7,680 engine.dll
    12/24/2006 07:45 PM 8,174,592 Branded.scr
    12/11/2006 01:15 AM 498,176 vLogon.scr
    12/04/2006 04:21 PM 414,720 msscp.dll
    12/01/2006 08:54 PM 626,688 msvcr80.dll
    11/13/2006 01:39 PM 138,024 rapi.dll
    11/13/2006 01:38 PM 22,824 ceutil.dll
    10/18/2006 09:58 PM 8,704 uwdf.exe
    10/18/2006 09:58 PM 8,704 wdfmgr.exe
    10/18/2006 09:47 PM 4,096 WMVADVD.dll
    10/18/2006 09:47 PM 1,329,152 WMSPDMOE.dll
    10/18/2006 09:47 PM 2,450,944 wmvcore.dll
    10/18/2006 09:47 PM 603,648 WMSPDMOD.dll
    10/18/2006 09:47 PM 629,760 wpd_ci.dll
    10/18/2006 09:47 PM 356,352 wpdsp.dll
    10/18/2006 09:47 PM 133,632 WPDShServiceObj.dll
    10/18/2006 09:47 PM 38,400 wpdshextres.dll
    10/18/2006 09:47 PM 656,896 WMVXENCD.dll
    10/18/2006 09:47 PM 4,096 wmsdmoe2.dll
    10/18/2006 09:47 PM 4,096 WMVADVE.DLL
    10/18/2006 09:47 PM 2,603,008 WpdShext.dll
    10/18/2006 09:47 PM 63,488 wpdmtpus.dll
    10/18/2006 09:47 PM 154,624 wpdmtp.dll
    10/18/2006 09:47 PM 35,840 wpdconns.dll
    10/18/2006 09:47 PM 1,543,680 WMVDECOD.dll
    10/18/2006 09:47 PM 767,488 WMVSENCD.dll
    10/18/2006 09:47 PM 4,096 wmvdmod.dll
    10/18/2006 09:47 PM 1,382,912 WMVSDECD.dll
    10/18/2006 09:47 PM 1,574,912 WMVENCOD.dll
    10/18/2006 09:47 PM 4,096 wmvdmoe2.dll
    10/18/2006 09:47 PM 4,096 wmsdmod.dll
    10/18/2006 09:47 PM 348,672 wmdrmnet.dll
    10/18/2006 09:47 PM 314,880 wmpdxm.dll
    10/18/2006 09:47 PM 242,688 wmpasf.dll
    10/18/2006 09:47 PM 937,984 WMNetMgr.dll
    10/18/2006 09:47 PM 157,184 wmidx.dll
    10/18/2006 09:47 PM 227,328 wmerror.dll
    10/18/2006 09:47 PM 535,040 wmdrmsdk.dll
    10/18/2006 09:47 PM 1,661,440 wmpencen.dll
    10/18/2006 09:47 PM 204,288 wmpsrcwp.dll
    10/18/2006 09:47 PM 99,840 wmpshell.dll
    10/18/2006 09:47 PM 130,048 wmpps.dll
    10/18/2006 09:47 PM 613,376 wmpmde.dll
    10/18/2006 09:47 PM 8,231,936 wmploc.dll
    10/18/2006 09:47 PM 757,248 WMADMOD.dll
    10/18/2006 09:47 PM 4,096 wdfapi.dll
    10/18/2006 09:47 PM 1,117,696 WMADMOE.dll
    10/18/2006 09:47 PM 211,456 qasf.dll
    10/18/2006 09:47 PM 199,168 PortableDeviceWMDRM.dll
    10/18/2006 09:47 PM 132,096 PortableDeviceWiaCompat.dll
    10/18/2006 09:47 PM 166,912 PortableDeviceTypes.dll
    10/18/2006 09:47 PM 101,888 PortableDeviceClassExtension.dll
    10/18/2006 09:47 PM 429,056 wmdrmdev.dll
    10/18/2006 09:47 PM 284,160 PortableDeviceApi.dll
    10/18/2006 09:47 PM 37,376 wmdmps.dll
    10/18/2006 09:47 PM 33,792 wmdmlog.dll
    10/18/2006 09:47 PM 179,712 msnetobj.dll
    10/18/2006 09:47 PM 321,536 mswmdm.dll
    10/18/2006 09:47 PM 175,616 mspmsp.dll
    10/18/2006 09:47 PM 27,136 mspmsnsv.dll
    10/18/2006 09:47 PM 317,440 MP4SDECD.dll
    10/18/2006 09:47 PM 4,096 MP43DMOD.dll
    10/18/2006 09:47 PM 259,072 MP43DECD.dll
    10/18/2006 09:47 PM 4,096 MPG4DMOD.dll
    10/18/2006 09:47 PM 4,096 MP4SDMOD.dll
    10/18/2006 09:47 PM 212,992 MFPLAT.dll
    10/18/2006 09:47 PM 259,072 MPG4DECD.dll
    10/18/2006 09:47 PM 11,264 LAPRXY.dll
    10/18/2006 09:47 PM 229,376 cewmdm.dll
    10/18/2006 09:47 PM 542,720 blackbox.dll
    10/18/2006 09:47 PM 991,744 drmv2clt.dll
    10/18/2006 09:47 PM 276,992 audiodev.dll
    10/18/2006 09:47 PM 7,168 asferror.dll
    10/18/2006 08:05 PM 232,448 l3codecp.acm
    10/18/2006 08:03 PM 100,864 logagent.exe
    10/18/2006 08:00 PM 249,856 drmupgds.exe
    10/18/2006 08:00 PM 17,408 wpdshextautoplay.exe
    10/02/2006 03:28 PM 312,128 msdelta.dll
    09/29/2006 06:56 AM 28,248 AdobePDF.dll
    09/28/2006 08:52 PM 655,360 CDDBControl.dll
    09/28/2006 08:52 PM 98,304 CddbLangDE.dll
    09/28/2006 08:52 PM 98,304 CddbLangNL.dll
    09/28/2006 08:52 PM 765,952 CDDBUI.dll
    09/28/2006 08:52 PM 77,824 CddbLangJA.dll
    09/28/2006 08:52 PM 102,400 CddbLangIT.dll
    09/28/2006 08:52 PM 98,304 CddbLangES.dll
    09/28/2006 08:52 PM 98,304 CddbLangFR.dll
    09/28/2006 08:13 PM 95,344 WUDFCoinstaller.dll
    09/28/2006 06:56 PM 146,432 WudfHost.exe
    09/28/2006 06:56 PM 316,416 WUDFx.dll
    09/28/2006 06:56 PM 165,376 WudfPlatform.dll
    09/28/2006 06:56 PM 55,808 WudfSvc.dll
    09/25/2006 05:58 PM 23,856 spupdsvc.exe
    09/23/2006 01:12 PM 74,715 IE7Eula.rtf
    09/01/2006 08:44 AM 8,798 icrav03.rat
    09/01/2006 08:44 AM 1,988 ticrf.rat
    08/24/2006 04:15 PM 150,808 rgb9rast_2.dll
    07/02/2006 08:13 PM 884 Branded.scr.manifest
    06/29/2006 01:07 PM 14,048 spmsg2.dll
    03/03/2006 02:42 PM 117,248 Mystify.scr
    03/01/2006 05:21 AM 117,248 Ribbons.scr
    03/01/2006 05:21 AM 1,263,616 Aurora.scr
    03/01/2006 04:53 AM 773,120 Bubbles.scr
    02/28/2006 09:10 PM 69,632 Crypserv.exe
    01/09/2006 10:47 PM 31,846 Ckldrv.sys
    12/11/2005 01:53 AM 720,412 MGB_ScreenSaver.scr
    12/02/2005 03:34 PM 946,448 calc.exe
    11/26/2005 11:01 PM 221,184 cttune.cpl
    10/28/2005 06:11 PM 602,112 hpowiax2.dll
    10/28/2005 06:11 PM 614,400 hpotscl2.dll
    10/28/2005 06:11 PM 254,026 hpovst09.dll
    10/27/2005 08:23 PM 282,624 HPZc3212.dll
    10/14/2005 10:42 PM 46,592 hpzll43a.dll
    09/09/2005 06:28 PM 98,304 hpzjsn01.dll
    07/05/2005 11:47 AM 1,073,152 cdintf210.dll
    05/06/2005 02:09 PM 81,920 cmudax.dll
    04/15/2005 08:58 PM 1,071,088 MSCOMCTL.OCX
