Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Qdrive, Qdrmodule11.exe, Imsorry Internet Speed Monitor, Explorer Not Starting


  • This topic is locked This topic is locked
13 replies to this topic

#1 sdittmar

sdittmar

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NY, USA
  • Local time:02:26 PM

Posted 01 January 2008 - 04:52 PM

Hello All,
Thanks in advance for any help you can offer. This would be a really bad time for me to have to format this particular computer.

Windows Explorer comes up at startup then dies. After retrying a couple of times it eventually stops trying. I am still able to use the Task Manager to Run programs, use the internet, etc I just have no desktop, taskbar, etc. The scenerio is the same in SafeMode and occurs the same way if I try to run explorer from the Run... command in Task Manager.
I also noticed that sometimes when using Internet Explorer now, a sidebar called IMSORRY Internet Speed Monitor shows up with some ads in it.
My AV and firewall, MS Live One Care, blocked qdrmodule11.exe from accessing the internet and raised a bunch of flags about infections right before this all turned bad. It deleted some stuff, but the problem persisted. I don't recall the name mentioned in those warnings, but I want to say it might be something like "Tcat" something or other...possibly.
I disabled qdrmodule11.exe from the startup using msconfig and in Program Files I deleted a folder called Qdrive with a qdrive program and dll and deleted a qdrmodule folder that contained qdrmodule11.exe. AdAware removed a bunch of things that it found bad, and SpyBot removed one registry entry for a tracking cookie. HouseCall AV found nothing as did McAfee Stinger. Also it might be worth noting that my computer no longer finds msconfig from the Run... command line as it used to. I'm not sure how else to open that particular utility.
Here is the HiJackThis output:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:04:16 PM, on 1/1/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe
C:\Program Files\Logitech\Music Anywhere\LMASysTray.exe
C:\Program Files\Microsoft Windows Feedback Panel\wfpuser.exe
C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Microsoft Windows Feedback Panel\wfpasieve.exe
C:\Program Files\Microsoft Windows Feedback Panel\wfpcore.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Microsoft Windows Feedback Panel\WFPService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Microsoft Windows OneCare Live\winss.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dealsea.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8080
R3 - URLSearchHook: URLSearchHook Class - {37D2CDBF-2AF4-44AA-8113-BD0D2DA3C2B8} - C:\Program Files\NZSearch\SearchEnh1.dll
O3 - Toolbar: ZeroBar - {F0F8ECBE-D460-4B34-B007-56A92E8F84A7} - C:\Program Files\NetZero\Toolbar.dll
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - Startup: BUFFALO NAS Navigator.lnk = C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Logitech Music Anywhere Settings.lnk = ?
O4 - Global Startup: WFPUser.lnk = C:\Program Files\Microsoft Windows Feedback Panel\wfpuser.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download web site with Free Download Manager - file://C:\Program Files\Free Download Manager\dlpage.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} - https://components.viewpoint.com/MTSInstall...l?noreloadredir
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15031/CTSUEng.cab
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) - http://www.lizardtech.com/download/files/w...ntrol_en_US.cab
O16 - DPF: {22945A69-1191-4DCF-9E6F-409BDE94D101} - http://www.solidworks.com/plugins/edrawing...cfm?Release=rel
O16 - DPF: {230C3D02-DA27-11D2-8612-00A0C93EEA3C} (SAXFile FileUpload ActiveX Control) - http://www.winkflash.com/photo/loaders/SAXFile.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {3C648A72-C49A-48EF-9F90-68EF13293F97} (Cacher Class) - http://www.midhudsonmls.com/XMLSearch/XMLCache.CAB
O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} (Microsoft Virtual Server VMRC Advanced Control) - https://www.microsoft.com/resources/virtual...iveXClient1.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (CwlscInstall Object) - https://scan.safety.live.com/resource/downl...lscbase1524.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1129869358906
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://192.168.1.111/activex/AxisCamControl.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4056/ftp...02/cpbrkpie.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.dotphoto.com/DPImageUploader.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://www.samsphotoclub.com/upload/FujifilmUploadClient.cab
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - https://media.pineconeresearch.com/ActiveX/...loadcontrol.cab
O16 - DPF: {E6644870-F140-11D4-B761-00D0B73F3C8E} (CamImage Class) - http://192.168.1.111/activex/AxisCamMotionControl.ocx
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) - http://pccheckup.dellfix.com/rel/35/install/gtdownde.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...739/mcfscan.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15033/CTPID.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 11390 bytes

Edited by sdittmar, 01 January 2008 - 04:54 PM.


BC AdBot (Login to Remove)

 


#2 sdittmar

sdittmar
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NY, USA
  • Local time:02:26 PM

Posted 08 January 2008 - 11:35 PM

Since its been a few days and I've been trying to fix this myself (with no luck), here's a new hijack this log. I believe at least part of what I have is called the Vundo or Virtumonde virus, and I'm having trouble getting rid of it entirely even when I remove all the registry entries for it and force delete the mljhf.dll and mljhf.exe files from the System32 folder...I'm hoping you guys can help me with that and anything else that needs to happen.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:30:21 PM, on 1/8/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Microsoft Windows Feedback Panel\WFPService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Microsoft Windows Feedback Panel\WFPUser.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Microsoft Windows Feedback Panel\wfpasieve.exe
C:\Program Files\Microsoft Windows Feedback Panel\wfpcore.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Logitech\Music Anywhere\LMASysTray.exe
C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched .exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\explorer.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dealsea.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:8080
F3 - REG:win.ini: load=C:\WINDOWS\system32\mljhf.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
O4 - Startup: BUFFALO NAS Navigator.lnk = C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Logitech Music Anywhere Settings.lnk = ?
O4 - Global Startup: WFPUser.lnk = C:\Program Files\Microsoft Windows Feedback Panel\wfpuser.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download web site with Free Download Manager - file://C:\Program Files\Free Download Manager\dlpage.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} - https://components.viewpoint.com/MTSInstall...l?noreloadredir
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15031/CTSUEng.cab
O16 - DPF: {22945A69-1191-4DCF-9E6F-409BDE94D101} - http://www.solidworks.com/plugins/edrawing...cfm?Release=rel
O16 - DPF: {230C3D02-DA27-11D2-8612-00A0C93EEA3C} (SAXFile FileUpload ActiveX Control) - http://www.winkflash.com/photo/loaders/SAXFile.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {3C648A72-C49A-48EF-9F90-68EF13293F97} (Cacher Class) - http://www.midhudsonmls.com/XMLSearch/XMLCache.CAB
O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} (Microsoft Virtual Server VMRC Advanced Control) - https://www.microsoft.com/resources/virtual...iveXClient1.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (CwlscInstall Object) - https://scan.safety.live.com/resource/downl...lscbase1524.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1129869358906
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://192.168.1.111/activex/AxisCamControl.cab
O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/4056/ftp...02/cpbrkpie.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.dotphoto.com/DPImageUploader.cab
O16 - DPF: {A8683C98-5341-421B-B23C-8514C05354F1} (FujifilmUploader Class) - http://www.samsphotoclub.com/upload/FujifilmUploadClient.cab
O16 - DPF: {E6644870-F140-11D4-B761-00D0B73F3C8E} (CamImage Class) - http://192.168.1.111/activex/AxisCamMotionControl.ocx
O16 - DPF: {E856B973-45FD-4559-8F82-EAB539144667} (Dell PC Checkup Installer Control) - http://pccheckup.dellfix.com/rel/35/install/gtdownde.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15033/CTPID.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 10460 bytes

#3 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:03:26 PM

Posted 13 January 2008 - 04:07 PM

Hello sdittmar and welcome to the BC HijackThis forum. I don't see any signs of viruses or malware in the log. It is clean. But then again, it it is Vundo, it can hide itself from HijackThis. Let's try a different scanner and see what we can find.

Download WinPFind35u.exe to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind35u on your desktop.

Note: You must be logged on to the system with an account that has Administrator privileges to run this program.
  • Close ALL OTHER PROGRAMS.
  • Open the WinPFind3u folder and double-click on WinPFind35U.exe to start the program.
  • In the Processes section click on All.
  • In the Drivers section click on Non-Microsoft.
  • Under Additional Scans click the checkboxes in front of the following items to select them:
    • Reg - BotCheck
      Reg - Session Manager Settings
      File - Additional Folder Scans
  • Do not change any other settings.
  • Now click the Run Scan button on the toolbar.
  • Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in.

If, after posting, the last line is not < End of Report > then the log is too big to fit into a single post and you will need to split it into multiple posts or attach it as a file.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#4 sdittmar

sdittmar
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NY, USA
  • Local time:02:26 PM

Posted 13 January 2008 - 10:41 PM

In addition to the results (file attached), just wanted to mention that since my last hijackthis post I have uninstalled and reinstalled MS Windows Live OneCare AV and in doing so it found and quarantined some files which seems to have alleviated the issue of explorer.exe constantly closing. Had tried this before but i guess they updated their definitions and were able to fix it now. But, a day or two later it stopped another trojan downloader and eventhough I uninstalled the Internet Speed Monitor thing I think I still saw it in some menu somewhere, though I've unfortunately forgotten where. And, I am still unable to run msconfig from the Run... command. So, I'm not 100% sure I'm out of the woods yet.

Attached Files



#5 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:03:26 PM

Posted 14 January 2008 - 01:23 AM

Hi sdittmar. The log looks clean. Just a few miscellaneous items to clean up.

Start WinPFind35U. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

[Registry - Non-Microsoft Only]
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
YN -> {02478D38-C3F9-4efb-9B51-7695ECA05670} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
YN -> AutorunsDisabled [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
[Registry - Additional Scans - Non-Microsoft Only]
< BotCheck > ->
*Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages
YN -> ICATI ->
< BotCheck > ->
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft ActiveSync\rapimgr.exe -> C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0\255.255 [C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft ActiveSync\WCESMgr.exe -> C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0\255.255 [C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft ActiveSync\wcescomm.exe -> C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0\255.255 [C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\VWDExpress.exe -> C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\VWDExpress.exe [C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\VWDExpress.exe:*:Enabled:Microsoft Visual Web Developer 2005 Express Edition]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Symantec\pcAnywhere\WinAw32.exe -> C:\Program Files\Symantec\pcAnywhere\WinAw32.exe [C:\Program Files\Symantec\pcAnywhere\WinAw32.exe:*:Enabled:pcAnywhere Main Executable]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Yahoo!\Messenger\YPager.exe -> C:\Program Files\Yahoo!\Messenger\YPager.exe [C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft ActiveSync\rapimgr.exe -> C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0\255.255 [C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft ActiveSync\WCESMgr.exe -> C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0\255.255 [C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\TVUPlayer\TVUPlayer.exe -> C:\Program Files\TVUPlayer\TVUPlayer.exe [C:\Program Files\TVUPlayer\TVUPlayer.exe:*:Enabled:TVU Player Component]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Steve Dittmar\Desktop\New Folder\HS-DHGL_210_001_us\LSUpdater.exe -> C:\Documents and Settings\Steve Dittmar\Desktop\New Folder\HS-DHGL_210_001_us\LSUpdater.exe [C:\Documents and Settings\Steve Dittmar\Desktop\New Folder\HS-DHGL_210_001_us\LSUpdater.exe:*:Enabled:BUFFALO HS-DHGL Updater Ver.2.10]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\SopCast\SopCast.exe -> C:\Program Files\SopCast\SopCast.exe [C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\SopCast\adv\SopAdver.exe -> C:\Program Files\SopCast\adv\SopAdver.exe [C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\DDD\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe -> C:\Program Files\DDD\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe [C:\Program Files\DDD\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe:*:Enabled:TriDef Media Player]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft ActiveSync\wcescomm.exe -> C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0\255.255 [C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager]
< Session Manager Environment Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment
*Path* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\Path
YN -> C:\Program Files\ATI Technologies\ATI Control Panel ->
YN -> C:\Program Files\Hugs98 ->
< Session Manager Environment Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment
[Files/Folders - Created Within 30 days]
YN -> fhjlm.ini -> %System32%\fhjlm.ini
YN -> fhjlm.ini2 -> %System32%\fhjlm.ini2
[Files/Folders - Modified Within 30 days]
YN -> d3d9caps.dat -> %System32%\d3d9caps.dat
YN -> fhjlm.ini -> %System32%\fhjlm.ini
YN -> fhjlm.ini2 -> %System32%\fhjlm.ini2
[Files Modified - Additional Folder Scans - Non-Microsoft Only]
YN -> Unos Coupon.mdi -> %UserDesktop%\Unos Coupon.mdi
[Empty Temp Folders]


The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here along with a new WinPFind35u scan.

For the WinPFind35u scan, just use the default settings and copy/paste the line in the codebox below into the editbox for Manual File or Registry Key Scans:
c:\windows\msconfig.* /s

I will review the information when it comes back in.

Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#6 sdittmar

sdittmar
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NY, USA
  • Local time:02:26 PM

Posted 15 January 2008 - 01:32 AM

Hello -
Below is the log from running the fix and the Winpfind35u scan results. The tool had to restart during the fix process, but it didn't seem abnormal. I noticed one of the files you had it move was my Pizzeria Unos coupon (a .mdi file). Did you suspect that of being tainted or did it just stand out as odd?

---FIX LOG---
[Registry - Non-Microsoft Only]
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\ deleted successfully.
[Registry - Additional Scans - Non-Microsoft Only]
Unable to delete registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages:ICATI .
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft ActiveSync\rapimgr.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft ActiveSync\WCESMgr.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft ActiveSync\wcescomm.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\VWDExpress.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Symantec\pcAnywhere\WinAw32.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Yahoo!\Messenger\YPager.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft ActiveSync\rapimgr.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft ActiveSync\WCESMgr.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\TVUPlayer\TVUPlayer.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Steve Dittmar\Desktop\New Folder\HS-DHGL_210_001_us\LSUpdater.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\SopCast\SopCast.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\SopCast\adv\SopAdver.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\DDD\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Microsoft ActiveSync\wcescomm.exe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\Path:C:\Program Files\ATI Technologies\ATI Control Panel deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\Path:C:\Program Files\Hugs98 deleted successfully.
[Files/Folders - Created Within 30 days]
C:\WINDOWS\System32\fhjlm.ini moved successfully.
C:\WINDOWS\System32\fhjlm.ini2 moved successfully.
[Files/Folders - Modified Within 30 days]
C:\WINDOWS\System32\d3d9caps.dat moved successfully.
File C:\WINDOWS\System32\fhjlm.ini not found!
File C:\WINDOWS\System32\fhjlm.ini2 not found!
[Files Modified - Additional Folder Scans - Non-Microsoft Only]
C:\Documents and Settings\Steve Dittmar\Desktop\Unos Coupon.mdi moved successfully.
[Empty Temp Folders]
C:\DOCUME~1\STEVED~1\LOCALS~1\Temp\ -> emptied.
C:\Documents and Settings\Steve Dittmar\Local Settings\Temporary Internet Files\Content.IE5\ -> emptied
RecycleBin -> emptied.
< End of log >
Created on 01142008_233807




---SCAN LOG---
WinPFind35 logfile created on: 1/15/2008 1:28:40 AM
WinPFind35U Version Beta22 Folder = C:\Documents and Settings\Steve Dittmar\My Documents\My Downloads\WinPFind35u
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)

767.23 Mb Total Physical Memory | 229.88 Mb Available Physical Memory | 29.96% Memory free
1.83 Gb Paging File | 1.22 Gb Available in Paging File | 66.47% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55.89 Gb Total Space | 22.06 Gb Free Space | 39.48% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded

Computer Name: STEVELAPTOP
Current User Name: Steve Dittmar
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user


[Processes - Non-Microsoft Only]
ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4124 | Size = 389120 bytes | Modified Date = 11/10/2005 7:43:12 PM | Attr = ]
wltrysvc.exe -> %System32%\WLTRYSVC.EXE -> [Ver = | Size = 18944 bytes | Modified Date = 12/19/2005 9:08:30 AM | Attr = ]
bcmwltry.exe -> %System32%\BCMWLTRY.EXE -> Dell Inc. [Ver = 4.10.47.3 | Size = 1200128 bytes | Modified Date = 12/19/2005 9:08:26 AM | Attr = ]
aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,6 | Size = 587096 bytes | Modified Date = 1/11/2008 1:55:59 AM | Attr = ]
schedul2.exe -> %CommonProgramFiles%\Seagate\Schedule2\schedul2.exe -> Acronis [Ver = 1,0,0,240 | Size = 411168 bytes | Modified Date = 6/14/2007 3:48:42 PM | Attr = ]
btwdins.exe -> %ProgramFiles%\WIDCOMM\Bluetooth Software\bin\btwdins.exe -> Broadcom Corporation [Ver = 3.0.1.914 | Size = 163840 bytes | Modified Date = 11/9/2004 9:24:16 AM | Attr = ]
ati2evxx.exe -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4124 | Size = 389120 bytes | Modified Date = 11/10/2005 7:43:12 PM | Attr = ]
wben.exe -> %ProgramFiles%\Starfield\Desktop Notifier\wben.exe -> Starfield Technologies, Inc. [Ver = 1.1.0.4 | Size = 312024 bytes | Modified Date = 11/6/2007 2:12:46 PM | Attr = ]
bttray.exe -> %ProgramFiles%\WIDCOMM\Bluetooth Software\BTTray.exe -> Broadcom Corporation [Ver = 3.0.1.914 | Size = 565309 bytes | Modified Date = 11/2/2004 11:10:36 AM | Attr = ]
lmasystray.exe -> %ProgramFiles%\Logitech\Music Anywhere\LMASysTray.exe -> Logitech Inc. [Ver = 1, 1, 0, 0 | Size = 184320 bytes | Modified Date = 10/12/2005 11:22:40 AM | Attr = ]
nasnavi.exe -> %ProgramFiles%\BUFFALO\NASNAVI\NasNavi.exe -> BUFFALO INC. [Ver = 1.20 | Size = 598016 bytes | Modified Date = 12/11/2006 7:20:00 PM | Attr = ]
btstac~1.exe -> %ProgramFiles%\WIDCOMM\Bluetooth Software\BTStackServer.exe -> Broadcom Corporation [Ver = 3.0.1.914 | Size = 1253460 bytes | Modified Date = 11/2/2004 11:09:56 AM | Attr = ]
aim6.exe -> %ProgramFiles%\AIM6\aim6.exe -> AOL LLC [Ver = 1.4.9.1 | Size = 50528 bytes | Modified Date = 10/4/2007 10:20:54 AM | Attr = ]
aolsoftware.exe -> %ProgramFiles%\AIM6\aolsoftware.exe -> AOL LLC [Ver = 15.5.1.2 | Size = 42032 bytes | Modified Date = 5/25/2007 12:16:08 PM | Attr = ]
winpfind35u.exe -> %UserDocuments%\My Downloads\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.0.0 | Size = 294400 bytes | Modified Date = 1/6/2008 1:17:10 PM | Attr = ]