    04/15/2005 10:00 AM 204,800 HPTcpMUI.dll
    04/15/2005 10:00 AM 9,688 hptcpmui.hlp
    04/15/2005 09:59 AM 155,648 HPTcpMon.dll
    04/15/2005 09:58 AM 73,728 HPTcpMib.dll
    04/06/2005 12:46 PM 139,264 hpzjrd01.dll
    03/22/2005 08:48 AM 77,824 hpzids01.dll
    03/14/2005 01:39 PM 65,536 HPZinw12.exe
    03/14/2005 12:05 PM 204,800 HPZipr12.dll
    03/14/2005 12:05 PM 69,632 HPZipm12.exe
    03/14/2005 12:03 PM 278,584 HPZidr12.dll
    03/08/2005 11:55 AM 57,344 HPZisn12.dll
    03/08/2005 11:55 AM 94,208 HPZipt12.dll
    09/19/2004 12:27 PM 172,032 LClock.cpl
    08/16/2004 03:04 PM 237,568 cmirmdrv.exe
    05/27/2004 03:00 PM 118,784 HPODXPAT.DLL
    04/18/2004 11:31 AM 661 LClock.cpl.manifest
    02/25/2004 01:05 PM 348,160 msvcr71.dll
    02/20/2004 04:47 PM 1,047,552 mfc71u.dll
    02/20/2004 04:15 PM 49,152 MFC71KOR.DLL
    02/20/2004 04:15 PM 45,056 MFC71CHT.DLL
    02/20/2004 04:15 PM 61,440 MFC71FRA.DLL
    02/20/2004 04:15 PM 61,440 MFC71ESP.DLL
    02/20/2004 04:15 PM 40,960 MFC71CHS.DLL
    02/20/2004 04:15 PM 49,152 MFC71JPN.DLL
    02/20/2004 04:15 PM 61,440 MFC71ITA.DLL
    02/20/2004 04:15 PM 65,536 MFC71DEU.DLL
    02/18/2004 02:19 PM 16,384 udaprop.dll
    01/27/2004 10:56 AM 28,672 hpzjfw01.dll
    10/17/2003 12:44 PM 89,088 atl71.dll
    10/17/2003 12:44 PM 499,712 msvcp71.dll
    10/17/2003 12:44 PM 57,344 MFC71ENU.DLL
    10/17/2003 12:44 PM 1,060,864 mfc71.dll
    08/03/2003 10:56 AM 1,146,184 FM20.DLL
    07/14/2003 10:57 PM 32,584 FM20ENU.DLL
    06/18/2003 05:31 PM 17,920 mdimon.dll
    02/20/2003 07:16 PM 32,768 netfxperf.dll
    02/18/2003 06:26 PM 28,672 cmirmdrv.dll
    01/07/2003 03:05 PM 2,695 OUTLPERF.INI
    01/07/2003 03:05 PM 551 OUTLPERF.H
    08/21/2002 05:13 AM 189,952 WISPTIS.EXE
    08/21/2002 05:10 AM 204,800 INKED.DLL
    02/04/2002 02:43 AM 82,432 msxml4r.dll
    11/23/2001 12:08 PM 712,704 a3d.dll
    11/23/2001 12:08 PM 712,704 Audio3D.dll
    08/22/2001 05:00 PM 5,632 kbdpl1.dll
    08/22/2001 05:00 PM 35,755 prncnfg.vbs
    08/22/2001 05:00 PM 25,415 prndrvr.vbs
    08/22/2001 05:00 PM 21,527 prnjobs.vbs
    08/22/2001 05:00 PM 32,546 prnmngr.vbs
    08/22/2001 05:00 PM 29,454 prnport.vbs
    08/22/2001 05:00 PM 15,860 prnqctl.vbs
    08/22/2001 05:00 PM 29,146 ntdos804.sys
    08/22/2001 05:00 PM 29,274 ntdos412.sys
    08/22/2001 05:00 PM 343 prodspec.ini
    08/22/2001 05:00 PM 6,656 kbdpl.dll
    08/22/2001 05:00 PM 29,370 ntdos411.sys
    08/22/2001 05:00 PM 29,146 ntdos404.sys
    08/22/2001 05:00 PM 6,144 kbdno.dll
    08/22/2001 05:00 PM 27,866 ntdos.sys
    08/22/2001 05:00 PM 7,680 mll_mtf.dll
    08/22/2001 05:00 PM 3,010 pschdcnt.h
    08/22/2001 05:00 PM 10,752 pschdprf.dll
    08/22/2001 05:00 PM 6,877 pschdprf.ini
    08/22/2001 05:00 PM 51 pscript.sep
    08/22/2001 05:00 PM 8,192 psnppagn.dll
    08/22/2001 05:00 PM 6,144 kbdne.dll
    08/22/2001 05:00 PM 5,632 kbdmon.dll
    08/22/2001 05:00 PM 5,632 mll_qic.dll
    08/22/2001 05:00 PM 10,240 panmap.dll
    08/22/2001 05:00 PM 3,708 pubprn.vbs
    08/22/2001 05:00 PM 1,492 mmdriver.inf
    08/22/2001 05:00 PM 12,288 mmdrv.dll
    08/22/2001 05:00 PM 167,219 pagefileconfig.vbs
    08/22/2001 05:00 PM 5,632 kbdus.dll
    08/22/2001 05:00 PM 46,592 pmspl.dll
    08/22/2001 05:00 PM 15,872 cdmodem.dll
    08/22/2001 05:00 PM 1,152 mmtask.tsk
    08/22/2001 05:00 PM 697 noise.tha
    08/22/2001 05:00 PM 13,730 noise.sve
    08/22/2001 05:00 PM 13,256 noise.nld
    08/22/2001 05:00 PM 19,618 noise.ita
    08/22/2001 05:00 PM 16,896 qappsrv.exe
    08/22/2001 05:00 PM 6,144 kbdusl.dll
    08/22/2001 05:00 PM 6,144 kbdmac.dll
    08/22/2001 05:00 PM 6,144 kbdlv1.dll
    08/22/2001 05:00 PM 6,144 kbdlv.dll
    08/22/2001 05:00 PM 5,632 kbdlt1.dll
    08/22/2001 05:00 PM 5,632 kbdlt.dll
    08/22/2001 05:00 PM 49,196 noise.fra
    08/22/2001 05:00 PM 6,656 kbdla.dll
    08/22/2001 05:00 PM 5,632 kbdkyr.dll
    08/22/2001 05:00 PM 8,192 qosname.dll
    08/22/2001 05:00 PM 5,632 kbdkaz.dll
    08/22/2001 05:00 PM 19,684 noise.esn
    08/22/2001 05:00 PM 5,632 kbdit142.dll
    08/22/2001 05:00 PM 5,632 kbdit.dll
    08/22/2001 05:00 PM 1,688 AUTOEXEC.NT
    08/22/2001 05:00 PM 5,632 kbdir.dll
    08/22/2001 05:00 PM 22,016 qwinsta.exe
    08/22/2001 05:00 PM 751 noise.enu
    08/22/2001 05:00 PM 6,144 kbdusr.dll
    08/22/2001 05:00 PM 751 noise.eng
    08/22/2001 05:00 PM 149,848 noise.deu
    08/22/2001 05:00 PM 6,144 kbdic.dll
    08/22/2001 05:00 PM 11,776 rasautou.exe
    08/22/2001 05:00 PM 5,632 kbdhu1.dll
    08/22/2001 05:00 PM 1,818 rasctrnm.h
    08/22/2001 05:00 PM 11,776 rasctrs.dll
    08/22/2001 05:00 PM 3,458 rasctrs.ini
    08/22/2001 05:00 PM 11,264 rasdial.exe
    08/22/2001 05:00 PM 6,656 kbdhu.dll
    08/22/2001 05:00 PM 8,192 kbdhept.dll
    08/22/2001 05:00 PM 6,656 kbdhela3.dll
    08/22/2001 05:00 PM 143,360 rasmontr.dll
    08/22/2001 05:00 PM 22,528 rasmxs.dll
    08/22/2001 05:00 PM 6,144 kbdhela2.dll
    08/22/2001 05:00 PM 5,632 kbdhe319.dll
    08/22/2001 05:00 PM 5,632 kbdhe220.dll
    08/22/2001 05:00 PM 23,552 rasrad.dll
    08/22/2001 05:00 PM 5,632 kbdhe.dll
    08/22/2001 05:00 PM 12,800 rasser.dll
    08/22/2001 05:00 PM 6,144 kbdgr1.dll
    08/22/2001 05:00 PM 6,144 kbdgr.dll
    08/22/2001 05:00 PM 6,144 kbdgkl.dll
    08/22/2001 05:00 PM 5,632 kbdgae.dll
    08/22/2001 05:00 PM 6,144 kbdfr.dll
    08/22/2001 05:00 PM 6,144 kbdfo.dll
    08/22/2001 05:00 PM 741 noise.dat
    08/22/2001 05:00 PM 4,096 rdpcfgex.dll
    08/22/2001 05:00 PM 1,696 noise.cht
    08/22/2001 05:00 PM 6,144 kbdfi.dll
    08/22/2001 05:00 PM 6,144 kbdfc.dll
    08/22/2001 05:00 PM 6,144 kbdest.dll
    08/22/2001 05:00 PM 6,144 kbdes.dll
    08/22/2001 05:00 PM 5,120 kbddv.dll
    08/22/2001 05:00 PM 7,168 recover.exe
    08/22/2001 05:00 PM 1,696 noise.chs
    08/22/2001 05:00 PM 6,144 kbdda.dll
    08/22/2001 05:00 PM 6,656 kbdcz2.dll
    08/22/2001 05:00 PM 3,584 regedt32.exe
    08/22/2001 05:00 PM 33,792 regini.exe
    08/22/2001 05:00 PM 6,656 kbdcz1.dll
    08/22/2001 05:00 PM 7,168 kbdcz.dll
    08/22/2001 05:00 PM 4,608 regwiz.exe
    08/22/2001 05:00 PM 6,656 kbdcr.dll
    08/22/2001 05:00 PM 32,768 relog.exe
    08/22/2001 05:00 PM 7,680 kbdcan.dll
    08/22/2001 05:00 PM 6,144 kbdca.dll
    08/22/2001 05:00 PM 107,520 rend.dll
    08/22/2001 05:00 PM 12,800 replace.exe
    08/22/2001 05:00 PM 9,728 reset.exe
    08/22/2001 05:00 PM 5,632 kbdbu.dll
    08/22/2001 05:00 PM 6,144 kbdbr.dll
    08/22/2001 05:00 PM 6,144 kbdusx.dll
    08/22/2001 05:00 PM 5,632 kbdblr.dll
    08/22/2001 05:00 PM 5,632 kbduzb.dll
    08/22/2001 05:00 PM 7,052 nlsfunc.exe
    08/22/2001 05:00 PM 3,584 riched32.dll
    08/22/2001 05:00 PM 3,072 rnr20.dll
    08/22/2001 05:00 PM 19,968 route.exe
    08/22/2001 05:00 PM 25,600 routemon.exe
    08/22/2001 05:00 PM 6,656 routetab.dll
    08/22/2001 05:00 PM 22,016 rpcns4.dll
    08/22/2001 05:00 PM 6,144 kbdbene.dll
    08/22/2001 05:00 PM 6,144 kbdbe.dll
    08/22/2001 05:00 PM 3,167 rsaci.rat
    08/22/2001 05:00 PM 119,808 mmutilse.dll
    08/22/2001 05:00 PM 28,672 rsfsaps.dll
    08/22/2001 05:00 PM 5,632 kbdazel.dll
    08/22/2001 05:00 PM 5,632 kbdaze.dll
    08/22/2001 05:00 PM 49,152 rsm.exe
    08/22/2001 05:00 PM 6,656 KBDAL.DLL
    08/22/2001 05:00 PM 24,576 rsmsink.exe
    08/22/2001 05:00 PM 49,152 rsmui.exe
    08/22/2001 05:00 PM 14,710 kb16.com
    08/22/2001 05:00 PM 44,451 rsop.msc
    08/22/2001 05:00 PM 62,976 rsopprov.exe
    08/22/2001 05:00 PM 132,608 rsvp.exe
    08/22/2001 05:00 PM 12,082 rsvp.ini
    08/22/2001 05:00 PM 3,178 rsvpcnts.h
    08/22/2001 05:00 PM 23,552 rsvpmsg.dll
    08/22/2001 05:00 PM 9,728 rsvpperf.dll
    08/22/2001 05:00 PM 8,484 kanji_2.uce
    08/22/2001 05:00 PM 6,948 kanji_1.uce
    08/22/2001 05:00 PM 98,304 rtm.dll
    08/22/2001 05:00 PM 71,859 cliconf.chm
    08/22/2001 05:00 PM 16,384 runas.exe
    08/22/2001 05:00 PM 47,952 jobexec.dll
    08/22/2001 05:00 PM 65,536 jgsh400.dll
    08/22/2001 05:00 PM 15,872 rwinsta.exe
    08/22/2001 05:00 PM 45,568 jgsd400.dll
    08/22/2001 05:00 PM 35,840 jgmd400.dll
    08/22/2001 05:00 PM 44,544 jgaw400.dll
    08/22/2001 05:00 PM 362,496 jet500.dll
    08/22/2001 05:00 PM 19,456 mode.com
    08/22/2001 05:00 PM 80,384 autodisc.dll
    08/22/2001 05:00 PM 13,312 irclass.dll
    08/22/2001 05:00 PM 199,168 ir32_32.dll
    08/22/2001 05:00 PM 66,560 ipxsap.dll
    08/22/2001 05:00 PM 31,232 sc.exe
    08/22/2001 05:00 PM 39,936 ipxrtmgr.dll
    08/22/2001 05:00 PM 118,784 scardssp.dll
    08/22/2001 05:00 PM 10,112 modex.dll
    08/22/2001 05:00 PM 2,656 netware.drv
    08/22/2001 05:00 PM 69,120 ipxpromn.dll
    08/22/2001 05:00 PM 83,968 ipxmontr.dll
    08/22/2001 05:00 PM 44,032 ipsec6.exe
    08/22/2001 05:00 PM 4,096 iprtprio.dll
    08/22/2001 05:00 PM 3,584 iprop.dll
    08/22/2001 05:00 PM 30,720 iologmsg.dll
    08/22/2001 05:00 PM 308,224 netui2.dll
    08/22/2001 05:00 PM 44,032 msxml3r.dll
    08/22/2001 05:00 PM 26,624 scredir.dll
    08/22/2001 05:00 PM 10,240 scriptpw.dll
    08/22/2001 05:00 PM 8,192 mountvol.exe
    08/22/2001 05:00 PM 9,216 print.exe
    08/22/2001 05:00 PM 450,560 infosoft.dll
    08/22/2001 05:00 PM 2,032 mouse.drv
    08/22/2001 05:00 PM 5,632 kbdycc.dll
    08/22/2001 05:00 PM 130,048 sdpblb.dll
    08/22/2001 05:00 PM 16,384 prflbmsg.dll
    08/22/2001 05:00 PM 110,592 inetcplc.dll
    08/22/2001 05:00 PM 36,364 secpol.msc
    08/22/2001 05:00 PM 69,584 avicap.dll
    08/22/2001 05:00 PM 40,448 osuninst.exe
    08/22/2001 05:00 PM 6,656 kbdycl.dll
    08/22/2001 05:00 PM 7,040 kdcom.dll
    08/22/2001 05:00 PM 22,016 mpnotify.exe
    08/22/2001 05:00 PM 9,216 iissuba.dll
    08/22/2001 05:00 PM 70,656 ifsutil.dll
    08/22/2001 05:00 PM 40,505 cmdlib.wsc
    08/22/2001 05:00 PM 13,824 senscfg.dll
    08/22/2001 05:00 PM 14,336 serialui.dll
    08/22/2001 05:00 PM 3,584 mll_hp.dll
    08/22/2001 05:00 PM 171,008 netmsg.dll
    08/22/2001 05:00 PM 33,464 services.msc
    08/22/2001 05:00 PM 14,848 serwvdrv.dll
    08/22/2001 05:00 PM 30,720 plustab.dll
    08/22/2001 05:00 PM 61,172 cmmgr32.hlp
    08/22/2001 05:00 PM 240,120 setup.bmp
    08/22/2001 05:00 PM 64 cmos.ram
    08/22/2001 05:00 PM 14,336 cmpbk32.dll
    08/22/2001 05:00 PM 414,208 setupdll.dll
    08/22/2001 05:00 PM 42,809 key01.sys
    08/22/2001 05:00 PM 33,280 ping6.exe
    08/22/2001 05:00 PM 11,753 setver.exe
    08/22/2001 05:00 PM 60,458 ideograf.uce
    08/22/2001 05:00 PM 9,728 sfc.exe