[Win32 Services - Non-Microsoft Only]
(aawservice) Ad-Aware 2007 Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft [Ver = 7,0,2,6 | Size = 587096 bytes | Modified Date = 1/11/2008 1:55:59 AM | Attr = ]
(AcrSch2Svc) Acronis Scheduler2 Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Seagate\Schedule2\schedul2.exe -> Acronis [Ver = 1,0,0,240 | Size = 411168 bytes | Modified Date = 6/14/2007 3:48:42 PM | Attr = ]
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %System32%\ati2evxx.exe -> ATI Technologies Inc. [Ver = 6.14.10.4124 | Size = 389120 bytes | Modified Date = 11/10/2005 7:43:12 PM | Attr = ]
(btwdins) Bluetooth Service [Win32_Own | Auto | Running] -> %ProgramFiles%\WIDCOMM\Bluetooth Software\bin\btwdins.exe -> Broadcom Corporation [Ver = 3.0.1.914 | Size = 163840 bytes | Modified Date = 11/9/2004 9:24:16 AM | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 8/4/2004 2:56:48 AM | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\1150\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.50.42618 | Size = 69632 bytes | Modified Date = 11/14/2005 1:06:04 AM | Attr = ]
(idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> -> File not found
(rpcapd) Remote Packet Capture Protocol v.0 (experimental) [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\WinPcap\rpcapd.exe -> NetGroup - Politecnico di Torino [Ver = 3, 1, 0, 24 | Size = 86016 bytes | Modified Date = 10/29/2004 3:29:16 PM | Attr = ]
(Symantec Core LC) Symantec Core LC [Win32_Own | Disabled | Stopped] -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> Symantec Corporation [Ver = 1.9.1.762 | Size = 1119888 bytes | Modified Date = 12/18/2005 3:41:21 PM | Attr = ]
(wltrysvc) Dell Wireless WLAN Tray Service [Win32_Own | Auto | Running] -> %System32%\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe -> File not found

[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
KernelFaultCheck -> -> File not found
PCTVOICE -> %System32%\pctspk.exe -> [Ver = 1, 0, 0, 1 | Size = 163840 bytes | Modified Date = 2/24/2003 3:35:12 PM | Attr = ]
< OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL-> Installed = 1 ->
MAPI-> Installed = 1 ->
MSFS-> Installed = 1 ->
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
wben -> %ProgramFiles%\Starfield\Desktop Notifier\wben.exe -> Starfield Technologies, Inc. [Ver = 1.1.0.4 | Size = 312024 bytes | Modified Date = 11/6/2007 2:12:46 PM | Attr = ]
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
%AllUsersStartup%\BTTray.lnk -> %ProgramFiles%\WIDCOMM\Bluetooth Software\BTTray.exe -> Broadcom Corporation [Ver = 3.0.1.914 | Size = 565309 bytes | Modified Date = 11/2/2004 11:10:36 AM | Attr = ]
-> %AllUsersStartup%\desktop.ini -> [Ver = | Size = 84 bytes | Modified Date = 11/24/2004 9:06:28 AM | Attr = HS]
%AllUsersStartup%\Logitech Music Anywhere Settings.lnk -> %ProgramFiles%\Logitech\Music Anywhere\LMASysTray.exe -> Logitech Inc. [Ver = 1, 1, 0, 0 | Size = 184320 bytes | Modified Date = 10/12/2005 11:22:40 AM | Attr = ]
< Steve Dittmar Startup Folder > -> C:\Documents and Settings\Steve Dittmar\Start Menu\Programs\Startup ->
%UserStartup%\BUFFALO NAS Navigator.lnk -> %ProgramFiles%\BUFFALO\NASNAVI\NasNavi.exe -> BUFFALO INC. [Ver = 1.20 | Size = 598016 bytes | Modified Date = 12/11/2006 7:20:00 PM | Attr = ]
-> %UserStartup%\desktop.ini -> [Ver = | Size = 84 bytes | Modified Date = 11/24/2004 9:06:28 AM | Attr = HS]
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
*MultiFile Done* -> ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*MultiFile Done* -> ->
*MultiFile Done* -> ->
*MultiFile Done* -> ->
*MultiFile Done* -> ->
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
AtiExtEvent -> %System32%\ati2evxx.dll -> ATI Technologies Inc. [Ver = 6.14.10.4124 | Size = 47616 bytes | Modified Date = 11/10/2005 7:44:14 PM | Attr = ]
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\\{17492023-C23A-453E-A040-C7C580BBF700} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\comdlg32\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\comdlg32\\NoFileMru -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoViewOnDrive -> 0 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoComputersNearMe -> (binary data) ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> (binary data) ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RestrictCpl\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\RestrictRun\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> ->
< HOSTS File > (221589 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://www.yahoo.com/ ->
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com ->
HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\Search Bar -> http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html ->
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com ->
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://www.yahoo.com/ ->
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\Search Bar -> http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html ->
HKEY_CURRENT_USER\: Main\\Search Page -> http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com ->
HKEY_CURRENT_USER\: Main\\Start Page -> http://www.dealsea.com/ ->
HKEY_CURRENT_USER\: SearchURL\\ -> http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com[Reg Error: Value provider does not exist or could not be read.] ->
HKEY_CURRENT_USER\: ProxyEnable -> 0 ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4140 domain(s) found. ->
33 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4339 domain(s) found. ->
//@surf.mar@/ [money] -> Local intranet ->
34 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. ->
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{00011268-E188-40DF-A514-835FCD78B1BF} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\IEPro\IEPro.dll [IE7Pro BHO] -> IE7Pro.com [Ver = 2, 0, 0, 7 | Size = 699496 bytes | Modified Date = 1/2/2008 3:34:10 AM | Attr = ]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 8.0.0.2006102200 | Size = 62080 bytes | Modified Date = 10/22/2006 10:08:42 PM | Attr = ]
{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> Safer Networking Limited [Ver = 1, 5, 0, 8 | Size = 1122128 bytes | Modified Date = 8/31/2007 4:46:14 PM | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_02\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 501136 bytes | Modified Date = 7/12/2007 3:00:35 AM | Attr = ]
< Internet Explorer Bars [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{1FE2EBE5-42FF-4586-A144-CA420C84FF6A} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Bars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{4528BBE0-4E08-11D5-AD55-00010333D0AD} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\{5BED3930-2E9E-76D8-BACC-80DF2188D455} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\{F0F8ECBE-D460-4B34-B007-56A92E8F84A7} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\NetZero\Toolbar.dll [ZeroBar] -> [Ver = 2, 0, 0, 1 | Size = 292304 bytes | Modified Date = 12/1/2005 6:10:54 PM | Attr = ]
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{0026439F-A980-4f18-8C95-4F1CBBF9C1D8}:{B119EB0C-C021-46CF-85B0-34A760E0D5FE} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\IEPro\IEPro.dll [IE7Pro Preferences] -> IE7Pro.com [Ver = 2, 0, 0, 7 | Size = 699496 bytes | Modified Date = 1/2/2008 3:34:10 AM | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_02\bin\npjpi160_02.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 132496 bytes | Modified Date = 7/12/2007 3:00:35 AM | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_02\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.20.6 | Size = 501136 bytes | Modified Date = 7/12/2007 3:00:35 AM | Attr = ]
{92780B25-18CC-41C8-B9BE-3C9C571A8263}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Research] -> File not found
{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}:Exec -> %ProgramFiles%\AIM\aim.exe [AIM] -> America Online, Inc. [Ver = 5.9.6089 | Size = 67112 bytes | Modified Date = 8/1/2006 2:35:36 PM | Attr = ]
{CCA281CA-C863-46ef-9331-5C8D4460577F}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [@btrez.dll,-4015] -> File not found
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 5, 0, 8 | Size = 1122128 bytes | Modified Date = 8/31/2007 4:46:14 PM | Attr = ]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\{5E638779-1818-4754-A595-EF1C63B87A56} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKEY_LOCAL_MACHINE] -> [Research] -> File not found
CmdMapping\\{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\AIM\aim.exe [AIM] -> America Online, Inc. [Ver = 5.9.6089 | Size = 67112 bytes | Modified Date = 8/1/2006 2:35:36 PM | Attr = ]
CmdMapping\\{CCA281CA-C863-46ef-9331-5C8D4460577F} [HKEY_LOCAL_MACHINE] -> [@btrez.dll,-4015] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
Download all with Free Download Manager -> %ProgramFiles%\Free Download Manager\dlall.htm -> [Ver = | Size = 823 bytes | Modified Date = 11/24/2004 1:34:40 PM | Attr = ]
Download selected with Free Download Manager -> %ProgramFiles%\Free Download Manager\dlselected.htm -> [Ver = | Size = 449 bytes | Modified Date = 8/24/2004 6:25:38 PM | Attr = ]
Download web site with Free Download Manager -> %ProgramFiles%\Free Download Manager\dlpage.htm -> [Ver = | Size = 441 bytes | Modified Date = 8/24/2004 6:25:38 PM | Attr = ]
Download with Free Download Manager -> %ProgramFiles%\Free Download Manager\dllink.htm -> [Ver = | Size = 1030 bytes | Modified Date = 9/1/2004 9:15:54 PM | Attr = ]
E&xport to Microsoft Excel -> -> File not found
Send To &Bluetooth -> %ProgramFiles%\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm -> [Ver = | Size = 1320 bytes | Modified Date = 5/29/2003 12:53:12 PM | Attr = ]
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find...=%s&mime=%s ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{4A7D490B-8EA0-42AF-9805-3E30FCA8FFA4} -> (Dell TrueMobile 1400 Dual Band WLAN Mini-PCI Card) ->
{624EB0A8-D775-4D32-8C67-38CA4E6EA2AB} -> (Windows Mobile-based Device) ->
{79E2A276-5D1D-4C98-9264-6E4E4EE3DE4E} -> () ->
{AB3CB135-FE07-4635-B759-BC3D6C4780F9} -> () ->
{E58761BB-7F66-46EE-B111-AAF86407E4E4} -> () ->
{E5F3D395-2DD9-4694-98CC-5EBD65811302} -> () ->
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[] -> File not found
mctp:{d7b95390-b1c5-11d0-b111-0080c712fe82} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Key does not exist or could not be opened.] -> File not found
msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[] -> File not found
widimg:{EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} [HKEY_LOCAL_MACHINE] -> %System32%\BTXPPanel.dll[WidImg Class] -> Broadcom Corporation [Ver = 3.0.1.914 | Size = 110592 bytes | Modified Date = 11/2/2004 10:53:08 AM | Attr = ]
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{01A88BB1-1174-41EC-ACCB-963509EAE56B}[HKEY_LOCAL_MACHINE] -> http://support.dell.com/systemprofiler/SysPro.CAB[SysProWmi Class] ->
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}[HKEY_LOCAL_MACHINE] -> http://www.apple.com/qtactivex/qtplugin.cab[QuickTime Object] ->
{03F998B2-0E00-11D3-A498-00104B6EB52E}[HKEY_LOCAL_MACHINE] -> https://components.viewpoint.com/MTSInstall...l?noreloadredir[Reg Error: Key does not exist or could not be opened.] ->
{0A5FD7C5-A45C-49FC-ADB5-9952547D5715}[HKEY_LOCAL_MACHINE] -> http://www.creative.com/su/ocx/15031/CTSUEng.cab[Creative Software AutoUpdate] ->
{166B1BCA-3F9C-11CF-8075-444553540000}[HKEY_LOCAL_MACHINE] -> http://download.macromedia.com/pub/shockwa...director/sw.cab[Shockwave ActiveX Control] ->
{17492023-C23A-453E-A040-C7C580BBF700}[HKEY_LOCAL_MACHINE] -> http://download.microsoft.com/download/b/e...heckControl.cab[Windows Genuine Advantage Validation Tool] ->
{22945A69-1191-4DCF-9E6F-409BDE94D101}[HKEY_LOCAL_MACHINE] -> http://www.solidworks.com/plugins/edrawing...cfm?Release=rel[Reg Error: Key does not exist or could not be opened.] ->
{230C3D02-DA27-11D2-8612-00A0C93EEA3C}[HKEY_LOCAL_MACHINE] -> http://www.winkflash.com/photo/loaders/SAXFile.cab[SAXFile FileUpload ActiveX Control] ->
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}[HKEY_LOCAL_MACHINE] -> C:\Program Files\Yahoo!\Common\yinsthelper.dll[YInstStarter Class] ->
{31E68DE2-5548-4B23-88F0-C51E6A0F695E}[HKEY_LOCAL_MACHINE] -> https://support.microsoft.com/OAS/ActiveX/odc.cab[Microsoft PID Sniffer] ->
{3C648A72-C49A-48EF-9F90-68EF13293F97}[HKEY_LOCAL_MACHINE] -> http://www.midhudsonmls.com/XMLSearch/XMLCache.CAB[Cacher Class] ->
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE}[HKEY_LOCAL_MACHINE] -> http://office.microsoft.com/officeupdate/content/opuc3.cab[Office Update Installation Engine] ->
{4EFA317A-8569-4788-B175-5BAF9731A549}[HKEY_LOCAL_MACHINE] -> https://www.microsoft.com/resources/virtual...iveXClient1.cab[Microsoft Virtual Server VMRC Advanced Control] ->
{5ED80217-570B-4DA9-BF44-BE107C0EC166}[HKEY_LOCAL_MACHINE] -> https://scan.safety.live.com/resource/downl...lscbase1524.cab[CwlscInstall Object] ->
{5F8469B4-B055-49DD-83F7-62B522420ECC}[HKEY_LOCAL_MACHINE] -> http://upload.facebook.com/controls/Facebo...otoUploader.cab[Facebook Photo Uploader Control] ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}[HKEY_LOCAL_MACHINE] -> http://update.microsoft.com/microsoftupdat...b?1129869358906[MUWebControl Class] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[Java Plug-in 1.6.0_02] ->
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab[Reg Error: Key does not exist or could not be opened.] ->
{917623D1-D8E5-11D2-BE8B-00104B06BDE3}[HKEY_LOCAL_MACHINE] -> http://192.168.1.111/activex/AxisCamControl.cab[CamImage Class] ->
{9522B3FB-7A2B-4646-8AF6-36E7F593073C}[HKEY_LOCAL_MACHINE] -> http://a19.g.akamai.net/7/19/7125/4056/ftp...02/cpbrkpie.cab[Reg Error: Key does not exist or could not be opened.] ->
{9F1C11AA-197B-4942-BA54-47A8489BB47F}[HKEY_LOCAL_MACHINE] -> http://v4.windowsupdate.microsoft.com/CAB/...8736.6753935185[Reg Error: Key does not exist or could not be opened.] ->
{A18962F6-E6ED-40B1-97C9-1FB36F38BFA8}[HKEY_LOCAL_MACHINE] -> http://www.dotphoto.com/DPImageUploader.cab[Aurigma Image Uploader 3.5 Control] ->
{A8683C98-5341-421B-B23C-8514C05354F1}[HKEY_LOCAL_MACHINE] -> http://www.samsphotoclub.com/upload/FujifilmUploadClient.cab[FujifilmUploader Class] ->
{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab[Java Plug-in 1.5.0_01] ->
{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab[Java Plug-in 1.5.0_04] ->
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab[Java Plug-in 1.5.0_06] ->
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab[Java Plug-in 1.5.0_09] ->
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab[Java Plug-in 1.5.0_11] ->
{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[Java Plug-in 1.6.0_02] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[Java Plug-in 1.6.0_02] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flash...ent/swflash.cab[Shockwave Flash Object] ->
{E6644870-F140-11D4-B761-00D0B73F3C8E}[HKEY_LOCAL_MACHINE] -> http://192.168.1.111/activex/AxisCamMotionControl.ocx[CamImage Class] ->
{E856B973-45FD-4559-8F82-EAB539144667}[HKEY_LOCAL_MACHINE] -> http://pccheckup.dellfix.com/rel/35/install/gtdownde.cab[Dell PC Checkup Installer Control] ->
{F6ACF75C-C32C-447B-9BEF-46B766368D29}[HKEY_LOCAL_MACHINE] -> http://www.creative.com/su/ocx/15033/CTPID.cab[Creative Software AutoUpdate Support Package] ->
Microsoft XML Parser for Java[HKEY_LOCAL_MACHINE] -> file://C:\WINDOWS\Java\classes\xmldso.cab[Reg Error: Key does not exist or could not be opened.] ->