    08/22/2001 05:00 PM 2,000 keyboard.drv
    08/22/2001 05:00 PM 69,120 olethk32.dll
    08/22/2001 05:00 PM 23,552 sfmapi.dll
    08/22/2001 05:00 PM 14,848 shadow.exe
    08/22/2001 05:00 PM 882 share.exe
    08/22/2001 05:00 PM 69,120 mprddm.dll
    08/22/2001 05:00 PM 54,784 icmui.dll
    08/22/2001 05:00 PM 5,120 shell.dll
    08/22/2001 05:00 PM 99,840 mprmsg.dll
    08/22/2001 05:00 PM 435,712 shellstyle.dll
    08/22/2001 05:00 PM 16,384 icfgnt5.dll
    08/22/2001 05:00 PM 47,104 mprui.dll
    08/22/2001 05:00 PM 16,740 shiftjis.uce
    08/22/2001 05:00 PM 253,952 neth.dll
    08/22/2001 05:00 PM 26,112 ntdsbcli.dll
    08/22/2001 05:00 PM 59,392 iassvcs.dll
    08/22/2001 05:00 PM 247,808 iassdo.dll
    08/22/2001 05:00 PM 86,528 iassam.dll
    08/22/2001 05:00 PM 141,312 iasrecst.dll
    08/22/2001 05:00 PM 17,920 iaspolcy.dll
    08/22/2001 05:00 PM 62,464 iasnap.dll
    08/22/2001 05:00 PM 32,256 iashlpr.dll
    08/22/2001 05:00 PM 41,472 iasads.dll
    08/22/2001 05:00 PM 23,552 iasacct.dll
    08/22/2001 05:00 PM 22,016 olesvr32.dll
    08/22/2001 05:00 PM 214,016 netevent.dll
    08/22/2001 05:00 PM 13,824 sisbkup.dll
    08/22/2001 05:00 PM 5,632 skdll.dll
    08/22/2001 05:00 PM 44,544 hticons.dll
    08/22/2001 05:00 PM 6,656 kbdsg.dll
    08/22/2001 05:00 PM 10,752 mqcertui.dll
    08/22/2001 05:00 PM 35,328 pifmgr.dll
    08/22/2001 05:00 PM 14,848 slbrccsp.dll
    08/22/2001 05:00 PM 60,928 mqgentr.dll
    08/22/2001 05:00 PM 673,088 mlang.dat
    08/22/2001 05:00 PM 48,794 ntimage.gif
    08/22/2001 05:00 PM 6,656 kbdsl.dll
    08/22/2001 05:00 PM 57,856 ntlanui.dll
    08/22/2001 05:00 PM 138,752 sndvol32.exe
    08/22/2001 05:00 PM 109,456 avifile.dll
    08/22/2001 05:00 PM 6,656 kbdsl1.dll
    08/22/2001 05:00 PM 5,632 softpub.dll
    08/22/2001 05:00 PM 14,336 ntlanui2.dll
    08/22/2001 05:00 PM 24,064 olesvr.dll
    08/22/2001 05:00 PM 36,864 ntmsevt.dll
    08/22/2001 05:00 PM 1,744 sound.drv
    08/22/2001 05:00 PM 81,408 mqoa.tlb
    08/22/2001 05:00 PM 108,464 netapi.dll
    08/22/2001 05:00 PM 12,876 korean.uce
    08/22/2001 05:00 PM 5,632 kbdur.dll
    08/22/2001 05:00 PM 2,732 perfwci.ini
    08/22/2001 05:00 PM 435 perfwci.h
    08/22/2001 05:00 PM 26,209 ntmsmgr.msc
    08/22/2001 05:00 PM 9,728 sprestrt.exe
    08/22/2001 05:00 PM 12,288 perfts.dll
    08/22/2001 05:00 PM 11,264 atrace.dll
    08/22/2001 05:00 PM 82,944 olecli.dll
    08/22/2001 05:00 PM 24,661 spxcoins.dll
    08/22/2001 05:00 PM 46,133 sqlsodbc.chm
    08/22/2001 05:00 PM 16,384 avmeter.dll
    08/22/2001 05:00 PM 36,864 mqoa10.tlb
    08/22/2001 05:00 PM 102,446 net.hlp
    08/22/2001 05:00 PM 24,603 sqlwid.dll
    08/22/2001 05:00 PM 49,179 sqlwoa.dll
    08/22/2001 05:00 PM 51,712 migpwd.exe
    08/22/2001 05:00 PM 6,144 kbdsp.dll
    08/22/2001 05:00 PM 83,456 l3codecx.ax
    08/22/2001 05:00 PM 16,896 oleaccrc.dll
    08/22/2001 05:00 PM 163,328 oleacc.dll
    08/22/2001 05:00 PM 5,632 perfnw.dll
    08/22/2001 05:00 PM 34,816 atmpvcno.dll
    08/22/2001 05:00 PM 7,680 hostname.exe
    08/22/2001 05:00 PM 55,296 mqoa20.tlb
    08/22/2001 05:00 PM 8,192 mqperf.dll
    08/22/2001 05:00 PM 9,728 label.exe
    08/22/2001 05:00 PM 14,848 hnetmon.dll
    08/22/2001 05:00 PM 4,768 himem.sys
    08/22/2001 05:00 PM 32,768 cnetcfg.dll
    08/22/2001 05:00 PM 10,110 mqperf.ini
    08/22/2001 05:00 PM 4,208 storage.dll
    08/22/2001 05:00 PM 2,755 mqprfsym.h
    08/22/2001 05:00 PM 12,800 mrinfo.exe
    08/22/2001 05:00 PM 26,624 cnvfat.dll
    08/22/2001 05:00 PM 21,232 graphics.pro
    08/22/2001 05:00 PM 93,702 subrange.uce
    08/22/2001 05:00 PM 9,216 subst.exe
    08/22/2001 05:00 PM 19,694 graphics.com
    08/22/2001 05:00 PM 6,144 svcpack.dll
    08/22/2001 05:00 PM 138,752 swprv.dll
    08/22/2001 05:00 PM 26,112 graftabl.com
    08/22/2001 05:00 PM 51,200 syncapp.exe
    08/22/2001 05:00 PM 57,344 gpupdate.exe
    08/22/2001 05:00 PM 153,008 ole2nls.dll
    08/22/2001 05:00 PM 7,680 ncxpnt.dll
    08/22/2001 05:00 PM 18,896 sysedit.exe
    08/22/2001 05:00 PM 15,872 sysinv.dll
    08/22/2001 05:00 PM 36,864 syskey.exe
    08/22/2001 05:00 PM 102,912 msaatext.dll
    08/22/2001 05:00 PM 34,871 gpedit.msc
    08/22/2001 05:00 PM 3,214 sysprint.sep
    08/22/2001 05:00 PM 6,144 kbdsw.dll
    08/22/2001 05:00 PM 6,144 kbdpo.dll
    08/22/2001 05:00 PM 3,577 sysprtj.sep
    08/22/2001 05:00 PM 285,184 glmf32.dll
    08/22/2001 05:00 PM 3,360 system.drv
    08/22/2001 05:00 PM 605,696 getuname.dll
    08/22/2001 05:00 PM 3,072 systray.exe
    08/22/2001 05:00 PM 24,772 geo.nls
    08/22/2001 05:00 PM 19,200 tapi.dll
    08/22/2001 05:00 PM 61,168 msacm.dll
    08/22/2001 05:00 PM 24,576 gdi.exe
    08/22/2001 05:00 PM 5,632 tapiperf.dll
    08/22/2001 05:00 PM 5,632 kbdro.dll
    08/22/2001 05:00 PM 78,848 tapiui.dll
    08/22/2001 05:00 PM 24,006 gb2312.uce
    08/22/2001 05:00 PM 41,472 g711codc.ax
    08/22/2001 05:00 PM 15,360 taskman.exe
    08/22/2001 05:00 PM 176,128 ftsrch.dll
    08/22/2001 05:00 PM 12,288 tcmsetup.exe
    08/22/2001 05:00 PM 56,320 fsutil.exe
    08/22/2001 05:00 PM 81,408 fsusd.dll
    08/22/2001 05:00 PM 20,480 nbtstat.exe
    08/22/2001 05:00 PM 32,760 fsmgmt.msc