[Files/Folders - Created Within 30 days]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Created Date = 12/18/2007 11:10:41 PM | Attr = H ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 804564992 bytes | Created Date = 1/8/2008 8:15:04 PM | Attr = HS]
VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Created Date = 1/8/2008 1:09:03 AM | Attr = ]
3cwmcru.sys -> %System32%\dllcache\3cwmcru.sys -> 3Com, Inc. [Ver = 1.44.008.0020 | Size = 762780 bytes | Created Date = 1/5/2008 9:09:31 PM | Attr = ]
3dfxvs.dll -> %System32%\dllcache\3dfxvs.dll -> 3dfx Interactive, Inc. [Ver = 5.00.2489.0028 | Size = 689216 bytes | Created Date = 1/5/2008 9:09:32 PM | Attr = ]
3dfxvsm.sys -> %System32%\dllcache\3dfxvsm.sys -> 3dfx Interactive, Inc. [Ver = 5.00.2489.0028 | Size = 148352 bytes | Created Date = 1/5/2008 9:09:32 PM | Attr = ]
a3d.dll -> %System32%\dllcache\a3d.dll -> Aureal Semiconductor [Ver = 2.09 | Size = 98304 bytes | Created Date = 1/5/2008 9:09:37 PM | Attr = ]
a3dapi.dll -> %System32%\dllcache\a3dapi.dll -> Aureal Inc. [Ver = 3.02 | Size = 462848 bytes | Created Date = 1/5/2008 9:09:37 PM | Attr = ]
ac97ali.sys -> %System32%\dllcache\ac97ali.sys -> Acer Laboratories Inc. [Ver = 5.12.01.6003 | Size = 231552 bytes | Created Date = 1/5/2008 9:09:38 PM | Attr = ]
ac97intc.sys -> %System32%\dllcache\ac97intc.sys -> Intel Corporation [Ver = 5.10.3523 built by: WinDDK | Size = 96256 bytes | Created Date = 1/5/2008 9:09:38 PM | Attr = ]
ac97sis.sys -> %System32%\dllcache\ac97sis.sys -> Silicon Integrated Systems Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 297728 bytes | Created Date = 1/5/2008 9:09:39 PM | Attr = ]
ac97via.sys -> %System32%\dllcache\ac97via.sys -> VIA Technologies, Inc. [Ver = 5.10.00.3622 built by: WinDDK | Size = 84480 bytes | Created Date = 1/5/2008 9:09:40 PM | Attr = ]
acerscad.dll -> %System32%\dllcache\acerscad.dll -> Color Flatbed Scanner [Ver = 1, 0, 0, 0 | Size = 61440 bytes | Created Date = 1/5/2008 9:09:41 PM | Attr = ]
adm8511.sys -> %System32%\dllcache\adm8511.sys -> ADMtek Incorporated [Ver = 2.04.2001.0719 built by: WinDDK | Size = 20160 bytes | Created Date = 1/5/2008 9:09:43 PM | Attr = ]
adm8810.sys -> %System32%\dllcache\adm8810.sys -> Aureal, Inc. [Ver = 5.12.01.3500 | Size = 584448 bytes | Created Date = 1/5/2008 9:09:44 PM | Attr = ]
adm8820.sys -> %System32%\dllcache\adm8820.sys -> Aureal, Inc. [Ver = 5.12.01.1500 | Size = 553984 bytes | Created Date = 1/5/2008 9:09:44 PM | Attr = ]
adm8830.sys -> %System32%\dllcache\adm8830.sys -> Aureal, Inc. [Ver = 5.12.01.2500 | Size = 747392 bytes | Created Date = 1/5/2008 9:09:45 PM | Attr = ]
admjoy.sys -> %System32%\dllcache\admjoy.sys -> Aureal, Inc. [Ver = 5.12.01.1500 | Size = 10880 bytes | Created Date = 1/5/2008 9:09:45 PM | Attr = ]
adptsf50.sys -> %System32%\dllcache\adptsf50.sys -> Adaptec, Inc [Ver = V5.10.22 | Size = 46112 bytes | Created Date = 1/5/2008 9:09:46 PM | Attr = ]
ali5261.sys -> %System32%\dllcache\ali5261.sys -> Acer Laboratories Inc. [Ver = 5.01.2462.0102 | Size = 27678 bytes | Created Date = 1/5/2008 9:22:39 PM | Attr = ]
alifir.sys -> %System32%\dllcache\alifir.sys -> Acer Laboratories Inc. [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 26624 bytes | Created Date = 1/5/2008 9:22:40 PM | Attr = ]
aliide.sys -> %System32%\dllcache\aliide.sys -> Acer Laboratories Inc. [Ver = 1.20 | Size = 5248 bytes | Created Date = 1/5/2008 9:22:40 PM | Attr = ]
amb8002.sys -> %System32%\dllcache\amb8002.sys -> AmbiCom, Inc. [Ver = v3.03 | Size = 16969 bytes | Created Date = 1/5/2008 9:22:41 PM | Attr = ]
an983.sys -> %System32%\dllcache\an983.sys -> ADMtek Incorporated. [Ver = 2.17.1025.2001 built by: WinDDK | Size = 36224 bytes | Created Date = 1/5/2008 9:22:42 PM | Attr = ]
asc.sys -> %System32%\dllcache\asc.sys -> Advanced System Products, Inc. [Ver = 2.9I-MS (XPClient.010817-1148) | Size = 26496 bytes | Created Date = 1/5/2008 9:22:43 PM | Attr = ]
asc3550.sys -> %System32%\dllcache\asc3550.sys -> Advanced System Products, Inc. [Ver = 3.1E-MS (XPClient.010817-1148) | Size = 14848 bytes | Created Date = 1/5/2008 9:22:44 PM | Attr = ]
aspndis3.sys -> %System32%\dllcache\aspndis3.sys -> Bay Networks, Inc. [Ver = 3.23.11 | Size = 97354 bytes | Created Date = 1/5/2008 9:22:45 PM | Attr = ]
ati.sys -> %System32%\dllcache\ati.sys -> ATI Technologies, Inc. [Ver = 3.0.62 (XPClient.010817-1148) | Size = 77568 bytes | Created Date = 1/5/2008 9:22:47 PM | Attr = ]
atibt829.sys -> %System32%\dllcache\atibt829.sys -> [Ver = | Size = 46464 bytes | Created Date = 1/5/2008 9:22:48 PM | Attr = ]
atidrab.dll -> %System32%\dllcache\atidrab.dll -> ATI Technologies Inc. [Ver = 5.01.2195.5012 (ReleasedBinaries.010718-0005) | Size = 382592 bytes | Created Date = 1/5/2008 9:22:49 PM | Attr = ]
atidrae.dll -> %System32%\dllcache\atidrae.dll -> ATI Technologies Inc. [Ver = 5.1.2493.0 (Lab01_N(ericks).010612-1818) | Size = 137216 bytes | Created Date = 1/5/2008 9:22:50 PM | Attr = ]
atidvai.dll -> %System32%\dllcache\atidvai.dll -> ATI Technologies Inc. [Ver = 5.10.2280.1028 (ReleasedBinaries.010715-1631) | Size = 268160 bytes | Created Date = 1/5/2008 9:22:50 PM | Attr = ]
atimpab.sys -> %System32%\dllcache\atimpab.sys -> ATI Technologies Inc. [Ver = 5.00.2195.5007 (ReleasedBinaries.010718-0005) | Size = 289664 bytes | Created Date = 1/5/2008 9:22:51 PM | Attr = ]
atimpae.sys -> %System32%\dllcache\atimpae.sys -> ATI Technologies Inc. [Ver = 5.1.2493.0 (Lab01_N(ericks).010612-1818) | Size = 75136 bytes | Created Date = 1/5/2008 9:22:52 PM | Attr = ]
atimtai.sys -> %System32%\dllcache\atimtai.sys -> ATI Technologies Inc. [Ver = 5.13.01.1140 (ReleasedBinaries.010715-1631) | Size = 281600 bytes | Created Date = 1/5/2008 9:22:52 PM | Attr = ]
atipcxxx.sys -> %System32%\dllcache\atipcxxx.sys -> [Ver = | Size = 10240 bytes | Created Date = 1/5/2008 9:22:53 PM | Attr = ]
atiraged.dll -> %System32%\dllcache\atiraged.dll -> ATI Technologies Inc. [Ver = 5.1.2493.0 (Lab01_N(ericks).010612-1818) | Size = 104832 bytes | Created Date = 1/5/2008 9:22:53 PM | Attr = ]
atiragem.sys -> %System32%\dllcache\atiragem.sys -> ATI Technologies Inc. [Ver = 5.1.2493.0 (Lab01_N(ericks).010612-1818) | Size = 70528 bytes | Created Date = 1/5/2008 9:22:54 PM | Attr = ]
atirtcap.sys -> %System32%\dllcache\atirtcap.sys -> [Ver = | Size = 49920 bytes | Created Date = 1/5/2008 9:22:54 PM | Attr = ]
atirtsnd.sys -> %System32%\dllcache\atirtsnd.sys -> [Ver = | Size = 26880 bytes | Created Date = 1/5/2008 9:22:55 PM | Attr = ]
atitunep.sys -> %System32%\dllcache\atitunep.sys -> [Ver = | Size = 17152 bytes | Created Date = 1/5/2008 9:22:55 PM | Attr = ]
atitvsnd.sys -> %System32%\dllcache\atitvsnd.sys -> [Ver = | Size = 17152 bytes | Created Date = 1/5/2008 9:22:56 PM | Attr = ]
ativmdcd.sys -> %System32%\dllcache\ativmdcd.sys -> [Ver = | Size = 9472 bytes | Created Date = 1/5/2008 9:22:56 PM | Attr = ]
ativttxx.sys -> %System32%\dllcache\ativttxx.sys -> [Ver = | Size = 19456 bytes | Created Date = 1/5/2008 9:22:57 PM | Attr = ]
ativxbar.sys -> %System32%\dllcache\ativxbar.sys -> [Ver = | Size = 26624 bytes | Created Date = 1/5/2008 9:22:57 PM | Attr = ]
atixbar.sys -> %System32%\dllcache\atixbar.sys -> [Ver = | Size = 23552 bytes | Created Date = 1/5/2008 9:22:58 PM | Attr = ]
avmcoxp.dll -> %System32%\dllcache\avmcoxp.dll -> AVM GmbH [Ver = 2.4 | Size = 87552 bytes | Created Date = 1/5/2008 9:23:02 PM | Attr = ]
avmenum.dll -> %System32%\dllcache\avmenum.dll -> AVM GmbH [Ver = 1, 0, 0, 3 | Size = 144384 bytes | Created Date = 1/5/2008 9:23:03 PM | Attr = ]
avmwan.sys -> %System32%\dllcache\avmwan.sys -> AVM GmbH [Ver = 02.04.00 | Size = 37568 bytes | Created Date = 1/5/2008 9:23:03 PM | Attr = ]
aztw2320.sys -> %System32%\dllcache\aztw2320.sys -> Aztech Systems Ltd [Ver = 5.1.2501.0 built by: WinDDK | Size = 36992 bytes | Created Date = 1/5/2008 9:23:04 PM | Attr = ]
b1cbase.sys -> %System32%\dllcache\b1cbase.sys -> AVM GmbH [Ver = 5.2 | Size = 89952 bytes | Created Date = 1/5/2008 9:23:04 PM | Attr = ]
banshee.dll -> %System32%\dllcache\banshee.dll -> 3Dfx Interactive, Inc. [Ver = 5.00.2462.60 | Size = 342336 bytes | Created Date = 1/5/2008 9:23:05 PM | Attr = ]
banshee.sys -> %System32%\dllcache\banshee.sys -> 3Dfx Interactive, Inc. [Ver = 5.00.2462.60 | Size = 36128 bytes | Created Date = 1/5/2008 9:23:05 PM | Attr = ]
bcm42u.sys -> %System32%\dllcache\bcm42u.sys -> Broadcom Corporation [Ver = 2.29.0.8 | Size = 66557 bytes | Created Date = 1/5/2008 9:23:06 PM | Attr = ]
bcm42xx5.sys -> %System32%\dllcache\bcm42xx5.sys -> Broadcom Corporation [Ver = 2.31.0.2 | Size = 54271 bytes | Created Date = 1/5/2008 9:23:07 PM | Attr = ]
bcm4e5.sys -> %System32%\dllcache\bcm4e5.sys -> Broadcom Corporation [Ver = 2.31.0.2 | Size = 26568 bytes | Created Date = 1/5/2008 9:23:07 PM | Attr = ]
bcmdm.sys -> %System32%\dllcache\bcmdm.sys -> BCM [Ver = 3.2.12.9 07/17/2001 14:21:30 | Size = 871388 bytes | Created Date = 1/5/2008 9:23:08 PM | Attr = ]
big5.nls -> %System32%\dllcache\big5.nls -> [Ver = | Size = 66728 bytes | Created Date = 1/5/2008 9:23:12 PM | Attr = ]
bopomofo.nls -> %System32%\dllcache\bopomofo.nls -> [Ver = | Size = 82172 bytes | Created Date = 1/5/2008 9:23:14 PM | Attr = ]
brbidiif.dll -> %System32%\dllcache\brbidiif.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 19456 bytes | Created Date = 1/5/2008 9:23:15 PM | Attr = ]
brcoinst.dll -> %System32%\dllcache\brcoinst.dll -> Brother Industries Ltd. [Ver = 1.0.0.8 (Lab06_N.010129-0357) | Size = 9728 bytes | Created Date = 1/5/2008 9:23:15 PM | Attr = ]
brevif.dll -> %System32%\dllcache\brevif.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 12800 bytes | Created Date = 1/5/2008 9:23:15 PM | Attr = ]
brfilt.sys -> %System32%\dllcache\brfilt.sys -> Brother Industries Ltd. [Ver = 1.0.0.0 (Lab06_N.010129-0357) | Size = 2944 bytes | Created Date = 1/5/2008 9:23:16 PM | Attr = ]
brfiltlo.sys -> %System32%\dllcache\brfiltlo.sys -> Brother Industries, Ltd. [Ver = 1.09.000 (Lab06_N.010129-0357) | Size = 12160 bytes | Created Date = 1/5/2008 9:23:17 PM | Attr = ]
brfiltup.sys -> %System32%\dllcache\brfiltup.sys -> Brother Industries, Ltd. [Ver = 1.04.000 (Lab06_N.010129-0357) | Size = 3968 bytes | Created Date = 1/5/2008 9:23:17 PM | Attr = ]
brmfbidi.dll -> %System32%\dllcache\brmfbidi.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 15360 bytes | Created Date = 1/5/2008 9:23:17 PM | Attr = ]
brmflpt.dll -> %System32%\dllcache\brmflpt.dll -> Brother Industries, Ltd. [Ver = 1.45.15.346 | Size = 29696 bytes | Created Date = 1/5/2008 9:23:18 PM | Attr = ]
brmfrsmg.exe -> %System32%\dllcache\brmfrsmg.exe -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 32256 bytes | Created Date = 1/5/2008 9:23:19 PM | Attr = ]
brmfusb.dll -> %System32%\dllcache\brmfusb.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 41472 bytes | Created Date = 1/5/2008 9:23:19 PM | Attr = ]
brparimg.sys -> %System32%\dllcache\brparimg.sys -> Brother Industries Ltd. [Ver = 1.0.0.0 (Lab06_N.010129-0357) | Size = 3168 bytes | Created Date = 1/5/2008 9:23:20 PM | Attr = ]
brparwdm.sys -> %System32%\dllcache\brparwdm.sys -> Brother Industries Ltd. [Ver = 1.00 | Size = 39552 bytes | Created Date = 1/5/2008 9:23:21 PM | Attr = ]
brscnrsm.dll -> %System32%\dllcache\brscnrsm.dll -> Brother Industries,Ltd. [Ver = 1.0.0.14 | Size = 5120 bytes | Created Date = 1/5/2008 9:23:22 PM | Attr = ]
brserif.dll -> %System32%\dllcache\brserif.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 9728 bytes | Created Date = 1/5/2008 9:23:22 PM | Attr = ]
brserwdm.sys -> %System32%\dllcache\brserwdm.sys -> Brother Industries Ltd. [Ver = 1.0.0.15 (Lab06_N.010129-0357) | Size = 60416 bytes | Created Date = 1/5/2008 9:23:22 PM | Attr = ]
brusbmdm.sys -> %System32%\dllcache\brusbmdm.sys -> Brother Industries Ltd. [Ver = 1,0,0,7 (Lab06_N.010129-0357) | Size = 11008 bytes | Created Date = 1/5/2008 9:23:23 PM | Attr = ]
brusbscn.sys -> %System32%\dllcache\brusbscn.sys -> Brother Industries Ltd. [Ver = 1,0,0,6 (Lab06_N.010129-0357) | Size = 10368 bytes | Created Date = 1/5/2008 9:23:23 PM | Attr = ]
brzwlan.sys -> %System32%\dllcache\brzwlan.sys -> BreezeCOM [Ver = 4.4.1.18 | Size = 31529 bytes | Created Date = 1/5/2008 9:23:24 PM | Attr = ]
cap7146.sys -> %System32%\dllcache\cap7146.sys -> Philips Semiconductors GmbH [Ver = 1.00 (XPClient.010817-1148) | Size = 54528 bytes | Created Date = 1/5/2008 9:23:59 PM | Attr = ]
cb102.sys -> %System32%\dllcache\cb102.sys -> Fast Ethernet Controller Provider [Ver = 2.20.0.0 | Size = 37916 bytes | Created Date = 1/5/2008 9:24:00 PM | Attr = ]
cb325.sys -> %System32%\dllcache\cb325.sys -> Silicom Ltd. [Ver = 4.106.24 | Size = 39680 bytes | Created Date = 1/5/2008 9:24:01 PM | Attr = ]
cben5.sys -> %System32%\dllcache\cben5.sys -> Xircom, Inc. [Ver = 3.14.05.00 | Size = 46108 bytes | Created Date = 1/5/2008 9:24:01 PM | Attr = ]
cbmdmkxx.sys -> %System32%\dllcache\cbmdmkxx.sys -> Xircom, Inc. [Ver = 1.90.7 | Size = 714698 bytes | Created Date = 1/5/2008 9:24:02 PM | Attr = ]
ce2n5.sys -> %System32%\dllcache\ce2n5.sys -> Xircom, Inc. [Ver = 3.06.04.00 | Size = 21530 bytes | Created Date = 1/5/2008 9:24:04 PM | Attr = ]
ce3n5.sys -> %System32%\dllcache\ce3n5.sys -> Xircom, Inc. [Ver = 2.11.01.00 | Size = 27164 bytes | Created Date = 1/5/2008 9:24:05 PM | Attr = ]
cem28n5.sys -> %System32%\dllcache\cem28n5.sys -> Xircom, Inc. [Ver = 1.22.02.00 | Size = 22044 bytes | Created Date = 1/5/2008 9:24:05 PM | Attr = ]
cem33n5.sys -> %System32%\dllcache\cem33n5.sys -> Xircom, Inc. [Ver = 1.22.02.00 | Size = 22044 bytes | Created Date = 1/5/2008 9:24:05 PM | Attr = ]
cem56n5.sys -> %System32%\dllcache\cem56n5.sys -> Xircom, Inc. [Ver = 2.70.02.00 | Size = 49182 bytes | Created Date = 1/5/2008 9:24:06 PM | Attr = ]
cicap.sys -> %System32%\dllcache\cicap.sys -> Xircom [Ver = 4.0.0.41 | Size = 980034 bytes | Created Date = 1/5/2008 9:24:11 PM | Attr = ]
cinemclc.sys -> %System32%\dllcache\cinemclc.sys -> RAVISENT Technologies Inc. [Ver = 5.0.00.0081 | Size = 272640 bytes | Created Date = 1/5/2008 9:24:12 PM | Attr = ]
cmbp0wdm.sys -> %System32%\dllcache\cmbp0wdm.sys -> OMNIKEY AG [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 20736 bytes | Created Date = 1/5/2008 9:24:16 PM | Attr = ]
cmdide.sys -> %System32%\dllcache\cmdide.sys -> CMD Technology, Inc. [Ver = 2.0.7 (XPClient.010817-1148) | Size = 6656 bytes | Created Date = 1/5/2008 9:24:16 PM | Attr = ]
cnxt1803.sys -> %System32%\dllcache\cnxt1803.sys -> Conexant Systems, Inc. [Ver = V1.15.7 | Size = 39936 bytes | Created Date = 1/5/2008 9:24:19 PM | Attr = ]
cpqndis5.sys -> %System32%\dllcache\cpqndis5.sys -> Compaq Computer Corporation [Ver = 3.06.04.00 | Size = 21533 bytes | Created Date = 1/5/2008 9:24:22 PM | Attr = ]
cpqtrnd5.sys -> %System32%\dllcache\cpqtrnd5.sys -> Compaq Computer Corp. [Ver = 5.84.02 | Size = 60970 bytes | Created Date = 1/5/2008 9:24:23 PM | Attr = ]
cpscan.dll -> %System32%\dllcache\cpscan.dll -> COMPAQ Inc. [Ver = 1.0.0.7 | Size = 216064 bytes | Created Date = 1/5/2008 9:24:26 PM | Attr = ]
crtaud.sys -> %System32%\dllcache\crtaud.sys -> Conexant Systems Inc. [Ver = 5.12.01.0326 | Size = 42112 bytes | Created Date = 1/5/2008 9:24:26 PM | Attr = ]
ctlfacem.sys -> %System32%\dllcache\ctlfacem.sys -> Creative Technology Ltd. [Ver = 5.12.01.2108 built by: WinDDK | Size = 6912 bytes | Created Date = 1/5/2008 9:24:28 PM | Attr = ]
ctljystk.sys -> %System32%\dllcache\ctljystk.sys -> Creative Technology Ltd. [Ver = 5.1.2501.0 built by: WinDDK | Size = 3712 bytes | Created Date = 1/5/2008 9:24:28 PM | Attr = ]
ctlsb16.sys -> %System32%\dllcache\ctlsb16.sys -> Copyright © Creative Technology Ltd. 1994-2001 [Ver = 5.1.2501.0 built by: WinDDK | Size = 96256 bytes | Created Date = 1/5/2008 9:24:29 PM | Attr = ]
ctmasetp.dll -> %System32%\dllcache\ctmasetp.dll -> Comtrol® Corporation [Ver = 5.1.2600.2180 | Size = 249856 bytes | Created Date = 1/5/2008 9:24:29 PM | Attr = ]
ctwdm32.dll -> %System32%\dllcache\ctwdm32.dll -> Creative Technology Ltd. [Ver = 5.0.0.2001 | Size = 4096 bytes | Created Date = 1/5/2008 9:24:30 PM | Attr = ]
cwbase.sys -> %System32%\dllcache\cwbase.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 3072 bytes | Created Date = 1/5/2008 9:24:30 PM | Attr = ]
cwbmidi.sys -> %System32%\dllcache\cwbmidi.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 3072 bytes | Created Date = 1/5/2008 9:24:31 PM | Attr = ]
cwbwdm.sys -> %System32%\dllcache\cwbwdm.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 72832 bytes | Created Date = 1/5/2008 9:24:31 PM | Attr = ]
cwcosnt5.sys -> %System32%\dllcache\cwcosnt5.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 3584 bytes | Created Date = 1/5/2008 9:24:32 PM | Attr = ]
cwcspud.sys -> %System32%\dllcache\cwcspud.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 111872 bytes | Created Date = 1/5/2008 9:24:32 PM | Attr = ]
cwcwdm.sys -> %System32%\dllcache\cwcwdm.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 93952 bytes | Created Date = 1/5/2008 9:24:33 PM | Attr = ]
cwrwdm.sys -> %System32%\dllcache\cwrwdm.sys -> Crystal Semiconductor Corp. [Ver = 5.2.3790.0 built by: WinDDK | Size = 48640 bytes | Created Date = 1/5/2008 9:24:33 PM | Attr = ]
c_10001.nls -> %System32%\dllcache\c_10001.nls -> [Ver = | Size = 162850 bytes | Created Date = 1/5/2008 9:23:28 PM | Attr = ]
c_10002.nls -> %System32%\dllcache\c_10002.nls -> [Ver = | Size = 195618 bytes | Created Date = 1/5/2008 9:23:28 PM | Attr = ]
c_10003.nls -> %System32%\dllcache\c_10003.nls -> [Ver = | Size = 177698 bytes | Created Date = 1/5/2008 9:23:29 PM | Attr = ]
c_10004.nls -> %System32%\dllcache\c_10004.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:29 PM | Attr = ]
c_10005.nls -> %System32%\dllcache\c_10005.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:29 PM | Attr = ]
c_10008.nls -> %System32%\dllcache\c_10008.nls -> [Ver = | Size = 173602 bytes | Created Date = 1/5/2008 9:23:30 PM | Attr = ]
c_10021.nls -> %System32%\dllcache\c_10021.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:30 PM | Attr = ]
c_1047.nls -> %System32%\dllcache\c_1047.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:31 PM | Attr = ]
c_1140.nls -> %System32%\dllcache\c_1140.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:31 PM | Attr = ]
c_1141.nls -> %System32%\dllcache\c_1141.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:32 PM | Attr = ]
c_1142.nls -> %System32%\dllcache\c_1142.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:32 PM | Attr = ]
c_1143.nls -> %System32%\dllcache\c_1143.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:32 PM | Attr = ]
c_1144.nls -> %System32%\dllcache\c_1144.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:33 PM | Attr = ]
c_1145.nls -> %System32%\dllcache\c_1145.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:33 PM | Attr = ]
c_1146.nls -> %System32%\dllcache\c_1146.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:33 PM | Attr = ]
c_1147.nls -> %System32%\dllcache\c_1147.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:34 PM | Attr = ]
c_1148.nls -> %System32%\dllcache\c_1148.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:34 PM | Attr = ]
c_1149.nls -> %System32%\dllcache\c_1149.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:35 PM | Attr = ]
c_1361.nls -> %System32%\dllcache\c_1361.nls -> [Ver = | Size = 189986 bytes | Created Date = 1/5/2008 9:23:35 PM | Attr = ]
c_20000.nls -> %System32%\dllcache\c_20000.nls -> [Ver = | Size = 180258 bytes | Created Date = 1/5/2008 9:23:36 PM | Attr = ]
c_20001.nls -> %System32%\dllcache\c_20001.nls -> [Ver = | Size = 186402 bytes | Created Date = 1/5/2008 9:23:36 PM | Attr = ]
c_20002.nls -> %System32%\dllcache\c_20002.nls -> [Ver = | Size = 173602 bytes | Created Date = 1/5/2008 9:23:37 PM | Attr = ]
c_20003.nls -> %System32%\dllcache\c_20003.nls -> [Ver = | Size = 185378 bytes | Created Date = 1/5/2008 9:23:37 PM | Attr = ]
c_20004.nls -> %System32%\dllcache\c_20004.nls -> [Ver = | Size = 180258 bytes | Created Date = 1/5/2008 9:23:37 PM | Attr = ]