    08/22/2001 05:00 PM 19,456 tcpsvcs.exe
    08/22/2001 05:00 PM 13,312 atkctrs.dll
    08/22/2001 05:00 PM 28,160 telephon.cpl
    08/22/2001 05:00 PM 35,840 narrhook.dll
    08/22/2001 05:00 PM 20,480 msacm32.drv
    08/22/2001 05:00 PM 16,384 fmifs.dll
    08/22/2001 05:00 PM 5,632 kbdru.dll
    08/22/2001 05:00 PM 16,896 tftp.exe
    08/22/2001 05:00 PM 21,504 pathping.exe
    08/22/2001 05:00 PM 169,520 ole2disp.dll
    08/22/2001 05:00 PM 3,072 fixmapi.exe
    08/22/2001 05:00 PM 4,048 timer.drv
    08/22/2001 05:00 PM 9,216 finger.exe
    08/22/2001 05:00 PM 9,216 find.exe
    08/22/2001 05:00 PM 14,848 fc.exe
    08/22/2001 05:00 PM 882 fastopen.exe
    08/22/2001 05:00 PM 13,888 toolhelp.dll
    08/22/2001 05:00 PM 15,872 expand.exe
    08/22/2001 05:00 PM 8,424 exe2bin.exe
    08/22/2001 05:00 PM 31,744 tracert6.exe
    08/22/2001 05:00 PM 31,232 traffic.dll
    08/22/2001 05:00 PM 39,744 ole2.dll
    08/22/2001 05:00 PM 56,678 eventvwr.msc
    08/22/2001 05:00 PM 52,224 tsappcmp.dll
    08/22/2001 05:00 PM 8,704 eventvwr.exe
    08/22/2001 05:00 PM 97,965 eventquery.vbs
    08/22/2001 05:00 PM 14,848 tscon.exe
    08/22/2001 05:00 PM 15,360 tsd32.dll
    08/22/2001 05:00 PM 33,280 eventcls.dll
    08/22/2001 05:00 PM 14,848 tsdiscon.exe
    08/22/2001 05:00 PM 29,338 eula.txt
    08/22/2001 05:00 PM 16,384 tskill.exe
    08/22/2001 05:00 PM 3,286 tslabels.h
    08/22/2001 05:00 PM 13,223 tslabels.ini
    08/22/2001 05:00 PM 3,584 comcat.dll
    08/22/2001 05:00 PM 16,896 tsshutdn.exe
    08/22/2001 05:00 PM 8,192 tssoft32.acm
    08/22/2001 05:00 PM 65,024 msaudite.dll
    08/22/2001 05:00 PM 90,112 mycomput.dll
    08/22/2001 05:00 PM 39,424 esentutl.exe
    08/22/2001 05:00 PM 7,168 mscat32.dll
    08/22/2001 05:00 PM 817 mscdexnt.exe
    08/22/2001 05:00 PM 1,015,477 esentprf.ini
    08/22/2001 05:00 PM 177,856 typelib.dll
    08/22/2001 05:00 PM 36,352 typeperf.exe
    08/22/2001 05:00 PM 58,273 perfmon.msc
    08/22/2001 05:00 PM 6,708 esentprf.hxx
    08/22/2001 05:00 PM 46,258 mib.bin
    08/22/2001 05:00 PM 17,408 esentprf.dll
    08/22/2001 05:00 PM 82,432 ufat.dll
    08/22/2001 05:00 PM 42,339 certmgr.msc
    08/22/2001 05:00 PM 1,114,896 esent97.dll
    08/22/2001 05:00 PM 103,424 EqnClass.Dll
    08/22/2001 05:00 PM 13,312 umdmxfrm.dll
    08/22/2001 05:00 PM 89,600 langwrbk.dll
    08/22/2001 05:00 PM 89,588 unicode.nls
    08/22/2001 05:00 PM 10,544 comm.drv
    08/22/2001 05:00 PM 127,213 ega.cpi
    08/22/2001 05:00 PM 12,642 edlin.exe
    08/22/2001 05:00 PM 4,096 unlodctr.exe
    08/22/2001 05:00 PM 10,790 edit.hlp
    08/22/2001 05:00 PM 69,886 edit.com
    08/22/2001 05:00 PM 26,624 msxmlr.dll
    08/22/2001 05:00 PM 50,620 command.com
    08/22/2001 05:00 PM 32,816 commdlg.dll
    08/22/2001 05:00 PM 15,872 comp.exe
    08/22/2001 05:00 PM 17,920 ureg.dll
    08/22/2001 05:00 PM 32,256 asr_ldm.exe
    08/22/2001 05:00 PM 114 pcl.sep
    08/22/2001 05:00 PM 218,003 dssec.dat
    08/22/2001 05:00 PM 37,916 msxml2r.dll
    08/22/2001 05:00 PM 47,872 user.exe
    08/22/2001 05:00 PM 81 dsound.vxd
    08/22/2001 05:00 PM 62,976 dsauth.dll
    08/22/2001 05:00 PM 6,761 oembios.sig
    08/22/2001 05:00 PM 45,568 drwtsn32.exe
    08/22/2001 05:00 PM 4,463 oembios.dat
    08/22/2001 05:00 PM 13,107,200 oembios.bin
    08/22/2001 05:00 PM 19,456 arp.exe
    08/22/2001 05:00 PM 28,112 drwatson.exe
    08/22/2001 05:00 PM 221,600 lanman.drv
    08/22/2001 05:00 PM 768 msdtcprf.h
    08/22/2001 05:00 PM 1,161 usrlogon.cmd
    08/22/2001 05:00 PM 126,912 msvideo.dll
    08/22/2001 05:00 PM 12,498 append.exe
    08/22/2001 05:00 PM 102,912 apcups.dll
    08/22/2001 05:00 PM 9,029 ansi.sys
    08/22/2001 05:00 PM 1,931 msdtcprf.ini
    08/22/2001 05:00 PM 25,600 msvidc32.dll
    08/22/2001 05:00 PM 5,632 kbdtat.dll
    08/22/2001 05:00 PM 272,128 perfi009.dat
    08/22/2001 05:00 PM 253,952 msvcrt20.dll
    08/22/2001 05:00 PM 32,968 ntmsoprq.msc
    08/22/2001 05:00 PM 25,600 utildll.dll
    08/22/2001 05:00 PM 42,768 dpwsock.dll
    08/22/2001 05:00 PM 29,696 lights.exe
    08/22/2001 05:00 PM 227,840 avtapi.dll
    08/22/2001 05:00 PM 18,832 v7vga.rom
    08/22/2001 05:00 PM 1,152 perffilt.ini
    08/22/2001 05:00 PM 30,160 compobj.dll
    08/22/2001 05:00 PM 53,520 dpserial.dll
    08/22/2001 05:00 PM 2,577 CONFIG.TMP
    08/22/2001 05:00 PM 61,952 dpnwsock.dll
    08/22/2001 05:00 PM 62,464 dpnmodem.dll
    08/22/2001 05:00 PM 5,632 kbduk.dll
    08/22/2001 05:00 PM 7,680 vcdex.dll
    08/22/2001 05:00 PM 94,282 msencode.dll
    08/22/2001 05:00 PM 565,760 msvcp50.dll
    08/22/2001 05:00 PM 66,560 console.dll
    08/22/2001 05:00 PM 9,008 ver.dll
    08/22/2001 05:00 PM 33,040 dplay.dll
    08/22/2001 05:00 PM 8,192 cidaemon.exe
    08/22/2001 05:00 PM 98,304 verifier.exe
    08/22/2001 05:00 PM 1,355,776 msvbvm50.dll
    08/22/2001 05:00 PM 20,535 vfpodbc.dll
    08/22/2001 05:00 PM 9,344 vga.dll
    08/22/2001 05:00 PM 2,176 vga.drv
    08/22/2001 05:00 PM 51,456 vga256.dll
    08/22/2001 05:00 PM 18,176 vga64k.dll
    08/22/2001 05:00 PM 75 View Channels.scf
    08/22/2001 05:00 PM 20,992 msg.exe
    08/22/2001 05:00 PM 4,608 vjoy.dll
    08/22/2001 05:00 PM 25,088 lnkstub.exe
    08/22/2001 05:00 PM 2,151 12520437.cpx
    08/22/2001 05:00 PM 33,792 vssadmin.exe
    08/22/2001 05:00 PM 10,752 doskey.exe
    08/22/2001 05:00 PM 46,080 docprop.dll
    08/22/2001 05:00 PM 16,896 vss_ps.dll
    08/22/2001 05:00 PM 19,456 vwipxspx.dll
    08/22/2001 05:00 PM 1,129 vwipxspx.exe
    08/22/2001 05:00 PM 9,216 msg711.acm
    08/22/2001 05:00 PM 19,968 msgsm32.acm
    08/22/2001 05:00 PM 49,664 w32tm.exe
    08/22/2001 05:00 PM 22,016 w32topl.dll
    08/22/2001 05:00 PM 17,408 compact.exe
    08/22/2001 05:00 PM 41,762 ciadv.msc
    08/22/2001 05:00 PM 163,328 ciadmin.dll
    08/22/2001 05:00 PM 65,489 wbcache.deu
    08/22/2001 05:00 PM 65,489 wbcache.enu
    08/22/2001 05:00 PM 65,489 wbcache.esn
    08/22/2001 05:00 PM 65,489 wbcache.fra
    08/22/2001 05:00 PM 65,489 wbcache.ita
    08/22/2001 05:00 PM 65,489 wbcache.nld
    08/22/2001 05:00 PM 65,489 wbcache.sve
    08/22/2001 05:00 PM 1,309,184 wbdbase.deu
    08/22/2001 05:00 PM 957,440 wbdbase.enu
    08/22/2001 05:00 PM 750,080 wbdbase.esn
    08/22/2001 05:00 PM 786,944 wbdbase.fra
    08/22/2001 05:00 PM 867,840 wbdbase.ita
    08/22/2001 05:00 PM 1,095,680 wbdbase.nld
    08/22/2001 05:00 PM 937,984 wbdbase.sve
    08/22/2001 05:00 PM 140 perffilt.h
    08/22/2001 05:00 PM 6,144 kbdtuf.dll
    08/22/2001 05:00 PM 61,440 dmview.ocx
    08/22/2001 05:00 PM 4,096 wdl.trm
    08/22/2001 05:00 PM 19,456 dmocx.dll
    08/22/2001 05:00 PM 6,656 msswchx.exe
    08/22/2001 05:00 PM 18,432 dmintf.dll
    08/22/2001 05:00 PM 13,312 msswch.dll
    08/22/2001 05:00 PM 40,448 webhits.dll
    08/22/2001 05:00 PM 118,784 dmdskres.dll
    08/22/2001 05:00 PM 330,752 dmconfig.dll
    08/22/2001 05:00 PM 13,600 wfwnet.drv
    08/22/2001 05:00 PM 4,608 dllhst3g.exe
    08/22/2001 05:00 PM 17,920 diskperf.exe
    08/22/2001 05:00 PM 33,673 diskmgmt.msc
    08/22/2001 05:00 PM 7,168 diskcopy.com
    08/22/2001 05:00 PM 9,216 diskcomp.com
    08/22/2001 05:00 PM 44,032 dimap.dll
    08/22/2001 05:00 PM 394,240 diactfrm.dll
    08/22/2001 05:00 PM 40,448 wiasf.ax
    08/22/2001 05:00 PM 74,240 dhcpsapi.dll
    08/22/2001 05:00 PM 85,020 dgsetup.dll
    08/22/2001 05:00 PM 145,408 wiavusd.dll
    08/22/2001 05:00 PM 9,216 wifeman.dll
    08/22/2001 05:00 PM 18,432 win.com
    08/22/2001 05:00 PM 4,608 mssip32.dll
    08/22/2001 05:00 PM 176,157 dgrpsetu.dll
    08/22/2001 05:00 PM 13,312 win87em.dll
    08/22/2001 05:00 PM 35,840 mssign32.dll
    08/22/2001 05:00 PM 35,328 winchat.exe
    08/22/2001 05:00 PM 11,264 chkntfs.exe
    08/22/2001 05:00 PM 51,200 dfrgres.dll
    08/22/2001 05:00 PM 161,792 adsnds.dll
    08/22/2001 05:00 PM 9,216 winfax.dll
    08/22/2001 05:00 PM 1,131 loadfix.com
    08/22/2001 05:00 PM 32,674 winhelp.hlp
    08/22/2001 05:00 PM 8,192 winhlp32.exe
    08/22/2001 05:00 PM 41,397 dfrg.msc
    08/22/2001 05:00 PM 11,776 chkdsk.exe
    08/22/2001 05:00 PM 33,079 devmgmt.msc
    08/22/2001 05:00 PM 2 desktop.ini
    08/22/2001 05:00 PM 18,432 deskperf.dll
    08/22/2001 05:00 PM 11,776 winmsd.exe
    08/22/2001 05:00 PM 14,848 msidntld.dll
    08/22/2001 05:00 PM 16,896 deskmon.dll
    08/22/2001 05:00 PM 2,080 winoldap.mod
    08/22/2001 05:00 PM 16,384 deskadp.dll
    08/22/2001 05:00 PM 20,634 debug.exe
    08/22/2001 05:00 PM 39,424 ddeml.dll
    08/22/2001 05:00 PM 2,864 winsock.dll
    08/22/2001 05:00 PM 847,872 dbgeng.dll
    08/22/2001 05:00 PM 2,112 winspool.exe
    08/22/2001 05:00 PM 28,746 msrecr40.dll
    08/22/2001 05:00 PM 47,616 d3dxof.dll
    08/22/2001 05:00 PM 18,944 winstrm.dll
    08/22/2001 05:00 PM 350,208 d3drm.dll
    08/22/2001 05:00 PM 590,336 d3dramp.dll
    08/22/2001 05:00 PM 15,360 pentnt.exe
    08/22/2001 05:00 PM 34,816 d3dpmesh.dll
    08/22/2001 05:00 PM 436,224 d3dim.dll
    08/22/2001 05:00 PM 196,642 c_950.nls
    08/22/2001 05:00 PM 196,642 c_949.nls
    08/22/2001 05:00 PM 31,744 ntsd.exe
    08/22/2001 05:00 PM 5,120 lodctr.exe
    08/22/2001 05:00 PM 73,802 msrclr40.dll
    08/22/2001 05:00 PM 36,864 ntsdexts.dll
    08/22/2001 05:00 PM 50,176 loghours.dll
    08/22/2001 05:00 PM 28,626 perfd009.dat
    08/22/2001 05:00 PM 15,360 logoff.exe
    08/22/2001 05:00 PM 6,144 lpq.exe
    08/22/2001 05:00 PM 51,200 wmerrenu.dll
    08/22/2001 05:00 PM 8,192 lpr.exe
    08/22/2001 05:00 PM 80,384 charmap.exe
    08/22/2001 05:00 PM 9,216 lprmonui.dll
    08/22/2001 05:00 PM 63,488 wmimgmt.msc
    08/22/2001 05:00 PM 18,944 wmiprop.dll
    08/22/2001 05:00 PM 55,808 wmiscmgr.dll
    08/22/2001 05:00 PM 6,144 kbdtuq.dll
    08/22/2001 05:00 PM 60,416 msratelc.dll
    08/22/2001 05:00 PM 7,168 msr2cenu.dll
    08/22/2001 05:00 PM 10,752 clb.dll
    08/22/2001 05:00 PM 196,642 c_936.nls
    08/22/2001 05:00 PM 162,850 c_932.nls
    08/22/2001 05:00 PM 42,166 lusrmgr.msc
    08/22/2001 05:00 PM 69,632 msr2c.dll
    08/22/2001 05:00 PM 2,560 lz32.dll
    08/22/2001 05:00 PM 66,082 c_875.nls
    08/22/2001 05:00 PM 9,936 lzexpand.dll
    08/22/2001 05:00 PM 126,464 nwscript.exe
    08/22/2001 05:00 PM 66,594 c_874.nls
    08/22/2001 05:00 PM 168 l_except.nls
    08/22/2001 05:00 PM 7,046 l_intl.nls
    08/22/2001 05:00 PM 6,144 nwevent.dll
    08/22/2001 05:00 PM 66,594 c_869.nls
    08/22/2001 05:00 PM 20,480 nwcfg.dll
    08/22/2001 05:00 PM 66,594 c_866.nls