c_20005.nls -> %System32%\dllcache\c_20005.nls -> [Ver = | Size = 187938 bytes | Created Date = 1/5/2008 9:23:38 PM | Attr = ]
c_20105.nls -> %System32%\dllcache\c_20105.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:38 PM | Attr = ]
c_20106.nls -> %System32%\dllcache\c_20106.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:39 PM | Attr = ]
c_20107.nls -> %System32%\dllcache\c_20107.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:39 PM | Attr = ]
c_20108.nls -> %System32%\dllcache\c_20108.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:39 PM | Attr = ]
c_20269.nls -> %System32%\dllcache\c_20269.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:40 PM | Attr = ]
c_20273.nls -> %System32%\dllcache\c_20273.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:40 PM | Attr = ]
c_20277.nls -> %System32%\dllcache\c_20277.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:41 PM | Attr = ]
c_20278.nls -> %System32%\dllcache\c_20278.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:41 PM | Attr = ]
c_20280.nls -> %System32%\dllcache\c_20280.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:41 PM | Attr = ]
c_20284.nls -> %System32%\dllcache\c_20284.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:42 PM | Attr = ]
c_20285.nls -> %System32%\dllcache\c_20285.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:42 PM | Attr = ]
c_20290.nls -> %System32%\dllcache\c_20290.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:42 PM | Attr = ]
c_20297.nls -> %System32%\dllcache\c_20297.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:43 PM | Attr = ]
c_20420.nls -> %System32%\dllcache\c_20420.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:43 PM | Attr = ]
c_20423.nls -> %System32%\dllcache\c_20423.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:44 PM | Attr = ]
c_20424.nls -> %System32%\dllcache\c_20424.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:44 PM | Attr = ]
c_20833.nls -> %System32%\dllcache\c_20833.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:44 PM | Attr = ]
c_20838.nls -> %System32%\dllcache\c_20838.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:45 PM | Attr = ]
c_20871.nls -> %System32%\dllcache\c_20871.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:45 PM | Attr = ]
c_20880.nls -> %System32%\dllcache\c_20880.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:46 PM | Attr = ]
c_20924.nls -> %System32%\dllcache\c_20924.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:46 PM | Attr = ]
c_20932.nls -> %System32%\dllcache\c_20932.nls -> [Ver = | Size = 180770 bytes | Created Date = 1/5/2008 9:23:46 PM | Attr = ]
c_20936.nls -> %System32%\dllcache\c_20936.nls -> [Ver = | Size = 173602 bytes | Created Date = 1/5/2008 9:23:47 PM | Attr = ]
c_20949.nls -> %System32%\dllcache\c_20949.nls -> [Ver = | Size = 177698 bytes | Created Date = 1/5/2008 9:23:47 PM | Attr = ]
c_21025.nls -> %System32%\dllcache\c_21025.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:48 PM | Attr = ]
c_21027.nls -> %System32%\dllcache\c_21027.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:48 PM | Attr = ]
c_28596.nls -> %System32%\dllcache\c_28596.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:48 PM | Attr = ]
c_708.nls -> %System32%\dllcache\c_708.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:49 PM | Attr = ]
c_720.nls -> %System32%\dllcache\c_720.nls -> [Ver = | Size = 66594 bytes | Created Date = 1/5/2008 9:23:50 PM | Attr = ]
c_858.nls -> %System32%\dllcache\c_858.nls -> [Ver = | Size = 66594 bytes | Created Date = 1/5/2008 9:23:50 PM | Attr = ]
c_862.nls -> %System32%\dllcache\c_862.nls -> [Ver = | Size = 66594 bytes | Created Date = 1/5/2008 9:23:51 PM | Attr = ]
c_864.nls -> %System32%\dllcache\c_864.nls -> [Ver = | Size = 66594 bytes | Created Date = 1/5/2008 9:23:51 PM | Attr = ]
c_870.nls -> %System32%\dllcache\c_870.nls -> [Ver = | Size = 66082 bytes | Created Date = 1/5/2008 9:23:52 PM | Attr = ]
d100ib5.sys -> %System32%\dllcache\d100ib5.sys -> Intel Corporation [Ver = 5.41.17.0000 built by: WinDDK | Size = 117760 bytes | Created Date = 1/5/2008 9:24:37 PM | Attr = ]
dac2w2k.sys -> %System32%\dllcache\dac2w2k.sys -> Mylex Corporation [Ver = 6.00-21 (XPClient.010817-1148) | Size = 179584 bytes | Created Date = 1/5/2008 9:24:38 PM | Attr = ]
dc21x4.sys -> %System32%\dllcache\dc21x4.sys -> Intel Corporation. [Ver = 5.05.04 | Size = 63208 bytes | Created Date = 1/5/2008 9:24:41 PM | Attr = ]
defpa.sys -> %System32%\dllcache\defpa.sys -> Digital Networks, LLC [Ver = 5.5 built by: WinDDK | Size = 20928 bytes | Created Date = 1/5/2008 9:24:43 PM | Attr = ]
devcon32.dll -> %System32%\dllcache\devcon32.dll -> Creative Technology Ltd. [Ver = 4.06.651 | Size = 256512 bytes | Created Date = 1/5/2008 9:24:43 PM | Attr = ]
devldr32.exe -> %System32%\dllcache\devldr32.exe -> Creative Technology Ltd. [Ver = 1, 0, 0, 17 | Size = 24064 bytes | Created Date = 1/5/2008 9:24:44 PM | Attr = ]
dfe650.sys -> %System32%\dllcache\dfe650.sys -> D-Link [Ver = 5.00.2128.1 | Size = 24648 bytes | Created Date = 1/5/2008 9:24:45 PM | Attr = ]
dfe650d.sys -> %System32%\dllcache\dfe650d.sys -> D-Link [Ver = 5.00.2128.1 | Size = 24649 bytes | Created Date = 1/5/2008 9:24:45 PM | Attr = ]
dgapci.sys -> %System32%\dllcache\dgapci.sys -> Digi International Inc. [Ver = v3.7.3.0 | Size = 29531 bytes | Created Date = 1/5/2008 9:24:46 PM | Attr = ]
dgconfig.dll -> %System32%\dllcache\dgconfig.dll -> Digi International [Ver = v3.7.3.0 | Size = 419357 bytes | Created Date = 1/5/2008 9:24:46 PM | Attr = ]
diapi2.sys -> %System32%\dllcache\diapi2.sys -> Eicon Technology [Ver = 1.0.1.390 | Size = 164923 bytes | Created Date = 1/5/2008 9:23:59 PM | Attr = ]
diapi2NT.dll -> %System32%\dllcache\diapi2NT.dll -> Eicon Technology Corporation [Ver = 2.10 101-390 | Size = 32256 bytes | Created Date = 1/5/2008 9:24:00 PM | Attr = ]
digiasyn.dll -> %System32%\dllcache\digiasyn.dll -> Digi International Inc. [Ver = 3.10 | Size = 65622 bytes | Created Date = 1/5/2008 9:24:47 PM | Attr = ]
digiasyn.sys -> %System32%\dllcache\digiasyn.sys -> Digi International Inc. [Ver = 3.10 | Size = 37735 bytes | Created Date = 1/5/2008 9:24:48 PM | Attr = ]
digidbp.dll -> %System32%\dllcache\digidbp.dll -> Digi International Inc. [Ver = 3.10 | Size = 131156 bytes | Created Date = 1/5/2008 9:24:48 PM | Attr = ]
digidxb.sys -> %System32%\dllcache\digidxb.sys -> Digi International Inc. [Ver = 3.10 | Size = 103044 bytes | Created Date = 1/5/2008 9:24:48 PM | Attr = ]
digifep5.sys -> %System32%\dllcache\digifep5.sys -> Digi International Inc. [Ver = v3.7.3.0 | Size = 90525 bytes | Created Date = 1/5/2008 9:24:49 PM | Attr = ]
digifwrk.dll -> %System32%\dllcache\digifwrk.dll -> Digi International Inc. [Ver = 3.10 | Size = 229462 bytes | Created Date = 1/5/2008 9:24:49 PM | Attr = ]
digihlc.dll -> %System32%\dllcache\digihlc.dll -> Digi International Inc. [Ver = 3.10 | Size = 159828 bytes | Created Date = 1/5/2008 9:24:50 PM | Attr = ]
digiinf.dll -> %System32%\dllcache\digiinf.dll -> Digi International Inc. [Ver = 3.10 | Size = 102484 bytes | Created Date = 1/5/2008 9:24:50 PM | Attr = ]
digiisdn.dll -> %System32%\dllcache\digiisdn.dll -> Digi International Inc. [Ver = 3.10 | Size = 41046 bytes | Created Date = 1/5/2008 9:24:50 PM | Attr = ]
digiisdn.sys -> %System32%\dllcache\digiisdn.sys -> Digi International Inc. [Ver = 3.10 | Size = 21606 bytes | Created Date = 1/5/2008 9:24:51 PM | Attr = ]
digirlpt.dll -> %System32%\dllcache\digirlpt.dll -> Digi International, Inc. [Ver = 2.3.7 | Size = 110621 bytes | Created Date = 1/5/2008 9:24:51 PM | Attr = ]
digirlpt.sys -> %System32%\dllcache\digirlpt.sys -> Digi International, Inc. [Ver = 2.3.7 | Size = 42432 bytes | Created Date = 1/5/2008 9:24:52 PM | Attr = ]
digiview.exe -> %System32%\dllcache\digiview.exe -> Digi International Inc. [Ver = 3.10 | Size = 614429 bytes | Created Date = 1/5/2008 9:24:52 PM | Attr = ]
dimaint.sys -> %System32%\dllcache\dimaint.sys -> Eicon Technology [Ver = 2.0.1.315 | Size = 91305 bytes | Created Date = 1/5/2008 9:24:53 PM | Attr = ]
disrvci.dll -> %System32%\dllcache\disrvci.dll -> Eicon Technology [Ver = 2.0.1.73 | Size = 6729 bytes | Created Date = 1/5/2008 9:24:54 PM | Attr = ]
disrvpp.dll -> %System32%\dllcache\disrvpp.dll -> Eicon Technology [Ver = 2.0.1.73 | Size = 31305 bytes | Created Date = 1/5/2008 9:24:54 PM | Attr = ]
disrvsu.dll -> %System32%\dllcache\disrvsu.dll -> Eicon Technology [Ver = 2.0.1.73 | Size = 38985 bytes | Created Date = 1/5/2008 9:24:55 PM | Attr = ]
ditrace.exe -> %System32%\dllcache\ditrace.exe -> Eicon Technology [Ver = 2.0.1.315 | Size = 236060 bytes | Created Date = 1/5/2008 9:24:55 PM | Attr = ]
divaci.dll -> %System32%\dllcache\divaci.dll -> [Ver = | Size = 6216 bytes | Created Date = 1/5/2008 9:24:56 PM | Attr = ]
divaprop.dll -> %System32%\dllcache\divaprop.dll -> [Ver = | Size = 37962 bytes | Created Date = 1/5/2008 9:24:56 PM | Attr = ]
divasu.dll -> %System32%\dllcache\divasu.dll -> [Ver = | Size = 29768 bytes | Created Date = 1/5/2008 9:24:57 PM | Attr = ]
diwan.sys -> %System32%\dllcache\diwan.sys -> Eicon Technology [Ver = 2.0.1.700 | Size = 952007 bytes | Created Date = 1/5/2008 9:24:57 PM | Attr = ]
dlh5xnd5.sys -> %System32%\dllcache\dlh5xnd5.sys -> D-Link Corporation [Ver = v2.5.4 | Size = 26698 bytes | Created Date = 1/5/2008 9:24:57 PM | Attr = ]
dm9pci5.sys -> %System32%\dllcache\dm9pci5.sys -> CNet Technology, Inc. [Ver = 1.23.01.0228 built by: WinDDK | Size = 29696 bytes | Created Date = 1/5/2008 9:24:58 PM | Attr = ]
dp83820.sys -> %System32%\dllcache\dp83820.sys -> National Semiconductor Coproration [Ver = 5.0.4.17 | Size = 28062 bytes | Created Date = 1/5/2008 9:25:02 PM | Attr = ]
ds1wdm.sys -> %System32%\dllcache\ds1wdm.sys -> Yamaha Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 334208 bytes | Created Date = 1/5/2008 9:25:05 PM | Attr = ]
e1000nt5.sys -> %System32%\dllcache\e1000nt5.sys -> Intel Corporation [Ver = 2.94.294.0 | Size = 50719 bytes | Created Date = 1/5/2008 9:25:08 PM | Attr = ]
e100b325.sys -> %System32%\dllcache\e100b325.sys -> Intel Corporation [Ver = 5.41.22.0000 built by: WinDDK | Size = 117760 bytes | Created Date = 1/5/2008 9:25:09 PM | Attr = ]
e100isa4.sys -> %System32%\dllcache\e100isa4.sys -> Intel Corporation [Ver = 5.0.5.0 | Size = 19594 bytes | Created Date = 1/5/2008 9:25:09 PM | Attr = ]
el515.sys -> %System32%\dllcache\el515.sys -> 3Com Corporation [Ver = 1.08.03 | Size = 44103 bytes | Created Date = 1/5/2008 9:25:13 PM | Attr = ]
el556nd5.sys -> %System32%\dllcache\el556nd5.sys -> 3Com Corporation [Ver = 1.21.00.001 | Size = 55999 bytes | Created Date = 1/5/2008 9:25:14 PM | Attr = ]
el574nd4.sys -> %System32%\dllcache\el574nd4.sys -> 3Com Corporation [Ver = 2.00.03.4001 | Size = 24653 bytes | Created Date = 1/5/2008 9:25:14 PM | Attr = ]
el575nd5.sys -> %System32%\dllcache\el575nd5.sys -> 3Com Corporation [Ver = 2.60.5000.0020 | Size = 69692 bytes | Created Date = 1/5/2008 9:25:15 PM | Attr = ]
el589nd5.sys -> %System32%\dllcache\el589nd5.sys -> 3Com Corporation [Ver = 2.50.50.0033 | Size = 26141 bytes | Created Date = 1/5/2008 9:25:16 PM | Attr = ]
el656cd5.sys -> %System32%\dllcache\el656cd5.sys -> 3Com Corporation [Ver = 3.00.5000.0004 | Size = 69194 bytes | Created Date = 1/5/2008 9:25:16 PM | Attr = ]
el656ct5.sys -> %System32%\dllcache\el656ct5.sys -> 3Com Corporation [Ver = 1.00.4002.0070 | Size = 634134 bytes | Created Date = 1/5/2008 9:25:17 PM | Attr = ]
el656nd5.sys -> %System32%\dllcache\el656nd5.sys -> 3Com Corporation [Ver = 1.50.5000.0007 | Size = 77386 bytes | Created Date = 1/5/2008 9:25:17 PM | Attr = ]
el656se5.sys -> %System32%\dllcache\el656se5.sys -> 3Com Corporation [Ver = 1.00.4002.0070 | Size = 241206 bytes | Created Date = 1/5/2008 9:25:18 PM | Attr = ]
el90xbc5.sys -> %System32%\dllcache\el90xbc5.sys -> 3Com Corporation [Ver = 4.05.00.0000 | Size = 66591 bytes | Created Date = 1/5/2008 9:25:18 PM | Attr = ]
el90xnd5.sys -> %System32%\dllcache\el90xnd5.sys -> 3Com Corporation [Ver = 3.60.50.008 | Size = 153631 bytes | Created Date = 1/5/2008 9:25:19 PM | Attr = ]
el985n51.sys -> %System32%\dllcache\el985n51.sys -> 3Com Corporation. [Ver = 1.17.34.4 | Size = 455199 bytes | Created Date = 1/5/2008 9:25:20 PM | Attr = ]
el98xn5.sys -> %System32%\dllcache\el98xn5.sys -> 3Com Corporation [Ver = 4.0.0.13 | Size = 70174 bytes | Created Date = 1/5/2008 9:25:20 PM | Attr = ]
el99xn51.sys -> %System32%\dllcache\el99xn51.sys -> 3Com Corporation [Ver = 2.00.00.0030 built by: WinDDK | Size = 171520 bytes | Created Date = 1/5/2008 9:25:20 PM | Attr = ]
elnk3.sys -> %System32%\dllcache\elnk3.sys -> 3Com Corporation [Ver = 5.32.40 | Size = 25159 bytes | Created Date = 1/5/2008 9:25:21 PM | Attr = ]
em556n4.sys -> %System32%\dllcache\em556n4.sys -> 3Com Corporation [Ver = 1.10.02 | Size = 19996 bytes | Created Date = 1/5/2008 9:25:21 PM | Attr = ]
emu10k1m.sys -> %System32%\dllcache\emu10k1m.sys -> Creative Technology Ltd. [Ver = 5.12.01.3300 built by: WinDDK | Size = 283904 bytes | Created Date = 1/5/2008 9:25:23 PM | Attr = ]
epro4.sys -> %System32%\dllcache\epro4.sys -> Intel Corporation [Ver = 3.70.00.0000 | Size = 18503 bytes | Created Date = 1/5/2008 9:25:25 PM | Attr = ]
eqn.sys -> %System32%\dllcache\eqn.sys -> Equinox Systems Inc. [Ver = 5.0.U72 Intel built by: WinDDK | Size = 629952 bytes | Created Date = 1/5/2008 9:25:25 PM | Attr = ]
eqndiag.exe -> %System32%\dllcache\eqndiag.exe -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 53248 bytes | Created Date = 1/5/2008 9:25:26 PM | Attr = ]
eqnlogr.exe -> %System32%\dllcache\eqnlogr.exe -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 51200 bytes | Created Date = 1/5/2008 9:25:26 PM | Attr = ]
eqnloop.exe -> %System32%\dllcache\eqnloop.exe -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 61952 bytes | Created Date = 1/5/2008 9:25:27 PM | Attr = ]
es1370mp.sys -> %System32%\dllcache\es1370mp.sys -> Creative Technology Ltd. [Ver = 5.1.2501.0 built by: WinDDK | Size = 37120 bytes | Created Date = 1/5/2008 9:25:27 PM | Attr = ]
es1371mp.sys -> %System32%\dllcache\es1371mp.sys -> Creative Technology Ltd. [Ver = 5.1.2501.0 built by: WinDDK | Size = 40704 bytes | Created Date = 1/5/2008 9:25:28 PM | Attr = ]
es1969.sys -> %System32%\dllcache\es1969.sys -> ESS Technology Inc. [Ver = 5.1.2501.0 built by: WinDDK | Size = 72192 bytes | Created Date = 1/5/2008 9:25:28 PM | Attr = ]
es198x.sys -> %System32%\dllcache\es198x.sys -> ESS Technology, Inc. [Ver = 5.1.2526.0 built by: WinDDK | Size = 174464 bytes | Created Date = 1/5/2008 9:25:28 PM | Attr = ]
es56cvmp.sys -> %System32%\dllcache\es56cvmp.sys -> ESS Technology, Inc. [Ver = V4.43.049 | Size = 595647 bytes | Created Date = 1/5/2008 9:25:29 PM | Attr = ]
es56hpi.sys -> %System32%\dllcache\es56hpi.sys -> ESS Technology, Inc. [Ver = V4.43.049 | Size = 594238 bytes | Created Date = 1/5/2008 9:25:29 PM | Attr = ]
es56tpi.sys -> %System32%\dllcache\es56tpi.sys -> ESS Technology, Inc. [Ver = V4.43.049 | Size = 347550 bytes | Created Date = 1/5/2008 9:25:30 PM | Attr = ]
ess.sys -> %System32%\dllcache\ess.sys -> ESS Technology, Inc. [Ver = 5.1.2501.0 built by: WinDDK | Size = 63360 bytes | Created Date = 1/5/2008 9:25:30 PM | Attr = ]
essm2e.sys -> %System32%\dllcache\essm2e.sys -> ESS Technology, Inc. [Ver = 5.1.3612.0 built by: WinDDK | Size = 137088 bytes | Created Date = 1/5/2008 9:25:31 PM | Attr = ]
esucm.dll -> %System32%\dllcache\esucm.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 43008 bytes | Created Date = 1/5/2008 9:25:32 PM | Attr = ]
esucmd.dll -> %System32%\dllcache\esucmd.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 31744 bytes | Created Date = 1/5/2008 9:25:35 PM | Attr = ]
esuimg.dll -> %System32%\dllcache\esuimg.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 34816 bytes | Created Date = 1/5/2008 9:25:35 PM | Attr = ]
esuimgd.dll -> %System32%\dllcache\esuimgd.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 57856 bytes | Created Date = 1/5/2008 9:25:36 PM | Attr = ]
esuni.dll -> %System32%\dllcache\esuni.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 45568 bytes | Created Date = 1/5/2008 9:25:36 PM | Attr = ]
esunib.dll -> %System32%\dllcache\esunib.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 45568 bytes | Created Date = 1/5/2008 9:25:36 PM | Attr = ]
esunid.dll -> %System32%\dllcache\esunid.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 45056 bytes | Created Date = 1/5/2008 9:25:37 PM | Attr = ]
ex10.sys -> %System32%\dllcache\ex10.sys -> Intel Corporation [Ver = 1.51.00.0000 | Size = 16998 bytes | Created Date = 1/5/2008 9:25:39 PM | Attr = ]
f3ab18xi.sys -> %System32%\dllcache\f3ab18xi.sys -> FUJITSU LIMITED [Ver = 3,00,10,0022 | Size = 12362 bytes | Created Date = 1/5/2008 9:25:41 PM | Attr = ]
f3ab18xj.sys -> %System32%\dllcache\f3ab18xj.sys -> FUJITSU LIMITED [Ver = 3,00,10,0022 | Size = 11850 bytes | Created Date = 1/5/2008 9:25:41 PM | Attr = ]
fa312nd5.sys -> %System32%\dllcache\fa312nd5.sys -> NETGEAR Corp. [Ver = 5.00.119.0 | Size = 16074 bytes | Created Date = 1/5/2008 9:25:42 PM | Attr = ]
fa410nd5.sys -> %System32%\dllcache\fa410nd5.sys -> NETGEAR [Ver = 5.00.2128.1 | Size = 24618 bytes | Created Date = 1/5/2008 9:25:43 PM | Attr = ]
fem556n5.sys -> %System32%\dllcache\fem556n5.sys -> 3Com Corporation [Ver = 1.01.08.6001 | Size = 22090 bytes | Created Date = 1/5/2008 9:25:44 PM | Attr = ]
fetnd5.sys -> %System32%\dllcache\fetnd5.sys -> VIA Technologies, Inc. [Ver = 2.66 | Size = 27165 bytes | Created Date = 1/5/2008 9:25:46 PM | Attr = ]
forehe.sys -> %System32%\dllcache\forehe.sys -> Marconi Communications, Inc. [Ver = 5.0.12.6327 | Size = 34173 bytes | Created Date = 1/5/2008 9:25:49 PM | Attr = ]
fpcibase.sys -> %System32%\dllcache\fpcibase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 444416 bytes | Created Date = 1/5/2008 9:25:50 PM | Attr = ]
fpcmbase.sys -> %System32%\dllcache\fpcmbase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 441728 bytes | Created Date = 1/5/2008 9:25:51 PM | Attr = ]
fpnpbase.sys -> %System32%\dllcache\fpnpbase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 442240 bytes | Created Date = 1/5/2008 9:25:52 PM | Attr = ]
fus2base.sys -> %System32%\dllcache\fus2base.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 455680 bytes | Created Date = 1/5/2008 9:25:54 PM | Attr = ]
fusbbase.sys -> %System32%\dllcache\fusbbase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 455296 bytes | Created Date = 1/5/2008 9:25:55 PM | Attr = ]
fxusbase.sys -> %System32%\dllcache\fxusbase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 454912 bytes | Created Date = 1/5/2008 9:25:58 PM | Attr = ]
g200d.dll -> %System32%\dllcache\g200d.dll -> Matrox Graphics Inc. [Ver = 5.12.01.1200 (ReleasedBinaries.010308-1115) | Size = 470144 bytes | Created Date = 1/5/2008 9:25:58 PM | Attr = ]
g200m.sys -> %System32%\dllcache\g200m.sys -> Matrox Graphics Inc. [Ver = 5.12.01.1200 (ReleasedBinaries.010308-1115) | Size = 320384 bytes | Created Date = 1/5/2008 9:25:59 PM | Attr = ]
g400d.dll -> %System32%\dllcache\g400d.dll -> Matrox Graphics Inc. [Ver = 5.12.01.1200 (ReleasedBinaries.010308-1115) | Size = 1733120 bytes | Created Date = 1/5/2008 9:25:59 PM | Attr = ]
g400m.sys -> %System32%\dllcache\g400m.sys -> Matrox Graphics Inc. [Ver = 5.12.01.1200 (ReleasedBinaries.010308-1115) | Size = 322432 bytes | Created Date = 1/5/2008 9:26:00 PM | Attr = ]
gpr400.sys -> %System32%\dllcache\gpr400.sys -> Gemplus [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 17408 bytes | Created Date = 1/5/2008 9:26:03 PM | Attr = ]
grclass.sys -> %System32%\dllcache\grclass.sys -> Gemplus [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 82304 bytes | Created Date = 1/5/2008 9:26:03 PM | Attr = ]
grserial.sys -> %System32%\dllcache\grserial.sys -> Gemplus [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 28288 bytes | Created Date = 1/5/2008 9:26:04 PM | Attr = ]
hanja.lex -> %System32%\dllcache\hanja.lex -> [Ver = | Size = 108827 bytes | Created Date = 1/5/2008 9:26:07 PM | Attr = ]
hcf_msft.sys -> %System32%\dllcache\hcf_msft.sys -> Conexant [Ver = 2.1.2.171.021.003 | Size = 907456 bytes | Created Date = 1/5/2008 9:26:08 PM | Attr = ]
hpgt21.dll -> %System32%\dllcache\hpgt21.dll -> [Ver = 1, 0, 0, 1 | Size = 83968 bytes | Created Date = 1/5/2008 9:26:13 PM | Attr = ]
hpgt33.dll -> %System32%\dllcache\hpgt33.dll -> [Ver = 1, 0, 0, 1 | Size = 89088 bytes | Created Date = 1/5/2008 9:26:14 PM | Attr = ]
hpgt34.dll -> %System32%\dllcache\hpgt34.dll -> [Ver = 1, 0, 0, 1 | Size = 101376 bytes | Created Date = 1/5/2008 9:26:15 PM | Attr = ]
hpgt34tk.dll -> %System32%\dllcache\hpgt34tk.dll -> Hewlett Packard [Ver = 4.11.2000.0 | Size = 126976 bytes | Created Date = 1/5/2008 9:26:15 PM | Attr = ]
hpgt42.dll -> %System32%\dllcache\hpgt42.dll -> [Ver = 1, 0, 0, 1 | Size = 93696 bytes | Created Date = 1/5/2008 9:26:16 PM | Attr = ]
hpgt53.dll -> %System32%\dllcache\hpgt53.dll -> [Ver = 1, 0, 0, 1 | Size = 165888 bytes | Created Date = 1/5/2008 9:26:16 PM | Attr = ]
hpgt53tk.dll -> %System32%\dllcache\hpgt53tk.dll -> Avisioin [Ver = 1,0,7,0210 | Size = 68608 bytes | Created Date = 1/5/2008 9:26:17 PM | Attr = ]
hsf_amos.sys -> %System32%\dllcache\hsf_amos.sys -> Conexant [Ver = 3.05.12.04 | Size = 150239 bytes | Created Date = 1/5/2008 9:26:20 PM | Attr = ]
hsf_bsc2.sys -> %System32%\dllcache\hsf_bsc2.sys -> Conexant [Ver = 3.05.12.04 | Size = 67167 bytes | Created Date = 1/5/2008 9:26:20 PM | Attr = ]
hsf_fall.sys -> %System32%\dllcache\hsf_fall.sys -> Conexant [Ver = 3.05.12.04 | Size = 289887 bytes | Created Date = 1/5/2008 9:26:21 PM | Attr = ]
hsf_faxx.sys -> %System32%\dllcache\hsf_faxx.sys -> Conexant [Ver = 3.05.12.04 | Size = 199711 bytes | Created Date = 1/5/2008 9:26:21 PM | Attr = ]
hsf_fsks.sys -> %System32%\dllcache\hsf_fsks.sys -> Conexant [Ver = 3.05.12.04 | Size = 115807 bytes | Created Date = 1/5/2008 9:26:22 PM | Attr = ]
hsf_inst.dll -> %System32%\dllcache\hsf_inst.dll -> Conexant [Ver = 3.05.12.04 | Size = 9759 bytes | Created Date = 1/5/2008 9:26:22 PM | Attr = ]
hsf_k56k.sys -> %System32%\dllcache\hsf_k56k.sys -> Conexant [Ver = 3.05.12.04 | Size = 391199 bytes | Created Date = 1/5/2008 9:26:22 PM | Attr = ]
hsf_msft.sys -> %System32%\dllcache\hsf_msft.sys -> Conexant [Ver = 3.05.12.06 | Size = 542879 bytes | Created Date = 1/5/2008 9:26:23 PM | Attr = ]
hsf_samp.sys -> %System32%\dllcache\hsf_samp.sys -> Conexant [Ver = 3.05.12.05 | Size = 57471 bytes | Created Date = 1/5/2008 9:26:23 PM | Attr = ]
hsf_soar.sys -> %System32%\dllcache\hsf_soar.sys -> Conexant [Ver = 3.05.12.05 | Size = 44863 bytes | Created Date = 1/5/2008 9:26:24 PM | Attr = ]
hsf_spkp.sys -> %System32%\dllcache\hsf_spkp.sys -> Conexant [Ver = 3.05.12.04 | Size = 73279 bytes | Created Date = 1/5/2008 9:26:24 PM | Attr = ]
hsf_tone.sys -> %System32%\dllcache\hsf_tone.sys -> Conexant [Ver = 3.05.12.04 | Size = 50751 bytes | Created Date = 1/5/2008 9:26:24 PM | Attr = ]
hsf_v124.sys -> %System32%\dllcache\hsf_v124.sys -> Conexant [Ver = 3.05.12.04 | Size = 488383 bytes | Created Date = 1/5/2008 9:26:25 PM | Attr = ]
hwxjpn.dll -> %System32%\dllcache\hwxjpn.dll -> [Ver = | Size = 13463552 bytes | Created Date = 1/5/2008 9:26:32 PM | Attr = ]
i740dnt5.dll -> %System32%\dllcache\i740dnt5.dll -> Intel Corporation [Ver = 5.0.01.0604.0920 | Size = 353184 bytes | Created Date = 1/5/2008 9:26:43 PM | Attr = ]
i740nt5.sys -> %System32%\dllcache\i740nt5.sys -> Intel Corporation [Ver = 5.0.01.0604.0920 | Size = 58592 bytes | Created Date = 1/5/2008 9:26:43 PM | Attr = ]
i81xdnt5.dll -> %System32%\dllcache\i81xdnt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 702845 bytes | Created Date = 1/5/2008 9:26:44 PM | Attr = ]
i81xnt5.sys -> %System32%\dllcache\i81xnt5.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 161020 bytes | Created Date = 1/5/2008 9:26:44 PM | Attr = ]
ibmexmp.sys -> %System32%\dllcache\ibmexmp.sys -> IBM Corp. [Ver = 3.14.00.0000 | Size = 28700 bytes | Created Date = 1/5/2008 9:26:46 PM | Attr = ]
ibmsgnet.dll -> %System32%\dllcache\ibmsgnet.dll -> IBM Corporation [Ver = 1.00.00.0000 | Size = 9216 bytes | Created Date = 1/5/2008 9:26:46 PM | Attr = ]
ibmtok.sys -> %System32%\dllcache\ibmtok.sys -> IBM Corporation [Ver = 12.23.04.0050 | Size = 100936 bytes | Created Date = 1/5/2008 9:26:47 PM | Attr = ]
ibmtrp.sys -> %System32%\dllcache\ibmtrp.sys -> IBM Corporation [Ver = 5.33.02.0050 | Size = 109085 bytes | Created Date = 1/5/2008 9:26:47 PM | Attr = ]
iconf32.dll -> %System32%\dllcache\iconf32.dll -> Xircom [Ver = 1.1.0.11 | Size = 372824 bytes | Created Date = 1/5/2008 9:26:51 PM | Attr = ]
imekr.lex -> %System32%\dllcache\imekr.lex -> [Ver = | Size = 134339 bytes | Created Date = 1/5/2008 9:26:59 PM | Attr = ]
io8.sys -> %System32%\dllcache\io8.sys -> Perle Systems Ltd. [Ver = 1.0.1.0022 (XPClient.010817-1148) | Size = 38784 bytes | Created Date = 1/5/2008 9:27:09 PM | Attr = ]
io8ports.dll -> %System32%\dllcache\io8ports.dll -> Perle Systems Ltd. [Ver = 1.0.0.0008 | Size = 90200 bytes | Created Date = 1/5/2008 9:27:10 PM | Attr = ]
ip5515.sys -> %System32%\dllcache\ip5515.sys -> Interphase ® Corporation a Windows ® 2000 DDK Driver Provider [Ver = 5.1.2257.1 built by: Administrator | Size = 45632 bytes | Created Date = 1/5/2008 9:27:10 PM | Attr = ]
irmk7.sys -> %System32%\dllcache\irmk7.sys -> MKNet Corporation [Ver = 4.1.0 | Size = 23552 bytes | Created Date = 1/5/2008 9:27:13 PM | Attr = ]
irstusb.sys -> %System32%\dllcache\irstusb.sys -> SigmaTel, Inc. [Ver = 1, 20, 0, 0 | Size = 26624 bytes | Created Date = 1/5/2008 9:27:14 PM | Attr = ]
korwbrkr.lex -> %System32%\dllcache\korwbrkr.lex -> [Ver = | Size = 1158818 bytes | Created Date = 1/5/2008 9:27:39 PM | Attr = ]
ksc.nls -> %System32%\dllcache\ksc.nls -> [Ver = | Size = 47066 bytes | Created Date = 1/5/2008 9:27:40 PM | Attr = ]
ktc111.sys -> %System32%\dllcache\ktc111.sys -> Kingston Technology Company [Ver = 2.00 | Size = 19016 bytes | Created Date = 1/5/2008 9:27:41 PM | Attr = ]
lanepic5.sys -> %System32%\dllcache\lanepic5.sys -> SMSC [Ver = 3.40.0000.0000 | Size = 26442 bytes | Created Date = 1/5/2008 9:27:42 PM | Attr = ]
lbrtfdc.sys -> %System32%\dllcache\lbrtfdc.sys -> Toshiba Corp. [Ver = Version 5.10.3 (xpsp_sp2_rtm.040803-2158) | Size = 34688 bytes | Created Date = 1/5/2008 9:27:42 PM | Attr = ]
lit220p.sys -> %System32%\dllcache\lit220p.sys -> Litronic Industries [Ver = 1 | Size = 15744 bytes | Created Date = 1/5/2008 9:27:43 PM | Attr = ]
lmndis3.sys -> %System32%\dllcache\lmndis3.sys -> D-Link [Ver = 5.00.2128.1 | Size = 25065 bytes | Created Date = 1/5/2008 9:27:44 PM | Attr = ]
lne100.sys -> %System32%\dllcache\lne100.sys -> The Linksts Group [Ver = 2.00 | Size = 20573 bytes | Created Date = 1/5/2008 9:27:45 PM | Attr = ]
lne100tx.sys -> %System32%\dllcache\lne100tx.sys -> Linksys Group, Inc. [Ver = 4.55 | Size = 70730 bytes | Created Date = 1/5/2008 9:27:45 PM | Attr = ]
ltck000c.sys -> %System32%\dllcache\ltck000c.sys -> Xircom, Inc. [Ver = 1.98.2 | Size = 727786 bytes | Created Date = 1/5/2008 9:27:49 PM | Attr = ]
ltmdmnt.sys -> %System32%\dllcache\ltmdmnt.sys -> LT [Ver = 8.28 | Size = 606684 bytes | Created Date = 1/5/2008 9:27:50 PM | Attr = ]
ltmdmntl.sys -> %System32%\dllcache\ltmdmntl.sys -> LT [Ver = 3.01.3 | Size = 576746 bytes | Created Date = 1/5/2008 9:27:51 PM | Attr = ]
ltmdmntt.sys -> %System32%\dllcache\ltmdmntt.sys -> LT [Ver = 6.08 | Size = 420992 bytes | Created Date = 1/5/2008 9:27:51 PM | Attr = ]
ltsm.sys -> %System32%\dllcache\ltsm.sys -> Lucent Technologies [Ver = 3.1.92.1 3.1.92.1 07/18/2001 12:51:10 | Size = 802683 bytes | Created Date = 1/5/2008 9:27:52 PM | Attr = ]
ltsmt.sys -> %System32%\dllcache\ltsmt.sys -> LT [Ver = 3.1.92.1 07/18/2001 13:02:42 | Size = 797500 bytes | Created Date = 1/5/2008 9:27:53 PM | Attr = ]
lwadihid.sys -> %System32%\dllcache\lwadihid.sys -> Logitech Inc. [Ver = 5.1.420.093 | Size = 20864 bytes | Created Date = 1/5/2008 9:27:54 PM | Attr = ]
lwusbhid.sys -> %System32%\dllcache\lwusbhid.sys -> Logitech Inc. [Ver = 5.1.410.190 | Size = 22848 bytes | Created Date = 1/5/2008 9:27:54 PM | Attr = ]
maestro.sys -> %System32%\dllcache\maestro.sys -> ESS Technology, Inc. [Ver = 5.1.2501.0 built by: WinDDK | Size = 48768 bytes | Created Date = 1/5/2008 9:27:56 PM | Attr = ]
mdgndis5.sys -> %System32%\dllcache\mdgndis5.sys -> Madge Networks Ltd [Ver = 6.06 | Size = 164586 bytes | Created Date = 1/5/2008 9:27:59 PM | Attr = ]
memstpci.sys -> %System32%\dllcache\memstpci.sys -> Sony Corporation [Ver = 1.00.1120.0 (xpsp_sp2_rtm.040803-2158) | Size = 26112 bytes | Created Date = 1/5/2008 9:28:00 PM | Attr = ]
mgaud.dll -> %System32%\dllcache\mgaud.dll -> Matrox Graphics Inc. [Ver = 5.00.2475.1200 (ReleasedBinaries.010308-1115) | Size = 235648 bytes | Created Date = 1/5/2008 9:28:05 PM | Attr = ]
mgaum.sys -> %System32%\dllcache\mgaum.sys -> Matrox Graphics Inc. [Ver = 5.00.2475.1200 (ReleasedBinaries.010308-1115) | Size = 320384 bytes | Created Date = 1/5/2008 9:28:05 PM | Attr = ]
mraid35x.sys -> %System32%\dllcache\mraid35x.sys -> American Megatrends Inc. [Ver = 6.19 (XPClient.010817-1148) | Size = 17280 bytes | Created Date = 1/5/2008 9:28:16 PM | Attr = ]
msdvbnp.ax -> %System32%\dllcache\msdvbnp.ax -> [Ver = | Size = 56832 bytes | Created Date = 1/5/2008 9:28:20 PM | Attr = ]
mtxvideo.sys -> %System32%\dllcache\mtxvideo.sys -> Matrox Graphics Inc [Ver = 1.00.25 | Size = 103296 bytes | Created Date = 1/5/2008 9:28:44 PM | Attr = ]
mxcard.sys -> %System32%\dllcache\mxcard.sys -> Moxa Technologies Co., Ltd. [Ver = 1.1 (XPClient.010817-1148) | Size = 21888 bytes | Created Date = 1/5/2008 9:28:46 PM | Attr = ]
mxicfg.dll -> %System32%\dllcache\mxicfg.dll -> Moxa Technologies Co., Ltd [Ver = 1.1 | Size = 19968 bytes | Created Date = 1/5/2008 9:28:47 PM | Attr = ]
mxnic.sys -> %System32%\dllcache\mxnic.sys -> Macronix International Co., Ltd. [Ver = 2.12 (XPClient.010817-1148) | Size = 19968 bytes | Created Date = 1/5/2008 9:28:47 PM | Attr = ]
mxport.dll -> %System32%\dllcache\mxport.dll -> Moxa Technologies Co., Ltd [Ver = 1.1 | Size = 7168 bytes | Created Date = 1/5/2008 9:28:48 PM | Attr = ]
mxport.sys -> %System32%\dllcache\mxport.sys -> Moxa Technologies Co., Ltd. [Ver = 1.1 (XPClient.010817-1148) | Size = 75520 bytes | Created Date = 1/5/2008 9:28:48 PM | Attr = ]
n1000nt5.sys -> %System32%\dllcache\n1000nt5.sys -> Compaq Computer Corporation [Ver = 2.94.294.0 | Size = 52255 bytes | Created Date = 1/5/2008 9:28:49 PM | Attr = ]
n100325.sys -> %System32%\dllcache\n100325.sys -> Compaq Computer Corporation [Ver = 5.41.22.0000 built by: WinDDK | Size = 128000 bytes | Created Date = 1/5/2008 9:28:49 PM | Attr = ]
n9i128.dll -> %System32%\dllcache\n9i128.dll -> Number Nine Visual Technology Corp. [Ver = 5.01.101.03 | Size = 35392 bytes | Created Date = 1/5/2008 9:28:49 PM | Attr = ]
n9i128.sys -> %System32%\dllcache\n9i128.sys -> Number Nine Visual Technology Corp. [Ver = 5.01.101.03 | Size = 13664 bytes | Created Date = 1/5/2008 9:28:50 PM | Attr = ]
n9i128v2.dll -> %System32%\dllcache\n9i128v2.dll -> Number Nine Visual Technology Corp. [Ver = 5.01.102.35 | Size = 59104 bytes | Created Date = 1/5/2008 9:28:50 PM | Attr = ]
n9i128v2.sys -> %System32%\dllcache\n9i128v2.sys -> Number Nine Visual Technology Corp. [Ver = 5.01.102.35 | Size = 33088 bytes | Created Date = 1/5/2008 9:28:51 PM | Attr = ]
n9i3d.sys -> %System32%\dllcache\n9i3d.sys -> Number Nine Visual Technology Corp. [Ver = 5.01.103.09 | Size = 27936 bytes | Created Date = 1/5/2008 9:28:52 PM | Attr = ]
n9i3disp.dll -> %System32%\dllcache\n9i3disp.dll -> Number Nine Visual Technology Corp. [Ver = 5.01.103.09 | Size = 91488 bytes | Created Date = 1/5/2008 9:28:52 PM | Attr = ]
neo20xx.dll -> %System32%\dllcache\neo20xx.dll -> NeoMagic Corporation [Ver = 5.31.00 (ReleasedBinaries.010308-1115) | Size = 60480 bytes | Created Date = 1/5/2008 9:28:58 PM | Attr = ]
neo20xx.sys -> %System32%\dllcache\neo20xx.sys -> NeoMagic Corporation [Ver = 5.31.00 (ReleasedBinaries.010308-1115) | Size = 39264 bytes | Created Date = 1/5/2008 9:28:58 PM | Attr = ]
netflx3.sys -> %System32%\dllcache\netflx3.sys -> Compaq Computer Corporation [Ver = 5.0.1.18 | Size = 65278 bytes | Created Date = 1/5/2008 9:29:00 PM | Attr = ]
netwlan5.sys -> %System32%\dllcache\netwlan5.sys -> 802.11b [Ver = 3, 1, 4, 26 | Size = 132695 bytes | Created Date = 1/5/2008 9:29:05 PM | Attr = ]
ngrpci.sys -> %System32%\dllcache\ngrpci.sys -> NETGEAR Corporation. [Ver = 4.56 | Size = 32840 bytes | Created Date = 1/5/2008 9:29:06 PM | Attr = ]
nm5a2wdm.sys -> %System32%\dllcache\nm5a2wdm.sys -> NeoMagic Corporation [Ver = 5.1.2501.0 built by: WinDDK | Size = 126080 bytes | Created Date = 1/5/2008 9:29:09 PM | Attr = ]
nm6wdm.sys -> %System32%\dllcache\nm6wdm.sys -> NeoMagic Corporation [Ver = 5.1.2501.0 built by: WinDDK | Size = 87040 bytes | Created Date = 1/5/2008 9:29:10 PM | Attr = ]
nscirda.sys -> %System32%\dllcache\nscirda.sys -> National Semiconductor Corporation [Ver = 5,02,00,011 (xpsp_sp2_rtm.040803-2158) | Size = 28672 bytes | Created Date = 1/5/2008 9:29:12 PM | Attr = ]
ntgrip.sys -> %System32%\dllcache\ntgrip.sys -> Kensington Technology Group [Ver = 1.00 | Size = 51552 bytes | Created Date = 1/5/2008 9:29:15 PM | Attr = ]
nv3.dll -> %System32%\dllcache\nv3.dll -> NVIDIA Corporation [Ver = 5.1.3528.0343 (ReleasedBinaries.010717-0141) | Size = 123776 bytes | Created Date = 1/5/2008 9:29:29 PM | Attr = ]
nv3.sys -> %System32%\dllcache\nv3.sys -> NVIDIA Corporation [Ver = 5.1.3528.0343 (ReleasedBinaries.010717-0141) | Size = 198144 bytes | Created Date = 1/5/2008 9:29:29 PM | Attr = ]
opl3sax.sys -> %System32%\dllcache\opl3sax.sys -> Yamaha Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 54528 bytes | Created Date = 1/5/2008 9:29:37 PM | Attr = ]
otc06x5.sys -> %System32%\dllcache\otc06x5.sys -> Ositech Communications, Inc. [Ver = 1.01.020 | Size = 27209 bytes | Created Date = 1/5/2008 9:29:38 PM | Attr = ]
otceth5.sys -> %System32%\dllcache\otceth5.sys -> Ositech Communications, Inc. [Ver = 1.02.014.3 | Size = 43689 bytes | Created Date = 1/5/2008 9:29:38 PM | Attr = ]
otcsercb.sys -> %System32%\dllcache\otcsercb.sys -> Ositech Communications, Inc. [Ver = 1.05.02 | Size = 54186 bytes | Created Date = 1/5/2008 9:29:39 PM | Attr = ]
pc100nds.sys -> %System32%\dllcache\pc100nds.sys -> Linksys [Ver = 5.00.2195.1 | Size = 30495 bytes | Created Date = 1/5/2008 9:29:48 PM | Attr = ]
pca200e.sys -> %System32%\dllcache\pca200e.sys -> Marconi Communications, Inc. [Ver = 5.0.12.6327 | Size = 29502 bytes | Created Date = 1/5/2008 9:29:48 PM | Attr = ]
pcmlm56.sys -> %System32%\dllcache\pcmlm56.sys -> Linksys [Ver = 5.00.2128.1 | Size = 26153 bytes | Created Date = 1/5/2008 9:29:50 PM | Attr = ]
pcntn5hl.sys -> %System32%\dllcache\pcntn5hl.sys -> AMD Inc. [Ver = 1.09.001 | Size = 30282 bytes | Created Date = 1/5/2008 9:29:51 PM | Attr = ]
pcntn5m.sys -> %System32%\dllcache\pcntn5m.sys -> AMD Inc. [Ver = 4.09.00 | Size = 29769 bytes | Created Date = 1/5/2008 9:29:51 PM | Attr = ]
pcntpci5.sys -> %System32%\dllcache\pcntpci5.sys -> AMD Inc. [Ver = 4.38.00 built by: WinDDK | Size = 35328 bytes | Created Date = 1/5/2008 9:29:51 PM | Attr = ]
pcx500.sys -> %System32%\dllcache\pcx500.sys -> Cisco Systems [Ver = 7.50.01 Firmware built by: Cisco Systems | Size = 169984 bytes | Created Date = 1/5/2008 9:29:52 PM | Attr = ]
perm2.sys -> %System32%\dllcache\perm2.sys -> Microsoft Corp., 3Dlabs Inc. Ltd. [Ver = 1.00-0009 (MS) (xpsp_sp2_rtm.040803-2158) | Size = 27904 bytes | Created Date = 1/5/2008 9:29:55 PM | Attr = ]
perm2dll.dll -> %System32%\dllcache\perm2dll.dll -> Microsoft Corp., 3Dlabs Inc. Ltd. [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 211712 bytes | Created Date = 1/5/2008 9:29:56 PM | Attr = ]
perm3.sys -> %System32%\dllcache\perm3.sys -> Microsoft Corp., 3Dlabs Inc. Ltd. [Ver = 1.00 (xpsp_sp2_rtm.040803-2158) | Size = 28032 bytes | Created Date = 1/5/2008 9:29:57 PM | Attr = ]
perm3dd.dll -> %System32%\dllcache\perm3dd.dll -> Microsoft Corp., 3Dlabs Inc. Ltd. [Ver = 1.00 (xpsp_sp2_rtm.040803-2158) | Size = 259328 bytes | Created Date = 1/5/2008 9:29:58 PM | Attr = ]
prc.nls -> %System32%\dllcache\prc.nls -> [Ver = | Size = 83748 bytes | Created Date = 1/5/2008 9:30:10 PM | Attr = ]
prcp.nls -> %System32%\dllcache\prcp.nls -> [Ver = | Size = 83748 bytes | Created Date = 1/5/2008 9:30:10 PM | Attr = ]
pscr.sys -> %System32%\dllcache\pscr.sys -> SCM Microsystems, Inc. [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 16128 bytes | Created Date = 1/5/2008 9:30:12 PM | Attr = ]
psisdecd.dll -> %System32%\dllcache\psisdecd.dll -> [Ver = | Size = 363520 bytes | Created Date = 1/5/2008 9:30:12 PM | Attr = ]
psisrndr.ax -> %System32%\dllcache\psisrndr.ax -> [Ver = | Size = 33280 bytes | Created Date = 1/5/2008 9:30:14 PM | Attr = ]
ptserli.sys -> %System32%\dllcache\ptserli.sys -> PCTEL, INC. [Ver = 7.54.07 | Size = 128286 bytes | Created Date = 1/5/2008 9:30:17 PM | Attr = ]
ptserlp.sys -> %System32%\dllcache\ptserlp.sys -> PCTEL, INC. [Ver = 7.54.07 | Size = 112574 bytes | Created Date = 1/5/2008 9:30:18 PM | Attr = ]
ptserlv.sys -> %System32%\dllcache\ptserlv.sys -> PCTEL, INC. [Ver = 7.54.07 | Size = 130942 bytes | Created Date = 1/5/2008 9:30:18 PM | Attr = ]
ql1080.sys -> %System32%\dllcache\ql1080.sys -> QLogic Corporation [Ver = 3.04 | Size = 40320 bytes | Created Date = 1/5/2008 9:30:20 PM | Attr = ]
ql12160.sys -> %System32%\dllcache\ql12160.sys -> QLogic Corporation [Ver = 7.13.02 (W64) | Size = 45312 bytes | Created Date = 1/5/2008 9:30:21 PM | Attr = ]
ql1280.sys -> %System32%\dllcache\ql1280.sys -> QLogic Corporation [Ver = 7.13.01 (W2K) | Size = 49024 bytes | Created Date = 1/5/2008 9:30:22 PM | Attr = ]
r2mdkxga.sys -> %System32%\dllcache\r2mdkxga.sys -> Xircom, Inc. [Ver = 1.90.7 | Size = 899146 bytes | Created Date = 1/5/2008 9:30:28 PM | Attr = ]
r2mdmkxx.sys -> %System32%\dllcache\r2mdmkxx.sys -> Xircom, Inc. [Ver = 1.90.7 | Size = 714762 bytes | Created Date = 1/5/2008 9:30:28 PM | Attr = ]
reslog32.dll -> %System32%\dllcache\reslog32.dll -> Xircom [Ver = 1.0.0.6 | Size = 86097 bytes | Created Date = 1/5/2008 9:30:34 PM | Attr = ]
rlnet5.sys -> %System32%\dllcache\rlnet5.sys -> RadioLAN [Ver = 2.30 | Size = 37563 bytes | Created Date = 1/5/2008 9:30:35 PM | Attr = ]
rocket.sys -> %System32%\dllcache\rocket.sys -> Comtrol Corporation [Ver = 4.50 | Size = 79104 bytes | Created Date = 1/5/2008 9:30:36 PM | Attr = ]
rpfun.sys -> %System32%\dllcache\rpfun.sys -> Conexant Systems Inc. [Ver = 5.12.01.0326 | Size = 3840 bytes | Created Date = 1/5/2008 9:30:39 PM | Attr = ]
rsmgrstr.dll -> %System32%\dllcache\rsmgrstr.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 9216 bytes | Created Date = 1/5/2008 9:30:39 PM | Attr = ]
rthwcls.sys -> %System32%\dllcache\rthwcls.sys -> Conexant Systems Inc. [Ver = 5.12.01.0326 | Size = 30720 bytes | Created Date = 1/5/2008 9:30:40 PM | Attr = ]
rtl8029.sys -> %System32%\dllcache\rtl8029.sys -> Realtek Semiconductor Corporation [Ver = 5.508.0803.2000 | Size = 19017 bytes | Created Date = 1/5/2008 9:30:41 PM | Attr = ]
rtl8139.sys -> %System32%\dllcache\rtl8139.sys -> Realtek Semiconductor Corporation [Ver = 5.398.613.2003 built by: WinDDK | Size = 20992 bytes | Created Date = 1/5/2008 9:30:41 PM | Attr = ]
rw330ext.dll -> %System32%\dllcache\rw330ext.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 26624 bytes | Created Date = 1/5/2008 9:30:45 PM | Attr = ]
rw430ext.dll -> %System32%\dllcache\rw430ext.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 24576 bytes | Created Date = 1/5/2008 9:30:46 PM | Attr = ]
rw450ext.dll -> %System32%\dllcache\rw450ext.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 26624 bytes | Created Date = 1/5/2008 9:30:46 PM | Attr = ]
rwia001.dll -> %System32%\dllcache\rwia001.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 1/5/2008 9:30:47 PM | Attr = ]
rwia330.dll -> %System32%\dllcache\rwia330.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 1/5/2008 9:30:47 PM | Attr = ]
rwia430.dll -> %System32%\dllcache\rwia430.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 1/5/2008 9:30:47 PM | Attr = ]
rwia450.dll -> %System32%\dllcache\rwia450.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 82432 bytes | Created Date = 1/5/2008 9:30:48 PM | Attr = ]
s3m.sys -> %System32%\dllcache\s3m.sys -> S3 Incorporated [Ver = 5.1024.329.0002 (ReleasedBinaries.010308-1115) | Size = 166720 bytes | Created Date = 1/5/2008 9:30:49 PM | Attr = ]
s3mt3d.dll -> %System32%\dllcache\s3mt3d.dll -> S3 Incorporated [Ver = 5.01.526.0007 (ReleasedBinaries.010718-0005) | Size = 182272 bytes | Created Date = 1/5/2008 9:30:49 PM | Attr = ]
s3mt3d.sys -> %System32%\dllcache\s3mt3d.sys -> S3 Incorporated [Ver = 5.01.526.0007 (ReleasedBinaries.010718-0005) | Size = 41216 bytes | Created Date = 1/5/2008 9:30:50 PM | Attr = ]
s3mtrio.dll -> %System32%\dllcache\s3mtrio.dll -> S3 Incorporated [Ver = 5.1024.329.0002 (ReleasedBinaries.010308-1115) | Size = 62496 bytes | Created Date = 1/5/2008 9:30:50 PM | Attr = ]
s3mvirge.dll -> %System32%\dllcache\s3mvirge.dll -> S3 Incorporated [Ver = 5.1024.329.0002 (ReleasedBinaries.010308-1115) | Size = 210496 bytes | Created Date = 1/5/2008 9:30:50 PM | Attr = ]
s3sav3d.dll -> %System32%\dllcache\s3sav3d.dll -> S3 Incorporated [Ver = 5.01.620.0006 (ReleasedBinaries.010308-1115) | Size = 179264 bytes | Created Date = 1/5/2008 9:30:51 PM | Attr = ]
s3sav3dm.sys -> %System32%\dllcache\s3sav3dm.sys -> S3 Incorporated [Ver = 5.01.620.0006 (ReleasedBinaries.010308-1115) | Size = 61504 bytes | Created Date = 1/5/2008 9:30:51 PM | Attr = ]
s3sav4.dll -> %System32%\dllcache\s3sav4.dll -> S3 Incorporated [Ver = 5.12.01.8012-8.40.03 built by: ReleasedBinaries | Size = 198400 bytes | Created Date = 1/5/2008 9:30:51 PM | Attr = ]
s3sav4m.sys -> %System32%\dllcache\s3sav4m.sys -> S3 Incorporated [Ver = 5.12.01.8012-8.40.03 built by: ReleasedBinaries | Size = 77824 bytes | Created Date = 1/5/2008 9:30:52 PM | Attr = ]
s3savmx.dll -> %System32%\dllcache\s3savmx.dll -> S3 Graphics, Inc. [Ver = 5.13.01.7056-7.50.16 | Size = 245632 bytes | Created Date = 1/5/2008 9:30:52 PM | Attr = ]
s3savmxm.sys -> %System32%\dllcache\s3savmxm.sys -> S3 Graphics, Inc. [Ver = 5.13.01.7056-7.50.16 | Size = 75392 bytes | Created Date = 1/5/2008 9:30:53 PM | Attr = ]
sblfx.dll -> %System32%\dllcache\sblfx.dll -> Creative Technology Ltd. [Ver = 5.12.01.3210 | Size = 495616 bytes | Created Date = 1/5/2008 9:30:54 PM | Attr = ]
sccmn50m.sys -> %System32%\dllcache\sccmn50m.sys -> OMNIKEY AG [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 23936 bytes | Created Date = 1/5/2008 9:30:56 PM | Attr = ]
sccmusbm.sys -> %System32%\dllcache\sccmusbm.sys -> OMNIKEY AG [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 23936 bytes | Created Date = 1/5/2008 9:30:56 PM | Attr = ]
scr111.sys -> %System32%\dllcache\scr111.sys -> SCM Microsystems [Ver = 1.01.006 (XPClient.010817-1148) | Size = 17280 bytes | Created Date = 1/5/2008 9:30:57 PM | Attr = ]
sfmanm.sys -> %System32%\dllcache\sfmanm.sys -> Creative Technology Ltd. [Ver = 4.10.3300 | Size = 36480 bytes | Created Date = 1/5/2008 9:31:02 PM | Attr = ]
sgiul50.dll -> %System32%\dllcache\sgiul50.dll -> Trident Microsystems Inc. [Ver = 5.1.2462.0032 (ReleasedBinaries.010308-1115) | Size = 386560 bytes | Created Date = 1/5/2008 9:31:03 PM | Attr = ]
sgiulnt5.sys -> %System32%\dllcache\sgiulnt5.sys -> Trident Microsystems Inc. [Ver = 5.1.2462.0032 (ReleasedBinaries.010308-1115) | Size = 98080 bytes | Created Date = 1/5/2008 9:31:03 PM | Attr = ]
sgsmld.sys -> %System32%\dllcache\sgsmld.sys -> Micro Systemation [Ver = 1.1 | Size = 18400 bytes | Created Date = 1/5/2008 9:31:04 PM | Attr = ]
sgsmusb.sys -> %System32%\dllcache\sgsmusb.sys -> Micro Systemation [Ver = 1, 0, 0, 4 | Size = 161568 bytes | Created Date = 1/5/2008 9:31:04 PM | Attr = ]
sis300ip.sys -> %System32%\dllcache\sis300ip.sys -> Silicon Integrated Systems Corporation [Ver = 5.13.01.1100 (Lab01_N(ericks).010612-1818) | Size = 101760 bytes | Created Date = 1/5/2008 9:31:10 PM | Attr = ]
sis300iv.dll -> %System32%\dllcache\sis300iv.dll -> Silicon Integrated Systems Corporation [Ver = 5.13.01.1100 (Lab01_N(ericks).010612-1818) | Size = 252032 bytes | Created Date = 1/5/2008 9:31:10 PM | Attr = ]
sis6306p.sys -> %System32%\dllcache\sis6306p.sys -> Silicon Integrated Systems Corporation [Ver = 5.12.01.1080 (Lab01_N(ericks).010522-2022) | Size = 68608 bytes | Created Date = 1/5/2008 9:31:11 PM | Attr = ]
sis6306v.dll -> %System32%\dllcache\sis6306v.dll -> Silicon Integrated Systems Corporation [Ver = 5.12.01.1080 (Lab01_N(ericks).010522-2022) | Size = 150144 bytes | Created Date = 1/5/2008 9:31:11 PM | Attr = ]
sisgrp.sys -> %System32%\dllcache\sisgrp.sys -> Silicon Integrated Systems Corporation [Ver = 5.13.01.2000 (ReleasedBinaries.010625-1804) | Size = 104064 bytes | Created Date = 1/5/2008 9:31:11 PM | Attr = ]
sisgrv.dll -> %System32%\dllcache\sisgrv.dll -> Silicon Integrated Systems Corporation [Ver = 5.13.01.2000 (ReleasedBinaries.010625-1804) | Size = 238592 bytes | Created Date = 1/5/2008 9:31:12 PM | Attr = ]
sisnic.sys -> %System32%\dllcache\sisnic.sys -> SiS Corporation [Ver = 1.16.00.05 built by: WinDDK | Size = 32768 bytes | Created Date = 1/5/2008 9:31:12 PM | Attr = ]
sisv.sys -> %System32%\dllcache\sisv.sys -> Silicon Integrated Systems Corporation [Ver = 5.12.01.1300 (Lab01_N(ericks).010522-2022) | Size = 50432 bytes | Created Date = 1/5/2008 9:31:14 PM | Attr = ]
sisv256.dll -> %System32%\dllcache\sisv256.dll -> Silicon Integrated Systems Corporation [Ver = 5.12.01.1300 (Lab01_N(ericks).010522-2022) | Size = 157696 bytes | Created Date = 1/5/2008 9:31:14 PM | Attr = ]
sk98xwin.sys -> %System32%\dllcache\sk98xwin.sys -> SysKonnect GmbH. [Ver = 3.12 | Size = 94698 bytes | Created Date = 1/5/2008 9:31:14 PM | Attr = ]
skfpwin.sys -> %System32%\dllcache\skfpwin.sys -> SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH. [Ver = 5.13 | Size = 91294 bytes | Created Date = 1/5/2008 9:31:15 PM | Attr = ]
sla30nd5.sys -> %System32%\dllcache\sla30nd5.sys -> Symbol Technologies [Ver = 4.2.0.8 | Size = 63547 bytes | Created Date = 1/5/2008 9:31:15 PM | Attr = ]
smc8000n.sys -> %System32%\dllcache\smc8000n.sys -> SMC Networks, Inc. [Ver = 3.13.1025.2000 built by: yfeng | Size = 24576 bytes | Created Date = 1/5/2008 9:31:29 PM | Attr = ]
smcpwr2n.sys -> %System32%\dllcache\smcpwr2n.sys -> SMC Networks, Inc. [Ver = 3.28.1214.2000 | Size = 25034 bytes | Created Date = 1/5/2008 9:31:30 PM | Attr = ]
smidispb.dll -> %System32%\dllcache\smidispb.dll -> Silicon Motion Inc. [Ver = 5.01.2401.0143e | Size = 147200 bytes | Created Date = 1/5/2008 9:31:31 PM | Attr = ]
smiminib.sys -> %System32%\dllcache\smiminib.sys -> Silicon Motion Inc. [Ver = 5.01.2401.0143e | Size = 58368 bytes | Created Date = 1/5/2008 9:31:32 PM | Attr = ]
sonync.sys -> %System32%\dllcache\sonync.sys -> Sony Corporation [Ver = 6.0.0.05300 | Size = 20752 bytes | Created Date = 1/5/2008 9:31:39 PM | Attr = ]
sonypi.dll -> %System32%\dllcache\sonypi.dll -> Sony Corporation [Ver = 1.5.090699 | Size = 114688 bytes | Created Date = 1/5/2008 9:31:40 PM | Attr = ]
sonypi.sys -> %System32%\dllcache\sonypi.sys -> Sony Corporation [Ver = 6.0.5.07140 | Size = 37040 bytes | Created Date = 1/5/2008 9:31:40 PM | Attr = ]
sparrow.sys -> %System32%\dllcache\sparrow.sys -> Adaptec, Inc. [Ver = v2.0a (ReleaseBinaries.001205-1804) | Size = 19072 bytes | Created Date = 1/5/2008 9:31:41 PM | Attr = ]
spdports.dll -> %System32%\dllcache\spdports.dll -> Perle Systems Ltd. [Ver = 1.0.0.0012 | Size = 106584 bytes | Created Date = 1/5/2008 9:31:41 PM | Attr = ]
speed.sys -> %System32%\dllcache\speed.sys -> Perle Systems Ltd. [Ver = 1.0.4.0021 (XPClient.010817-1148) | Size = 61824 bytes | Created Date = 1/5/2008 9:31:42 PM | Attr = ]
spxupchk.dll -> %System32%\dllcache\spxupchk.dll -> Perle Systems Ltd. [Ver = 1.0.0.0002 | Size = 24660 bytes | Created Date = 1/5/2008 9:31:44 PM | Attr = ]
srwlnd5.sys -> %System32%\dllcache\srwlnd5.sys -> 3Com [Ver = 3.0.4 alpha | Size = 48736 bytes | Created Date = 1/5/2008 9:31:48 PM | Attr = ]
stcusb.sys -> %System32%\dllcache\stcusb.sys -> SCM Microsystems, Inc. [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 16896 bytes | Created Date = 1/5/2008 9:31:50 PM | Attr = ]
stlnata.sys -> %System32%\dllcache\stlnata.sys -> Stallion Technologies [Ver = 5.6.5 | Size = 285760 bytes | Created Date = 1/5/2008 9:31:51 PM | Attr = ]
stlncoin.dll -> %System32%\dllcache\stlncoin.dll -> Stallion Technologies [Ver = 5.6.5 | Size = 53248 bytes | Created Date = 1/5/2008 9:31:51 PM | Attr = ]
stlnprop.dll -> %System32%\dllcache\stlnprop.dll -> Stallion Technologies [Ver = 5.6.4 | Size = 155648 bytes | Created Date = 1/5/2008 9:31:52 PM | Attr = ]
sx.sys -> %System32%\dllcache\sx.sys -> Perle Systems Ltd. [Ver = 1.1.2.0031 (XPClient.010817-1148) | Size = 103936 bytes | Created Date = 1/5/2008 9:31:54 PM | Attr = ]
sxports.dll -> %System32%\dllcache\sxports.dll -> Perle Systems Ltd. [Ver = 1.0.0.0008 | Size = 94293 bytes | Created Date = 1/5/2008 9:31:55 PM | Attr = ]
symc810.sys -> %System32%\dllcache\symc810.sys -> Symbios Logic Inc. [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 16256 bytes | Created Date = 1/5/2008 9:31:56 PM | Attr = ]
symc8xx.sys -> %System32%\dllcache\symc8xx.sys -> LSI Logic [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 32640 bytes | Created Date = 1/5/2008 9:31:57 PM | Attr = ]
sym_hi.sys -> %System32%\dllcache\sym_hi.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 28384 bytes | Created Date = 1/5/2008 9:31:56 PM | Attr = ]
sym_u3.sys -> %System32%\dllcache\sym_u3.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 30688 bytes | Created Date = 1/5/2008 9:31:56 PM | Attr = ]
t2r4disp.dll -> %System32%\dllcache\t2r4disp.dll -> Number Nine Visual Technology [Ver = 5.01.104.09 | Size = 172768 bytes | Created Date = 1/5/2008 9:31:58 PM | Attr = ]
t2r4mini.sys -> %System32%\dllcache\t2r4mini.sys -> Number Nine Visual Technology Corp. [Ver = 5.01.104.09 | Size = 36640 bytes | Created Date = 1/5/2008 9:31:59 PM | Attr = ]
tbatm155.sys -> %System32%\dllcache\tbatm155.sys -> Toshiba Corporation [Ver = 0.4.0.0 (XPClient.010817-1148) | Size = 30464 bytes | Created Date = 1/5/2008 9:32:01 PM | Attr = ]
tdk100b.sys -> %System32%\dllcache\tdk100b.sys -> TDK Corporation [Ver = 1.00 | Size = 37961 bytes | Created Date = 1/5/2008 9:32:05 PM | Attr = ]
tdkcd31.sys -> %System32%\dllcache\tdkcd31.sys -> TDK Corporation [Ver = 5.00.2128.1 | Size = 17129 bytes | Created Date = 1/5/2008 9:32:06 PM | Attr = ]
tffsport.sys -> %System32%\dllcache\tffsport.sys -> M-Systems [Ver = 5.02 | Size = 149376 bytes | Created Date = 1/5/2008 9:32:07 PM | Attr = ]
tgiul50.dll -> %System32%\dllcache\tgiul50.dll -> Trident Microsystems Inc. [Ver = 5.1.2462.0015 (ReleasedBinaries.010308-1115) | Size = 81408 bytes | Created Date = 1/5/2008 9:32:08 PM | Attr = ]
tgiulnt5.sys -> %System32%\dllcache\tgiulnt5.sys -> Trident Microsystems Inc. [Ver = 5.1.2462.0015 (ReleasedBinaries.010308-1115) | Size = 138528 bytes | Created Date = 1/5/2008 9:32:09 PM | Attr = ]
tjisdn.sys -> %System32%\dllcache\tjisdn.sys -> Tiger Jet Network [Ver = 3.03 | Size = 123995 bytes | Created Date = 1/5/2008 9:32:10 PM | Attr = ]
tos4mo.sys -> %System32%\dllcache\tos4mo.sys -> TOSHIBA Corporation [Ver = 2.23 | Size = 28232 bytes | Created Date = 1/5/2008 9:32:11 PM | Attr = ]
tosdvd02.sys -> %System32%\dllcache\tosdvd02.sys -> Toshiba Corporation [Ver = 1.00.99.1004 (XPClient.010817-1148) | Size = 241664 bytes | Created Date = 1/5/2008 9:32:12 PM | Attr = ]
tosdvd03.sys -> %System32%\dllcache\tosdvd03.sys -> Toshiba Corporation [Ver = 1.00.99.1003 (XPClient.010817-1148) | Size = 230912 bytes | Created Date = 1/5/2008 9:32:12 PM | Attr = ]
tp4.dll -> %System32%\dllcache\tp4.dll -> IBM Corporation [Ver = 6.03 (XPClient.010817-1148) | Size = 31744 bytes | Created Date = 1/5/2008 9:32:13 PM | Attr = ]
tp4mon.exe -> %System32%\dllcache\tp4mon.exe -> IBM Corporation [Ver = 6.03 (xpsp_sp2_rtm.040803-2158) | Size = 82432 bytes | Created Date = 1/5/2008 9:32:14 PM | Attr = ]
tp4res.dll -> %System32%\dllcache\tp4res.dll -> IBM Corporation [Ver = 6.03 (XPClient.010817-1148) | Size = 42496 bytes | Created Date = 1/5/2008 9:32:15 PM | Attr = ]
tpro4.sys -> %System32%\dllcache\tpro4.sys -> Intel Corporation [Ver = 3.06.02.0000 | Size = 34375 bytes | Created Date = 1/5/2008 9:32:16 PM | Attr = ]
trid3d.dll -> %System32%\dllcache\trid3d.dll -> Trident Microsystems Inc. [Ver = 5.1.2471.0046 (ReleasedBinaries.000421-1946) | Size = 315520 bytes | Created Date = 1/5/2008 9:32:16 PM | Attr = ]
trid3dm.sys -> %System32%\dllcache\trid3dm.sys -> Trident Microsystems Inc. [Ver = 5.1.2471.0032 (ReleasedBinaries.000421-1946) | Size = 222336 bytes | Created Date = 1/5/2008 9:32:17 PM | Attr = ]
tridkb.dll -> %System32%\dllcache\tridkb.dll -> Trident Microsystems Inc. [Ver = 5.1.2489.0045 (ReleasedBinaries.000421-1946) | Size = 440576 bytes | Created Date = 1/5/2008 9:32:17 PM | Attr = ]
tridkbm.sys -> %System32%\dllcache\tridkbm.sys -> Trident Microsystems Inc. [Ver = 5.1.2489.0032 (ReleasedBinaries.000421-1946) | Size = 159232 bytes | Created Date = 1/5/2008 9:32:17 PM | Attr = ]
tridxp.dll -> %System32%\dllcache\tridxp.dll -> Trident Microsystems Inc. [Ver = 5.1.2475.0115 (ReleasedBinaries.010510-2313) | Size = 525568 bytes | Created Date = 1/5/2008 9:32:18 PM | Attr = ]
tridxpm.sys -> %System32%\dllcache\tridxpm.sys -> Trident Microsystems Inc. [Ver = 5.1.2475.96 (ReleasedBinaries.010510-2313) | Size = 166784 bytes | Created Date = 1/5/2008 9:32:18 PM | Attr = ]
twotrack.sys -> %System32%\dllcache\twotrack.sys -> IBM Corporation [Ver = 6.03 (XPClient.010817-1148) | Size = 11520 bytes | Created Date = 1/5/2008 9:32:22 PM | Attr = ]
ultra.sys -> %System32%\dllcache\ultra.sys -> Promise Technology, Inc. [Ver = 1.43 (Build 0603) | Size = 36736 bytes | Created Date = 1/5/2008 9:32:23 PM | Attr = ]
um34scan.dll -> %System32%\dllcache\um34scan.dll -> UMAX Data Systems Inc. [Ver = 1.0.0.7 | Size = 216064 bytes | Created Date = 1/5/2008 9:32:24 PM | Attr = ]
um54scan.dll -> %System32%\dllcache\um54scan.dll -> UMAX Data Systems Inc. [Ver = 1.0.0.8 | Size = 211968 bytes | Created Date = 1/5/2008 9:32:24 PM | Attr = ]
umaxscan.dll -> %System32%\dllcache\umaxscan.dll -> UMAX DATA SYSTEMS INC. [Ver = 5.00.2434.1 | Size = 50688 bytes | Created Date = 1/5/2008 9:32:26 PM | Attr = ]
usb101et.sys -> %System32%\dllcache\usb101et.sys -> KLSI USA, Inc. [Ver = 3.43.0005.0000 | Size = 32384 bytes | Created Date = 1/5/2008 9:32:30 PM | Attr = ]
usr1801.sys -> %System32%\dllcache\usr1801.sys -> U.S. Robotics, Inc. [Ver = 1.00.034 | Size = 794654 bytes | Created Date = 1/5/2008 9:32:37 PM | Attr = ]
usr1806.sys -> %System32%\dllcache\usr1806.sys -> U.S. Robotics, Inc. [Ver = 1.00.036 | Size = 793598 bytes | Created Date = 1/5/2008 9:32:38 PM | Attr = ]
usr1806v.sys -> %System32%\dllcache\usr1806v.sys -> U.S. Robotics, Inc. [Ver = 1.00.036 | Size = 794399 bytes | Created Date = 1/5/2008 9:32:38 PM | Attr = ]
usr1807a.sys -> %System32%\dllcache\usr1807a.sys -> U.S. Robotics Corporation [Ver = 4. 11. 21 | Size = 224802 bytes | Created Date = 1/5/2008 9:32:39 PM | Attr = ]
usroslba.sys -> %System32%\dllcache\usroslba.sys -> U.S. Robotics Corporation [Ver = 4. 11. 21 | Size = 7556 bytes | Created Date = 1/5/2008 9:32:39 PM | Attr = ]
usrpda.sys -> %System32%\dllcache\usrpda.sys -> U.S. Robotics Corporation [Ver = 4. 11. 22 | Size = 113762 bytes | Created Date = 1/5/2008 9:32:40 PM | Attr = ]
usrti.sys -> %System32%\dllcache\usrti.sys -> U.S. Robotics, Inc. [Ver = 2.60.005 | Size = 765884 bytes | Created Date = 1/5/2008 9:32:40 PM | Attr = ]
usrwdxjs.sys -> %System32%\dllcache\usrwdxjs.sys -> U.S. Robotics Corporation [Ver = 3.27.036.0005 | Size = 687999 bytes | Created Date = 1/5/2008 9:32:41 PM | Attr = ]
viairda.sys -> %System32%\dllcache\viairda.sys -> VIA Technologies, Inc. [Ver = 5,1,2480,0 (XPClient.010817-1148) | Size = 24576 bytes | Created Date = 1/5/2008 9:32:45 PM | Attr = ]
vinwm.sys -> %System32%\dllcache\vinwm.sys -> Xircom [Ver = 2.1.0.10 | Size = 249402 bytes | Created Date = 1/5/2008 9:32:45 PM | Attr = ]
w840nd.sys -> %System32%\dllcache\w840nd.sys -> Winbond Electronics Corporation [Ver = 2.40 | Size = 19528 bytes | Created Date = 1/5/2008 9:32:51 PM | Attr = ]
w926nd.sys -> %System32%\dllcache\w926nd.sys -> Winbond Electronics Corporation [Ver = 1.60 | Size = 19016 bytes | Created Date = 1/5/2008 9:32:51 PM | Attr = ]
w940nd.sys -> %System32%\dllcache\w940nd.sys -> Winbond Electronics Corporation [Ver = 3.22 | Size = 16925 bytes | Created Date = 1/5/2008 9:32:52 PM | Attr = ]
wadv01nt.sys -> %System32%\dllcache\wadv01nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 12415 bytes | Created Date = 1/5/2008 9:32:53 PM | Attr = ]
wadv02nt.sys -> %System32%\dllcache\wadv02nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 12127 bytes | Created Date = 1/5/2008 9:32:54 PM | Attr = ]
wadv05nt.sys -> %System32%\dllcache\wadv05nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11775 bytes | Created Date = 1/5/2008 9:32:55 PM | Attr = ]
watv01nt.sys -> %System32%\dllcache\watv01nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 29311 bytes | Created Date = 1/5/2008 9:32:57 PM | Attr = ]
watv02nt.sys -> %System32%\dllcache\watv02nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 19551 bytes | Created Date = 1/5/2008 9:32:59 PM | Attr = ]
watv04nt.sys -> %System32%\dllcache\watv04nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 33599 bytes | Created Date = 1/5/2008 9:33:00 PM | Attr = ]
wbfirdma.sys -> %System32%\dllcache\wbfirdma.sys -> Winbond Electronics Corp. [Ver = 5.4.9820.0306 | Size = 35871 bytes | Created Date = 1/5/2008 9:33:02 PM | Attr = ]
wch7xxnt.sys -> %System32%\dllcache\wch7xxnt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 23615 bytes | Created Date = 1/5/2008 9:33:03 PM | Attr = ]
wdhaalba.sys -> %System32%\dllcache\wdhaalba.sys -> 3Com Corporation [Ver = 3.34.034.0075 | Size = 701386 bytes | Created Date = 1/5/2008 9:33:04 PM | Attr = ]
winacisa.sys -> %System32%\dllcache\winacisa.sys -> Rockwell [Ver = 2,0,2,111 | Size = 771581 bytes | Created Date = 1/5/2008 9:33:11 PM | Attr = ]
wlandrv2.sys -> %System32%\dllcache\wlandrv2.sys -> Raytheon Corp. [Ver = 4.00.00.0004 | Size = 34890 bytes | Created Date = 1/5/2008 9:33:14 PM | Attr = ]
wlluc48.sys -> %System32%\dllcache\wlluc48.sys -> Lucent Technologies [Ver = 7.43.0.9 | Size = 154624 bytes | Created Date = 1/5/2008 9:33:15 PM | Attr = ]
wsiintxx.sys -> %System32%\dllcache\wsiintxx.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 12063 bytes | Created Date = 1/5/2008 9:33:29 PM | Attr = ]
wvchntxx.sys -> %System32%\dllcache\wvchntxx.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 19455 bytes | Created Date = 1/5/2008 9:33:33 PM | Attr = ]
xem336n5.sys -> %System32%\dllcache\xem336n5.sys -> US Robotics MCD (Megahertz) [Ver = 1.25.014 | Size = 16970 bytes | Created Date = 1/5/2008 9:33:35 PM | Attr = ]
xjis.nls -> %System32%\dllcache\xjis.nls -> [Ver = | Size = 28288 bytes | Created Date = 1/5/2008 9:33:38 PM | Attr = ]
xlog.exe -> %System32%\dllcache\xlog.exe -> Eicon Technology [Ver = 2.0.1.315 | Size = 99865 bytes | Created Date = 1/5/2008 9:33:38 PM | Attr = ]
xrxftplt.exe -> %System32%\dllcache\xrxftplt.exe -> [Ver = 1, 0, 0, 2 | Size = 27648 bytes | Created Date = 1/5/2008 9:33:47 PM | Attr = ]
xrxscnui.dll -> %System32%\dllcache\xrxscnui.dll -> [Ver = 1, 0, 0, 1 | Size = 17408 bytes | Created Date = 1/5/2008 9:33:48 PM | Attr = ]
xrxwbtmp.dll -> %System32%\dllcache\xrxwbtmp.dll -> Xerox Corporation [Ver = 1, 0, 0, 1 | Size = 23040 bytes | Created Date = 1/5/2008 9:33:48 PM | Attr = ]
xrxwiadr.dll -> %System32%\dllcache\xrxwiadr.dll -> Xerox [Ver = 1, 0, 0, 2 | Size = 116224 bytes | Created Date = 1/5/2008 9:33:48 PM | Attr = ]

[Files/Folders - Modified Within 30 days]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 12/30/2007 3:15:24 AM | Attr = HS]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 1/13/2008 11:46:25 PM | Attr = H ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 804564992 bytes | Modified Date = 1/14/2008 11:55:08 PM | Attr = HS]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 1/13/2008 11:52:26 PM | Attr = R ]
VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Modified Date = 1/12/2008 3:16:12 AM | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 1/14/2008 11:56:10 PM | Attr = ]
etc -> %System32%\drivers\etc -> [Folder | Modified Date = 12/31/2007 4:56:47 AM | Attr = ]
hosts -> %System32%\drivers\etc\hosts -> [Ver = | Size = 221589 bytes | Modified Date = 12/31/2007 4:56:47 AM | Attr = R ]
CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 1/12/2008 3:49:28 AM | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 1/14/2008 11:55:28 PM | Attr = ]
config -> %System32%\config -> [Folder | Modified Date = 1/12/2008 12:47:56 AM | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 1/11/2008 1:23:19 AM | Attr = RHS]
drivers -> %System32%\drivers -> [Folder | Modified Date = 1/14/2008 11:55:22 PM | Attr = ]
DRVSTORE -> %System32%\DRVSTORE -> [Folder | Modified Date = 1/12/2008 12:44:13 AM | Attr = ]
en-US -> %System32%\en-US -> [Folder | Modified Date = 1/1/2008 3:40:37 PM | Attr = ]
FNTCACHE.DAT -> %System32%\FNTCACHE.DAT -> [Ver = | Size = 293272 bytes | Modified Date = 1/12/2008 12:27:15 AM | Attr = ]
FxsTmp -> %System32%\FxsTmp -> [Folder | Modified Date = 1/4/2008 7:37:07 PM | Attr = ]
ias -> %System32%\ias -> [Folder | Modified Date = 1/12/2008 5:12:09 AM | Attr = ]
inetsrv -> %System32%\inetsrv -> [Folder | Modified Date = 1/14/2008 11:59:21 PM | Attr = ]
lsdelete.exe -> %System32%\lsdelete.exe -> [Ver = | Size = 12632 bytes | Modified Date = 1/11/2008 1:56:26 AM | Attr = ]
perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 114018 bytes | Modified Date = 1/11/2008 11:05:14 PM | Attr = ]
perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 561992 bytes | Modified Date = 1/11/2008 11:05:14 PM | Attr = ]
PerfStringBackup.INI -> %System32%\PerfStringBackup.INI -> [Ver = | Size = 669922 bytes | Modified Date = 1/11/2008 11:05:14 PM | Attr = ]
Restore -> %System32%\Restore -> [Folder | Modified Date = 1/8/2008 2:04:44 AM | Attr = ]
URTTemp -> %System32%\URTTemp -> [Folder | Modified Date = 1/11/2008 11:05:26 PM | Attr = ]
wbem -> %System32%\wbem -> [Folder | Modified Date = 12/30/2007 1:35:18 AM | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 12598 bytes | Modified Date = 1/14/2008 11:56:13 PM | Attr = ]
XPSViewer -> %System32%\XPSViewer -> [Folder | Modified Date = 1/11/2008 11:02:03 PM | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 1/8/2008 7:30:11 PM | Attr = H ]
assembly -> %SystemRoot%\assembly -> [Folder | Modified Date = 1/11/2008 11:11:34 PM | Attr = R S]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 1/14/2008 11:55:13 PM | Attr = S]
Debug -> %SystemRoot%\Debug -> [Folder | Modified Date = 1/13/2008 3:10:10 AM | Attr = ]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 1/3/2008 10:32:50 PM | Attr = S]
Help -> %SystemRoot%\Help -> [Folder | Modified Date = 1/12/2008 3:48:04 AM | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 1/12/2008 3:49:28 AM | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 1/13/2008 11:46:26 PM | Attr = HS]
Microsoft.NET -> %SystemRoot%\Microsoft.NET -> [Folder | Modified Date = 1/11/2008 11:02:46 PM | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 1/13/2008 9:09:00 PM | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 1/8/2008 10:44:17 PM | Attr = H ]
Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 1/11/2008 11:05:36 PM | Attr = ]
SYSTEM.INI -> %SystemRoot%\SYSTEM.INI -> [Ver = | Size = 227 bytes | Modified Date = 12/30/2007 3:15:24 AM | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 1/14/2008 11:38:08 PM | Attr = ]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 1/14/2008 11:56:37 PM | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 991 bytes | Modified Date = 12/30/2007 3:15:24 AM | Attr = ]
WinSxS -> %SystemRoot%\WinSxS -> [Folder | Modified Date = 1/12/2008 12:05:55 AM | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 1/14/2008 11:55:20 PM | Attr = H ]

[Manual Scans]
< c:\windows\msconfig.* /s >
msconfig.exe -> c:\WINDOWS\$NtServicePackUninstall$\msconfig.exe -> Microsoft Corporation [Ver = 5.1.2600.1106 (xpsp1.020828-1920) | Size = 145408 bytes | Modified Date = 3/31/2003 7:00:00 AM | Attr = ]
msconfig.chm -> c:\WINDOWS\Help\msconfig.chm -> [Ver = | Size = 17240 bytes | Modified Date = 3/31/2003 7:00:00 AM | Attr = ]
msconfig.exe -> c:\WINDOWS\ServicePackFiles\i386\msconfig.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 158208 bytes | Modified Date = 8/4/2004 2:56:53 AM | Attr = ]
msconfig.exe -> c:\WINDOWS\system32\dllcache\msconfig.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 158208 bytes | Modified Date = 8/4/2004 2:56:53 AM | Attr = ]
< End of report >

Edited by sdittmar, 15 January 2008 - 01:33 AM.


#7 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:03:26 PM

Posted 15 January 2008 - 10:52 AM

Hi sdittmar. The log looks good :thumbsup:

I noticed one of the files you had it move was my Pizzeria Unos coupon (a .mdi file). Did you suspect that of being tainted or did it just stand out as odd?

It just looked odd to me and I couldn't find any information regarding it. If it was something I moved mistakenly then you can restore it back by doing the following:
  • Open the WinPFind35u folder on your Desktop
  • Open the MovedFiles folder
  • Navigate down to the Documents and Settings\Steve Dittmar\Desktop\ folder
  • Here you will find the Unos Coupon.mdi file
  • You can copy/paste it back to your Desktop
Ok, back to the issue with MsConfig. MsConfig is missing from the folder it belongs in but there are backups that we can use to restore it.

First, we need to make sure all hidden files are showing so please:
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View tab.
  • Under the Hidden files and folders heading select Show hidden files and folders.
  • Uncheck the Hide file extensions for known types option.
  • Uncheck the Hide protected operating system files (recommended) option.
  • Click Yes to confirm.
  • Click OK.
Now, navigate to the following folder: c:\windows\system32\dllcache.
Locate msconfig.exe and right-click on it.
Choose Copy from the popup menu.
Now go to the folder c:\windows\system32 (one folder up).
In the right-hand pane in Explorer right-click the mouse and choose Paste from the popup window.

Finally, let's reset your hidden/system files and folders. System files are hidden for a reason and we don't want to have them openly available and susceptible to accidental deletion.
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View tab.
  • Under the Hidden files and folders heading UNSELECT Show hidden files and folders.
  • CHECK the Hide protected operating system files (recommended) option.
  • Click Yes to confirm.
  • Click OK.
Let me know how things are running and if you have any further quesitons or issues.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#8 sdittmar

sdittmar
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NY, USA
  • Local time:02:26 PM

Posted 15 January 2008 - 11:42 AM

Gotcha. mdi is Microsoft Document Imaging format which is one of the flat file formats you can print to. I use that if I want to "print" something when I'm not home. When I later print it it looks identical to how it would had I printed it right then (including IE timestamps in the header/footer etc).

I'll perform the last steps when I get home later.

Thanks!

Edited by sdittmar, 15 January 2008 - 11:43 AM.


#9 sdittmar

sdittmar
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NY, USA
  • Local time:02:26 PM

Posted 15 January 2008 - 11:40 PM

Okay I've copied the msconfig back to the system32 folder. Appears to be working as expected, I didn't know about that dll cache containing backups of some of those apps.

Thanks for your help with everything!

#10 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:03:26 PM

Posted 15 January 2008 - 11:43 PM

Hi sdittmar. Glad to hear things working again.

Let me know if there are any continuing or new issues. Otherwise you are good to go :thumbsup:

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#11 sdittmar

sdittmar
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NY, USA
  • Local time:02:26 PM

Posted 15 January 2008 - 11:54 PM

Not seeing anything else unusual, we're good to go! :thumbsup:

#12 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:03:26 PM

Posted 16 January 2008 - 12:08 AM

Hi sdittmar. Then let's finish up.

We have a couple of last steps to perform and then you're all set.

First, let's clean your restore points and set a new one:

Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs from changing those files. This is the only way to clean these files: (You will lose all previous restore points which are likely to be infected)
  • Turn off System Restore.
    • On the Desktop, right-click My Computer.
    • Click Properties.
    • Click the System Restore tab.
    • CHECK Turn off System Restore.
    • Click Apply, and then click OK.
  • Restart your computer.
  • Turn ON System Restore.
    • On the Desktop, right-click My Computer.
    • Click Properties.
    • Click the System Restore tab.
    • UN-Check Turn off System Restore.
    • Click Apply, and then click OK.
System Restore will now be active again.

You already have a good anti-virus, and you should also have a good firewall for blocking unwanted access to and from your computer. These also are free for personal use:It is best to have both a firewall and anti virus to protect your system and to keep them updated.

To keep your operating system up to date visit Microsoft Windows Update monthly. Microsoft puts out new updates on the 2nd Tuesday of every month so be sure to check regularly.

And to keep your system clean be aware of what emails you open, what websites you visit, and update and run these free malware scanners once a week:To learn more about how to protect yourself while on the internet read this article by Tony Klien: So how did I get infected in the first place?

Have a safe and happy computing day!

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#13 sdittmar

sdittmar
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NY, USA
  • Local time:02:26 PM

Posted 16 January 2008 - 01:38 AM

Cleared the System Restore. Done and Done. :thumbsup: Thanks again, have a great new year.

Edited by sdittmar, 16 January 2008 - 01:52 AM.


#14 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:03:26 PM

Posted 16 January 2008 - 09:37 AM

You are very welcome sdittmar, I'm glad that we could help.

Now that these issues appear to be resolved I will close this topic. If you have any future issues, please start a new topic.

Cheers and Happy Computing!

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users