    08/22/2001 05:00 PM 8,192 mag_hook.dll
    08/22/2001 05:00 PM 36,864 nwc.cpl
    08/22/2001 05:00 PM 187,904 main.cpl
    08/22/2001 05:00 PM 66,594 c_865.nls
    08/22/2001 05:00 PM 66,594 c_863.nls
    08/22/2001 05:00 PM 17,408 nwapi16.dll
    08/22/2001 05:00 PM 3,252 nw16.exe
    08/22/2001 05:00 PM 112,128 mapi32.dll
    08/22/2001 05:00 PM 28,420 bios1.rom
    08/22/2001 05:00 PM 8,191 bios4.rom
    08/22/2001 05:00 PM 112,128 mapistub.dll
    08/22/2001 05:00 PM 66,594 c_861.nls
    08/22/2001 05:00 PM 10,240 mcd32.dll
    08/22/2001 05:00 PM 10,496 mcdsrv32.dll
    08/22/2001 05:00 PM 4,608 mchgrcoi.dll
    08/22/2001 05:00 PM 73,376 mciavi.drv
    08/22/2001 05:00 PM 66,594 c_860.nls
    08/22/2001 05:00 PM 2,736 wowdeb.exe
    08/22/2001 05:00 PM 10,368 wowexec.exe
    08/22/2001 05:00 PM 41,984 msports.dll
    08/22/2001 05:00 PM 66,594 c_857.nls
    08/22/2001 05:00 PM 4,608 bootok.exe
    08/22/2001 05:00 PM 12,288 bootvid.dll
    08/22/2001 05:00 PM 5,120 bootvrfy.exe
    08/22/2001 05:00 PM 22,984 bopomofo.uce
    08/22/2001 05:00 PM 2,891 perfci.ini
    08/22/2001 05:00 PM 17,408 mcicda.dll
    08/22/2001 05:00 PM 8,192 mciole16.dll
    08/22/2001 05:00 PM 7,680 mciole32.dll
    08/22/2001 05:00 PM 25,264 mciseq.drv
    08/22/2001 05:00 PM 66,594 c_855.nls
    08/22/2001 05:00 PM 5,632 write.exe
    08/22/2001 05:00 PM 66,594 c_852.nls
    08/22/2001 05:00 PM 66,594 c_850.nls
    08/22/2001 05:00 PM 66,594 c_775.nls
    08/22/2001 05:00 PM 26,112 adptif.dll
    08/22/2001 05:00 PM 66,594 c_737.nls
    08/22/2001 05:00 PM 66,082 c_500.nls
    08/22/2001 05:00 PM 66,594 c_437.nls
    08/22/2001 05:00 PM 9,216 wshatm.dll
    08/22/2001 05:00 PM 66,082 c_28605.nls
    08/22/2001 05:00 PM 28,160 mciwave.drv
    08/22/2001 05:00 PM 50,176 mdhcp.dll
    08/22/2001 05:00 PM 66,082 c_28599.nls
    08/22/2001 05:00 PM 11,776 wshisn.dll
    08/22/2001 05:00 PM 7,168 wshnetbs.dll
    08/22/2001 05:00 PM 66,082 c_28598.nls
    08/22/2001 05:00 PM 66,082 C_28597.NLS
    08/22/2001 05:00 PM 66,082 C_28595.NLS
    08/22/2001 05:00 PM 66,082 C_28594.NLS
    08/22/2001 05:00 PM 66,082 c_28593.nls
    08/22/2001 05:00 PM 66,082 c_28592.nls
    08/22/2001 05:00 PM 66,082 c_28591.nls
    08/22/2001 05:00 PM 66,082 c_21866.nls
    08/22/2001 05:00 PM 66,082 c_20905.nls
    08/22/2001 05:00 PM 5,632 kbdru1.dll
    08/22/2001 05:00 PM 66,082 c_20866.nls
    08/22/2001 05:00 PM 139,810 c_20261.nls
    08/22/2001 05:00 PM 111,104 activeds.tlb
    08/22/2001 05:00 PM 66,082 c_20127.nls
    08/22/2001 05:00 PM 66,082 c_1258.nls
    08/22/2001 05:00 PM 7,680 ckcnv.exe
    08/22/2001 05:00 PM 33,280 msobjs.dll
    08/22/2001 05:00 PM 129,536 acledit.dll
    08/22/2001 05:00 PM 66,082 c_1257.nls
    08/22/2001 05:00 PM 61,952 acelpdec.ax
    08/22/2001 05:00 PM 66,082 c_1256.nls
    08/22/2001 05:00 PM 66,082 c_1255.nls
    08/22/2001 05:00 PM 66,082 c_1254.nls
    08/22/2001 05:00 PM 66,082 c_1253.nls
    08/22/2001 05:00 PM 64,512 acctres.dll
    08/22/2001 05:00 PM 66,082 c_1252.nls
    08/22/2001 05:00 PM 39,274 mem.exe
    08/22/2001 05:00 PM 924,432 mfc40.dll
    08/22/2001 05:00 PM 6,144 kbdsf.dll
    08/22/2001 05:00 PM 76,800 gcdef.dll
    08/22/2001 05:00 PM 427 perfci.h
    08/22/2001 05:00 PM 32,256 wupdmgr.exe
    08/22/2001 05:00 PM 7,680 chcp.com
    08/22/2001 05:00 PM 25,600 aaaamon.dll
    08/22/2001 05:00 PM 64,000 avicap32.dll
    08/22/2001 05:00 PM 66,082 c_1251.nls
    08/22/2001 05:00 PM 35,840 ncpa.cpl
    08/22/2001 05:00 PM 2,233 12520850.cpx
    08/22/2001 05:00 PM 66,082 c_1250.nls
    08/22/2001 05:00 PM 66,082 c_1026.nls
    08/22/2001 05:00 PM 66,082 c_10082.nls
    08/22/2001 05:00 PM 66,082 c_10081.nls
    08/22/2001 05:00 PM 66,082 c_10079.nls
    08/22/2001 05:00 PM 66,082 c_10029.nls
    08/22/2001 05:00 PM 66,082 c_10017.nls
    08/22/2001 05:00 PM 66,082 c_10010.nls
    08/22/2001 05:00 PM 66,082 c_10007.nls
    08/22/2001 05:00 PM 66,082 c_10006.nls
    08/22/2001 05:00 PM 66,082 c_10000.nls
    08/22/2001 05:00 PM 66,082 c_037.nls
    08/22/2001 05:00 PM 8,386 ctype.nls
    08/22/2001 05:00 PM 73,216 avwav.dll
    08/22/2001 05:00 PM 27,200 ctl3dv2.dll
    08/22/2001 05:00 PM 27,136 ctl3d32.dll
    08/22/2001 05:00 PM 73,728 csseqchk.dll
    08/22/2001 05:00 PM 38,302 compmgmt.msc
    08/22/2001 05:00 PM 27,648 ccfgnt.dll
    08/22/2001 05:00 PM 21,504 ipxrip.dll
    08/22/2001 05:00 PM 149,019 crtdll.dll
    08/22/2001 05:00 PM 27,097 country.sys
    08/22/2001 05:00 PM 13,824 convert.exe
    08/22/2001 05:00 PM 8,192 control.exe
    08/18/2001 03:36 AM 5,632 ptpusb.dll
    07/06/2001 04:30 PM 3,399 hptcpmon.ini
    05/23/2000 10:45 PM 118,784 MSSTDFMT.DLL
    05/11/2000 01:06 PM 397,312 MSRDO20.DLL
    04/03/2000 05:52 PM 151,552 RDOCURS.DLL
    11/24/1999 06:40 PM 40,960 VBAME.DLL
    01/05/1999 05:30 PM 225,280 VSFLEX3.OCX
    08/09/1998 11:07 AM 94,208 MSSTKPRP.DLL
    06/24/1998 12:00 AM 260,920 MSDATGRD.OCX
    06/17/1998 07:08 PM 53,248 MFC42ENU.DLL
    03/24/1998 09:54 PM 15,872 SCP32.DLL
    03/24/1998 01:44 PM 24,848 VBAEND32.OLB
    03/24/1998 01:44 PM 24,848 VBAEN32.OLB
    12/03/1996 02:50 PM 37,376 VEN2232.OLB
    2158 File(s) 553,367,354 bytes
    0 Dir(s) 61,396,725,760 bytes free

  7. #27
    Senior Member
    Join Date
    Jun 2008
    Location
    Finland
    Posts
    120

    Default

    Hi,

    Step 1

    Press Start -> My Computer -> Local Disk (C)
    Locate the following folder using the path below. If found please delete.
    C:\Program Files\LimeWire

    Step 2

    Please download Malwarebytes Anti-Malware and save it to your desktop.
    alternate download link 1
    alternate download link 2
    • Make sure you are connected to the Internet.
    • Double-click on mbam-setup.exe to install the application.
    • When the installation begins, follow the prompts and do not make any changes to default settings.
    • When installation has finished, make sure you leave both of these checked:
      • Update Malwarebytes' Anti-Malware
      • Launch Malwarebytes' Anti-Malware
    • Then click Finish.
    • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
    • On the Scanner tab:
      • Make sure the "Perform Full Scan" option is selected.
      • Then click on the Scan button.
    • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
    • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
    • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
    • Click OK to close the message box and continue with the removal process.
    • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
    • Make sure that everything is checked, and click Remove Selected.
    • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
    • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
    • Copy and paste the contents of that report in your next reply and exit MBAM.
    Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

    Step 3

    Please post a fresh HijackThis log and Malwarebytes' Anti-Malware log.

  8. #28
    Junior Member
    Join Date
    Sep 2008
    Posts
    21

    Default

    There was no Limewire folder to remove. Here are the logs.

    Malwarebytes'

    Malwarebytes' Anti-Malware 1.28
    Database version: 1240
    Windows 5.1.2600 Service Pack 3

    10/7/2008 4:49:25 PM
    mbam-log-2008-10-07 (16-49-25).txt

    Scan type: Full Scan (C:\|)
    Objects scanned: 165263
    Time elapsed: 24 minute(s), 43 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 1
    Files Infected: 3

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    C:\resycled (Trojan.DNSChanger) -> Quarantined and deleted successfully.

    Files Infected:
    C:\Documents and Settings\Matthew\Application Data\Adobe\Manager.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\System Volume Information\_restore{20303F20-1390-41C6-87BA-1DA68AA32B12}\RP84\A0010279.exe (Trojan.DNSChanger) -> Quarantined and deleted successfully.
    C:\resycled\boot.com (Trojan.DNSChanger) -> Quarantined and deleted
    successfully.

    HiJackThis

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 4:51:21 PM, on 10/7/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.20861)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
    C:\WINDOWS\system32\crypserv.exe
    C:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\LClock\LClock.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Pure Networks\Network Magic\nmapp.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\PROGRA~1\MI3AA1~1\rapimgr.exe
    C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\AIM\aim.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [basicsmssmenu] "C:\Program Files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
    O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
    O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Basics Service - Seagate Technology LLC - C:\Program Files\Seagate\Basics\Service\SyncServicesBasics.exe
    O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MacDrive service (MacDriveService) - Mediafour Corporation - C:\Program Files\Mediafour\MacDrive 7\MacDriveService.exe
    O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
    O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

    --
    End of file - 10218 bytes

  9. #29
    Senior Member
    Join Date
    Jun 2008
    Location
    Finland
    Posts
    120

    Default

    Hi,

    How your computer running now?

    Step 1

    Looking over your log, it seems you don't have any evidence of an anti-virus software.

    Anti-virus software are programs that detect, cleanse, and erase harmful virus files on a computer, Web server, or network. Unchecked, virus files can unintentionally be forwarded to others, including trading partners and thereby spreading infection. Because new viruses regularly emerge, anti-virus software should be updated frequently. Anti-virus software can scan the computer memory and disk drives for malicious code. They can alert the user if a virus is present, and will clean, delete (or quarantine) infected files or directories. Please download a free anti-virus software from one these excellent vendors NOW:

    1) Antivir PersonalEdition Classic - Free anti-virus software for Windows. Free support.
    2) avast! 4 Home Edition - Anti-virus program for Windows. The home edition is freeware for noncommercial users.
    3) AVG Anti-Virus Free Edition - Free edition of the AVG anti-virus program for Windows.

    You should run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and results in program conflicts and false virus alerts.

    Step 2

    Please go to Kaspersky website and perform an online antivirus scan.

    1. Read through the requirements and privacy statement and click on Accept button.
    2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
    3. When the downloads have finished, click on Settings.
    4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      • Spyware, Adware, Dialers, and other potentially dangerous programs
        Archives
        Mail databases
    5. Click on My Computer under Scan.
    6. Once the scan is complete, it will display the results. Click on View Scan Report.
    7. You will see a list of infected items there. Click on Save Report As....
    8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
    9. Please post this log in your next reply.


    Step 3

    Please post a fresh HijackThis log and Kaspersky Online Scanner log.

  10. #30
    Senior Member
    Join Date
    Jun 2008
    Location
    Finland
    Posts
    120

    Default

    Hello!

    Do you still need help?

    It has been three days since my last post.

    Do you still need help with this?
    Do you need more time?
    Are you having problems following my instructions?

    Note: If after 48hrs you have not replied to this thread then it will have to be CLOSED!

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •