Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware And Viruses Are Killing My System Fast. Can Anyone Help Me?


  • This topic is locked This topic is locked
26 replies to this topic

#1 Cunnysmythe

Cunnysmythe

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:02:16 PM

Posted 12 January 2008 - 10:04 AM

Hi,

My system has been slower than usual for a while, but I think I've been too lax with my security recently and now I can't even login to Windows because of the stuff I've picked up. I'm stuck with using Safe Mode if I want to get anything done.

Not much seems to be out in the open, but I'm getting alerts and speech bubble"system" messages about critical system errors, telling me to "click this balloon to get protected" and whatnot.

This seemed to start when suddenly changes were made to my registry and a few programs deleted in the process - My AV (NOD32), Utorrent, Daemon Tools, ITunesHelper and a few others.

The system's slowed down steadily since then, and only recently have the speechbubble messages and "Potential Application Error" and such come up. There are two

The only protection I have is NOD32 (I've just updated to the newest version, but that was after the original one got killed) and Spybot 1.4, but Spybot hangs when I try to fix the problems it flags.

The fake 'Windows Update' and 'Help and Support Centre' icons that lead to the StorageProtector website have appeared on my desktop, too. Haven't touched them.

Here's the list I get from Spybot:


CasaleMedia
DoubleClick
GoClick
MediaPlex
Munga_Bunga
Smitfraud-C.
Smitfraud-C.MSVPS
Virtumonde.generic
Virtumonde
Win32.BHO.je
Win32.Pakes.bqn
Win32.Tiny.abk

I know the first four are harmless, but I'm not happy about the others. None of the AVs and ASs will install on my system - I get a message that says "The system administrator has set policies to prevent this installation". That would be me... But I don't know if the message is even true, or what those policies would be...


My log, gentlemen.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:05:40, on 12/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\ctfmon .exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo! UK & Ireland
F3 - REG:win.ini: load=C:\WINDOWS\system32\fcywx.exe
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [34eef882] rundll32.exe "C:\WINDOWS\system32\nghjfqvb.dll",b
O4 - HKLM\..\RunOnce: [SpybotDeletingA9952] command /c del "C:\WINDOWS\ffnsys.dll_tobedeleted"
O4 - HKLM\..\RunOnce: [SpybotDeletingC6416] cmd /c del "C:\WINDOWS\ffnsys.dll_tobedeleted"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB4379] command /c del "C:\WINDOWS\ffnsys.dll_tobedeleted"
O4 - HKCU\..\RunOnce: [SpybotDeletingD729] cmd /c del "C:\WINDOWS\ffnsys.dll_tobedeleted"
O4 - HKCU\..\Policies\Explorer\Run: [NTSpool] NTSpool.exe
O4 - HKCU\..\Policies\Explorer\Run: [System Patcher] BTCPatcher.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SRUUninstall] "C:\WINDOWS\system32\msiexec.exe" /L*v C:\WINDOWS\TEMP\SND532unin.txt /x {6AF90EF6-F7F9-466C-99F4-1774826FBB40} /qn REBOOT=ReallySuppress (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SRUUninstall] "C:\WINDOWS\system32\msiexec.exe" /L*v C:\WINDOWS\TEMP\SND532unin.txt /x {6AF90EF6-F7F9-466C-99F4-1774826FBB40} /qn REBOOT=ReallySuppress (User 'Default user')
O4 - .DEFAULT User Startup: CheckMail.LNK = C:\Program Files\ClevoMailCheck\ClevoMailCheck.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 6555 bytes



Can anyone help me? Thanks in advance!

Edited by Cunnysmythe, 12 January 2008 - 10:28 AM.


BC AdBot (Login to Remove)

 


#2 Cunnysmythe

Cunnysmythe
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:02:16 PM

Posted 20 January 2008 - 02:58 PM

Almost everything's clear now.

All I'm left with now are Virtumonde and two Win32 Trojans that it spawns if you give it a few minutes. The two trojans are easily removed by Spybot.

Can anyone help?


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:03:31, on 20/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\ZCfgSvc.exe
C:\WINDOWS\System32\1XConfig.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iTunes\iTunesHelper .exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer .exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo! UK & Ireland
F3 - REG:win.ini: load=C:\WINDOWS\system32\ddabc.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file)
O2 - BHO: (no name) - {2db75835-217e-4741-894b-a58514168a97} - (no file)
O2 - BHO: {b35451fc-d2b5-b479-a934-f0c758659c33} - {33c95685-7c0f-439a-974b-5b2dcf15453b} - C:\WINDOWS\system32\mhnpgpjo.dll
O2 - BHO: (no name) - {370228C4-2A30-4C92-A3BD-91DE68F3DBFE} - (no file)
O2 - BHO: (no name) - {3BA98B74-65C6-4CDD-9B27-B1ABEA7285F6} - (no file)
O2 - BHO: (no name) - {50C625C3-837E-4F7D-9A00-B9020229B7C7} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {57996F13-2F71-45D9-A081-5BAEB7D92C37} - (no file)
O2 - BHO: (no name) - {581E16F1-CC66-4A4D-B1E9-8C8B00388363} - C:\WINDOWS\system32\nnnlk.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7BA4CD11-1279-4754-8376-9E4691E83438} - C:\WINDOWS\system32\oppqn.dll (file missing)
O2 - BHO: (no name) - {7C8FF973-970E-42F3-A445-46673176848C} - C:\WINDOWS\system32\yaywu.dll (file missing)
O2 - BHO: (no name) - {7E2EAFF5-7589-4C12-AD9F-1C89F56F4720} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {7EDEC2BD-E54B-41C3-9578-47FD1A3034DD} - C:\WINDOWS\system32\tusqq.dll (file missing)
O2 - BHO: (no name) - {9249572B-EB71-440F-894D-414806BF64BF} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {B5A83A59-8BE9-471F-80B1-EA6EE5F22189} - C:\WINDOWS\system32\opnmnmk.dll
O2 - BHO: Google Module - {B87D203B-B43D-4af9-9E1B-9C20478CBB74} - tardm2.dll (file missing)
O2 - BHO: e404 helper - {F10587E9-0E47-4CBE-84AE-7DD20B8684CC} - C:\Program Files\Helper\superfindout.dll
O2 - BHO: (no name) - {FFF240ED-EB20-4D66-93E1-695CADAF9F48} - C:\WINDOWS\system32\fcywx.dll (file missing)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [34eef882] rundll32.exe "C:\WINDOWS\system32\nghjfqvb.dll",b
O4 - HKLM\..\RunOnce: [SpybotDeletingA8924] command /c del "C:\WINDOWS\system32\oppqn.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC9587] cmd /c del "C:\WINDOWS\system32\oppqn.dll_old"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent .exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8256] command /c del "C:\WINDOWS\system32\oppqn.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6517] cmd /c del "C:\WINDOWS\system32\oppqn.dll_old"
O4 - HKCU\..\Policies\Explorer\Run: [System Patcher] BTCPatcher.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SRUUninstall] "C:\WINDOWS\system32\msiexec.exe" /L*v C:\WINDOWS\TEMP\SND532unin.txt /x {6AF90EF6-F7F9-466C-99F4-1774826FBB40} /qn REBOOT=ReallySuppress (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SRUUninstall] "C:\WINDOWS\system32\msiexec.exe" /L*v C:\WINDOWS\TEMP\SND532unin.txt /x {6AF90EF6-F7F9-466C-99F4-1774826FBB40} /qn REBOOT=ReallySuppress (User 'Default user')
O4 - .DEFAULT User Startup: CheckMail.LNK = C:\Program Files\ClevoMailCheck\ClevoMailCheck.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: !SASWinLogon - C:\WINDOWS\
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: VundoFix Service (VundoFixSvc) - Atribune.org - C:\WINDOWS\SYSTEM32\VundoFixSVC.exe

--
End of file - 9853 bytes

#3 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:09:16 AM

Posted 20 January 2008 - 11:29 PM

Hi Cunnysmythe and welcome to the BC HijackThis forum. Let's see if we can find it.

Download WinPFind35u.exe to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind35u on your desktop.

Note: You must be logged on to the system with an account that has Administrator privileges to run this program.
  • Close ALL OTHER PROGRAMS.
  • Open the WinPFind3u folder and double-click on WinPFind35U.exe to start the program.
  • In the Drivers section click on Non-Microsoft.
  • Under Additional Scans click the checkboxes in front of the following items to select them:
    • Reg - BotCheck
      Reg - Session Manager Settings
      Reg - Software Policy Settings
      File - Additional Folder Scans
  • Do not change any other settings.
  • Now click the Run Scan button on the toolbar.
  • Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Use the Add Reply button and Copy/Paste the information back here. I will review it when it comes in.

If, after posting, the last line is not < End of Report > then the log is too big to fit into a single post and you will need to split it into multiple posts or attach it as a file.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#4 Cunnysmythe

Cunnysmythe
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:02:16 PM

Posted 21 January 2008 - 03:42 PM

Thanks, OldTimer.

Here you go...

WinPFind35 logfile created on: 21/01/2008 20:37:51
WinPFind35U Version Beta29 Folder = C:\Documents and Settings\Administrator\Desktop\WinPFind35u
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)

223.48 Mb Total Physical Memory | 83.84 Mb Available Physical Memory | 37.51% Memory free
544.85 Mb Paging File | 439.52 Mb Available in Paging File | 80.67% Paging File free
Paging file location(s): C:\pagefile.sys 336 672;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27.95 Gb Total Space | 12.65 Gb Free Space | 45.26% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 3.83 Gb Total Space | 3.76 Gb Free Space | 97.96% Space Free | Partition Type: FAT32

Computer Name: GLENDORA
Current User Name: Administrator
Logged in as Administrator.
Cannot determine boot mode.
Scan Mode: Current user


[Processes - Non-Microsoft Only]
aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft AB [Ver = 7, 0, 2, 5 | Size = 587096 bytes | Modified Date = 29/10/2007 13:27:04 | Attr = ]
zcfgsvc.exe -> %System32%\ZCfgSvc.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 376832 bytes | Modified Date = 16/12/2003 15:47:42 | Attr = ]
winpfind35u.exe -> %UserDesktop%\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.0.0 | Size = 306176 bytes | Modified Date = 21/01/2008 13:06:34 | Attr = ]

[Win32 Services - Non-Microsoft Only]
(aawservice) Ad-Aware 2007 Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft AB [Ver = 7, 0, 2, 5 | Size = 587096 bytes | Modified Date = 29/10/2007 13:27:04 | Attr = ]
(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 06/09/2007 13:28:18 | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 04/08/2004 07:56:48 | Attr = ]
(EhttpSrv) Eset HTTP Server [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\ESET\ESET Smart Security\EHttpSrv.exe -> ESET [Ver = 3.0.621 | Size = 19200 bytes | Modified Date = 21/12/2007 08:22:44 | Attr = ]
(ekrn) Eset Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\ESET\ESET Smart Security\ekrn.exe -> ESET [Ver = 3.0.621 | Size = 468224 bytes | Modified Date = 21/12/2007 08:21:16 | Attr = ]
(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.734.29932.beta | Size = 138168 bytes | Modified Date = 22/04/2007 00:59:09 | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 04/04/2005 00:41:10 | Attr = ]
(iPod Service) iPod Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 504104 bytes | Modified Date = 11/12/2007 12:10:16 | Attr = ]
(RegSrvc) RegSrvc [Win32_Own | Auto | Stopped] -> %System32%\RegSrvc.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 122880 bytes | Modified Date = 16/12/2003 15:41:40 | Attr = ]
(S24EventMonitor) Spectrum24 Event Monitor [Win32_Own | Auto | Stopped] -> %System32%\S24EvMon.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 311363 bytes | Modified Date = 16/12/2003 15:42:32 | Attr = ]
(SLService) SmartLinkService [Win32_Own | Auto | Stopped] -> %System32%\slserv.exe -> [Ver = 2.80.00(24Apr2000) | Size = 45056 bytes | Modified Date = 16/01/2003 18:02:38 | Attr = ]
(VundoFixSvc) VundoFix Service [Win32_Own | On_Demand | Stopped] -> %System32%\VundoFixSVC.exe -> Atribune.org [Ver = 1.00.0003 | Size = 24576 bytes | Modified Date = 17/01/2008 11:48:47 | Attr = ]

[Driver Services - Non-Microsoft Only]
(Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found
(ALCXSENS) Service for WDM 3D Audio Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\ALCXSENS.SYS -> Sensaura Ltd [Ver = 5.10.00.3511D | Size = 391424 bytes | Modified Date = 11/12/2003 15:54:14 | Attr = ]
(ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Stopped] -> %System32%\drivers\ALCXWDM.SYS -> Realtek Semiconductor Corp. [Ver = 5.10.5420 | Size = 541548 bytes | Modified Date = 19/12/2003 12:07:50 | Attr = ]
(AliIde) AliIde [Kernel | Boot | Running] -> %System32%\drivers\aliide.sys -> Acer Laboratories Inc. [Ver = 1.20 | Size = 5248 bytes | Modified Date = 17/08/2001 19:51:56 | Attr = ]
(amdagp) AMD AGP Bus Filter Driver [Kernel | Boot | Running] -> %System32%\drivers\amdagp.sys -> Advanced Micro Devices, Inc. [Ver = 5.00 (xpsp_sp2_rtm.040803-2158) | Size = 43008 bytes | Modified Date = 04/08/2004 06:07:42 | Attr = ]
(asc) asc [Kernel | Boot | Running] -> %System32%\drivers\asc.sys -> Advanced System Products, Inc. [Ver = 2.9I-MS (XPClient.010817-1148) | Size = 26496 bytes | Modified Date = 17/08/2001 19:52:00 | Attr = ]
(asc3550) asc3550 [Kernel | Boot | Running] -> %System32%\drivers\asc3550.sys -> Advanced System Products, Inc. [Ver = 3.1E-MS (XPClient.010817-1148) | Size = 14848 bytes | Modified Date = 17/08/2001 19:51:58 | Attr = ]
(Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found
(Changer) Changer [Kernel | System | Stopped] -> -> File not found
(CLEVOIO) CLEVOIO [Kernel | Auto | Stopped] -> %System32%\drivers\CLEVOIO.sys -> CLEVO I/O Driver [Ver = 1, 0, 0, 4 | Size = 11520 bytes | Modified Date = 25/07/2003 23:31:50 | Attr = ]
(CmdIde) CmdIde [Kernel | Boot | Running] -> %System32%\drivers\cmdide.sys -> CMD Technology, Inc. [Ver = 2.0.7 (XPClient.010817-1148) | Size = 6656 bytes | Modified Date = 17/08/2001 19:51:54 | Attr = ]
(dac2w2k) dac2w2k [Kernel | Boot | Running] -> %System32%\drivers\dac2w2k.sys -> Mylex Corporation [Ver = 6.00-21 (XPClient.010817-1148) | Size = 179584 bytes | Modified Date = 17/08/2001 19:52:16 | Attr = ]
(dmboot) dmboot [Kernel | Disabled | Stopped] -> %System32%\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 799744 bytes | Modified Date = 04/08/2004 06:07:17 | Attr = ]
(dmio) dmio [Kernel | Disabled | Stopped] -> %System32%\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153344 bytes | Modified Date = 04/08/2004 06:07:16 | Attr = ]
(dmload) dmload [Kernel | Disabled | Stopped] -> %System32%\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 31/03/2003 11:00:00 | Attr = ]
(eamon) eamon [Kernel | Auto | Stopped] -> %System32%\drivers\eamon.sys -> ESET [Ver = 3.0.621 | Size = 39944 bytes | Modified Date = 21/12/2007 08:19:54 | Attr = ]
(easdrv) easdrv [Kernel | System | Stopped] -> %System32%\drivers\easdrv.sys -> ESET [Ver = 3.0.621 | Size = 30216 bytes | Modified Date = 21/12/2007 08:20:14 | Attr = ]
(epfw) epfw [Kernel | Auto | Stopped] -> %System32%\drivers\epfw.sys -> ESET [Ver = 3.0.621 | Size = 71176 bytes | Modified Date = 21/12/2007 08:21:46 | Attr = ]
(Epfwndis) Eset Personal Firewall [Kernel | On_Demand | Running] -> %System32%\drivers\epfwndis.sys -> ESET [Ver = 3.0.621 | Size = 30728 bytes | Modified Date = 21/12/2007 08:21:52 | Attr = ]
(epfwtdi) epfwtdi [Kernel | System | Running] -> %System32%\drivers\epfwtdi.sys -> ESET [Ver = 3.0.621 | Size = 53768 bytes | Modified Date = 21/12/2007 08:21:54 | Attr = ]
(GEARAspiWDM) GEAR CDRom Filter [Kernel | On_Demand | Running] -> %System32%\drivers\GEARAspiWDM.sys -> GEAR Software Inc. [Ver = 2.0.6.1 | Size = 15664 bytes | Modified Date = 19/09/2006 15:44:04 | Attr = ]
(ialm) ialm [Kernel | On_Demand | Stopped] -> %System32%\drivers\ialmnt5.sys -> Intel Corporation [Ver = 6.13.10.3514 | Size = 90907 bytes | Modified Date = 23/04/2003 02:10:06 | Attr = ]
(Iviaspi) IVI ASPI Shell [Kernel | On_Demand | Running] -> %System32%\drivers\iviaspi.sys -> InterVideo, Inc. [Ver = 1, 0, 0, 0 | Size = 21060 bytes | Modified Date = 10/09/2003 22:36:54 | Attr = ]
(lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found
(mcdbus) Driver for MagicISO SCSI Host Controller [Kernel | On_Demand | Stopped] -> system32\DRIVERS\mcdbus.sys -> File not found
(MDC8021X) AEGIS Protocol (IEEE 802.1x) v2.2.1.0 [Kernel | Auto | Stopped] -> %System32%\drivers\mdc8021x.sys -> Meetinghouse Data Communications [Ver = 2.2.1.0 | Size = 14037 bytes | Modified Date = 05/07/2004 09:42:32 | Attr = ]
(mraid35x) mraid35x [Kernel | Boot | Running] -> %System32%\drivers\mraid35x.sys -> American Megatrends Inc. [Ver = 6.19 (XPClient.010817-1148) | Size = 17280 bytes | Modified Date = 17/08/2001 19:52:12 | Attr = ]
(Mtlmnt5) Mtlmnt5 [Kernel | On_Demand | Stopped] -> %System32%\drivers\mtlmnt5.sys -> [Ver = 3.20.03 | Size = 210128 bytes | Modified Date = 06/02/2003 10:22:38 | Attr = ]
(Mtlstrm) Mtlstrm [Kernel | On_Demand | Stopped] -> %System32%\drivers\mtlstrm.sys -> [Ver = 3.20.03 | Size = 1290760 bytes | Modified Date = 06/02/2003 10:25:00 | Attr = ]
(NtMtlFax) NtMtlFax [Kernel | On_Demand | Stopped] -> %System32%\drivers\ntmtlfax.sys -> [Ver = 3.20.03 | Size = 162136 bytes | Modified Date = 05/02/2003 08:25:56 | Attr = ]
(PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found
(PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found
(PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found
(PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %System32%\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 31/03/2003 11:00:00 | Attr = ]
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %System32%\drivers\PxHelp20.sys -> Sonic Solutions [Ver = 3.00.56a | Size = 43528 bytes | Modified Date = 20/10/2007 00:56:10 | Attr = ]
(ql1080) ql1080 [Kernel | Boot | Running] -> %System32%\drivers\ql1080.sys -> QLogic Corporation [Ver = 3.04 | Size = 40320 bytes | Modified Date = 17/08/2001 19:52:20 | Attr = ]
(ql12160) ql12160 [Kernel | Boot | Running] -> %System32%\drivers\ql12160.sys -> QLogic Corporation [Ver = 7.13.02 (W64) | Size = 45312 bytes | Modified Date = 17/08/2001 19:52:20 | Attr = ]
(ql1280) ql1280 [Kernel | Boot | Running] -> %System32%\drivers\ql1280.sys -> QLogic Corporation [Ver = 7.13.01 (W2K) | Size = 49024 bytes | Modified Date = 17/08/2001 19:52:18 | Attr = ]
(RecAgent) RecAgent [Kernel | On_Demand | Stopped] -> %System32%\drivers\recagent.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 13776 bytes | Modified Date = 04/08/2004 05:41:39 | Attr = ]
(rtl8139) Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver [Kernel | On_Demand | Running] -> %System32%\drivers\R8139n51.sys -> Realtek Semiconductor Corporation [Ver = 5.505.1004.2002 built by: WinDDK | Size = 46976 bytes | Modified Date = 03/10/2002 18:04:10 | Attr = ]
(s24trans) WLAN Transport [Kernel | Auto | Stopped] -> %System32%\drivers\s24trans.sys -> Intel Corporation [Ver = 1, 0, 0, 0 | Size = 11258 bytes | Modified Date = 15/09/2003 09:20:18 | Attr = ]
(SE26bus) Sony Ericsson Device 038 Driver driver (WDM) [Kernel | On_Demand | Stopped] -> %System32%\drivers\SE26bus.sys -> MCCI [Ver = V4.34 | Size = 61600 bytes | Modified Date = 15/05/2006 13:59:04 | Attr = R ]
(SE26mdfl) Sony Ericsson Device 038 USB WMC Modem Filter [Kernel | On_Demand | Stopped] -> %System32%\drivers\SE26mdfl.sys -> MCCI [Ver = V4.34 | Size = 9360 bytes | Modified Date = 15/05/2006 13:59:08 | Attr = R ]
(SE26mdm) Sony Ericsson Device 038 USB WMC Modem Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\SE26mdm.sys -> MCCI [Ver = V4.34 | Size = 97184 bytes | Modified Date = 15/05/2006 13:59:08 | Attr = R ]
(SE26mgmt) Sony Ericsson Device 038 USB WMC Device Management Drivers (WDM) [Kernel | On_Demand | Stopped] -> %System32%\drivers\SE26mgmt.sys -> MCCI [Ver = V4.34 | Size = 88688 bytes | Modified Date = 15/05/2006 13:59:12 | Attr = R ]
(se26nd5) Sony Ericsson Device 038 USB Ethernet Emulation SEMC38 (NDIS) [Kernel | On_Demand | Stopped] -> %System32%\drivers\se26nd5.sys -> MCCI [Ver = V4.34 | Size = 18704 bytes | Modified Date = 15/05/2006 13:59:12 | Attr = R ]
(SE26obex) Sony Ericsson Device 038 USB WMC OBEX Interface [Kernel | On_Demand | Stopped] -> %System32%\drivers\SE26obex.sys -> MCCI [Ver = V4.34 | Size = 86560 bytes | Modified Date = 15/05/2006 13:59:14 | Attr = R ]
(se26unic) Sony Ericsson Device 038 USB Ethernet Emulation SEMC38 (WDM) [Kernel | On_Demand | Stopped] -> %System32%\drivers\se26unic.sys -> MCCI [Ver = V4.34 | Size = 90768 bytes | Modified Date = 15/05/2006 13:59:20 | Attr = R ]
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %System32%\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.03.086 | Size = 20480 bytes | Modified Date = 13/11/2007 10:25:53 | Attr = ]
(Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found
(sisagp) SIS AGP Bus Filter [Kernel | Boot | Running] -> %System32%\drivers\sisagp.sys -> Silicon Integrated Systems Corporation [Ver = 5.12.01.2010 (xpsp_sp2_rtm.040803-2158) | Size = 41088 bytes | Modified Date = 04/08/2004 06:07:42 | Attr = ]
(Slntamr) SmartLink AMR_PCI Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\slntamr.sys -> [Ver = 3.20.03 | Size = 506912 bytes | Modified Date = 05/02/2003 08:42:40 | Attr = ]
(SlNtHal) SlNtHal [Kernel | On_Demand | Stopped] -> %System32%\drivers\slnthal.sys -> [Ver = 3.20.03 | Size = 85520 bytes | Modified Date = 06/02/2003 10:23:16 | Attr = ]
(SlWdmSup) SlWdmSup [Kernel | On_Demand | Stopped] -> %System32%\drivers\slwdmsup.sys -> Vireo Software [Ver = 1.00 | Size = 39348 bytes | Modified Date = 16/01/2003 17:19:32 | Attr = ]
(Sparrow) Sparrow [Kernel | Boot | Running] -> %System32%\drivers\sparrow.sys -> Adaptec, Inc. [Ver = v2.0a (ReleaseBinaries.001205-1804) | Size = 19072 bytes | Modified Date = 17/08/2001 20:07:44 | Attr = ]
(sptd) sptd [Kernel | Boot | Running] -> %System32%\drivers\sptd.sys -> [Ver = | Size = 715248 bytes | Modified Date = 08/01/2008 00:20:57 | Attr = ]
(symc810) symc810 [Kernel | Boot | Running] -> %System32%\drivers\symc810.sys -> Symbios Logic Inc. [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 16256 bytes | Modified Date = 17/08/2001 20:07:34 | Attr = ]
(symc8xx) symc8xx [Kernel | Boot | Running] -> %System32%\drivers\symc8xx.sys -> LSI Logic [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 32640 bytes | Modified Date = 17/08/2001 20:07:36 | Attr = ]
(SymEvent) SymEvent [Kernel | On_Demand | Stopped] -> %ProgramFiles%\Symantec\SYMEVENT.SYS -> Symantec Corporation [Ver = 12.0.2.1 | Size = 107696 bytes | Modified Date = 14/02/2006 12:05:06 | Attr = ]
(sym_hi) sym_hi [Kernel | Boot | Running] -> %System32%\drivers\sym_hi.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 28384 bytes | Modified Date = 17/08/2001 20:07:40 | Attr = ]
(sym_u3) sym_u3 [Kernel | Boot | Running] -> %System32%\drivers\sym_u3.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 30688 bytes | Modified Date = 17/08/2001 20:07:42 | Attr = ]
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> %System32%\drivers\SynTP.sys -> Synaptics, Inc. [Ver = 7.2.5 06Dec02 | Size = 265008 bytes | Modified Date = 06/12/2002 07:26:02 | Attr = R ]
(uac4pdt) PDT USB Composite Class Filter Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\uac4pdt.sys -> Micronas GmbH [Ver = 1, 2, 0, 25 | Size = 15232 bytes | Modified Date = 24/02/2005 14:35:06 | Attr = R ]
(ultra) ultra [Kernel | Boot | Running] -> %System32%\drivers\ultra.sys -> Promise Technology, Inc. [Ver = 1.43 (Build 0603) | Size = 36736 bytes | Modified Date = 17/08/2001 19:52:22 | Attr = ]
(VGAORG) VGAORG [Kernel | Auto | Stopped] -> -> File not found
(w22n51) Intel® PRO/Wireless 2200 Adapter Driver [Kernel | On_Demand | Running] -> %System32%\drivers\w22n51.sys -> Intel® Corporation [Ver = 80012-9000 Driver | Size = 1646720 bytes | Modified Date = 02/01/2004 10:52:34 | Attr = R ]
(WDICA) WDICA [Kernel | On_Demand | Stopped] -> -> File not found
(ZSMC301b) CMM PC Camera [Kernel | On_Demand | Stopped] -> %System32%\drivers\usbVM31b.sys -> VM [Ver = 4.2.916.41 | Size = 94132 bytes | Modified Date = 03/04/2003 13:20:54 | Attr = ]
({6080A529-897E-4629-A488-ABA0C29B635E}) Intel® Graphics Platform (SoftBIOS) Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\ialmsbw.sys -> Intel Corporation [Ver = 6.13.10.3514 | Size = 113504 bytes | Modified Date = 23/04/2003 02:15:06 | Attr = ]
({D31A0762-0CEB-444e-ACFF-B049A1F6FE91}) Intel® Graphics Chipset (KCH) Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\ialmkchw.sys -> Intel Corporation [Ver = 6.13.10.3514 | Size = 78752 bytes | Modified Date = 23/04/2003 02:14:56 | Attr = ]
({E2B953A6-195A-44F9-9BA3-3D5F4E32BB55}) AIM 3.0 Part 01 Codec Driver CH-7009-A/CH-7011 [Kernel | On_Demand | Stopped] -> %System32%\drivers\wa301a.sys -> Intel Corporation [Ver = 4.13.10.3514 | Size = 33335 bytes | Modified Date = 23/04/2003 02:10:12 | Attr = ]

[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
-> -> File not found
34eef882 -> %System32%\nghjfqvb.DLL -> File not found
Easy-PrintToolBox -> %ProgramFiles%\Canon\Easy-PrintToolBox\BJPSMAIN.EXE -> File not found
egui -> %ProgramFiles%\ESET\ESET Smart Security\egui.exe -> File not found
HotKeysCmds -> %System32%\hkcmd.exe -> File not found
IgfxTray -> %System32%\igfxtray.exe -> File not found
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 700928 bytes | Modified Date = 21/01/2008 20:28:16 | Attr = ]
nod32kui -> %ProgramFiles%\Eset\nod32kui.exe -> File not found
PRONoMgr.exe -> %ProgramFiles%\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe -> File not found
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_03\bin\jusched.exe -> File not found
SynTPEnh -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> File not found
SynTPLpr -> %ProgramFiles%\Synaptics\SynTP\SynTPLpr.exe -> File not found
< OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL-> Installed = 1 ->
MAPI-> Installed = 1 ->
MSFS-> Installed = 1 ->
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
ctfmon.exe -> %System32%\ctfmon.exe -> File not found
*MultiFile Done* -> ->
< Administrator Startup Folder > -> C:\Documents and Settings\Administrator\Start Menu\Programs\Startup ->
%UserStartup%\CheckMail.LNK -> %ProgramFiles%\ClevoMailCheck\ClevoMailCheck.EXE -> CLEVO [Ver = 1.00.0001 | Size = 57344 bytes | Modified Date = 25/07/2003 23:37:54 | Attr = ]
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
{B5A83A59-8BE9-471F-80B1-EA6EE5F22189} [HKEY_LOCAL_MACHINE] -> %System32%\opnmnmk.dll [] -> [Ver = | Size = 37376 bytes | Modified Date = 06/01/2008 21:19:51 | Attr = ]
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
*MultiFile Done* -> ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*MultiFile Done* -> ->
*MultiFile Done* -> ->
*MultiFile Done* -> ->
*MultiFile Done* -> ->
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
!SASWinLogon -> -> File not found
igfxcui -> %System32%\igfxsrvc.dll -> Intel Corporation [Ver = 3,0,0,2104 | Size = 315392 bytes | Modified Date = 06/04/2003 16:06:48 | Attr = ]
Sebring -> %System32%\LgNotify.dll -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 110592 bytes | Modified Date = 16/12/2003 15:49:34 | Attr = ]
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
< HOSTS File > (223724 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://uk.yahoo.com ->
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://uk.yahoo.com ->
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://www.google.com/ie ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\System32\blank.htm ->
HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKEY_CURRENT_USER\: Main\\Start Page -> http://www.rockdirect.com/ ->
HKEY_CURRENT_USER\: ProxyEnable -> 0 ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4179 domain(s) found. ->
35 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.9.2006121800 | Size = 59032 bytes | Modified Date = 18/12/2006 04:16:42 | Attr = ]
{140BD8E3-C167-11D4-B4A3-080000180323} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{2db75835-217e-4741-894b-a58514168a97} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{33c95685-7c0f-439a-974b-5b2dcf15453b} [HKEY_LOCAL_MACHINE] -> %System32%\mhnpgpjo.dll [Reg Error: Value does not exist or could not be read.] -> [Ver = | Size = 76352 bytes | Modified Date = 18/01/2008 22:45:00 | Attr = ]
{370228C4-2A30-4C92-A3BD-91DE68F3DBFE} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Value does not exist or could not be read.] -> File not found
{3BA98B74-65C6-4CDD-9B27-B1ABEA7285F6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Value does not exist or could not be read.] -> File not found
{414B5B61-6070-4684-9A9B-365DC4D569D6} [HKEY_LOCAL_MACHINE] -> %System32%\oppqn.dll [Reg Error: Value does not exist or could not be read.] -> [Ver = | Size = 334336 bytes | Modified Date = 21/01/2008 19:54:21 | Attr = ]
{50C625C3-837E-4F7D-9A00-B9020229B7C7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> Safer Networking Limited [Ver = 1, 5, 0, 8 | Size = 1122128 bytes | Modified Date = 31/08/2007 16:46:14 | Attr = ]
{57996F13-2F71-45D9-A081-5BAEB7D92C37} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Value does not exist or could not be read.] -> File not found
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_04\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 509328 bytes | Modified Date = 14/12/2007 03:42:36 | Attr = ]
{7C8FF973-970E-42F3-A445-46673176848C} [HKEY_LOCAL_MACHINE] -> %System32%\yaywu.dll [Reg Error: Value does not exist or could not be read.] -> File not found
{7E2EAFF5-7589-4C12-AD9F-1C89F56F4720} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{7EDEC2BD-E54B-41C3-9578-47FD1A3034DD} [HKEY_LOCAL_MACHINE] -> %System32%\tusqq.dll [Reg Error: Value does not exist or could not be read.] -> File not found
{9249572B-EB71-440F-894D-414806BF64BF} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar3.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 19/01/2007 22:55:32 | Attr = R ]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [Google Toolbar Notifier BHO] -> Google Inc. [Ver = 2, 0, 301, 7164 | Size = 325048 bytes | Modified Date = 16/10/2007 16:29:51 | Attr = ]
{B5A83A59-8BE9-471F-80B1-EA6EE5F22189} [HKEY_LOCAL_MACHINE] -> %System32%\opnmnmk.dll [Reg Error: Value does not exist or could not be read.] -> [Ver = | Size = 37376 bytes | Modified Date = 06/01/2008 21:19:51 | Attr = ]
{E1290342-AAFF-4f7c-9F45-D665E4BF1A00} [HKEY_LOCAL_MACHINE] -> %System32%\btask.dll [Google Module] -> Charter [Ver = 0, 1, 0, 1 | Size = 53760 bytes | Modified Date = 20/01/2008 21:51:24 | Attr = ]
{F10587E9-0E47-4CBE-84AE-7DD20B8684CC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Helper\superfindout.dll [e404mgr Class] -> [Ver = 1, 0, 0, 1 | Size = 15872 bytes | Modified Date = 21/01/2008 20:32:57 | Attr = ]
{FFF240ED-EB20-4D66-93E1-695CADAF9F48} [HKEY_LOCAL_MACHINE] -> %System32%\fcywx.dll [Reg Error: Value does not exist or could not be read.] -> File not found
< Internet Explorer Bars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\ ->
{32683183-48a0-441b-a342-7c2a440a9478} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar3.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 19/01/2007 22:55:32 | Attr = R ]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Canon\Easy-WebPrint\Toolband.dll [Easy-WebPrint] -> [Ver = 2, 5, 1, 6 | Size = 405504 bytes | Modified Date = 26/08/2004 10:27:32 | Attr = ]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_04\bin\npjpi160_04.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 132496 bytes | Modified Date = 14/12/2007 03:42:37 | Attr = ]
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 5, 0, 8 | Size = 1122128 bytes | Modified Date = 31/08/2007 16:46:14 | Attr = ]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find...=%s&mime=%s ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{20E84452-9651-4B70-BB06-A731EE2C9AB1} -> (1394 Net Adapter) ->
{211D2732-7838-4958-B95D-5BCDEFC682C7} -> (Intel® PRO/Wireless 2200BG Network Connection) ->
{A827AC52-F93C-4938-85F6-CAF906DFDE35} -> () ->
{BB8BF008-FEEF-4092-9D4D-A505EA66A0B7} -> (Sony Ericsson Device 038 USB Ethernet Emulation (NDIS 5)) ->
{C89C7A95-1336-4BDA-9F61-5962A41C5F51} -> (Realtek RTL8139/810x Family Fast Ethernet NIC) ->
{D3355E58-9713-48CB-A56B-733BDDA36F18} -> (1394 Net Adapter) ->
< Default Protocols [HKEY_CURRENT_USER\] - Select to Repair > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
shell -> shell protocol not assigned ->
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found
msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[Java Plug-in 1.6.0_04] ->
{9F1C11AA-197B-4942-BA54-47A8489BB47F}[HKEY_LOCAL_MACHINE] -> http://v4.windowsupdate.microsoft.com/CAB/...8156.1850578704[Reg Error: Key does not exist or could not be opened.] ->
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[Java Plug-in 1.6.0_03] ->
{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[Java Plug-in 1.6.0_04] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[Java Plug-in 1.6.0_04] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flash...ent/swflash.cab[Shockwave Flash Object] ->


[Registry - Additional Scans - Non-Microsoft Only]
< BotCheck > -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\DefaultLaunchPermission -> (binary data) ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\EnableDCOM -> Y ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineLaunchRestriction -> (binary data) ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\\MachineAccessRestriction -> (binary data) ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{A50398B8-9075-4FBF-A7A1-456BF21937AD} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{AD65A69D-3831-40D7-9629-9B0B50A93843} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{0040D221-54A1-11D1-9DE0-006097042D69} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\ActivationSecurityCheckExemptionList\\{2A6D72F1-6E7E-4702-B99C-E40D3DED33C3} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusDisableNotify -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallDisableNotify -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\UpdatesDisableNotify -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\AntiVirusOverride -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirewallOverride -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\\DisableMonitoring -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\\DisableMonitoring -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\DisableMonitoring -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ -> ->
Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\ not found. -> ->
Reg Error: Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\ not found. -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ -> ->
*Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages ->
msv1_0 -> %System32%\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 04/08/2004 07:56:43 | Attr = ]
C:\WINDOWS\system32\oppqn -> %System32%\oppqn.exe -> [Ver = | Size = 337920 bytes | Modified Date = 21/01/2008 20:28:18 | Attr = ]
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Bounds -> (binary data) ->
*Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages ->
kerberos -> %System32%\kerberos.dll -> Microsoft Corporation [Ver = 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522) | Size = 295936 bytes | Modified Date = 15/06/2005 17:49:30 | Attr = ]
msv1_0 -> %System32%\msv1_0.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 129536 bytes | Modified Date = 04/08/2004 07:56:43 | Attr = ]
schannel -> %System32%\schannel.dll -> Microsoft Corporation [Ver = 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226) | Size = 144896 bytes | Modified Date = 25/04/2007 14:21:15 | Attr = ]
wdigest -> %System32%\wdigest.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 49152 bytes | Modified Date = 04/08/2004 07:56:46 | Attr = ]
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\LsaPid -> 1032 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\SecureBoot -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\auditbaseobjects -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\crashonauditfail -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\disabledomaincreds -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\everyoneincludesanonymous -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fipsalgorithmpolicy -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\forceguest -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\fullprivilegeauditing -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\limitblankpassworduse -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\lmcompatibilitylevel -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nodefaultadminowner -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\nolmhash -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymous -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\restrictanonymoussam -> 1 ->
*Notification Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Notification Packages ->
scecli -> %System32%\scecli.dll -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 180224 bytes | Modified Date = 04/08/2004 07:56:44 | Attr = ]
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\ImpersonatePrivilegeUpgradeToolHasRun -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\ -> ->
*ProviderOrder* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\\ProviderOrder ->
Windows NT Access Provider -> -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider\\ProviderPath -> C:\WINDOWS\system32\ntmarta.dll [%SystemRoot%\system32\ntmarta.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 118784 bytes | Modified Date = 04/08/2004 07:56:44 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing\System\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data\\Pattern -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG\\GrafBlumGroup -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD\\Lookup -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\SidCache\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\\ntlmminclientsec -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\msv1_0\\ntlmminserversec -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1\\SkewMatrix -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4\\SSOURL -> http:\www.passport.com [http://www.passport.com] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\\Time -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Name -> Digest ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Comment -> Digest SSPI Authentication Package ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Capabilities -> 16464 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\RpcId -> 65535 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Version -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\TokenSize -> 65535 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Time -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\digest.dll\\Type -> 49 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Name -> DPA ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Comment -> DPA Security Package ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Capabilities -> 55 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\RpcId -> 17 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Version -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\TokenSize -> 768 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Time -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msapsspc.dll\\Type -> 49 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Name -> MSN ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Comment -> MSN Security Package ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Capabilities -> 55 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\RpcId -> 18 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Version -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\TokenSize -> 768 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Time -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\msnsspc.dll\\Type -> 49 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Type -> 32 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Start -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%SystemRoot%\System32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 04/08/2004 07:56:57 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DisplayName -> Windows Firewall/Internet Connection Sharing (ICS) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnService -> Netman;WinMgmt; ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\DependOnGroup -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\ObjectName -> LocalSystem ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\\Description -> Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network. ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch\\Epoch -> 13179 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\\ServiceDll -> C:\WINDOWS\system32\ipnathlp.dll [%SystemRoot%\System32\ipnathlp.dll] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 331264 bytes | Modified Date = 04/08/2004 07:56:42 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\\EnableFirewall -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 04/08/2004 07:56:56 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msnmsgr.exe -> C:\Program Files\MSN Messenger\msnmsgr.exe [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1] -> Microsoft Corporation [Ver = 8.1.0178.00 | Size = 5674352 bytes | Modified Date = 19/01/2007 11:54:56 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\livecall.exe -> C:\Program Files\MSN Messenger\livecall.exe [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> Microsoft Corporation [Ver = 1.1.161.0 | Size = 297752 bytes | Modified Date = 04/01/2007 15:10:02 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:*:Enabled:@xpsp2res.dll,-22004 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:*:Enabled:@xpsp2res.dll,-22005 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:*:Enabled:@xpsp2res.dll,-22001 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:*:Enabled:@xpsp2res.dll,-22002 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\EnableFirewall -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DoNotAllowExceptions -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\\DisableNotifications -> 0 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\%windir%\system32\sessmgr.exe -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 140800 bytes | Modified Date = 04/08/2004 07:56:56 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Skype\Phone\Skype.exe -> C:\Program Files\Skype\Phone\Skype.exe [C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype] -> [Ver = | Size = 19490344 bytes | Modified Date = 06/02/2006 12:49:22 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\G:\Program Files\iTunes\iTunes.exe -> G:\Program Files\iTunes\iTunes.exe [G:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\G:\Program Files\uTorrent\utorrent.exe -> G:\Program Files\uTorrent\utorrent.exe [G:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:1\Program Files\uTorrent\utorrent.exe -> C:1\Program Files\uTorrent\utorrent.exe [C:1\Program Files\uTorrent\utorrent.exe:*:Enabled:utorrent.exe] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\Messenger\msmsgs.exe -> C:\Program Files\Messenger\MSMSGS.EXE [C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger] -> Microsoft Corporation [Ver = 4.7.3001 | Size = 2225152 bytes | Modified Date = 21/01/2008 20:28:13 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent.exe -> C:\Program Files\uTorrent\uTorrent.exe [C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\msnmsgr.exe -> C:\Program Files\MSN Messenger\msnmsgr.exe [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1] -> Microsoft Corporation [Ver = 8.1.0178.00 | Size = 5674352 bytes | Modified Date = 19/01/2007 11:54:56 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\MSN Messenger\livecall.exe -> C:\Program Files\MSN Messenger\livecall.exe [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> Microsoft Corporation [Ver = 1.1.161.0 | Size = 297752 bytes | Modified Date = 04/01/2007 15:10:02 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Cunny\Desktop\utorrent.exe -> C:\Documents and Settings\Cunny\Desktop\utorrent.exe [C:\Documents and Settings\Cunny\Desktop\utorrent.exe:*:Enabled:µTorrent] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent .exe -> C:\Program Files\uTorrent\uTorrent .exe [C:\Program Files\uTorrent\uTorrent .exe:*:Enabled:µTorrent] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent .exe -> C:\Program Files\uTorrent\uTorrent .exe [C:\Program Files\uTorrent\uTorrent .exe:*:Enabled:µTorrent] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\iTunes\iTunes.exe -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> Apple Inc. [Ver = 7.5.0.20 | Size = 17152808 bytes | Modified Date = 11/12/2007 12:10:18 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent .exe -> C:\Program Files\uTorrent\uTorrent .exe [C:\Program Files\uTorrent\uTorrent .exe:*:Enabled:µTorrent] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent .exe -> C:\Program Files\uTorrent\uTorrent .exe [C:\Program Files\uTorrent\uTorrent .exe:*:Enabled:µTorrent] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent .exe -> C:\Program Files\uTorrent\uTorrent .exe [C:\Program Files\uTorrent\uTorrent .exe:*:Enabled:µTorrent] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent .exe -> C:\Program Files\uTorrent\uTorrent .exe [C:\Program Files\uTorrent\uTorrent .exe:*:Enabled:µTorrent] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent .exe -> C:\Program Files\uTorrent\uTorrent .exe [C:\Program Files\uTorrent\uTorrent .exe:*:Enabled:µTorrent] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\pwvcgwku.exe -> C:\WINDOWS\system32\pwv ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\1900:UDP -> 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll [1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\2869:TCP -> 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll [2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\139:TCP -> 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll [139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\445:TCP -> 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll [445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\137:UDP -> 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll [137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List\\138:UDP -> 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll [138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Security\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Security\\Security -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\\ServiceUpgrade -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{B5BD07EA-D16D-4114-BE6F-86F8EE3F3096} -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{C89C7A95-1336-4BDA-9F61-5962A41C5F51} -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{3E27B3D3-8A53-493A-9650-3DC7759FCED8} -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{D3355E58-9713-48CB-A56B-733BDDA36F18} -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Setup\InterfacesUnfirewalledAtUpdate\\{211D2732-7838-4958-B95D-5BCDEFC682C7} -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\0 -> Root\LEGACY_SHAREDACCESS\0000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\Count -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Enum\\NextInstance -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Type -> 32 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Start -> 2 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ErrorControl -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ImagePath -> C:\WINDOWS\system32\svchost.exe [%systemroot%\system32\svchost.exe -k netsvcs] -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 14336 bytes | Modified Date = 04/08/2004 07:56:57 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\DisplayName -> Automatic Updates ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\ObjectName -> LocalSystem ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\\Description -> Enables the download and installation of critical Windows updates. If the service is disabled, the operating system can be manually updated at the Windows Update Web site. ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Parameters\\ServiceDll -> C:\WINDOWS\system32\wuauserv.dll [C:\WINDOWS\system32\wuauserv.dll] -> Microsoft Corporation [Ver = 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) | Size = 6656 bytes | Modified Date = 04/08/2004 07:56:46 | Attr = ]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Security\\Security -> (binary data) ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\0 -> Root\LEGACY_WUAUSERV\0000 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\Count -> 1 ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv\Enum\\NextInstance -> 1 ->
Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry\ not found. -> ->
Reg Error: Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TlntSvr\ not found. -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\ -> ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings\\ProxyEnable -> 0 ->
< Session Manager Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager ->
BootExecute -> autocheck autochk *;lsdelete; ->
ExcludeFromKnownDlls -> ->
*PendingFileRenameOperations* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\PendingFileRenameOperations ->
\??\C:\WINDOWS\TEMP\A8A6F3B4.exe [\??\C:\WINDOWS\TEMP\A8A6F3B4.exe] -> %SystemRoot%\TEMP\A8A6F3B4.exe [%SystemRoot%\TEMP\A8A6F3B4.exe] -> File not found
*MultiFile Done* -> ->
< Session Manager Environment Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment ->
ComSpec -> C:\WINDOWS\system32\cmd.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 388608 bytes | Modified Date = 04/08/2004 07:56:48 | Attr = ]
TEMP -> %SystemRoot%\TEMP ->
TMP -> %SystemRoot%\TEMP ->
windir -> %SystemRoot% ->
*Path* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\Path ->
%SYSTEMROOT%\SYSTEM32 -> %System32% -> [Folder | Modified Date = 21/01/2008 20:28:18 | Attr = ]
%SYSTEMROOT% -> %SystemRoot% -> [Folder | Modified Date = 20/01/2008 16:08:13 | Attr = ]
%SYSTEMROOT%\SYSTEM32\WBEM -> %System32%\wbem -> [Folder | Modified Date = 11/01/2008 22:27:07 | Attr = ]
C:\Program Files\Common Files\Teleca Shared -> -> File not found
C:\Program Files\QuickTime\QTSystem\ -> %ProgramFiles%\QuickTime\QTSystem -> [Folder | Modified Date = 31/12/2007 19:53:43 | Attr = ]
*MultiFile Done* -> ->
*PATHEXT* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\PATHEXT ->
.COM -> .COM -> File not found
.EXE -> .EXE -> File not found
.BAT -> .BAT -> File not found
.CMD -> .CMD -> File not found
.VBS -> .VBS -> File not found
.VBE -> .VBE -> File not found
.JS -> .JS -> File not found
.JSE -> .JSE -> File not found
.WSF -> .WSF -> File not found
.WSH -> .WSH -> File not found
*MultiFile Done* -> ->
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Conferencing\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\\DisableServerCheck -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\\LegacyPresence -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\CertificatePolicy\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\RTC\{A5B45060-354F-4097-A928-5125436C46F1}\PortRange\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\DriverSearching\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\DriverSearching\\DontSearchWindowsUpdate -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\DriverSearching\\DontPromptForWindowsUpdate -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Installer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Installer\\EnableAdminTSRemote -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\ -> ->
*ExecutableTypes* -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\ExecutableTypes ->
ADE -> -> File not found
ADP -> -> File not found
BAS -> -> File not found
BAT -> -> File not found
CHM -> -> File not found
CMD -> %System32%\cmd.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 388608 bytes | Modified Date = 04/08/2004 07:56:48 | Attr = ]
COM -> -> File not found
CPL -> -> File not found
CRT -> -> File not found
EXE -> -> File not found
HLP -> -> File not found
HTA -> -> File not found
INF -> -> File not found
INS -> -> File not found
ISP -> -> File not found
LNK -> -> File not found
MDB -> -> File not found
MDE -> -> File not found
MSC -> -> File not found
MSI -> %System32%\msi.dll -> Microsoft Corporation [Ver = 3.1.4000.4039 | Size = 2854400 bytes | Modified Date = 18/04/2007 16:12:23 | Attr = ]
MSP -> -> File not found
MST -> -> File not found
OCX -> -> File not found
PCD -> -> File not found
PIF -> -> File not found
REG -> %System32%\reg.exe -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 50176 bytes | Modified Date = 04/08/2004 07:56:55 | Attr = ]
SCR -> -> File not found
SHS -> -> File not found
URL -> %System32%\url.dll -> Microsoft Corporation [Ver = 7.00.6000.16574 (vista_gdr.071008-1500) | Size = 105984 bytes | Modified Date = 10/10/2007 23:55:59 | Attr = ]
VB -> -> File not found
WSC -> -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\TransparentEnabled -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\DefaultLevel -> 262144 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\AuthenticodeEnabled -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\\PolicyScope -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\Description -> Stop the download of this file ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\FriendlyName -> Mdac11.cab [Mdac11.cab] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\HashAlg -> 32771 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\ItemData -> (binary data) ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\LastModified -> ->
*ItemSize* -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{349d35ab-37b5-462f-9b89-edd5fbde1328}\\ItemSize ->
̋ -> -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\Description -> Stop the download of this file ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\FriendlyName -> mdac20.cab [mdac20.cab] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\HashAlg -> 32771 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\ItemData -> (binary data) ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\LastModified -> ->
*ItemSize* -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{7fb9cd2e-3076-4df9-a57b-b813f72dbb91}\\ItemSize ->
ȅ -> -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\Description -> Stop the download of this file ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\FriendlyName -> mdac20_a.cab [mdac20_a.cab] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\HashAlg -> 32771 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\ItemData -> (binary data) ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\LastModified -> ->
*ItemSize* -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{81d1fe15-dd9d-4762-b16d-7c29ddecae3f}\\ItemSize ->
Ζ -> -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\Description -> Stop the download of this file ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\FriendlyName -> _msadc10.cab [_msadc10.cab] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\HashAlg -> 32771 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\ItemData -> (binary data) ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\LastModified -> ->
*ItemSize* -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{94e3e076-8f53-42a5-8411-085bcc18a68d}\\ItemSize ->
ĺ -> -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\Description -> Stop the download of this file ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\FriendlyName -> msadc11.cab [msadc11.cab] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\HashAlg -> 32771 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\ItemData -> (binary data) ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\LastModified -> ->
*ItemSize* -> HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Hashes\{dc971ee5-44eb-4fe4-ae2e-b91490411bfc}\\ItemSize ->
Ų -> -> File not found
*MultiFile Done* -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\Description -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\SaferFlags -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\ItemData -> %HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache%OLK* ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33}\\LastModified -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows NT\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\policies\Microsoft\Windows NT\Terminal Services\ -> ->
< Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\policies\ ->
HKEY_CURRENT_USER\Software\Policies\ -> ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\ -> ->


[Files/Folders - Created Within 30 days]
!KillBox -> %SystemDrive%\!KillBox -> [Folder | Created Date = 15/01/2008 01:29:47 | Attr = ]
Deckard -> %SystemDrive%\Deckard -> [Folder | Created Date = 07/01/2008 23:07:19 | Attr = ]
Programas -> %SystemDrive%\Programas -> [Folder | Created Date = 07/01/2008 21:38:59 | Attr = ]
temp.html -> %SystemDrive%\temp.html -> [Ver = | Size = 740 bytes | Created Date = 29/12/2007 21:02:12 | Attr = ]
VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Created Date = 13/01/2008 03:44:01 | Attr = ]
btask.dll -> %System32%\btask.dll -> Charter [Ver = 0, 1, 0, 1 | Size = 53760 bytes | Created Date = 20/01/2008 20:41:28 | Attr = ]
BTCPatcher.exe -> %System32%\BTCPatcher.exe -> [Ver = | Size = 1499136 bytes | Created Date = 31/12/2007 17:03:54 | Attr = ]
bvqfjhgn.ini -> %System32%\bvqfjhgn.ini -> [Ver = | Size = 1060742 bytes | Created Date = 07/01/2008 18:07:20 | Attr = HS]
cbadd.ini -> %System32%\cbadd.ini -> [Ver = | Size = 319 bytes | Created Date = 21/01/2008 19:55:05 | Attr = HS]
conf.dat -> %System32%\conf.dat -> [Ver = | Size = 184 bytes | Created Date = 11/01/2008 22:37:59 | Attr = ]
cs.dat -> %System32%\cs.dat -> [Ver = | Size = 1 bytes | Created Date = 21/01/2008 19:59:55 | Attr = ]
ddabc.dll -> %System32%\ddabc.dll -> [Ver = | Size = 334848 bytes | Created Date = 21/01/2008 19:53:48 | Attr = ]
ddabc.exe -> %System32%\ddabc.exe -> [Ver = | Size = 338432 bytes | Created Date = 20/01/2008 14:57:45 | Attr = ]
dxdss.sys -> %System32%\dxdss.sys -> [Ver = | Size = 54764 bytes | Created Date = 11/01/2008 22:38:10 | Attr = ]
ggfhk.ini -> %System32%\ggfhk.ini -> [Ver = | Size = 13561 bytes | Created Date = 16/01/2008 00:09:40 | Attr = HS]
ggfhk.ini2 -> %System32%\ggfhk.ini2 -> [Ver = | Size = 13561 bytes | Created Date = 16/01/2008 00:09:41 | Attr = HS]
imon1.dat -> %System32%\imon1.dat -> [Ver = | Size = 48 bytes | Created Date = 07/01/2008 02:19:23 | Attr = ]
java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 135168 bytes | Created Date = 13/01/2008 09:13:45 | Attr = ]
javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 135168 bytes | Created Date = 13/01/2008 09:13:45 | Attr = ]
javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 139264 bytes | Created Date = 13/01/2008 09:13:45 | Attr = ]
ktask.dll -> %System32%\ktask.dll -> Charter [Ver = 0, 1, 0, 1 | Size = 53760 bytes | Created Date = 20/01/2008 20:41:38 | Attr = ]
ktdrcuru.dll -> %System32%\ktdrcuru.dll -> [Ver = | Size = 163904 bytes | Created Date = 18/01/2008 22:39:06 | Attr = ]
mhnpgpjo.dll -> %System32%\mhnpgpjo.dll -> [Ver = | Size = 76352 bytes | Created Date = 18/01/2008 22:44:59 | Attr = ]
nnnlk.exe -> %System32%\nnnlk.exe -> [Ver = | Size = 338432 bytes | Created Date = 17/01/2008 13:14:45 | Attr = ]
nqppo.ini -> %System32%\nqppo.ini -> [Ver = | Size = 2045 bytes | Created Date = 21/01/2008 19:55:05 | Attr = HS]
nqppo.ini2 -> %System32%\nqppo.ini2 -> [Ver = | Size = 2045 bytes | Created Date = 21/01/2008 19:55:46 | Attr = HS]
opnmnmk.dll -> %System32%\opnmnmk.dll -> [Ver = | Size = 37376 bytes | Created Date = 06/01/2008 21:19:45 | Attr = ]
oppqn.dll -> %System32%\oppqn.dll -> [Ver = | Size = 334336 bytes | Created Date = 21/01/2008 19:54:19 | Attr = ]
oppqn.exe -> %System32%\oppqn.exe -> [Ver = | Size = 337920 bytes | Created Date = 20/01/2008 16:19:20 | Attr = ]
oqfiyooa.dll -> %System32%\oqfiyooa.dll -> [Ver = | Size = 163904 bytes | Created Date = 18/01/2008 22:39:07 | Attr = ]
ps1.dat -> %System32%\ps1.dat -> [Ver = | Size = 1 bytes | Created Date = 21/01/2008 19:59:55 | Attr = ]
qqsut.ini -> %System32%\qqsut.ini -> [Ver = | Size = 8500 bytes | Created Date = 19/01/2008 14:49:18 | Attr = HS]
qqsut.ini2 -> %System32%\qqsut.ini2 -> [Ver = | Size = 8449 bytes | Created Date = 19/01/2008 14:49:19 | Attr = HS]
rc.dat -> %System32%\rc.dat -> [Ver = | Size = 1 bytes | Created Date = 21/01/2008 19:59:55 | Attr = ]
saptnkju.dll -> %System32%\saptnkju.dll -> [Ver = | Size = 88128 bytes | Created Date = 18/01/2008 22:47:59 | Attr = ]
streamhlp.dll -> %System32%\streamhlp.dll -> [Ver = | Size = 59392 bytes | Created Date = 12/01/2008 18:52:41 | Attr = R ]
tardeme2.dll -> %System32%\tardeme2.dll -> Bruder De [Ver = 0, 1, 0, 1 | Size = 53248 bytes | Created Date = 11/01/2008 22:38:01 | Attr = ]
tardm2.dll -> %System32%\tardm2.dll -> Bruder De [Ver = 0, 1, 0, 1 | Size = 53248 bytes | Created Date = 12/01/2008 00:07:14 | Attr = ]
tusqq.exe -> %System32%\tusqq.exe -> [Ver = | Size = 338432 bytes | Created Date = 19/01/2008 14:52:06 | Attr = ]
ujkntpas.ini -> %System32%\ujkntpas.ini -> [Ver = | Size = 354 bytes | Created Date = 18/01/2008 22:48:13 | Attr = HS]
uwyay.ini -> %System32%\uwyay.ini -> [Ver = | Size = 273808 bytes | Created Date = 18/01/2008 21:35:59 | Attr = HS]
uwyay.ini2 -> %System32%\uwyay.ini2 -> [Ver = | Size = 273808 bytes | Created Date = 18/01/2008 21:35:59 | Attr = HS]
VundoFixSVC.exe -> %System32%\VundoFixSVC.exe -> Atribune.org [Ver = 1.00.0003 | Size = 24576 bytes | Created Date = 17/01/2008 11:48:47 | Attr = ]
yaywu.exe -> %System32%\yaywu.exe -> [Ver = | Size = 338432 bytes | Created Date = 18/01/2008 21:36:05 | Attr = ]
ERDNT -> %SystemRoot%\ERDNT -> [Folder | Created Date = 07/01/2008 23:59:11 | Attr = ]
isRS-000.tmp -> %SystemRoot%\isRS-000.tmp -> [Ver = 51.46.0.0 | Size = 679424 bytes | Created Date = 15/01/2008 18:45:12 | Attr = ]
Minidump -> %SystemRoot%\Minidump -> [Folder | Created Date = 16/01/2008 05:15:36 | Attr = ]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 20/01/2008 16:08:13 | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 20/01/2008 16:08:13 | Attr = H ]
wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 2201 bytes | Created Date = 12/01/2008 14:19:59 | Attr = ]
[Files Created - Additional Folder Scans - Non-Microsoft Only]
ESET -> %AllUsersAppData%\ESET -> [Folder | Created Date = 07/01/2008 19:29:29 | Attr = ]
Lavasoft -> %AllUsersAppData%\Lavasoft -> [Folder | Created Date = 13/01/2008 01:12:43 | Attr = ]
SUPERAntiSpyware.com -> %AllUsersAppData%\SUPERAntiSpyware.com -> [Folder | Created Date = 07/01/2008 21:53:20 | Attr = ]
Mozilla -> %UserAppData%\Mozilla -> [Folder | Created Date = 21/01/2008 20:28:49 | Attr = ]
Mozilla -> %LocalAppData%\Mozilla -> [Folder | Created Date = 21/01/2008 20:28:49 | Attr = ]
Ad-Aware 2007.lnk -> %AllUsersDesktop%\Ad-Aware 2007.lnk -> [Ver = | Size = 1801 bytes | Created Date = 13/01/2008 01:15:02 | Attr = ]
iTunes.lnk -> %AllUsersDesktop%\iTunes.lnk -> [Ver = | Size = 2137 bytes | Created Date = 31/12/2007 19:57:53 | Attr = ]
WinPFind35u -> %UserDesktop%\WinPFind35u -> [Folder | Created Date = 21/01/2008 20:32:33 | Attr = ]
WinPFind35u.exe -> %UserDesktop%\WinPFind35u.exe -> [Ver = | Size = 477509 bytes | Created Date = 21/01/2008 20:31:39 | Attr = ]

[Files/Folders - Modified Within 30 days]
!KillBox -> %SystemDrive%\!KillBox -> [Folder | Modified Date = 16/01/2008 19:02:28 | Attr = ]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 13/01/2008 17:28:33 | Attr = RHS]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 13/01/2008 09:14:01 | Attr = ]
Deckard -> %SystemDrive%\Deckard -> [Folder | Modified Date = 07/01/2008 23:07:19 | Attr = ]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 20/01/2008 16:19:34 | Attr = R ]
Programas -> %SystemDrive%\Programas -> [Folder | Modified Date = 07/01/2008 21:38:59 | Attr = ]
System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 08/01/2008 02:05:23 | Attr = HS]
temp.html -> %SystemDrive%\temp.html -> [Ver = | Size = 740 bytes | Modified Date = 29/12/2007 21:02:12 | Attr = ]
VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Modified Date = 17/01/2008 12:42:09 | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 20/01/2008 16:08:13 | Attr = ]
etc -> %System32%\drivers\etc -> [Folder | Modified Date = 20/01/2008 17:13:03 | Attr = ]
hosts -> %System32%\drivers\etc\hosts -> [Ver = | Size = 223724 bytes | Modified Date = 20/01/2008 17:13:04 | Attr = R ]
hosts.20080115-185918.backup -> %System32%\drivers\etc\hosts.20080115-185918.backup -> [Ver = | Size = 65806 bytes | Modified Date = 15/01/2008 18:36:26 | Attr = R ]
hosts.20080115-185942.backup -> %System32%\drivers\etc\hosts.20080115-185942.backup -> [Ver = | Size = 65806 bytes | Modified Date = 15/01/2008 18:59:19 | Attr = R ]
hosts.20080115-191645.backup -> %System32%\drivers\etc\hosts.20080115-191645.backup -> [Ver = | Size = 65806 bytes | Modified Date = 15/01/2008 18:59:42 | Attr = R ]
hosts.20080115-202232.backup -> %System32%\drivers\etc\hosts.20080115-202232.backup -> [Ver = | Size = 223724 bytes | Modified Date = 15/01/2008 19:16:45 | Attr = R ]
hosts.20080116-004852.backup -> %System32%\drivers\etc\hosts.20080116-004852.backup -> [Ver = | Size = 223724 bytes | Modified Date = 15/01/2008 20:22:33 | Attr = R ]
hosts.20080116-060312.backup -> %System32%\drivers\etc\hosts.20080116-060312.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 00:48:52 | Attr = R ]
hosts.20080116-073002.backup -> %System32%\drivers\etc\hosts.20080116-073002.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 06:03:12 | Attr = R ]
hosts.20080116-073519.backup -> %System32%\drivers\etc\hosts.20080116-073519.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 07:30:02 | Attr = R ]
hosts.20080116-095802.backup -> %System32%\drivers\etc\hosts.20080116-095802.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 07:35:19 | Attr = R ]
hosts.20080116-181934.backup -> %System32%\drivers\etc\hosts.20080116-181934.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 09:58:02 | Attr = R ]
hosts.20080116-182752.backup -> %System32%\drivers\etc\hosts.20080116-182752.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 18:19:34 | Attr = R ]
hosts.20080116-200125.backup -> %System32%\drivers\etc\hosts.20080116-200125.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 18:27:52 | Attr = R ]
hosts.20080117-010818.backup -> %System32%\drivers\etc\hosts.20080117-010818.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 20:01:25 | Attr = R ]
hosts.20080117-162821.backup -> %System32%\drivers\etc\hosts.20080117-162821.backup -> [Ver = | Size = 223724 bytes | Modified Date = 17/01/2008 01:08:18 | Attr = R ]
hosts.20080118-202342.backup -> %System32%\drivers\etc\hosts.20080118-202342.backup -> [Ver = | Size = 223724 bytes | Modified Date = 17/01/2008 16:28:21 | Attr = R ]
hosts.20080118-232428.backup -> %System32%\drivers\etc\hosts.20080118-232428.backup -> [Ver = | Size = 223724 bytes | Modified Date = 18/01/2008 20:23:42 | Attr = R ]
hosts.20080119-003451.backup -> %System32%\drivers\etc\hosts.20080119-003451.backup -> [Ver = | Size = 223724 bytes | Modified Date = 18/01/2008 20:23:42 | Attr = ]
hosts.20080119-071510.backup -> %System32%\drivers\etc\hosts.20080119-071510.backup -> [Ver = | Size = 223724 bytes | Modified Date = 19/01/2008 00:34:52 | Attr = R ]
hosts.20080119-121310.backup -> %System32%\drivers\etc\hosts.20080119-121310.backup -> [Ver = | Size = 223724 bytes | Modified Date = 19/01/2008 07:15:10 | Attr = R ]
hosts.20080119-153035.backup -> %System32%\drivers\etc\hosts.20080119-153035.backup -> [Ver = | Size = 223724 bytes | Modified Date = 19/01/2008 12:13:10 | Attr = R ]
hosts.20080120-153645.backup -> %System32%\drivers\etc\hosts.20080120-153645.backup -> [Ver = | Size = 223724 bytes | Modified Date = 19/01/2008 15:30:35 | Attr = R ]
hosts.20080120-160639.backup -> %System32%\drivers\etc\hosts.20080120-160639.backup -> [Ver = | Size = 223724 bytes | Modified Date = 19/01/2008 15:30:35 | Attr = ]
hosts.20080120-164010.backup -> %System32%\drivers\etc\hosts.20080120-164010.backup -> [Ver = | Size = 223724 bytes | Modified Date = 19/01/2008 15:30:35 | Attr = ]
hosts.20080120-171303.backup -> %System32%\drivers\etc\hosts.20080120-171303.backup -> [Ver = | Size = 223724 bytes | Modified Date = 20/01/2008 16:40:10 | Attr = R ]
sptd.sys -> %System32%\drivers\sptd.sys -> [Ver = | Size = 715248 bytes | Modified Date = 08/01/2008 00:20:57 | Attr = ]
btask.dll -> %System32%\btask.dll -> Charter [Ver = 0, 1, 0, 1 | Size = 53760 bytes | Modified Date = 20/01/2008 21:51:24 | Attr = ]
BTCPatcher.exe -> %System32%\BTCPatcher.exe -> [Ver = | Size = 1499136 bytes | Modified Date = 31/12/2007 17:03:16 | Attr = ]
bvqfjhgn.ini -> %System32%\bvqfjhgn.ini -> [Ver = | Size = 1060742 bytes | Modified Date = 12/01/2008 00:17:51 | Attr = HS]
CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 11/01/2008 22:50:20 | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 17/01/2008 01:11:58 | Attr = ]
cbadd.ini -> %System32%\cbadd.ini -> [Ver = | Size = 319 bytes | Modified Date = 21/01/2008 19:55:46 | Attr = HS]
conf.dat -> %System32%\conf.dat -> [Ver = | Size = 184 bytes | Modified Date = 20/01/2008 22:17:58 | Attr = ]
config -> %System32%\config -> [Folder | Modified Date = 11/01/2008 22:28:13 | Attr = ]
cs.dat -> %System32%\cs.dat -> [Ver = | Size = 1 bytes | Modified Date = 21/01/2008 19:59:55 | Attr = ]
ddabc.dll -> %System32%\ddabc.dll -> [Ver = | Size = 334848 bytes | Modified Date = 21/01/2008 19:53:51 | Attr = ]
ddabc.exe -> %System32%\ddabc.exe -> [Ver = | Size = 338432 bytes | Modified Date = 21/01/2008 19:57:12 | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 13/01/2008 14:07:15 | Attr = RHS]
drivers -> %System32%\drivers -> [Folder | Modified Date = 13/01/2008 01:13:19 | Attr = ]
DRVSTORE -> %System32%\DRVSTORE -> [Folder | Modified Date = 31/12/2007 19:49:44 | Attr = ]
dxdss.sys -> %System32%\dxdss.sys -> [Ver = | Size = 54764 bytes | Modified Date = 11/01/2008 22:38:10 | Attr = ]
ggfhk.ini -> %System32%\ggfhk.ini -> [Ver = | Size = 13561 bytes | Modified Date = 17/01/2008 00:38:23 | Attr = HS]
ggfhk.ini2 -> %System32%\ggfhk.ini2 -> [Ver = | Size = 13561 bytes | Modified Date = 16/01/2008 19:59:24 | Attr = HS]
imon1.dat -> %System32%\imon1.dat -> [Ver = | Size = 48 bytes | Modified Date = 07/01/2008 02:19:23 | Attr = ]
ktask.dll -> %System32%\ktask.dll -> Charter [Ver = 0, 1, 0, 1 | Size = 53760 bytes | Modified Date = 20/01/2008 22:17:49 | Attr = ]
ktdrcuru.dll -> %System32%\ktdrcuru.dll -> [Ver = | Size = 163904 bytes | Modified Date = 18/01/2008 22:39:07 | Attr = ]
mhnpgpjo.dll -> %System32%\mhnpgpjo.dll -> [Ver = | Size = 76352 bytes | Modified Date = 18/01/2008 22:45:00 | Attr = ]
nnnlk.exe -> %System32%\nnnlk.exe -> [Ver = | Size = 338432 bytes | Modified Date = 21/01/2008 19:57:56 | Attr = ]
nqppo.ini -> %System32%\nqppo.ini -> [Ver = | Size = 2045 bytes | Modified Date = 21/01/2008 20:37:12 | Attr = HS]
nqppo.ini2 -> %System32%\nqppo.ini2 -> [Ver = | Size = 2045 bytes | Modified Date = 21/01/2008 20:37:15 | Attr = HS]
NTSpool.exe -> %System32%\NTSpool.exe -> [Ver = | Size = 39936 bytes | Modified Date = 30/12/2007 17:09:58 | Attr = ]
opnmnmk.dll -> %System32%\opnmnmk.dll -> [Ver = | Size = 37376 bytes | Modified Date = 06/01/2008 21:19:51 | Attr = ]
oppqn.dll -> %System32%\oppqn.dll -> [Ver = | Size = 334336 bytes | Modified Date = 21/01/2008 19:54:21 | Attr = ]
oppqn.exe -> %System32%\oppqn.exe -> [Ver = | Size = 337920 bytes | Modified Date = 21/01/2008 20:28:18 | Attr = ]
oqfiyooa.dll -> %System32%\oqfiyooa.dll -> [Ver = | Size = 163904 bytes | Modified Date = 18/01/2008 22:39:07 | Attr = ]
perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 59448 bytes | Modified Date = 11/01/2008 20:45:55 | Attr = ]
perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 393506 bytes | Modified Date = 11/01/2008 20:45:55 | Attr = ]
ps1.dat -> %System32%\ps1.dat -> [Ver = | Size = 1 bytes | Modified Date = 21/01/2008 19:59:55 | Attr = ]
qqsut.ini -> %System32%\qqsut.ini -> [Ver = | Size = 8500 bytes | Modified Date = 19/01/2008 22:40:19 | Attr = HS]
qqsut.ini2 -> %System32%\qqsut.ini2 -> [Ver = | Size = 8449 bytes | Modified Date = 19/01/2008 22:39:56 | Attr = HS]
rc.dat -> %System32%\rc.dat -> [Ver = | Size = 1 bytes | Modified Date = 21/01/2008 19:59:55 | Attr = ]
Restore -> %System32%\Restore -> [Folder | Modified Date = 08/01/2008 02:05:23 | Attr = ]
saptnkju.dll -> %System32%\saptnkju.dll -> [Ver = | Size = 88128 bytes | Modified Date = 18/01/2008 22:48:00 | Attr = ]
streamhlp.dll -> %System32%\streamhlp.dll -> [Ver = | Size = 59392 bytes | Modified Date = 12/01/2008 18:53:12 | Attr = R ]
tardeme2.dll -> %System32%\tardeme2.dll -> Bruder De [Ver = 0, 1, 0, 1 | Size = 53248 bytes | Modified Date = 11/01/2008 22:38:01 | Attr = ]
tardm2.dll -> %System32%\tardm2.dll -> Bruder De [Ver = 0, 1, 0, 1 | Size = 53248 bytes | Modified Date = 12/01/2008 00:07:14 | Attr = ]
tusqq.exe -> %System32%\tusqq.exe -> [Ver = | Size = 338432 bytes | Modified Date = 19/01/2008 14:52:06 | Attr = ]
ujkntpas.ini -> %System32%\ujkntpas.ini -> [Ver = | Size = 354 bytes | Modified Date = 20/01/2008 16:08:02 | Attr = HS]
uwyay.ini -> %System32%\uwyay.ini -> [Ver = | Size = 273808 bytes | Modified Date = 19/01/2008 01:22:08 | Attr = HS]
uwyay.ini2 -> %System32%\uwyay.ini2 -> [Ver = | Size = 273808 bytes | Modified Date = 19/01/2008 01:19:59 | Attr = HS]
VundoFixSVC.exe -> %System32%\VundoFixSVC.exe -> Atribune.org [Ver = 1.00.0003 | Size = 24576 bytes | Modified Date = 17/01/2008 11:48:47 | Attr = ]
wbem -> %System32%\wbem -> [Folder | Modified Date = 11/01/2008 22:27:07 | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 12704 bytes | Modified Date = 21/01/2008 20:28:21 | Attr = ]
yaywu.exe -> %System32%\yaywu.exe -> [Ver = | Size = 338432 bytes | Modified Date = 18/01/2008 23:51:55 | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 08/01/2008 21:31:16 | Attr = H ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 21/01/2008 20:27:02 | Attr = S]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 08/01/2008 00:02:15 | Attr = S]
ERDNT -> %SystemRoot%\ERDNT -> [Folder | Modified Date = 07/01/2008 23:59:11 | Attr = ]
imsins.BAK -> %SystemRoot%\imsins.BAK -> [Ver = | Size = 1374 bytes | Modified Date = 12/01/2008 03:24:58 | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 12/01/2008 12:20:31 | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 13/01/2008 09:14:03 | Attr = HS]
isRS-000.tmp -> %SystemRoot%\isRS-000.tmp -> [Ver = 51.46.0.0 | Size = 679424 bytes | Modified Date = 15/01/2008 18:45:12 | Attr = ]
Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 16/01/2008 18:24:59 | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 21/01/2008 20:19:35 | Attr = ]
pss -> %SystemRoot%\pss -> [Folder | Modified Date = 08/01/2008 22:31:36 | Attr = ]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 20/01/2008 16:08:13 | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 21/01/2008 19:57:36 | Attr = H ]
Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 11/01/2008 22:27:05 | Attr = ]
system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 13/01/2008 17:28:33 | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 21/01/2008 20:28:18 | Attr = ]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 21/01/2008 20:34:14 | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 823 bytes | Modified Date = 13/01/2008 17:28:33 | Attr = ]
wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 2201 bytes | Modified Date = 20/01/2008 17:55:58 | Attr = ]
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 31/12/2007 12:18:19 | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 21/01/2008 20:25:32 | Attr = H ]
[Files Modified - Additional Folder Scans - Non-Microsoft Only]
BVRP Software -> %AllUsersAppData%\BVRP Software -> [Folder | Modified Date = 03/01/2008 20:25:43 | Attr = ]
ESET -> %AllUsersAppData%\ESET -> [Folder | Modified Date = 07/01/2008 19:29:29 | Attr = ]
Lavasoft -> %AllUsersAppData%\Lavasoft -> [Folder | Modified Date = 13/01/2008 01:12:43 | Attr = ]
Spybot - Search & Destroy -> %AllUsersAppData%\Spybot - Search & Destroy -> [Folder | Modified Date = 15/01/2008 18:36:08 | Attr = ]
SUPERAntiSpyware.com -> %AllUsersAppData%\SUPERAntiSpyware.com -> [Folder | Modified Date = 07/01/2008 21:53:20 | Attr = ]
TEMP -> %AllUsersAppData%\TEMP -> [Folder | Modified Date = 21/01/2008 19:56:15 | Attr = ]
@Alternate Data Stream - 103 bytes -> %AllUsersAppData%\TEMP:A5682AEF
@Alternate Data Stream - 122 bytes -> %AllUsersAppData%\TEMP:A73B0434
@Alternate Data Stream - 100 bytes -> %AllUsersAppData%\TEMP:DFC5A2B2
@Alternate Data Stream - 120 bytes -> %AllUsersAppData%\TEMP:F8662B30
Mozilla -> %UserAppData%\Mozilla -> [Folder | Modified Date = 21/01/2008 20:28:49 | Attr = ]
IconCache.db -> %LocalAppData%\IconCache.db -> [Ver = | Size = 1930896 bytes | Modified Date = 18/01/2008 20:14:09 | Attr = H ]
Mozilla -> %LocalAppData%\Mozilla -> [Folder | Modified Date = 21/01/2008 20:28:49 | Attr = ]
Ad-Aware 2007.lnk -> %AllUsersDesktop%\Ad-Aware 2007.lnk -> [Ver = | Size = 1801 bytes | Modified Date = 13/01/2008 01:15:02 | Attr = ]
iTunes.lnk -> %AllUsersDesktop%\iTunes.lnk -> [Ver = | Size = 2137 bytes | Modified Date = 13/01/2008 00:53:10 | Attr = ]
WinPFind35u -> %UserDesktop%\WinPFind35u -> [Folder | Modified Date = 21/01/2008 20:36:38 | Attr = ]
WinPFind35u.exe -> %UserDesktop%\WinPFind35u.exe -> [Ver = | Size = 477509 bytes | Modified Date = 21/01/2008 20:31:57 | Attr = ]
Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Modified Date = 12/01/2008 14:22:34 | Attr = ]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 9698 bytes | Modified Date = 11/01/2008 22:53:21 | Attr = ]
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 10083 bytes | Modified Date = 11/01/2008 22:53:20 | Attr = ]
data.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\data.dat -> [Ver = | Size = 1388 bytes | Modified Date = 11/10/2007 22:44:58 | Attr = ]

< End of report >

#5 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:09:16 AM

Posted 21 January 2008 - 08:18 PM

Hi Cunnysmythe. This machine is quite heavily infected so it will probably take some time to get it cleaned up. Just be prepared.

Let's see if we can get it to budge a bit first. Please print these directions and then follow the steps below in order.

Then, I need you to delete you current copy of WinPFind35u and download a newer version. There is an update that we will need to use during this fix.

Download WinPFind35u.exe to your Desktop and double-click on it to extract the files. It will create a folder named WinPFind35u on your desktop.

Step #1

Open Notepad and copy/paste the text in the codebox below into the new document:

[Kill Explorer]
[Unregister Dlls]
[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YY -> 34eef882 -> %System32%\nghjfqvb.DLL
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
YY -> {B5A83A59-8BE9-471F-80B1-EA6EE5F22189} [HKEY_LOCAL_MACHINE] -> %System32%\opnmnmk.dll []
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
YN -> {140BD8E3-C167-11D4-B4A3-080000180323} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
YN -> {2db75835-217e-4741-894b-a58514168a97} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
YY -> {33c95685-7c0f-439a-974b-5b2dcf15453b} [HKEY_LOCAL_MACHINE] -> %System32%\mhnpgpjo.dll [Reg Error: Value does not exist or could not be read.]
YN -> {370228C4-2A30-4C92-A3BD-91DE68F3DBFE} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Value does not exist or could not be read.]
YN -> {3BA98B74-65C6-4CDD-9B27-B1ABEA7285F6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Value does not exist or could not be read.]
YY -> {414B5B61-6070-4684-9A9B-365DC4D569D6} [HKEY_LOCAL_MACHINE] -> %System32%\oppqn.dll [Reg Error: Value does not exist or could not be read.]
YN -> {50C625C3-837E-4F7D-9A00-B9020229B7C7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
YN -> {57996F13-2F71-45D9-A081-5BAEB7D92C37} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Value does not exist or could not be read.]
NY -> {7C8FF973-970E-42F3-A445-46673176848C} [HKEY_LOCAL_MACHINE] -> %System32%\yaywu.dll [Reg Error: Value does not exist or could not be read.]
YN -> {7E2EAFF5-7589-4C12-AD9F-1C89F56F4720} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
YY -> {7EDEC2BD-E54B-41C3-9578-47FD1A3034DD} [HKEY_LOCAL_MACHINE] -> %System32%\tusqq.dll [Reg Error: Value does not exist or could not be read.]
YN -> {9249572B-EB71-440F-894D-414806BF64BF} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
YY -> {B5A83A59-8BE9-471F-80B1-EA6EE5F22189} [HKEY_LOCAL_MACHINE] -> %System32%\opnmnmk.dll [Reg Error: Value does not exist or could not be read.]
YY -> {F10587E9-0E47-4CBE-84AE-7DD20B8684CC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Helper\superfindout.dll [e404mgr Class]
YY -> {FFF240ED-EB20-4D66-93E1-695CADAF9F48} [HKEY_LOCAL_MACHINE] -> %System32%\fcywx.dll [Reg Error: Value does not exist or could not be read.]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\
YN -> CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.]
[Registry - Additional Scans - Non-Microsoft Only]
< BotCheck > -> 
*Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages
YY -> C:\WINDOWS\system32\oppqn -> %System32%\oppqn.exe
< BotCheck > -> 
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\G:\Program Files\uTorrent\utorrent.exe -> G:\Program Files\uTorrent\utorrent.exe [G:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:1\Program Files\uTorrent\utorrent.exe -> C:1\Program Files\uTorrent\utorrent.exe [C:1\Program Files\uTorrent\utorrent.exe:*:Enabled:utorrent.exe]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent.exe -> C:\Program Files\uTorrent\uTorrent.exe [C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Cunny\Desktop\utorrent.exe -> C:\Documents and Settings\Cunny\Desktop\utorrent.exe [C:\Documents and Settings\Cunny\Desktop\utorrent.exe:*:Enabled:µTorrent]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent .exe -> C:\Program Files\uTorrent\uTorrent .exe [C:\Program Files\uTorrent\uTorrent .exe:*:Enabled:µTorrent]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent .exe -> C:\Program Files\uTorrent\uTorrent .exe [C:\Program Files\uTorrent\uTorrent .exe:*:Enabled:µTorrent]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent .exe -> C:\Program Files\uTorrent\uTorrent .exe [C:\Program Files\uTorrent\uTorrent .exe:*:Enabled:µTorrent]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent .exe -> C:\Program Files\uTorrent\uTorrent .exe [C:\Program Files\uTorrent\uTorrent .exe:*:Enabled:µTorrent]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent .exe -> C:\Program Files\uTorrent\uTorrent .exe [C:\Program Files\uTorrent\uTorrent .exe:*:Enabled:µTorrent]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent .exe -> C:\Program Files\uTorrent\uTorrent .exe [C:\Program Files\uTorrent\uTorrent .exe:*:Enabled:µTorrent]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent .exe -> C:\Program Files\uTorrent\uTorrent .exe [C:\Program Files\uTorrent\uTorrent .exe:*:Enabled:µTorrent]
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\pwvcgwku.exe -> C:\WINDOWS\system32\pwv
[Files/Folders - Created Within 30 days]
NY -> temp.html -> %SystemDrive%\temp.html
NY -> bvqfjhgn.ini -> %System32%\bvqfjhgn.ini
NY -> cbadd.ini -> %System32%\cbadd.ini
NY -> conf.dat -> %System32%\conf.dat
NY -> cs.dat -> %System32%\cs.dat
NY -> ddabc.dll -> %System32%\ddabc.dll
NY -> ddabc.exe -> %System32%\ddabc.exe
NY -> dxdss.sys -> %System32%\dxdss.sys
NY -> ggfhk.ini -> %System32%\ggfhk.ini
NY -> ggfhk.ini2 -> %System32%\ggfhk.ini2
NY -> ktdrcuru.dll -> %System32%\ktdrcuru.dll
NY -> mhnpgpjo.dll -> %System32%\mhnpgpjo.dll
NY -> nnnlk.exe -> %System32%\nnnlk.exe
NY -> nqppo.ini -> %System32%\nqppo.ini
NY -> nqppo.ini2 -> %System32%\nqppo.ini2
NY -> opnmnmk.dll -> %System32%\opnmnmk.dll
NY -> oppqn.dll -> %System32%\oppqn.dll
NY -> oppqn.exe -> %System32%\oppqn.exe
NY -> oqfiyooa.dll -> %System32%\oqfiyooa.dll
NY -> ps1.dat -> %System32%\ps1.dat
NY -> qqsut.ini -> %System32%\qqsut.ini
NY -> qqsut.ini2 -> %System32%\qqsut.ini2
NY -> rc.dat -> %System32%\rc.dat
NY -> saptnkju.dll -> %System32%\saptnkju.dll
NY -> tusqq.exe -> %System32%\tusqq.exe
NY -> ujkntpas.ini -> %System32%\ujkntpas.ini
NY -> uwyay.ini -> %System32%\uwyay.ini
NY -> uwyay.ini2 -> %System32%\uwyay.ini2
NY -> yaywu.exe -> %System32%\yaywu.exe
[Files/Folders - Modified Within 30 days]
NY -> cbadd.ini -> %System32%\cbadd.ini
NY -> conf.dat -> %System32%\conf.dat
NY -> cs.dat -> %System32%\cs.dat
NY -> ddabc.dll -> %System32%\ddabc.dll
NY -> ddabc.exe -> %System32%\ddabc.exe
NY -> dllcache -> %System32%\dllcache
NY -> dxdss.sys -> %System32%\dxdss.sys
NY -> ggfhk.ini -> %System32%\ggfhk.ini
NY -> ggfhk.ini2 -> %System32%\ggfhk.ini2
NY -> ktdrcuru.dll -> %System32%\ktdrcuru.dll
NY -> mhnpgpjo.dll -> %System32%\mhnpgpjo.dll
NY -> nnnlk.exe -> %System32%\nnnlk.exe
NY -> nqppo.ini -> %System32%\nqppo.ini
NY -> nqppo.ini2 -> %System32%\nqppo.ini2
NY -> NTSpool.exe -> %System32%\NTSpool.exe
NY -> opnmnmk.dll -> %System32%\opnmnmk.dll
NY -> oppqn.dll -> %System32%\oppqn.dll
NY -> oppqn.exe -> %System32%\oppqn.exe
NY -> oqfiyooa.dll -> %System32%\oqfiyooa.dll
NY -> ps1.dat -> %System32%\ps1.dat
NY -> qqsut.ini -> %System32%\qqsut.ini
NY -> qqsut.ini2 -> %System32%\qqsut.ini2
NY -> rc.dat -> %System32%\rc.dat
NY -> saptnkju.dll -> %System32%\saptnkju.dll
NY -> tardeme2.dll -> %System32%\tardeme2.dll
NY -> tardm2.dll -> %System32%\tardm2.dll
NY -> tusqq.exe -> %System32%\tusqq.exe
NY -> ujkntpas.ini -> %System32%\ujkntpas.ini
NY -> uwyay.ini -> %System32%\uwyay.ini
NY -> uwyay.ini2 -> %System32%\uwyay.ini2
NY -> yaywu.exe -> %System32%\yaywu.exe
NY -> imsins.BAK -> %SystemRoot%\imsins.BAK
[Files Modified - Additional Folder Scans - Non-Microsoft Only]
NY -> @Alternate Data Stream - 103 bytes -> %AllUsersAppData%\TEMP:A5682AEF
NY -> @Alternate Data Stream - 122 bytes -> %AllUsersAppData%\TEMP:A73B0434
NY -> @Alternate Data Stream - 100 bytes -> %AllUsersAppData%\TEMP:DFC5A2B2
NY -> @Alternate Data Stream - 120 bytes -> %AllUsersAppData%\TEMP:F8662B30
NY -> qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
NY -> qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
[Extra Files]
C:\WINDOWS\system32\pwv
[Empty Temp Folders]
[Start Explorer]

Save the document to your desktop as wpf35.txt and close Notepad.

Step #2

Download SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
  • Under "Configuration and Preferences", click the Preferences button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Close SUPERAntiSpyware, we will come back to it later on.
Step #3

Download VundoFix.exe to your desktop.
  • Double-click VundoFix.exe to run it.
  • Click the Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.
Step #4

Start SUPERAntiSpyware again and run a scan by doing the following:
  • On the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
Step #5

Now start WinPFind35U. Open Notepad and then open the wpf35.txt file that you saved to your desktop. Copy/paste the contents of the Notepad file into the WinPFind35u textbox where it says Paste Fix Here and click the Run Fix button.

The fix should only take a very short time. Your desktop will disappear and then reappear when the fix is complete, this is normal. You might be asked to reboot if any of the files could not be moved during the fix. If so, choose Yes and reboot the computer normally.

Step #6

Post the following back here:
  • the VundoFix log (c:\vundofix.txt)
  • the SUPERAntiSpyware report
  • the latest .log file from the WinPFind3u\MovedFiles folder (it will be a .log file and have a date_time name in the format mmddyyyy_hhmmss.log)
  • a new WinPFind35U report with the following options:
    • Under Additional Scans] click the checkboxes in front of the following items to select them:
    • File - Additional Folder Scans
  • Do not change any other settings.
I will review the information when it comes back in.

Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#6 Cunnysmythe

Cunnysmythe
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:02:16 PM

Posted 22 January 2008 - 06:39 AM

Thanks! I have to go out now but I'll get to this when I get back.


When you say download a newer version of WinPFind35u, can I just use the link in your post?

#7 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:09:16 AM

Posted 22 January 2008 - 02:24 PM

When you say download a newer version of WinPFind35u, can I just use the link in your post?

Absolutely. That link always has the latest version.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#8 Cunnysmythe

Cunnysmythe
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:02:16 PM

Posted 22 January 2008 - 04:59 PM

Good stuff!

Had a couple of problems.

Vundofix stopped responding on reboot; had to reboot manually.

opmnmk.dll couldn't be deleted on reboot, then Vundofix hung again and had to reboot again manually. Seemed fine afterwards.

I've used Vundofix a few times before, so there'll be extra in the log.


WinPFind32U stopped responding after a few seconds of the fix, had to terminate and try again. Worked fine second time.


Here we go...



VundoFix V6.7.7

Checking Java version...

Scan started at 19:41:58 11/01/2008

Listing files found while scanning....


VundoFix V6.7.7

Checking Java version...

Scan started at 03:44:01 13/01/2008

Listing files found while scanning....

C:\WINDOWS\system32\fcywx.dll
C:\WINDOWS\system32\fcywx.exe
C:\WINDOWS\system32\jfpnhgpw.dll
C:\WINDOWS\system32\lczhigxx.dll
C:\windows\system32\lczhigxx.dllbox
C:\WINDOWS\system32\opnmnmk.dll
C:\WINDOWS\system32\pvmfbivv.dll
C:\WINDOWS\system32\qgwnbsoj.dll
C:\WINDOWS\system32\qtodihok.dll
C:\windows\system32\uhxfnzoh.dllbox
C:\WINDOWS\system32\vvibfmvp.ini
C:\WINDOWS\system32\xwycf.ini
C:\WINDOWS\system32\xwycf.ini2
C:\WINDOWS\Temp\vid066.exe

Beginning removal...

VundoFix V6.7.7

Checking Java version...

Scan started at 15:34:36 13/01/2008

Listing files found while scanning....

C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\fcywx.dll
C:\WINDOWS\system32\fcywx.exe
C:\WINDOWS\system32\jfpnhgpw.dll
C:\WINDOWS\system32\lczhigxx.dll
C:\windows\system32\lczhigxx.dllbox
C:\WINDOWS\system32\opnmnmk.dll
C:\WINDOWS\system32\pvmfbivv.dll
C:\WINDOWS\system32\qgwnbsoj.dll
C:\WINDOWS\system32\qtodihok.dll
C:\windows\system32\uhxfnzoh.dllbox
C:\WINDOWS\system32\vvibfmvp.ini
C:\WINDOWS\system32\xwycf.ini
C:\WINDOWS\system32\xwycf.ini2
C:\WINDOWS\Temp\vid066.exe

Beginning removal...

Attempting to delete C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\ctfmon.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\fcywx.dll
C:\WINDOWS\system32\fcywx.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\fcywx.exe
C:\WINDOWS\system32\fcywx.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\jfpnhgpw.dll
C:\WINDOWS\system32\jfpnhgpw.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\lczhigxx.dll
C:\WINDOWS\system32\lczhigxx.dll Could not be deleted.

Attempting to delete C:\windows\system32\lczhigxx.dllbox
C:\windows\system32\lczhigxx.dllbox Has been deleted!

Attempting to delete C:\WINDOWS\system32\opnmnmk.dll
C:\WINDOWS\system32\opnmnmk.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\pvmfbivv.dll
C:\WINDOWS\system32\pvmfbivv.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\qgwnbsoj.dll
C:\WINDOWS\system32\qgwnbsoj.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\qtodihok.dll
C:\WINDOWS\system32\qtodihok.dll Has been deleted!

Attempting to delete C:\windows\system32\uhxfnzoh.dllbox
C:\windows\system32\uhxfnzoh.dllbox Has been deleted!

Attempting to delete C:\WINDOWS\system32\vvibfmvp.ini
C:\WINDOWS\system32\vvibfmvp.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\xwycf.ini
C:\WINDOWS\system32\xwycf.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\xwycf.ini2
C:\WINDOWS\system32\xwycf.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\Temp\vid066.exe
C:\WINDOWS\Temp\vid066.exe Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\lczhigxx.dll
C:\WINDOWS\system32\lczhigxx.dll Has been deleted!

Attempting to delete C:\windows\system32\lczhigxx.dllbox
C:\windows\system32\lczhigxx.dllbox Has been deleted!

Attempting to delete C:\WINDOWS\system32\opnmnmk.dll
C:\WINDOWS\system32\opnmnmk.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

VundoFix V6.7.7

Checking Java version...

Scan started at 17:27:42 13/01/2008

Listing files found while scanning....

C:\WINDOWS\system32\fcywx.dll
C:\WINDOWS\system32\fcywx.exe
C:\WINDOWS\system32\opnmnmk.dll
C:\WINDOWS\system32\xwycf.ini
C:\WINDOWS\system32\xwycf.ini2

Beginning removal...

Attempting to delete C:\WINDOWS\system32\fcywx.dll
C:\WINDOWS\system32\fcywx.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\fcywx.exe
C:\WINDOWS\system32\fcywx.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\opnmnmk.dll
C:\WINDOWS\system32\opnmnmk.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\xwycf.ini
C:\WINDOWS\system32\xwycf.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\xwycf.ini2
C:\WINDOWS\system32\xwycf.ini2 Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmnmk.dll
C:\WINDOWS\system32\opnmnmk.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.7.7

Checking Java version...

Scan started at 21:07:20 13/01/2008

Listing files found while scanning....

C:\WINDOWS\system32\nqppo.ini
C:\WINDOWS\system32\nqppo.ini2
C:\WINDOWS\system32\opnmnmk.dll
C:\WINDOWS\system32\oppqn.dll
C:\WINDOWS\system32\oppqn.exe

Beginning removal...

Attempting to delete C:\WINDOWS\system32\nqppo.ini
C:\WINDOWS\system32\nqppo.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\nqppo.ini2
C:\WINDOWS\system32\nqppo.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\opnmnmk.dll
C:\WINDOWS\system32\opnmnmk.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\oppqn.dll
C:\WINDOWS\system32\oppqn.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\oppqn.exe
C:\WINDOWS\system32\oppqn.exe Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmnmk.dll
C:\WINDOWS\system32\opnmnmk.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.7.7

Checking Java version...

Scan started at 21:59:36 13/01/2008

Listing files found while scanning....

C:\WINDOWS\system32\opnmnmk.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\opnmnmk.dll
C:\WINDOWS\system32\opnmnmk.dll Could not be deleted.

Performing Repairs to the registry.
Done!

VundoFix V6.7.7

Checking Java version...

Scan started at 10:50:43 17/01/2008

Listing files found while scanning....

C:\WINDOWS\system32\klnnn.ini
C:\WINDOWS\system32\klnnn.ini2
C:\WINDOWS\system32\nnnlk.dll
C:\WINDOWS\system32\nnnlk.exe
C:\WINDOWS\system32\opnmnmk.dll
C:\WINDOWS\system32\oppqn.exe
C:\WINDOWS\system32\xmihjqgu.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\klnnn.ini
C:\WINDOWS\system32\klnnn.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\klnnn.ini2
C:\WINDOWS\system32\klnnn.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\nnnlk.dll
C:\WINDOWS\system32\nnnlk.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\nnnlk.exe
C:\WINDOWS\system32\nnnlk.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\opnmnmk.dll
C:\WINDOWS\system32\opnmnmk.dll Could
Beginning removal...

VundoFix V6.7.7

Checking Java version...

Scan started at 17:42:41 22/01/2008

Listing files found while scanning....


VundoFix V6.7.7

Checking Java version...

Scan started at 18:16:05 22/01/2008

Listing files found while scanning....

C:\WINDOWS\system32\cbadd.ini
C:\WINDOWS\system32\ddabc.dll
C:\WINDOWS\system32\ddabc.exe
C:\WINDOWS\system32\ktdrcuru.dll
C:\WINDOWS\system32\mhnpgpjo.dll
C:\WINDOWS\system32\nnnlk.dll
C:\WINDOWS\system32\nnnlk.exe
C:\WINDOWS\system32\opnmnmk.dll
C:\WINDOWS\system32\oppqn.exe
C:\WINDOWS\system32\oqfiyooa.dll
C:\WINDOWS\system32\saptnkju.dll
C:\WINDOWS\system32\tusqq.exe
C:\WINDOWS\system32\yaywu.exe

Beginning removal...

Attempting to delete C:\WINDOWS\system32\cbadd.ini
C:\WINDOWS\system32\cbadd.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\ddabc.dll
C:\WINDOWS\system32\ddabc.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ddabc.exe
C:\WINDOWS\system32\ddabc.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\ktdrcuru.dll
C:\WINDOWS\system32\ktdrcuru.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\mhnpgpjo.dll
C:\WINDOWS\system32\mhnpgpjo.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\nnnlk.dll
C:\WINDOWS\system32\nnnlk.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\nnnlk.exe
C:\WINDOWS\system32\nnnlk.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\opnmnmk.dll
C:\WINDOWS\system32\opnmnmk.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\oppqn.exe
C:\WINDOWS\system32\oppqn.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\oqfiyooa.dll
C:\WINDOWS
Beginning removal...

Beginning removal...


------------------------------------

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/22/2008 at 08:27 PM

Application Version : 3.9.1008

Core Rules Database Version : 3259
Trace Rules Database Version: 1270

Scan type : Complete Scan
Total Scan Time : 00:51:22

Memory items scanned : 359
Memory threats detected : 0
Registry items scanned : 5757
Registry threats detected : 0
File items scanned : 42206
File threats detected : 3

Adware.Tracking Cookie
C:\Documents and Settings\Cunny\Cookies\cunny@ad.uk.tangozebra[1].txt
C:\Documents and Settings\Cunny\Cookies\cunny@advertising[2].txt
C:\Documents and Settings\Cunny\Cookies\cunny@questionmarket[2].txt


----------------------------------------

Explorer killed successfully
[Registry - Non-Microsoft Only]
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\34eef882 not found.
File C:\WINDOWS\System32\nghjfqvb.DLL not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{B5A83A59-8BE9-471F-80B1-EA6EE5F22189} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5A83A59-8BE9-471F-80B1-EA6EE5F22189}\ not found.
File C:\WINDOWS\System32\opnmnmk.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{140BD8E3-C167-11D4-B4A3-080000180323}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{140BD8E3-C167-11D4-B4A3-080000180323}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2db75835-217e-4741-894b-a58514168a97}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2db75835-217e-4741-894b-a58514168a97}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33c95685-7c0f-439a-974b-5b2dcf15453b}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33c95685-7c0f-439a-974b-5b2dcf15453b}\ not found.
File C:\WINDOWS\System32\mhnpgpjo.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{370228C4-2A30-4C92-A3BD-91DE68F3DBFE}\ not found.
Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{370228C4-2A30-4C92-A3BD-91DE68F3DBFE}\ .
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3BA98B74-65C6-4CDD-9B27-B1ABEA7285F6}\ not found.
Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BA98B74-65C6-4CDD-9B27-B1ABEA7285F6}\ .
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414B5B61-6070-4684-9A9B-365DC4D569D6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{414B5B61-6070-4684-9A9B-365DC4D569D6}\ not found.
File C:\WINDOWS\System32\oppqn.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50C625C3-837E-4F7D-9A00-B9020229B7C7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{50C625C3-837E-4F7D-9A00-B9020229B7C7}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{57996F13-2F71-45D9-A081-5BAEB7D92C37}\ not found.
Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57996F13-2F71-45D9-A081-5BAEB7D92C37}\ .
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C8FF973-970E-42F3-A445-46673176848C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C8FF973-970E-42F3-A445-46673176848C}\ not found.
File C:\WINDOWS\System32\yaywu.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E2EAFF5-7589-4C12-AD9F-1C89F56F4720}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E2EAFF5-7589-4C12-AD9F-1C89F56F4720}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7EDEC2BD-E54B-41C3-9578-47FD1A3034DD}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7EDEC2BD-E54B-41C3-9578-47FD1A3034DD}\ not found.
File C:\WINDOWS\System32\tusqq.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9249572B-EB71-440F-894D-414806BF64BF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9249572B-EB71-440F-894D-414806BF64BF}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B5A83A59-8BE9-471F-80B1-EA6EE5F22189}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5A83A59-8BE9-471F-80B1-EA6EE5F22189}\ not found.
File C:\WINDOWS\System32\opnmnmk.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F10587E9-0E47-4CBE-84AE-7DD20B8684CC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F10587E9-0E47-4CBE-84AE-7DD20B8684CC}\ not found.
File C:\Program Files\Helper\superfindout.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFF240ED-EB20-4D66-93E1-695CADAF9F48}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFF240ED-EB20-4D66-93E1-695CADAF9F48}\ not found.
File C:\WINDOWS\System32\fcywx.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c95fe080-8f5d-11d2-a20b-00aa003c157a}\ not found.
[Registry - Additional Scans - Non-Microsoft Only]
Unable to delete registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages:C:\WINDOWS\system32\oppqn .
File C:\WINDOWS\System32\oppqn.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\G:\Program Files\uTorrent\utorrent.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:1\Program Files\uTorrent\utorrent.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Documents and Settings\Cunny\Desktop\utorrent.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent .exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent .exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent .exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent .exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent .exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent .exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files\uTorrent\uTorrent .exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\system32\pwvcgwku.exe not found.
[Files/Folders - Created Within 30 days]
File C:\temp.html not found!
File C:\WINDOWS\System32\bvqfjhgn.ini not found!
File C:\WINDOWS\System32\cbadd.ini not found!
File C:\WINDOWS\System32\conf.dat not found!
File C:\WINDOWS\System32\cs.dat not found!
File C:\WINDOWS\System32\ddabc.dll not found!
File C:\WINDOWS\System32\ddabc.exe not found!
File move failed. C:\WINDOWS\System32\dxdss.sys scheduled to be moved on reboot.
File C:\WINDOWS\System32\ggfhk.ini not found!
File C:\WINDOWS\System32\ggfhk.ini2 not found!
File C:\WINDOWS\System32\ktdrcuru.dll not found!
File C:\WINDOWS\System32\mhnpgpjo.dll not found!
C:\WINDOWS\System32\nnnlk.exe moved successfully.
File C:\WINDOWS\System32\nqppo.ini not found!
File C:\WINDOWS\System32\nqppo.ini2 not found!
File C:\WINDOWS\System32\opnmnmk.dll not found!
File C:\WINDOWS\System32\oppqn.dll not found!
File C:\WINDOWS\System32\oppqn.exe not found!
File C:\WINDOWS\System32\oqfiyooa.dll not found!
File C:\WINDOWS\System32\ps1.dat not found!
File C:\WINDOWS\System32\qqsut.ini not found!
File C:\WINDOWS\System32\qqsut.ini2 not found!
File C:\WINDOWS\System32\rc.dat not found!
File C:\WINDOWS\System32\saptnkju.dll not found!
File C:\WINDOWS\System32\tusqq.exe not found!
File C:\WINDOWS\System32\ujkntpas.ini not found!
File C:\WINDOWS\System32\uwyay.ini not found!
File C:\WINDOWS\System32\uwyay.ini2 not found!
File C:\WINDOWS\System32\yaywu.exe not found!
[Files/Folders - Modified Within 30 days]
File C:\WINDOWS\System32\cbadd.ini not found!
File C:\WINDOWS\System32\conf.dat not found!
File C:\WINDOWS\System32\cs.dat not found!
File C:\WINDOWS\System32\ddabc.dll not found!
File C:\WINDOWS\System32\ddabc.exe not found!
File C:\WINDOWS\System32\dllcache not found!
File move failed. C:\WINDOWS\System32\dxdss.sys scheduled to be moved on reboot.
File C:\WINDOWS\System32\ggfhk.ini not found!
File C:\WINDOWS\System32\ggfhk.ini2 not found!
File C:\WINDOWS\System32\ktdrcuru.dll not found!
File C:\WINDOWS\System32\mhnpgpjo.dll not found!
File C:\WINDOWS\System32\nnnlk.exe not found!
File C:\WINDOWS\System32\nqppo.ini not found!
File C:\WINDOWS\System32\nqppo.ini2 not found!
File C:\WINDOWS\System32\NTSpool.exe not found!
File C:\WINDOWS\System32\opnmnmk.dll not found!
File C:\WINDOWS\System32\oppqn.dll not found!
File C:\WINDOWS\System32\oppqn.exe not found!
File C:\WINDOWS\System32\oqfiyooa.dll not found!
File C:\WINDOWS\System32\ps1.dat not found!
File C:\WINDOWS\System32\qqsut.ini not found!
File C:\WINDOWS\System32\qqsut.ini2 not found!
File C:\WINDOWS\System32\rc.dat not found!
File C:\WINDOWS\System32\saptnkju.dll not found!
File C:\WINDOWS\System32\tardeme2.dll not found!
File C:\WINDOWS\System32\tardm2.dll not found!
File C:\WINDOWS\System32\tusqq.exe not found!
File C:\WINDOWS\System32\ujkntpas.ini not found!
File C:\WINDOWS\System32\uwyay.ini not found!
File C:\WINDOWS\System32\uwyay.ini2 not found!
File C:\WINDOWS\System32\yaywu.exe not found!
File C:\WINDOWS\imsins.BAK not found!
[Files Modified - Additional Folder Scans - Non-Microsoft Only]
Unable to delete ADS C:\Documents and Settings\All Users\Application Data\TEMP:A5682AEF .
Unable to delete ADS C:\Documents and Settings\All Users\Application Data\TEMP:A73B0434 .
Unable to delete ADS C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 .
Unable to delete ADS C:\Documents and Settings\All Users\Application Data\TEMP:F8662B30 .
File C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat not found!
File C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat not found!
[Extra Files]
< C:\WINDOWS\system32\pwv >
File/Folder C:\WINDOWS\system32\pwv not found.
[Empty Temp Folders]
File delete failed. C:\Documents and Settings\Administrator\Local Settings\Temp\TMPE.tmp scheduled to be deleted on reboot.
User temp folders emptied.
SystemRoot temp folder emptied.
IE temp folders emptied
RecycleBin -> emptied.
Explorer started successfully
< End of fix log >
WinPFind35U Version Beta31 fix logfile created on 01222008_204907


-------------------------------------------------------

WinPFind35 logfile created on: 22/01/2008 21:44:06
WinPFind35U Version Beta31 Folder = C:\Documents and Settings\Administrator\Desktop\WinPFind35u
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)

223.48 Mb Total Physical Memory | 21.00 Mb Available Physical Memory | 9.40% Memory free
544.85 Mb Paging File | 148.28 Mb Available in Paging File | 27.22% Paging File free
Paging file location(s): C:\pagefile.sys 336 672;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27.95 Gb Total Space | 11.57 Gb Free Space | 41.39% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded

Computer Name: GLENDORA
Current User Name: Glendora Wooding
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user


[Processes - Non-Microsoft Only]
s24evmon.exe -> %System32%\S24EvMon.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 311363 bytes | Modified Date = 16/12/2003 15:42:32 | Attr = ]
aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft AB [Ver = 7, 0, 2, 5 | Size = 587096 bytes | Modified Date = 29/10/2007 13:27:04 | Attr = ]
applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 06/09/2007 13:28:18 | Attr = ]
ekrn.exe -> %ProgramFiles%\ESET\ESET Smart Security\ekrn.exe -> ESET [Ver = 3.0.621 | Size = 468224 bytes | Modified Date = 21/12/2007 08:21:16 | Attr = ]
regsrvc.exe -> %System32%\RegSrvc.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 122880 bytes | Modified Date = 16/12/2003 15:41:40 | Attr = ]
slserv.exe -> %System32%\slserv.exe -> [Ver = 2.80.00(24Apr2000) | Size = 45056 bytes | Modified Date = 16/01/2003 18:02:38 | Attr = ]
zcfgsvc.exe -> %System32%\ZCfgSvc.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 376832 bytes | Modified Date = 16/12/2003 15:47:42 | Attr = ]
1xconfig.exe -> %System32%\1XConfig.exe -> Intel [Ver = 8, 0, 0, 161 | Size = 184320 bytes | Modified Date = 16/12/2003 15:43:06 | Attr = ]
ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 700928 bytes | Modified Date = 22/01/2008 20:52:51 | Attr = ]
superantispyware.exe -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe -> SUPERAntiSpyware.com [Ver = 3, 9, 0, 1008 | Size = 1771008 bytes | Modified Date = 22/01/2008 20:52:22 | Attr = ]
ituneshelper .exe -> %ProgramFiles%\iTunes\iTunesHelper .exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 267048 bytes | Modified Date = 22/01/2008 20:53:25 | Attr = ]
superantispyware .exe -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware .exe -> SUPERAntiSpyware.com [Ver = 3, 9, 0, 1008 | Size = 1318912 bytes | Modified Date = 22/01/2008 20:53:39 | Attr = ]
ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 504104 bytes | Modified Date = 11/12/2007 12:10:16 | Attr = ]
svchost.exe -> %System32%\drivers\svchost.exe [] -> [Ver = | Size = 69489 bytes | Modified Date = 22/01/2008 21:01:09 | Attr = ]
-> [Wmi] -> File not found
firefox.exe -> %ProgramFiles%\Mozilla Firefox\firefox.exe -> Mozilla Corporation [Ver = 1.8.1.11: 2007112718 | Size = 7650416 bytes | Modified Date = 01/12/2007 12:27:21 | Attr = ]
winpfind35u.exe -> %SystemDrive%\Documents and Settings\Administrator\Desktop\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.0.0 | Size = 306176 bytes | Modified Date = 21/01/2008 19:33:52 | Attr = ]

[Win32 Services - Non-Microsoft Only]
(aawservice) Ad-Aware 2007 Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft AB [Ver = 7, 0, 2, 5 | Size = 587096 bytes | Modified Date = 29/10/2007 13:27:04 | Attr = ]
(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 06/09/2007 13:28:18 | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 04/08/2004 07:56:48 | Attr = ]
(EhttpSrv) Eset HTTP Server [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\ESET\ESET Smart Security\EHttpSrv.exe -> ESET [Ver = 3.0.621 | Size = 19200 bytes | Modified Date = 21/12/2007 08:22:44 | Attr = ]
(ekrn) Eset Service [Win32_Own | Auto | Running] -> %ProgramFiles%\ESET\ESET Smart Security\ekrn.exe -> ESET [Ver = 3.0.621 | Size = 468224 bytes | Modified Date = 21/12/2007 08:21:16 | Attr = ]
(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.734.29932.beta | Size = 138168 bytes | Modified Date = 22/04/2007 00:59:09 | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 04/04/2005 00:41:10 | Attr = ]
(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 504104 bytes | Modified Date = 11/12/2007 12:10:16 | Attr = ]
(RegSrvc) RegSrvc [Win32_Own | Auto | Running] -> %System32%\RegSrvc.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 122880 bytes | Modified Date = 16/12/2003 15:41:40 | Attr = ]
(S24EventMonitor) Spectrum24 Event Monitor [Win32_Own | Auto | Running] -> %System32%\S24EvMon.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 311363 bytes | Modified Date = 16/12/2003 15:42:32 | Attr = ]
(SLService) SmartLinkService [Win32_Own | Auto | Running] -> %System32%\slserv.exe -> [Ver = 2.80.00(24Apr2000) | Size = 45056 bytes | Modified Date = 16/01/2003 18:02:38 | Attr = ]
(VundoFixSvc) VundoFix Service [Win32_Own | On_Demand | Stopped] -> %System32%\VundoFixSVC.exe -> Atribune.org [Ver = 1.00.0003 | Size = 24576 bytes | Modified Date = 17/01/2008 11:48:47 | Attr = ]

[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
-> -> File not found
Easy-PrintToolBox -> %ProgramFiles%\Canon\Easy-PrintToolBox\BJPSMAIN.EXE -> File not found
egui -> %ProgramFiles%\ESET\ESET Smart Security\egui.exe -> File not found
HotKeysCmds -> %System32%\hkcmd.exe -> File not found
IgfxTray -> %System32%\igfxtray.exe -> File not found
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 700928 bytes | Modified Date = 22/01/2008 20:52:51 | Attr = ]
Kernel32 -> %System32%\drivers\svchost.exe -> [Ver = | Size = 69489 bytes | Modified Date = 22/01/2008 21:01:09 | Attr = ]
nod32kui -> %ProgramFiles%\Eset\nod32kui.exe -> File not found
PRONoMgr.exe -> %ProgramFiles%\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe -> File not found
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_03\bin\jusched.exe -> File not found
SynTPEnh -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> File not found
SynTPLpr -> %ProgramFiles%\Synaptics\SynTP\SynTPLpr.exe -> File not found
< OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL-> Installed = 1 ->
MAPI-> Installed = 1 ->
MSFS-> Installed = 1 ->
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
ctfmon.exe -> %System32%\ctfmon.exe -> File not found
SUPERAntiSpyware -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe -> SUPERAntiSpyware.com [Ver = 3, 9, 0, 1008 | Size = 1771008 bytes | Modified Date = 22/01/2008 20:52:22 | Attr = ]
< Windows NT\\Load [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\load ->
C:\WINDOWS\system32\nnnlk.exe -> %System32%\nnnlk.exe -> [Ver = | Size = 338432 bytes | Modified Date = 22/01/2008 20:53:42 | Attr = ]
*MultiFile Done* -> ->
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
< Glendora Wooding Startup Folder > -> C:\Documents and Settings\Glendora Wooding\Start Menu\Programs\Startup ->
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> SuperAdBlocker.com [Ver = 1, 0, 0, 1008 | Size = 77824 bytes | Modified Date = 20/12/2006 13:55:48 | Attr = ]
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
!SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.dll -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1046 | Size = 294912 bytes | Modified Date = 19/04/2007 13:41:36 | Attr = ]
igfxcui -> %System32%\igfxsrvc.dll -> Intel Corporation [Ver = 3,0,0,2104 | Size = 315392 bytes | Modified Date = 06/04/2003 16:06:48 | Attr = ]
Sebring -> %System32%\LgNotify.dll -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 110592 bytes | Modified Date = 16/12/2003 15:49:34 | Attr = ]
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
< HOSTS File > (223724 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://uk.yahoo.com ->
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://uk.yahoo.com ->
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://www.google.com/ie ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\Search Page -> http://www.google.com ->
HKEY_CURRENT_USER\: Main\\Start Page -> http://uk.yahoo.com ->
HKEY_CURRENT_USER\: SearchURL\\ -> http://www.google.com/keyword/%s[Reg Error: Value provider does not exist or could not be read.] ->
HKEY_CURRENT_USER\: URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Yahoo! Toolbar] -> File not found
HKEY_CURRENT_USER\: ProxyEnable -> 0 ->
HKEY_CURRENT_USER\: ProxyOverride -> <local> ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4179 domain(s) found. ->
35 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
.[msn] -> My Computer ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.9.2006121800 | Size = 59032 bytes | Modified Date = 18/12/2006 04:16:42 | Attr = ]
{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> Safer Networking Limited [Ver = 1, 5, 0, 8 | Size = 1122128 bytes | Modified Date = 31/08/2007 16:46:14 | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_04\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 509328 bytes | Modified Date = 14/12/2007 03:42:36 | Attr = ]
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar3.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 19/01/2007 22:55:32 | Attr = R ]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [Google Toolbar Notifier BHO] -> Google Inc. [Ver = 2, 0, 301, 7164 | Size = 325048 bytes | Modified Date = 16/10/2007 16:29:51 | Attr = ]
{B7CFFC6B-64F9-4921-97A6-805D7C5757D3} [HKEY_LOCAL_MACHINE] -> %System32%\nnnlk.dll [Reg Error: Value does not exist or could not be read.] -> [Ver = | Size = 334848 bytes | Modified Date = 22/01/2008 19:32:27 | Attr = ]
{E1290342-AAFF-4f7c-9F45-D665E4BF1A00} [HKEY_LOCAL_MACHINE] -> %System32%\ktask.dll [Google Module] -> Charter [Ver = 0, 1, 0, 1 | Size = 53760 bytes | Modified Date = 21/01/2008 23:23:40 | Attr = ]
{F10587E9-0E47-4CBE-84AE-7DD20B8684CC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Helper\superfindout.dll [e404mgr Class] -> [Ver = 1, 0, 0, 1 | Size = 15872 bytes | Modified Date = 22/01/2008 21:00:40 | Attr = ]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar3.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 19/01/2007 22:55:32 | Attr = R ]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Canon\Easy-WebPrint\Toolband.dll [Easy-WebPrint] -> [Ver = 2, 5, 1, 6 | Size = 405504 bytes | Modified Date = 26/08/2004 10:27:32 | Attr = ]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar3.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 19/01/2007 22:55:32 | Attr = R ]
ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar3.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 19/01/2007 22:55:32 | Attr = R ]
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Yahoo! Toolbar] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_04\bin\npjpi160_04.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 132496 bytes | Modified Date = 14/12/2007 03:42:37 | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_04\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 509328 bytes | Modified Date = 14/12/2007 03:42:36 | Attr = ]
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 5, 0, 8 | Size = 1122128 bytes | Modified Date = 31/08/2007 16:46:14 | Attr = ]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
Download All by FlashGet -> %ProgramFiles%\FlashGet\jc_all.htm -> File not found
Download using FlashGet -> %ProgramFiles%\FlashGet\jc_link.htm -> File not found
E&xport to Microsoft Excel -> -> File not found
Easy-WebPrint Add To Print List -> %ProgramFiles%\Canon\Easy-WebPrint\Resource.dll\RC_AddToList.htm -> File not found
Easy-WebPrint High Speed Print -> %ProgramFiles%\Canon\Easy-WebPrint\Resource.dll\RC_HSPrint.htm -> File not found
Easy-WebPrint Preview -> %ProgramFiles%\Canon\Easy-WebPrint\Resource.dll\RC_Preview.htm -> File not found
Easy-WebPrint Print -> %ProgramFiles%\Canon\Easy-WebPrint\Resource.dll\RC_Print.htm -> File not found
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find...=%s&mime=%s ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{20E84452-9651-4B70-BB06-A731EE2C9AB1} -> (1394 Net Adapter) ->
{211D2732-7838-4958-B95D-5BCDEFC682C7} -> (Intel® PRO/Wireless 2200BG Network Connection) ->
{A827AC52-F93C-4938-85F6-CAF906DFDE35} -> () ->
{BB8BF008-FEEF-4092-9D4D-A505EA66A0B7} -> (Sony Ericsson Device 038 USB Ethernet Emulation (NDIS 5)) ->
{C89C7A95-1336-4BDA-9F61-5962A41C5F51} -> (Realtek RTL8139/810x Family Fast Ethernet NIC) ->
{D3355E58-9713-48CB-A56B-733BDDA36F18} -> (1394 Net Adapter) ->
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found
msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[Java Plug-in 1.6.0_04] ->
{9F1C11AA-197B-4942-BA54-47A8489BB47F}[HKEY_LOCAL_MACHINE] -> http://v4.windowsupdate.microsoft.com/CAB/...8156.1850578704[Reg Error: Key does not exist or could not be opened.] ->
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[Java Plug-in 1.6.0_03] ->
{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[Java Plug-in 1.6.0_04] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[Java Plug-in 1.6.0_04] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flash...ent/swflash.cab[Shockwave Flash Object] ->



[Files/Folders - Created Within 30 days]
!KillBox -> %SystemDrive%\!KillBox -> [Folder | Created Date = 15/01/2008 01:29:47 | Attr = ]
Deckard -> %SystemDrive%\Deckard -> [Folder | Created Date = 07/01/2008 23:07:19 | Attr = ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 234409984 bytes | Created Date = 22/01/2008 20:50:43 | Attr = HS]
Programas -> %SystemDrive%\Programas -> [Folder | Created Date = 07/01/2008 21:38:59 | Attr = ]
SUPERAntiSpyware.exe -> %SystemDrive%\SUPERAntiSpyware.exe -> [Ver = | Size = 5914648 bytes | Created Date = 22/01/2008 17:03:16 | Attr = ]
VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Created Date = 13/01/2008 03:44:01 | Attr = ]
VundoFix.exe -> %SystemDrive%\VundoFix.exe -> Atribune.org [Ver = 6.07.0007 | Size = 132608 bytes | Created Date = 22/01/2008 17:03:16 | Attr = ]
WinPFind35u.exe -> %SystemDrive%\WinPFind35u.exe -> [Ver = | Size = 476717 bytes | Created Date = 22/01/2008 17:03:20 | Attr = ]
3cwmcru.sys -> %System32%\dllcache\3cwmcru.sys -> 3Com, Inc. [Ver = 1.44.008.0020 | Size = 762780 bytes | Created Date = 22/01/2008 20:56:23 | Attr = ]
3dfxvs.dll -> %System32%\dllcache\3dfxvs.dll -> 3dfx Interactive, Inc. [Ver = 5.00.2489.0028 | Size = 689216 bytes | Created Date = 22/01/2008 20:56:23 | Attr = ]
3dfxvsm.sys -> %System32%\dllcache\3dfxvsm.sys -> 3dfx Interactive, Inc. [Ver = 5.00.2489.0028 | Size = 148352 bytes | Created Date = 22/01/2008 20:56:24 | Attr = ]
a3dapi.dll -> %System32%\dllcache\a3dapi.dll -> Aureal Inc. [Ver = 3.02 | Size = 462848 bytes | Created Date = 22/01/2008 20:56:27 | Attr = ]
ac97ali.sys -> %System32%\dllcache\ac97ali.sys -> Acer Laboratories Inc. [Ver = 5.12.01.6003 | Size = 231552 bytes | Created Date = 22/01/2008 20:56:28 | Attr = ]
ac97intc.sys -> %System32%\dllcache\ac97intc.sys -> Intel Corporation [Ver = 5.10.3523 built by: WinDDK | Size = 96256 bytes | Created Date = 22/01/2008 20:56:28 | Attr = ]
ac97sis.sys -> %System32%\dllcache\ac97sis.sys -> Silicon Integrated Systems Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 297728 bytes | Created Date = 22/01/2008 20:56:29 | Attr = ]
ac97via.sys -> %System32%\dllcache\ac97via.sys -> VIA Technologies, Inc. [Ver = 5.10.00.3622 built by: WinDDK | Size = 84480 bytes | Created Date = 22/01/2008 20:56:29 | Attr = ]
acerscad.dll -> %System32%\dllcache\acerscad.dll -> Color Flatbed Scanner [Ver = 1, 0, 0, 0 | Size = 61440 bytes | Created Date = 22/01/2008 20:56:30 | Attr = ]
adm8511.sys -> %System32%\dllcache\adm8511.sys -> ADMtek Incorporated [Ver = 2.04.2001.0719 built by: WinDDK | Size = 20160 bytes | Created Date = 22/01/2008 20:56:32 | Attr = ]
adm8810.sys -> %System32%\dllcache\adm8810.sys -> Aureal, Inc. [Ver = 5.12.01.3500 | Size = 584448 bytes | Created Date = 22/01/2008 20:56:32 | Attr = ]
adm8820.sys -> %System32%\dllcache\adm8820.sys -> Aureal, Inc. [Ver = 5.12.01.1500 | Size = 553984 bytes | Created Date = 22/01/2008 20:56:33 | Attr = ]
adm8830.sys -> %System32%\dllcache\adm8830.sys -> Aureal, Inc. [Ver = 5.12.01.2500 | Size = 747392 bytes | Created Date = 22/01/2008 20:56:33 | Attr = ]
admjoy.sys -> %System32%\dllcache\admjoy.sys -> Aureal, Inc. [Ver = 5.12.01.1500 | Size = 10880 bytes | Created Date = 22/01/2008 20:56:34 | Attr = ]
adptsf50.sys -> %System32%\dllcache\adptsf50.sys -> Adaptec, Inc [Ver = V5.10.22 | Size = 46112 bytes | Created Date = 22/01/2008 20:56:34 | Attr = ]
ali5261.sys -> %System32%\dllcache\ali5261.sys -> Acer Laboratories Inc. [Ver = 5.01.2462.0102 | Size = 27678 bytes | Created Date = 22/01/2008 20:56:42 | Attr = ]
alifir.sys -> %System32%\dllcache\alifir.sys -> Acer Laboratories Inc. [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 26624 bytes | Created Date = 22/01/2008 20:56:42 | Attr = ]
amb8002.sys -> %System32%\dllcache\amb8002.sys -> AmbiCom, Inc. [Ver = v3.03 | Size = 16969 bytes | Created Date = 22/01/2008 20:56:43 | Attr = ]
an983.sys -> %System32%\dllcache\an983.sys -> ADMtek Incorporated. [Ver = 2.17.1025.2001 built by: WinDDK | Size = 36224 bytes | Created Date = 22/01/2008 20:56:44 | Attr = ]
aspndis3.sys -> %System32%\dllcache\aspndis3.sys -> Bay Networks, Inc. [Ver = 3.23.11 | Size = 97354 bytes | Created Date = 22/01/2008 20:56:47 | Attr = ]
ati.sys -> %System32%\dllcache\ati.sys -> ATI Technologies, Inc. [Ver = 3.0.62 (XPClient.010817-1148) | Size = 77568 bytes | Created Date = 22/01/2008 20:56:48 | Attr = ]
atibt829.sys -> %System32%\dllcache\atibt829.sys -> [Ver = | Size = 46464 bytes | Created Date = 22/01/2008 20:56:50 | Attr = ]
atidrab.dll -> %System32%\dllcache\atidrab.dll -> ATI Technologies Inc. [Ver = 5.01.2195.5012 (ReleasedBinaries.010718-0005) | Size = 382592 bytes | Created Date = 22/01/2008 20:56:51 | Attr = ]
atidrae.dll -> %System32%\dllcache\atidrae.dll -> ATI Technologies Inc. [Ver = 5.1.2493.0 (Lab01_N(ericks).010612-1818) | Size = 137216 bytes | Created Date = 22/01/2008 20:56:51 | Attr = ]
atidvai.dll -> %System32%\dllcache\atidvai.dll -> ATI Technologies Inc. [Ver = 5.10.2280.1028 (ReleasedBinaries.010715-1631) | Size = 268160 bytes | Created Date = 22/01/2008 20:56:51 | Attr = ]
atimpab.sys -> %System32%\dllcache\atimpab.sys -> ATI Technologies Inc. [Ver = 5.00.2195.5007 (ReleasedBinaries.010718-0005) | Size = 289664 bytes | Created Date = 22/01/2008 20:56:52 | Attr = ]
atimpae.sys -> %System32%\dllcache\atimpae.sys -> ATI Technologies Inc. [Ver = 5.1.2493.0 (Lab01_N(ericks).010612-1818) | Size = 75136 bytes | Created Date = 22/01/2008 20:56:52 | Attr = ]
atimtai.sys -> %System32%\dllcache\atimtai.sys -> ATI Technologies Inc. [Ver = 5.13.01.1140 (ReleasedBinaries.010715-1631) | Size = 281600 bytes | Created Date = 22/01/2008 20:56:53 | Attr = ]
atipcxxx.sys -> %System32%\dllcache\atipcxxx.sys -> [Ver = | Size = 10240 bytes | Created Date = 22/01/2008 20:56:54 | Attr = ]
atiraged.dll -> %System32%\dllcache\atiraged.dll -> ATI Technologies Inc. [Ver = 5.1.2493.0 (Lab01_N(ericks).010612-1818) | Size = 104832 bytes | Created Date = 22/01/2008 20:56:54 | Attr = ]
atiragem.sys -> %System32%\dllcache\atiragem.sys -> ATI Technologies Inc. [Ver = 5.1.2493.0 (Lab01_N(ericks).010612-1818) | Size = 70528 bytes | Created Date = 22/01/2008 20:56:55 | Attr = ]
atirtcap.sys -> %System32%\dllcache\atirtcap.sys -> [Ver = | Size = 49920 bytes | Created Date = 22/01/2008 20:56:55 | Attr = ]
atirtsnd.sys -> %System32%\dllcache\atirtsnd.sys -> [Ver = | Size = 26880 bytes | Created Date = 22/01/2008 20:56:55 | Attr = ]
atitunep.sys -> %System32%\dllcache\atitunep.sys -> [Ver = | Size = 17152 bytes | Created Date = 22/01/2008 20:56:56 | Attr = ]
atitvsnd.sys -> %System32%\dllcache\atitvsnd.sys -> [Ver = | Size = 17152 bytes | Created Date = 22/01/2008 20:56:56 | Attr = ]
ativmdcd.sys -> %System32%\dllcache\ativmdcd.sys -> [Ver = | Size = 9472 bytes | Created Date = 22/01/2008 20:56:56 | Attr = ]
ativttxx.sys -> %System32%\dllcache\ativttxx.sys -> [Ver = | Size = 19456 bytes | Created Date = 22/01/2008 20:56:56 | Attr = ]
ativxbar.sys -> %System32%\dllcache\ativxbar.sys -> [Ver = | Size = 26624 bytes | Created Date = 22/01/2008 20:56:57 | Attr = ]
atixbar.sys -> %System32%\dllcache\atixbar.sys -> [Ver = | Size = 23552 bytes | Created Date = 22/01/2008 20:56:57 | Attr = ]
avmcoxp.dll -> %System32%\dllcache\avmcoxp.dll -> AVM GmbH [Ver = 2.4 | Size = 87552 bytes | Created Date = 22/01/2008 20:57:02 | Attr = ]
avmenum.dll -> %System32%\dllcache\avmenum.dll -> AVM GmbH [Ver = 1, 0, 0, 3 | Size = 144384 bytes | Created Date = 22/01/2008 20:57:03 | Attr = ]
avmwan.sys -> %System32%\dllcache\avmwan.sys -> AVM GmbH [Ver = 02.04.00 | Size = 37568 bytes | Created Date = 22/01/2008 20:57:03 | Attr = ]
aztw2320.sys -> %System32%\dllcache\aztw2320.sys -> Aztech Systems Ltd [Ver = 5.1.2501.0 built by: WinDDK | Size = 36992 bytes | Created Date = 22/01/2008 20:57:03 | Attr = ]
b1cbase.sys -> %System32%\dllcache\b1cbase.sys -> AVM GmbH [Ver = 5.2 | Size = 89952 bytes | Created Date = 22/01/2008 20:57:04 | Attr = ]
b57xp32.sys -> %System32%\dllcache\b57xp32.sys -> Broadcom Corporation [Ver = 2.16b.0.0 built by: WinDDK | Size = 96640 bytes | Created Date = 22/01/2008 20:57:04 | Attr = ]
banshee.dll -> %System32%\dllcache\banshee.dll -> 3Dfx Interactive, Inc. [Ver = 5.00.2462.60 | Size = 342336 bytes | Created Date = 22/01/2008 20:57:04 | Attr = ]
banshee.sys -> %System32%\dllcache\banshee.sys -> 3Dfx Interactive, Inc. [Ver = 5.00.2462.60 | Size = 36128 bytes | Created Date = 22/01/2008 20:57:05 | Attr = ]
bcm42u.sys -> %System32%\dllcache\bcm42u.sys -> Broadcom Corporation [Ver = 2.29.0.8 | Size = 66557 bytes | Created Date = 22/01/2008 20:57:06 | Attr = ]
bcm42xx5.sys -> %System32%\dllcache\bcm42xx5.sys -> Broadcom Corporation [Ver = 2.31.0.2 | Size = 54271 bytes | Created Date = 22/01/2008 20:57:06 | Attr = ]
bcm4e5.sys -> %System32%\dllcache\bcm4e5.sys -> Broadcom Corporation [Ver = 2.31.0.2 | Size = 26568 bytes | Created Date = 22/01/2008 20:57:06 | Attr = ]
bcmdm.sys -> %System32%\dllcache\bcmdm.sys -> BCM [Ver = 3.2.12.9 07/17/2001 14:21:30 | Size = 871388 bytes | Created Date = 22/01/2008 20:57:07 | Attr = ]
brbidiif.dll -> %System32%\dllcache\brbidiif.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 19456 bytes | Created Date = 22/01/2008 20:57:09 | Attr = ]
brcoinst.dll -> %System32%\dllcache\brcoinst.dll -> Brother Industries Ltd. [Ver = 1.0.0.8 (Lab06_N.010129-0357) | Size = 9728 bytes | Created Date = 22/01/2008 20:57:09 | Attr = ]
brevif.dll -> %System32%\dllcache\brevif.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 12800 bytes | Created Date = 22/01/2008 20:57:10 | Attr = ]
brfilt.sys -> %System32%\dllcache\brfilt.sys -> Brother Industries Ltd. [Ver = 1.0.0.0 (Lab06_N.010129-0357) | Size = 2944 bytes | Created Date = 22/01/2008 20:57:10 | Attr = ]
brfiltlo.sys -> %System32%\dllcache\brfiltlo.sys -> Brother Industries, Ltd. [Ver = 1.09.000 (Lab06_N.010129-0357) | Size = 12160 bytes | Created Date = 22/01/2008 20:57:10 | Attr = ]
brfiltup.sys -> %System32%\dllcache\brfiltup.sys -> Brother Industries, Ltd. [Ver = 1.04.000 (Lab06_N.010129-0357) | Size = 3968 bytes | Created Date = 22/01/2008 20:57:11 | Attr = ]
brmfbidi.dll -> %System32%\dllcache\brmfbidi.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 15360 bytes | Created Date = 22/01/2008 20:57:11 | Attr = ]
brmflpt.dll -> %System32%\dllcache\brmflpt.dll -> Brother Industries, Ltd. [Ver = 1.45.15.346 | Size = 29696 bytes | Created Date = 22/01/2008 20:57:12 | Attr = ]
brmfrsmg.exe -> %System32%\dllcache\brmfrsmg.exe -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 32256 bytes | Created Date = 22/01/2008 20:57:12 | Attr = ]
brmfusb.dll -> %System32%\dllcache\brmfusb.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 41472 bytes | Created Date = 22/01/2008 20:57:12 | Attr = ]
brparimg.sys -> %System32%\dllcache\brparimg.sys -> Brother Industries Ltd. [Ver = 1.0.0.0 (Lab06_N.010129-0357) | Size = 3168 bytes | Created Date = 22/01/2008 20:57:13 | Attr = ]
brparwdm.sys -> %System32%\dllcache\brparwdm.sys -> Brother Industries Ltd. [Ver = 1.00 | Size = 39552 bytes | Created Date = 22/01/2008 20:57:13 | Attr = ]
brscnrsm.dll -> %System32%\dllcache\brscnrsm.dll -> Brother Industries,Ltd. [Ver = 1.0.0.14 | Size = 5120 bytes | Created Date = 22/01/2008 20:57:14 | Attr = ]
brserif.dll -> %System32%\dllcache\brserif.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 9728 bytes | Created Date = 22/01/2008 20:57:14 | Attr = ]
brserwdm.sys -> %System32%\dllcache\brserwdm.sys -> Brother Industries Ltd. [Ver = 1.0.0.15 (Lab06_N.010129-0357) | Size = 60416 bytes | Created Date = 22/01/2008 20:57:15 | Attr = ]
brusbmdm.sys -> %System32%\dllcache\brusbmdm.sys -> Brother Industries Ltd. [Ver = 1,0,0,7 (Lab06_N.010129-0357) | Size = 11008 bytes | Created Date = 22/01/2008 20:57:15 | Attr = ]
brusbscn.sys -> %System32%\dllcache\brusbscn.sys -> Brother Industries Ltd. [Ver = 1,0,0,6 (Lab06_N.010129-0357) | Size = 10368 bytes | Created Date = 22/01/2008 20:57:15 | Attr = ]
brzwlan.sys -> %System32%\dllcache\brzwlan.sys -> BreezeCOM [Ver = 4.4.1.18 | Size = 31529 bytes | Created Date = 22/01/2008 20:57:15 | Attr = ]
cap7146.sys -> %System32%\dllcache\cap7146.sys -> Philips Semiconductors GmbH [Ver = 1.00 (XPClient.010817-1148) | Size = 54528 bytes | Created Date = 22/01/2008 20:57:41 | Attr = ]
cb102.sys -> %System32%\dllcache\cb102.sys -> Fast Ethernet Controller Provider [Ver = 2.20.0.0 | Size = 37916 bytes | Created Date = 22/01/2008 20:57:46 | Attr = ]
cb325.sys -> %System32%\dllcache\cb325.sys -> Silicom Ltd. [Ver = 4.106.24 | Size = 39680 bytes | Created Date = 22/01/2008 20:57:47 | Attr = ]
cben5.sys -> %System32%\dllcache\cben5.sys -> Xircom, Inc. [Ver = 3.14.05.00 | Size = 46108 bytes | Created Date = 22/01/2008 20:57:47 | Attr = ]
cbmdmkxx.sys -> %System32%\dllcache\cbmdmkxx.sys -> Xircom, Inc. [Ver = 1.90.7 | Size = 714698 bytes | Created Date = 22/01/2008 20:57:49 | Attr = ]
ce2n5.sys -> %System32%\dllcache\ce2n5.sys -> Xircom, Inc. [Ver = 3.06.04.00 | Size = 21530 bytes | Created Date = 22/01/2008 20:57:52 | Attr = ]
ce3n5.sys -> %System32%\dllcache\ce3n5.sys -> Xircom, Inc. [Ver = 2.11.01.00 | Size = 27164 bytes | Created Date = 22/01/2008 20:57:52 | Attr = ]
cem28n5.sys -> %System32%\dllcache\cem28n5.sys -> Xircom, Inc. [Ver = 1.22.02.00 | Size = 22044 bytes | Created Date = 22/01/2008 20:57:53 | Attr = ]
cem33n5.sys -> %System32%\dllcache\cem33n5.sys -> Xircom, Inc. [Ver = 1.22.02.00 | Size = 22044 bytes | Created Date = 22/01/2008 20:57:53 | Attr = ]
cem56n5.sys -> %System32%\dllcache\cem56n5.sys -> Xircom, Inc. [Ver = 2.70.02.00 | Size = 49182 bytes | Created Date = 22/01/2008 20:57:53 | Attr = ]
cicap.sys -> %System32%\dllcache\cicap.sys -> Xircom [Ver = 4.0.0.41 | Size = 980034 bytes | Created Date = 22/01/2008 20:57:57 | Attr = ]
cinemclc.sys -> %System32%\dllcache\cinemclc.sys -> RAVISENT Technologies Inc. [Ver = 5.0.00.0081 | Size = 272640 bytes | Created Date = 22/01/2008 20:57:58 | Attr = ]
cmbp0wdm.sys -> %System32%\dllcache\cmbp0wdm.sys -> OMNIKEY AG [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 20736 bytes | Created Date = 22/01/2008 20:58:02 | Attr = ]
cnxt1803.sys -> %System32%\dllcache\cnxt1803.sys -> Conexant Systems, Inc. [Ver = V1.15.7 | Size = 39936 bytes | Created Date = 22/01/2008 20:58:04 | Attr = ]
cpqndis5.sys -> %System32%\dllcache\cpqndis5.sys -> Compaq Computer Corporation [Ver = 3.06.04.00 | Size = 21533 bytes | Created Date = 22/01/2008 20:58:08 | Attr = ]
cpqtrnd5.sys -> %System32%\dllcache\cpqtrnd5.sys -> Compaq Computer Corp. [Ver = 5.84.02 | Size = 60970 bytes | Created Date = 22/01/2008 20:58:09 | Attr = ]
cpscan.dll -> %System32%\dllcache\cpscan.dll -> COMPAQ Inc. [Ver = 1.0.0.7 | Size = 216064 bytes | Created Date = 22/01/2008 20:58:10 | Attr = ]
crtaud.sys -> %System32%\dllcache\crtaud.sys -> Conexant Systems Inc. [Ver = 5.12.01.0326 | Size = 42112 bytes | Created Date = 22/01/2008 20:58:10 | Attr = ]
ctlfacem.sys -> %System32%\dllcache\ctlfacem.sys -> Creative Technology Ltd. [Ver = 5.12.01.2108 built by: WinDDK | Size = 6912 bytes | Created Date = 22/01/2008 20:58:12 | Attr = ]
ctljystk.sys -> %System32%\dllcache\ctljystk.sys -> Creative Technology Ltd. [Ver = 5.1.2501.0 built by: WinDDK | Size = 3712 bytes | Created Date = 22/01/2008 20:58:12 | Attr = ]
ctlsb16.sys -> %System32%\dllcache\ctlsb16.sys -> Copyright © Creative Technology Ltd. 1994-2001 [Ver = 5.1.2501.0 built by: WinDDK | Size = 96256 bytes | Created Date = 22/01/2008 20:58:13 | Attr = ]
ctmasetp.dll -> %System32%\dllcache\ctmasetp.dll -> Comtrol® Corporation [Ver = 5.1.2600.2180 | Size = 249856 bytes | Created Date = 22/01/2008 20:58:13 | Attr = ]
ctwdm32.dll -> %System32%\dllcache\ctwdm32.dll -> Creative Technology Ltd. [Ver = 5.0.0.2001 | Size = 4096 bytes | Created Date = 22/01/2008 20:58:14 | Attr = ]
cwbase.sys -> %System32%\dllcache\cwbase.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 3072 bytes | Created Date = 22/01/2008 20:58:14 | Attr = ]
cwbmidi.sys -> %System32%\dllcache\cwbmidi.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 3072 bytes | Created Date = 22/01/2008 20:58:14 | Attr = ]
cwbwdm.sys -> %System32%\dllcache\cwbwdm.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 72832 bytes | Created Date = 22/01/2008 20:58:15 | Attr = ]
cwcosnt5.sys -> %System32%\dllcache\cwcosnt5.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 3584 bytes | Created Date = 22/01/2008 20:58:15 | Attr = ]
cwcspud.sys -> %System32%\dllcache\cwcspud.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 111872 bytes | Created Date = 22/01/2008 20:58:15 | Attr = ]
cwcwdm.sys -> %System32%\dllcache\cwcwdm.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 93952 bytes | Created Date = 22/01/2008 20:58:16 | Attr = ]
cwrwdm.sys -> %System32%\dllcache\cwrwdm.sys -> Crystal Semiconductor Corp. [Ver = 5.2.3790.0 built by: WinDDK | Size = 48640 bytes | Created Date = 22/01/2008 20:58:16 | Attr = ]
c_10004.nls -> %System32%\dllcache\c_10004.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:19 | Attr = ]
c_10005.nls -> %System32%\dllcache\c_10005.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:19 | Attr = ]
c_10021.nls -> %System32%\dllcache\c_10021.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:19 | Attr = ]
c_1047.nls -> %System32%\dllcache\c_1047.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:20 | Attr = ]
c_1140.nls -> %System32%\dllcache\c_1140.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:20 | Attr = ]
c_1141.nls -> %System32%\dllcache\c_1141.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:21 | Attr = ]
c_1142.nls -> %System32%\dllcache\c_1142.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:21 | Attr = ]
c_1143.nls -> %System32%\dllcache\c_1143.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:21 | Attr = ]
c_1144.nls -> %System32%\dllcache\c_1144.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:21 | Attr = ]
c_1145.nls -> %System32%\dllcache\c_1145.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:21 | Attr = ]
c_1146.nls -> %System32%\dllcache\c_1146.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:22 | Attr = ]
c_1147.nls -> %System32%\dllcache\c_1147.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:22 | Attr = ]
c_1148.nls -> %System32%\dllcache\c_1148.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:22 | Attr = ]
c_1149.nls -> %System32%\dllcache\c_1149.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:22 | Attr = ]
c_20001.nls -> %System32%\dllcache\c_20001.nls -> [Ver = | Size = 186402 bytes | Created Date = 22/01/2008 20:57:24 | Attr = ]
c_20002.nls -> %System32%\dllcache\c_20002.nls -> [Ver = | Size = 173602 bytes | Created Date = 22/01/2008 20:57:24 | Attr = ]
c_20003.nls -> %System32%\dllcache\c_20003.nls -> [Ver = | Size = 185378 bytes | Created Date = 22/01/2008 20:57:24 | Attr = ]
c_20004.nls -> %System32%\dllcache\c_20004.nls -> [Ver = | Size = 180258 bytes | Created Date = 22/01/2008 20:57:25 | Attr = ]
c_20005.nls -> %System32%\dllcache\c_20005.nls -> [Ver = | Size = 187938 bytes | Created Date = 22/01/2008 20:57:25 | Attr = ]
c_20105.nls -> %System32%\dllcache\c_20105.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:25 | Attr = ]
c_20106.nls -> %System32%\dllcache\c_20106.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:25 | Attr = ]
c_20107.nls -> %System32%\dllcache\c_20107.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:25 | Attr = ]
c_20108.nls -> %System32%\dllcache\c_20108.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:26 | Attr = ]
c_20269.nls -> %System32%\dllcache\c_20269.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:26 | Attr = ]
c_20273.nls -> %System32%\dllcache\c_20273.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:26 | Attr = ]
c_20277.nls -> %System32%\dllcache\c_20277.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:26 | Attr = ]
c_20278.nls -> %System32%\dllcache\c_20278.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:27 | Attr = ]
c_20280.nls -> %System32%\dllcache\c_20280.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:27 | Attr = ]
c_20284.nls -> %System32%\dllcache\c_20284.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:27 | Attr = ]
c_20285.nls -> %System32%\dllcache\c_20285.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:27 | Attr = ]
c_20297.nls -> %System32%\dllcache\c_20297.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:27 | Attr = ]
c_20420.nls -> %System32%\dllcache\c_20420.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:28 | Attr = ]
c_20423.nls -> %System32%\dllcache\c_20423.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:28 | Attr = ]
c_20424.nls -> %System32%\dllcache\c_20424.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:28 | Attr = ]
c_20833.nls -> %System32%\dllcache\c_20833.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:28 | Attr = ]
c_20838.nls -> %System32%\dllcache\c_20838.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:28 | Attr = ]
c_20871.nls -> %System32%\dllcache\c_20871.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:29 | Attr = ]
c_20880.nls -> %System32%\dllcache\c_20880.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:29 | Attr = ]
c_20924.nls -> %System32%\dllcache\c_20924.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:29 | Attr = ]
c_21025.nls -> %System32%\dllcache\c_21025.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:30 | Attr = ]
c_28596.nls -> %System32%\dllcache\c_28596.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:31 | Attr = ]
c_708.nls -> %System32%\dllcache\c_708.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:31 | Attr = ]
c_720.nls -> %System32%\dllcache\c_720.nls -> [Ver = | Size = 66594 bytes | Created Date = 22/01/2008 20:57:32 | Attr = ]
c_858.nls -> %System32%\dllcache\c_858.nls -> [Ver = | Size = 66594 bytes | Created Date = 22/01/2008 20:57:32 | Attr = ]
c_862.nls -> %System32%\dllcache\c_862.nls -> [Ver = | Size = 66594 bytes | Created Date = 22/01/2008 20:57:32 | Attr = ]
c_864.nls -> %System32%\dllcache\c_864.nls -> [Ver = | Size = 66594 bytes | Created Date = 22/01/2008 20:57:32 | Attr = ]
c_870.nls -> %System32%\dllcache\c_870.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:33 | Attr = ]
d100ib5.sys -> %System32%\dllcache\d100ib5.sys -> Intel Corporation [Ver = 5.41.17.0000 built by: WinDDK | Size = 117760 bytes | Created Date = 22/01/2008 20:58:19 | Attr = ]
dc21x4.sys -> %System32%\dllcache\dc21x4.sys -> Intel Corporation. [Ver = 5.05.04 | Size = 63208 bytes | Created Date = 22/01/2008 20:58:24 | Attr = ]
defpa.sys -> %System32%\dllcache\defpa.sys -> Digital Networks, LLC [Ver = 5.5 built by: WinDDK | Size = 20928 bytes | Created Date = 22/01/2008 20:58:26 | Attr = ]
devcon32.dll -> %System32%\dllcache\devcon32.dll -> Creative Technology Ltd. [Ver = 4.06.651 | Size = 256512 bytes | Created Date = 22/01/2008 20:58:26 | Attr = ]
devldr32.exe -> %System32%\dllcache\devldr32.exe -> Creative Technology Ltd. [Ver = 1, 0, 0, 17 | Size = 24064 bytes | Created Date = 22/01/2008 20:58:27 | Attr = ]
dfe650.sys -> %System32%\dllcache\dfe650.sys -> D-Link [Ver = 5.00.2128.1 | Size = 24648 bytes | Created Date = 22/01/2008 20:58:27 | Attr = ]
dfe650d.sys -> %System32%\dllcache\dfe650d.sys -> D-Link [Ver = 5.00.2128.1 | Size = 24649 bytes | Created Date = 22/01/2008 20:58:28 | Attr = ]
dgapci.sys -> %System32%\dllcache\dgapci.sys -> Digi International Inc. [Ver = v3.7.3.0 | Size = 29531 bytes | Created Date = 22/01/2008 20:58:28 | Attr = ]
dgconfig.dll -> %System32%\dllcache\dgconfig.dll -> Digi International [Ver = v3.7.3.0 | Size = 419357 bytes | Created Date = 22/01/2008 20:58:29 | Attr = ]
diapi2.sys -> %System32%\dllcache\diapi2.sys -> Eicon Technology [Ver = 1.0.1.390 | Size = 164923 bytes | Created Date = 22/01/2008 20:57:42 | Attr = ]
diapi2NT.dll -> %System32%\dllcache\diapi2NT.dll -> Eicon Technology Corporation [Ver = 2.10 101-390 | Size = 32256 bytes | Created Date = 22/01/2008 20:57:43 | Attr = ]
digiasyn.dll -> %System32%\dllcache\digiasyn.dll -> Digi International Inc. [Ver = 3.10 | Size = 65622 bytes | Created Date = 22/01/2008 20:58:30 | Attr = ]
digiasyn.sys -> %System32%\dllcache\digiasyn.sys -> Digi International Inc. [Ver = 3.10 | Size = 37735 bytes | Created Date = 22/01/2008 20:58:30 | Attr = ]
digidbp.dll -> %System32%\dllcache\digidbp.dll -> Digi International Inc. [Ver = 3.10 | Size = 131156 bytes | Created Date = 22/01/2008 20:58:31 | Attr = ]
digidxb.sys -> %System32%\dllcache\digidxb.sys -> Digi International Inc. [Ver = 3.10 | Size = 103044 bytes | Created Date = 22/01/2008 20:58:31 | Attr = ]
digifep5.sys -> %System32%\dllcache\digifep5.sys -> Digi International Inc. [Ver = v3.7.3.0 | Size = 90525 bytes | Created Date = 22/01/2008 20:58:31 | Attr = ]
digifwrk.dll -> %System32%\dllcache\digifwrk.dll -> Digi International Inc. [Ver = 3.10 | Size = 229462 bytes | Created Date = 22/01/2008 20:58:31 | Attr = ]
digihlc.dll -> %System32%\dllcache\digihlc.dll -> Digi International Inc. [Ver = 3.10 | Size = 159828 bytes | Created Date = 22/01/2008 20:58:32 | Attr = ]
digiinf.dll -> %System32%\dllcache\digiinf.dll -> Digi International Inc. [Ver = 3.10 | Size = 102484 bytes | Created Date = 22/01/2008 20:58:32 | Attr = ]
digiisdn.dll -> %System32%\dllcache\digiisdn.dll -> Digi International Inc. [Ver = 3.10 | Size = 41046 bytes | Created Date = 22/01/2008 20:58:32 | Attr = ]
digiisdn.sys -> %System32%\dllcache\digiisdn.sys -> Digi International Inc. [Ver = 3.10 | Size = 21606 bytes | Created Date = 22/01/2008 20:58:33 | Attr = ]
digirlpt.dll -> %System32%\dllcache\digirlpt.dll -> Digi International, Inc. [Ver = 2.3.7 | Size = 110621 bytes | Created Date = 22/01/2008 20:58:33 | Attr = ]
digirlpt.sys -> %System32%\dllcache\digirlpt.sys -> Digi International, Inc. [Ver = 2.3.7 | Size = 42432 bytes | Created Date = 22/01/2008 20:58:33 | Attr = ]
digiview.exe -> %System32%\dllcache\digiview.exe -> Digi International Inc. [Ver = 3.10 | Size = 614429 bytes | Created Date = 22/01/2008 20:58:34 | Attr = ]
dimaint.sys -> %System32%\dllcache\dimaint.sys -> Eicon Technology [Ver = 2.0.1.315 | Size = 91305 bytes | Created Date = 22/01/2008 20:58:34 | Attr = ]
disrvci.dll -> %System32%\dllcache\disrvci.dll -> Eicon Technology [Ver = 2.0.1.73 | Size = 6729 bytes | Created Date = 22/01/2008 20:58:36 | Attr = ]
disrvpp.dll -> %System32%\dllcache\disrvpp.dll -> Eicon Technology [Ver = 2.0.1.73 | Size = 31305 bytes | Created Date = 22/01/2008 20:58:36 | Attr = ]
disrvsu.dll -> %System32%\dllcache\disrvsu.dll -> Eicon Technology [Ver = 2.0.1.73 | Size = 38985 bytes | Created Date = 22/01/2008 20:58:36 | Attr = ]
ditrace.exe -> %System32%\dllcache\ditrace.exe -> Eicon Technology [Ver = 2.0.1.315 | Size = 236060 bytes | Created Date = 22/01/2008 20:58:37 | Attr = ]
divaci.dll -> %System32%\dllcache\divaci.dll -> [Ver = | Size = 6216 bytes | Created Date = 22/01/2008 20:58:37 | Attr = ]
divaprop.dll -> %System32%\dllcache\divaprop.dll -> [Ver = | Size = 37962 bytes | Created Date = 22/01/2008 20:58:38 | Attr = ]
divasu.dll -> %System32%\dllcache\divasu.dll -> [Ver = | Size = 29768 bytes | Created Date = 22/01/2008 20:58:38 | Attr = ]
diwan.sys -> %System32%\dllcache\diwan.sys -> Eicon Technology [Ver = 2.0.1.700 | Size = 952007 bytes | Created Date = 22/01/2008 20:58:38 | Attr = ]
dlh5xnd5.sys -> %System32%\dllcache\dlh5xnd5.sys -> D-Link Corporation [Ver = v2.5.4 | Size = 26698 bytes | Created Date = 22/01/2008 20:58:38 | Attr = ]
dm9pci5.sys -> %System32%\dllcache\dm9pci5.sys -> CNet Technology, Inc. [Ver = 1.23.01.0228 built by: WinDDK | Size = 29696 bytes | Created Date = 22/01/2008 20:58:39 | Attr = ]
dp83820.sys -> %System32%\dllcache\dp83820.sys -> National Semiconductor Coproration [Ver = 5.0.4.17 | Size = 28062 bytes | Created Date = 22/01/2008 20:58:44 | Attr = ]
ds1wdm.sys -> %System32%\dllcache\ds1wdm.sys -> Yamaha Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 334208 bytes | Created Date = 22/01/2008 20:58:47 | Attr = ]
e1000nt5.sys -> %System32%\dllcache\e1000nt5.sys -> Intel Corporation [Ver = 2.94.294.0 | Size = 50719 bytes | Created Date = 22/01/2008 20:58:52 | Attr = ]
e100b325.sys -> %System32%\dllcache\e100b325.sys -> Intel Corporation [Ver = 5.41.22.0000 built by: WinDDK | Size = 117760 bytes | Created Date = 22/01/2008 20:58:52 | Attr = ]
e100isa4.sys -> %System32%\dllcache\e100isa4.sys -> Intel Corporation [Ver = 5.0.5.0 | Size = 19594 bytes | Created Date = 22/01/2008 20:58:52 | Attr = ]
el515.sys -> %System32%\dllcache\el515.sys -> 3Com Corporation [Ver = 1.08.03 | Size = 44103 bytes | Created Date = 22/01/2008 20:58:53 | Attr = ]
el556nd5.sys -> %System32%\dllcache\el556nd5.sys -> 3Com Corporation [Ver = 1.21.00.001 | Size = 55999 bytes | Created Date = 22/01/2008 20:58:54 | Attr = ]
el574nd4.sys -> %System32%\dllcache\el574nd4.sys -> 3Com Corporation [Ver = 2.00.03.4001 | Size = 24653 bytes | Created Date = 22/01/2008 20:58:54 | Attr = ]
el575nd5.sys -> %System32%\dllcache\el575nd5.sys -> 3Com Corporation [Ver = 2.60.5000.0020 | Size = 69692 bytes | Created Date = 22/01/2008 20:58:54 | Attr = ]
el589nd5.sys -> %System32%\dllcache\el589nd5.sys -> 3Com Corporation [Ver = 2.50.50.0033 | Size = 26141 bytes | Created Date = 22/01/2008 20:58:55 | Attr = ]
el656cd5.sys -> %System32%\dllcache\el656cd5.sys -> 3Com Corporation [Ver = 3.00.5000.0004 | Size = 69194 bytes | Created Date = 22/01/2008 20:58:55 | Attr = ]
el656ct5.sys -> %System32%\dllcache\el656ct5.sys -> 3Com Corporation [Ver = 1.00.4002.0070 | Size = 634134 bytes | Created Date = 22/01/2008 20:58:56 | Attr = ]
el656nd5.sys -> %System32%\dllcache\el656nd5.sys -> 3Com Corporation [Ver = 1.50.5000.0007 | Size = 77386 bytes | Created Date = 22/01/2008 20:58:56 | Attr = ]
el656se5.sys -> %System32%\dllcache\el656se5.sys -> 3Com Corporation [Ver = 1.00.4002.0070 | Size = 241206 bytes | Created Date = 22/01/2008 20:58:57 | Attr = ]
el90xbc5.sys -> %System32%\dllcache\el90xbc5.sys -> 3Com Corporation [Ver = 4.05.00.0000 | Size = 66591 bytes | Created Date = 22/01/2008 20:58:58 | Attr = ]
el90xnd5.sys -> %System32%\dllcache\el90xnd5.sys -> 3Com Corporation [Ver = 3.60.50.008 | Size = 153631 bytes | Created Date = 22/01/2008 20:58:58 | Attr = ]
el985n51.sys -> %System32%\dllcache\el985n51.sys -> 3Com Corporation. [Ver = 1.17.34.4 | Size = 455199 bytes | Created Date = 22/01/2008 20:58:58 | Attr = ]
el98xn5.sys -> %System32%\dllcache\el98xn5.sys -> 3Com Corporation [Ver = 4.0.0.13 | Size = 70174 bytes | Created Date = 22/01/2008 20:58:59 | Attr = ]
el99xn51.sys -> %System32%\dllcache\el99xn51.sys -> 3Com Corporation [Ver = 2.00.00.0030 built by: WinDDK | Size = 171520 bytes | Created Date = 22/01/2008 20:58:59 | Attr = ]
elnk3.sys -> %System32%\dllcache\elnk3.sys -> 3Com Corporation [Ver = 5.32.40 | Size = 25159 bytes | Created Date = 22/01/2008 20:59:00 | Attr = ]
em556n4.sys -> %System32%\dllcache\em556n4.sys -> 3Com Corporation [Ver = 1.10.02 | Size = 19996 bytes | Created Date = 22/01/2008 20:59:00 | Attr = ]
emu10k1m.sys -> %System32%\dllcache\emu10k1m.sys -> Creative Technology Ltd. [Ver = 5.12.01.3300 built by: WinDDK | Size = 283904 bytes | Created Date = 22/01/2008 20:59:03 | Attr = ]
epro4.sys -> %System32%\dllcache\epro4.sys -> Intel Corporation [Ver = 3.70.00.0000 | Size = 18503 bytes | Created Date = 22/01/2008 20:59:04 | Attr = ]
eqn.sys -> %System32%\dllcache\eqn.sys -> Equinox Systems Inc. [Ver = 5.0.U72 Intel built by: WinDDK | Size = 629952 bytes | Created Date = 22/01/2008 20:59:04 | Attr = ]
eqndiag.exe -> %System32%\dllcache\eqndiag.exe -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 53248 bytes | Created Date = 22/01/2008 20:59:05 | Attr = ]
eqnlogr.exe -> %System32%\dllcache\eqnlogr.exe -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 51200 bytes | Created Date = 22/01/2008 20:59:05 | Attr = ]
eqnloop.exe -> %System32%\dllcache\eqnloop.exe -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 61952 bytes | Created Date = 22/01/2008 20:59:06 | Attr = ]
es1370mp.sys -> %System32%\dllcache\es1370mp.sys -> Creative Technology Ltd. [Ver = 5.1.2501.0 built by: WinDDK | Size = 37120 bytes | Created Date = 22/01/2008 20:59:06 | Attr = ]
es1371mp.sys -> %System32%\dllcache\es1371mp.sys -> Creative Technology Ltd. [Ver = 5.1.2501.0 built by: WinDDK | Size = 40704 bytes | Created Date = 22/01/2008 20:59:06 | Attr = ]
es1969.sys -> %System32%\dllcache\es1969.sys -> ESS Technology Inc. [Ver = 5.1.2501.0 built by: WinDDK | Size = 72192 bytes | Created Date = 22/01/2008 20:59:07 | Attr = ]
es198x.sys -> %System32%\dllcache\es198x.sys -> ESS Technology, Inc. [Ver = 5.1.2526.0 built by: WinDDK | Size = 174464 bytes | Created Date = 22/01/2008 20:59:07 | Attr = ]
es56cvmp.sys -> %System32%\dllcache\es56cvmp.sys -> ESS Technology, Inc. [Ver = V4.43.049 | Size = 595647 bytes | Created Date = 22/01/2008 20:59:07 | Attr = ]
es56hpi.sys -> %System32%\dllcache\es56hpi.sys -> ESS Technology, Inc. [Ver = V4.43.049 | Size = 594238 bytes | Created Date = 22/01/2008 20:59:08 | Attr = ]
es56tpi.sys -> %System32%\dllcache\es56tpi.sys -> ESS Technology, Inc. [Ver = V4.43.049 | Size = 347550 bytes | Created Date = 22/01/2008 20:59:08 | Attr = ]
ess.sys -> %System32%\dllcache\ess.sys -> ESS Technology, Inc. [Ver = 5.1.2501.0 built by: WinDDK | Size = 63360 bytes | Created Date = 22/01/2008 20:59:09 | Attr = ]
essm2e.sys -> %System32%\dllcache\essm2e.sys -> ESS Technology, Inc. [Ver = 5.1.3612.0 built by: WinDDK | Size = 137088 bytes | Created Date = 22/01/2008 20:59:09 | Attr = ]
esucm.dll -> %System32%\dllcache\esucm.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 43008 bytes | Created Date = 22/01/2008 20:59:10 | Attr = ]
esucmd.dll -> %System32%\dllcache\esucmd.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 31744 bytes | Created Date = 22/01/2008 20:59:10 | Attr = ]
esuimg.dll -> %System32%\dllcache\esuimg.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 34816 bytes | Created Date = 22/01/2008 20:59:11 | Attr = ]
esuimgd.dll -> %System32%\dllcache\esuimgd.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 57856 bytes | Created Date = 22/01/2008 20:59:11 | Attr = ]
esuni.dll -> %System32%\dllcache\esuni.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 45568 bytes | Created Date = 22/01/2008 20:59:11 | Attr = ]
esunib.dll -> %System32%\dllcache\esunib.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 45568 bytes | Created Date = 22/01/2008 20:59:11 | Attr = ]
esunid.dll -> %System32%\dllcache\esunid.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 45056 bytes | Created Date = 22/01/2008 20:59:12 | Attr = ]
ex10.sys -> %System32%\dllcache\ex10.sys -> Intel Corporation [Ver = 1.51.00.0000 | Size = 16998 bytes | Created Date = 22/01/2008 20:59:14 | Attr = ]
f3ab18xi.sys -> %System32%\dllcache\f3ab18xi.sys -> FUJITSU LIMITED [Ver = 3,00,10,0022 | Size = 12362 bytes | Created Date = 22/01/2008 20:59:16 | Attr = ]
f3ab18xj.sys -> %System32%\dllcache\f3ab18xj.sys -> FUJITSU LIMITED [Ver = 3,00,10,0022 | Size = 11850 bytes | Created Date = 22/01/2008 20:59:16 | Attr = ]
fa312nd5.sys -> %System32%\dllcache\fa312nd5.sys -> NETGEAR Corp. [Ver = 5.00.119.0 | Size = 16074 bytes | Created Date = 22/01/2008 20:59:16 | Attr = ]
fa410nd5.sys -> %System32%\dllcache\fa410nd5.sys -> NETGEAR [Ver = 5.00.2128.1 | Size = 24618 bytes | Created Date = 22/01/2008 20:59:16 | Attr = ]
fem556n5.sys -> %System32%\dllcache\fem556n5.sys -> 3Com Corporation [Ver = 1.01.08.6001 | Size = 22090 bytes | Created Date = 22/01/2008 20:59:18 | Attr = ]
fetnd5.sys -> %System32%\dllcache\fetnd5.sys -> VIA Technologies, Inc. [Ver = 2.66 | Size = 27165 bytes | Created Date = 22/01/2008 20:59:19 | Attr = ]
forehe.sys -> %System32%\dllcache\forehe.sys -> Marconi Communications, Inc. [Ver = 5.0.12.6327 | Size = 34173 bytes | Created Date = 22/01/2008 20:59:23 | Attr = ]
fpcibase.sys -> %System32%\dllcache\fpcibase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 444416 bytes | Created Date = 22/01/2008 20:59:25 | Attr = ]
fpcmbase.sys -> %System32%\dllcache\fpcmbase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 441728 bytes | Created Date = 22/01/2008 20:59:25 | Attr = ]
fpnpbase.sys -> %System32%\dllcache\fpnpbase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 442240 bytes | Created Date = 22/01/2008 20:59:26 | Attr = ]
fus2base.sys -> %System32%\dllcache\fus2base.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 455680 bytes | Created Date = 22/01/2008 20:59:27 | Attr = ]
fusbbase.sys -> %System32%\dllcache\fusbbase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 455296 bytes | Created Date = 22/01/2008 20:59:28 | Attr = ]
fxusbase.sys -> %System32%\dllcache\fxusbase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 454912 bytes | Created Date = 22/01/2008 20:59:37 | Attr = ]
g200d.dll -> %System32%\dllcache\g200d.dll -> Matrox Graphics Inc. [Ver = 5.12.01.1200 (ReleasedBinaries.010308-1115) | Size = 470144 bytes | Created Date = 22/01/2008 20:59:37 | Attr = ]
g200m.sys -> %System32%\dllcache\g200m.sys -> Matrox Graphics Inc. [Ver = 5.12.01.1200 (ReleasedBinaries.010308-1115) | Size = 320384 bytes | Created Date = 22/01/2008 20:59:37 | Attr = ]
g400d.dll -> %System32%\dllcache\g400d.dll -> Matrox Graphics Inc. [Ver = 5.12.01.1200 (ReleasedBinaries.010308-1115) | Size = 1733120 bytes | Created Date = 22/01/2008 20:59:38 | Attr = ]
g400m.sys -> %System32%\dllcache\g400m.sys -> Matrox Graphics Inc. [Ver = 5.12.01.1200 (ReleasedBinaries.010308-1115) | Size = 322432 bytes | Created Date = 22/01/2008 20:59:38 | Attr = ]
gpr400.sys -> %System32%\dllcache\gpr400.sys -> Gemplus [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 17408 bytes | Created Date = 22/01/2008 20:59:41 | Attr = ]
grclass.sys -> %System32%\dllcache\grclass.sys -> Gemplus [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 82304 bytes | Created Date = 22/01/2008 20:59:41 | Attr = ]
grserial.sys -> %System32%\dllcache\grserial.sys -> Gemplus [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 28288 bytes | Created Date = 22/01/2008 20:59:42 | Attr = ]
hcf_msft.sys -> %System32%\dllcache\hcf_msft.sys -> Conexant [Ver = 2.1.2.171.021.003 | Size = 907456 bytes | Created Date = 22/01/2008 20:59:43 | Attr = ]
hpgt21.dll -> %System32%\dllcache\hpgt21.dll -> [Ver = 1, 0, 0, 1 | Size = 83968 bytes | Created Date = 22/01/2008 20:59:48 | Attr = ]
hpgt33.dll -> %System32%\dllcache\hpgt33.dll -> [Ver = 1, 0, 0, 1 | Size = 89088 bytes | Created Date = 22/01/2008 20:59:49 | Attr = ]
hpgt34.dll -> %System32%\dllcache\hpgt34.dll -> [Ver = 1, 0, 0, 1 | Size = 101376 bytes | Created Date = 22/01/2008 20:59:50 | Attr = ]
hpgt34tk.dll -> %System32%\dllcache\hpgt34tk.dll -> Hewlett Packard [Ver = 4.11.2000.0 | Size = 126976 bytes | Created Date = 22/01/2008 20:59:50 | Attr = ]
hpgt42.dll -> %System32%\dllcache\hpgt42.dll -> [Ver = 1, 0, 0, 1 | Size = 93696 bytes | Created Date = 22/01/2008 20:59:50 | Attr = ]
hpgt53.dll -> %System32%\dllcache\hpgt53.dll -> [Ver = 1, 0, 0, 1 | Size = 165888 bytes | Created Date = 22/01/2008 20:59:51 | Attr = ]
hpgt53tk.dll -> %System32%\dllcache\hpgt53tk.dll -> Avisioin [Ver = 1,0,7,0210 | Size = 68608 bytes | Created Date = 22/01/2008 20:59:51 | Attr = ]
hsf_amos.sys -> %System32%\dllcache\hsf_amos.sys -> Conexant [Ver = 3.05.12.04 | Size = 150239 bytes | Created Date = 22/01/2008 20:59:53 | Attr = ]
hsf_bsc2.sys -> %System32%\dllcache\hsf_bsc2.sys -> Conexant [Ver = 3.05.12.04 | Size = 67167 bytes | Created Date = 22/01/2008 20:59:53 | Attr = ]
hsf_fall.sys -> %System32%\dllcache\hsf_fall.sys -> Conexant [Ver = 3.05.12.04 | Size = 289887 bytes | Created Date = 22/01/2008 20:59:54 | Attr = ]
hsf_faxx.sys -> %System32%\dllcache\hsf_faxx.sys -> Conexant [Ver = 3.05.12.04 | Size = 199711 bytes | Created Date = 22/01/2008 20:59:54 | Attr = ]
hsf_fsks.sys -> %System32%\dllcache\hsf_fsks.sys -> Conexant [Ver = 3.05.12.04 | Size = 115807 bytes | Created Date = 22/01/2008 20:59:54 | Attr = ]
hsf_inst.dll -> %System32%\dllcache\hsf_inst.dll -> Conexant [Ver = 3.05.12.04 | Size = 9759 bytes | Created Date = 22/01/2008 20:59:54 | Attr = ]
hsf_k56k.sys -> %System32%\dllcache\hsf_k56k.sys -> Conexant [Ver = 3.05.12.04 | Size = 391199 bytes | Created Date = 22/01/2008 20:59:55 | Attr = ]
hsf_msft.sys -> %System32%\dllcache\hsf_msft.sys -> Conexant [Ver = 3.05.12.06 | Size = 542879 bytes | Created Date = 22/01/2008 20:59:55 | Attr = ]
hsf_samp.sys -> %System32%\dllcache\hsf_samp.sys -> Conexant [Ver = 3.05.12.05 | Size = 57471 bytes | Created Date = 22/01/2008 20:59:55 | Attr = ]
hsf_soar.sys -> %System32%\dllcache\hsf_soar.sys -> Conexant [Ver = 3.05.12.05 | Size = 44863 bytes | Created Date = 22/01/2008 20:59:56 | Attr = ]
hsf_spkp.sys -> %System32%\dllcache\hsf_spkp.sys -> Conexant [Ver = 3.05.12.04 | Size = 73279 bytes | Created Date = 22/01/2008 20:59:56 | Attr = ]
hsf_tone.sys -> %System32%\dllcache\hsf_tone.sys -> Conexant [Ver = 3.05.12.04 | Size = 50751 bytes | Created Date = 22/01/2008 20:59:56 | Attr = ]
hsf_v124.sys -> %System32%\dllcache\hsf_v124.sys -> Conexant [Ver = 3.05.12.04 | Size = 488383 bytes | Created Date = 22/01/2008 20:59:56 | Attr = ]
i740dnt5.dll -> %System32%\dllcache\i740dnt5.dll -> Intel Corporation [Ver = 5.0.01.0604.0920 | Size = 353184 bytes | Created Date = 22/01/2008 21:00:19 | Attr = ]
i740nt5.sys -> %System32%\dllcache\i740nt5.sys -> Intel Corporation [Ver = 5.0.01.0604.0920 | Size = 58592 bytes | Created Date = 22/01/2008 21:00:20 | Attr = ]
i81xdnt5.dll -> %System32%\dllcache\i81xdnt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 702845 bytes | Created Date = 22/01/2008 21:00:21 | Attr = ]
i81xnt5.sys -> %System32%\dllcache\i81xnt5.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 161020 bytes | Created Date = 22/01/2008 21:00:23 | Attr = ]
ibmexmp.sys -> %System32%\dllcache\ibmexmp.sys -> IBM Corp. [Ver = 3.14.00.0000 | Size = 28700 bytes | Created Date = 22/01/2008 21:00:25 | Attr = ]
ibmsgnet.dll -> %System32%\dllcache\ibmsgnet.dll -> IBM Corporation [Ver = 1.00.00.0000 | Size = 9216 bytes | Created Date = 22/01/2008 21:00:28 | Attr = ]
ibmtok.sys -> %System32%\dllcache\ibmtok.sys -> IBM Corporation [Ver = 12.23.04.0050 | Size = 100936 bytes | Created Date = 22/01/2008 21:00:28 | Attr = ]
ibmtrp.sys -> %System32%\dllcache\ibmtrp.sys -> IBM Corporation [Ver = 5.33.02.0050 | Size = 109085 bytes | Created Date = 22/01/2008 21:00:29 | Attr = ]
iconf32.dll -> %System32%\dllcache\iconf32.dll -> Xircom [Ver = 1.1.0.11 | Size = 372824 bytes | Created Date = 22/01/2008 21:00:34 | Attr = ]
io8.sys -> %System32%\dllcache\io8.sys -> Perle Systems Ltd. [Ver = 1.0.1.0022 (XPClient.010817-1148) | Size = 38784 bytes | Created Date = 22/01/2008 21:01:16 | Attr = ]
io8ports.dll -> %System32%\dllcache\io8ports.dll -> Perle Systems Ltd. [Ver = 1.0.0.0008 | Size = 90200 bytes | Created Date = 22/01/2008 21:01:16 | Attr = ]
ip5515.sys -> %System32%\dllcache\ip5515.sys -> Interphase ® Corporation a Windows ® 2000 DDK Driver Provider [Ver = 5.1.2257.1 built by: Administrator | Size = 45632 bytes | Created Date = 22/01/2008 21:01:17 | Attr = ]
irmk7.sys -> %System32%\dllcache\irmk7.sys -> MKNet Corporation [Ver = 4.1.0 | Size = 23552 bytes | Created Date = 22/01/2008 21:01:25 | Attr = ]
irstusb.sys -> %System32%\dllcache\irstusb.sys -> SigmaTel, Inc. [Ver = 1, 20, 0, 0 | Size = 26624 bytes | Created Date = 22/01/2008 21:01:27 | Attr = ]
ktc111.sys -> %System32%\dllcache\ktc111.sys -> Kingston Technology Company [Ver = 2.00 | Size = 19016 bytes | Created Date = 22/01/2008 21:01:50 | Attr = ]
lanepic5.sys -> %System32%\dllcache\lanepic5.sys -> SMSC [Ver = 3.40.0000.0000 | Size = 26442 bytes | Created Date = 22/01/2008 21:01:51 | Attr = ]
lbrtfdc.sys -> %System32%\dllcache\lbrtfdc.sys -> Toshiba Corp. [Ver = Version 5.10.3 (xpsp_sp2_rtm.040803-2158) | Size = 34688 bytes | Created Date = 22/01/2008 21:01:51 | Attr = ]
lit220p.sys -> %System32%\dllcache\lit220p.sys -> Litronic Industries [Ver = 1 | Size = 15744 bytes | Created Date = 22/01/2008 21:01:53 | Attr = ]
lmndis3.sys -> %System32%\dllcache\lmndis3.sys -> D-Link [Ver = 5.00.2128.1 | Size = 25065 bytes | Created Date = 22/01/2008 21:01:54 | Attr = ]
lne100.sys -> %System32%\dllcache\lne100.sys -> The Linksts Group [Ver = 2.00 | Size = 20573 bytes | Created Date = 22/01/2008 21:01:55 | Attr = ]
lne100tx.sys -> %System32%\dllcache\lne100tx.sys -> Linksys Group, Inc. [Ver = 4.55 | Size = 70730 bytes | Created Date = 22/01/2008 21:01:55 | Attr = ]
ltck000c.sys -> %System32%\dllcache\ltck000c.sys -> Xircom, Inc. [Ver = 1.98.2 | Size = 727786 bytes | Created Date = 22/01/2008 21:01:58 | Attr = ]
ltmdmnt.sys -> %System32%\dllcache\ltmdmnt.sys -> LT [Ver = 8.28 | Size = 606684 bytes | Created Date = 22/01/2008 21:01:59 | Attr = ]
ltmdmntl.sys -> %System32%\dllcache\ltmdmntl.sys -> LT [Ver = 3.01.3 | Size = 576746 bytes | Created Date = 22/01/2008 21:01:59 | Attr = ]
ltmdmntt.sys -> %System32%\dllcache\ltmdmntt.sys -> LT [Ver = 6.08 | Size = 420992 bytes | Created Date = 22/01/2008 21:02:00 | Attr = ]
ltsm.sys -> %System32%\dllcache\ltsm.sys -> Lucent Technologies [Ver = 3.1.92.1 3.1.92.1 07/18/2001 12:51:10 | Size = 802683 bytes | Created Date = 22/01/2008 21:02:01 | Attr = ]
ltsmt.sys -> %System32%\dllcache\ltsmt.sys -> LT [Ver = 3.1.92.1 07/18/2001 13:02:42 | Size = 797500 bytes | Created Date = 22/01/2008 21:02:02 | Attr = ]
lwadihid.sys -> %System32%\dllcache\lwadihid.sys -> Logitech Inc. [Ver = 5.1.420.093 | Size = 20864 bytes | Created Date = 22/01/2008 21:02:04 | Attr = ]
lwusbhid.sys -> %System32%\dllcache\lwusbhid.sys -> Logitech Inc. [Ver = 5.1.410.190 | Size = 22848 bytes | Created Date = 22/01/2008 21:02:04 | Attr = ]
maestro.sys -> %System32%\dllcache\maestro.sys -> ESS Technology, Inc. [Ver = 5.1.2501.0 built by: WinDDK | Size = 48768 bytes | Created Date = 22/01/2008 21:02:06 | Attr = ]
mdgndis5.sys -> %System32%\dllcache\mdgndis5.sys -> Madge Networks Ltd [Ver = 6.06 | Size = 164586 bytes | Created Date = 22/01/2008 21:02:08 | Attr = ]
memstpci.sys -> %System32%\dllcache\memstpci.sys -> Sony Corporation [Ver = 1.00.1120.0 (xpsp_sp2_rtm.040803-2158) | Size = 26112 bytes | Created Date = 22/01/2008 21:02:09 | Attr = ]
mgaud.dll -> %System32%\dllcache\mgaud.dll -> Matrox Graphics Inc. [Ver = 5.00.2475.1200 (ReleasedBinaries.010308-1115) | Size = 235648 bytes | Created Date = 22/01/2008 21:02:11 | Attr = ]
mgaum.sys -> %System32%\dllcache\mgaum.sys -> Matrox Graphics Inc. [Ver = 5.00.2475.1200 (ReleasedBinaries.010308-1115) | Size = 320384 bytes | Created Date = 22/01/2008 21:02:11 | Attr = ]
mtxvideo.sys -> %System32%\dllcache\mtxvideo.sys -> Matrox Graphics Inc [Ver = 1.00.25 | Size = 103296 bytes | Created Date = 22/01/2008 21:02:49 | Attr = ]
mxcard.sys -> %System32%\dllcache\mxcard.sys -> Moxa Technologies Co., Ltd. [Ver = 1.1 (XPClient.010817-1148) | Size = 21888 bytes | Created Date = 22/01/2008 21:02:50 | Attr = ]
mxicfg.dll -> %System32%\dllcache\mxicfg.dll -> Moxa Technologies Co., Ltd [Ver = 1.1 | Size = 19968 bytes | Created Date = 22/01/2008 21:02:51 | Attr = ]
mxnic.sys -> %System32%\dllcache\mxnic.sys -> Macronix International Co., Ltd. [Ver = 2.12 (XPClient.010817-1148) | Size = 19968 bytes | Created Date = 22/01/2008 21:02:51 | Attr = ]
mxport.dll -> %System32%\dllcache\mxport.dll -> Moxa Technologies Co., Ltd [Ver = 1.1 | Size = 7168 bytes | Created Date = 22/01/2008 21:02:51 | Attr = ]
mxport.sys -> %System32%\dllcache\mxport.sys -> Moxa Technologies Co., Ltd. [Ver = 1.1 (XPClient.010817-1148) | Size = 75520 bytes | Created Date = 22/01/2008 21:02:52 | Attr = ]
n1000nt5.sys -> %System32%\dllcache\n1000nt5.sys -> Compaq Computer Corporation [Ver = 2.94.294.0 | Size = 52255 bytes | Created Date = 22/01/2008 21:02:52 | Attr = ]
n100325.sys -> %System32%\dllcache\n100325.sys -> Compaq Computer Corporation [Ver = 5.41.22.0000 built by: WinDDK | Size = 128000 bytes | Created Date = 22/01/2008 21:02:53 | Attr = ]
n9i128.dll -> %System32%\dllcache\n9i128.dll -> Number Nine Visual Technology Corp. [Ver = 5.01.101.03 | Size = 35392 bytes | Created Date = 22/01/2008 21:02:53 | Attr = ]
n9i128.sys -> %System32%\dllcache\n9i128.sys -> Number Nine Visual Technology Corp. [Ver = 5.01.101.03 | Size = 13664 bytes | Created Date = 22/01/2008 21:02:54 | Attr = ]
n9i128v2.dll -> %System32%\dllcache\n9i128v2.dll -> Number Nine Visual Technology Corp. [Ver = 5.01.102.35 | Size = 59104 bytes | Created Date = 22/01/2008 21:02:54 | Attr = ]
n9i128v2.sys -> %System32%\dllcache\n9i128v2.sys -> Number Nine Visual Technology Corp. [Ver = 5.01.102.35 | Size = 33088 bytes | Created Date = 22/01/2008 21:02:54 | Attr = ]
n9i3d.sys -> %System32%\dllcache\n9i3d.sys -> Number Nine Visual Technology Corp. [Ver = 5.01.103.09 | Size = 27936 bytes | Created Date = 22/01/2008 21:02:55 | Attr = ]
n9i3disp.dll -> %System32%\dllcache\n9i3disp.dll -> Number Nine Visual Technology Corp. [Ver = 5.01.103.09 | Size = 91488 bytes | Created Date = 22/01/2008 21:02:55 | Attr = ]
neo20xx.dll -> %System32%\dllcache\neo20xx.dll -> NeoMagic Corporation [Ver = 5.31.00 (ReleasedBinaries.010308-1115) | Size = 60480 bytes | Created Date = 22/01/2008 21:02:59 | Attr = ]
neo20xx.sys -> %System32%\dllcache\neo20xx.sys -> NeoMagic Corporation [Ver = 5.31.00 (ReleasedBinaries.010308-1115) | Size = 39264 bytes | Created Date = 22/01/2008 21:02:59 | Attr = ]
netflx3.sys -> %System32%\dllcache\netflx3.sys -> Compaq Computer Corporation [Ver = 5.0.1.18 | Size = 65278 bytes | Created Date = 22/01/2008 21:03:01 | Attr = ]
netwlan5.sys -> %System32%\dllcache\netwlan5.sys -> 802.11b [Ver = 3, 1, 4, 26 | Size = 132695 bytes | Created Date = 22/01/2008 21:03:03 | Attr = ]
ngrpci.sys -> %System32%\dllcache\ngrpci.sys -> NETGEAR Corporation. [Ver = 4.56 | Size = 32840 bytes | Created Date = 22/01/2008 21:03:04 | Attr = ]
nm5a2wdm.sys -> %System32%\dllcache\nm5a2wdm.sys -> NeoMagic Corporation [Ver = 5.1.2501.0 built by: WinDDK | Size = 126080 bytes | Created Date = 22/01/2008 21:03:05 | Attr = ]
nm6wdm.sys -> %System32%\dllcache\nm6wdm.sys -> NeoMagic Corporation [Ver = 5.1.2501.0 built by: WinDDK | Size = 87040 bytes | Created Date = 22/01/2008 21:03:05 | Attr = ]
nscirda.sys -> %System32%\dllcache\nscirda.sys -> National Semiconductor Corporation [Ver = 5,02,00,011 (xpsp_sp2_rtm.040803-2158) | Size = 28672 bytes | Created Date = 22/01/2008 21:03:10 | Attr = ]
ntgrip.sys -> %System32%\dllcache\ntgrip.sys -> Kensington Technology Group [Ver = 1.00 | Size = 51552 bytes | Created Date = 22/01/2008 21:03:15 | Attr = ]
nv3.dll -> %System32%\dllcache\nv3.dll -> NVIDIA Corporation [Ver = 5.1.3528.0343 (ReleasedBinaries.010717-0141) | Size = 123776 bytes | Created Date = 22/01/2008 21:03:24 | Attr = ]
nv3.sys -> %System32%\dllcache\nv3.sys -> NVIDIA Corporation [Ver = 5.1.3528.0343 (ReleasedBinaries.010717-0141) | Size = 198144 bytes | Created Date = 22/01/2008 21:03:24 | Attr = ]
OLD216.tmp -> %System32%\dllcache\OLD216.tmp -> 3Com Corporation [Ver = 1.10.02 | Size = 19996 bytes | Created Date = 22/01/2008 20:59:00 | Attr = ]
OLD219.tmp -> %System32%\dllcache\OLD219.tmp -> 3Com Corporation [Ver = 1.10.02 | Size = 19996 bytes | Created Date = 22/01/2008 20:59:01 | Attr = ]
OLD26A.tmp -> %System32%\dllcache\OLD26A.tmp -> 3Com Corporation [Ver = 1.01.08.6001 | Size = 22090 bytes | Created Date = 22/01/2008 20:59:18 | Attr = ]
OLD26D.tmp -> %System32%\dllcache\OLD26D.tmp -> 3Com Corporation [Ver = 1.01.08.6001 | Size = 22090 bytes | Created Date = 22/01/2008 20:59:18 | Attr = ]
opl3sax.sys -> %System32%\dllcache\opl3sax.sys -> Yamaha Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 54528 bytes | Created Date = 22/01/2008 21:03:30 | Attr = ]
otc06x5.sys -> %System32%\dllcache\otc06x5.sys -> Ositech Communications, Inc. [Ver = 1.01.020 | Size = 27209 bytes | Created Date = 22/01/2008 21:03:30 | Attr = ]
otceth5.sys -> %System32%\dllcache\otceth5.sys -> Ositech Communications, Inc. [Ver = 1.02.014.3 | Size = 43689 bytes | Created Date = 22/01/2008 21:03:31 | Attr = ]
otcsercb.sys -> %System32%\dllcache\otcsercb.sys -> Ositech Communications, Inc. [Ver = 1.05.02 | Size = 54186 bytes | Created Date = 22/01/2008 21:03:31 | Attr = ]
pc100nds.sys -> %System32%\dllcache\pc100nds.sys -> Linksys [Ver = 5.00.2195.1 | Size = 30495 bytes | Created Date = 22/01/2008 21:03:36 | Attr = ]
pca200e.sys -> %System32%\dllcache\pca200e.sys -> Marconi Communications, Inc. [Ver = 5.0.12.6327 | Size = 29502 bytes | Created Date = 22/01/2008 21:03:36 | Attr = ]
pcmlm56.sys -> %System32%\dllcache\pcmlm56.sys -> Linksys [Ver = 5.00.2128.1 | Size = 26153 bytes | Created Date = 22/01/2008 21:03:38 | Attr = ]
pcntn5hl.sys -> %System32%\dllcache\pcntn5hl.sys -> AMD Inc. [Ver = 1.09.001 | Size = 30282 bytes | Created Date = 22/01/2008 21:03:39 | Attr = ]
pcntn5m.sys -> %System32%\dllcache\pcntn5m.sys -> AMD Inc. [Ver = 4.09.00 | Size = 29769 bytes | Created Date = 22/01/2008 21:03:39 | Attr = ]
pcntpci5.sys -> %System32%\dllcache\pcntpci5.sys -> AMD Inc. [Ver = 4.38.00 built by: WinDDK | Size = 35328 bytes | Created Date = 22/01/2008 21:03:39 | Attr = ]
pctspk.exe -> %System32%\dllcache\pctspk.exe -> PCtel, Inc. [Ver = 4.00 | Size = 86016 bytes | Created Date = 22/01/2008 21:03:40 | Attr = ]
pcx500.sys -> %System32%\dllcache\pcx500.sys -> Cisco Systems [Ver = 7.50.01 Firmware built by: Cisco Systems | Size = 169984 bytes | Created Date = 22/01/2008 21:03:40 | Attr = ]
perm2.sys -> %System32%\dllcache\perm2.sys -> Microsoft Corp., 3Dlabs Inc. Ltd. [Ver = 1.00-0009 (MS) (xpsp_sp2_rtm.040803-2158) | Size = 27904 bytes | Created Date = 22/01/2008 21:03:42 | Attr = ]
perm2dll.dll -> %System32%\dllcache\perm2dll.dll -> Microsoft Corp., 3Dlabs Inc. Ltd. [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 211712 bytes | Created Date = 22/01/2008 21:03:43 | Attr = ]
perm3.sys -> %System32%\dllcache\perm3.sys -> Microsoft Corp., 3Dlabs Inc. Ltd. [Ver = 1.00 (xpsp_sp2_rtm.040803-2158) | Size = 28032 bytes | Created Date = 22/01/2008 21:03:45 | Attr = ]
perm3dd.dll -> %System32%\dllcache\perm3dd.dll -> Microsoft Corp., 3Dlabs Inc. Ltd. [Ver = 1.00 (xpsp_sp2_rtm.040803-2158) | Size = 259328 bytes | Created Date = 22/01/2008 21:03:46 | Attr = ]
pscr.sys -> %System32%\dllcache\pscr.sys -> SCM Microsystems, Inc. [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 16128 bytes | Created Date = 22/01/2008 21:03:56 | Attr = ]
ptserli.sys -> %System32%\dllcache\ptserli.sys -> PCTEL, INC. [Ver = 7.54.07 | Size = 128286 bytes | Created Date = 22/01/2008 21:03:59 | Attr = ]
ptserlp.sys -> %System32%\dllcache\ptserlp.sys -> PCTEL, INC. [Ver = 7.54.07 | Size = 112574 bytes | Created Date = 22/01/2008 21:03:59 | Attr = ]
ptserlv.sys -> %System32%\dllcache\ptserlv.sys -> PCTEL, INC. [Ver = 7.54.07 | Size = 130942 bytes | Created Date = 22/01/2008 21:03:59 | Attr = ]
r2mdkxga.sys -> %System32%\dllcache\r2mdkxga.sys -> Xircom, Inc. [Ver = 1.90.7 | Size = 899146 bytes | Created Date = 22/01/2008 21:04:05 | Attr = ]
r2mdmkxx.sys -> %System32%\dllcache\r2mdmkxx.sys -> Xircom, Inc. [Ver = 1.90.7 | Size = 714762 bytes | Created Date = 22/01/2008 21:04:05 | Attr = ]
reslog32.dll -> %System32%\dllcache\reslog32.dll -> Xircom [Ver = 1.0.0.6 | Size = 86097 bytes | Created Date = 22/01/2008 21:04:15 | Attr = ]
rlnet5.sys -> %System32%\dllcache\rlnet5.sys -> RadioLAN [Ver = 2.30 | Size = 37563 bytes | Created Date = 22/01/2008 21:04:16 | Attr = ]
rocket.sys -> %System32%\dllcache\rocket.sys -> Comtrol Corporation [Ver = 4.50 | Size = 79104 bytes | Created Date = 22/01/2008 21:04:17 | Attr = ]
rpfun.sys -> %System32%\dllcache\rpfun.sys -> Conexant Systems Inc. [Ver = 5.12.01.0326 | Size = 3840 bytes | Created Date = 22/01/2008 21:04:19 | Attr = ]
rsmgrstr.dll -> %System32%\dllcache\rsmgrstr.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 9216 bytes | Created Date = 22/01/2008 21:04:20 | Attr = ]
rthwcls.sys -> %System32%\dllcache\rthwcls.sys -> Conexant Systems Inc. [Ver = 5.12.01.0326 | Size = 30720 bytes | Created Date = 22/01/2008 21:04:21 | Attr = ]
rtl8029.sys -> %System32%\dllcache\rtl8029.sys -> Realtek Semiconductor Corporation [Ver = 5.508.0803.2000 | Size = 19017 bytes | Created Date = 22/01/2008 21:04:21 | Attr = ]
rw330ext.dll -> %System32%\dllcache\rw330ext.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 26624 bytes | Created Date = 22/01/2008 21:04:23 | Attr = ]
rw430ext.dll -> %System32%\dllcache\rw430ext.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 24576 bytes | Created Date = 22/01/2008 21:04:23 | Attr = ]
rw450ext.dll -> %System32%\dllcache\rw450ext.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 26624 bytes | Created Date = 22/01/2008 21:04:23 | Attr = ]
rwia001.dll -> %System32%\dllcache\rwia001.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 22/01/2008 21:04:24 | Attr = ]
rwia330.dll -> %System32%\dllcache\rwia330.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 22/01/2008 21:04:24 | Attr = ]
rwia430.dll -> %System32%\dllcache\rwia430.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 22/01/2008 21:04:24 | Attr = ]
rwia450.dll -> %System32%\dllcache\rwia450.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 82432 bytes | Created Date = 22/01/2008 21:04:24 | Attr = ]
s3m.sys -> %System32%\dllcache\s3m.sys -> S3 Incorporated [Ver = 5.1024.329.0002 (ReleasedBinaries.010308-1115) | Size = 166720 bytes | Created Date = 22/01/2008 21:04:25 | Attr = ]
s3mt3d.dll -> %System32%\dllcache\s3mt3d.dll -> S3 Incorporated [Ver = 5.01.526.0007 (ReleasedBinaries.010718-0005) | Size = 182272 bytes | Created Date = 22/01/2008 21:04:26 | Attr = ]
s3mt3d.sys -> %System32%\dllcache\s3mt3d.sys -> S3 Incorporated [Ver = 5.01.526.0007 (ReleasedBinaries.010718-0005) | Size = 41216 bytes | Created Date = 22/01/2008 21:04:26 | Attr = ]
s3mtrio.dll -> %System32%\dllcache\s3mtrio.dll -> S3 Incorporated [Ver = 5.1024.329.0002 (ReleasedBinaries.010308-1115) | Size = 62496 bytes | Created Date = 22/01/2008 21:04:27 | Attr = ]
s3mvirge.dll -> %System32%\dllcache\s3mvirge.dll -> S3 Incorporated [Ver = 5.1024.329.0002 (ReleasedBinaries.010308-1115) | Size = 210496 bytes | Created Date = 22/01/2008 21:04:27 | Attr = ]
s3sav3d.dll -> %System32%\dllcache\s3sav3d.dll -> S3 Incorporated [Ver = 5.01.620.0006 (ReleasedBinaries.010308-1115) | Size = 179264 bytes | Created Date = 22/01/2008 21:04:27 | Attr = ]
s3sav3dm.sys -> %System32%\dllcache\s3sav3dm.sys -> S3 Incorporated [Ver = 5.01.620.0006 (ReleasedBinaries.010308-1115) | Size = 61504 bytes | Created Date = 22/01/2008 21:04:27 | Attr = ]
s3sav4.dll -> %System32%\dllcache\s3sav4.dll -> S3 Incorporated [Ver = 5.12.01.8012-8.40.03 built by: ReleasedBinaries | Size = 198400 bytes | Created Date = 22/01/2008 21:04:28 | Attr = ]
s3sav4m.sys -> %System32%\dllcache\s3sav4m.sys -> S3 Incorporated [Ver = 5.12.01.8012-8.40.03 built by: ReleasedBinaries | Size = 77824 bytes | Created Date = 22/01/2008 21:04:28 | Attr = ]
s3savmx.dll -> %System32%\dllcache\s3savmx.dll -> S3 Graphics, Inc. [Ver = 5.13.01.7056-7.50.16 | Size = 245632 bytes | Created Date = 22/01/2008 21:04:28 | Attr = ]
s3savmxm.sys -> %System32%\dllcache\s3savmxm.sys -> S3 Graphics, Inc. [Ver = 5.13.01.7056-7.50.16 | Size = 75392 bytes | Created Date = 22/01/2008 21:04:29 | Attr = ]
sblfx.dll -> %System32%\dllcache\sblfx.dll -> Creative Technology Ltd. [Ver = 5.12.01.3210 | Size = 495616 bytes | Created Date = 22/01/2008 21:04:30 | Attr = ]
sccmn50m.sys -> %System32%\dllcache\sccmn50m.sys -> OMNIKEY AG [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 23936 bytes | Created Date = 22/01/2008 21:04:31 | Attr = ]
sccmusbm.sys -> %System32%\dllcache\sccmusbm.sys -> OMNIKEY AG [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 23936 bytes | Created Date = 22/01/2008 21:04:32 | Attr = ]
scr111.sys -> %System32%\dllcache\scr111.sys -> SCM Microsystems [Ver = 1.01.006 (XPClient.010817-1148) | Size = 17280 bytes | Created Date = 22/01/2008 21:04:33 | Attr = ]
sfmanm.sys -> %System32%\dllcache\sfmanm.sys -> Creative Technology Ltd. [Ver = 4.10.3300 | Size = 36480 bytes | Created Date = 22/01/2008 21:04:40 | Attr = ]
sgiul50.dll -> %System32%\dllcache\sgiul50.dll -> Trident Microsystems Inc. [Ver = 5.1.2462.0032 (ReleasedBinaries.010308-1115) | Size = 386560 bytes | Created Date = 22/01/2008 21:04:41 | Attr = ]
sgiulnt5.sys -> %System32%\dllcache\sgiulnt5.sys -> Trident Microsystems Inc. [Ver = 5.1.2462.0032 (ReleasedBinaries.010308-1115) | Size = 98080 bytes | Created Date = 22/01/2008 21:04:41 | Attr = ]
sgsmld.sys -> %System32%\dllcache\sgsmld.sys -> Micro Systemation [Ver = 1.1 | Size = 18400 bytes | Created Date = 22/01/2008 21:04:41 | Attr = ]
sgsmusb.sys -> %System32%\dllcache\sgsmusb.sys -> Micro Systemation [Ver = 1, 0, 0, 4 | Size = 161568 bytes | Created Date = 22/01/2008 21:04:42 | Attr = ]
sis300ip.sys -> %System32%\dllcache\sis300ip.sys -> Silicon Integrated Systems Corporation [Ver = 5.13.01.1100 (Lab01_N(ericks).010612-1818) | Size = 101760 bytes | Created Date = 22/01/2008 21:04:48 | Attr = ]
sis300iv.dll -> %System32%\dllcache\sis300iv.dll -> Silicon Integrated Systems Corporation [Ver = 5.13.01.1100 (Lab01_N(ericks).010612-1818) | Size = 252032 bytes | Created Date = 22/01/2008 21:04:48 | Attr = ]
sis6306p.sys -> %System32%\dllcache\sis6306p.sys -> Silicon Integrated Systems Corporation [Ver = 5.12.01.1080 (Lab01_N(ericks).010522-2022) | Size = 68608 bytes | Created Date = 22/01/2008 21:04:49 | Attr = ]
sis6306v.dll -> %System32%\dllcache\sis6306v.dll -> Silicon Integrated Systems Corporation [Ver = 5.12.01.1080 (Lab01_N(ericks).010522-2022) | Size = 150144 bytes | Created Date = 22/01/2008 21:04:49 | Attr = ]
sisgrp.sys -> %System32%\dllcache\sisgrp.sys -> Silicon Integrated Systems Corporation [Ver = 5.13.01.2000 (ReleasedBinaries.010625-1804) | Size = 104064 bytes | Created Date = 22/01/2008 21:04:49 | Attr = ]
sisgrv.dll -> %System32%\dllcache\sisgrv.dll -> Silicon Integrated Systems Corporation [Ver = 5.13.01.2000 (ReleasedBinaries.010625-1804) | Size = 238592 bytes | Created Date = 22/01/2008 21:04:50 | Attr = ]
sisnic.sys -> %System32%\dllcache\sisnic.sys -> SiS Corporation [Ver = 1.16.00.05 built by: WinDDK | Size = 32768 bytes | Created Date = 22/01/2008 21:04:50 | Attr = ]
sisv.sys -> %System32%\dllcache\sisv.sys -> Silicon Integrated Systems Corporation [Ver = 5.12.01.1300 (Lab01_N(ericks).010522-2022) | Size = 50432 bytes | Created Date = 22/01/2008 21:04:52 | Attr = ]
sisv256.dll -> %System32%\dllcache\sisv256.dll -> Silicon Integrated Systems Corporation [Ver = 5.12.01.1300 (Lab01_N(ericks).010522-2022) | Size = 157696 bytes | Created Date = 22/01/2008 21:04:52 | Attr = ]
sk98xwin.sys -> %System32%\dllcache\sk98xwin.sys -> SysKonnect GmbH. [Ver = 3.12 | Size = 94698 bytes | Created Date = 22/01/2008 21:04:52 | Attr = ]
skfpwin.sys -> %System32%\dllcache\skfpwin.sys -> SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH. [Ver = 5.13 | Size = 91294 bytes | Created Date = 22/01/2008 21:04:53 | Attr = ]
sla30nd5.sys -> %System32%\dllcache\sla30nd5.sys -> Symbol Technologies [Ver = 4.2.0.8 | Size = 63547 bytes | Created Date = 22/01/2008 21:04:53 | Attr = ]
smc8000n.sys -> %System32%\dllcache\smc8000n.sys -> SMC Networks, Inc. [Ver = 3.13.1025.2000 built by: yfeng | Size = 24576 bytes | Created Date = 22/01/2008 21:05:03 | Attr = ]
smcirda.sys -> %System32%\dllcache\smcirda.sys -> SMC [Ver = 5.1.2462.0 | Size = 35913 bytes | Created Date = 22/01/2008 21:05:03 | Attr = ]
smcpwr2n.sys -> %System32%\dllcache\smcpwr2n.sys -> SMC Networks, Inc. [Ver = 3.28.1214.2000 | Size = 25034 bytes | Created Date = 22/01/2008 21:05:04 | Attr = ]
smidispb.dll -> %System32%\dllcache\smidispb.dll -> Silicon Motion Inc. [Ver = 5.01.2401.0143e | Size = 147200 bytes | Created Date = 22/01/2008 21:05:05 | Attr = ]
smiminib.sys -> %System32%\dllcache\smiminib.sys -> Silicon Motion Inc. [Ver = 5.01.2401.0143e | Size = 58368 bytes | Created Date = 22/01/2008 21:05:05 | Attr = ]
sonync.sys -> %System32%\dllcache\sonync.sys -> Sony Corporation [Ver = 6.0.0.05300 | Size = 20752 bytes | Created Date = 22/01/2008 21:05:14 | Attr = ]
sonypi.dll -> %System32%\dllcache\sonypi.dll -> Sony Corporation [Ver = 1.5.090699 | Size = 114688 bytes | Created Date = 22/01/2008 21:05:14 | Attr = ]
sonypi.sys -> %System32%\dllcache\sonypi.sys -> Sony Corporation [Ver = 6.0.5.07140 | Size = 37040 bytes | Created Date = 22/01/2008 21:05:15 | Attr = ]
sonypvu1.sys -> %System32%\dllcache\sonypvu1.sys -> Sony Corporation [Ver = 1.3.0526.0 (XPClient.010817-1148) | Size = 7552 bytes | Created Date = 22/01/2008 21:05:15 | Attr = ]
spdports.dll -> %System32%\dllcache\spdports.dll -> Perle Systems Ltd. [Ver = 1.0.0.0012 | Size = 106584 bytes | Created Date = 22/01/2008 21:05:16 | Attr = ]
speed.sys -> %System32%\dllcache\speed.sys -> Perle Systems Ltd. [Ver = 1.0.4.0021 (XPClient.010817-1148) | Size = 61824 bytes | Created Date = 22/01/2008 21:05:17 | Attr = ]
spxupchk.dll -> %System32%\dllcache\spxupchk.dll -> Perle Systems Ltd. [Ver = 1.0.0.0002 | Size = 24660 bytes | Created Date = 22/01/2008 21:05:18 | Attr = ]
srwlnd5.sys -> %System32%\dllcache\srwlnd5.sys -> 3Com [Ver = 3.0.4 alpha | Size = 48736 bytes | Created Date = 22/01/2008 21:05:21 | Attr = ]
stcusb.sys -> %System32%\dllcache\stcusb.sys -> SCM Microsystems, Inc. [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 16896 bytes | Created Date = 22/01/2008 21:05:23 | Attr = ]
stlnata.sys -> %System32%\dllcache\stlnata.sys -> Stallion Technologies [Ver = 5.6.5 | Size = 285760 bytes | Created Date = 22/01/2008 21:05:24 | Attr = ]
stlncoin.dll -> %System32%\dllcache\stlncoin.dll -> Stallion Technologies [Ver = 5.6.5 | Size = 53248 bytes | Created Date = 22/01/2008 21:05:24 | Attr = ]
stlnprop.dll -> %System32%\dllcache\stlnprop.dll -> Stallion Technologies [Ver = 5.6.4 | Size = 155648 bytes | Created Date = 22/01/2008 21:05:25 | Attr = ]
sx.sys -> %System32%\dllcache\sx.sys -> Perle Systems Ltd. [Ver = 1.1.2.0031 (XPClient.010817-1148) | Size = 103936 bytes | Created Date = 22/01/2008 21:05:28 | Attr = ]
sxports.dll -> %System32%\dllcache\sxports.dll -> Perle Systems Ltd. [Ver = 1.0.0.0008 | Size = 94293 bytes | Created Date = 22/01/2008 21:05:28 | Attr = ]
t2r4disp.dll -> %System32%\dllcache\t2r4disp.dll -> Number Nine Visual Technology [Ver = 5.01.104.09 | Size = 172768 bytes | Created Date = 22/01/2008 21:05:32 | Attr = ]
t2r4mini.sys -> %System32%\dllcache\t2r4mini.sys -> Number Nine Visual Technology Corp. [Ver = 5.01.104.09 | Size = 36640 bytes | Created Date = 22/01/2008 21:05:32 | Attr = ]
tbatm155.sys -> %System32%\dllcache\tbatm155.sys -> Toshiba Corporation [Ver = 0.4.0.0 (XPClient.010817-1148) | Size = 30464 bytes | Created Date = 22/01/2008 21:05:35 | Attr = ]
tdk100b.sys -> %System32%\dllcache\tdk100b.sys -> TDK Corporation [Ver = 1.00 | Size = 37961 bytes | Created Date = 22/01/2008 21:05:37 | Attr = ]
tdkcd31.sys -> %System32%\dllcache\tdkcd31.sys -> TDK Corporation [Ver = 5.00.2128.1 | Size = 17129 bytes | Created Date = 22/01/2008 21:05:38 | Attr = ]
tffsport.sys -> %System32%\dllcache\tffsport.sys -> M-Systems [Ver = 5.02 | Size = 149376 bytes | Created Date = 22/01/2008 21:05:39 | Attr = ]
tgiul50.dll -> %System32%\dllcache\tgiul50.dll -> Trident Microsystems Inc. [Ver = 5.1.2462.0015 (ReleasedBinaries.010308-1115) | Size = 81408 bytes | Created Date = 22/01/2008 21:05:40 | Attr = ]
tgiulnt5.sys -> %System32%\dllcache\tgiulnt5.sys -> Trident Microsystems Inc. [Ver = 5.1.2462.0015 (ReleasedBinaries.010308-1115) | Size = 138528 bytes | Created Date = 22/01/2008 21:05:41 | Attr = ]
tjisdn.sys -> %System32%\dllcache\tjisdn.sys -> Tiger Jet Network [Ver = 3.03 | Size = 123995 bytes | Created Date = 22/01/2008 21:05:43 | Attr = ]
tos4mo.sys -> %System32%\dllcache\tos4mo.sys -> TOSHIBA Corporation [Ver = 2.23 | Size = 28232 bytes | Created Date = 22/01/2008 21:05:44 | Attr = ]
tosdvd02.sys -> %System32%\dllcache\tosdvd02.sys -> Toshiba Corporation [Ver = 1.00.99.1004 (XPClient.010817-1148) | Size = 241664 bytes | Created Date = 22/01/2008 21:05:44 | Attr = ]
tosdvd03.sys -> %System32%\dllcache\tosdvd03.sys -> Toshiba Corporation [Ver = 1.00.99.1003 (XPClient.010817-1148) | Size = 230912 bytes | Created Date = 22/01/2008 21:05:44 | Attr = ]
tp4.dll -> %System32%\dllcache\tp4.dll -> IBM Corporation [Ver = 6.03 (XPClient.010817-1148) | Size = 31744 bytes | Created Date = 22/01/2008 21:05:46 | Attr = ]
tp4mon.exe -> %System32%\dllcache\tp4mon.exe -> IBM Corporation [Ver = 6.03 (xpsp_sp2_rtm.040803-2158) | Size = 82432 bytes | Created Date = 22/01/2008 21:05:46 | Attr = ]
tp4res.dll -> %System32%\dllcache\tp4res.dll -> IBM Corporation [Ver = 6.03 (XPClient.010817-1148) | Size = 42496 bytes | Created Date = 22/01/2008 21:05:48 | Attr = ]
tpro4.sys -> %System32%\dllcache\tpro4.sys -> Intel Corporation [Ver = 3.06.02.0000 | Size = 34375 bytes | Created Date = 22/01/2008 21:05:48 | Attr = ]
trid3d.dll -> %System32%\dllcache\trid3d.dll -> Trident Microsystems Inc. [Ver = 5.1.2471.0046 (ReleasedBinaries.000421-1946) | Size = 315520 bytes | Created Date = 22/01/2008 21:05:49 | Attr = ]
trid3dm.sys -> %System32%\dllcache\trid3dm.sys -> Trident Microsystems Inc. [Ver = 5.1.2471.0032 (ReleasedBinaries.000421-1946) | Size = 222336 bytes | Created Date = 22/01/2008 21:05:49 | Attr = ]
tridkb.dll -> %System32%\dllcache\tridkb.dll -> Trident Microsystems Inc. [Ver = 5.1.2489.0045 (ReleasedBinaries.000421-1946) | Size = 440576 bytes | Created Date = 22/01/2008 21:05:49 | Attr = ]
tridkbm.sys -> %System32%\dllcache\tridkbm.sys -> Trident Microsystems Inc. [Ver = 5.1.2489.0032 (ReleasedBinaries.000421-1946) | Size = 159232 bytes | Created Date = 22/01/2008 21:05:50 | Attr = ]
tridxp.dll -> %System32%\dllcache\tridxp.dll -> Trident Microsystems Inc. [Ver = 5.1.2475.0115 (ReleasedBinaries.010510-2313) | Size = 525568 bytes | Created Date = 22/01/2008 21:05:50 | Attr = ]
tridxpm.sys -> %System32%\dllcache\tridxpm.sys -> Trident Microsystems Inc. [Ver = 5.1.2475.96 (ReleasedBinaries.010510-2313) | Size = 166784 bytes | Created Date = 22/01/2008 21:05:50 | Attr = ]
twotrack.sys -> %System32%\dllcache\twotrack.sys -> IBM Corporation [Ver = 6.03 (XPClient.010817-1148) | Size = 11520 bytes | Created Date = 22/01/2008 21:05:53 | Attr = ]
um34scan.dll -> %System32%\dllcache\um34scan.dll -> UMAX Data Systems Inc. [Ver = 1.0.0.7 | Size = 216064 bytes | Created Date = 22/01/2008 21:05:54 | Attr = ]
um54scan.dll -> %System32%\dllcache\um54scan.dll -> UMAX Data Systems Inc. [Ver = 1.0.0.8 | Size = 211968 bytes | Created Date = 22/01/2008 21:05:55 | Attr = ]
umaxscan.dll -> %System32%\dllcache\umaxscan.dll -> UMAX DATA SYSTEMS INC. [Ver = 5.00.2434.1 | Size = 50688 bytes | Created Date = 22/01/2008 21:05:56 | Attr = ]
usb101et.sys -> %System32%\dllcache\usb101et.sys -> KLSI USA, Inc. [Ver = 3.43.0005.0000 | Size = 32384 bytes | Created Date = 22/01/2008 21:05:59 | Attr = ]
usr1801.sys -> %System32%\dllcache\usr1801.sys -> U.S. Robotics, Inc. [Ver = 1.00.034 | Size = 794654 bytes | Created Date = 22/01/2008 21:06:04 | Attr = ]
usr1806.sys -> %System32%\dllcache\usr1806.sys -> U.S. Robotics, Inc. [Ver = 1.00.036 | Size = 793598 bytes | Created Date = 22/01/2008 21:06:05 | Attr = ]
usr1806v.sys -> %System32%\dllcache\usr1806v.sys -> U.S. Robotics, Inc. [Ver = 1.00.036 | Size = 794399 bytes | Created Date = 22/01/2008 21:06:06 | Attr = ]
usr1807a.sys -> %System32%\dllcache\usr1807a.sys -> U.S. Robotics Corporation [Ver = 4. 11. 21 | Size = 224802 bytes | Created Date = 22/01/2008 21:06:07 | Attr = ]
usroslba.sys -> %System32%\dllcache\usroslba.sys -> U.S. Robotics Corporation [Ver = 4. 11. 21 | Size = 7556 bytes | Created Date = 22/01/2008 21:06:08 | Attr = ]
usrpda.sys -> %System32%\dllcache\usrpda.sys -> U.S. Robotics Corporation [Ver = 4. 11. 22 | Size = 113762 bytes | Created Date = 22/01/2008 21:06:08 | Attr = ]
usrti.sys -> %System32%\dllcache\usrti.sys -> U.S. Robotics, Inc. [Ver = 2.60.005 | Size = 765884 bytes | Created Date = 22/01/2008 21:06:09 | Attr = ]
usrwdxjs.sys -> %System32%\dllcache\usrwdxjs.sys -> U.S. Robotics Corporation [Ver = 3.27.036.0005 | Size = 687999 bytes | Created Date = 22/01/2008 21:06:10 | Attr = ]
viairda.sys -> %System32%\dllcache\viairda.sys -> VIA Technologies, Inc. [Ver = 5,1,2480,0 (XPClient.010817-1148) | Size = 24576 bytes | Created Date = 22/01/2008 21:06:14 | Attr = ]
vinwm.sys -> %System32%\dllcache\vinwm.sys -> Xircom [Ver = 2.1.0.10 | Size = 249402 bytes | Created Date = 22/01/2008 21:06:14 | Attr = ]
vmodem.sys -> %System32%\dllcache\vmodem.sys -> PCTEL, INC. [Ver = 7.60.10A | Size = 604253 bytes | Created Date = 22/01/2008 21:06:15 | Attr = ]
vpctcom.sys -> %System32%\dllcache\vpctcom.sys -> PCtel, Inc. [Ver = 8.00-9K | Size = 397502 bytes | Created Date = 22/01/2008 21:06:16 | Attr = ]
vvoice.sys -> %System32%\dllcache\vvoice.sys -> PCtel, Inc. [Ver = 3.53.00 | Size = 64605 bytes | Created Date = 22/01/2008 21:06:17 | Attr = ]
w840nd.sys -> %System32%\dllcache\w840nd.sys -> Winbond Electronics Corporation [Ver = 2.40 | Size = 19528 bytes | Created Date = 22/01/2008 21:06:18 | Attr = ]
w926nd.sys -> %System32%\dllcache\w926nd.sys -> Winbond Electronics Corporation [Ver = 1.60 | Size = 19016 bytes | Created Date = 22/01/2008 21:06:18 | Attr = ]
w940nd.sys -> %System32%\dllcache\w940nd.sys -> Winbond Electronics Corporation [Ver = 3.22 | Size = 16925 bytes | Created Date = 22/01/2008 21:06:18 | Attr = ]
wadv01nt.sys -> %System32%\dllcache\wadv01nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 12415 bytes | Created Date = 22/01/2008 21:06:20 | Attr = ]
wadv02nt.sys -> %System32%\dllcache\wadv02nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 12127 bytes | Created Date = 22/01/2008 21:06:21 | Attr = ]
wadv05nt.sys -> %System32%\dllcache\wadv05nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11775 bytes | Created Date = 22/01/2008 21:06:22 | Attr = ]
watv01nt.sys -> %System32%\dllcache\watv01nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 29311 bytes | Created Date = 22/01/2008 21:06:24 | Attr = ]
watv02nt.sys -> %System32%\dllcache\watv02nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 19551 bytes | Created Date = 22/01/2008 21:06:26 | Attr = ]
watv04nt.sys -> %System32%\dllcache\watv04nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 33599 bytes | Created Date = 22/01/2008 21:06:27 | Attr = ]
wbfirdma.sys -> %System32%\dllcache\wbfirdma.sys -> Winbond Electronics Corp. [Ver = 5.4.9820.0306 | Size = 35871 bytes | Created Date = 22/01/2008 21:06:30 | Attr = ]
wch7xxnt.sys -> %System32%\dllcache\wch7xxnt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 23615 bytes | Created Date = 22/01/2008 21:06:32 | Attr = ]
wdhaalba.sys -> %System32%\dllcache\wdhaalba.sys -> 3Com Corporation [Ver = 3.34.034.0075 | Size = 701386 bytes | Created Date = 22/01/2008 21:06:33 | Attr = ]
winacisa.sys -> %System32%\dllcache\winacisa.sys -> Rockwell [Ver = 2,0,2,111 | Size = 771581 bytes | Created Date = 22/01/2008 21:06:39 | Attr = ]
wlandrv2.sys -> %System32%\dllcache\wlandrv2.sys -> Raytheon Corp. [Ver = 4.00.00.0004 | Size = 34890 bytes | Created Date = 22/01/2008 21:06:44 | Attr = ]
wlluc48.sys -> %System32%\dllcache\wlluc48.sys -> Lucent Technologies [Ver = 7.43.0.9 | Size = 154624 bytes | Created Date = 22/01/2008 21:06:44 | Attr = ]
wsiintxx.sys -> %System32%\dllcache\wsiintxx.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 12063 bytes | Created Date = 22/01/2008 21:07:28 | Attr = ]
wvchntxx.sys -> %System32%\dllcache\wvchntxx.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 19455 bytes | Created Date = 22/01/2008 21:07:35 | Attr = ]
xem336n5.sys -> %System32%\dllcache\xem336n5.sys -> US Robotics MCD (Megahertz) [Ver = 1.25.014 | Size = 16970 bytes | Created Date = 22/01/2008 21:07:43 | Attr = ]
xlog.exe -> %System32%\dllcache\xlog.exe -> Eicon Technology [Ver = 2.0.1.315 | Size = 99865 bytes | Created Date = 22/01/2008 21:07:44 | Attr = ]
xrxftplt.exe -> %System32%\dllcache\xrxftplt.exe -> [Ver = 1, 0, 0, 2 | Size = 27648 bytes | Created Date = 22/01/2008 21:07:47 | Attr = ]
xrxscnui.dll -> %System32%\dllcache\xrxscnui.dll -> [Ver = 1, 0, 0, 1 | Size = 17408 bytes | Created Date = 22/01/2008 21:07:47 | Attr = ]
xrxwbtmp.dll -> %System32%\dllcache\xrxwbtmp.dll -> Xerox Corporation [Ver = 1, 0, 0, 1 | Size = 23040 bytes | Created Date = 22/01/2008 21:07:48 | Attr = ]
xrxwiadr.dll -> %System32%\dllcache\xrxwiadr.dll -> Xerox [Ver = 1, 0, 0, 2 | Size = 116224 bytes | Created Date = 22/01/2008 21:07:48 | Attr = ]
svchost.exe -> %System32%\drivers\svchost.exe -> [Ver = | Size = 69489 bytes | Created Date = 22/01/2008 20:42:51 | Attr = ]
btask.dll -> %System32%\btask.dll -> Charter [Ver = 0, 1, 0, 1 | Size = 53760 bytes | Created Date = 20/01/2008 20:41:28 | Attr = ]
BTCPatcher.exe -> %System32%\BTCPatcher.exe -> [Ver = | Size = 1499136 bytes | Created Date = 31/12/2007 17:03:54 | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Created Date = 22/01/2008 20:50:44 | Attr = HS]
dxdss.sys -> %System32%\dxdss.sys -> [Ver = | Size = 54764 bytes | Created Date = 11/01/2008 22:38:10 | Attr = ]
imon1.dat -> %System32%\imon1.dat -> [Ver = | Size = 48 bytes | Created Date = 07/01/2008 02:19:23 | Attr = ]
java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 135168 bytes | Created Date = 13/01/2008 09:13:45 | Attr = ]
javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 135168 bytes | Created Date = 13/01/2008 09:13:45 | Attr = ]
javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 139264 bytes | Created Date = 13/01/2008 09:13:45 | Attr = ]
klnnn.ini -> %System32%\klnnn.ini -> [Ver = | Size = 9863 bytes | Created Date = 21/01/2008 22:50:25 | Attr = HS]
klnnn.ini2 -> %System32%\klnnn.ini2 -> [Ver = | Size = 9777 bytes | Created Date = 21/01/2008 22:50:28 | Attr = HS]
ktask.dll -> %System32%\ktask.dll -> Charter [Ver = 0, 1, 0, 1 | Size = 53760 bytes | Created Date = 20/01/2008 20:41:38 | Attr = ]
nnnlk.dll -> %System32%\nnnlk.dll -> [Ver = | Size = 334848 bytes | Created Date = 22/01/2008 19:32:25 | Attr = ]
nnnlk.exe -> %System32%\nnnlk.exe -> [Ver = | Size = 338432 bytes | Created Date = 22/01/2008 20:44:39 | Attr = ]
streamhlp.dll -> %System32%\streamhlp.dll -> [Ver = | Size = 59392 bytes | Created Date = 12/01/2008 18:52:41 | Attr = R ]
VundoFixSVC.exe -> %System32%\VundoFixSVC.exe -> Atribune.org [Ver = 1.00.0003 | Size = 24576 bytes | Created Date = 17/01/2008 11:48:47 | Attr = ]
ERDNT -> %SystemRoot%\ERDNT -> [Folder | Created Date = 07/01/2008 23:59:11 | Attr = ]
isRS-000.tmp -> %SystemRoot%\isRS-000.tmp -> [Ver = 51.46.0.0 | Size = 679424 bytes | Created Date = 15/01/2008 18:45:12 | Attr = ]
LastGood -> %SystemRoot%\LastGood -> [Folder | Created Date = 22/01/2008 20:59:00 | Attr = ]
Minidump -> %SystemRoot%\Minidump -> [Folder | Created Date = 16/01/2008 05:15:36 | Attr = ]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 20/01/2008 16:08:13 | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 20/01/2008 16:08:13 | Attr = H ]
wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 2201 bytes | Created Date = 12/01/2008 14:19:59 | Attr = ]
[Files Created - Additional Folder Scans - Non-Microsoft Only]
ESET -> %AllUsersAppData%\ESET -> [Folder | Created Date = 07/01/2008 19:29:29 | Attr = ]
Lavasoft -> %AllUsersAppData%\Lavasoft -> [Folder | Created Date = 13/01/2008 01:12:43 | Attr = ]
SUPERAntiSpyware.com -> %AllUsersAppData%\SUPERAntiSpyware.com -> [Folder | Created Date = 07/01/2008 21:53:20 | Attr = ]
ESET -> %UserAppData%\ESET -> [Folder | Created Date = 08/01/2008 01:10:32 | Attr = ]
SUPERAntiSpyware.com -> %UserAppData%\SUPERAntiSpyware.com -> [Folder | Created Date = 22/01/2008 17:29:31 | Attr = ]
ESET -> %LocalAppData%\ESET -> [Folder | Created Date = 22/01/2008 20:35:59 | Attr = ]
Ad-Aware 2007.lnk -> %AllUsersDesktop%\Ad-Aware 2007.lnk -> [Ver = | Size = 1801 bytes | Created Date = 13/01/2008 01:15:02 | Attr = ]
iTunes.lnk -> %AllUsersDesktop%\iTunes.lnk -> [Ver = | Size = 2137 bytes | Created Date = 31/12/2007 19:57:53 | Attr = ]
SUPERAntiSpyware Free Edition.lnk -> %AllUsersDesktop%\SUPERAntiSpyware Free Edition.lnk -> [Ver = | Size = 950 bytes | Created Date = 22/01/2008 17:29:42 | Attr = ]
SUPERAntiSpyware.exe -> %UserDesktop%\SUPERAntiSpyware.exe -> [Ver = | Size = 5914648 bytes | Created Date = 22/01/2008 17:26:38 | Attr = ]
VundoFix.exe -> %UserDesktop%\VundoFix.exe -> Atribune.org [Ver = 6.07.0007 | Size = 132608 bytes | Created Date = 22/01/2008 17:26:38 | Attr = ]
WinPFind35u -> %UserDesktop%\WinPFind35u -> [Folder | Created Date = 22/01/2008 20:35:54 | Attr = ]
WinPFind35u.exe -> %UserDesktop%\WinPFind35u.exe -> [Ver = | Size = 477456 bytes | Created Date = 22/01/2008 17:26:32 | Attr = ]

[Files/Folders - Modified Within 30 days]
!KillBox -> %SystemDrive%\!KillBox -> [Folder | Modified Date = 16/01/2008 19:02:28 | Attr = ]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 13/01/2008 17:28:33 | Attr = RHS]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 22/01/2008 17:29:54 | Attr = ]
Deckard -> %SystemDrive%\Deckard -> [Folder | Modified Date = 07/01/2008 23:07:19 | Attr = ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 234409984 bytes | Modified Date = 22/01/2008 20:50:43 | Attr = HS]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 20/01/2008 16:19:34 | Attr = R ]
Programas -> %SystemDrive%\Programas -> [Folder | Modified Date = 07/01/2008 21:38:59 | Attr = ]
RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Modified Date = 22/01/2008 20:44:32 | Attr = HS]
SUPERAntiSpyware.exe -> %SystemDrive%\SUPERAntiSpyware.exe -> [Ver = | Size = 5914648 bytes | Modified Date = 22/01/2008 11:44:00 | Attr = ]
System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 08/01/2008 02:05:23 | Attr = HS]
VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Modified Date = 22/01/2008 19:18:02 | Attr = ]
VundoFix.exe -> %SystemDrive%\VundoFix.exe -> Atribune.org [Ver = 6.07.0007 | Size = 132608 bytes | Modified Date = 22/01/2008 11:42:10 | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 22/01/2008 20:59:00 | Attr = ]
WinPFind35u.exe -> %SystemDrive%\WinPFind35u.exe -> [Ver = | Size = 476717 bytes | Modified Date = 21/01/2008 20:16:04 | Attr = ]
etc -> %System32%\drivers\etc -> [Folder | Modified Date = 20/01/2008 17:13:03 | Attr = ]
hosts -> %System32%\drivers\etc\hosts -> [Ver = | Size = 223724 bytes | Modified Date = 20/01/2008 17:13:04 | Attr = R ]
hosts.20080115-185918.backup -> %System32%\drivers\etc\hosts.20080115-185918.backup -> [Ver = | Size = 65806 bytes | Modified Date = 15/01/2008 18:36:26 | Attr = R ]
hosts.20080115-185942.backup -> %System32%\drivers\etc\hosts.20080115-185942.backup -> [Ver = | Size = 65806 bytes | Modified Date = 15/01/2008 18:59:19 | Attr = R ]
hosts.20080115-191645.backup -> %System32%\drivers\etc\hosts.20080115-191645.backup -> [Ver = | Size = 65806 bytes | Modified Date = 15/01/2008 18:59:42 | Attr = R ]
hosts.20080115-202232.backup -> %System32%\drivers\etc\hosts.20080115-202232.backup -> [Ver = | Size = 223724 bytes | Modified Date = 15/01/2008 19:16:45 | Attr = R ]
hosts.20080116-004852.backup -> %System32%\drivers\etc\hosts.20080116-004852.backup -> [Ver = | Size = 223724 bytes | Modified Date = 15/01/2008 20:22:33 | Attr = R ]
hosts.20080116-060312.backup -> %System32%\drivers\etc\hosts.20080116-060312.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 00:48:52 | Attr = R ]
hosts.20080116-073002.backup -> %System32%\drivers\etc\hosts.20080116-073002.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 06:03:12 | Attr = R ]
hosts.20080116-073519.backup -> %System32%\drivers\etc\hosts.20080116-073519.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 07:30:02 | Attr = R ]
hosts.20080116-095802.backup -> %System32%\drivers\etc\hosts.20080116-095802.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 07:35:19 | Attr = R ]
hosts.20080116-181934.backup -> %System32%\drivers\etc\hosts.20080116-181934.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 09:58:02 | Attr = R ]
hosts.20080116-182752.backup -> %System32%\drivers\etc\hosts.20080116-182752.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 18:19:34 | Attr = R ]
hosts.20080116-200125.backup -> %System32%\drivers\etc\hosts.20080116-200125.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 18:27:52 | Attr = R ]
hosts.20080117-010818.backup -> %System32%\drivers\etc\hosts.20080117-010818.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 20:01:25 | Attr = R ]
hosts.20080117-162821.backup -> %System32%\drivers\etc\hosts.20080117-162821.backup -> [Ver = | Size = 223724 bytes | Modified Date = 17/01/2008 01:08:18 | Attr = R ]
hosts.20080118-202342.backup -> %System32%\drivers\etc\hosts.20080118-202342.backup -> [Ver = | Size = 223724 bytes | Modified Date = 17/01/2008 16:28:21 | Attr = R ]
hosts.20080118-232428.backup -> %System32%\drivers\etc\hosts.20080118-232428.backup -> [Ver = | Size = 223724 bytes | Modified Date = 18/01/2008 20:23:42 | Attr = R ]
hosts.20080119-003451.backup -> %System32%\drivers\etc\hosts.20080119-003451.backup -> [Ver = | Size = 223724 bytes | Modified Date = 18/01/2008 20:23:42 | Attr = ]
hosts.20080119-071510.backup -> %System32%\drivers\etc\hosts.20080119-071510.backup -> [Ver = | Size = 223724 bytes | Modified Date = 19/01/2008 00:34:52 | Attr = R ]
hosts.20080119-121310.backup -> %System32%\drivers\etc\hosts.20080119-121310.backup -> [Ver = | Size = 223724 bytes | Modified Date = 19/01/2008 07:15:10 | Attr = R ]
hosts.20080119-153035.backup -> %System32%\drivers\etc\hosts.20080119-153035.backup -> [Ver = | Size = 223724 bytes | Modified Date = 19/01/2008 12:13:10 | Attr = R ]
hosts.20080120-153645.backup -> %System32%\drivers\etc\hosts.20080120-153645.backup -> [Ver = | Size = 223724 bytes | Modified Date = 19/01/2008 15:30:35 | Attr = R ]
hosts.20080120-160639.backup -> %System32%\drivers\etc\hosts.20080120-160639.backup -> [Ver = | Size = 223724 bytes | Modified Date = 19/01/2008 15:30:35 | Attr = ]
hosts.20080120-164010.backup -> %System32%\drivers\etc\hosts.20080120-164010.backup -> [Ver = | Size = 223724 bytes | Modified Date = 19/01/2008 15:30:35 | Attr = ]
hosts.20080120-171303.backup -> %System32%\drivers\etc\hosts.20080120-171303.backup -> [Ver = | Size = 223724 bytes | Modified Date = 20/01/2008 16:40:10 | Attr = R ]
sptd.sys -> %System32%\drivers\sptd.sys -> [Ver = | Size = 715248 bytes | Modified Date = 08/01/2008 00:20:57 | Attr = ]
svchost.exe -> %System32%\drivers\svchost.exe -> [Ver = | Size = 69489 bytes | Modified Date = 22/01/2008 21:01:09 | Attr = ]
btask.dll -> %System32%\btask.dll -> Charter [Ver = 0, 1, 0, 1 | Size = 53760 bytes | Modified Date = 20/01/2008 21:51:24 | Attr = ]
BTCPatcher.exe -> %System32%\BTCPatcher.exe -> [Ver = | Size = 1499136 bytes | Modified Date = 31/12/2007 17:03:16 | Attr = ]
CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 11/01/2008 22:50:20 | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 22/01/2008 20:52:44 | Attr = ]
config -> %System32%\config -> [Folder | Modified Date = 11/01/2008 22:28:13 | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 22/01/2008 21:07:51 | Attr = HS]
drivers -> %System32%\drivers -> [Folder | Modified Date = 22/01/2008 20:53:34 | Attr = ]
DRVSTORE -> %System32%\DRVSTORE -> [Folder | Modified Date = 31/12/2007 19:49:44 | Attr = ]
dxdss.sys -> %System32%\dxdss.sys -> [Ver = | Size = 54764 bytes | Modified Date = 11/01/2008 22:38:10 | Attr = ]
imon1.dat -> %System32%\imon1.dat -> [Ver = | Size = 48 bytes | Modified Date = 07/01/2008 02:19:23 | Attr = ]
klnnn.ini -> %System32%\klnnn.ini -> [Ver = | Size = 9863 bytes | Modified Date = 22/01/2008 21:43:51 | Attr = HS]
klnnn.ini2 -> %System32%\klnnn.ini2 -> [Ver = | Size = 9777 bytes | Modified Date = 22/01/2008 21:43:38 | Attr = HS]
ktask.dll -> %System32%\ktask.dll -> Charter [Ver = 0, 1, 0, 1 | Size = 53760 bytes | Modified Date = 21/01/2008 23:23:40 | Attr = ]
nnnlk.dll -> %System32%\nnnlk.dll -> [Ver = | Size = 334848 bytes | Modified Date = 22/01/2008 19:32:27 | Attr = ]
nnnlk.exe -> %System32%\nnnlk.exe -> [Ver = | Size = 338432 bytes | Modified Date = 22/01/2008 20:53:42 | Attr = ]
perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 59448 bytes | Modified Date = 11/01/2008 20:45:55 | Attr = ]
perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 393506 bytes | Modified Date = 11/01/2008 20:45:55 | Attr = ]
Restore -> %System32%\Restore -> [Folder | Modified Date = 08/01/2008 02:05:23 | Attr = ]
streamhlp.dll -> %System32%\streamhlp.dll -> [Ver = | Size = 59392 bytes | Modified Date = 12/01/2008 18:53:12 | Attr = R ]
VundoFixSVC.exe -> %System32%\VundoFixSVC.exe -> Atribune.org [Ver = 1.00.0003 | Size = 24576 bytes | Modified Date = 17/01/2008 11:48:47 | Attr = ]
wbem -> %System32%\wbem -> [Folder | Modified Date = 11/01/2008 22:27:07 | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 12704 bytes | Modified Date = 22/01/2008 20:52:19 | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 08/01/2008 21:31:16 | Attr = H ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 22/01/2008 20:50:44 | Attr = S]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 08/01/2008 00:02:15 | Attr = S]
ERDNT -> %SystemRoot%\ERDNT -> [Folder | Modified Date = 07/01/2008 23:59:11 | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 12/01/2008 12:20:31 | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 22/01/2008 17:29:54 | Attr = HS]
isRS-000.tmp -> %SystemRoot%\isRS-000.tmp -> [Ver = 51.46.0.0 | Size = 679424 bytes | Modified Date = 15/01/2008 18:45:12 | Attr = ]
LastGood -> %SystemRoot%\LastGood -> [Folder | Modified Date = 22/01/2008 21:03:23 | Attr = ]
Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 16/01/2008 18:24:59 | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 22/01/2008 21:01:15 | Attr = ]
pss -> %SystemRoot%\pss -> [Folder | Modified Date = 08/01/2008 22:31:36 | Attr = ]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 20/01/2008 16:08:13 | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 22/01/2008 20:54:01 | Attr = H ]
Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 11/01/2008 22:27:05 | Attr = ]
system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 13/01/2008 17:28:33 | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 22/01/2008 21:03:23 | Attr = ]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 22/01/2008 21:42:29 | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 823 bytes | Modified Date = 13/01/2008 17:28:33 | Attr = ]
wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 2201 bytes | Modified Date = 20/01/2008 17:55:58 | Attr = ]
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 31/12/2007 12:18:19 | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 22/01/2008 20:51:05 | Attr = H ]
[Files Modified - Additional Folder Scans - Non-Microsoft Only]
BVRP Software -> %AllUsersAppData%\BVRP Software -> [Folder | Modified Date = 03/01/2008 20:25:43 | Attr = ]
ESET -> %AllUsersAppData%\ESET -> [Folder | Modified Date = 07/01/2008 19:29:29 | Attr = ]
Lavasoft -> %AllUsersAppData%\Lavasoft -> [Folder | Modified Date = 13/01/2008 01:12:43 | Attr = ]
Spybot - Search & Destroy -> %AllUsersAppData%\Spybot - Search & Destroy -> [Folder | Modified Date = 15/01/2008 18:36:08 | Attr = ]
SUPERAntiSpyware.com -> %AllUsersAppData%\SUPERAntiSpyware.com -> [Folder | Modified Date = 07/01/2008 21:53:20 | Attr = ]
TEMP -> %AllUsersAppData%\TEMP -> [Folder | Modified Date = 21/01/2008 19:56:15 | Attr = ]
ESET -> %UserAppData%\ESET -> [Folder | Modified Date = 08/01/2008 01:10:32 | Attr = ]
SUPERAntiSpyware.com -> %UserAppData%\SUPERAntiSpyware.com -> [Folder | Modified Date = 22/01/2008 17:29:34 | Attr = ]
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %LocalAppData%\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 15872 bytes | Modified Date = 26/12/2007 16:09:36 | Attr = ]
ESET -> %LocalAppData%\ESET -> [Folder | Modified Date = 22/01/2008 20:35:59 | Attr = ]
My Pictures -> %UserDocuments%\My Pictures -> [Folder | Modified Date = 21/01/2008 23:06:44 | Attr = R ]
Ad-Aware 2007.lnk -> %AllUsersDesktop%\Ad-Aware 2007.lnk -> [Ver = | Size = 1801 bytes | Modified Date = 13/01/2008 01:15:02 | Attr = ]
iTunes.lnk -> %AllUsersDesktop%\iTunes.lnk -> [Ver = | Size = 2137 bytes | Modified Date = 13/01/2008 00:53:10 | Attr = ]
SUPERAntiSpyware Free Edition.lnk -> %AllUsersDesktop%\SUPERAntiSpyware Free Edition.lnk -> [Ver = | Size = 950 bytes | Modified Date = 22/01/2008 19:33:02 | Attr = ]
Microsoft Access.lnk -> %UserDesktop%\Microsoft Access.lnk -> [Ver = | Size = 2457 bytes | Modified Date = 14/01/2008 23:47:11 | Attr = ]
Microsoft Word.lnk -> %UserDesktop%\Microsoft Word.lnk -> [Ver = | Size = 2483 bytes | Modified Date = 26/12/2007 18:34:18 | Attr = ]
SUPERAntiSpyware.exe -> %UserDesktop%\SUPERAntiSpyware.exe -> [Ver = | Size = 5914648 bytes | Modified Date = 22/01/2008 11:44:00 | Attr = ]
VundoFix.exe -> %UserDesktop%\VundoFix.exe -> Atribune.org [Ver = 6.07.0007 | Size = 132608 bytes | Modified Date = 22/01/2008 11:42:10 | Attr = ]
WinPFind35u -> %UserDesktop%\WinPFind35u -> [Folder | Modified Date = 22/01/2008 20:37:23 | Attr = ]
WinPFind35u.exe -> %UserDesktop%\WinPFind35u.exe -> [Ver = | Size = 477456 bytes | Modified Date = 22/01/2008 17:17:08 | Attr = ]
Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Modified Date = 12/01/2008 14:22:34 | Attr = ]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 4096 bytes | Modified Date = 22/01/2008 20:51:11 | Attr = ]
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 4096 bytes | Modified Date = 22/01/2008 20:51:11 | Attr = ]
data.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\data.dat -> [Ver = | Size = 1388 bytes | Modified Date = 11/10/2007 22:44:58 | Attr = ]

< End of report >

#9 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:09:16 AM

Posted 22 January 2008 - 10:05 PM

Hi Cunnysmythe. That looks better. It's still there but has a much smaller footprint. Let's hit it again.

Step #1

Download The Avenger by Swandog46 to your Desktop.
  • Click on Avenger.zip to open the file
  • Extract avenger.exe to your desktop
Step #2

Copy all the text contained in the code box below to your Clipboard by highlighting it and pressing (Ctrl+C):

Files to delete:
c:\windows\system32\drivers\svchost.exe
c:\windows\system32\nnnlk.exe
c:\windows\system32\dxdss.sys
c:\windows\system32\imon1.dat
c:\windows\system32\klnnn.ini
c:\windows\system32\klnnn.ini2
c:\windows\system32\nnnlk.dll
c:\windows\system32\nnnlk.exe
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

Step #3

Now, start The Avenger program by clicking on its icon on your desktop.
  • Under "Script file to execute" choose "Input Script Manually".
  • Now click on the Magnifying Glass icon which will open a new window titled "View/edit script"
  • Paste the text copied to clipboard into this window by pressing (Ctrl+V).
  • Click Done
  • Now click on the Green Light to begin execution of the script
  • Answer "Yes" twice when prompted.
The Avenger will automatically do the following:
  • It will Restart your computer. ( In cases where the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.)
  • On reboot, it will briefly open a black command window on your desktop, this is normal.
  • After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
  • The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
Step #4
  • Double-click VundoFix.exe to run it.
  • Click the Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.
  • Please post the contents of C:\vundofix.txt and a new HiJackThis log.
Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button." when VundoFix appears at reboot.

Step #5

Start WinPFind35U. Copy/Paste the information in the codebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

[Kill Explorer]
[Unregister Dlls]
[Processes - Non-Microsoft Only]
YY -> svchost.exe -> %System32%\drivers\svchost.exe []
[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
NY ->  -> 
YY -> Easy-PrintToolBox -> %ProgramFiles%\Canon\Easy-PrintToolBox\BJPSMAIN.EXE
YY -> egui -> %ProgramFiles%\ESET\ESET Smart Security\egui.exe
YY -> HotKeysCmds -> %System32%\hkcmd.exe
YY -> IgfxTray -> %System32%\igfxtray.exe
YY -> Kernel32 -> %System32%\drivers\svchost.exe
YY -> nod32kui -> %ProgramFiles%\Eset\nod32kui.exe
YY -> PRONoMgr.exe -> %ProgramFiles%\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
YY -> SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_03\bin\jusched.exe
YY -> SynTPEnh -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
YY -> SynTPLpr -> %ProgramFiles%\Synaptics\SynTP\SynTPLpr.exe
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YY -> ctfmon.exe -> %System32%\ctfmon.exe
< Windows NT\\Load [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\load
YY -> C:\WINDOWS\system32\nnnlk.exe -> %System32%\nnnlk.exe
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
YY -> {B7CFFC6B-64F9-4921-97A6-805D7C5757D3} [HKEY_LOCAL_MACHINE] -> %System32%\nnnlk.dll [Reg Error: Value does not exist or could not be read.]
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
YN -> ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
YN -> ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
YN -> WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
[Files/Folders - Created Within 30 days]
YY -> dxdss.sys -> %System32%\dxdss.sys
NY -> imon1.dat -> %System32%\imon1.dat
NY -> klnnn.ini -> %System32%\klnnn.ini
NY -> klnnn.ini2 -> %System32%\klnnn.ini2
NY -> nnnlk.dll -> %System32%\nnnlk.dll
NY -> nnnlk.exe -> %System32%\nnnlk.exe
[Files/Folders - Modified Within 30 days]
NY -> svchost.exe -> %System32%\drivers\svchost.exe
NY -> dxdss.sys -> %System32%\dxdss.sys
NY -> imon1.dat -> %System32%\imon1.dat
NY -> klnnn.ini -> %System32%\klnnn.ini
NY -> klnnn.ini2 -> %System32%\klnnn.ini2
NY -> nnnlk.dll -> %System32%\nnnlk.dll
NY -> nnnlk.exe -> %System32%\nnnlk.exe
[Empty Temp Folders]
[Start Explorer]

The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix.

Step #6

Run a new WinPFind35u scan with the following options:

Note: You must be logged on to the system with an account that has Administrator privileges to run this program.
  • Close ALL OTHER PROGRAMS.
  • Open the WinPFind3u folder and double-click on WinPFind35U.exe to start the program.
  • In the Driver Services section click on Non-Microsoft.
  • Under Additional Scans click the checkboxes in front of the following items to select them:

    • File - Additional Folder Scans
  • Do not change any other settings.
  • Now click the Run Scan button on the toolbar.
  • Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Step #7

Post the following back here:The Avenger report (c:\Avenger.txt)
The VundoFix log
The latest WinPFind35u fix log (in the WinPFind35u folder)
The new WinPFind35u scan log
I will review the information when it comes back in.

Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#10 Cunnysmythe

Cunnysmythe
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:02:16 PM

Posted 23 January 2008 - 01:47 PM

Thanks, OldTimer.

WinPFind35u stopped responding every time I ran the fix, including the times I tried safe mode, but I think it might have got to the end each time - The last command I could see was NY -> nnnlk.dll -> %System32%\nnnlk.dll, and it didn't scroll down. But since it never completed properly, I couldn't get a log. but it stopped responding every time.

Still, here we go:


Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\jcmqlufv

*******************

Script file located at: \??\C:\Program Files\coxwlxjp.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File c:\windows\system32\drivers\svchost.exe deleted successfully.
File c:\windows\system32\nnnlk.exe deleted successfully.
File c:\windows\system32\dxdss.sys deleted successfully.
File c:\windows\system32\imon1.dat deleted successfully.
File c:\windows\system32\klnnn.ini deleted successfully.
File c:\windows\system32\klnnn.ini2 deleted successfully.
File c:\windows\system32\nnnlk.dll deleted successfully.


File c:\windows\system32\nnnlk.exe not found!
Deletion of file c:\windows\system32\nnnlk.exe failed!

Could not process line:
c:\windows\system32\nnnlk.exe
Status: 0xc0000034


Completed script processing.

*******************

Finished! Terminate.


-----------------------------------



VundoFix V6.7.7

Checking Java version...

Scan started at 12:46:33 23/01/2008

Listing files found while scanning....


VundoFix V6.7.7

Checking Java version...

Scan started at 13:45:23 23/01/2008

Listing files found while scanning....

C:\WINDOWS\system32\klnnn.ini
C:\WINDOWS\system32\klnnn.ini2
C:\WINDOWS\system32\nnnlk.dll
C:\WINDOWS\system32\nnnlk.exe

Beginning removal...

Attempting to delete C:\WINDOWS\system32\klnnn.ini
C:\WINDOWS\system32\klnnn.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\klnnn.ini2
C:\WINDOWS\system32\klnnn.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\nnnlk.dll
C:\WINDOWS\system32\nnnlk.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\nnnlk.exe
C:\WINDOWS\system32\nnnlk.exe Has been deleted!

Performing Repairs to the registry.
Done!


------------------------------------------


WinPFind35 logfile created on: 23/01/2008 18:34:03
WinPFind35U Version Beta31 Folder = C:\Documents and Settings\Administrator\Desktop\WinPFind35u
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)

223.48 Mb Total Physical Memory | 71.01 Mb Available Physical Memory | 31.77% Memory free
544.85 Mb Paging File | 333.17 Mb Available in Paging File | 61.15% Paging File free
Paging file location(s): C:\pagefile.sys 336 672;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27.95 Gb Total Space | 11.57 Gb Free Space | 41.42% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded

Computer Name: GLENDORA
Current User Name: Glendora Wooding
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user


[Processes - Non-Microsoft Only]
s24evmon.exe -> %System32%\S24EvMon.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 311363 bytes | Modified Date = 16/12/2003 15:42:32 | Attr = ]
aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft AB [Ver = 7, 0, 2, 5 | Size = 587096 bytes | Modified Date = 29/10/2007 13:27:04 | Attr = ]
applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 06/09/2007 13:28:18 | Attr = ]
ekrn.exe -> %ProgramFiles%\ESET\ESET Smart Security\ekrn.exe -> ESET [Ver = 3.0.621 | Size = 468224 bytes | Modified Date = 21/12/2007 08:21:16 | Attr = ]
regsrvc.exe -> %System32%\RegSrvc.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 122880 bytes | Modified Date = 16/12/2003 15:41:40 | Attr = ]
slserv.exe -> %System32%\slserv.exe -> [Ver = 2.80.00(24Apr2000) | Size = 45056 bytes | Modified Date = 16/01/2003 18:02:38 | Attr = ]
zcfgsvc.exe -> %System32%\ZCfgSvc.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 376832 bytes | Modified Date = 16/12/2003 15:47:42 | Attr = ]
1xconfig.exe -> %System32%\1XConfig.exe -> Intel [Ver = 8, 0, 0, 161 | Size = 184320 bytes | Modified Date = 16/12/2003 15:43:06 | Attr = ]
ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 700928 bytes | Modified Date = 23/01/2008 18:28:47 | Attr = ]
ituneshelper .exe -> %ProgramFiles%\iTunes\iTunesHelper .exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 267048 bytes | Modified Date = 23/01/2008 18:29:12 | Attr = ]
ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 504104 bytes | Modified Date = 11/12/2007 12:10:16 | Attr = ]
winpfind35u.exe -> %SystemDrive%\Documents and Settings\Administrator\Desktop\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.0.0 | Size = 306176 bytes | Modified Date = 21/01/2008 19:33:52 | Attr = ]

[Win32 Services - Non-Microsoft Only]
(aawservice) Ad-Aware 2007 Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft AB [Ver = 7, 0, 2, 5 | Size = 587096 bytes | Modified Date = 29/10/2007 13:27:04 | Attr = ]
(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 06/09/2007 13:28:18 | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 04/08/2004 07:56:48 | Attr = ]
(EhttpSrv) Eset HTTP Server [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\ESET\ESET Smart Security\EHttpSrv.exe -> ESET [Ver = 3.0.621 | Size = 19200 bytes | Modified Date = 21/12/2007 08:22:44 | Attr = ]
(ekrn) Eset Service [Win32_Own | Auto | Running] -> %ProgramFiles%\ESET\ESET Smart Security\ekrn.exe -> ESET [Ver = 3.0.621 | Size = 468224 bytes | Modified Date = 21/12/2007 08:21:16 | Attr = ]
(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.734.29932.beta | Size = 138168 bytes | Modified Date = 22/04/2007 00:59:09 | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 04/04/2005 00:41:10 | Attr = ]
(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 504104 bytes | Modified Date = 11/12/2007 12:10:16 | Attr = ]
(RegSrvc) RegSrvc [Win32_Own | Auto | Running] -> %System32%\RegSrvc.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 122880 bytes | Modified Date = 16/12/2003 15:41:40 | Attr = ]
(S24EventMonitor) Spectrum24 Event Monitor [Win32_Own | Auto | Running] -> %System32%\S24EvMon.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 311363 bytes | Modified Date = 16/12/2003 15:42:32 | Attr = ]
(SLService) SmartLinkService [Win32_Own | Auto | Running] -> %System32%\slserv.exe -> [Ver = 2.80.00(24Apr2000) | Size = 45056 bytes | Modified Date = 16/01/2003 18:02:38 | Attr = ]

[Driver Services - Non-Microsoft Only]
(Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found
(ALCXSENS) Service for WDM 3D Audio Driver [Kernel | On_Demand | Running] -> %System32%\drivers\ALCXSENS.SYS -> Sensaura Ltd [Ver = 5.10.00.3511D | Size = 391424 bytes | Modified Date = 11/12/2003 15:54:14 | Attr = ]
(ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Running] -> %System32%\drivers\ALCXWDM.SYS -> Realtek Semiconductor Corp. [Ver = 5.10.5420 | Size = 541548 bytes | Modified Date = 19/12/2003 12:07:50 | Attr = ]
(AliIde) AliIde [Kernel | Boot | Running] -> %System32%\drivers\aliide.sys -> Acer Laboratories Inc. [Ver = 1.20 | Size = 5248 bytes | Modified Date = 17/08/2001 19:51:56 | Attr = ]
(amdagp) AMD AGP Bus Filter Driver [Kernel | Boot | Running] -> %System32%\drivers\amdagp.sys -> Advanced Micro Devices, Inc. [Ver = 5.00 (xpsp_sp2_rtm.040803-2158) | Size = 43008 bytes | Modified Date = 04/08/2004 06:07:42 | Attr = ]
(asc) asc [Kernel | Boot | Running] -> %System32%\drivers\asc.sys -> Advanced System Products, Inc. [Ver = 2.9I-MS (XPClient.010817-1148) | Size = 26496 bytes | Modified Date = 17/08/2001 19:52:00 | Attr = ]
(asc3550) asc3550 [Kernel | Boot | Running] -> %System32%\drivers\asc3550.sys -> Advanced System Products, Inc. [Ver = 3.1E-MS (XPClient.010817-1148) | Size = 14848 bytes | Modified Date = 17/08/2001 19:51:58 | Attr = ]
(Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found
(Changer) Changer [Kernel | System | Stopped] -> -> File not found
(CLEVOIO) CLEVOIO [Kernel | Auto | Running] -> %System32%\drivers\CLEVOIO.sys -> CLEVO I/O Driver [Ver = 1, 0, 0, 4 | Size = 11520 bytes | Modified Date = 25/07/2003 23:31:50 | Attr = ]
(CmdIde) CmdIde [Kernel | Boot | Running] -> %System32%\drivers\cmdide.sys -> CMD Technology, Inc. [Ver = 2.0.7 (XPClient.010817-1148) | Size = 6656 bytes | Modified Date = 17/08/2001 19:51:54 | Attr = ]
(dac2w2k) dac2w2k [Kernel | Boot | Running] -> %System32%\drivers\dac2w2k.sys -> Mylex Corporation [Ver = 6.00-21 (XPClient.010817-1148) | Size = 179584 bytes | Modified Date = 17/08/2001 19:52:16 | Attr = ]
(dmboot) dmboot [Kernel | Disabled | Stopped] -> %System32%\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 799744 bytes | Modified Date = 04/08/2004 06:07:17 | Attr = ]
(dmio) dmio [Kernel | Disabled | Stopped] -> %System32%\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153344 bytes | Modified Date = 04/08/2004 06:07:16 | Attr = ]
(dmload) dmload [Kernel | Disabled | Stopped] -> %System32%\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 31/03/2003 11:00:00 | Attr = ]
(eamon) eamon [Kernel | Auto | Running] -> %System32%\drivers\eamon.sys -> ESET [Ver = 3.0.621 | Size = 39944 bytes | Modified Date = 21/12/2007 08:19:54 | Attr = ]
(easdrv) easdrv [Kernel | System | Running] -> %System32%\drivers\easdrv.sys -> ESET [Ver = 3.0.621 | Size = 30216 bytes | Modified Date = 21/12/2007 08:20:14 | Attr = ]
(epfw) epfw [Kernel | Auto | Running] -> %System32%\drivers\epfw.sys -> ESET [Ver = 3.0.621 | Size = 71176 bytes | Modified Date = 21/12/2007 08:21:46 | Attr = ]
(Epfwndis) Eset Personal Firewall [Kernel | On_Demand | Running] -> %System32%\drivers\epfwndis.sys -> ESET [Ver = 3.0.621 | Size = 30728 bytes | Modified Date = 21/12/2007 08:21:52 | Attr = ]
(epfwtdi) epfwtdi [Kernel | System | Running] -> %System32%\drivers\epfwtdi.sys -> ESET [Ver = 3.0.621 | Size = 53768 bytes | Modified Date = 21/12/2007 08:21:54 | Attr = ]
(GEARAspiWDM) GEAR CDRom Filter [Kernel | On_Demand | Running] -> %System32%\drivers\GEARAspiWDM.sys -> GEAR Software Inc. [Ver = 2.0.6.1 | Size = 15664 bytes | Modified Date = 19/09/2006 15:44:04 | Attr = ]
(ialm) ialm [Kernel | On_Demand | Running] -> %System32%\drivers\ialmnt5.sys -> Intel Corporation [Ver = 6.13.10.3514 | Size = 90907 bytes | Modified Date = 23/04/2003 02:10:06 | Attr = ]
(Iviaspi) IVI ASPI Shell [Kernel | On_Demand | Running] -> %System32%\drivers\iviaspi.sys -> InterVideo, Inc. [Ver = 1, 0, 0, 0 | Size = 21060 bytes | Modified Date = 10/09/2003 22:36:54 | Attr = ]
(lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found
(mcdbus) Driver for MagicISO SCSI Host Controller [Kernel | On_Demand | Stopped] -> system32\DRIVERS\mcdbus.sys -> File not found
(MDC8021X) AEGIS Protocol (IEEE 802.1x) v2.2.1.0 [Kernel | Auto | Running] -> %System32%\drivers\mdc8021x.sys -> Meetinghouse Data Communications [Ver = 2.2.1.0 | Size = 14037 bytes | Modified Date = 05/07/2004 09:42:32 | Attr = ]
(mp32) mp3 audio [Kernel | System | Stopped] -> %System32%\dxdss.sys -> File not found
(mraid35x) mraid35x [Kernel | Boot | Running] -> %System32%\drivers\mraid35x.sys -> American Megatrends Inc. [Ver = 6.19 (XPClient.010817-1148) | Size = 17280 bytes | Modified Date = 17/08/2001 19:52:12 | Attr = ]
(Mtlmnt5) Mtlmnt5 [Kernel | On_Demand | Running] -> %System32%\drivers\mtlmnt5.sys -> [Ver = 3.20.03 | Size = 210128 bytes | Modified Date = 06/02/2003 10:22:38 | Attr = ]
(Mtlstrm) Mtlstrm [Kernel | On_Demand | Stopped] -> %System32%\drivers\mtlstrm.sys -> [Ver = 3.20.03 | Size = 1290760 bytes | Modified Date = 06/02/2003 10:25:00 | Attr = ]
(NtMtlFax) NtMtlFax [Kernel | On_Demand | Stopped] -> %System32%\drivers\ntmtlfax.sys -> [Ver = 3.20.03 | Size = 162136 bytes | Modified Date = 05/02/2003 08:25:56 | Attr = ]
(PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found
(PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found
(PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found
(PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %System32%\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 31/03/2003 11:00:00 | Attr = ]
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %System32%\drivers\PxHelp20.sys -> Sonic Solutions [Ver = 3.00.56a | Size = 43528 bytes | Modified Date = 20/10/2007 00:56:10 | Attr = ]
(ql1080) ql1080 [Kernel | Boot | Running] -> %System32%\drivers\ql1080.sys -> QLogic Corporation [Ver = 3.04 | Size = 40320 bytes | Modified Date = 17/08/2001 19:52:20 | Attr = ]
(ql12160) ql12160 [Kernel | Boot | Running] -> %System32%\drivers\ql12160.sys -> QLogic Corporation [Ver = 7.13.02 (W64) | Size = 45312 bytes | Modified Date = 17/08/2001 19:52:20 | Attr = ]
(ql1280) ql1280 [Kernel | Boot | Running] -> %System32%\drivers\ql1280.sys -> QLogic Corporation [Ver = 7.13.01 (W2K) | Size = 49024 bytes | Modified Date = 17/08/2001 19:52:18 | Attr = ]
(RecAgent) RecAgent [Kernel | On_Demand | Stopped] -> %System32%\drivers\recagent.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 13776 bytes | Modified Date = 04/08/2004 05:41:39 | Attr = ]
(rtl8139) Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver [Kernel | On_Demand | Running] -> %System32%\drivers\R8139n51.sys -> Realtek Semiconductor Corporation [Ver = 5.505.1004.2002 built by: WinDDK | Size = 46976 bytes | Modified Date = 03/10/2002 18:04:10 | Attr = ]
(s24trans) WLAN Transport [Kernel | Auto | Running] -> %System32%\drivers\s24trans.sys -> Intel Corporation [Ver = 1, 0, 0, 0 | Size = 11258 bytes | Modified Date = 15/09/2003 09:20:18 | Attr = ]
(SASDIFSV) SASDIFSV [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\sasdifsv.sys -> [Ver = 1, 0, 0, 1006 | Size = 5632 bytes | Modified Date = 10/10/2006 13:53:48 | Attr = ]
(SASENUM) SASENUM [Kernel | On_Demand | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASENUM.SYS -> SuperAdBlocker, Inc. [Ver = 1, 0, 0, 1002 | Size = 4096 bytes | Modified Date = 16/02/2006 17:51:08 | Attr = R ]
(SASKUTIL) SASKUTIL [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASKUTIL.SYS -> [Ver = 1, 0, 0, 1036 | Size = 32256 bytes | Modified Date = 27/02/2007 12:39:26 | Attr = ]
(SE26bus) Sony Ericsson Device 038 Driver driver (WDM) [Kernel | On_Demand | Stopped] -> %System32%\drivers\SE26bus.sys -> MCCI [Ver = V4.34 | Size = 61600 bytes | Modified Date = 15/05/2006 13:59:04 | Attr = R ]
(SE26mdfl) Sony Ericsson Device 038 USB WMC Modem Filter [Kernel | On_Demand | Stopped] -> %System32%\drivers\SE26mdfl.sys -> MCCI [Ver = V4.34 | Size = 9360 bytes | Modified Date = 15/05/2006 13:59:08 | Attr = R ]
(SE26mdm) Sony Ericsson Device 038 USB WMC Modem Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\SE26mdm.sys -> MCCI [Ver = V4.34 | Size = 97184 bytes | Modified Date = 15/05/2006 13:59:08 | Attr = R ]
(SE26mgmt) Sony Ericsson Device 038 USB WMC Device Management Drivers (WDM) [Kernel | On_Demand | Stopped] -> %System32%\drivers\SE26mgmt.sys -> MCCI [Ver = V4.34 | Size = 88688 bytes | Modified Date = 15/05/2006 13:59:12 | Attr = R ]
(se26nd5) Sony Ericsson Device 038 USB Ethernet Emulation SEMC38 (NDIS) [Kernel | On_Demand | Stopped] -> %System32%\drivers\se26nd5.sys -> MCCI [Ver = V4.34 | Size = 18704 bytes | Modified Date = 15/05/2006 13:59:12 | Attr = R ]
(SE26obex) Sony Ericsson Device 038 USB WMC OBEX Interface [Kernel | On_Demand | Stopped] -> %System32%\drivers\SE26obex.sys -> MCCI [Ver = V4.34 | Size = 86560 bytes | Modified Date = 15/05/2006 13:59:14 | Attr = R ]
(se26unic) Sony Ericsson Device 038 USB Ethernet Emulation SEMC38 (WDM) [Kernel | On_Demand | Stopped] -> %System32%\drivers\se26unic.sys -> MCCI [Ver = V4.34 | Size = 90768 bytes | Modified Date = 15/05/2006 13:59:20 | Attr = R ]
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %System32%\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.03.086 | Size = 20480 bytes | Modified Date = 13/11/2007 10:25:53 | Attr = ]
(Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found
(sisagp) SIS AGP Bus Filter [Kernel | Boot | Running] -> %System32%\drivers\sisagp.sys -> Silicon Integrated Systems Corporation [Ver = 5.12.01.2010 (xpsp_sp2_rtm.040803-2158) | Size = 41088 bytes | Modified Date = 04/08/2004 06:07:42 | Attr = ]
(Slntamr) SmartLink AMR_PCI Driver [Kernel | On_Demand | Running] -> %System32%\drivers\slntamr.sys -> [Ver = 3.20.03 | Size = 506912 bytes | Modified Date = 05/02/2003 08:42:40 | Attr = ]
(SlNtHal) SlNtHal [Kernel | On_Demand | Stopped] -> %System32%\drivers\slnthal.sys -> [Ver = 3.20.03 | Size = 85520 bytes | Modified Date = 06/02/2003 10:23:16 | Attr = ]
(SlWdmSup) SlWdmSup [Kernel | On_Demand | Running] -> %System32%\drivers\slwdmsup.sys -> Vireo Software [Ver = 1.00 | Size = 39348 bytes | Modified Date = 16/01/2003 17:19:32 | Attr = ]
(Sparrow) Sparrow [Kernel | Boot | Running] -> %System32%\drivers\sparrow.sys -> Adaptec, Inc. [Ver = v2.0a (ReleaseBinaries.001205-1804) | Size = 19072 bytes | Modified Date = 17/08/2001 20:07:44 | Attr = ]
(sptd) sptd [Kernel | Boot | Running] -> %System32%\drivers\sptd.sys -> [Ver = | Size = 715248 bytes | Modified Date = 08/01/2008 00:20:57 | Attr = ]
(symc810) symc810 [Kernel | Boot | Running] -> %System32%\drivers\symc810.sys -> Symbios Logic Inc. [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 16256 bytes | Modified Date = 17/08/2001 20:07:34 | Attr = ]
(symc8xx) symc8xx [Kernel | Boot | Running] -> %System32%\drivers\symc8xx.sys -> LSI Logic [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 32640 bytes | Modified Date = 17/08/2001 20:07:36 | Attr = ]
(SymEvent) SymEvent [Kernel | On_Demand | Stopped] -> %ProgramFiles%\Symantec\SYMEVENT.SYS -> Symantec Corporation [Ver = 12.0.2.1 | Size = 107696 bytes | Modified Date = 14/02/2006 12:05:06 | Attr = ]
(sym_hi) sym_hi [Kernel | Boot | Running] -> %System32%\drivers\sym_hi.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 28384 bytes | Modified Date = 17/08/2001 20:07:40 | Attr = ]
(sym_u3) sym_u3 [Kernel | Boot | Running] -> %System32%\drivers\sym_u3.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 30688 bytes | Modified Date = 17/08/2001 20:07:42 | Attr = ]
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> %System32%\drivers\SynTP.sys -> Synaptics, Inc. [Ver = 7.2.5 06Dec02 | Size = 265008 bytes | Modified Date = 06/12/2002 07:26:02 | Attr = R ]
(uac4pdt) PDT USB Composite Class Filter Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\uac4pdt.sys -> Micronas GmbH [Ver = 1, 2, 0, 25 | Size = 15232 bytes | Modified Date = 24/02/2005 14:35:06 | Attr = R ]
(ultra) ultra [Kernel | Boot | Running] -> %System32%\drivers\ultra.sys -> Promise Technology, Inc. [Ver = 1.43 (Build 0603) | Size = 36736 bytes | Modified Date = 17/08/2001 19:52:22 | Attr = ]
(VGAORG) VGAORG [Kernel | Auto | Stopped] -> -> File not found
(w22n51) Intel® PRO/Wireless 2200 Adapter Driver [Kernel | On_Demand | Running] -> %System32%\drivers\w22n51.sys -> Intel® Corporation [Ver = 80012-9000 Driver | Size = 1646720 bytes | Modified Date = 02/01/2004 10:52:34 | Attr = R ]
(WDICA) WDICA [Kernel | On_Demand | Stopped] -> -> File not found
(ZSMC301b) CMM PC Camera [Kernel | On_Demand | Stopped] -> %System32%\drivers\usbVM31b.sys -> VM [Ver = 4.2.916.41 | Size = 94132 bytes | Modified Date = 03/04/2003 13:20:54 | Attr = ]
({6080A529-897E-4629-A488-ABA0C29B635E}) Intel® Graphics Platform (SoftBIOS) Driver [Kernel | On_Demand | Running] -> %System32%\drivers\ialmsbw.sys -> Intel Corporation [Ver = 6.13.10.3514 | Size = 113504 bytes | Modified Date = 23/04/2003 02:15:06 | Attr = ]
({D31A0762-0CEB-444e-ACFF-B049A1F6FE91}) Intel® Graphics Chipset (KCH) Driver [Kernel | On_Demand | Running] -> %System32%\drivers\ialmkchw.sys -> Intel Corporation [Ver = 6.13.10.3514 | Size = 78752 bytes | Modified Date = 23/04/2003 02:14:56 | Attr = ]
({E2B953A6-195A-44F9-9BA3-3D5F4E32BB55}) AIM 3.0 Part 01 Codec Driver CH-7009-A/CH-7011 [Kernel | On_Demand | Running] -> %System32%\drivers\wa301a.sys -> Intel Corporation [Ver = 4.13.10.3514 | Size = 33335 bytes | Modified Date = 23/04/2003 02:10:12 | Attr = ]

[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
Easy-PrintToolBox -> %ProgramFiles%\Canon\Easy-PrintToolBox\BJPSMAIN.EXE -> File not found
egui -> %ProgramFiles%\ESET\ESET Smart Security\egui.exe -> File not found
HotKeysCmds -> %System32%\hkcmd.exe -> File not found
IgfxTray -> %System32%\igfxtray.exe -> File not found
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 700928 bytes | Modified Date = 23/01/2008 18:28:47 | Attr = ]
Kernel32 -> %System32%\drivers\svchost.exe -> File not found
nod32kui -> %ProgramFiles%\Eset\nod32kui.exe -> File not found
PRONoMgr.exe -> %ProgramFiles%\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe -> File not found
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_03\bin\jusched.exe -> File not found
SynTPEnh -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> File not found
SynTPLpr -> %ProgramFiles%\Synaptics\SynTP\SynTPLpr.exe -> File not found
< OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL-> Installed = 1 ->
MAPI-> Installed = 1 ->
MSFS-> Installed = 1 ->
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
ctfmon.exe -> %System32%\ctfmon.exe -> File not found
SUPERAntiSpyware -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe -> SUPERAntiSpyware.com [Ver = 3, 9, 0, 1008 | Size = 1771008 bytes | Modified Date = 23/01/2008 18:28:20 | Attr = ]
< Windows NT\\Load [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\load ->
C:\WINDOWS\system32\nnnlk.exe -> %System32%\nnnlk.exe -> [Ver = | Size = 338432 bytes | Modified Date = 23/01/2008 18:23:18 | Attr = ]
*MultiFile Done* -> ->
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
< Glendora Wooding Startup Folder > -> C:\Documents and Settings\Glendora Wooding\Start Menu\Programs\Startup ->
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> SuperAdBlocker.com [Ver = 1, 0, 0, 1008 | Size = 77824 bytes | Modified Date = 20/12/2006 13:55:48 | Attr = ]
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
!SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.dll -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1046 | Size = 294912 bytes | Modified Date = 19/04/2007 13:41:36 | Attr = ]
igfxcui -> %System32%\igfxsrvc.dll -> Intel Corporation [Ver = 3,0,0,2104 | Size = 315392 bytes | Modified Date = 06/04/2003 16:06:48 | Attr = ]
Sebring -> %System32%\LgNotify.dll -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 110592 bytes | Modified Date = 16/12/2003 15:49:34 | Attr = ]
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
< HOSTS File > (223724 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://uk.yahoo.com ->
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://uk.yahoo.com ->
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://www.google.com/ie ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\Search Page -> http://www.google.com ->
HKEY_CURRENT_USER\: Main\\Start Page -> http://uk.yahoo.com ->
HKEY_CURRENT_USER\: SearchURL\\ -> http://www.google.com/keyword/%s[Reg Error: Value provider does not exist or could not be read.] ->
HKEY_CURRENT_USER\: URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Yahoo! Toolbar] -> File not found
HKEY_CURRENT_USER\: ProxyEnable -> 0 ->
HKEY_CURRENT_USER\: ProxyOverride -> <local> ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4179 domain(s) found. ->
35 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
.[msn] -> My Computer ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.9.2006121800 | Size = 59032 bytes | Modified Date = 18/12/2006 04:16:42 | Attr = ]
{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> Safer Networking Limited [Ver = 1, 5, 0, 8 | Size = 1122128 bytes | Modified Date = 31/08/2007 16:46:14 | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_04\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 509328 bytes | Modified Date = 14/12/2007 03:42:36 | Attr = ]
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar3.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 19/01/2007 22:55:32 | Attr = R ]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [Google Toolbar Notifier BHO] -> Google Inc. [Ver = 2, 0, 301, 7164 | Size = 325048 bytes | Modified Date = 16/10/2007 16:29:51 | Attr = ]
{B3705B1E-4497-42AA-A43F-2A67A8CC67C1} [HKEY_LOCAL_MACHINE] -> %System32%\nnnlk.dll [Reg Error: Value does not exist or could not be read.] -> [Ver = | Size = 334848 bytes | Modified Date = 23/01/2008 14:58:12 | Attr = ]
{E1290342-AAFF-4f7c-9F45-D665E4BF1A00} [HKEY_LOCAL_MACHINE] -> %System32%\ktask.dll [Google Module] -> Charter [Ver = 0, 1, 0, 1 | Size = 53760 bytes | Modified Date = 21/01/2008 23:23:40 | Attr = ]
{F10587E9-0E47-4CBE-84AE-7DD20B8684CC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Helper\superfindout.dll [e404mgr Class] -> [Ver = 1, 0, 0, 1 | Size = 15872 bytes | Modified Date = 22/01/2008 21:00:40 | Attr = ]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar3.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 19/01/2007 22:55:32 | Attr = R ]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Canon\Easy-WebPrint\Toolband.dll [Easy-WebPrint] -> [Ver = 2, 5, 1, 6 | Size = 405504 bytes | Modified Date = 26/08/2004 10:27:32 | Attr = ]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar3.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 19/01/2007 22:55:32 | Attr = R ]
ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar3.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 19/01/2007 22:55:32 | Attr = R ]
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Yahoo! Toolbar] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_04\bin\npjpi160_04.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 132496 bytes | Modified Date = 14/12/2007 03:42:37 | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_04\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 509328 bytes | Modified Date = 14/12/2007 03:42:36 | Attr = ]
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 5, 0, 8 | Size = 1122128 bytes | Modified Date = 31/08/2007 16:46:14 | Attr = ]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
Download All by FlashGet -> %ProgramFiles%\FlashGet\jc_all.htm -> File not found
Download using FlashGet -> %ProgramFiles%\FlashGet\jc_link.htm -> File not found
E&xport to Microsoft Excel -> -> File not found
Easy-WebPrint Add To Print List -> %ProgramFiles%\Canon\Easy-WebPrint\Resource.dll\RC_AddToList.htm -> File not found
Easy-WebPrint High Speed Print -> %ProgramFiles%\Canon\Easy-WebPrint\Resource.dll\RC_HSPrint.htm -> File not found
Easy-WebPrint Preview -> %ProgramFiles%\Canon\Easy-WebPrint\Resource.dll\RC_Preview.htm -> File not found
Easy-WebPrint Print -> %ProgramFiles%\Canon\Easy-WebPrint\Resource.dll\RC_Print.htm -> File not found
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find...=%s&mime=%s ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{20E84452-9651-4B70-BB06-A731EE2C9AB1} -> (1394 Net Adapter) ->
{211D2732-7838-4958-B95D-5BCDEFC682C7} -> (Intel® PRO/Wireless 2200BG Network Connection) ->
{A827AC52-F93C-4938-85F6-CAF906DFDE35} -> () ->
{BB8BF008-FEEF-4092-9D4D-A505EA66A0B7} -> (Sony Ericsson Device 038 USB Ethernet Emulation (NDIS 5)) ->
{C89C7A95-1336-4BDA-9F61-5962A41C5F51} -> (Realtek RTL8139/810x Family Fast Ethernet NIC) ->
{D3355E58-9713-48CB-A56B-733BDDA36F18} -> (1394 Net Adapter) ->
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found
msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[Java Plug-in 1.6.0_04] ->
{9F1C11AA-197B-4942-BA54-47A8489BB47F}[HKEY_LOCAL_MACHINE] -> http://v4.windowsupdate.microsoft.com/CAB/...8156.1850578704[Reg Error: Key does not exist or could not be opened.] ->
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[Java Plug-in 1.6.0_03] ->
{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[Java Plug-in 1.6.0_04] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[Java Plug-in 1.6.0_04] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flash...ent/swflash.cab[Shockwave Flash Object] ->



[Files/Folders - Created Within 30 days]
!KillBox -> %SystemDrive%\!KillBox -> [Folder | Created Date = 15/01/2008 01:29:47 | Attr = ]
avenger -> %SystemDrive%\avenger -> [Folder | Created Date = 23/01/2008 12:44:22 | Attr = ]
Deckard -> %SystemDrive%\Deckard -> [Folder | Created Date = 07/01/2008 23:07:19 | Attr = ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 234409984 bytes | Created Date = 23/01/2008 18:26:49 | Attr = HS]
Programas -> %SystemDrive%\Programas -> [Folder | Created Date = 07/01/2008 21:38:59 | Attr = ]
SUPERAntiSpyware.exe -> %SystemDrive%\SUPERAntiSpyware.exe -> [Ver = | Size = 5914648 bytes | Created Date = 22/01/2008 17:03:16 | Attr = ]
VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Created Date = 13/01/2008 03:44:01 | Attr = ]
VundoFix.exe -> %SystemDrive%\VundoFix.exe -> Atribune.org [Ver = 6.07.0007 | Size = 132608 bytes | Created Date = 22/01/2008 17:03:16 | Attr = ]
WinPFind35u.exe -> %SystemDrive%\WinPFind35u.exe -> [Ver = | Size = 476717 bytes | Created Date = 22/01/2008 17:03:20 | Attr = ]
3cwmcru.sys -> %System32%\dllcache\3cwmcru.sys -> 3Com, Inc. [Ver = 1.44.008.0020 | Size = 762780 bytes | Created Date = 22/01/2008 20:56:23 | Attr = ]
3dfxvs.dll -> %System32%\dllcache\3dfxvs.dll -> 3dfx Interactive, Inc. [Ver = 5.00.2489.0028 | Size = 689216 bytes | Created Date = 22/01/2008 20:56:23 | Attr = ]
3dfxvsm.sys -> %System32%\dllcache\3dfxvsm.sys -> 3dfx Interactive, Inc. [Ver = 5.00.2489.0028 | Size = 148352 bytes | Created Date = 22/01/2008 20:56:24 | Attr = ]
a3dapi.dll -> %System32%\dllcache\a3dapi.dll -> Aureal Inc. [Ver = 3.02 | Size = 462848 bytes | Created Date = 22/01/2008 20:56:27 | Attr = ]
ac97ali.sys -> %System32%\dllcache\ac97ali.sys -> Acer Laboratories Inc. [Ver = 5.12.01.6003 | Size = 231552 bytes | Created Date = 22/01/2008 20:56:28 | Attr = ]
ac97intc.sys -> %System32%\dllcache\ac97intc.sys -> Intel Corporation [Ver = 5.10.3523 built by: WinDDK | Size = 96256 bytes | Created Date = 22/01/2008 20:56:28 | Attr = ]
ac97sis.sys -> %System32%\dllcache\ac97sis.sys -> Silicon Integrated Systems Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 297728 bytes | Created Date = 22/01/2008 20:56:29 | Attr = ]
ac97via.sys -> %System32%\dllcache\ac97via.sys -> VIA Technologies, Inc. [Ver = 5.10.00.3622 built by: WinDDK | Size = 84480 bytes | Created Date = 22/01/2008 20:56:29 | Attr = ]
acerscad.dll -> %System32%\dllcache\acerscad.dll -> Color Flatbed Scanner [Ver = 1, 0, 0, 0 | Size = 61440 bytes | Created Date = 22/01/2008 20:56:30 | Attr = ]
adm8511.sys -> %System32%\dllcache\adm8511.sys -> ADMtek Incorporated [Ver = 2.04.2001.0719 built by: WinDDK | Size = 20160 bytes | Created Date = 22/01/2008 20:56:32 | Attr = ]
adm8810.sys -> %System32%\dllcache\adm8810.sys -> Aureal, Inc. [Ver = 5.12.01.3500 | Size = 584448 bytes | Created Date = 22/01/2008 20:56:32 | Attr = ]
adm8820.sys -> %System32%\dllcache\adm8820.sys -> Aureal, Inc. [Ver = 5.12.01.1500 | Size = 553984 bytes | Created Date = 22/01/2008 20:56:33 | Attr = ]
adm8830.sys -> %System32%\dllcache\adm8830.sys -> Aureal, Inc. [Ver = 5.12.01.2500 | Size = 747392 bytes | Created Date = 22/01/2008 20:56:33 | Attr = ]
admjoy.sys -> %System32%\dllcache\admjoy.sys -> Aureal, Inc. [Ver = 5.12.01.1500 | Size = 10880 bytes | Created Date = 22/01/2008 20:56:34 | Attr = ]
adptsf50.sys -> %System32%\dllcache\adptsf50.sys -> Adaptec, Inc [Ver = V5.10.22 | Size = 46112 bytes | Created Date = 22/01/2008 20:56:34 | Attr = ]
ali5261.sys -> %System32%\dllcache\ali5261.sys -> Acer Laboratories Inc. [Ver = 5.01.2462.0102 | Size = 27678 bytes | Created Date = 22/01/2008 20:56:42 | Attr = ]
alifir.sys -> %System32%\dllcache\alifir.sys -> Acer Laboratories Inc. [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 26624 bytes | Created Date = 22/01/2008 20:56:42 | Attr = ]
amb8002.sys -> %System32%\dllcache\amb8002.sys -> AmbiCom, Inc. [Ver = v3.03 | Size = 16969 bytes | Created Date = 22/01/2008 20:56:43 | Attr = ]
an983.sys -> %System32%\dllcache\an983.sys -> ADMtek Incorporated. [Ver = 2.17.1025.2001 built by: WinDDK | Size = 36224 bytes | Created Date = 22/01/2008 20:56:44 | Attr = ]
aspndis3.sys -> %System32%\dllcache\aspndis3.sys -> Bay Networks, Inc. [Ver = 3.23.11 | Size = 97354 bytes | Created Date = 22/01/2008 20:56:47 | Attr = ]
ati.sys -> %System32%\dllcache\ati.sys -> ATI Technologies, Inc. [Ver = 3.0.62 (XPClient.010817-1148) | Size = 77568 bytes | Created Date = 22/01/2008 20:56:48 | Attr = ]
atibt829.sys -> %System32%\dllcache\atibt829.sys -> [Ver = | Size = 46464 bytes | Created Date = 22/01/2008 20:56:50 | Attr = ]
atidrab.dll -> %System32%\dllcache\atidrab.dll -> ATI Technologies Inc. [Ver = 5.01.2195.5012 (ReleasedBinaries.010718-0005) | Size = 382592 bytes | Created Date = 22/01/2008 20:56:51 | Attr = ]
atidrae.dll -> %System32%\dllcache\atidrae.dll -> ATI Technologies Inc. [Ver = 5.1.2493.0 (Lab01_N(ericks).010612-1818) | Size = 137216 bytes | Created Date = 22/01/2008 20:56:51 | Attr = ]
atidvai.dll -> %System32%\dllcache\atidvai.dll -> ATI Technologies Inc. [Ver = 5.10.2280.1028 (ReleasedBinaries.010715-1631) | Size = 268160 bytes | Created Date = 22/01/2008 20:56:51 | Attr = ]
atimpab.sys -> %System32%\dllcache\atimpab.sys -> ATI Technologies Inc. [Ver = 5.00.2195.5007 (ReleasedBinaries.010718-0005) | Size = 289664 bytes | Created Date = 22/01/2008 20:56:52 | Attr = ]
atimpae.sys -> %System32%\dllcache\atimpae.sys -> ATI Technologies Inc. [Ver = 5.1.2493.0 (Lab01_N(ericks).010612-1818) | Size = 75136 bytes | Created Date = 22/01/2008 20:56:52 | Attr = ]
atimtai.sys -> %System32%\dllcache\atimtai.sys -> ATI Technologies Inc. [Ver = 5.13.01.1140 (ReleasedBinaries.010715-1631) | Size = 281600 bytes | Created Date = 22/01/2008 20:56:53 | Attr = ]
atipcxxx.sys -> %System32%\dllcache\atipcxxx.sys -> [Ver = | Size = 10240 bytes | Created Date = 22/01/2008 20:56:54 | Attr = ]
atiraged.dll -> %System32%\dllcache\atiraged.dll -> ATI Technologies Inc. [Ver = 5.1.2493.0 (Lab01_N(ericks).010612-1818) | Size = 104832 bytes | Created Date = 22/01/2008 20:56:54 | Attr = ]
atiragem.sys -> %System32%\dllcache\atiragem.sys -> ATI Technologies Inc. [Ver = 5.1.2493.0 (Lab01_N(ericks).010612-1818) | Size = 70528 bytes | Created Date = 22/01/2008 20:56:55 | Attr = ]
atirtcap.sys -> %System32%\dllcache\atirtcap.sys -> [Ver = | Size = 49920 bytes | Created Date = 22/01/2008 20:56:55 | Attr = ]
atirtsnd.sys -> %System32%\dllcache\atirtsnd.sys -> [Ver = | Size = 26880 bytes | Created Date = 22/01/2008 20:56:55 | Attr = ]
atitunep.sys -> %System32%\dllcache\atitunep.sys -> [Ver = | Size = 17152 bytes | Created Date = 22/01/2008 20:56:56 | Attr = ]
atitvsnd.sys -> %System32%\dllcache\atitvsnd.sys -> [Ver = | Size = 17152 bytes | Created Date = 22/01/2008 20:56:56 | Attr = ]
ativmdcd.sys -> %System32%\dllcache\ativmdcd.sys -> [Ver = | Size = 9472 bytes | Created Date = 22/01/2008 20:56:56 | Attr = ]
ativttxx.sys -> %System32%\dllcache\ativttxx.sys -> [Ver = | Size = 19456 bytes | Created Date = 22/01/2008 20:56:56 | Attr = ]
ativxbar.sys -> %System32%\dllcache\ativxbar.sys -> [Ver = | Size = 26624 bytes | Created Date = 22/01/2008 20:56:57 | Attr = ]
atixbar.sys -> %System32%\dllcache\atixbar.sys -> [Ver = | Size = 23552 bytes | Created Date = 22/01/2008 20:56:57 | Attr = ]
avmcoxp.dll -> %System32%\dllcache\avmcoxp.dll -> AVM GmbH [Ver = 2.4 | Size = 87552 bytes | Created Date = 22/01/2008 20:57:02 | Attr = ]
avmenum.dll -> %System32%\dllcache\avmenum.dll -> AVM GmbH [Ver = 1, 0, 0, 3 | Size = 144384 bytes | Created Date = 22/01/2008 20:57:03 | Attr = ]
avmwan.sys -> %System32%\dllcache\avmwan.sys -> AVM GmbH [Ver = 02.04.00 | Size = 37568 bytes | Created Date = 22/01/2008 20:57:03 | Attr = ]
aztw2320.sys -> %System32%\dllcache\aztw2320.sys -> Aztech Systems Ltd [Ver = 5.1.2501.0 built by: WinDDK | Size = 36992 bytes | Created Date = 22/01/2008 20:57:03 | Attr = ]
b1cbase.sys -> %System32%\dllcache\b1cbase.sys -> AVM GmbH [Ver = 5.2 | Size = 89952 bytes | Created Date = 22/01/2008 20:57:04 | Attr = ]
b57xp32.sys -> %System32%\dllcache\b57xp32.sys -> Broadcom Corporation [Ver = 2.16b.0.0 built by: WinDDK | Size = 96640 bytes | Created Date = 22/01/2008 20:57:04 | Attr = ]
banshee.dll -> %System32%\dllcache\banshee.dll -> 3Dfx Interactive, Inc. [Ver = 5.00.2462.60 | Size = 342336 bytes | Created Date = 22/01/2008 20:57:04 | Attr = ]
banshee.sys -> %System32%\dllcache\banshee.sys -> 3Dfx Interactive, Inc. [Ver = 5.00.2462.60 | Size = 36128 bytes | Created Date = 22/01/2008 20:57:05 | Attr = ]
bcm42u.sys -> %System32%\dllcache\bcm42u.sys -> Broadcom Corporation [Ver = 2.29.0.8 | Size = 66557 bytes | Created Date = 22/01/2008 20:57:06 | Attr = ]
bcm42xx5.sys -> %System32%\dllcache\bcm42xx5.sys -> Broadcom Corporation [Ver = 2.31.0.2 | Size = 54271 bytes | Created Date = 22/01/2008 20:57:06 | Attr = ]
bcm4e5.sys -> %System32%\dllcache\bcm4e5.sys -> Broadcom Corporation [Ver = 2.31.0.2 | Size = 26568 bytes | Created Date = 22/01/2008 20:57:06 | Attr = ]
bcmdm.sys -> %System32%\dllcache\bcmdm.sys -> BCM [Ver = 3.2.12.9 07/17/2001 14:21:30 | Size = 871388 bytes | Created Date = 22/01/2008 20:57:07 | Attr = ]
brbidiif.dll -> %System32%\dllcache\brbidiif.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 19456 bytes | Created Date = 22/01/2008 20:57:09 | Attr = ]
brcoinst.dll -> %System32%\dllcache\brcoinst.dll -> Brother Industries Ltd. [Ver = 1.0.0.8 (Lab06_N.010129-0357) | Size = 9728 bytes | Created Date = 22/01/2008 20:57:09 | Attr = ]
brevif.dll -> %System32%\dllcache\brevif.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 12800 bytes | Created Date = 22/01/2008 20:57:10 | Attr = ]
brfilt.sys -> %System32%\dllcache\brfilt.sys -> Brother Industries Ltd. [Ver = 1.0.0.0 (Lab06_N.010129-0357) | Size = 2944 bytes | Created Date = 22/01/2008 20:57:10 | Attr = ]
brfiltlo.sys -> %System32%\dllcache\brfiltlo.sys -> Brother Industries, Ltd. [Ver = 1.09.000 (Lab06_N.010129-0357) | Size = 12160 bytes | Created Date = 22/01/2008 20:57:10 | Attr = ]
brfiltup.sys -> %System32%\dllcache\brfiltup.sys -> Brother Industries, Ltd. [Ver = 1.04.000 (Lab06_N.010129-0357) | Size = 3968 bytes | Created Date = 22/01/2008 20:57:11 | Attr = ]
brmfbidi.dll -> %System32%\dllcache\brmfbidi.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 15360 bytes | Created Date = 22/01/2008 20:57:11 | Attr = ]
brmflpt.dll -> %System32%\dllcache\brmflpt.dll -> Brother Industries, Ltd. [Ver = 1.45.15.346 | Size = 29696 bytes | Created Date = 22/01/2008 20:57:12 | Attr = ]
brmfrsmg.exe -> %System32%\dllcache\brmfrsmg.exe -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 32256 bytes | Created Date = 22/01/2008 20:57:12 | Attr = ]
brmfusb.dll -> %System32%\dllcache\brmfusb.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 41472 bytes | Created Date = 22/01/2008 20:57:12 | Attr = ]
brparimg.sys -> %System32%\dllcache\brparimg.sys -> Brother Industries Ltd. [Ver = 1.0.0.0 (Lab06_N.010129-0357) | Size = 3168 bytes | Created Date = 22/01/2008 20:57:13 | Attr = ]
brparwdm.sys -> %System32%\dllcache\brparwdm.sys -> Brother Industries Ltd. [Ver = 1.00 | Size = 39552 bytes | Created Date = 22/01/2008 20:57:13 | Attr = ]
brscnrsm.dll -> %System32%\dllcache\brscnrsm.dll -> Brother Industries,Ltd. [Ver = 1.0.0.14 | Size = 5120 bytes | Created Date = 22/01/2008 20:57:14 | Attr = ]
brserif.dll -> %System32%\dllcache\brserif.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 9728 bytes | Created Date = 22/01/2008 20:57:14 | Attr = ]
brserwdm.sys -> %System32%\dllcache\brserwdm.sys -> Brother Industries Ltd. [Ver = 1.0.0.15 (Lab06_N.010129-0357) | Size = 60416 bytes | Created Date = 22/01/2008 20:57:15 | Attr = ]
brusbmdm.sys -> %System32%\dllcache\brusbmdm.sys -> Brother Industries Ltd. [Ver = 1,0,0,7 (Lab06_N.010129-0357) | Size = 11008 bytes | Created Date = 22/01/2008 20:57:15 | Attr = ]
brusbscn.sys -> %System32%\dllcache\brusbscn.sys -> Brother Industries Ltd. [Ver = 1,0,0,6 (Lab06_N.010129-0357) | Size = 10368 bytes | Created Date = 22/01/2008 20:57:15 | Attr = ]
brzwlan.sys -> %System32%\dllcache\brzwlan.sys -> BreezeCOM [Ver = 4.4.1.18 | Size = 31529 bytes | Created Date = 22/01/2008 20:57:15 | Attr = ]
cap7146.sys -> %System32%\dllcache\cap7146.sys -> Philips Semiconductors GmbH [Ver = 1.00 (XPClient.010817-1148) | Size = 54528 bytes | Created Date = 22/01/2008 20:57:41 | Attr = ]
cb102.sys -> %System32%\dllcache\cb102.sys -> Fast Ethernet Controller Provider [Ver = 2.20.0.0 | Size = 37916 bytes | Created Date = 22/01/2008 20:57:46 | Attr = ]
cb325.sys -> %System32%\dllcache\cb325.sys -> Silicom Ltd. [Ver = 4.106.24 | Size = 39680 bytes | Created Date = 22/01/2008 20:57:47 | Attr = ]
cben5.sys -> %System32%\dllcache\cben5.sys -> Xircom, Inc. [Ver = 3.14.05.00 | Size = 46108 bytes | Created Date = 22/01/2008 20:57:47 | Attr = ]
cbmdmkxx.sys -> %System32%\dllcache\cbmdmkxx.sys -> Xircom, Inc. [Ver = 1.90.7 | Size = 714698 bytes | Created Date = 22/01/2008 20:57:49 | Attr = ]
ce2n5.sys -> %System32%\dllcache\ce2n5.sys -> Xircom, Inc. [Ver = 3.06.04.00 | Size = 21530 bytes | Created Date = 22/01/2008 20:57:52 | Attr = ]
ce3n5.sys -> %System32%\dllcache\ce3n5.sys -> Xircom, Inc. [Ver = 2.11.01.00 | Size = 27164 bytes | Created Date = 22/01/2008 20:57:52 | Attr = ]
cem28n5.sys -> %System32%\dllcache\cem28n5.sys -> Xircom, Inc. [Ver = 1.22.02.00 | Size = 22044 bytes | Created Date = 22/01/2008 20:57:53 | Attr = ]
cem33n5.sys -> %System32%\dllcache\cem33n5.sys -> Xircom, Inc. [Ver = 1.22.02.00 | Size = 22044 bytes | Created Date = 22/01/2008 20:57:53 | Attr = ]
cem56n5.sys -> %System32%\dllcache\cem56n5.sys -> Xircom, Inc. [Ver = 2.70.02.00 | Size = 49182 bytes | Created Date = 22/01/2008 20:57:53 | Attr = ]
cicap.sys -> %System32%\dllcache\cicap.sys -> Xircom [Ver = 4.0.0.41 | Size = 980034 bytes | Created Date = 22/01/2008 20:57:57 | Attr = ]
cinemclc.sys -> %System32%\dllcache\cinemclc.sys -> RAVISENT Technologies Inc. [Ver = 5.0.00.0081 | Size = 272640 bytes | Created Date = 22/01/2008 20:57:58 | Attr = ]
cmbp0wdm.sys -> %System32%\dllcache\cmbp0wdm.sys -> OMNIKEY AG [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 20736 bytes | Created Date = 22/01/2008 20:58:02 | Attr = ]
cnxt1803.sys -> %System32%\dllcache\cnxt1803.sys -> Conexant Systems, Inc. [Ver = V1.15.7 | Size = 39936 bytes | Created Date = 22/01/2008 20:58:04 | Attr = ]
cpqndis5.sys -> %System32%\dllcache\cpqndis5.sys -> Compaq Computer Corporation [Ver = 3.06.04.00 | Size = 21533 bytes | Created Date = 22/01/2008 20:58:08 | Attr = ]
cpqtrnd5.sys -> %System32%\dllcache\cpqtrnd5.sys -> Compaq Computer Corp. [Ver = 5.84.02 | Size = 60970 bytes | Created Date = 22/01/2008 20:58:09 | Attr = ]
cpscan.dll -> %System32%\dllcache\cpscan.dll -> COMPAQ Inc. [Ver = 1.0.0.7 | Size = 216064 bytes | Created Date = 22/01/2008 20:58:10 | Attr = ]
crtaud.sys -> %System32%\dllcache\crtaud.sys -> Conexant Systems Inc. [Ver = 5.12.01.0326 | Size = 42112 bytes | Created Date = 22/01/2008 20:58:10 | Attr = ]
ctlfacem.sys -> %System32%\dllcache\ctlfacem.sys -> Creative Technology Ltd. [Ver = 5.12.01.2108 built by: WinDDK | Size = 6912 bytes | Created Date = 22/01/2008 20:58:12 | Attr = ]
ctljystk.sys -> %System32%\dllcache\ctljystk.sys -> Creative Technology Ltd. [Ver = 5.1.2501.0 built by: WinDDK | Size = 3712 bytes | Created Date = 22/01/2008 20:58:12 | Attr = ]
ctlsb16.sys -> %System32%\dllcache\ctlsb16.sys -> Copyright © Creative Technology Ltd. 1994-2001 [Ver = 5.1.2501.0 built by: WinDDK | Size = 96256 bytes | Created Date = 22/01/2008 20:58:13 | Attr = ]
ctmasetp.dll -> %System32%\dllcache\ctmasetp.dll -> Comtrol® Corporation [Ver = 5.1.2600.2180 | Size = 249856 bytes | Created Date = 22/01/2008 20:58:13 | Attr = ]
ctwdm32.dll -> %System32%\dllcache\ctwdm32.dll -> Creative Technology Ltd. [Ver = 5.0.0.2001 | Size = 4096 bytes | Created Date = 22/01/2008 20:58:14 | Attr = ]
cwbase.sys -> %System32%\dllcache\cwbase.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 3072 bytes | Created Date = 22/01/2008 20:58:14 | Attr = ]
cwbmidi.sys -> %System32%\dllcache\cwbmidi.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 3072 bytes | Created Date = 22/01/2008 20:58:14 | Attr = ]
cwbwdm.sys -> %System32%\dllcache\cwbwdm.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 72832 bytes | Created Date = 22/01/2008 20:58:15 | Attr = ]
cwcosnt5.sys -> %System32%\dllcache\cwcosnt5.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 3584 bytes | Created Date = 22/01/2008 20:58:15 | Attr = ]
cwcspud.sys -> %System32%\dllcache\cwcspud.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 111872 bytes | Created Date = 22/01/2008 20:58:15 | Attr = ]
cwcwdm.sys -> %System32%\dllcache\cwcwdm.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 93952 bytes | Created Date = 22/01/2008 20:58:16 | Attr = ]
cwrwdm.sys -> %System32%\dllcache\cwrwdm.sys -> Crystal Semiconductor Corp. [Ver = 5.2.3790.0 built by: WinDDK | Size = 48640 bytes | Created Date = 22/01/2008 20:58:16 | Attr = ]
c_10004.nls -> %System32%\dllcache\c_10004.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:19 | Attr = ]
c_10005.nls -> %System32%\dllcache\c_10005.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:19 | Attr = ]
c_10021.nls -> %System32%\dllcache\c_10021.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:19 | Attr = ]
c_1047.nls -> %System32%\dllcache\c_1047.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:20 | Attr = ]
c_1140.nls -> %System32%\dllcache\c_1140.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:20 | Attr = ]
c_1141.nls -> %System32%\dllcache\c_1141.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:21 | Attr = ]
c_1142.nls -> %System32%\dllcache\c_1142.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:21 | Attr = ]
c_1143.nls -> %System32%\dllcache\c_1143.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:21 | Attr = ]
c_1144.nls -> %System32%\dllcache\c_1144.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:21 | Attr = ]
c_1145.nls -> %System32%\dllcache\c_1145.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:21 | Attr = ]
c_1146.nls -> %System32%\dllcache\c_1146.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:22 | Attr = ]
c_1147.nls -> %System32%\dllcache\c_1147.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:22 | Attr = ]
c_1148.nls -> %System32%\dllcache\c_1148.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:22 | Attr = ]
c_1149.nls -> %System32%\dllcache\c_1149.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:22 | Attr = ]
c_20001.nls -> %System32%\dllcache\c_20001.nls -> [Ver = | Size = 186402 bytes | Created Date = 22/01/2008 20:57:24 | Attr = ]
c_20002.nls -> %System32%\dllcache\c_20002.nls -> [Ver = | Size = 173602 bytes | Created Date = 22/01/2008 20:57:24 | Attr = ]
c_20003.nls -> %System32%\dllcache\c_20003.nls -> [Ver = | Size = 185378 bytes | Created Date = 22/01/2008 20:57:24 | Attr = ]
c_20004.nls -> %System32%\dllcache\c_20004.nls -> [Ver = | Size = 180258 bytes | Created Date = 22/01/2008 20:57:25 | Attr = ]
c_20005.nls -> %System32%\dllcache\c_20005.nls -> [Ver = | Size = 187938 bytes | Created Date = 22/01/2008 20:57:25 | Attr = ]
c_20105.nls -> %System32%\dllcache\c_20105.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:25 | Attr = ]
c_20106.nls -> %System32%\dllcache\c_20106.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:25 | Attr = ]
c_20107.nls -> %System32%\dllcache\c_20107.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:25 | Attr = ]
c_20108.nls -> %System32%\dllcache\c_20108.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:26 | Attr = ]
c_20269.nls -> %System32%\dllcache\c_20269.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:26 | Attr = ]
c_20273.nls -> %System32%\dllcache\c_20273.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:26 | Attr = ]
c_20277.nls -> %System32%\dllcache\c_20277.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:26 | Attr = ]
c_20278.nls -> %System32%\dllcache\c_20278.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:27 | Attr = ]
c_20280.nls -> %System32%\dllcache\c_20280.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:27 | Attr = ]
c_20284.nls -> %System32%\dllcache\c_20284.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:27 | Attr = ]
c_20285.nls -> %System32%\dllcache\c_20285.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:27 | Attr = ]
c_20297.nls -> %System32%\dllcache\c_20297.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:27 | Attr = ]
c_20420.nls -> %System32%\dllcache\c_20420.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:28 | Attr = ]
c_20423.nls -> %System32%\dllcache\c_20423.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:28 | Attr = ]
c_20424.nls -> %System32%\dllcache\c_20424.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:28 | Attr = ]
c_20833.nls -> %System32%\dllcache\c_20833.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:28 | Attr = ]
c_20838.nls -> %System32%\dllcache\c_20838.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:28 | Attr = ]
c_20871.nls -> %System32%\dllcache\c_20871.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:29 | Attr = ]
c_20880.nls -> %System32%\dllcache\c_20880.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:29 | Attr = ]
c_20924.nls -> %System32%\dllcache\c_20924.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:29 | Attr = ]
c_21025.nls -> %System32%\dllcache\c_21025.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:30 | Attr = ]
c_28596.nls -> %System32%\dllcache\c_28596.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:31 | Attr = ]
c_708.nls -> %System32%\dllcache\c_708.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:31 | Attr = ]
c_720.nls -> %System32%\dllcache\c_720.nls -> [Ver = | Size = 66594 bytes | Created Date = 22/01/2008 20:57:32 | Attr = ]
c_858.nls -> %System32%\dllcache\c_858.nls -> [Ver = | Size = 66594 bytes | Created Date = 22/01/2008 20:57:32 | Attr = ]
c_862.nls -> %System32%\dllcache\c_862.nls -> [Ver = | Size = 66594 bytes | Created Date = 22/01/2008 20:57:32 | Attr = ]
c_864.nls -> %System32%\dllcache\c_864.nls -> [Ver = | Size = 66594 bytes | Created Date = 22/01/2008 20:57:32 | Attr = ]
c_870.nls -> %System32%\dllcache\c_870.nls -> [Ver = | Size = 66082 bytes | Created Date = 22/01/2008 20:57:33 | Attr = ]
d100ib5.sys -> %System32%\dllcache\d100ib5.sys -> Intel Corporation [Ver = 5.41.17.0000 built by: WinDDK | Size = 117760 bytes | Created Date = 22/01/2008 20:58:19 | Attr = ]
dc21x4.sys -> %System32%\dllcache\dc21x4.sys -> Intel Corporation. [Ver = 5.05.04 | Size = 63208 bytes | Created Date = 22/01/2008 20:58:24 | Attr = ]
defpa.sys -> %System32%\dllcache\defpa.sys -> Digital Networks, LLC [Ver = 5.5 built by: WinDDK | Size = 20928 bytes | Created Date = 22/01/2008 20:58:26 | Attr = ]
devcon32.dll -> %System32%\dllcache\devcon32.dll -> Creative Technology Ltd. [Ver = 4.06.651 | Size = 256512 bytes | Created Date = 22/01/2008 20:58:26 | Attr = ]
devldr32.exe -> %System32%\dllcache\devldr32.exe -> Creative Technology Ltd. [Ver = 1, 0, 0, 17 | Size = 24064 bytes | Created Date = 22/01/2008 20:58:27 | Attr = ]
dfe650.sys -> %System32%\dllcache\dfe650.sys -> D-Link [Ver = 5.00.2128.1 | Size = 24648 bytes | Created Date = 22/01/2008 20:58:27 | Attr = ]
dfe650d.sys -> %System32%\dllcache\dfe650d.sys -> D-Link [Ver = 5.00.2128.1 | Size = 24649 bytes | Created Date = 22/01/2008 20:58:28 | Attr = ]
dgapci.sys -> %System32%\dllcache\dgapci.sys -> Digi International Inc. [Ver = v3.7.3.0 | Size = 29531 bytes | Created Date = 22/01/2008 20:58:28 | Attr = ]
dgconfig.dll -> %System32%\dllcache\dgconfig.dll -> Digi International [Ver = v3.7.3.0 | Size = 419357 bytes | Created Date = 22/01/2008 20:58:29 | Attr = ]
diapi2.sys -> %System32%\dllcache\diapi2.sys -> Eicon Technology [Ver = 1.0.1.390 | Size = 164923 bytes | Created Date = 22/01/2008 20:57:42 | Attr = ]
diapi2NT.dll -> %System32%\dllcache\diapi2NT.dll -> Eicon Technology Corporation [Ver = 2.10 101-390 | Size = 32256 bytes | Created Date = 22/01/2008 20:57:43 | Attr = ]
digiasyn.dll -> %System32%\dllcache\digiasyn.dll -> Digi International Inc. [Ver = 3.10 | Size = 65622 bytes | Created Date = 22/01/2008 20:58:30 | Attr = ]
digiasyn.sys -> %System32%\dllcache\digiasyn.sys -> Digi International Inc. [Ver = 3.10 | Size = 37735 bytes | Created Date = 22/01/2008 20:58:30 | Attr = ]
digidbp.dll -> %System32%\dllcache\digidbp.dll -> Digi International Inc. [Ver = 3.10 | Size = 131156 bytes | Created Date = 22/01/2008 20:58:31 | Attr = ]
digidxb.sys -> %System32%\dllcache\digidxb.sys -> Digi International Inc. [Ver = 3.10 | Size = 103044 bytes | Created Date = 22/01/2008 20:58:31 | Attr = ]
digifep5.sys -> %System32%\dllcache\digifep5.sys -> Digi International Inc. [Ver = v3.7.3.0 | Size = 90525 bytes | Created Date = 22/01/2008 20:58:31 | Attr = ]
digifwrk.dll -> %System32%\dllcache\digifwrk.dll -> Digi International Inc. [Ver = 3.10 | Size = 229462 bytes | Created Date = 22/01/2008 20:58:31 | Attr = ]
digihlc.dll -> %System32%\dllcache\digihlc.dll -> Digi International Inc. [Ver = 3.10 | Size = 159828 bytes | Created Date = 22/01/2008 20:58:32 | Attr = ]
digiinf.dll -> %System32%\dllcache\digiinf.dll -> Digi International Inc. [Ver = 3.10 | Size = 102484 bytes | Created Date = 22/01/2008 20:58:32 | Attr = ]
digiisdn.dll -> %System32%\dllcache\digiisdn.dll -> Digi International Inc. [Ver = 3.10 | Size = 41046 bytes | Created Date = 22/01/2008 20:58:32 | Attr = ]
digiisdn.sys -> %System32%\dllcache\digiisdn.sys -> Digi International Inc. [Ver = 3.10 | Size = 21606 bytes | Created Date = 22/01/2008 20:58:33 | Attr = ]
digirlpt.dll -> %System32%\dllcache\digirlpt.dll -> Digi International, Inc. [Ver = 2.3.7 | Size = 110621 bytes | Created Date = 22/01/2008 20:58:33 | Attr = ]
digirlpt.sys -> %System32%\dllcache\digirlpt.sys -> Digi International, Inc. [Ver = 2.3.7 | Size = 42432 bytes | Created Date = 22/01/2008 20:58:33 | Attr = ]
digiview.exe -> %System32%\dllcache\digiview.exe -> Digi International Inc. [Ver = 3.10 | Size = 614429 bytes | Created Date = 22/01/2008 20:58:34 | Attr = ]
dimaint.sys -> %System32%\dllcache\dimaint.sys -> Eicon Technology [Ver = 2.0.1.315 | Size = 91305 bytes | Created Date = 22/01/2008 20:58:34 | Attr = ]
disrvci.dll -> %System32%\dllcache\disrvci.dll -> Eicon Technology [Ver = 2.0.1.73 | Size = 6729 bytes | Created Date = 22/01/2008 20:58:36 | Attr = ]
disrvpp.dll -> %System32%\dllcache\disrvpp.dll -> Eicon Technology [Ver = 2.0.1.73 | Size = 31305 bytes | Created Date = 22/01/2008 20:58:36 | Attr = ]
disrvsu.dll -> %System32%\dllcache\disrvsu.dll -> Eicon Technology [Ver = 2.0.1.73 | Size = 38985 bytes | Created Date = 22/01/2008 20:58:36 | Attr = ]
ditrace.exe -> %System32%\dllcache\ditrace.exe -> Eicon Technology [Ver = 2.0.1.315 | Size = 236060 bytes | Created Date = 22/01/2008 20:58:37 | Attr = ]
divaci.dll -> %System32%\dllcache\divaci.dll -> [Ver = | Size = 6216 bytes | Created Date = 22/01/2008 20:58:37 | Attr = ]
divaprop.dll -> %System32%\dllcache\divaprop.dll -> [Ver = | Size = 37962 bytes | Created Date = 22/01/2008 20:58:38 | Attr = ]
divasu.dll -> %System32%\dllcache\divasu.dll -> [Ver = | Size = 29768 bytes | Created Date = 22/01/2008 20:58:38 | Attr = ]
diwan.sys -> %System32%\dllcache\diwan.sys -> Eicon Technology [Ver = 2.0.1.700 | Size = 952007 bytes | Created Date = 22/01/2008 20:58:38 | Attr = ]
dlh5xnd5.sys -> %System32%\dllcache\dlh5xnd5.sys -> D-Link Corporation [Ver = v2.5.4 | Size = 26698 bytes | Created Date = 22/01/2008 20:58:38 | Attr = ]
dm9pci5.sys -> %System32%\dllcache\dm9pci5.sys -> CNet Technology, Inc. [Ver = 1.23.01.0228 built by: WinDDK | Size = 29696 bytes | Created Date = 22/01/2008 20:58:39 | Attr = ]
dp83820.sys -> %System32%\dllcache\dp83820.sys -> National Semiconductor Coproration [Ver = 5.0.4.17 | Size = 28062 bytes | Created Date = 22/01/2008 20:58:44 | Attr = ]
ds1wdm.sys -> %System32%\dllcache\ds1wdm.sys -> Yamaha Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 334208 bytes | Created Date = 22/01/2008 20:58:47 | Attr = ]
e1000nt5.sys -> %System32%\dllcache\e1000nt5.sys -> Intel Corporation [Ver = 2.94.294.0 | Size = 50719 bytes | Created Date = 22/01/2008 20:58:52 | Attr = ]
e100b325.sys -> %System32%\dllcache\e100b325.sys -> Intel Corporation [Ver = 5.41.22.0000 built by: WinDDK | Size = 117760 bytes | Created Date = 22/01/2008 20:58:52 | Attr = ]
e100isa4.sys -> %System32%\dllcache\e100isa4.sys -> Intel Corporation [Ver = 5.0.5.0 | Size = 19594 bytes | Created Date = 22/01/2008 20:58:52 | Attr = ]
el515.sys -> %System32%\dllcache\el515.sys -> 3Com Corporation [Ver = 1.08.03 | Size = 44103 bytes | Created Date = 22/01/2008 20:58:53 | Attr = ]
el556nd5.sys -> %System32%\dllcache\el556nd5.sys -> 3Com Corporation [Ver = 1.21.00.001 | Size = 55999 bytes | Created Date = 22/01/2008 20:58:54 | Attr = ]
el574nd4.sys -> %System32%\dllcache\el574nd4.sys -> 3Com Corporation [Ver = 2.00.03.4001 | Size = 24653 bytes | Created Date = 22/01/2008 20:58:54 | Attr = ]
el575nd5.sys -> %System32%\dllcache\el575nd5.sys -> 3Com Corporation [Ver = 2.60.5000.0020 | Size = 69692 bytes | Created Date = 22/01/2008 20:58:54 | Attr = ]
el589nd5.sys -> %System32%\dllcache\el589nd5.sys -> 3Com Corporation [Ver = 2.50.50.0033 | Size = 26141 bytes | Created Date = 22/01/2008 20:58:55 | Attr = ]
el656cd5.sys -> %System32%\dllcache\el656cd5.sys -> 3Com Corporation [Ver = 3.00.5000.0004 | Size = 69194 bytes | Created Date = 22/01/2008 20:58:55 | Attr = ]
el656ct5.sys -> %System32%\dllcache\el656ct5.sys -> 3Com Corporation [Ver = 1.00.4002.0070 | Size = 634134 bytes | Created Date = 22/01/2008 20:58:56 | Attr = ]
el656nd5.sys -> %System32%\dllcache\el656nd5.sys -> 3Com Corporation [Ver = 1.50.5000.0007 | Size = 77386 bytes | Created Date = 22/01/2008 20:58:56 | Attr = ]
el656se5.sys -> %System32%\dllcache\el656se5.sys -> 3Com Corporation [Ver = 1.00.4002.0070 | Size = 241206 bytes | Created Date = 22/01/2008 20:58:57 | Attr = ]
el90xbc5.sys -> %System32%\dllcache\el90xbc5.sys -> 3Com Corporation [Ver = 4.05.00.0000 | Size = 66591 bytes | Created Date = 22/01/2008 20:58:58 | Attr = ]
el90xnd5.sys -> %System32%\dllcache\el90xnd5.sys -> 3Com Corporation [Ver = 3.60.50.008 | Size = 153631 bytes | Created Date = 22/01/2008 20:58:58 | Attr = ]
el985n51.sys -> %System32%\dllcache\el985n51.sys -> 3Com Corporation. [Ver = 1.17.34.4 | Size = 455199 bytes | Created Date = 22/01/2008 20:58:58 | Attr = ]
el98xn5.sys -> %System32%\dllcache\el98xn5.sys -> 3Com Corporation [Ver = 4.0.0.13 | Size = 70174 bytes | Created Date = 22/01/2008 20:58:59 | Attr = ]
el99xn51.sys -> %System32%\dllcache\el99xn51.sys -> 3Com Corporation [Ver = 2.00.00.0030 built by: WinDDK | Size = 171520 bytes | Created Date = 22/01/2008 20:58:59 | Attr = ]
elnk3.sys -> %System32%\dllcache\elnk3.sys -> 3Com Corporation [Ver = 5.32.40 | Size = 25159 bytes | Created Date = 22/01/2008 20:59:00 | Attr = ]
em556n4.sys -> %System32%\dllcache\em556n4.sys -> 3Com Corporation [Ver = 1.10.02 | Size = 19996 bytes | Created Date = 22/01/2008 20:59:00 | Attr = ]
emu10k1m.sys -> %System32%\dllcache\emu10k1m.sys -> Creative Technology Ltd. [Ver = 5.12.01.3300 built by: WinDDK | Size = 283904 bytes | Created Date = 22/01/2008 20:59:03 | Attr = ]
epro4.sys -> %System32%\dllcache\epro4.sys -> Intel Corporation [Ver = 3.70.00.0000 | Size = 18503 bytes | Created Date = 22/01/2008 20:59:04 | Attr = ]
eqn.sys -> %System32%\dllcache\eqn.sys -> Equinox Systems Inc. [Ver = 5.0.U72 Intel built by: WinDDK | Size = 629952 bytes | Created Date = 22/01/2008 20:59:04 | Attr = ]
eqndiag.exe -> %System32%\dllcache\eqndiag.exe -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 53248 bytes | Created Date = 22/01/2008 20:59:05 | Attr = ]
eqnlogr.exe -> %System32%\dllcache\eqnlogr.exe -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 51200 bytes | Created Date = 22/01/2008 20:59:05 | Attr = ]
eqnloop.exe -> %System32%\dllcache\eqnloop.exe -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 61952 bytes | Created Date = 22/01/2008 20:59:06 | Attr = ]
es1370mp.sys -> %System32%\dllcache\es1370mp.sys -> Creative Technology Ltd. [Ver = 5.1.2501.0 built by: WinDDK | Size = 37120 bytes | Created Date = 22/01/2008 20:59:06 | Attr = ]
es1371mp.sys -> %System32%\dllcache\es1371mp.sys -> Creative Technology Ltd. [Ver = 5.1.2501.0 built by: WinDDK | Size = 40704 bytes | Created Date = 22/01/2008 20:59:06 | Attr = ]
es1969.sys -> %System32%\dllcache\es1969.sys -> ESS Technology Inc. [Ver = 5.1.2501.0 built by: WinDDK | Size = 72192 bytes | Created Date = 22/01/2008 20:59:07 | Attr = ]
es198x.sys -> %System32%\dllcache\es198x.sys -> ESS Technology, Inc. [Ver = 5.1.2526.0 built by: WinDDK | Size = 174464 bytes | Created Date = 22/01/2008 20:59:07 | Attr = ]
es56cvmp.sys -> %System32%\dllcache\es56cvmp.sys -> ESS Technology, Inc. [Ver = V4.43.049 | Size = 595647 bytes | Created Date = 22/01/2008 20:59:07 | Attr = ]
es56hpi.sys -> %System32%\dllcache\es56hpi.sys -> ESS Technology, Inc. [Ver = V4.43.049 | Size = 594238 bytes | Created Date = 22/01/2008 20:59:08 | Attr = ]
es56tpi.sys -> %System32%\dllcache\es56tpi.sys -> ESS Technology, Inc. [Ver = V4.43.049 | Size = 347550 bytes | Created Date = 22/01/2008 20:59:08 | Attr = ]
ess.sys -> %System32%\dllcache\ess.sys -> ESS Technology, Inc. [Ver = 5.1.2501.0 built by: WinDDK | Size = 63360 bytes | Created Date = 22/01/2008 20:59:09 | Attr = ]
essm2e.sys -> %System32%\dllcache\essm2e.sys -> ESS Technology, Inc. [Ver = 5.1.3612.0 built by: WinDDK | Size = 137088 bytes | Created Date = 22/01/2008 20:59:09 | Attr = ]
esucm.dll -> %System32%\dllcache\esucm.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 43008 bytes | Created Date = 22/01/2008 20:59:10 | Attr = ]
esucmd.dll -> %System32%\dllcache\esucmd.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 31744 bytes | Created Date = 22/01/2008 20:59:10 | Attr = ]
esuimg.dll -> %System32%\dllcache\esuimg.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 34816 bytes | Created Date = 22/01/2008 20:59:11 | Attr = ]
esuimgd.dll -> %System32%\dllcache\esuimgd.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 57856 bytes | Created Date = 22/01/2008 20:59:11 | Attr = ]
esuni.dll -> %System32%\dllcache\esuni.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 45568 bytes | Created Date = 22/01/2008 20:59:11 | Attr = ]
esunib.dll -> %System32%\dllcache\esunib.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 45568 bytes | Created Date = 22/01/2008 20:59:11 | Attr = ]
esunid.dll -> %System32%\dllcache\esunid.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 45056 bytes | Created Date = 22/01/2008 20:59:12 | Attr = ]
ex10.sys -> %System32%\dllcache\ex10.sys -> Intel Corporation [Ver = 1.51.00.0000 | Size = 16998 bytes | Created Date = 22/01/2008 20:59:14 | Attr = ]
f3ab18xi.sys -> %System32%\dllcache\f3ab18xi.sys -> FUJITSU LIMITED [Ver = 3,00,10,0022 | Size = 12362 bytes | Created Date = 22/01/2008 20:59:16 | Attr = ]
f3ab18xj.sys -> %System32%\dllcache\f3ab18xj.sys -> FUJITSU LIMITED [Ver = 3,00,10,0022 | Size = 11850 bytes | Created Date = 22/01/2008 20:59:16 | Attr = ]
fa312nd5.sys -> %System32%\dllcache\fa312nd5.sys -> NETGEAR Corp. [Ver = 5.00.119.0 | Size = 16074 bytes | Created Date = 22/01/2008 20:59:16 | Attr = ]
fa410nd5.sys -> %System32%\dllcache\fa410nd5.sys -> NETGEAR [Ver = 5.00.2128.1 | Size = 24618 bytes | Created Date = 22/01/2008 20:59:16 | Attr = ]
fem556n5.sys -> %System32%\dllcache\fem556n5.sys -> 3Com Corporation [Ver = 1.01.08.6001 | Size = 22090 bytes | Created Date = 22/01/2008 20:59:18 | Attr = ]
fetnd5.sys -> %System32%\dllcache\fetnd5.sys -> VIA Technologies, Inc. [Ver = 2.66 | Size = 27165 bytes | Created Date = 22/01/2008 20:59:19 | Attr = ]
forehe.sys -> %System32%\dllcache\forehe.sys -> Marconi Communications, Inc. [Ver = 5.0.12.6327 | Size = 34173 bytes | Created Date = 22/01/2008 20:59:23 | Attr = ]
fpcibase.sys -> %System32%\dllcache\fpcibase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 444416 bytes | Created Date = 22/01/2008 20:59:25 | Attr = ]
fpcmbase.sys -> %System32%\dllcache\fpcmbase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 441728 bytes | Created Date = 22/01/2008 20:59:25 | Attr = ]
fpnpbase.sys -> %System32%\dllcache\fpnpbase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 442240 bytes | Created Date = 22/01/2008 20:59:26 | Attr = ]
fus2base.sys -> %System32%\dllcache\fus2base.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 455680 bytes | Created Date = 22/01/2008 20:59:27 | Attr = ]
fusbbase.sys -> %System32%\dllcache\fusbbase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 455296 bytes | Created Date = 22/01/2008 20:59:28 | Attr = ]
fxusbase.sys -> %System32%\dllcache\fxusbase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 454912 bytes | Created Date = 22/01/2008 20:59:37 | Attr = ]
g200d.dll -> %System32%\dllcache\g200d.dll -> Matrox Graphics Inc. [Ver = 5.12.01.1200 (ReleasedBinaries.010308-1115) | Size = 470144 bytes | Created Date = 22/01/2008 20:59:37 | Attr = ]
g200m.sys -> %System32%\dllcache\g200m.sys -> Matrox Graphics Inc. [Ver = 5.12.01.1200 (ReleasedBinaries.010308-1115) | Size = 320384 bytes | Created Date = 22/01/2008 20:59:37 | Attr = ]
g400d.dll -> %System32%\dllcache\g400d.dll -> Matrox Graphics Inc. [Ver = 5.12.01.1200 (ReleasedBinaries.010308-1115) | Size = 1733120 bytes | Created Date = 22/01/2008 20:59:38 | Attr = ]
g400m.sys -> %System32%\dllcache\g400m.sys -> Matrox Graphics Inc. [Ver = 5.12.01.1200 (ReleasedBinaries.010308-1115) | Size = 322432 bytes | Created Date = 22/01/2008 20:59:38 | Attr = ]
gpr400.sys -> %System32%\dllcache\gpr400.sys -> Gemplus [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 17408 bytes | Created Date = 22/01/2008 20:59:41 | Attr = ]
grclass.sys -> %System32%\dllcache\grclass.sys -> Gemplus [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 82304 bytes | Created Date = 22/01/2008 20:59:41 | Attr = ]
grserial.sys -> %System32%\dllcache\grserial.sys -> Gemplus [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 28288 bytes | Created Date = 22/01/2008 20:59:42 | Attr = ]
hcf_msft.sys -> %System32%\dllcache\hcf_msft.sys -> Conexant [Ver = 2.1.2.171.021.003 | Size = 907456 bytes | Created Date = 22/01/2008 20:59:43 | Attr = ]
hpgt21.dll -> %System32%\dllcache\hpgt21.dll -> [Ver = 1, 0, 0, 1 | Size = 83968 bytes | Created Date = 22/01/2008 20:59:48 | Attr = ]
hpgt33.dll -> %System32%\dllcache\hpgt33.dll -> [Ver = 1, 0, 0, 1 | Size = 89088 bytes | Created Date = 22/01/2008 20:59:49 | Attr = ]
hpgt34.dll -> %System32%\dllcache\hpgt34.dll -> [Ver = 1, 0, 0, 1 | Size = 101376 bytes | Created Date = 22/01/2008 20:59:50 | Attr = ]
hpgt34tk.dll -> %System32%\dllcache\hpgt34tk.dll -> Hewlett Packard [Ver = 4.11.2000.0 | Size = 126976 bytes | Created Date = 22/01/2008 20:59:50 | Attr = ]
hpgt42.dll -> %System32%\dllcache\hpgt42.dll -> [Ver = 1, 0, 0, 1 | Size = 93696 bytes | Created Date = 22/01/2008 20:59:50 | Attr = ]
hpgt53.dll -> %System32%\dllcache\hpgt53.dll -> [Ver = 1, 0, 0, 1 | Size = 165888 bytes | Created Date = 22/01/2008 20:59:51 | Attr = ]
hpgt53tk.dll -> %System32%\dllcache\hpgt53tk.dll -> Avisioin [Ver = 1,0,7,0210 | Size = 68608 bytes | Created Date = 22/01/2008 20:59:51 | Attr = ]
hsf_amos.sys -> %System32%\dllcache\hsf_amos.sys -> Conexant [Ver = 3.05.12.04 | Size = 150239 bytes | Created Date = 22/01/2008 20:59:53 | Attr = ]
hsf_bsc2.sys -> %System32%\dllcache\hsf_bsc2.sys -> Conexant [Ver = 3.05.12.04 | Size = 67167 bytes | Created Date = 22/01/2008 20:59:53 | Attr = ]
hsf_fall.sys -> %System32%\dllcache\hsf_fall.sys -> Conexant [Ver = 3.05.12.04 | Size = 289887 bytes | Created Date = 22/01/2008 20:59:54 | Attr = ]
hsf_faxx.sys -> %System32%\dllcache\hsf_faxx.sys -> Conexant [Ver = 3.05.12.04 | Size = 199711 bytes | Created Date = 22/01/2008 20:59:54 | Attr = ]
hsf_fsks.sys -> %System32%\dllcache\hsf_fsks.sys -> Conexant [Ver = 3.05.12.04 | Size = 115807 bytes | Created Date = 22/01/2008 20:59:54 | Attr = ]
hsf_inst.dll -> %System32%\dllcache\hsf_inst.dll -> Conexant [Ver = 3.05.12.04 | Size = 9759 bytes | Created Date = 22/01/2008 20:59:54 | Attr = ]
hsf_k56k.sys -> %System32%\dllcache\hsf_k56k.sys -> Conexant [Ver = 3.05.12.04 | Size = 391199 bytes | Created Date = 22/01/2008 20:59:55 | Attr = ]
hsf_msft.sys -> %System32%\dllcache\hsf_msft.sys -> Conexant [Ver = 3.05.12.06 | Size = 542879 bytes | Created Date = 22/01/2008 20:59:55 | Attr = ]
hsf_samp.sys -> %System32%\dllcache\hsf_samp.sys -> Conexant [Ver = 3.05.12.05 | Size = 57471 bytes | Created Date = 22/01/2008 20:59:55 | Attr = ]
hsf_soar.sys -> %System32%\dllcache\hsf_soar.sys -> Conexant [Ver = 3.05.12.05 | Size = 44863 bytes | Created Date = 22/01/2008 20:59:56 | Attr = ]
hsf_spkp.sys -> %System32%\dllcache\hsf_spkp.sys -> Conexant [Ver = 3.05.12.04 | Size = 73279 bytes | Created Date = 22/01/2008 20:59:56 | Attr = ]
hsf_tone.sys -> %System32%\dllcache\hsf_tone.sys -> Conexant [Ver = 3.05.12.04 | Size = 50751 bytes | Created Date = 22/01/2008 20:59:56 | Attr = ]
hsf_v124.sys -> %System32%\dllcache\hsf_v124.sys -> Conexant [Ver = 3.05.12.04 | Size = 488383 bytes | Created Date = 22/01/2008 20:59:56 | Attr = ]
i740dnt5.dll -> %System32%\dllcache\i740dnt5.dll -> Intel Corporation [Ver = 5.0.01.0604.0920 | Size = 353184 bytes | Created Date = 22/01/2008 21:00:19 | Attr = ]
i740nt5.sys -> %System32%\dllcache\i740nt5.sys -> Intel Corporation [Ver = 5.0.01.0604.0920 | Size = 58592 bytes | Created Date = 22/01/2008 21:00:20 | Attr = ]
i81xdnt5.dll -> %System32%\dllcache\i81xdnt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 702845 bytes | Created Date = 22/01/2008 21:00:21 | Attr = ]
i81xnt5.sys -> %System32%\dllcache\i81xnt5.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 161020 bytes | Created Date = 22/01/2008 21:00:23 | Attr = ]
ibmexmp.sys -> %System32%\dllcache\ibmexmp.sys -> IBM Corp. [Ver = 3.14.00.0000 | Size = 28700 bytes | Created Date = 22/01/2008 21:00:25 | Attr = ]
ibmsgnet.dll -> %System32%\dllcache\ibmsgnet.dll -> IBM Corporation [Ver = 1.00.00.0000 | Size = 9216 bytes | Created Date = 22/01/2008 21:00:28 | Attr = ]
ibmtok.sys -> %System32%\dllcache\ibmtok.sys -> IBM Corporation [Ver = 12.23.04.0050 | Size = 100936 bytes | Created Date = 22/01/2008 21:00:28 | Attr = ]
ibmtrp.sys -> %System32%\dllcache\ibmtrp.sys -> IBM Corporation [Ver = 5.33.02.0050 | Size = 109085 bytes | Created Date = 22/01/2008 21:00:29 | Attr = ]
iconf32.dll -> %System32%\dllcache\iconf32.dll -> Xircom [Ver = 1.1.0.11 | Size = 372824 bytes | Created Date = 22/01/2008 21:00:34 | Attr = ]
io8.sys -> %System32%\dllcache\io8.sys -> Perle Systems Ltd. [Ver = 1.0.1.0022 (XPClient.010817-1148) | Size = 38784 bytes | Created Date = 22/01/2008 21:01:16 | Attr = ]
io8ports.dll -> %System32%\dllcache\io8ports.dll -> Perle Systems Ltd. [Ver = 1.0.0.0008 | Size = 90200 bytes | Created Date = 22/01/2008 21:01:16 | Attr = ]
ip5515.sys -> %System32%\dllcache\ip5515.sys -> Interphase ® Corporation a Windows ® 2000 DDK Driver Provider [Ver = 5.1.2257.1 built by: Administrator | Size = 45632 bytes | Created Date = 22/01/2008 21:01:17 | Attr = ]
irmk7.sys -> %System32%\dllcache\irmk7.sys -> MKNet Corporation [Ver = 4.1.0 | Size = 23552 bytes | Created Date = 22/01/2008 21:01:25 | Attr = ]
irstusb.sys -> %System32%\dllcache\irstusb.sys -> SigmaTel, Inc. [Ver = 1, 20, 0, 0 | Size = 26624 bytes | Created Date = 22/01/2008 21:01:27 | Attr = ]
ktc111.sys -> %System32%\dllcache\ktc111.sys -> Kingston Technology Company [Ver = 2.00 | Size = 19016 bytes | Created Date = 22/01/2008 21:01:50 | Attr = ]
lanepic5.sys -> %System32%\dllcache\lanepic5.sys -> SMSC [Ver = 3.40.0000.0000 | Size = 26442 bytes | Created Date = 22/01/2008 21:01:51 | Attr = ]
lbrtfdc.sys -> %System32%\dllcache\lbrtfdc.sys -> Toshiba Corp. [Ver = Version 5.10.3 (xpsp_sp2_rtm.040803-2158) | Size = 34688 bytes | Created Date = 22/01/2008 21:01:51 | Attr = ]
lit220p.sys -> %System32%\dllcache\lit220p.sys -> Litronic Industries [Ver = 1 | Size = 15744 bytes | Created Date = 22/01/2008 21:01:53 | Attr = ]
lmndis3.sys -> %System32%\dllcache\lmndis3.sys -> D-Link [Ver = 5.00.2128.1 | Size = 25065 bytes | Created Date = 22/01/2008 21:01:54 | Attr = ]
lne100.sys -> %System32%\dllcache\lne100.sys -> The Linksts Group [Ver = 2.00 | Size = 20573 bytes | Created Date = 22/01/2008 21:01:55 | Attr = ]
lne100tx.sys -> %System32%\dllcache\lne100tx.sys -> Linksys Group, Inc. [Ver = 4.55 | Size = 70730 bytes | Created Date = 22/01/2008 21:01:55 | Attr = ]
ltck000c.sys -> %System32%\dllcache\ltck000c.sys -> Xircom, Inc. [Ver = 1.98.2 | Size = 727786 bytes | Created Date = 22/01/2008 21:01:58 | Attr = ]
ltmdmnt.sys -> %System32%\dllcache\ltmdmnt.sys -> LT [Ver = 8.28 | Size = 606684 bytes | Created Date = 22/01/2008 21:01:59 | Attr = ]
ltmdmntl.sys -> %System32%\dllcache\ltmdmntl.sys -> LT [Ver = 3.01.3 | Size = 576746 bytes | Created Date = 22/01/2008 21:01:59 | Attr = ]
ltmdmntt.sys -> %System32%\dllcache\ltmdmntt.sys -> LT [Ver = 6.08 | Size = 420992 bytes | Created Date = 22/01/2008 21:02:00 | Attr = ]
ltsm.sys -> %System32%\dllcache\ltsm.sys -> Lucent Technologies [Ver = 3.1.92.1 3.1.92.1 07/18/2001 12:51:10 | Size = 802683 bytes | Created Date = 22/01/2008 21:02:01 | Attr = ]
ltsmt.sys -> %System32%\dllcache\ltsmt.sys -> LT [Ver = 3.1.92.1 07/18/2001 13:02:42 | Size = 797500 bytes | Created Date = 22/01/2008 21:02:02 | Attr = ]
lwadihid.sys -> %System32%\dllcache\lwadihid.sys -> Logitech Inc. [Ver = 5.1.420.093 | Size = 20864 bytes | Created Date = 22/01/2008 21:02:04 | Attr = ]
lwusbhid.sys -> %System32%\dllcache\lwusbhid.sys -> Logitech Inc. [Ver = 5.1.410.190 | Size = 22848 bytes | Created Date = 22/01/2008 21:02:04 | Attr = ]
maestro.sys -> %System32%\dllcache\maestro.sys -> ESS Technology, Inc. [Ver = 5.1.2501.0 built by: WinDDK | Size = 48768 bytes | Created Date = 22/01/2008 21:02:06 | Attr = ]
mdgndis5.sys -> %System32%\dllcache\mdgndis5.sys -> Madge Networks Ltd [Ver = 6.06 | Size = 164586 bytes | Created Date = 22/01/2008 21:02:08 | Attr = ]
memstpci.sys -> %System32%\dllcache\memstpci.sys -> Sony Corporation [Ver = 1.00.1120.0 (xpsp_sp2_rtm.040803-2158) | Size = 26112 bytes | Created Date = 22/01/2008 21:02:09 | Attr = ]
mgaud.dll -> %System32%\dllcache\mgaud.dll -> Matrox Graphics Inc. [Ver = 5.00.2475.1200 (ReleasedBinaries.010308-1115) | Size = 235648 bytes | Created Date = 22/01/2008 21:02:11 | Attr = ]
mgaum.sys -> %System32%\dllcache\mgaum.sys -> Matrox Graphics Inc. [Ver = 5.00.2475.1200 (ReleasedBinaries.010308-1115) | Size = 320384 bytes | Created Date = 22/01/2008 21:02:11 | Attr = ]
mtxvideo.sys -> %System32%\dllcache\mtxvideo.sys -> Matrox Graphics Inc [Ver = 1.00.25 | Size = 103296 bytes | Created Date = 22/01/2008 21:02:49 | Attr = ]
mxcard.sys -> %System32%\dllcache\mxcard.sys -> Moxa Technologies Co., Ltd. [Ver = 1.1 (XPClient.010817-1148) | Size = 21888 bytes | Created Date = 22/01/2008 21:02:50 | Attr = ]
mxicfg.dll -> %System32%\dllcache\mxicfg.dll -> Moxa Technologies Co., Ltd [Ver = 1.1 | Size = 19968 bytes | Created Date = 22/01/2008 21:02:51 | Attr = ]
mxnic.sys -> %System32%\dllcache\mxnic.sys -> Macronix International Co., Ltd. [Ver = 2.12 (XPClient.010817-1148) | Size = 19968 bytes | Created Date = 22/01/2008 21:02:51 | Attr = ]
mxport.dll -> %System32%\dllcache\mxport.dll -> Moxa Technologies Co., Ltd [Ver = 1.1 | Size = 7168 bytes | Created Date = 22/01/2008 21:02:51 | Attr = ]
mxport.sys -> %System32%\dllcache\mxport.sys -> Moxa Technologies Co., Ltd. [Ver = 1.1 (XPClient.010817-1148) | Size = 75520 bytes | Created Date = 22/01/2008 21:02:52 | Attr = ]
n1000nt5.sys -> %System32%\dllcache\n1000nt5.sys -> Compaq Computer Corporation [Ver = 2.94.294.0 | Size = 52255 bytes | Created Date = 22/01/2008 21:02:52 | Attr = ]
n100325.sys -> %System32%\dllcache\n100325.sys -> Compaq Computer Corporation [Ver = 5.41.22.0000 built by: WinDDK | Size = 128000 bytes | Created Date = 22/01/2008 21:02:53 | Attr = ]
n9i128.dll -> %System32%\dllcache\n9i128.dll -> Number Nine Visual Technology Corp. [Ver = 5.01.101.03 | Size = 35392 bytes | Created Date = 22/01/2008 21:02:53 | Attr = ]
n9i128.sys -> %System32%\dllcache\n9i128.sys -> Number Nine Visual Technology Corp. [Ver = 5.01.101.03 | Size = 13664 bytes | Created Date = 22/01/2008 21:02:54 | Attr = ]
n9i128v2.dll -> %System32%\dllcache\n9i128v2.dll -> Number Nine Visual Technology Corp. [Ver = 5.01.102.35 | Size = 59104 bytes | Created Date = 22/01/2008 21:02:54 | Attr = ]
n9i128v2.sys -> %System32%\dllcache\n9i128v2.sys -> Number Nine Visual Technology Corp. [Ver = 5.01.102.35 | Size = 33088 bytes | Created Date = 22/01/2008 21:02:54 | Attr = ]
n9i3d.sys -> %System32%\dllcache\n9i3d.sys -> Number Nine Visual Technology Corp. [Ver = 5.01.103.09 | Size = 27936 bytes | Created Date = 22/01/2008 21:02:55 | Attr = ]
n9i3disp.dll -> %System32%\dllcache\n9i3disp.dll -> Number Nine Visual Technology Corp. [Ver = 5.01.103.09 | Size = 91488 bytes | Created Date = 22/01/2008 21:02:55 | Attr = ]
neo20xx.dll -> %System32%\dllcache\neo20xx.dll -> NeoMagic Corporation [Ver = 5.31.00 (ReleasedBinaries.010308-1115) | Size = 60480 bytes | Created Date = 22/01/2008 21:02:59 | Attr = ]
neo20xx.sys -> %System32%\dllcache\neo20xx.sys -> NeoMagic Corporation [Ver = 5.31.00 (ReleasedBinaries.010308-1115) | Size = 39264 bytes | Created Date = 22/01/2008 21:02:59 | Attr = ]
netflx3.sys -> %System32%\dllcache\netflx3.sys -> Compaq Computer Corporation [Ver = 5.0.1.18 | Size = 65278 bytes | Created Date = 22/01/2008 21:03:01 | Attr = ]
netwlan5.sys -> %System32%\dllcache\netwlan5.sys -> 802.11b [Ver = 3, 1, 4, 26 | Size = 132695 bytes | Created Date = 22/01/2008 21:03:03 | Attr = ]
ngrpci.sys -> %System32%\dllcache\ngrpci.sys -> NETGEAR Corporation. [Ver = 4.56 | Size = 32840 bytes | Created Date = 22/01/2008 21:03:04 | Attr = ]
nm5a2wdm.sys -> %System32%\dllcache\nm5a2wdm.sys -> NeoMagic Corporation [Ver = 5.1.2501.0 built by: WinDDK | Size = 126080 bytes | Created Date = 22/01/2008 21:03:05 | Attr = ]
nm6wdm.sys -> %System32%\dllcache\nm6wdm.sys -> NeoMagic Corporation [Ver = 5.1.2501.0 built by: WinDDK | Size = 87040 bytes | Created Date = 22/01/2008 21:03:05 | Attr = ]
nscirda.sys -> %System32%\dllcache\nscirda.sys -> National Semiconductor Corporation [Ver = 5,02,00,011 (xpsp_sp2_rtm.040803-2158) | Size = 28672 bytes | Created Date = 22/01/2008 21:03:10 | Attr = ]
ntgrip.sys -> %System32%\dllcache\ntgrip.sys -> Kensington Technology Group [Ver = 1.00 | Size = 51552 bytes | Created Date = 22/01/2008 21:03:15 | Attr = ]
nv3.dll -> %System32%\dllcache\nv3.dll -> NVIDIA Corporation [Ver = 5.1.3528.0343 (ReleasedBinaries.010717-0141) | Size = 123776 bytes | Created Date = 22/01/2008 21:03:24 | Attr = ]
nv3.sys -> %System32%\dllcache\nv3.sys -> NVIDIA Corporation [Ver = 5.1.3528.0343 (ReleasedBinaries.010717-0141) | Size = 198144 bytes | Created Date = 22/01/2008 21:03:24 | Attr = ]
opl3sax.sys -> %System32%\dllcache\opl3sax.sys -> Yamaha Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 54528 bytes | Created Date = 22/01/2008 21:03:30 | Attr = ]
otc06x5.sys -> %System32%\dllcache\otc06x5.sys -> Ositech Communications, Inc. [Ver = 1.01.020 | Size = 27209 bytes | Created Date = 22/01/2008 21:03:30 | Attr = ]
otceth5.sys -> %System32%\dllcache\otceth5.sys -> Ositech Communications, Inc. [Ver = 1.02.014.3 | Size = 43689 bytes | Created Date = 22/01/2008 21:03:31 | Attr = ]
otcsercb.sys -> %System32%\dllcache\otcsercb.sys -> Ositech Communications, Inc. [Ver = 1.05.02 | Size = 54186 bytes | Created Date = 22/01/2008 21:03:31 | Attr = ]
pc100nds.sys -> %System32%\dllcache\pc100nds.sys -> Linksys [Ver = 5.00.2195.1 | Size = 30495 bytes | Created Date = 22/01/2008 21:03:36 | Attr = ]
pca200e.sys -> %System32%\dllcache\pca200e.sys -> Marconi Communications, Inc. [Ver = 5.0.12.6327 | Size = 29502 bytes | Created Date = 22/01/2008 21:03:36 | Attr = ]
pcmlm56.sys -> %System32%\dllcache\pcmlm56.sys -> Linksys [Ver = 5.00.2128.1 | Size = 26153 bytes | Created Date = 22/01/2008 21:03:38 | Attr = ]
pcntn5hl.sys -> %System32%\dllcache\pcntn5hl.sys -> AMD Inc. [Ver = 1.09.001 | Size = 30282 bytes | Created Date = 22/01/2008 21:03:39 | Attr = ]
pcntn5m.sys -> %System32%\dllcache\pcntn5m.sys -> AMD Inc. [Ver = 4.09.00 | Size = 29769 bytes | Created Date = 22/01/2008 21:03:39 | Attr = ]
pcntpci5.sys -> %System32%\dllcache\pcntpci5.sys -> AMD Inc. [Ver = 4.38.00 built by: WinDDK | Size = 35328 bytes | Created Date = 22/01/2008 21:03:39 | Attr = ]
pctspk.exe -> %System32%\dllcache\pctspk.exe -> PCtel, Inc. [Ver = 4.00 | Size = 86016 bytes | Created Date = 22/01/2008 21:03:40 | Attr = ]
pcx500.sys -> %System32%\dllcache\pcx500.sys -> Cisco Systems [Ver = 7.50.01 Firmware built by: Cisco Systems | Size = 169984 bytes | Created Date = 22/01/2008 21:03:40 | Attr = ]
perm2.sys -> %System32%\dllcache\perm2.sys -> Microsoft Corp., 3Dlabs Inc. Ltd. [Ver = 1.00-0009 (MS) (xpsp_sp2_rtm.040803-2158) | Size = 27904 bytes | Created Date = 22/01/2008 21:03:42 | Attr = ]
perm2dll.dll -> %System32%\dllcache\perm2dll.dll -> Microsoft Corp., 3Dlabs Inc. Ltd. [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 211712 bytes | Created Date = 22/01/2008 21:03:43 | Attr = ]
perm3.sys -> %System32%\dllcache\perm3.sys -> Microsoft Corp., 3Dlabs Inc. Ltd. [Ver = 1.00 (xpsp_sp2_rtm.040803-2158) | Size = 28032 bytes | Created Date = 22/01/2008 21:03:45 | Attr = ]
perm3dd.dll -> %System32%\dllcache\perm3dd.dll -> Microsoft Corp., 3Dlabs Inc. Ltd. [Ver = 1.00 (xpsp_sp2_rtm.040803-2158) | Size = 259328 bytes | Created Date = 22/01/2008 21:03:46 | Attr = ]
pscr.sys -> %System32%\dllcache\pscr.sys -> SCM Microsystems, Inc. [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 16128 bytes | Created Date = 22/01/2008 21:03:56 | Attr = ]
ptserli.sys -> %System32%\dllcache\ptserli.sys -> PCTEL, INC. [Ver = 7.54.07 | Size = 128286 bytes | Created Date = 22/01/2008 21:03:59 | Attr = ]
ptserlp.sys -> %System32%\dllcache\ptserlp.sys -> PCTEL, INC. [Ver = 7.54.07 | Size = 112574 bytes | Created Date = 22/01/2008 21:03:59 | Attr = ]
ptserlv.sys -> %System32%\dllcache\ptserlv.sys -> PCTEL, INC. [Ver = 7.54.07 | Size = 130942 bytes | Created Date = 22/01/2008 21:03:59 | Attr = ]
r2mdkxga.sys -> %System32%\dllcache\r2mdkxga.sys -> Xircom, Inc. [Ver = 1.90.7 | Size = 899146 bytes | Created Date = 22/01/2008 21:04:05 | Attr = ]
r2mdmkxx.sys -> %System32%\dllcache\r2mdmkxx.sys -> Xircom, Inc. [Ver = 1.90.7 | Size = 714762 bytes | Created Date = 22/01/2008 21:04:05 | Attr = ]
reslog32.dll -> %System32%\dllcache\reslog32.dll -> Xircom [Ver = 1.0.0.6 | Size = 86097 bytes | Created Date = 22/01/2008 21:04:15 | Attr = ]
rlnet5.sys -> %System32%\dllcache\rlnet5.sys -> RadioLAN [Ver = 2.30 | Size = 37563 bytes | Created Date = 22/01/2008 21:04:16 | Attr = ]
rocket.sys -> %System32%\dllcache\rocket.sys -> Comtrol Corporation [Ver = 4.50 | Size = 79104 bytes | Created Date = 22/01/2008 21:04:17 | Attr = ]
rpfun.sys -> %System32%\dllcache\rpfun.sys -> Conexant Systems Inc. [Ver = 5.12.01.0326 | Size = 3840 bytes | Created Date = 22/01/2008 21:04:19 | Attr = ]
rsmgrstr.dll -> %System32%\dllcache\rsmgrstr.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 9216 bytes | Created Date = 22/01/2008 21:04:20 | Attr = ]
rthwcls.sys -> %System32%\dllcache\rthwcls.sys -> Conexant Systems Inc. [Ver = 5.12.01.0326 | Size = 30720 bytes | Created Date = 22/01/2008 21:04:21 | Attr = ]
rtl8029.sys -> %System32%\dllcache\rtl8029.sys -> Realtek Semiconductor Corporation [Ver = 5.508.0803.2000 | Size = 19017 bytes | Created Date = 22/01/2008 21:04:21 | Attr = ]
rw330ext.dll -> %System32%\dllcache\rw330ext.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 26624 bytes | Created Date = 22/01/2008 21:04:23 | Attr = ]
rw430ext.dll -> %System32%\dllcache\rw430ext.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 24576 bytes | Created Date = 22/01/2008 21:04:23 | Attr = ]
rw450ext.dll -> %System32%\dllcache\rw450ext.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 26624 bytes | Created Date = 22/01/2008 21:04:23 | Attr = ]
rwia001.dll -> %System32%\dllcache\rwia001.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 22/01/2008 21:04:24 | Attr = ]
rwia330.dll -> %System32%\dllcache\rwia330.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 22/01/2008 21:04:24 | Attr = ]
rwia430.dll -> %System32%\dllcache\rwia430.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 22/01/2008 21:04:24 | Attr = ]
rwia450.dll -> %System32%\dllcache\rwia450.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 82432 bytes | Created Date = 22/01/2008 21:04:24 | Attr = ]
s3m.sys -> %System32%\dllcache\s3m.sys -> S3 Incorporated [Ver = 5.1024.329.0002 (ReleasedBinaries.010308-1115) | Size = 166720 bytes | Created Date = 22/01/2008 21:04:25 | Attr = ]
s3mt3d.dll -> %System32%\dllcache\s3mt3d.dll -> S3 Incorporated [Ver = 5.01.526.0007 (ReleasedBinaries.010718-0005) | Size = 182272 bytes | Created Date = 22/01/2008 21:04:26 | Attr = ]
s3mt3d.sys -> %System32%\dllcache\s3mt3d.sys -> S3 Incorporated [Ver = 5.01.526.0007 (ReleasedBinaries.010718-0005) | Size = 41216 bytes | Created Date = 22/01/2008 21:04:26 | Attr = ]
s3mtrio.dll -> %System32%\dllcache\s3mtrio.dll -> S3 Incorporated [Ver = 5.1024.329.0002 (ReleasedBinaries.010308-1115) | Size = 62496 bytes | Created Date = 22/01/2008 21:04:27 | Attr = ]
s3mvirge.dll -> %System32%\dllcache\s3mvirge.dll -> S3 Incorporated [Ver = 5.1024.329.0002 (ReleasedBinaries.010308-1115) | Size = 210496 bytes | Created Date = 22/01/2008 21:04:27 | Attr = ]
s3sav3d.dll -> %System32%\dllcache\s3sav3d.dll -> S3 Incorporated [Ver = 5.01.620.0006 (ReleasedBinaries.010308-1115) | Size = 179264 bytes | Created Date = 22/01/2008 21:04:27 | Attr = ]
s3sav3dm.sys -> %System32%\dllcache\s3sav3dm.sys -> S3 Incorporated [Ver = 5.01.620.0006 (ReleasedBinaries.010308-1115) | Size = 61504 bytes | Created Date = 22/01/2008 21:04:27 | Attr = ]
s3sav4.dll -> %System32%\dllcache\s3sav4.dll -> S3 Incorporated [Ver = 5.12.01.8012-8.40.03 built by: ReleasedBinaries | Size = 198400 bytes | Created Date = 22/01/2008 21:04:28 | Attr = ]
s3sav4m.sys -> %System32%\dllcache\s3sav4m.sys -> S3 Incorporated [Ver = 5.12.01.8012-8.40.03 built by: ReleasedBinaries | Size = 77824 bytes | Created Date = 22/01/2008 21:04:28 | Attr = ]
s3savmx.dll -> %System32%\dllcache\s3savmx.dll -> S3 Graphics, Inc. [Ver = 5.13.01.7056-7.50.16 | Size = 245632 bytes | Created Date = 22/01/2008 21:04:28 | Attr = ]
s3savmxm.sys -> %System32%\dllcache\s3savmxm.sys -> S3 Graphics, Inc. [Ver = 5.13.01.7056-7.50.16 | Size = 75392 bytes | Created Date = 22/01/2008 21:04:29 | Attr = ]
sblfx.dll -> %System32%\dllcache\sblfx.dll -> Creative Technology Ltd. [Ver = 5.12.01.3210 | Size = 495616 bytes | Created Date = 22/01/2008 21:04:30 | Attr = ]
sccmn50m.sys -> %System32%\dllcache\sccmn50m.sys -> OMNIKEY AG [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 23936 bytes | Created Date = 22/01/2008 21:04:31 | Attr = ]
sccmusbm.sys -> %System32%\dllcache\sccmusbm.sys -> OMNIKEY AG [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 23936 bytes | Created Date = 22/01/2008 21:04:32 | Attr = ]
scr111.sys -> %System32%\dllcache\scr111.sys -> SCM Microsystems [Ver = 1.01.006 (XPClient.010817-1148) | Size = 17280 bytes | Created Date = 22/01/2008 21:04:33 | Attr = ]
sfmanm.sys -> %System32%\dllcache\sfmanm.sys -> Creative Technology Ltd. [Ver = 4.10.3300 | Size = 36480 bytes | Created Date = 22/01/2008 21:04:40 | Attr = ]
sgiul50.dll -> %System32%\dllcache\sgiul50.dll -> Trident Microsystems Inc. [Ver = 5.1.2462.0032 (ReleasedBinaries.010308-1115) | Size = 386560 bytes | Created Date = 22/01/2008 21:04:41 | Attr = ]
sgiulnt5.sys -> %System32%\dllcache\sgiulnt5.sys -> Trident Microsystems Inc. [Ver = 5.1.2462.0032 (ReleasedBinaries.010308-1115) | Size = 98080 bytes | Created Date = 22/01/2008 21:04:41 | Attr = ]
sgsmld.sys -> %System32%\dllcache\sgsmld.sys -> Micro Systemation [Ver = 1.1 | Size = 18400 bytes | Created Date = 22/01/2008 21:04:41 | Attr = ]
sgsmusb.sys -> %System32%\dllcache\sgsmusb.sys -> Micro Systemation [Ver = 1, 0, 0, 4 | Size = 161568 bytes | Created Date = 22/01/2008 21:04:42 | Attr = ]
sis300ip.sys -> %System32%\dllcache\sis300ip.sys -> Silicon Integrated Systems Corporation [Ver = 5.13.01.1100 (Lab01_N(ericks).010612-1818) | Size = 101760 bytes | Created Date = 22/01/2008 21:04:48 | Attr = ]
sis300iv.dll -> %System32%\dllcache\sis300iv.dll -> Silicon Integrated Systems Corporation [Ver = 5.13.01.1100 (Lab01_N(ericks).010612-1818) | Size = 252032 bytes | Created Date = 22/01/2008 21:04:48 | Attr = ]
sis6306p.sys -> %System32%\dllcache\sis6306p.sys -> Silicon Integrated Systems Corporation [Ver = 5.12.01.1080 (Lab01_N(ericks).010522-2022) | Size = 68608 bytes | Created Date = 22/01/2008 21:04:49 | Attr = ]
sis6306v.dll -> %System32%\dllcache\sis6306v.dll -> Silicon Integrated Systems Corporation [Ver = 5.12.01.1080 (Lab01_N(ericks).010522-2022) | Size = 150144 bytes | Created Date = 22/01/2008 21:04:49 | Attr = ]
sisgrp.sys -> %System32%\dllcache\sisgrp.sys -> Silicon Integrated Systems Corporation [Ver = 5.13.01.2000 (ReleasedBinaries.010625-1804) | Size = 104064 bytes | Created Date = 22/01/2008 21:04:49 | Attr = ]
sisgrv.dll -> %System32%\dllcache\sisgrv.dll -> Silicon Integrated Systems Corporation [Ver = 5.13.01.2000 (ReleasedBinaries.010625-1804) | Size = 238592 bytes | Created Date = 22/01/2008 21:04:50 | Attr = ]
sisnic.sys -> %System32%\dllcache\sisnic.sys -> SiS Corporation [Ver = 1.16.00.05 built by: WinDDK | Size = 32768 bytes | Created Date = 22/01/2008 21:04:50 | Attr = ]
sisv.sys -> %System32%\dllcache\sisv.sys -> Silicon Integrated Systems Corporation [Ver = 5.12.01.1300 (Lab01_N(ericks).010522-2022) | Size = 50432 bytes | Created Date = 22/01/2008 21:04:52 | Attr = ]
sisv256.dll -> %System32%\dllcache\sisv256.dll -> Silicon Integrated Systems Corporation [Ver = 5.12.01.1300 (Lab01_N(ericks).010522-2022) | Size = 157696 bytes | Created Date = 22/01/2008 21:04:52 | Attr = ]
sk98xwin.sys -> %System32%\dllcache\sk98xwin.sys -> SysKonnect GmbH. [Ver = 3.12 | Size = 94698 bytes | Created Date = 22/01/2008 21:04:52 | Attr = ]
skfpwin.sys -> %System32%\dllcache\skfpwin.sys -> SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH. [Ver = 5.13 | Size = 91294 bytes | Created Date = 22/01/2008 21:04:53 | Attr = ]
sla30nd5.sys -> %System32%\dllcache\sla30nd5.sys -> Symbol Technologies [Ver = 4.2.0.8 | Size = 63547 bytes | Created Date = 22/01/2008 21:04:53 | Attr = ]
smc8000n.sys -> %System32%\dllcache\smc8000n.sys -> SMC Networks, Inc. [Ver = 3.13.1025.2000 built by: yfeng | Size = 24576 bytes | Created Date = 22/01/2008 21:05:03 | Attr = ]
smcirda.sys -> %System32%\dllcache\smcirda.sys -> SMC [Ver = 5.1.2462.0 | Size = 35913 bytes | Created Date = 22/01/2008 21:05:03 | Attr = ]
smcpwr2n.sys -> %System32%\dllcache\smcpwr2n.sys -> SMC Networks, Inc. [Ver = 3.28.1214.2000 | Size = 25034 bytes | Created Date = 22/01/2008 21:05:04 | Attr = ]
smidispb.dll -> %System32%\dllcache\smidispb.dll -> Silicon Motion Inc. [Ver = 5.01.2401.0143e | Size = 147200 bytes | Created Date = 22/01/2008 21:05:05 | Attr = ]
smiminib.sys -> %System32%\dllcache\smiminib.sys -> Silicon Motion Inc. [Ver = 5.01.2401.0143e | Size = 58368 bytes | Created Date = 22/01/2008 21:05:05 | Attr = ]
sonync.sys -> %System32%\dllcache\sonync.sys -> Sony Corporation [Ver = 6.0.0.05300 | Size = 20752 bytes | Created Date = 22/01/2008 21:05:14 | Attr = ]
sonypi.dll -> %System32%\dllcache\sonypi.dll -> Sony Corporation [Ver = 1.5.090699 | Size = 114688 bytes | Created Date = 22/01/2008 21:05:14 | Attr = ]
sonypi.sys -> %System32%\dllcache\sonypi.sys -> Sony Corporation [Ver = 6.0.5.07140 | Size = 37040 bytes | Created Date = 22/01/2008 21:05:15 | Attr = ]
sonypvu1.sys -> %System32%\dllcache\sonypvu1.sys -> Sony Corporation [Ver = 1.3.0526.0 (XPClient.010817-1148) | Size = 7552 bytes | Created Date = 22/01/2008 21:05:15 | Attr = ]
spdports.dll -> %System32%\dllcache\spdports.dll -> Perle Systems Ltd. [Ver = 1.0.0.0012 | Size = 106584 bytes | Created Date = 22/01/2008 21:05:16 | Attr = ]
speed.sys -> %System32%\dllcache\speed.sys -> Perle Systems Ltd. [Ver = 1.0.4.0021 (XPClient.010817-1148) | Size = 61824 bytes | Created Date = 22/01/2008 21:05:17 | Attr = ]
spxupchk.dll -> %System32%\dllcache\spxupchk.dll -> Perle Systems Ltd. [Ver = 1.0.0.0002 | Size = 24660 bytes | Created Date = 22/01/2008 21:05:18 | Attr = ]
srwlnd5.sys -> %System32%\dllcache\srwlnd5.sys -> 3Com [Ver = 3.0.4 alpha | Size = 48736 bytes | Created Date = 22/01/2008 21:05:21 | Attr = ]
stcusb.sys -> %System32%\dllcache\stcusb.sys -> SCM Microsystems, Inc. [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 16896 bytes | Created Date = 22/01/2008 21:05:23 | Attr = ]
stlnata.sys -> %System32%\dllcache\stlnata.sys -> Stallion Technologies [Ver = 5.6.5 | Size = 285760 bytes | Created Date = 22/01/2008 21:05:24 | Attr = ]
stlncoin.dll -> %System32%\dllcache\stlncoin.dll -> Stallion Technologies [Ver = 5.6.5 | Size = 53248 bytes | Created Date = 22/01/2008 21:05:24 | Attr = ]
stlnprop.dll -> %System32%\dllcache\stlnprop.dll -> Stallion Technologies [Ver = 5.6.4 | Size = 155648 bytes | Created Date = 22/01/2008 21:05:25 | Attr = ]
sx.sys -> %System32%\dllcache\sx.sys -> Perle Systems Ltd. [Ver = 1.1.2.0031 (XPClient.010817-1148) | Size = 103936 bytes | Created Date = 22/01/2008 21:05:28 | Attr = ]
sxports.dll -> %System32%\dllcache\sxports.dll -> Perle Systems Ltd. [Ver = 1.0.0.0008 | Size = 94293 bytes | Created Date = 22/01/2008 21:05:28 | Attr = ]
t2r4disp.dll -> %System32%\dllcache\t2r4disp.dll -> Number Nine Visual Technology [Ver = 5.01.104.09 | Size = 172768 bytes | Created Date = 22/01/2008 21:05:32 | Attr = ]
t2r4mini.sys -> %System32%\dllcache\t2r4mini.sys -> Number Nine Visual Technology Corp. [Ver = 5.01.104.09 | Size = 36640 bytes | Created Date = 22/01/2008 21:05:32 | Attr = ]
tbatm155.sys -> %System32%\dllcache\tbatm155.sys -> Toshiba Corporation [Ver = 0.4.0.0 (XPClient.010817-1148) | Size = 30464 bytes | Created Date = 22/01/2008 21:05:35 | Attr = ]
tdk100b.sys -> %System32%\dllcache\tdk100b.sys -> TDK Corporation [Ver = 1.00 | Size = 37961 bytes | Created Date = 22/01/2008 21:05:37 | Attr = ]
tdkcd31.sys -> %System32%\dllcache\tdkcd31.sys -> TDK Corporation [Ver = 5.00.2128.1 | Size = 17129 bytes | Created Date = 22/01/2008 21:05:38 | Attr = ]
tffsport.sys -> %System32%\dllcache\tffsport.sys -> M-Systems [Ver = 5.02 | Size = 149376 bytes | Created Date = 22/01/2008 21:05:39 | Attr = ]
tgiul50.dll -> %System32%\dllcache\tgiul50.dll -> Trident Microsystems Inc. [Ver = 5.1.2462.0015 (ReleasedBinaries.010308-1115) | Size = 81408 bytes | Created Date = 22/01/2008 21:05:40 | Attr = ]
tgiulnt5.sys -> %System32%\dllcache\tgiulnt5.sys -> Trident Microsystems Inc. [Ver = 5.1.2462.0015 (ReleasedBinaries.010308-1115) | Size = 138528 bytes | Created Date = 22/01/2008 21:05:41 | Attr = ]
tjisdn.sys -> %System32%\dllcache\tjisdn.sys -> Tiger Jet Network [Ver = 3.03 | Size = 123995 bytes | Created Date = 22/01/2008 21:05:43 | Attr = ]
tos4mo.sys -> %System32%\dllcache\tos4mo.sys -> TOSHIBA Corporation [Ver = 2.23 | Size = 28232 bytes | Created Date = 22/01/2008 21:05:44 | Attr = ]
tosdvd02.sys -> %System32%\dllcache\tosdvd02.sys -> Toshiba Corporation [Ver = 1.00.99.1004 (XPClient.010817-1148) | Size = 241664 bytes | Created Date = 22/01/2008 21:05:44 | Attr = ]
tosdvd03.sys -> %System32%\dllcache\tosdvd03.sys -> Toshiba Corporation [Ver = 1.00.99.1003 (XPClient.010817-1148) | Size = 230912 bytes | Created Date = 22/01/2008 21:05:44 | Attr = ]
tp4.dll -> %System32%\dllcache\tp4.dll -> IBM Corporation [Ver = 6.03 (XPClient.010817-1148) | Size = 31744 bytes | Created Date = 22/01/2008 21:05:46 | Attr = ]
tp4mon.exe -> %System32%\dllcache\tp4mon.exe -> IBM Corporation [Ver = 6.03 (xpsp_sp2_rtm.040803-2158) | Size = 82432 bytes | Created Date = 22/01/2008 21:05:46 | Attr = ]
tp4res.dll -> %System32%\dllcache\tp4res.dll -> IBM Corporation [Ver = 6.03 (XPClient.010817-1148) | Size = 42496 bytes | Created Date = 22/01/2008 21:05:48 | Attr = ]
tpro4.sys -> %System32%\dllcache\tpro4.sys -> Intel Corporation [Ver = 3.06.02.0000 | Size = 34375 bytes | Created Date = 22/01/2008 21:05:48 | Attr = ]
trid3d.dll -> %System32%\dllcache\trid3d.dll -> Trident Microsystems Inc. [Ver = 5.1.2471.0046 (ReleasedBinaries.000421-1946) | Size = 315520 bytes | Created Date = 22/01/2008 21:05:49 | Attr = ]
trid3dm.sys -> %System32%\dllcache\trid3dm.sys -> Trident Microsystems Inc. [Ver = 5.1.2471.0032 (ReleasedBinaries.000421-1946) | Size = 222336 bytes | Created Date = 22/01/2008 21:05:49 | Attr = ]
tridkb.dll -> %System32%\dllcache\tridkb.dll -> Trident Microsystems Inc. [Ver = 5.1.2489.0045 (ReleasedBinaries.000421-1946) | Size = 440576 bytes | Created Date = 22/01/2008 21:05:49 | Attr = ]
tridkbm.sys -> %System32%\dllcache\tridkbm.sys -> Trident Microsystems Inc. [Ver = 5.1.2489.0032 (ReleasedBinaries.000421-1946) | Size = 159232 bytes | Created Date = 22/01/2008 21:05:50 | Attr = ]
tridxp.dll -> %System32%\dllcache\tridxp.dll -> Trident Microsystems Inc. [Ver = 5.1.2475.0115 (ReleasedBinaries.010510-2313) | Size = 525568 bytes | Created Date = 22/01/2008 21:05:50 | Attr = ]
tridxpm.sys -> %System32%\dllcache\tridxpm.sys -> Trident Microsystems Inc. [Ver = 5.1.2475.96 (ReleasedBinaries.010510-2313) | Size = 166784 bytes | Created Date = 22/01/2008 21:05:50 | Attr = ]
twotrack.sys -> %System32%\dllcache\twotrack.sys -> IBM Corporation [Ver = 6.03 (XPClient.010817-1148) | Size = 11520 bytes | Created Date = 22/01/2008 21:05:53 | Attr = ]
um34scan.dll -> %System32%\dllcache\um34scan.dll -> UMAX Data Systems Inc. [Ver = 1.0.0.7 | Size = 216064 bytes | Created Date = 22/01/2008 21:05:54 | Attr = ]
um54scan.dll -> %System32%\dllcache\um54scan.dll -> UMAX Data Systems Inc. [Ver = 1.0.0.8 | Size = 211968 bytes | Created Date = 22/01/2008 21:05:55 | Attr = ]
umaxscan.dll -> %System32%\dllcache\umaxscan.dll -> UMAX DATA SYSTEMS INC. [Ver = 5.00.2434.1 | Size = 50688 bytes | Created Date = 22/01/2008 21:05:56 | Attr = ]
usb101et.sys -> %System32%\dllcache\usb101et.sys -> KLSI USA, Inc. [Ver = 3.43.0005.0000 | Size = 32384 bytes | Created Date = 22/01/2008 21:05:59 | Attr = ]
usr1801.sys -> %System32%\dllcache\usr1801.sys -> U.S. Robotics, Inc. [Ver = 1.00.034 | Size = 794654 bytes | Created Date = 22/01/2008 21:06:04 | Attr = ]
usr1806.sys -> %System32%\dllcache\usr1806.sys -> U.S. Robotics, Inc. [Ver = 1.00.036 | Size = 793598 bytes | Created Date = 22/01/2008 21:06:05 | Attr = ]
usr1806v.sys -> %System32%\dllcache\usr1806v.sys -> U.S. Robotics, Inc. [Ver = 1.00.036 | Size = 794399 bytes | Created Date = 22/01/2008 21:06:06 | Attr = ]
usr1807a.sys -> %System32%\dllcache\usr1807a.sys -> U.S. Robotics Corporation [Ver = 4. 11. 21 | Size = 224802 bytes | Created Date = 22/01/2008 21:06:07 | Attr = ]
usroslba.sys -> %System32%\dllcache\usroslba.sys -> U.S. Robotics Corporation [Ver = 4. 11. 21 | Size = 7556 bytes | Created Date = 22/01/2008 21:06:08 | Attr = ]
usrpda.sys -> %System32%\dllcache\usrpda.sys -> U.S. Robotics Corporation [Ver = 4. 11. 22 | Size = 113762 bytes | Created Date = 22/01/2008 21:06:08 | Attr = ]
usrti.sys -> %System32%\dllcache\usrti.sys -> U.S. Robotics, Inc. [Ver = 2.60.005 | Size = 765884 bytes | Created Date = 22/01/2008 21:06:09 | Attr = ]
usrwdxjs.sys -> %System32%\dllcache\usrwdxjs.sys -> U.S. Robotics Corporation [Ver = 3.27.036.0005 | Size = 687999 bytes | Created Date = 22/01/2008 21:06:10 | Attr = ]
viairda.sys -> %System32%\dllcache\viairda.sys -> VIA Technologies, Inc. [Ver = 5,1,2480,0 (XPClient.010817-1148) | Size = 24576 bytes | Created Date = 22/01/2008 21:06:14 | Attr = ]
vinwm.sys -> %System32%\dllcache\vinwm.sys -> Xircom [Ver = 2.1.0.10 | Size = 249402 bytes | Created Date = 22/01/2008 21:06:14 | Attr = ]
vmodem.sys -> %System32%\dllcache\vmodem.sys -> PCTEL, INC. [Ver = 7.60.10A | Size = 604253 bytes | Created Date = 22/01/2008 21:06:15 | Attr = ]
vpctcom.sys -> %System32%\dllcache\vpctcom.sys -> PCtel, Inc. [Ver = 8.00-9K | Size = 397502 bytes | Created Date = 22/01/2008 21:06:16 | Attr = ]
vvoice.sys -> %System32%\dllcache\vvoice.sys -> PCtel, Inc. [Ver = 3.53.00 | Size = 64605 bytes | Created Date = 22/01/2008 21:06:17 | Attr = ]
w840nd.sys -> %System32%\dllcache\w840nd.sys -> Winbond Electronics Corporation [Ver = 2.40 | Size = 19528 bytes | Created Date = 22/01/2008 21:06:18 | Attr = ]
w926nd.sys -> %System32%\dllcache\w926nd.sys -> Winbond Electronics Corporation [Ver = 1.60 | Size = 19016 bytes | Created Date = 22/01/2008 21:06:18 | Attr = ]
w940nd.sys -> %System32%\dllcache\w940nd.sys -> Winbond Electronics Corporation [Ver = 3.22 | Size = 16925 bytes | Created Date = 22/01/2008 21:06:18 | Attr = ]
wadv01nt.sys -> %System32%\dllcache\wadv01nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 12415 bytes | Created Date = 22/01/2008 21:06:20 | Attr = ]
wadv02nt.sys -> %System32%\dllcache\wadv02nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 12127 bytes | Created Date = 22/01/2008 21:06:21 | Attr = ]
wadv05nt.sys -> %System32%\dllcache\wadv05nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11775 bytes | Created Date = 22/01/2008 21:06:22 | Attr = ]
watv01nt.sys -> %System32%\dllcache\watv01nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 29311 bytes | Created Date = 22/01/2008 21:06:24 | Attr = ]
watv02nt.sys -> %System32%\dllcache\watv02nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 19551 bytes | Created Date = 22/01/2008 21:06:26 | Attr = ]
watv04nt.sys -> %System32%\dllcache\watv04nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 33599 bytes | Created Date = 22/01/2008 21:06:27 | Attr = ]
wbfirdma.sys -> %System32%\dllcache\wbfirdma.sys -> Winbond Electronics Corp. [Ver = 5.4.9820.0306 | Size = 35871 bytes | Created Date = 22/01/2008 21:06:30 | Attr = ]
wch7xxnt.sys -> %System32%\dllcache\wch7xxnt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 23615 bytes | Created Date = 22/01/2008 21:06:32 | Attr = ]
wdhaalba.sys -> %System32%\dllcache\wdhaalba.sys -> 3Com Corporation [Ver = 3.34.034.0075 | Size = 701386 bytes | Created Date = 22/01/2008 21:06:33 | Attr = ]
winacisa.sys -> %System32%\dllcache\winacisa.sys -> Rockwell [Ver = 2,0,2,111 | Size = 771581 bytes | Created Date = 22/01/2008 21:06:39 | Attr = ]
wlandrv2.sys -> %System32%\dllcache\wlandrv2.sys -> Raytheon Corp. [Ver = 4.00.00.0004 | Size = 34890 bytes | Created Date = 22/01/2008 21:06:44 | Attr = ]
wlluc48.sys -> %System32%\dllcache\wlluc48.sys -> Lucent Technologies [Ver = 7.43.0.9 | Size = 154624 bytes | Created Date = 22/01/2008 21:06:44 | Attr = ]
wsiintxx.sys -> %System32%\dllcache\wsiintxx.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 12063 bytes | Created Date = 22/01/2008 21:07:28 | Attr = ]
wvchntxx.sys -> %System32%\dllcache\wvchntxx.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 19455 bytes | Created Date = 22/01/2008 21:07:35 | Attr = ]
xem336n5.sys -> %System32%\dllcache\xem336n5.sys -> US Robotics MCD (Megahertz) [Ver = 1.25.014 | Size = 16970 bytes | Created Date = 22/01/2008 21:07:43 | Attr = ]
xlog.exe -> %System32%\dllcache\xlog.exe -> Eicon Technology [Ver = 2.0.1.315 | Size = 99865 bytes | Created Date = 22/01/2008 21:07:44 | Attr = ]
xrxftplt.exe -> %System32%\dllcache\xrxftplt.exe -> [Ver = 1, 0, 0, 2 | Size = 27648 bytes | Created Date = 22/01/2008 21:07:47 | Attr = ]
xrxscnui.dll -> %System32%\dllcache\xrxscnui.dll -> [Ver = 1, 0, 0, 1 | Size = 17408 bytes | Created Date = 22/01/2008 21:07:47 | Attr = ]
xrxwbtmp.dll -> %System32%\dllcache\xrxwbtmp.dll -> Xerox Corporation [Ver = 1, 0, 0, 1 | Size = 23040 bytes | Created Date = 22/01/2008 21:07:48 | Attr = ]
xrxwiadr.dll -> %System32%\dllcache\xrxwiadr.dll -> Xerox [Ver = 1, 0, 0, 2 | Size = 116224 bytes | Created Date = 22/01/2008 21:07:48 | Attr = ]
svchost .exe -> %System32%\drivers\svchost .exe -> [Ver = | Size = 69489 bytes | Created Date = 23/01/2008 12:34:52 | Attr = ]
btask.dll -> %System32%\btask.dll -> Charter [Ver = 0, 1, 0, 1 | Size = 53760 bytes | Created Date = 20/01/2008 20:41:28 | Attr = ]
BTCPatcher.exe -> %System32%\BTCPatcher.exe -> [Ver = | Size = 1499136 bytes | Created Date = 31/12/2007 17:03:54 | Attr = ]
cs.dat -> %System32%\cs.dat -> [Ver = | Size = 1 bytes | Created Date = 23/01/2008 00:43:10 | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Created Date = 22/01/2008 20:50:44 | Attr = HS]
java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 135168 bytes | Created Date = 13/01/2008 09:13:45 | Attr = ]
javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 135168 bytes | Created Date = 13/01/2008 09:13:45 | Attr = ]
javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 139264 bytes | Created Date = 13/01/2008 09:13:45 | Attr = ]
klnnn.ini -> %System32%\klnnn.ini -> [Ver = | Size = 1658 bytes | Created Date = 23/01/2008 14:58:19 | Attr = HS]
klnnn.ini2 -> %System32%\klnnn.ini2 -> [Ver = | Size = 1658 bytes | Created Date = 23/01/2008 14:58:20 | Attr = HS]
ktask.dll -> %System32%\ktask.dll -> Charter [Ver = 0, 1, 0, 1 | Size = 53760 bytes | Created Date = 20/01/2008 20:41:38 | Attr = ]
nnnlk.dll -> %System32%\nnnlk.dll -> [Ver = | Size = 334848 bytes | Created Date = 23/01/2008 14:58:11 | Attr = ]
nnnlk.exe -> %System32%\nnnlk.exe -> [Ver = | Size = 338432 bytes | Created Date = 23/01/2008 14:59:20 | Attr = ]
ps1.dat -> %System32%\ps1.dat -> [Ver = | Size = 1 bytes | Created Date = 23/01/2008 00:43:10 | Attr = ]
rc.dat -> %System32%\rc.dat -> [Ver = | Size = 1 bytes | Created Date = 23/01/2008 00:43:10 | Attr = ]
RCX8.tmp -> %System32%\RCX8.tmp -> [Ver = | Size = 338432 bytes | Created Date = 23/01/2008 18:29:07 | Attr = ]
streamhlp.dll -> %System32%\streamhlp.dll -> [Ver = | Size = 59392 bytes | Created Date = 12/01/2008 18:52:41 | Attr = R ]
25651.exe -> %SystemRoot%\25651.exe -> [Ver = | Size = 0 bytes | Created Date = 23/01/2008 12:38:48 | Attr = ]
3427.exe -> %SystemRoot%\3427.exe -> [Ver = | Size = 0 bytes | Created Date = 23/01/2008 12:37:33 | Attr = ]
37594.exe -> %SystemRoot%\37594.exe -> [Ver = | Size = 0 bytes | Created Date = 23/01/2008 12:40:04 | Attr = ]
43098.exe -> %SystemRoot%\43098.exe -> [Ver = | Size = 0 bytes | Created Date = 23/01/2008 12:36:14 | Attr = ]
ERDNT -> %SystemRoot%\ERDNT -> [Folder | Created Date = 07/01/2008 23:59:11 | Attr = ]
isRS-000.tmp -> %SystemRoot%\isRS-000.tmp -> [Ver = 51.46.0.0 | Size = 679424 bytes | Created Date = 15/01/2008 18:45:12 | Attr = ]
Minidump -> %SystemRoot%\Minidump -> [Folder | Created Date = 16/01/2008 05:15:36 | Attr = ]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 20/01/2008 16:08:13 | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 20/01/2008 16:08:13 | Attr = H ]
wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 2201 bytes | Created Date = 12/01/2008 14:19:59 | Attr = ]
[Files Created - Additional Folder Scans - Non-Microsoft Only]
ESET -> %AllUsersAppData%\ESET -> [Folder | Created Date = 07/01/2008 19:29:29 | Attr = ]
Lavasoft -> %AllUsersAppData%\Lavasoft -> [Folder | Created Date = 13/01/2008 01:12:43 | Attr = ]
SUPERAntiSpyware.com -> %AllUsersAppData%\SUPERAntiSpyware.com -> [Folder | Created Date = 07/01/2008 21:53:20 | Attr = ]
ESET -> %UserAppData%\ESET -> [Folder | Created Date = 08/01/2008 01:10:32 | Attr = ]
SUPERAntiSpyware.com -> %UserAppData%\SUPERAntiSpyware.com -> [Folder | Created Date = 22/01/2008 17:29:31 | Attr = ]
ESET -> %LocalAppData%\ESET -> [Folder | Created Date = 22/01/2008 20:35:59 | Attr = ]
Ad-Aware 2007.lnk -> %AllUsersDesktop%\Ad-Aware 2007.lnk -> [Ver = | Size = 1801 bytes | Created Date = 13/01/2008 01:15:02 | Attr = ]
iTunes.lnk -> %AllUsersDesktop%\iTunes.lnk -> [Ver = | Size = 2137 bytes | Created Date = 31/12/2007 19:57:53 | Attr = ]
SUPERAntiSpyware Free Edition.lnk -> %AllUsersDesktop%\SUPERAntiSpyware Free Edition.lnk -> [Ver = | Size = 950 bytes | Created Date = 22/01/2008 17:29:42 | Attr = ]
avenger.exe -> %UserDesktop%\avenger.exe -> [Ver = | Size = 130048 bytes | Created Date = 23/01/2008 12:38:31 | Attr = ]
avenger.zip -> %UserDesktop%\avenger.zip -> [Ver = | Size = 127378 bytes | Created Date = 23/01/2008 12:38:11 | Attr = ]
Shortcut to WinPFind35u.lnk -> %UserDesktop%\Shortcut to WinPFind35u.lnk -> [Ver = | Size = 718 bytes | Created Date = 23/01/2008 16:15:14 | Attr = ]
SUPERAntiSpyware.exe -> %UserDesktop%\SUPERAntiSpyware.exe -> [Ver = | Size = 5914648 bytes | Created Date = 22/01/2008 17:26:38 | Attr = ]
VundoFix.exe -> %UserDesktop%\VundoFix.exe -> Atribune.org [Ver = 6.07.0007 | Size = 132608 bytes | Created Date = 22/01/2008 17:26:38 | Attr = ]
WinPFind35u -> %UserDesktop%\WinPFind35u -> [Folder | Created Date = 22/01/2008 20:35:54 | Attr = ]
WinPFind35u.exe -> %UserDesktop%\WinPFind35u.exe -> [Ver = | Size = 477456 bytes | Created Date = 22/01/2008 17:26:32 | Attr = ]

[Files/Folders - Modified Within 30 days]
!KillBox -> %SystemDrive%\!KillBox -> [Folder | Modified Date = 16/01/2008 19:02:28 | Attr = ]
avenger -> %SystemDrive%\avenger -> [Folder | Modified Date = 23/01/2008 12:44:22 | Attr = ]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 13/01/2008 17:28:33 | Attr = RHS]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 22/01/2008 17:29:54 | Attr = ]
Deckard -> %SystemDrive%\Deckard -> [Folder | Modified Date = 07/01/2008 23:07:19 | Attr = ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 234409984 bytes | Modified Date = 23/01/2008 18:26:49 | Attr = HS]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 23/01/2008 12:42:25 | Attr = R ]
Programas -> %SystemDrive%\Programas -> [Folder | Modified Date = 07/01/2008 21:38:59 | Attr = ]
RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Modified Date = 22/01/2008 20:44:32 | Attr = HS]
SUPERAntiSpyware.exe -> %SystemDrive%\SUPERAntiSpyware.exe -> [Ver = | Size = 5914648 bytes | Modified Date = 22/01/2008 11:44:00 | Attr = ]
System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 08/01/2008 02:05:23 | Attr = HS]
VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Modified Date = 22/01/2008 19:18:02 | Attr = ]
VundoFix.exe -> %SystemDrive%\VundoFix.exe -> Atribune.org [Ver = 6.07.0007 | Size = 132608 bytes | Modified Date = 22/01/2008 11:42:10 | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 23/01/2008 12:40:04 | Attr = ]
WinPFind35u.exe -> %SystemDrive%\WinPFind35u.exe -> [Ver = | Size = 476717 bytes | Modified Date = 21/01/2008 20:16:04 | Attr = ]
etc -> %System32%\drivers\etc -> [Folder | Modified Date = 20/01/2008 17:13:03 | Attr = ]
hosts -> %System32%\drivers\etc\hosts -> [Ver = | Size = 223724 bytes | Modified Date = 20/01/2008 17:13:04 | Attr = R ]
hosts.20080115-185918.backup -> %System32%\drivers\etc\hosts.20080115-185918.backup -> [Ver = | Size = 65806 bytes | Modified Date = 15/01/2008 18:36:26 | Attr = R ]
hosts.20080115-185942.backup -> %System32%\drivers\etc\hosts.20080115-185942.backup -> [Ver = | Size = 65806 bytes | Modified Date = 15/01/2008 18:59:19 | Attr = R ]
hosts.20080115-191645.backup -> %System32%\drivers\etc\hosts.20080115-191645.backup -> [Ver = | Size = 65806 bytes | Modified Date = 15/01/2008 18:59:42 | Attr = R ]
hosts.20080115-202232.backup -> %System32%\drivers\etc\hosts.20080115-202232.backup -> [Ver = | Size = 223724 bytes | Modified Date = 15/01/2008 19:16:45 | Attr = R ]
hosts.20080116-004852.backup -> %System32%\drivers\etc\hosts.20080116-004852.backup -> [Ver = | Size = 223724 bytes | Modified Date = 15/01/2008 20:22:33 | Attr = R ]
hosts.20080116-060312.backup -> %System32%\drivers\etc\hosts.20080116-060312.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 00:48:52 | Attr = R ]
hosts.20080116-073002.backup -> %System32%\drivers\etc\hosts.20080116-073002.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 06:03:12 | Attr = R ]
hosts.20080116-073519.backup -> %System32%\drivers\etc\hosts.20080116-073519.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 07:30:02 | Attr = R ]
hosts.20080116-095802.backup -> %System32%\drivers\etc\hosts.20080116-095802.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 07:35:19 | Attr = R ]
hosts.20080116-181934.backup -> %System32%\drivers\etc\hosts.20080116-181934.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 09:58:02 | Attr = R ]
hosts.20080116-182752.backup -> %System32%\drivers\etc\hosts.20080116-182752.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 18:19:34 | Attr = R ]
hosts.20080116-200125.backup -> %System32%\drivers\etc\hosts.20080116-200125.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 18:27:52 | Attr = R ]
hosts.20080117-010818.backup -> %System32%\drivers\etc\hosts.20080117-010818.backup -> [Ver = | Size = 223724 bytes | Modified Date = 16/01/2008 20:01:25 | Attr = R ]
hosts.20080117-162821.backup -> %System32%\drivers\etc\hosts.20080117-162821.backup -> [Ver = | Size = 223724 bytes | Modified Date = 17/01/2008 01:08:18 | Attr = R ]
hosts.20080118-202342.backup -> %System32%\drivers\etc\hosts.20080118-202342.backup -> [Ver = | Size = 223724 bytes | Modified Date = 17/01/2008 16:28:21 | Attr = R ]
hosts.20080118-232428.backup -> %System32%\drivers\etc\hosts.20080118-232428.backup -> [Ver = | Size = 223724 bytes | Modified Date = 18/01/2008 20:23:42 | Attr = R ]
hosts.20080119-003451.backup -> %System32%\drivers\etc\hosts.20080119-003451.backup -> [Ver = | Size = 223724 bytes | Modified Date = 18/01/2008 20:23:42 | Attr = ]
hosts.20080119-071510.backup -> %System32%\drivers\etc\hosts.20080119-071510.backup -> [Ver = | Size = 223724 bytes | Modified Date = 19/01/2008 00:34:52 | Attr = R ]
hosts.20080119-121310.backup -> %System32%\drivers\etc\hosts.20080119-121310.backup -> [Ver = | Size = 223724 bytes | Modified Date = 19/01/2008 07:15:10 | Attr = R ]
hosts.20080119-153035.backup -> %System32%\drivers\etc\hosts.20080119-153035.backup -> [Ver = | Size = 223724 bytes | Modified Date = 19/01/2008 12:13:10 | Attr = R ]
hosts.20080120-153645.backup -> %System32%\drivers\etc\hosts.20080120-153645.backup -> [Ver = | Size = 223724 bytes | Modified Date = 19/01/2008 15:30:35 | Attr = R ]
hosts.20080120-160639.backup -> %System32%\drivers\etc\hosts.20080120-160639.backup -> [Ver = | Size = 223724 bytes | Modified Date = 19/01/2008 15:30:35 | Attr = ]
hosts.20080120-164010.backup -> %System32%\drivers\etc\hosts.20080120-164010.backup -> [Ver = | Size = 223724 bytes | Modified Date = 19/01/2008 15:30:35 | Attr = ]
hosts.20080120-171303.backup -> %System32%\drivers\etc\hosts.20080120-171303.backup -> [Ver = | Size = 223724 bytes | Modified Date = 20/01/2008 16:40:10 | Attr = R ]
sptd.sys -> %System32%\drivers\sptd.sys -> [Ver = | Size = 715248 bytes | Modified Date = 08/01/2008 00:20:57 | Attr = ]
svchost .exe -> %System32%\drivers\svchost .exe -> [Ver = | Size = 69489 bytes | Modified Date = 23/01/2008 12:34:52 | Attr = ]
btask.dll -> %System32%\btask.dll -> Charter [Ver = 0, 1, 0, 1 | Size = 53760 bytes | Modified Date = 20/01/2008 21:51:24 | Attr = ]
BTCPatcher.exe -> %System32%\BTCPatcher.exe -> [Ver = | Size = 1499136 bytes | Modified Date = 31/12/2007 17:03:16 | Attr = ]
CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 11/01/2008 22:50:20 | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 22/01/2008 20:52:44 | Attr = ]
config -> %System32%\config -> [Folder | Modified Date = 11/01/2008 22:28:13 | Attr = ]
cs.dat -> %System32%\cs.dat -> [Ver = | Size = 1 bytes | Modified Date = 23/01/2008 00:43:10 | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 23/01/2008 12:32:15 | Attr = HS]
drivers -> %System32%\drivers -> [Folder | Modified Date = 23/01/2008 12:44:44 | Attr = ]
DRVSTORE -> %System32%\DRVSTORE -> [Folder | Modified Date = 31/12/2007 19:49:44 | Attr = ]
klnnn.ini -> %System32%\klnnn.ini -> [Ver = | Size = 1658 bytes | Modified Date = 23/01/2008 18:34:13 | Attr = HS]
klnnn.ini2 -> %System32%\klnnn.ini2 -> [Ver = | Size = 1658 bytes | Modified Date = 23/01/2008 18:34:15 | Attr = HS]
ktask.dll -> %System32%\ktask.dll -> Charter [Ver = 0, 1, 0, 1 | Size = 53760 bytes | Modified Date = 21/01/2008 23:23:40 | Attr = ]
nnnlk.dll -> %System32%\nnnlk.dll -> [Ver = | Size = 334848 bytes | Modified Date = 23/01/2008 14:58:12 | Attr = ]
nnnlk.exe -> %System32%\nnnlk.exe -> [Ver = | Size = 338432 bytes | Modified Date = 23/01/2008 18:23:18 | Attr = ]
perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 59448 bytes | Modified Date = 11/01/2008 20:45:55 | Attr = ]
perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 393506 bytes | Modified Date = 11/01/2008 20:45:55 | Attr = ]
ps1.dat -> %System32%\ps1.dat -> [Ver = | Size = 1 bytes | Modified Date = 23/01/2008 00:43:10 | Attr = ]
rc.dat -> %System32%\rc.dat -> [Ver = | Size = 1 bytes | Modified Date = 23/01/2008 00:43:10 | Attr = ]
RCX8.tmp -> %System32%\RCX8.tmp -> [Ver = | Size = 338432 bytes | Modified Date = 23/01/2008 18:29:07 | Attr = ]
Restore -> %System32%\Restore -> [Folder | Modified Date = 08/01/2008 02:05:23 | Attr = ]
streamhlp.dll -> %System32%\streamhlp.dll -> [Ver = | Size = 59392 bytes | Modified Date = 12/01/2008 18:53:12 | Attr = R ]
wbem -> %System32%\wbem -> [Folder | Modified Date = 11/01/2008 22:27:07 | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 12704 bytes | Modified Date = 23/01/2008 18:28:09 | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 08/01/2008 21:31:16 | Attr = H ]
25651.exe -> %SystemRoot%\25651.exe -> [Ver = | Size = 0 bytes | Modified Date = 23/01/2008 12:38:48 | Attr = ]
3427.exe -> %SystemRoot%\3427.exe -> [Ver = | Size = 0 bytes | Modified Date = 23/01/2008 12:37:33 | Attr = ]
37594.exe -> %SystemRoot%\37594.exe -> [Ver = | Size = 0 bytes | Modified Date = 23/01/2008 12:40:04 | Attr = ]
43098.exe -> %SystemRoot%\43098.exe -> [Ver = | Size = 0 bytes | Modified Date = 23/01/2008 12:36:14 | Attr = ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 23/01/2008 18:26:50 | Attr = S]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 08/01/2008 00:02:15 | Attr = S]
ERDNT -> %SystemRoot%\ERDNT -> [Folder | Modified Date = 07/01/2008 23:59:11 | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 12/01/2008 12:20:31 | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 22/01/2008 17:29:54 | Attr = HS]
isRS-000.tmp -> %SystemRoot%\isRS-000.tmp -> [Ver = 51.46.0.0 | Size = 679424 bytes | Modified Date = 15/01/2008 18:45:12 | Attr = ]
Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 16/01/2008 18:24:59 | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 23/01/2008 12:45:30 | Attr = ]
pss -> %SystemRoot%\pss -> [Folder | Modified Date = 08/01/2008 22:31:36 | Attr = ]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 20/01/2008 16:08:13 | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 23/01/2008 18:29:56 | Attr = H ]
Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 11/01/2008 22:27:05 | Attr = ]
system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 13/01/2008 17:28:33 | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 23/01/2008 18:29:07 | Attr = ]
Temp -> %SystemRoot%\Temp -> [Folder | Modified Date = 23/01/2008 18:32:09 | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 823 bytes | Modified Date = 13/01/2008 17:28:33 | Attr = ]
wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 2201 bytes | Modified Date = 20/01/2008 17:55:58 | Attr = ]
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 31/12/2007 12:18:19 | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 23/01/2008 18:27:10 | Attr = H ]
[Files Modified - Additional Folder Scans - Non-Microsoft Only]
BVRP Software -> %AllUsersAppData%\BVRP Software -> [Folder | Modified Date = 03/01/2008 20:25:43 | Attr = ]
ESET -> %AllUsersAppData%\ESET -> [Folder | Modified Date = 07/01/2008 19:29:29 | Attr = ]
Lavasoft -> %AllUsersAppData%\Lavasoft -> [Folder | Modified Date = 13/01/2008 01:12:43 | Attr = ]
Spybot - Search & Destroy -> %AllUsersAppData%\Spybot - Search & Destroy -> [Folder | Modified Date = 15/01/2008 18:36:08 | Attr = ]
SUPERAntiSpyware.com -> %AllUsersAppData%\SUPERAntiSpyware.com -> [Folder | Modified Date = 07/01/2008 21:53:20 | Attr = ]
TEMP -> %AllUsersAppData%\TEMP -> [Folder | Modified Date = 21/01/2008 19:56:15 | Attr = ]
ESET -> %UserAppData%\ESET -> [Folder | Modified Date = 08/01/2008 01:10:32 | Attr = ]
SUPERAntiSpyware.com -> %UserAppData%\SUPERAntiSpyware.com -> [Folder | Modified Date = 22/01/2008 17:29:34 | Attr = ]
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %LocalAppData%\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 15872 bytes | Modified Date = 26/12/2007 16:09:36 | Attr = ]
ESET -> %LocalAppData%\ESET -> [Folder | Modified Date = 22/01/2008 20:35:59 | Attr = ]
My Pictures -> %UserDocuments%\My Pictures -> [Folder | Modified Date = 21/01/2008 23:06:44 | Attr = R ]
Ad-Aware 2007.lnk -> %AllUsersDesktop%\Ad-Aware 2007.lnk -> [Ver = | Size = 1801 bytes | Modified Date = 13/01/2008 01:15:02 | Attr = ]
iTunes.lnk -> %AllUsersDesktop%\iTunes.lnk -> [Ver = | Size = 2137 bytes | Modified Date = 13/01/2008 00:53:10 | Attr = ]
SUPERAntiSpyware Free Edition.lnk -> %AllUsersDesktop%\SUPERAntiSpyware Free Edition.lnk -> [Ver = | Size = 950 bytes | Modified Date = 22/01/2008 19:33:02 | Attr = ]
avenger.zip -> %UserDesktop%\avenger.zip -> [Ver = | Size = 127378 bytes | Modified Date = 23/01/2008 12:38:09 | Attr = ]
Microsoft Access.lnk -> %UserDesktop%\Microsoft Access.lnk -> [Ver = | Size = 2457 bytes | Modified Date = 14/01/2008 23:47:11 | Attr = ]
Microsoft Word.lnk -> %UserDesktop%\Microsoft Word.lnk -> [Ver = | Size = 2483 bytes | Modified Date = 26/12/2007 18:34:18 | Attr = ]
Shortcut to WinPFind35u.lnk -> %UserDesktop%\Shortcut to WinPFind35u.lnk -> [Ver = | Size = 718 bytes | Modified Date = 23/01/2008 16:15:14 | Attr = ]
SUPERAntiSpyware.exe -> %UserDesktop%\SUPERAntiSpyware.exe -> [Ver = | Size = 5914648 bytes | Modified Date = 22/01/2008 11:44:00 | Attr = ]
VundoFix.exe -> %UserDesktop%\VundoFix.exe -> Atribune.org [Ver = 6.07.0007 | Size = 132608 bytes | Modified Date = 22/01/2008 11:42:10 | Attr = ]
WinPFind35u -> %UserDesktop%\WinPFind35u -> [Folder | Modified Date = 22/01/2008 20:37:23 | Attr = ]
WinPFind35u.exe -> %UserDesktop%\WinPFind35u.exe -> [Ver = | Size = 477456 bytes | Modified Date = 22/01/2008 17:17:08 | Attr = ]
Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Modified Date = 12/01/2008 14:22:34 | Attr = ]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 5470 bytes | Modified Date = 23/01/2008 18:30:20 | Attr = ]
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 5470 bytes | Modified Date = 23/01/2008 18:30:18 | Attr = ]
data.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\data.dat -> [Ver = | Size = 1388 bytes | Modified Date = 11/10/2007 22:44:58 | Attr = ]

< End of report >


Thanks again!

#11 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:09:16 AM

Posted 23 January 2008 - 03:28 PM

Hi Cunnysmythe. If WPF35 was hanging up then it means that the infection is still there and the log shows that it is. Let's try something else.

Download Combofix from any of the links below, and save it to your desktop. For information regarding this download, please visit this webpage: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Link 1
Link 2
Link 3


**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

--------------------------------------------------------------------

Double click on combofix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.
Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall


Include a new WinPFind35u scan report also.

Cheers.

OT
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#12 Cunnysmythe

Cunnysmythe
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:02:16 PM

Posted 24 January 2008 - 09:54 AM

That seemed to go smoothly enough... Let's hope for the best.


ComboFix 08-01-23.2 - Glendora Wooding 2008-01-24 14:14:15.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.39 [GMT 0:00]
Running from: C:\Documents and Settings\Glendora Wooding\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Helper
C:\Program Files\Helper\superfindout.dll
C:\WINDOWS\25651.exe
C:\WINDOWS\3427.exe
C:\WINDOWS\37594.exe
C:\WINDOWS\43098.exe
C:\WINDOWS\system32\alog.txt
C:\WINDOWS\system32\ctfmon.exe.tmp
C:\WINDOWS\system32\klnnn.ini
C:\WINDOWS\system32\klnnn.ini2
C:\WINDOWS\system32\nnnlk.dll
C:\WINDOWS\system32\nnnlk.exe
C:\WINDOWS\system32\RCX8.tmp

.
((((((((((((((((((((((((( Files Created from 2007-12-24 to 2008-01-24 )))))))))))))))))))))))))))))))
.

2008-01-24 14:10 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe
2008-01-23 12:34 . 2008-01-23 12:34 69,489 --a------ C:\WINDOWS\system32\drivers\svchost .exe
2008-01-23 00:43 . 2008-01-23 00:43 1 --a------ C:\WINDOWS\system32\rc.dat
2008-01-23 00:43 . 2008-01-23 00:43 1 --a------ C:\WINDOWS\system32\ps1.dat
2008-01-23 00:43 . 2008-01-23 00:43 1 --a------ C:\WINDOWS\system32\cs.dat
2008-01-22 21:07 . 2004-08-04 07:56 116,224 --a------ C:\WINDOWS\system32\dllcache\xrxwiadr.dll
2008-01-22 21:07 . 2001-08-17 22:37 99,865 --a------ C:\WINDOWS\system32\dllcache\xlog.exe
2008-01-22 21:07 . 2001-08-17 22:37 27,648 --a------ C:\WINDOWS\system32\dllcache\xrxftplt.exe
2008-01-22 21:07 . 2001-08-17 22:36 23,040 --a------ C:\WINDOWS\system32\dllcache\xrxwbtmp.dll
2008-01-22 21:07 . 2004-08-04 05:29 19,455 --a------ C:\WINDOWS\system32\dllcache\wvchntxx.sys
2008-01-22 21:07 . 2001-08-17 22:36 17,408 --a------ C:\WINDOWS\system32\dllcache\xrxscnui.dll
2008-01-22 21:07 . 2001-08-17 12:11 16,970 --a------ C:\WINDOWS\system32\dllcache\xem336n5.sys
2008-01-22 21:07 . 2004-08-04 05:29 12,063 --a------ C:\WINDOWS\system32\dllcache\wsiintxx.sys
2008-01-22 21:07 . 2004-08-04 07:56 8,192 --a------ C:\WINDOWS\system32\dllcache\wshirda.dll
2008-01-22 21:07 . 2001-08-17 22:37 4,608 --a------ C:\WINDOWS\system32\dllcache\xrxflnch.exe
2008-01-22 21:05 . 2001-08-17 22:36 525,568 --a------ C:\WINDOWS\system32\dllcache\tridxp.dll
2008-01-22 21:04 . 2001-08-17 13:28 899,146 --a------ C:\WINDOWS\system32\dllcache\r2mdkxga.sys
2008-01-22 21:03 . 2001-08-17 14:05 351,616 --a------ C:\WINDOWS\system32\dllcache\ovcodek2.sys
2008-01-22 21:02 . 2001-08-17 13:28 802,683 --a------ C:\WINDOWS\system32\dllcache\ltsm.sys
2008-01-22 21:01 . 2001-08-17 13:28 727,786 --a------ C:\WINDOWS\system32\dllcache\ltck000c.sys
2008-01-22 21:00 . 2004-08-04 07:56 702,845 --a------ C:\WINDOWS\system32\dllcache\i81xdnt5.dll
2008-01-22 20:59 . 2001-08-17 14:56 1,733,120 --a------ C:\WINDOWS\system32\dllcache\g400d.dll
2008-01-22 20:58 . 2001-08-17 12:14 952,007 --a------ C:\WINDOWS\system32\dllcache\diwan.sys
2008-01-22 20:57 . 2001-08-17 12:13 980,034 --a------ C:\WINDOWS\system32\dllcache\cicap.sys
2008-01-22 20:56 . 2001-08-17 13:28 762,780 --a------ C:\WINDOWS\system32\dllcache\3cwmcru.sys
2008-01-22 20:55 . 2001-08-17 14:56 66,048 --a------ C:\WINDOWS\system32\dllcache\s3legacy.dll
2008-01-22 20:50 . 2008-01-23 12:32 <DIR> d--hs---- C:\WINDOWS\system32\dllcache
2008-01-22 17:03 . 2008-01-22 11:44 5,914,648 --a------ C:\SUPERAntiSpyware.exe
2008-01-22 17:03 . 2008-01-21 20:16 476,717 --a------ C:\WinPFind35u.exe
2008-01-22 17:03 . 2008-01-22 11:42 132,608 --a------ C:\VundoFix.exe
2008-01-20 20:41 . 2008-01-21 23:23 53,760 --a------ C:\WINDOWS\system32\ktask.dll
2008-01-20 20:41 . 2008-01-20 21:51 53,760 --a------ C:\WINDOWS\system32\btask.dll
2008-01-20 16:08 . 2008-01-24 12:20 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-20 16:08 . 2008-01-20 16:08 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-15 18:45 . 2008-01-15 18:45 679,424 --a------ C:\WINDOWS\isRS-000.tmp
2008-01-15 18:23 . 2008-01-15 18:24 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-01-13 03:44 . 2008-01-22 19:18 <DIR> d-------- C:\VundoFix Backups
2008-01-13 01:13 . 2008-01-13 01:13 <DIR> d-------- C:\Program Files\Lavasoft
2008-01-12 18:52 . 2008-01-13 00:50 <DIR> d-------- C:\Program Files\TrojanHunter 5.0
2008-01-12 14:19 . 2008-01-20 17:55 2,201 --a------ C:\WINDOWS\wininit.ini
2008-01-12 13:40 . 2008-01-12 13:40 <DIR> d-------- C:\Program Files\Trend Micro
2008-01-11 20:39 . 2008-01-11 22:29 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-01-11 19:32 . 2008-01-11 22:24 <DIR> d-------- C:\Program Files\RogueRemover FREE
2008-01-08 00:39 . 2008-01-21 19:57 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-01-07 23:07 . 2008-01-07 23:07 <DIR> d-------- C:\Deckard
2008-01-07 22:10 . 2008-01-13 13:01 15,360 --a------ C:\WINDOWS\system32\ctfmon .exe
2008-01-07 21:38 . 2008-01-07 21:38 <DIR> d-------- C:\Programas
2008-01-07 17:21 . 2008-01-07 17:48 <DIR> d-------- C:\Program Files\MagicDisc
2008-01-06 20:31 . 2008-01-20 16:26 <DIR> d-------- C:\Program Files\RESIDENT EVIL
2008-01-06 18:04 . 2008-01-06 18:04 <DIR> d-------- C:\Program Files\MagicISO
2008-01-05 23:22 . 2008-01-05 23:22 <DIR> d-------- C:\Program Files\Tierra
2008-01-04 21:47 . 2008-01-04 21:47 <DIR> d-------- C:\Program Files\LucasFan Games
2007-12-31 19:56 . 2008-01-24 14:14 <DIR> d-------- C:\Program Files\iTunes
2007-12-31 17:03 . 2007-12-31 17:03 1,499,136 --a------ C:\WINDOWS\system32\BTCPatcher.exe
2007-12-31 17:03 . 2007-12-31 17:03 37,888 --a------ C:\WINDOWS\system32\rar.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-24 14:14 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-01-13 09:10 --------- d-----w C:\Program Files\Java
2008-01-12 14:22 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-01-08 00:20 715,248 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-01-03 20:21 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-03 20:21 --------- d-----w C:\Program Files\Creative
2008-01-03 20:15 --------- d-----w C:\Program Files\DivX
2007-12-31 19:57 --------- d-----w C:\Program Files\iPod
2007-12-31 19:54 --------- d-----w C:\Program Files\QuickTime
2007-12-22 15:11 --------- d-----w C:\Program Files\VideoLAN
2007-12-21 08:21 71,176 ----a-w C:\WINDOWS\system32\drivers\epfw.sys
2007-12-21 08:21 53,768 ----a-w C:\WINDOWS\system32\drivers\epfwtdi.sys
2007-12-21 08:21 30,728 ----a-w C:\WINDOWS\system32\drivers\epfwndis.sys
2007-12-21 08:20 30,216 ----a-w C:\WINDOWS\system32\drivers\easdrv.sys
2007-12-21 08:19 39,944 ----a-w C:\WINDOWS\system32\drivers\eamon.sys
2007-11-30 05:22 --------- d-----w C:\Program Files\Matroska Pack
.
<pre>
----a-w		   486,856 2008-01-21 19:54:23  C:\Program Files\DAEMON Tools Lite\daemon .exe
----a-w		 1,443,072 2008-01-16 18:53:11  C:\Program Files\ESET\ESET Smart Security\egui .exe
----a-w		   267,048 2008-01-24 14:29:42  C:\Program Files\iTunes\iTunesHelper .exe
----a-w		   144,784 2008-01-13 16:35:49  C:\Program Files\Java\jre1.6.0_04\bin\jusched .exe
----a-w		 1,694,208 2008-01-23 00:38:30  C:\Program Files\Messenger\msmsgs .exe
----a-w		 1,460,560 2008-01-20 17:04:12  C:\Program Files\Spybot - Search & Destroy\TeaTimer .exe
----a-w		 1,318,912 2008-01-24 14:29:57  C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware .exe
----a-w		 1,046,688 2008-01-13 00:37:01  C:\Program Files\TrojanHunter 5.0\THGuard .exe
----a-w		   158,208 2008-01-11 22:34:47  C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig .exe
----a-w			15,360 2008-01-13 13:01:51  C:\WINDOWS\system32\ctfmon .exe
----a-w			69,489 2008-01-23 12:34:52  C:\WINDOWS\system32\drivers\svchost .exe
</pre>


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C1D01800-6316-4EC2-87EF-F3E1371BF399}]
2008-01-24 14:29 334848 --a------ C:\WINDOWS\system32\nnnlk.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E1290342-AAFF-4f7c-9F45-D665E4BF1A00}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [ ]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-01-24 14:14 1771008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [ ]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [ ]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [ ]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [ ]
"PRONoMgr.exe"="C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe" [ ]
"Easy-PrintToolBox"="C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.exe" [ ]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [ ]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-01-24 12:18 700928]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [ ]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [ ]
"Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 08:52 218232]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SRUUninstall"="C:\WINDOWS\system32\msiexec.exe" [2005-03-21 14:00 78848]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]
C:\WINDOWS\System32\LgNotify.dll 2003-12-16 15:49 110592 C:\WINDOWS\system32\LgNotify.dll

[HKEY_CURRENT_USER\software\microsoft\windows nt\currentversion\windows]
"load"=C:\WINDOWS\system32\nnnlk.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\system32\nnnlk

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SoundMan"=SOUNDMAN.EXE
"CHotkey"=mHotkey.exe

R2 CLEVOIO;CLEVOIO;C:\WINDOWS\system32\drivers\CLEVOIO.sys [2003-07-25 23:31]
S1 mp32;mp3 audio;C:\WINDOWS\system32\dxdss.sys []
S3 uac4pdt;PDT USB Composite Class Filter Driver;C:\WINDOWS\system32\DRIVERS\uac4pdt.sys [2005-02-24 14:35]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fed78bd1-9939-11dc-8099-0090f5490c06}]
\Shell\AutoRun\command - F:\panel.exe -SecondCD

.
Contents of the 'Scheduled Tasks' folder
"2007-12-31 12:18:19 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-24 14:28:58
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\WINDOWS\system32\nnnlk.exe 338432 bytes executable

scan completed successfully
hidden files: 1

**************************************************************************
.

-------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:45, on 2008-01-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\1XConfig.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\iTunes\iTunesHelper .exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware .exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F3 - REG:win.ini: load=C:\WINDOWS\system32\nnnlk.exe
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Symantec NetDriver Warning] C:\PROGRA~1\SYMNET~1\SNDWarn.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SRUUninstall] "C:\WINDOWS\system32\msiexec.exe" /L*v C:\WINDOWS\TEMP\SND532unin.txt /x {6AF90EF6-F7F9-466C-99F4-1774826FBB40} /qn REBOOT=ReallySuppress (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SRUUninstall] "C:\WINDOWS\system32\msiexec.exe" /L*v C:\WINDOWS\TEMP\SND532unin.txt /x {6AF90EF6-F7F9-466C-99F4-1774826FBB40} /qn REBOOT=ReallySuppress (User 'Default user')
O4 - .DEFAULT User Startup: CheckMail.LNK = C:\Program Files\ClevoMailCheck\ClevoMailCheck.EXE (User 'Default user')
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 6660 bytes


-----------------------------------------


WinPFind35 logfile created on: 2008-01-24 14:48:36
WinPFind35U Version Beta31 Folder = C:\Documents and Settings\Administrator\Desktop\WinPFind35u
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)

223.48 Mb Total Physical Memory | 53.23 Mb Available Physical Memory | 23.82% Memory free
544.79 Mb Paging File | 318.97 Mb Available in Paging File | 58.55% Paging File free
Paging file location(s): C:\pagefile.sys 336 672;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 27.95 Gb Total Space | 12.37 Gb Free Space | 44.25% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded

Computer Name: GLENDORA
Current User Name: Glendora Wooding
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user


[Processes - Non-Microsoft Only]
s24evmon.exe -> %System32%\S24EvMon.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 311363 bytes | Modified Date = 2003-12-16 15:42:32 | Attr = ]
aawservice.exe -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft AB [Ver = 7, 0, 2, 5 | Size = 587096 bytes | Modified Date = 2007-10-29 13:27:04 | Attr = ]
applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 2007-09-06 13:28:18 | Attr = ]
ekrn.exe -> %ProgramFiles%\ESET\ESET Smart Security\ekrn.exe -> ESET [Ver = 3.0.621 | Size = 468224 bytes | Modified Date = 2007-12-21 08:21:16 | Attr = ]
regsrvc.exe -> %System32%\RegSrvc.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 122880 bytes | Modified Date = 2003-12-16 15:41:40 | Attr = ]
zcfgsvc.exe -> %System32%\ZCfgSvc.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 376832 bytes | Modified Date = 2003-12-16 15:47:42 | Attr = ]
1xconfig.exe -> %System32%\1XConfig.exe -> Intel [Ver = 8, 0, 0, 161 | Size = 184320 bytes | Modified Date = 2003-12-16 15:43:06 | Attr = ]
ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 700928 bytes | Modified Date = 2008-01-24 12:18:57 | Attr = ]
ituneshelper .exe -> %ProgramFiles%\iTunes\iTunesHelper .exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 267048 bytes | Modified Date = 2008-01-24 14:29:42 | Attr = ]
ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 504104 bytes | Modified Date = 2007-12-11 12:10:16 | Attr = ]
winpfind35u.exe -> %SystemDrive%\Documents and Settings\Administrator\Desktop\WinPFind35u\WinPFind35U.exe -> OldTimer Tools [Ver = 1.0.0.0 | Size = 306176 bytes | Modified Date = 2008-01-21 19:33:52 | Attr = ]

[Win32 Services - Non-Microsoft Only]
(aawservice) Ad-Aware 2007 Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Lavasoft\Ad-Aware 2007\aawservice.exe -> Lavasoft AB [Ver = 7, 0, 2, 5 | Size = 587096 bytes | Modified Date = 2007-10-29 13:27:04 | Attr = ]
(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> Apple, Inc. [Ver = 1, 14, 0, 0 | Size = 110592 bytes | Modified Date = 2007-09-06 13:28:18 | Attr = ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 224768 bytes | Modified Date = 2004-08-04 07:56:48 | Attr = ]
(EhttpSrv) Eset HTTP Server [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\ESET\ESET Smart Security\EHttpSrv.exe -> ESET [Ver = 3.0.621 | Size = 19200 bytes | Modified Date = 2007-12-21 08:22:44 | Attr = ]
(ekrn) Eset Service [Win32_Own | Auto | Running] -> %ProgramFiles%\ESET\ESET Smart Security\ekrn.exe -> ESET [Ver = 3.0.621 | Size = 468224 bytes | Modified Date = 2007-12-21 08:21:16 | Attr = ]
(gusvc) Google Updater Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> Google [Ver = 2.0.734.29932.beta | Size = 138168 bytes | Modified Date = 2007-04-22 00:59:09 | Attr = ]
(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> Macrovision Corporation [Ver = 11.00.28844 | Size = 69632 bytes | Modified Date = 2005-04-04 00:41:10 | Attr = ]
(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 504104 bytes | Modified Date = 2007-12-11 12:10:16 | Attr = ]
(RegSrvc) RegSrvc [Win32_Own | Auto | Running] -> %System32%\RegSrvc.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 122880 bytes | Modified Date = 2003-12-16 15:41:40 | Attr = ]
(S24EventMonitor) Spectrum24 Event Monitor [Win32_Own | Auto | Running] -> %System32%\S24EvMon.exe -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 311363 bytes | Modified Date = 2003-12-16 15:42:32 | Attr = ]
(SLService) SmartLinkService [Win32_Own | Auto | Stopped] -> %System32%\slserv.exe -> [Ver = 2.80.00(24Apr2000) | Size = 45056 bytes | Modified Date = 2003-01-16 18:02:38 | Attr = ]

[Driver Services - Non-Microsoft Only]
(Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> -> File not found
(ALCXSENS) Service for WDM 3D Audio Driver [Kernel | On_Demand | Running] -> %System32%\drivers\ALCXSENS.SYS -> Sensaura Ltd [Ver = 5.10.00.3511D | Size = 391424 bytes | Modified Date = 2003-12-11 15:54:14 | Attr = ]
(ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Running] -> %System32%\drivers\ALCXWDM.SYS -> Realtek Semiconductor Corp. [Ver = 5.10.5420 | Size = 541548 bytes | Modified Date = 2003-12-19 12:07:50 | Attr = ]
(AliIde) AliIde [Kernel | Boot | Running] -> %System32%\drivers\aliide.sys -> Acer Laboratories Inc. [Ver = 1.20 | Size = 5248 bytes | Modified Date = 2001-08-17 19:51:56 | Attr = ]
(amdagp) AMD AGP Bus Filter Driver [Kernel | Boot | Running] -> %System32%\drivers\amdagp.sys -> Advanced Micro Devices, Inc. [Ver = 5.00 (xpsp_sp2_rtm.040803-2158) | Size = 43008 bytes | Modified Date = 2004-08-04 06:07:42 | Attr = ]
(asc) asc [Kernel | Boot | Running] -> %System32%\drivers\asc.sys -> Advanced System Products, Inc. [Ver = 2.9I-MS (XPClient.010817-1148) | Size = 26496 bytes | Modified Date = 2001-08-17 19:52:00 | Attr = ]
(asc3550) asc3550 [Kernel | Boot | Running] -> %System32%\drivers\asc3550.sys -> Advanced System Products, Inc. [Ver = 3.1E-MS (XPClient.010817-1148) | Size = 14848 bytes | Modified Date = 2001-08-17 19:51:58 | Attr = ]
(Atdisk) Atdisk [Kernel | Disabled | Stopped] -> -> File not found
(Changer) Changer [Kernel | System | Stopped] -> -> File not found
(CLEVOIO) CLEVOIO [Kernel | Auto | Running] -> %System32%\drivers\CLEVOIO.sys -> CLEVO I/O Driver [Ver = 1, 0, 0, 4 | Size = 11520 bytes | Modified Date = 2003-07-25 23:31:50 | Attr = ]
(CmdIde) CmdIde [Kernel | Boot | Running] -> %System32%\drivers\cmdide.sys -> CMD Technology, Inc. [Ver = 2.0.7 (XPClient.010817-1148) | Size = 6656 bytes | Modified Date = 2001-08-17 19:51:54 | Attr = ]
(dac2w2k) dac2w2k [Kernel | Boot | Running] -> %System32%\drivers\dac2w2k.sys -> Mylex Corporation [Ver = 6.00-21 (XPClient.010817-1148) | Size = 179584 bytes | Modified Date = 2001-08-17 19:52:16 | Attr = ]
(dmboot) dmboot [Kernel | Disabled | Stopped] -> %System32%\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 799744 bytes | Modified Date = 2004-08-04 06:07:17 | Attr = ]
(dmio) dmio [Kernel | Disabled | Stopped] -> %System32%\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153344 bytes | Modified Date = 2004-08-04 06:07:16 | Attr = ]
(dmload) dmload [Kernel | Disabled | Stopped] -> %System32%\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 2003-03-31 11:00:00 | Attr = ]
(eamon) eamon [Kernel | Auto | Running] -> %System32%\drivers\eamon.sys -> ESET [Ver = 3.0.621 | Size = 39944 bytes | Modified Date = 2007-12-21 08:19:54 | Attr = ]
(easdrv) easdrv [Kernel | System | Running] -> %System32%\drivers\easdrv.sys -> ESET [Ver = 3.0.621 | Size = 30216 bytes | Modified Date = 2007-12-21 08:20:14 | Attr = ]
(epfw) epfw [Kernel | Auto | Running] -> %System32%\drivers\epfw.sys -> ESET [Ver = 3.0.621 | Size = 71176 bytes | Modified Date = 2007-12-21 08:21:46 | Attr = ]
(Epfwndis) Eset Personal Firewall [Kernel | On_Demand | Running] -> %System32%\drivers\epfwndis.sys -> ESET [Ver = 3.0.621 | Size = 30728 bytes | Modified Date = 2007-12-21 08:21:52 | Attr = ]
(epfwtdi) epfwtdi [Kernel | System | Running] -> %System32%\drivers\epfwtdi.sys -> ESET [Ver = 3.0.621 | Size = 53768 bytes | Modified Date = 2007-12-21 08:21:54 | Attr = ]
(GEARAspiWDM) GEAR CDRom Filter [Kernel | On_Demand | Running] -> %System32%\drivers\GEARAspiWDM.sys -> GEAR Software Inc. [Ver = 2.0.6.1 | Size = 15664 bytes | Modified Date = 2006-09-19 15:44:04 | Attr = ]
(ialm) ialm [Kernel | On_Demand | Running] -> %System32%\drivers\ialmnt5.sys -> Intel Corporation [Ver = 6.13.10.3514 | Size = 90907 bytes | Modified Date = 2003-04-23 02:10:06 | Attr = ]
(Iviaspi) IVI ASPI Shell [Kernel | On_Demand | Running] -> %System32%\drivers\iviaspi.sys -> InterVideo, Inc. [Ver = 1, 0, 0, 0 | Size = 21060 bytes | Modified Date = 2003-09-10 22:36:54 | Attr = ]
(lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> -> File not found
(mcdbus) Driver for MagicISO SCSI Host Controller [Kernel | On_Demand | Stopped] -> system32\DRIVERS\mcdbus.sys -> File not found
(MDC8021X) AEGIS Protocol (IEEE 802.1x) v2.2.1.0 [Kernel | Auto | Running] -> %System32%\drivers\mdc8021x.sys -> Meetinghouse Data Communications [Ver = 2.2.1.0 | Size = 14037 bytes | Modified Date = 2004-07-05 09:42:32 | Attr = ]
(mp32) mp3 audio [Kernel | System | Stopped] -> %System32%\dxdss.sys -> File not found
(mraid35x) mraid35x [Kernel | Boot | Running] -> %System32%\drivers\mraid35x.sys -> American Megatrends Inc. [Ver = 6.19 (XPClient.010817-1148) | Size = 17280 bytes | Modified Date = 2001-08-17 19:52:12 | Attr = ]
(Mtlmnt5) Mtlmnt5 [Kernel | On_Demand | Running] -> %System32%\drivers\mtlmnt5.sys -> [Ver = 3.20.03 | Size = 210128 bytes | Modified Date = 2003-02-06 10:22:38 | Attr = ]
(Mtlstrm) Mtlstrm [Kernel | On_Demand | Stopped] -> %System32%\drivers\mtlstrm.sys -> [Ver = 3.20.03 | Size = 1290760 bytes | Modified Date = 2003-02-06 10:25:00 | Attr = ]
(NtMtlFax) NtMtlFax [Kernel | On_Demand | Stopped] -> %System32%\drivers\ntmtlfax.sys -> [Ver = 3.20.03 | Size = 162136 bytes | Modified Date = 2003-02-05 08:25:56 | Attr = ]
(PCIDump) PCIDump [Kernel | System | Stopped] -> -> File not found
(PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> -> File not found
(PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> -> File not found
(PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> -> File not found
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %System32%\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 2003-03-31 11:00:00 | Attr = ]
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %System32%\drivers\PxHelp20.sys -> Sonic Solutions [Ver = 3.00.56a | Size = 43528 bytes | Modified Date = 2007-10-20 00:56:10 | Attr = ]
(ql1080) ql1080 [Kernel | Boot | Running] -> %System32%\drivers\ql1080.sys -> QLogic Corporation [Ver = 3.04 | Size = 40320 bytes | Modified Date = 2001-08-17 19:52:20 | Attr = ]
(ql12160) ql12160 [Kernel | Boot | Running] -> %System32%\drivers\ql12160.sys -> QLogic Corporation [Ver = 7.13.02 (W64) | Size = 45312 bytes | Modified Date = 2001-08-17 19:52:20 | Attr = ]
(ql1280) ql1280 [Kernel | Boot | Running] -> %System32%\drivers\ql1280.sys -> QLogic Corporation [Ver = 7.13.01 (W2K) | Size = 49024 bytes | Modified Date = 2001-08-17 19:52:18 | Attr = ]
(RecAgent) RecAgent [Kernel | On_Demand | Stopped] -> %System32%\drivers\recagent.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 13776 bytes | Modified Date = 2004-08-04 05:41:39 | Attr = ]
(rtl8139) Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver [Kernel | On_Demand | Running] -> %System32%\drivers\R8139n51.sys -> Realtek Semiconductor Corporation [Ver = 5.505.1004.2002 built by: WinDDK | Size = 46976 bytes | Modified Date = 2002-10-03 18:04:10 | Attr = ]
(s24trans) WLAN Transport [Kernel | Auto | Running] -> %System32%\drivers\s24trans.sys -> Intel Corporation [Ver = 1, 0, 0, 0 | Size = 11258 bytes | Modified Date = 2003-09-15 09:20:18 | Attr = ]
(SASDIFSV) SASDIFSV [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\sasdifsv.sys -> [Ver = 1, 0, 0, 1006 | Size = 5632 bytes | Modified Date = 2006-10-10 13:53:48 | Attr = ]
(SASENUM) SASENUM [Kernel | On_Demand | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASENUM.SYS -> SuperAdBlocker, Inc. [Ver = 1, 0, 0, 1002 | Size = 4096 bytes | Modified Date = 2006-02-16 17:51:08 | Attr = R ]
(SASKUTIL) SASKUTIL [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASKUTIL.SYS -> [Ver = 1, 0, 0, 1036 | Size = 32256 bytes | Modified Date = 2007-02-27 12:39:26 | Attr = ]
(SE26bus) Sony Ericsson Device 038 Driver driver (WDM) [Kernel | On_Demand | Stopped] -> %System32%\drivers\SE26bus.sys -> MCCI [Ver = V4.34 | Size = 61600 bytes | Modified Date = 2006-05-15 13:59:04 | Attr = R ]
(SE26mdfl) Sony Ericsson Device 038 USB WMC Modem Filter [Kernel | On_Demand | Stopped] -> %System32%\drivers\SE26mdfl.sys -> MCCI [Ver = V4.34 | Size = 9360 bytes | Modified Date = 2006-05-15 13:59:08 | Attr = R ]
(SE26mdm) Sony Ericsson Device 038 USB WMC Modem Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\SE26mdm.sys -> MCCI [Ver = V4.34 | Size = 97184 bytes | Modified Date = 2006-05-15 13:59:08 | Attr = R ]
(SE26mgmt) Sony Ericsson Device 038 USB WMC Device Management Drivers (WDM) [Kernel | On_Demand | Stopped] -> %System32%\drivers\SE26mgmt.sys -> MCCI [Ver = V4.34 | Size = 88688 bytes | Modified Date = 2006-05-15 13:59:12 | Attr = R ]
(se26nd5) Sony Ericsson Device 038 USB Ethernet Emulation SEMC38 (NDIS) [Kernel | On_Demand | Stopped] -> %System32%\drivers\se26nd5.sys -> MCCI [Ver = V4.34 | Size = 18704 bytes | Modified Date = 2006-05-15 13:59:12 | Attr = R ]
(SE26obex) Sony Ericsson Device 038 USB WMC OBEX Interface [Kernel | On_Demand | Stopped] -> %System32%\drivers\SE26obex.sys -> MCCI [Ver = V4.34 | Size = 86560 bytes | Modified Date = 2006-05-15 13:59:14 | Attr = R ]
(se26unic) Sony Ericsson Device 038 USB Ethernet Emulation SEMC38 (WDM) [Kernel | On_Demand | Stopped] -> %System32%\drivers\se26unic.sys -> MCCI [Ver = V4.34 | Size = 90768 bytes | Modified Date = 2006-05-15 13:59:20 | Attr = R ]
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %System32%\drivers\secdrv.sys -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. [Ver = 4.03.086 | Size = 20480 bytes | Modified Date = 2007-11-13 10:25:53 | Attr = ]
(Simbad) Simbad [Kernel | Disabled | Stopped] -> -> File not found
(sisagp) SIS AGP Bus Filter [Kernel | Boot | Running] -> %System32%\drivers\sisagp.sys -> Silicon Integrated Systems Corporation [Ver = 5.12.01.2010 (xpsp_sp2_rtm.040803-2158) | Size = 41088 bytes | Modified Date = 2004-08-04 06:07:42 | Attr = ]
(Slntamr) SmartLink AMR_PCI Driver [Kernel | On_Demand | Running] -> %System32%\drivers\slntamr.sys -> [Ver = 3.20.03 | Size = 506912 bytes | Modified Date = 2003-02-05 08:42:40 | Attr = ]
(SlNtHal) SlNtHal [Kernel | On_Demand | Stopped] -> %System32%\drivers\slnthal.sys -> [Ver = 3.20.03 | Size = 85520 bytes | Modified Date = 2003-02-06 10:23:16 | Attr = ]
(SlWdmSup) SlWdmSup [Kernel | On_Demand | Running] -> %System32%\drivers\slwdmsup.sys -> Vireo Software [Ver = 1.00 | Size = 39348 bytes | Modified Date = 2003-01-16 17:19:32 | Attr = ]
(Sparrow) Sparrow [Kernel | Boot | Running] -> %System32%\drivers\sparrow.sys -> Adaptec, Inc. [Ver = v2.0a (ReleaseBinaries.001205-1804) | Size = 19072 bytes | Modified Date = 2001-08-17 20:07:44 | Attr = ]
(sptd) sptd [Kernel | Boot | Running] -> %System32%\drivers\sptd.sys -> [Ver = | Size = 715248 bytes | Modified Date = 2008-01-08 00:20:57 | Attr = ]
(symc810) symc810 [Kernel | Boot | Running] -> %System32%\drivers\symc810.sys -> Symbios Logic Inc. [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 16256 bytes | Modified Date = 2001-08-17 20:07:34 | Attr = ]
(symc8xx) symc8xx [Kernel | Boot | Running] -> %System32%\drivers\symc8xx.sys -> LSI Logic [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 32640 bytes | Modified Date = 2001-08-17 20:07:36 | Attr = ]
(SymEvent) SymEvent [Kernel | On_Demand | Stopped] -> %ProgramFiles%\Symantec\SYMEVENT.SYS -> Symantec Corporation [Ver = 12.0.2.1 | Size = 107696 bytes | Modified Date = 2006-02-14 12:05:06 | Attr = ]
(sym_hi) sym_hi [Kernel | Boot | Running] -> %System32%\drivers\sym_hi.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 28384 bytes | Modified Date = 2001-08-17 20:07:40 | Attr = ]
(sym_u3) sym_u3 [Kernel | Boot | Running] -> %System32%\drivers\sym_u3.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 30688 bytes | Modified Date = 2001-08-17 20:07:42 | Attr = ]
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> %System32%\drivers\SynTP.sys -> Synaptics, Inc. [Ver = 7.2.5 06Dec02 | Size = 265008 bytes | Modified Date = 2002-12-06 07:26:02 | Attr = R ]
(uac4pdt) PDT USB Composite Class Filter Driver [Kernel | On_Demand | Stopped] -> %System32%\drivers\uac4pdt.sys -> Micronas GmbH [Ver = 1, 2, 0, 25 | Size = 15232 bytes | Modified Date = 2005-02-24 14:35:06 | Attr = R ]
(ultra) ultra [Kernel | Boot | Running] -> %System32%\drivers\ultra.sys -> Promise Technology, Inc. [Ver = 1.43 (Build 0603) | Size = 36736 bytes | Modified Date = 2001-08-17 19:52:22 | Attr = ]
(VGAORG) VGAORG [Kernel | Auto | Stopped] -> -> File not found
(w22n51) Intel® PRO/Wireless 2200 Adapter Driver [Kernel | On_Demand | Running] -> %System32%\drivers\w22n51.sys -> Intel® Corporation [Ver = 80012-9000 Driver | Size = 1646720 bytes | Modified Date = 2004-01-02 10:52:34 | Attr = R ]
(WDICA) WDICA [Kernel | On_Demand | Stopped] -> -> File not found
(ZSMC301b) CMM PC Camera [Kernel | On_Demand | Stopped] -> %System32%\drivers\usbVM31b.sys -> VM [Ver = 4.2.916.41 | Size = 94132 bytes | Modified Date = 2003-04-03 13:20:54 | Attr = ]
({6080A529-897E-4629-A488-ABA0C29B635E}) Intel® Graphics Platform (SoftBIOS) Driver [Kernel | On_Demand | Running] -> %System32%\drivers\ialmsbw.sys -> Intel Corporation [Ver = 6.13.10.3514 | Size = 113504 bytes | Modified Date = 2003-04-23 02:15:06 | Attr = ]
({D31A0762-0CEB-444e-ACFF-B049A1F6FE91}) Intel® Graphics Chipset (KCH) Driver [Kernel | On_Demand | Running] -> %System32%\drivers\ialmkchw.sys -> Intel Corporation [Ver = 6.13.10.3514 | Size = 78752 bytes | Modified Date = 2003-04-23 02:14:56 | Attr = ]
({E2B953A6-195A-44F9-9BA3-3D5F4E32BB55}) AIM 3.0 Part 01 Codec Driver CH-7009-A/CH-7011 [Kernel | On_Demand | Running] -> %System32%\drivers\wa301a.sys -> Intel Corporation [Ver = 4.13.10.3514 | Size = 33335 bytes | Modified Date = 2003-04-23 02:10:12 | Attr = ]

[Registry - Non-Microsoft Only]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
Easy-PrintToolBox -> %ProgramFiles%\Canon\Easy-PrintToolBox\BJPSMAIN.EXE -> File not found
egui -> %ProgramFiles%\ESET\ESET Smart Security\egui.exe -> File not found
HotKeysCmds -> %System32%\hkcmd.exe -> File not found
IgfxTray -> %System32%\igfxtray.exe -> File not found
iTunesHelper -> %ProgramFiles%\iTunes\iTunesHelper.exe -> Apple Inc. [Ver = 7.5.0.20 | Size = 700928 bytes | Modified Date = 2008-01-24 12:18:57 | Attr = ]
nod32kui -> %ProgramFiles%\Eset\nod32kui.exe -> File not found
PRONoMgr.exe -> %ProgramFiles%\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe -> File not found
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.6.0_03\bin\jusched.exe -> File not found
SynTPEnh -> %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe -> File not found
SynTPLpr -> %ProgramFiles%\Synaptics\SynTP\SynTPLpr.exe -> File not found
< OptionalComponents [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\ ->
IMAIL-> Installed = 1 ->
MAPI-> Installed = 1 ->
MSFS-> Installed = 1 ->
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
ctfmon.exe -> %System32%\ctfmon.exe -> File not found
SUPERAntiSpyware -> %ProgramFiles%\SUPERAntiSpyware\SUPERAntiSpyware.exe -> SUPERAntiSpyware.com [Ver = 3, 9, 0, 1008 | Size = 1771008 bytes | Modified Date = 2008-01-24 14:14:40 | Attr = ]
< Windows NT\\Load [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\load ->
C:\WINDOWS\system32\nnnlk.exe -> %System32%\nnnlk.exe -> [Ver = | Size = 338432 bytes | Modified Date = 2008-01-24 14:31:31 | Attr = ]
*MultiFile Done* -> ->
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup ->
< Glendora Wooding Startup Folder > -> C:\Documents and Settings\Glendora Wooding\Start Menu\Programs\Startup ->
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> SuperAdBlocker.com [Ver = 1, 0, 0, 1008 | Size = 77824 bytes | Modified Date = 2006-12-20 13:55:48 | Attr = ]
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
!SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.dll -> SUPERAntiSpyware.com [Ver = 1, 0, 0, 1046 | Size = 294912 bytes | Modified Date = 2007-04-19 13:41:36 | Attr = ]
igfxcui -> %System32%\igfxsrvc.dll -> Intel Corporation [Ver = 3,0,0,2104 | Size = 315392 bytes | Modified Date = 2003-04-06 16:06:48 | Attr = ]
Sebring -> %System32%\LgNotify.dll -> Intel Corporation [Ver = 8, 0, 0, 161 | Size = 110592 bytes | Modified Date = 2003-12-16 15:49:34 | Attr = ]
< CurrentVersion Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun -> 67108863 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 255 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\undockwithoutlogon -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Uninstall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> ->
< CurrentVersion Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Associations\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ -> ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\WindowsUpdate\ -> ->
< HOSTS File > (27 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts ->
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\Default_Page_URL -> http://uk.yahoo.com ->
HKEY_LOCAL_MACHINE\: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\Local Page -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\Start Page -> http://uk.yahoo.com ->
HKEY_LOCAL_MACHINE\: Search\\CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKEY_LOCAL_MACHINE\: Search\\SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\Local Page -> C:\WINDOWS\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\Search Page -> http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch ->
HKEY_CURRENT_USER\: Main\\Start Page -> http://uk.yahoo.com ->
HKEY_CURRENT_USER\: SearchURL\\ -> http://www.google.com/keyword/%s[Reg Error: Value provider does not exist or could not be read.] ->
HKEY_CURRENT_USER\: URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Yahoo! Toolbar] -> File not found
HKEY_CURRENT_USER\: ProxyEnable -> 0 ->
HKEY_CURRENT_USER\: ProxyOverride -> <local> ->
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4179 domain(s) found. ->
35 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. ->
.[msn] -> My Computer ->
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.9.2006121800 | Size = 59032 bytes | Modified Date = 2006-12-18 04:16:42 | Attr = ]
{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot-S&D IE Protection] -> Safer Networking Limited [Ver = 1, 5, 0, 8 | Size = 1122128 bytes | Modified Date = 2007-08-31 16:46:14 | Attr = ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_04\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 509328 bytes | Modified Date = 2007-12-14 03:42:36 | Attr = ]
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar3.dll [Google Toolbar Helper] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 2007-01-19 22:55:32 | Attr = R ]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [Google Toolbar Notifier BHO] -> Google Inc. [Ver = 2, 0, 301, 7164 | Size = 325048 bytes | Modified Date = 2007-10-16 16:29:51 | Attr = ]
{C1D01800-6316-4EC2-87EF-F3E1371BF399} [HKEY_LOCAL_MACHINE] -> %System32%\nnnlk.dll [Reg Error: Value does not exist or could not be read.] -> [Ver = | Size = 334848 bytes | Modified Date = 2008-01-24 14:29:40 | Attr = ]
{E1290342-AAFF-4f7c-9F45-D665E4BF1A00} [HKEY_LOCAL_MACHINE] -> %System32%\ktask.dll [Google Module] -> Charter [Ver = 0, 1, 0, 1 | Size = 53760 bytes | Modified Date = 2008-01-21 23:23:40 | Attr = ]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
{2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar3.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 2007-01-19 22:55:32 | Attr = R ]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Canon\Easy-WebPrint\Toolband.dll [Easy-WebPrint] -> [Ver = 2, 5, 1, 6 | Size = 405504 bytes | Modified Date = 2004-08-26 10:27:32 | Attr = ]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
ShellBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar3.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 2007-01-19 22:55:32 | Attr = R ]
ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
ShellBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Google\GoogleToolbar3.dll [&Google] -> Google Inc. [Ver = 4, 0, 1601, 4978 | Size = 2403392 bytes | Modified Date = 2007-01-19 22:55:32 | Attr = R ]
WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Yahoo! Toolbar] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Java\jre1.6.0_04\bin\npjpi160_04.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 132496 bytes | Modified Date = 2007-12-14 03:42:37 | Attr = ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC} [HKEY_CURRENT_USER] -> %ProgramFiles%\Java\jre1.6.0_04\bin\ssv.dll [Sun Java Console] -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 509328 bytes | Modified Date = 2007-12-14 03:42:36 | Attr = ]
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [Spybot - Search & Destroy Configuration] -> Safer Networking Limited [Ver = 1, 5, 0, 8 | Size = 1122128 bytes | Modified Date = 2007-08-31 16:46:14 | Attr = ]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\{D6E814A0-E0C5-11d4-8D29-0050BA6940E3} [HKEY_LOCAL_MACHINE] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
Download All by FlashGet -> %ProgramFiles%\FlashGet\jc_all.htm -> File not found
Download using FlashGet -> %ProgramFiles%\FlashGet\jc_link.htm -> File not found
E&xport to Microsoft Excel -> -> File not found
Easy-WebPrint Add To Print List -> %ProgramFiles%\Canon\Easy-WebPrint\Resource.dll\RC_AddToList.htm -> File not found
Easy-WebPrint High Speed Print -> %ProgramFiles%\Canon\Easy-WebPrint\Resource.dll\RC_HSPrint.htm -> File not found
Easy-WebPrint Preview -> %ProgramFiles%\Canon\Easy-WebPrint\Resource.dll\RC_Preview.htm -> File not found
Easy-WebPrint Print -> %ProgramFiles%\Canon\Easy-WebPrint\Resource.dll\RC_Print.htm -> File not found
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find...=%s&mime=%s ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{20E84452-9651-4B70-BB06-A731EE2C9AB1} -> (1394 Net Adapter) ->
{211D2732-7838-4958-B95D-5BCDEFC682C7} -> (Intel® PRO/Wireless 2200BG Network Connection) ->
{A827AC52-F93C-4938-85F6-CAF906DFDE35} -> () ->
{BB8BF008-FEEF-4092-9D4D-A505EA66A0B7} -> (Sony Ericsson Device 038 USB Ethernet Emulation (NDIS 5)) ->
{C89C7A95-1336-4BDA-9F61-5962A41C5F51} -> (Realtek RTL8139/810x Family Fast Ethernet NIC) ->
{D3355E58-9713-48CB-A56B-733BDDA36F18} -> (1394 Net Adapter) ->
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found
msdaipp: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened.[Reg Error: Value does not exist or could not be read.] -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{8AD9C840-044E-11D1-B3E9-00805F499D93}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[Java Plug-in 1.6.0_04] ->
{9F1C11AA-197B-4942-BA54-47A8489BB47F}[HKEY_LOCAL_MACHINE] -> http://v4.windowsupdate.microsoft.com/CAB/...8156.1850578704[Reg Error: Key does not exist or could not be opened.] ->
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[Java Plug-in 1.6.0_03] ->
{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[Java Plug-in 1.6.0_04] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}[HKEY_LOCAL_MACHINE] -> http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab[Java Plug-in 1.6.0_04] ->
{D27CDB6E-AE6D-11CF-96B8-444553540000}[HKEY_LOCAL_MACHINE] -> http://fpdownload.macromedia.com/get/flash...ent/swflash.cab[Shockwave Flash Object] ->



[Files/Folders - Created Within 30 days]
!KillBox -> %SystemDrive%\!KillBox -> [Folder | Created Date = 2008-01-15 01:29:47 | Attr = ]
avenger -> %SystemDrive%\avenger -> [Folder | Created Date = 2008-01-23 12:44:22 | Attr = ]
ComboFix -> %SystemDrive%\ComboFix -> [Folder | Created Date = 2008-01-24 13:57:13 | Attr = ]
Deckard -> %SystemDrive%\Deckard -> [Folder | Created Date = 2008-01-07 23:07:19 | Attr = ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 234409984 bytes | Created Date = 2008-01-23 18:26:49 | Attr = HS]
Programas -> %SystemDrive%\Programas -> [Folder | Created Date = 2008-01-07 21:38:59 | Attr = ]
QooBox -> %SystemDrive%\QooBox -> [Folder | Created Date = 2008-01-24 14:10:53 | Attr = ]
SUPERAntiSpyware.exe -> %SystemDrive%\SUPERAntiSpyware.exe -> [Ver = | Size = 5914648 bytes | Created Date = 2008-01-22 17:03:16 | Attr = ]
VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Created Date = 2008-01-13 03:44:01 | Attr = ]
VundoFix.exe -> %SystemDrive%\VundoFix.exe -> Atribune.org [Ver = 6.07.0007 | Size = 132608 bytes | Created Date = 2008-01-22 17:03:16 | Attr = ]
WinPFind35u.exe -> %SystemDrive%\WinPFind35u.exe -> [Ver = | Size = 476717 bytes | Created Date = 2008-01-22 17:03:20 | Attr = ]
3cwmcru.sys -> %System32%\dllcache\3cwmcru.sys -> 3Com, Inc. [Ver = 1.44.008.0020 | Size = 762780 bytes | Created Date = 2008-01-22 20:56:23 | Attr = ]
3dfxvs.dll -> %System32%\dllcache\3dfxvs.dll -> 3dfx Interactive, Inc. [Ver = 5.00.2489.0028 | Size = 689216 bytes | Created Date = 2008-01-22 20:56:23 | Attr = ]
3dfxvsm.sys -> %System32%\dllcache\3dfxvsm.sys -> 3dfx Interactive, Inc. [Ver = 5.00.2489.0028 | Size = 148352 bytes | Created Date = 2008-01-22 20:56:24 | Attr = ]
a3dapi.dll -> %System32%\dllcache\a3dapi.dll -> Aureal Inc. [Ver = 3.02 | Size = 462848 bytes | Created Date = 2008-01-22 20:56:27 | Attr = ]
ac97ali.sys -> %System32%\dllcache\ac97ali.sys -> Acer Laboratories Inc. [Ver = 5.12.01.6003 | Size = 231552 bytes | Created Date = 2008-01-22 20:56:28 | Attr = ]
ac97intc.sys -> %System32%\dllcache\ac97intc.sys -> Intel Corporation [Ver = 5.10.3523 built by: WinDDK | Size = 96256 bytes | Created Date = 2008-01-22 20:56:28 | Attr = ]
ac97sis.sys -> %System32%\dllcache\ac97sis.sys -> Silicon Integrated Systems Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 297728 bytes | Created Date = 2008-01-22 20:56:29 | Attr = ]
ac97via.sys -> %System32%\dllcache\ac97via.sys -> VIA Technologies, Inc. [Ver = 5.10.00.3622 built by: WinDDK | Size = 84480 bytes | Created Date = 2008-01-22 20:56:29 | Attr = ]
acerscad.dll -> %System32%\dllcache\acerscad.dll -> Color Flatbed Scanner [Ver = 1, 0, 0, 0 | Size = 61440 bytes | Created Date = 2008-01-22 20:56:30 | Attr = ]
adm8511.sys -> %System32%\dllcache\adm8511.sys -> ADMtek Incorporated [Ver = 2.04.2001.0719 built by: WinDDK | Size = 20160 bytes | Created Date = 2008-01-22 20:56:32 | Attr = ]
adm8810.sys -> %System32%\dllcache\adm8810.sys -> Aureal, Inc. [Ver = 5.12.01.3500 | Size = 584448 bytes | Created Date = 2008-01-22 20:56:32 | Attr = ]
adm8820.sys -> %System32%\dllcache\adm8820.sys -> Aureal, Inc. [Ver = 5.12.01.1500 | Size = 553984 bytes | Created Date = 2008-01-22 20:56:33 | Attr = ]
adm8830.sys -> %System32%\dllcache\adm8830.sys -> Aureal, Inc. [Ver = 5.12.01.2500 | Size = 747392 bytes | Created Date = 2008-01-22 20:56:33 | Attr = ]
admjoy.sys -> %System32%\dllcache\admjoy.sys -> Aureal, Inc. [Ver = 5.12.01.1500 | Size = 10880 bytes | Created Date = 2008-01-22 20:56:34 | Attr = ]
adptsf50.sys -> %System32%\dllcache\adptsf50.sys -> Adaptec, Inc [Ver = V5.10.22 | Size = 46112 bytes | Created Date = 2008-01-22 20:56:34 | Attr = ]
ali5261.sys -> %System32%\dllcache\ali5261.sys -> Acer Laboratories Inc. [Ver = 5.01.2462.0102 | Size = 27678 bytes | Created Date = 2008-01-22 20:56:42 | Attr = ]
alifir.sys -> %System32%\dllcache\alifir.sys -> Acer Laboratories Inc. [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 26624 bytes | Created Date = 2008-01-22 20:56:42 | Attr = ]
amb8002.sys -> %System32%\dllcache\amb8002.sys -> AmbiCom, Inc. [Ver = v3.03 | Size = 16969 bytes | Created Date = 2008-01-22 20:56:43 | Attr = ]
an983.sys -> %System32%\dllcache\an983.sys -> ADMtek Incorporated. [Ver = 2.17.1025.2001 built by: WinDDK | Size = 36224 bytes | Created Date = 2008-01-22 20:56:44 | Attr = ]
aspndis3.sys -> %System32%\dllcache\aspndis3.sys -> Bay Networks, Inc. [Ver = 3.23.11 | Size = 97354 bytes | Created Date = 2008-01-22 20:56:47 | Attr = ]
ati.sys -> %System32%\dllcache\ati.sys -> ATI Technologies, Inc. [Ver = 3.0.62 (XPClient.010817-1148) | Size = 77568 bytes | Created Date = 2008-01-22 20:56:48 | Attr = ]
atibt829.sys -> %System32%\dllcache\atibt829.sys -> [Ver = | Size = 46464 bytes | Created Date = 2008-01-22 20:56:50 | Attr = ]
atidrab.dll -> %System32%\dllcache\atidrab.dll -> ATI Technologies Inc. [Ver = 5.01.2195.5012 (ReleasedBinaries.010718-0005) | Size = 382592 bytes | Created Date = 2008-01-22 20:56:51 | Attr = ]
atidrae.dll -> %System32%\dllcache\atidrae.dll -> ATI Technologies Inc. [Ver = 5.1.2493.0 (Lab01_N(ericks).010612-1818) | Size = 137216 bytes | Created Date = 2008-01-22 20:56:51 | Attr = ]
atidvai.dll -> %System32%\dllcache\atidvai.dll -> ATI Technologies Inc. [Ver = 5.10.2280.1028 (ReleasedBinaries.010715-1631) | Size = 268160 bytes | Created Date = 2008-01-22 20:56:51 | Attr = ]
atimpab.sys -> %System32%\dllcache\atimpab.sys -> ATI Technologies Inc. [Ver = 5.00.2195.5007 (ReleasedBinaries.010718-0005) | Size = 289664 bytes | Created Date = 2008-01-22 20:56:52 | Attr = ]
atimpae.sys -> %System32%\dllcache\atimpae.sys -> ATI Technologies Inc. [Ver = 5.1.2493.0 (Lab01_N(ericks).010612-1818) | Size = 75136 bytes | Created Date = 2008-01-22 20:56:52 | Attr = ]
atimtai.sys -> %System32%\dllcache\atimtai.sys -> ATI Technologies Inc. [Ver = 5.13.01.1140 (ReleasedBinaries.010715-1631) | Size = 281600 bytes | Created Date = 2008-01-22 20:56:53 | Attr = ]
atipcxxx.sys -> %System32%\dllcache\atipcxxx.sys -> [Ver = | Size = 10240 bytes | Created Date = 2008-01-22 20:56:54 | Attr = ]
atiraged.dll -> %System32%\dllcache\atiraged.dll -> ATI Technologies Inc. [Ver = 5.1.2493.0 (Lab01_N(ericks).010612-1818) | Size = 104832 bytes | Created Date = 2008-01-22 20:56:54 | Attr = ]
atiragem.sys -> %System32%\dllcache\atiragem.sys -> ATI Technologies Inc. [Ver = 5.1.2493.0 (Lab01_N(ericks).010612-1818) | Size = 70528 bytes | Created Date = 2008-01-22 20:56:55 | Attr = ]
atirtcap.sys -> %System32%\dllcache\atirtcap.sys -> [Ver = | Size = 49920 bytes | Created Date = 2008-01-22 20:56:55 | Attr = ]
atirtsnd.sys -> %System32%\dllcache\atirtsnd.sys -> [Ver = | Size = 26880 bytes | Created Date = 2008-01-22 20:56:55 | Attr = ]
atitunep.sys -> %System32%\dllcache\atitunep.sys -> [Ver = | Size = 17152 bytes | Created Date = 2008-01-22 20:56:56 | Attr = ]
atitvsnd.sys -> %System32%\dllcache\atitvsnd.sys -> [Ver = | Size = 17152 bytes | Created Date = 2008-01-22 20:56:56 | Attr = ]
ativmdcd.sys -> %System32%\dllcache\ativmdcd.sys -> [Ver = | Size = 9472 bytes | Created Date = 2008-01-22 20:56:56 | Attr = ]
ativttxx.sys -> %System32%\dllcache\ativttxx.sys -> [Ver = | Size = 19456 bytes | Created Date = 2008-01-22 20:56:56 | Attr = ]
ativxbar.sys -> %System32%\dllcache\ativxbar.sys -> [Ver = | Size = 26624 bytes | Created Date = 2008-01-22 20:56:57 | Attr = ]
atixbar.sys -> %System32%\dllcache\atixbar.sys -> [Ver = | Size = 23552 bytes | Created Date = 2008-01-22 20:56:57 | Attr = ]
avmcoxp.dll -> %System32%\dllcache\avmcoxp.dll -> AVM GmbH [Ver = 2.4 | Size = 87552 bytes | Created Date = 2008-01-22 20:57:02 | Attr = ]
avmenum.dll -> %System32%\dllcache\avmenum.dll -> AVM GmbH [Ver = 1, 0, 0, 3 | Size = 144384 bytes | Created Date = 2008-01-22 20:57:03 | Attr = ]
avmwan.sys -> %System32%\dllcache\avmwan.sys -> AVM GmbH [Ver = 02.04.00 | Size = 37568 bytes | Created Date = 2008-01-22 20:57:03 | Attr = ]
aztw2320.sys -> %System32%\dllcache\aztw2320.sys -> Aztech Systems Ltd [Ver = 5.1.2501.0 built by: WinDDK | Size = 36992 bytes | Created Date = 2008-01-22 20:57:03 | Attr = ]
b1cbase.sys -> %System32%\dllcache\b1cbase.sys -> AVM GmbH [Ver = 5.2 | Size = 89952 bytes | Created Date = 2008-01-22 20:57:04 | Attr = ]
b57xp32.sys -> %System32%\dllcache\b57xp32.sys -> Broadcom Corporation [Ver = 2.16b.0.0 built by: WinDDK | Size = 96640 bytes | Created Date = 2008-01-22 20:57:04 | Attr = ]
banshee.dll -> %System32%\dllcache\banshee.dll -> 3Dfx Interactive, Inc. [Ver = 5.00.2462.60 | Size = 342336 bytes | Created Date = 2008-01-22 20:57:04 | Attr = ]
banshee.sys -> %System32%\dllcache\banshee.sys -> 3Dfx Interactive, Inc. [Ver = 5.00.2462.60 | Size = 36128 bytes | Created Date = 2008-01-22 20:57:05 | Attr = ]
bcm42u.sys -> %System32%\dllcache\bcm42u.sys -> Broadcom Corporation [Ver = 2.29.0.8 | Size = 66557 bytes | Created Date = 2008-01-22 20:57:06 | Attr = ]
bcm42xx5.sys -> %System32%\dllcache\bcm42xx5.sys -> Broadcom Corporation [Ver = 2.31.0.2 | Size = 54271 bytes | Created Date = 2008-01-22 20:57:06 | Attr = ]
bcm4e5.sys -> %System32%\dllcache\bcm4e5.sys -> Broadcom Corporation [Ver = 2.31.0.2 | Size = 26568 bytes | Created Date = 2008-01-22 20:57:06 | Attr = ]
bcmdm.sys -> %System32%\dllcache\bcmdm.sys -> BCM [Ver = 3.2.12.9 07/17/2001 14:21:30 | Size = 871388 bytes | Created Date = 2008-01-22 20:57:07 | Attr = ]
brbidiif.dll -> %System32%\dllcache\brbidiif.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 19456 bytes | Created Date = 2008-01-22 20:57:09 | Attr = ]
brcoinst.dll -> %System32%\dllcache\brcoinst.dll -> Brother Industries Ltd. [Ver = 1.0.0.8 (Lab06_N.010129-0357) | Size = 9728 bytes | Created Date = 2008-01-22 20:57:09 | Attr = ]
brevif.dll -> %System32%\dllcache\brevif.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 12800 bytes | Created Date = 2008-01-22 20:57:10 | Attr = ]
brfilt.sys -> %System32%\dllcache\brfilt.sys -> Brother Industries Ltd. [Ver = 1.0.0.0 (Lab06_N.010129-0357) | Size = 2944 bytes | Created Date = 2008-01-22 20:57:10 | Attr = ]
brfiltlo.sys -> %System32%\dllcache\brfiltlo.sys -> Brother Industries, Ltd. [Ver = 1.09.000 (Lab06_N.010129-0357) | Size = 12160 bytes | Created Date = 2008-01-22 20:57:10 | Attr = ]
brfiltup.sys -> %System32%\dllcache\brfiltup.sys -> Brother Industries, Ltd. [Ver = 1.04.000 (Lab06_N.010129-0357) | Size = 3968 bytes | Created Date = 2008-01-22 20:57:11 | Attr = ]
brmfbidi.dll -> %System32%\dllcache\brmfbidi.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 15360 bytes | Created Date = 2008-01-22 20:57:11 | Attr = ]
brmflpt.dll -> %System32%\dllcache\brmflpt.dll -> Brother Industries, Ltd. [Ver = 1.45.15.346 | Size = 29696 bytes | Created Date = 2008-01-22 20:57:12 | Attr = ]
brmfrsmg.exe -> %System32%\dllcache\brmfrsmg.exe -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 32256 bytes | Created Date = 2008-01-22 20:57:12 | Attr = ]
brmfusb.dll -> %System32%\dllcache\brmfusb.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 41472 bytes | Created Date = 2008-01-22 20:57:12 | Attr = ]
brparimg.sys -> %System32%\dllcache\brparimg.sys -> Brother Industries Ltd. [Ver = 1.0.0.0 (Lab06_N.010129-0357) | Size = 3168 bytes | Created Date = 2008-01-22 20:57:13 | Attr = ]
brparwdm.sys -> %System32%\dllcache\brparwdm.sys -> Brother Industries Ltd. [Ver = 1.00 | Size = 39552 bytes | Created Date = 2008-01-22 20:57:13 | Attr = ]
brscnrsm.dll -> %System32%\dllcache\brscnrsm.dll -> Brother Industries,Ltd. [Ver = 1.0.0.14 | Size = 5120 bytes | Created Date = 2008-01-22 20:57:14 | Attr = ]
brserif.dll -> %System32%\dllcache\brserif.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 9728 bytes | Created Date = 2008-01-22 20:57:14 | Attr = ]
brserwdm.sys -> %System32%\dllcache\brserwdm.sys -> Brother Industries Ltd. [Ver = 1.0.0.15 (Lab06_N.010129-0357) | Size = 60416 bytes | Created Date = 2008-01-22 20:57:15 | Attr = ]
brusbmdm.sys -> %System32%\dllcache\brusbmdm.sys -> Brother Industries Ltd. [Ver = 1,0,0,7 (Lab06_N.010129-0357) | Size = 11008 bytes | Created Date = 2008-01-22 20:57:15 | Attr = ]
brusbscn.sys -> %System32%\dllcache\brusbscn.sys -> Brother Industries Ltd. [Ver = 1,0,0,6 (Lab06_N.010129-0357) | Size = 10368 bytes | Created Date = 2008-01-22 20:57:15 | Attr = ]
brzwlan.sys -> %System32%\dllcache\brzwlan.sys -> BreezeCOM [Ver = 4.4.1.18 | Size = 31529 bytes | Created Date = 2008-01-22 20:57:15 | Attr = ]
cap7146.sys -> %System32%\dllcache\cap7146.sys -> Philips Semiconductors GmbH [Ver = 1.00 (XPClient.010817-1148) | Size = 54528 bytes | Created Date = 2008-01-22 20:57:41 | Attr = ]
cb102.sys -> %System32%\dllcache\cb102.sys -> Fast Ethernet Controller Provider [Ver = 2.20.0.0 | Size = 37916 bytes | Created Date = 2008-01-22 20:57:46 | Attr = ]
cb325.sys -> %System32%\dllcache\cb325.sys -> Silicom Ltd. [Ver = 4.106.24 | Size = 39680 bytes | Created Date = 2008-01-22 20:57:47 | Attr = ]
cben5.sys -> %System32%\dllcache\cben5.sys -> Xircom, Inc. [Ver = 3.14.05.00 | Size = 46108 bytes | Created Date = 2008-01-22 20:57:47 | Attr = ]
cbmdmkxx.sys -> %System32%\dllcache\cbmdmkxx.sys -> Xircom, Inc. [Ver = 1.90.7 | Size = 714698 bytes | Created Date = 2008-01-22 20:57:49 | Attr = ]
ce2n5.sys -> %System32%\dllcache\ce2n5.sys -> Xircom, Inc. [Ver = 3.06.04.00 | Size = 21530 bytes | Created Date = 2008-01-22 20:57:52 | Attr = ]
ce3n5.sys -> %System32%\dllcache\ce3n5.sys -> Xircom, Inc. [Ver = 2.11.01.00 | Size = 27164 bytes | Created Date = 2008-01-22 20:57:52 | Attr = ]
cem28n5.sys -> %System32%\dllcache\cem28n5.sys -> Xircom, Inc. [Ver = 1.22.02.00 | Size = 22044 bytes | Created Date = 2008-01-22 20:57:53 | Attr = ]
cem33n5.sys -> %System32%\dllcache\cem33n5.sys -> Xircom, Inc. [Ver = 1.22.02.00 | Size = 22044 bytes | Created Date = 2008-01-22 20:57:53 | Attr = ]
cem56n5.sys -> %System32%\dllcache\cem56n5.sys -> Xircom, Inc. [Ver = 2.70.02.00 | Size = 49182 bytes | Created Date = 2008-01-22 20:57:53 | Attr = ]
cicap.sys -> %System32%\dllcache\cicap.sys -> Xircom [Ver = 4.0.0.41 | Size = 980034 bytes | Created Date = 2008-01-22 20:57:57 | Attr = ]
cinemclc.sys -> %System32%\dllcache\cinemclc.sys -> RAVISENT Technologies Inc. [Ver = 5.0.00.0081 | Size = 272640 bytes | Created Date = 2008-01-22 20:57:58 | Attr = ]
cmbp0wdm.sys -> %System32%\dllcache\cmbp0wdm.sys -> OMNIKEY AG [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 20736 bytes | Created Date = 2008-01-22 20:58:02 | Attr = ]
cnxt1803.sys -> %System32%\dllcache\cnxt1803.sys -> Conexant Systems, Inc. [Ver = V1.15.7 | Size = 39936 bytes | Created Date = 2008-01-22 20:58:04 | Attr = ]
cpqndis5.sys -> %System32%\dllcache\cpqndis5.sys -> Compaq Computer Corporation [Ver = 3.06.04.00 | Size = 21533 bytes | Created Date = 2008-01-22 20:58:08 | Attr = ]
cpqtrnd5.sys -> %System32%\dllcache\cpqtrnd5.sys -> Compaq Computer Corp. [Ver = 5.84.02 | Size = 60970 bytes | Created Date = 2008-01-22 20:58:09 | Attr = ]
cpscan.dll -> %System32%\dllcache\cpscan.dll -> COMPAQ Inc. [Ver = 1.0.0.7 | Size = 216064 bytes | Created Date = 2008-01-22 20:58:10 | Attr = ]
crtaud.sys -> %System32%\dllcache\crtaud.sys -> Conexant Systems Inc. [Ver = 5.12.01.0326 | Size = 42112 bytes | Created Date = 2008-01-22 20:58:10 | Attr = ]
ctlfacem.sys -> %System32%\dllcache\ctlfacem.sys -> Creative Technology Ltd. [Ver = 5.12.01.2108 built by: WinDDK | Size = 6912 bytes | Created Date = 2008-01-22 20:58:12 | Attr = ]
ctljystk.sys -> %System32%\dllcache\ctljystk.sys -> Creative Technology Ltd. [Ver = 5.1.2501.0 built by: WinDDK | Size = 3712 bytes | Created Date = 2008-01-22 20:58:12 | Attr = ]
ctlsb16.sys -> %System32%\dllcache\ctlsb16.sys -> Copyright © Creative Technology Ltd. 1994-2001 [Ver = 5.1.2501.0 built by: WinDDK | Size = 96256 bytes | Created Date = 2008-01-22 20:58:13 | Attr = ]
ctmasetp.dll -> %System32%\dllcache\ctmasetp.dll -> Comtrol® Corporation [Ver = 5.1.2600.2180 | Size = 249856 bytes | Created Date = 2008-01-22 20:58:13 | Attr = ]
ctwdm32.dll -> %System32%\dllcache\ctwdm32.dll -> Creative Technology Ltd. [Ver = 5.0.0.2001 | Size = 4096 bytes | Created Date = 2008-01-22 20:58:14 | Attr = ]
cwbase.sys -> %System32%\dllcache\cwbase.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 3072 bytes | Created Date = 2008-01-22 20:58:14 | Attr = ]
cwbmidi.sys -> %System32%\dllcache\cwbmidi.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 3072 bytes | Created Date = 2008-01-22 20:58:14 | Attr = ]
cwbwdm.sys -> %System32%\dllcache\cwbwdm.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 72832 bytes | Created Date = 2008-01-22 20:58:15 | Attr = ]
cwcosnt5.sys -> %System32%\dllcache\cwcosnt5.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 3584 bytes | Created Date = 2008-01-22 20:58:15 | Attr = ]
cwcspud.sys -> %System32%\dllcache\cwcspud.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 111872 bytes | Created Date = 2008-01-22 20:58:15 | Attr = ]
cwcwdm.sys -> %System32%\dllcache\cwcwdm.sys -> Crystal Semiconductor Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 93952 bytes | Created Date = 2008-01-22 20:58:16 | Attr = ]
cwrwdm.sys -> %System32%\dllcache\cwrwdm.sys -> Crystal Semiconductor Corp. [Ver = 5.2.3790.0 built by: WinDDK | Size = 48640 bytes | Created Date = 2008-01-22 20:58:16 | Attr = ]
c_10004.nls -> %System32%\dllcache\c_10004.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:19 | Attr = ]
c_10005.nls -> %System32%\dllcache\c_10005.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:19 | Attr = ]
c_10021.nls -> %System32%\dllcache\c_10021.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:19 | Attr = ]
c_1047.nls -> %System32%\dllcache\c_1047.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:20 | Attr = ]
c_1140.nls -> %System32%\dllcache\c_1140.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:20 | Attr = ]
c_1141.nls -> %System32%\dllcache\c_1141.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:21 | Attr = ]
c_1142.nls -> %System32%\dllcache\c_1142.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:21 | Attr = ]
c_1143.nls -> %System32%\dllcache\c_1143.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:21 | Attr = ]
c_1144.nls -> %System32%\dllcache\c_1144.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:21 | Attr = ]
c_1145.nls -> %System32%\dllcache\c_1145.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:21 | Attr = ]
c_1146.nls -> %System32%\dllcache\c_1146.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:22 | Attr = ]
c_1147.nls -> %System32%\dllcache\c_1147.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:22 | Attr = ]
c_1148.nls -> %System32%\dllcache\c_1148.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:22 | Attr = ]
c_1149.nls -> %System32%\dllcache\c_1149.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:22 | Attr = ]
c_20001.nls -> %System32%\dllcache\c_20001.nls -> [Ver = | Size = 186402 bytes | Created Date = 2008-01-22 20:57:24 | Attr = ]
c_20002.nls -> %System32%\dllcache\c_20002.nls -> [Ver = | Size = 173602 bytes | Created Date = 2008-01-22 20:57:24 | Attr = ]
c_20003.nls -> %System32%\dllcache\c_20003.nls -> [Ver = | Size = 185378 bytes | Created Date = 2008-01-22 20:57:24 | Attr = ]
c_20004.nls -> %System32%\dllcache\c_20004.nls -> [Ver = | Size = 180258 bytes | Created Date = 2008-01-22 20:57:25 | Attr = ]
c_20005.nls -> %System32%\dllcache\c_20005.nls -> [Ver = | Size = 187938 bytes | Created Date = 2008-01-22 20:57:25 | Attr = ]
c_20105.nls -> %System32%\dllcache\c_20105.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:25 | Attr = ]
c_20106.nls -> %System32%\dllcache\c_20106.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:25 | Attr = ]
c_20107.nls -> %System32%\dllcache\c_20107.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:25 | Attr = ]
c_20108.nls -> %System32%\dllcache\c_20108.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:26 | Attr = ]
c_20269.nls -> %System32%\dllcache\c_20269.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:26 | Attr = ]
c_20273.nls -> %System32%\dllcache\c_20273.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:26 | Attr = ]
c_20277.nls -> %System32%\dllcache\c_20277.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:26 | Attr = ]
c_20278.nls -> %System32%\dllcache\c_20278.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:27 | Attr = ]
c_20280.nls -> %System32%\dllcache\c_20280.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:27 | Attr = ]
c_20284.nls -> %System32%\dllcache\c_20284.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:27 | Attr = ]
c_20285.nls -> %System32%\dllcache\c_20285.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:27 | Attr = ]
c_20297.nls -> %System32%\dllcache\c_20297.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:27 | Attr = ]
c_20420.nls -> %System32%\dllcache\c_20420.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:28 | Attr = ]
c_20423.nls -> %System32%\dllcache\c_20423.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:28 | Attr = ]
c_20424.nls -> %System32%\dllcache\c_20424.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:28 | Attr = ]
c_20833.nls -> %System32%\dllcache\c_20833.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:28 | Attr = ]
c_20838.nls -> %System32%\dllcache\c_20838.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:28 | Attr = ]
c_20871.nls -> %System32%\dllcache\c_20871.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:29 | Attr = ]
c_20880.nls -> %System32%\dllcache\c_20880.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:29 | Attr = ]
c_20924.nls -> %System32%\dllcache\c_20924.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:29 | Attr = ]
c_21025.nls -> %System32%\dllcache\c_21025.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:30 | Attr = ]
c_28596.nls -> %System32%\dllcache\c_28596.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:31 | Attr = ]
c_708.nls -> %System32%\dllcache\c_708.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:31 | Attr = ]
c_720.nls -> %System32%\dllcache\c_720.nls -> [Ver = | Size = 66594 bytes | Created Date = 2008-01-22 20:57:32 | Attr = ]
c_858.nls -> %System32%\dllcache\c_858.nls -> [Ver = | Size = 66594 bytes | Created Date = 2008-01-22 20:57:32 | Attr = ]
c_862.nls -> %System32%\dllcache\c_862.nls -> [Ver = | Size = 66594 bytes | Created Date = 2008-01-22 20:57:32 | Attr = ]
c_864.nls -> %System32%\dllcache\c_864.nls -> [Ver = | Size = 66594 bytes | Created Date = 2008-01-22 20:57:32 | Attr = ]
c_870.nls -> %System32%\dllcache\c_870.nls -> [Ver = | Size = 66082 bytes | Created Date = 2008-01-22 20:57:33 | Attr = ]
d100ib5.sys -> %System32%\dllcache\d100ib5.sys -> Intel Corporation [Ver = 5.41.17.0000 built by: WinDDK | Size = 117760 bytes | Created Date = 2008-01-22 20:58:19 | Attr = ]
dc21x4.sys -> %System32%\dllcache\dc21x4.sys -> Intel Corporation. [Ver = 5.05.04 | Size = 63208 bytes | Created Date = 2008-01-22 20:58:24 | Attr = ]
defpa.sys -> %System32%\dllcache\defpa.sys -> Digital Networks, LLC [Ver = 5.5 built by: WinDDK | Size = 20928 bytes | Created Date = 2008-01-22 20:58:26 | Attr = ]
devcon32.dll -> %System32%\dllcache\devcon32.dll -> Creative Technology Ltd. [Ver = 4.06.651 | Size = 256512 bytes | Created Date = 2008-01-22 20:58:26 | Attr = ]
devldr32.exe -> %System32%\dllcache\devldr32.exe -> Creative Technology Ltd. [Ver = 1, 0, 0, 17 | Size = 24064 bytes | Created Date = 2008-01-22 20:58:27 | Attr = ]
dfe650.sys -> %System32%\dllcache\dfe650.sys -> D-Link [Ver = 5.00.2128.1 | Size = 24648 bytes | Created Date = 2008-01-22 20:58:27 | Attr = ]
dfe650d.sys -> %System32%\dllcache\dfe650d.sys -> D-Link [Ver = 5.00.2128.1 | Size = 24649 bytes | Created Date = 2008-01-22 20:58:28 | Attr = ]
dgapci.sys -> %System32%\dllcache\dgapci.sys -> Digi International Inc. [Ver = v3.7.3.0 | Size = 29531 bytes | Created Date = 2008-01-22 20:58:28 | Attr = ]
dgconfig.dll -> %System32%\dllcache\dgconfig.dll -> Digi International [Ver = v3.7.3.0 | Size = 419357 bytes | Created Date = 2008-01-22 20:58:29 | Attr = ]
diapi2.sys -> %System32%\dllcache\diapi2.sys -> Eicon Technology [Ver = 1.0.1.390 | Size = 164923 bytes | Created Date = 2008-01-22 20:57:42 | Attr = ]
diapi2NT.dll -> %System32%\dllcache\diapi2NT.dll -> Eicon Technology Corporation [Ver = 2.10 101-390 | Size = 32256 bytes | Created Date = 2008-01-22 20:57:43 | Attr = ]
digiasyn.dll -> %System32%\dllcache\digiasyn.dll -> Digi International Inc. [Ver = 3.10 | Size = 65622 bytes | Created Date = 2008-01-22 20:58:30 | Attr = ]
digiasyn.sys -> %System32%\dllcache\digiasyn.sys -> Digi International Inc. [Ver = 3.10 | Size = 37735 bytes | Created Date = 2008-01-22 20:58:30 | Attr = ]
digidbp.dll -> %System32%\dllcache\digidbp.dll -> Digi International Inc. [Ver = 3.10 | Size = 131156 bytes | Created Date = 2008-01-22 20:58:31 | Attr = ]
digidxb.sys -> %System32%\dllcache\digidxb.sys -> Digi International Inc. [Ver = 3.10 | Size = 103044 bytes | Created Date = 2008-01-22 20:58:31 | Attr = ]
digifep5.sys -> %System32%\dllcache\digifep5.sys -> Digi International Inc. [Ver = v3.7.3.0 | Size = 90525 bytes | Created Date = 2008-01-22 20:58:31 | Attr = ]
digifwrk.dll -> %System32%\dllcache\digifwrk.dll -> Digi International Inc. [Ver = 3.10 | Size = 229462 bytes | Created Date = 2008-01-22 20:58:31 | Attr = ]
digihlc.dll -> %System32%\dllcache\digihlc.dll -> Digi International Inc. [Ver = 3.10 | Size = 159828 bytes | Created Date = 2008-01-22 20:58:32 | Attr = ]
digiinf.dll -> %System32%\dllcache\digiinf.dll -> Digi International Inc. [Ver = 3.10 | Size = 102484 bytes | Created Date = 2008-01-22 20:58:32 | Attr = ]
digiisdn.dll -> %System32%\dllcache\digiisdn.dll -> Digi International Inc. [Ver = 3.10 | Size = 41046 bytes | Created Date = 2008-01-22 20:58:32 | Attr = ]
digiisdn.sys -> %System32%\dllcache\digiisdn.sys -> Digi International Inc. [Ver = 3.10 | Size = 21606 bytes | Created Date = 2008-01-22 20:58:33 | Attr = ]
digirlpt.dll -> %System32%\dllcache\digirlpt.dll -> Digi International, Inc. [Ver = 2.3.7 | Size = 110621 bytes | Created Date = 2008-01-22 20:58:33 | Attr = ]
digirlpt.sys -> %System32%\dllcache\digirlpt.sys -> Digi International, Inc. [Ver = 2.3.7 | Size = 42432 bytes | Created Date = 2008-01-22 20:58:33 | Attr = ]
digiview.exe -> %System32%\dllcache\digiview.exe -> Digi International Inc. [Ver = 3.10 | Size = 614429 bytes | Created Date = 2008-01-22 20:58:34 | Attr = ]
dimaint.sys -> %System32%\dllcache\dimaint.sys -> Eicon Technology [Ver = 2.0.1.315 | Size = 91305 bytes | Created Date = 2008-01-22 20:58:34 | Attr = ]
disrvci.dll -> %System32%\dllcache\disrvci.dll -> Eicon Technology [Ver = 2.0.1.73 | Size = 6729 bytes | Created Date = 2008-01-22 20:58:36 | Attr = ]
disrvpp.dll -> %System32%\dllcache\disrvpp.dll -> Eicon Technology [Ver = 2.0.1.73 | Size = 31305 bytes | Created Date = 2008-01-22 20:58:36 | Attr = ]
disrvsu.dll -> %System32%\dllcache\disrvsu.dll -> Eicon Technology [Ver = 2.0.1.73 | Size = 38985 bytes | Created Date = 2008-01-22 20:58:36 | Attr = ]
ditrace.exe -> %System32%\dllcache\ditrace.exe -> Eicon Technology [Ver = 2.0.1.315 | Size = 236060 bytes | Created Date = 2008-01-22 20:58:37 | Attr = ]
divaci.dll -> %System32%\dllcache\divaci.dll -> [Ver = | Size = 6216 bytes | Created Date = 2008-01-22 20:58:37 | Attr = ]
divaprop.dll -> %System32%\dllcache\divaprop.dll -> [Ver = | Size = 37962 bytes | Created Date = 2008-01-22 20:58:38 | Attr = ]
divasu.dll -> %System32%\dllcache\divasu.dll -> [Ver = | Size = 29768 bytes | Created Date = 2008-01-22 20:58:38 | Attr = ]
diwan.sys -> %System32%\dllcache\diwan.sys -> Eicon Technology [Ver = 2.0.1.700 | Size = 952007 bytes | Created Date = 2008-01-22 20:58:38 | Attr = ]
dlh5xnd5.sys -> %System32%\dllcache\dlh5xnd5.sys -> D-Link Corporation [Ver = v2.5.4 | Size = 26698 bytes | Created Date = 2008-01-22 20:58:38 | Attr = ]
dm9pci5.sys -> %System32%\dllcache\dm9pci5.sys -> CNet Technology, Inc. [Ver = 1.23.01.0228 built by: WinDDK | Size = 29696 bytes | Created Date = 2008-01-22 20:58:39 | Attr = ]
dp83820.sys -> %System32%\dllcache\dp83820.sys -> National Semiconductor Coproration [Ver = 5.0.4.17 | Size = 28062 bytes | Created Date = 2008-01-22 20:58:44 | Attr = ]
ds1wdm.sys -> %System32%\dllcache\ds1wdm.sys -> Yamaha Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 334208 bytes | Created Date = 2008-01-22 20:58:47 | Attr = ]
e1000nt5.sys -> %System32%\dllcache\e1000nt5.sys -> Intel Corporation [Ver = 2.94.294.0 | Size = 50719 bytes | Created Date = 2008-01-22 20:58:52 | Attr = ]
e100b325.sys -> %System32%\dllcache\e100b325.sys -> Intel Corporation [Ver = 5.41.22.0000 built by: WinDDK | Size = 117760 bytes | Created Date = 2008-01-22 20:58:52 | Attr = ]
e100isa4.sys -> %System32%\dllcache\e100isa4.sys -> Intel Corporation [Ver = 5.0.5.0 | Size = 19594 bytes | Created Date = 2008-01-22 20:58:52 | Attr = ]
el515.sys -> %System32%\dllcache\el515.sys -> 3Com Corporation [Ver = 1.08.03 | Size = 44103 bytes | Created Date = 2008-01-22 20:58:53 | Attr = ]
el556nd5.sys -> %System32%\dllcache\el556nd5.sys -> 3Com Corporation [Ver = 1.21.00.001 | Size = 55999 bytes | Created Date = 2008-01-22 20:58:54 | Attr = ]
el574nd4.sys -> %System32%\dllcache\el574nd4.sys -> 3Com Corporation [Ver = 2.00.03.4001 | Size = 24653 bytes | Created Date = 2008-01-22 20:58:54 | Attr = ]
el575nd5.sys -> %System32%\dllcache\el575nd5.sys -> 3Com Corporation [Ver = 2.60.5000.0020 | Size = 69692 bytes | Created Date = 2008-01-22 20:58:54 | Attr = ]
el589nd5.sys -> %System32%\dllcache\el589nd5.sys -> 3Com Corporation [Ver = 2.50.50.0033 | Size = 26141 bytes | Created Date = 2008-01-22 20:58:55 | Attr = ]
el656cd5.sys -> %System32%\dllcache\el656cd5.sys -> 3Com Corporation [Ver = 3.00.5000.0004 | Size = 69194 bytes | Created Date = 2008-01-22 20:58:55 | Attr = ]
el656ct5.sys -> %System32%\dllcache\el656ct5.sys -> 3Com Corporation [Ver = 1.00.4002.0070 | Size = 634134 bytes | Created Date = 2008-01-22 20:58:56 | Attr = ]
el656nd5.sys -> %System32%\dllcache\el656nd5.sys -> 3Com Corporation [Ver = 1.50.5000.0007 | Size = 77386 bytes | Created Date = 2008-01-22 20:58:56 | Attr = ]
el656se5.sys -> %System32%\dllcache\el656se5.sys -> 3Com Corporation [Ver = 1.00.4002.0070 | Size = 241206 bytes | Created Date = 2008-01-22 20:58:57 | Attr = ]
el90xbc5.sys -> %System32%\dllcache\el90xbc5.sys -> 3Com Corporation [Ver = 4.05.00.0000 | Size = 66591 bytes | Created Date = 2008-01-22 20:58:58 | Attr = ]
el90xnd5.sys -> %System32%\dllcache\el90xnd5.sys -> 3Com Corporation [Ver = 3.60.50.008 | Size = 153631 bytes | Created Date = 2008-01-22 20:58:58 | Attr = ]
el985n51.sys -> %System32%\dllcache\el985n51.sys -> 3Com Corporation. [Ver = 1.17.34.4 | Size = 455199 bytes | Created Date = 2008-01-22 20:58:58 | Attr = ]
el98xn5.sys -> %System32%\dllcache\el98xn5.sys -> 3Com Corporation [Ver = 4.0.0.13 | Size = 70174 bytes | Created Date = 2008-01-22 20:58:59 | Attr = ]
el99xn51.sys -> %System32%\dllcache\el99xn51.sys -> 3Com Corporation [Ver = 2.00.00.0030 built by: WinDDK | Size = 171520 bytes | Created Date = 2008-01-22 20:58:59 | Attr = ]
elnk3.sys -> %System32%\dllcache\elnk3.sys -> 3Com Corporation [Ver = 5.32.40 | Size = 25159 bytes | Created Date = 2008-01-22 20:59:00 | Attr = ]
em556n4.sys -> %System32%\dllcache\em556n4.sys -> 3Com Corporation [Ver = 1.10.02 | Size = 19996 bytes | Created Date = 2008-01-22 20:59:00 | Attr = ]
emu10k1m.sys -> %System32%\dllcache\emu10k1m.sys -> Creative Technology Ltd. [Ver = 5.12.01.3300 built by: WinDDK | Size = 283904 bytes | Created Date = 2008-01-22 20:59:03 | Attr = ]
epro4.sys -> %System32%\dllcache\epro4.sys -> Intel Corporation [Ver = 3.70.00.0000 | Size = 18503 bytes | Created Date = 2008-01-22 20:59:04 | Attr = ]
eqn.sys -> %System32%\dllcache\eqn.sys -> Equinox Systems Inc. [Ver = 5.0.U72 Intel built by: WinDDK | Size = 629952 bytes | Created Date = 2008-01-22 20:59:04 | Attr = ]
eqndiag.exe -> %System32%\dllcache\eqndiag.exe -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 53248 bytes | Created Date = 2008-01-22 20:59:05 | Attr = ]
eqnlogr.exe -> %System32%\dllcache\eqnlogr.exe -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 51200 bytes | Created Date = 2008-01-22 20:59:05 | Attr = ]
eqnloop.exe -> %System32%\dllcache\eqnloop.exe -> Equinox Systems Inc. [Ver = 5.0u(58) | Size = 61952 bytes | Created Date = 2008-01-22 20:59:06 | Attr = ]
es1370mp.sys -> %System32%\dllcache\es1370mp.sys -> Creative Technology Ltd. [Ver = 5.1.2501.0 built by: WinDDK | Size = 37120 bytes | Created Date = 2008-01-22 20:59:06 | Attr = ]
es1371mp.sys -> %System32%\dllcache\es1371mp.sys -> Creative Technology Ltd. [Ver = 5.1.2501.0 built by: WinDDK | Size = 40704 bytes | Created Date = 2008-01-22 20:59:06 | Attr = ]
es1969.sys -> %System32%\dllcache\es1969.sys -> ESS Technology Inc. [Ver = 5.1.2501.0 built by: WinDDK | Size = 72192 bytes | Created Date = 2008-01-22 20:59:07 | Attr = ]
es198x.sys -> %System32%\dllcache\es198x.sys -> ESS Technology, Inc. [Ver = 5.1.2526.0 built by: WinDDK | Size = 174464 bytes | Created Date = 2008-01-22 20:59:07 | Attr = ]
es56cvmp.sys -> %System32%\dllcache\es56cvmp.sys -> ESS Technology, Inc. [Ver = V4.43.049 | Size = 595647 bytes | Created Date = 2008-01-22 20:59:07 | Attr = ]
es56hpi.sys -> %System32%\dllcache\es56hpi.sys -> ESS Technology, Inc. [Ver = V4.43.049 | Size = 594238 bytes | Created Date = 2008-01-22 20:59:08 | Attr = ]
es56tpi.sys -> %System32%\dllcache\es56tpi.sys -> ESS Technology, Inc. [Ver = V4.43.049 | Size = 347550 bytes | Created Date = 2008-01-22 20:59:08 | Attr = ]
ess.sys -> %System32%\dllcache\ess.sys -> ESS Technology, Inc. [Ver = 5.1.2501.0 built by: WinDDK | Size = 63360 bytes | Created Date = 2008-01-22 20:59:09 | Attr = ]
essm2e.sys -> %System32%\dllcache\essm2e.sys -> ESS Technology, Inc. [Ver = 5.1.3612.0 built by: WinDDK | Size = 137088 bytes | Created Date = 2008-01-22 20:59:09 | Attr = ]
esucm.dll -> %System32%\dllcache\esucm.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 43008 bytes | Created Date = 2008-01-22 20:59:10 | Attr = ]
esucmd.dll -> %System32%\dllcache\esucmd.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 31744 bytes | Created Date = 2008-01-22 20:59:10 | Attr = ]
esuimg.dll -> %System32%\dllcache\esuimg.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 34816 bytes | Created Date = 2008-01-22 20:59:11 | Attr = ]
esuimgd.dll -> %System32%\dllcache\esuimgd.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 57856 bytes | Created Date = 2008-01-22 20:59:11 | Attr = ]
esuni.dll -> %System32%\dllcache\esuni.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 45568 bytes | Created Date = 2008-01-22 20:59:11 | Attr = ]
esunib.dll -> %System32%\dllcache\esunib.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 45568 bytes | Created Date = 2008-01-22 20:59:11 | Attr = ]
esunid.dll -> %System32%\dllcache\esunid.dll -> SEIKO EPSON CORP. [Ver = 1.00 | Size = 45056 bytes | Created Date = 2008-01-22 20:59:12 | Attr = ]
ex10.sys -> %System32%\dllcache\ex10.sys -> Intel Corporation [Ver = 1.51.00.0000 | Size = 16998 bytes | Created Date = 2008-01-22 20:59:14 | Attr = ]
f3ab18xi.sys -> %System32%\dllcache\f3ab18xi.sys -> FUJITSU LIMITED [Ver = 3,00,10,0022 | Size = 12362 bytes | Created Date = 2008-01-22 20:59:16 | Attr = ]
f3ab18xj.sys -> %System32%\dllcache\f3ab18xj.sys -> FUJITSU LIMITED [Ver = 3,00,10,0022 | Size = 11850 bytes | Created Date = 2008-01-22 20:59:16 | Attr = ]
fa312nd5.sys -> %System32%\dllcache\fa312nd5.sys -> NETGEAR Corp. [Ver = 5.00.119.0 | Size = 16074 bytes | Created Date = 2008-01-22 20:59:16 | Attr = ]
fa410nd5.sys -> %System32%\dllcache\fa410nd5.sys -> NETGEAR [Ver = 5.00.2128.1 | Size = 24618 bytes | Created Date = 2008-01-22 20:59:16 | Attr = ]
fem556n5.sys -> %System32%\dllcache\fem556n5.sys -> 3Com Corporation [Ver = 1.01.08.6001 | Size = 22090 bytes | Created Date = 2008-01-22 20:59:18 | Attr = ]
fetnd5.sys -> %System32%\dllcache\fetnd5.sys -> VIA Technologies, Inc. [Ver = 2.66 | Size = 27165 bytes | Created Date = 2008-01-22 20:59:19 | Attr = ]
forehe.sys -> %System32%\dllcache\forehe.sys -> Marconi Communications, Inc. [Ver = 5.0.12.6327 | Size = 34173 bytes | Created Date = 2008-01-22 20:59:23 | Attr = ]
fpcibase.sys -> %System32%\dllcache\fpcibase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 444416 bytes | Created Date = 2008-01-22 20:59:25 | Attr = ]
fpcmbase.sys -> %System32%\dllcache\fpcmbase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 441728 bytes | Created Date = 2008-01-22 20:59:25 | Attr = ]
fpnpbase.sys -> %System32%\dllcache\fpnpbase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 442240 bytes | Created Date = 2008-01-22 20:59:26 | Attr = ]
fus2base.sys -> %System32%\dllcache\fus2base.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 455680 bytes | Created Date = 2008-01-22 20:59:27 | Attr = ]
fusbbase.sys -> %System32%\dllcache\fusbbase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 455296 bytes | Created Date = 2008-01-22 20:59:28 | Attr = ]
fxusbase.sys -> %System32%\dllcache\fxusbase.sys -> AVM GmbH [Ver = 3.0 built by: WinDDK | Size = 454912 bytes | Created Date = 2008-01-22 20:59:37 | Attr = ]
g200d.dll -> %System32%\dllcache\g200d.dll -> Matrox Graphics Inc. [Ver = 5.12.01.1200 (ReleasedBinaries.010308-1115) | Size = 470144 bytes | Created Date = 2008-01-22 20:59:37 | Attr = ]
g200m.sys -> %System32%\dllcache\g200m.sys -> Matrox Graphics Inc. [Ver = 5.12.01.1200 (ReleasedBinaries.010308-1115) | Size = 320384 bytes | Created Date = 2008-01-22 20:59:37 | Attr = ]
g400d.dll -> %System32%\dllcache\g400d.dll -> Matrox Graphics Inc. [Ver = 5.12.01.1200 (ReleasedBinaries.010308-1115) | Size = 1733120 bytes | Created Date = 2008-01-22 20:59:38 | Attr = ]
g400m.sys -> %System32%\dllcache\g400m.sys -> Matrox Graphics Inc. [Ver = 5.12.01.1200 (ReleasedBinaries.010308-1115) | Size = 322432 bytes | Created Date = 2008-01-22 20:59:38 | Attr = ]
gpr400.sys -> %System32%\dllcache\gpr400.sys -> Gemplus [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 17408 bytes | Created Date = 2008-01-22 20:59:41 | Attr = ]
grclass.sys -> %System32%\dllcache\grclass.sys -> Gemplus [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 82304 bytes | Created Date = 2008-01-22 20:59:41 | Attr = ]
grserial.sys -> %System32%\dllcache\grserial.sys -> Gemplus [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 28288 bytes | Created Date = 2008-01-22 20:59:42 | Attr = ]
hcf_msft.sys -> %System32%\dllcache\hcf_msft.sys -> Conexant [Ver = 2.1.2.171.021.003 | Size = 907456 bytes | Created Date = 2008-01-22 20:59:43 | Attr = ]
hpgt21.dll -> %System32%\dllcache\hpgt21.dll -> [Ver = 1, 0, 0, 1 | Size = 83968 bytes | Created Date = 2008-01-22 20:59:48 | Attr = ]
hpgt33.dll -> %System32%\dllcache\hpgt33.dll -> [Ver = 1, 0, 0, 1 | Size = 89088 bytes | Created Date = 2008-01-22 20:59:49 | Attr = ]
hpgt34.dll -> %System32%\dllcache\hpgt34.dll -> [Ver = 1, 0, 0, 1 | Size = 101376 bytes | Created Date = 2008-01-22 20:59:50 | Attr = ]
hpgt34tk.dll -> %System32%\dllcache\hpgt34tk.dll -> Hewlett Packard [Ver = 4.11.2000.0 | Size = 126976 bytes | Created Date = 2008-01-22 20:59:50 | Attr = ]
hpgt42.dll -> %System32%\dllcache\hpgt42.dll -> [Ver = 1, 0, 0, 1 | Size = 93696 bytes | Created Date = 2008-01-22 20:59:50 | Attr = ]
hpgt53.dll -> %System32%\dllcache\hpgt53.dll -> [Ver = 1, 0, 0, 1 | Size = 165888 bytes | Created Date = 2008-01-22 20:59:51 | Attr = ]
hpgt53tk.dll -> %System32%\dllcache\hpgt53tk.dll -> Avisioin [Ver = 1,0,7,0210 | Size = 68608 bytes | Created Date = 2008-01-22 20:59:51 | Attr = ]
hsf_amos.sys -> %System32%\dllcache\hsf_amos.sys -> Conexant [Ver = 3.05.12.04 | Size = 150239 bytes | Created Date = 2008-01-22 20:59:53 | Attr = ]
hsf_bsc2.sys -> %System32%\dllcache\hsf_bsc2.sys -> Conexant [Ver = 3.05.12.04 | Size = 67167 bytes | Created Date = 2008-01-22 20:59:53 | Attr = ]
hsf_fall.sys -> %System32%\dllcache\hsf_fall.sys -> Conexant [Ver = 3.05.12.04 | Size = 289887 bytes | Created Date = 2008-01-22 20:59:54 | Attr = ]
hsf_faxx.sys -> %System32%\dllcache\hsf_faxx.sys -> Conexant [Ver = 3.05.12.04 | Size = 199711 bytes | Created Date = 2008-01-22 20:59:54 | Attr = ]
hsf_fsks.sys -> %System32%\dllcache\hsf_fsks.sys -> Conexant [Ver = 3.05.12.04 | Size = 115807 bytes | Created Date = 2008-01-22 20:59:54 | Attr = ]
hsf_inst.dll -> %System32%\dllcache\hsf_inst.dll -> Conexant [Ver = 3.05.12.04 | Size = 9759 bytes | Created Date = 2008-01-22 20:59:54 | Attr = ]
hsf_k56k.sys -> %System32%\dllcache\hsf_k56k.sys -> Conexant [Ver = 3.05.12.04 | Size = 391199 bytes | Created Date = 2008-01-22 20:59:55 | Attr = ]
hsf_msft.sys -> %System32%\dllcache\hsf_msft.sys -> Conexant [Ver = 3.05.12.06 | Size = 542879 bytes | Created Date = 2008-01-22 20:59:55 | Attr = ]
hsf_samp.sys -> %System32%\dllcache\hsf_samp.sys -> Conexant [Ver = 3.05.12.05 | Size = 57471 bytes | Created Date = 2008-01-22 20:59:55 | Attr = ]
hsf_soar.sys -> %System32%\dllcache\hsf_soar.sys -> Conexant [Ver = 3.05.12.05 | Size = 44863 bytes | Created Date = 2008-01-22 20:59:56 | Attr = ]
hsf_spkp.sys -> %System32%\dllcache\hsf_spkp.sys -> Conexant [Ver = 3.05.12.04 | Size = 73279 bytes | Created Date = 2008-01-22 20:59:56 | Attr = ]
hsf_tone.sys -> %System32%\dllcache\hsf_tone.sys -> Conexant [Ver = 3.05.12.04 | Size = 50751 bytes | Created Date = 2008-01-22 20:59:56 | Attr = ]
hsf_v124.sys -> %System32%\dllcache\hsf_v124.sys -> Conexant [Ver = 3.05.12.04 | Size = 488383 bytes | Created Date = 2008-01-22 20:59:56 | Attr = ]
i740dnt5.dll -> %System32%\dllcache\i740dnt5.dll -> Intel Corporation [Ver = 5.0.01.0604.0920 | Size = 353184 bytes | Created Date = 2008-01-22 21:00:19 | Attr = ]
i740nt5.sys -> %System32%\dllcache\i740nt5.sys -> Intel Corporation [Ver = 5.0.01.0604.0920 | Size = 58592 bytes | Created Date = 2008-01-22 21:00:20 | Attr = ]
i81xdnt5.dll -> %System32%\dllcache\i81xdnt5.dll -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 702845 bytes | Created Date = 2008-01-22 21:00:21 | Attr = ]
i81xnt5.sys -> %System32%\dllcache\i81xnt5.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 161020 bytes | Created Date = 2008-01-22 21:00:23 | Attr = ]
ibmexmp.sys -> %System32%\dllcache\ibmexmp.sys -> IBM Corp. [Ver = 3.14.00.0000 | Size = 28700 bytes | Created Date = 2008-01-22 21:00:25 | Attr = ]
ibmsgnet.dll -> %System32%\dllcache\ibmsgnet.dll -> IBM Corporation [Ver = 1.00.00.0000 | Size = 9216 bytes | Created Date = 2008-01-22 21:00:28 | Attr = ]
ibmtok.sys -> %System32%\dllcache\ibmtok.sys -> IBM Corporation [Ver = 12.23.04.0050 | Size = 100936 bytes | Created Date = 2008-01-22 21:00:28 | Attr = ]
ibmtrp.sys -> %System32%\dllcache\ibmtrp.sys -> IBM Corporation [Ver = 5.33.02.0050 | Size = 109085 bytes | Created Date = 2008-01-22 21:00:29 | Attr = ]
iconf32.dll -> %System32%\dllcache\iconf32.dll -> Xircom [Ver = 1.1.0.11 | Size = 372824 bytes | Created Date = 2008-01-22 21:00:34 | Attr = ]
io8.sys -> %System32%\dllcache\io8.sys -> Perle Systems Ltd. [Ver = 1.0.1.0022 (XPClient.010817-1148) | Size = 38784 bytes | Created Date = 2008-01-22 21:01:16 | Attr = ]
io8ports.dll -> %System32%\dllcache\io8ports.dll -> Perle Systems Ltd. [Ver = 1.0.0.0008 | Size = 90200 bytes | Created Date = 2008-01-22 21:01:16 | Attr = ]
ip5515.sys -> %System32%\dllcache\ip5515.sys -> Interphase ® Corporation a Windows ® 2000 DDK Driver Provider [Ver = 5.1.2257.1 built by: Administrator | Size = 45632 bytes | Created Date = 2008-01-22 21:01:17 | Attr = ]
irmk7.sys -> %System32%\dllcache\irmk7.sys -> MKNet Corporation [Ver = 4.1.0 | Size = 23552 bytes | Created Date = 2008-01-22 21:01:25 | Attr = ]
irstusb.sys -> %System32%\dllcache\irstusb.sys -> SigmaTel, Inc. [Ver = 1, 20, 0, 0 | Size = 26624 bytes | Created Date = 2008-01-22 21:01:27 | Attr = ]
ktc111.sys -> %System32%\dllcache\ktc111.sys -> Kingston Technology Company [Ver = 2.00 | Size = 19016 bytes | Created Date = 2008-01-22 21:01:50 | Attr = ]
lanepic5.sys -> %System32%\dllcache\lanepic5.sys -> SMSC [Ver = 3.40.0000.0000 | Size = 26442 bytes | Created Date = 2008-01-22 21:01:51 | Attr = ]
lbrtfdc.sys -> %System32%\dllcache\lbrtfdc.sys -> Toshiba Corp. [Ver = Version 5.10.3 (xpsp_sp2_rtm.040803-2158) | Size = 34688 bytes | Created Date = 2008-01-22 21:01:51 | Attr = ]
lit220p.sys -> %System32%\dllcache\lit220p.sys -> Litronic Industries [Ver = 1 | Size = 15744 bytes | Created Date = 2008-01-22 21:01:53 | Attr = ]
lmndis3.sys -> %System32%\dllcache\lmndis3.sys -> D-Link [Ver = 5.00.2128.1 | Size = 25065 bytes | Created Date = 2008-01-22 21:01:54 | Attr = ]
lne100.sys -> %System32%\dllcache\lne100.sys -> The Linksts Group [Ver = 2.00 | Size = 20573 bytes | Created Date = 2008-01-22 21:01:55 | Attr = ]
lne100tx.sys -> %System32%\dllcache\lne100tx.sys -> Linksys Group, Inc. [Ver = 4.55 | Size = 70730 bytes | Created Date = 2008-01-22 21:01:55 | Attr = ]
ltck000c.sys -> %System32%\dllcache\ltck000c.sys -> Xircom, Inc. [Ver = 1.98.2 | Size = 727786 bytes | Created Date = 2008-01-22 21:01:58 | Attr = ]
ltmdmnt.sys -> %System32%\dllcache\ltmdmnt.sys -> LT [Ver = 8.28 | Size = 606684 bytes | Created Date = 2008-01-22 21:01:59 | Attr = ]
ltmdmntl.sys -> %System32%\dllcache\ltmdmntl.sys -> LT [Ver = 3.01.3 | Size = 576746 bytes | Created Date = 2008-01-22 21:01:59 | Attr = ]
ltmdmntt.sys -> %System32%\dllcache\ltmdmntt.sys -> LT [Ver = 6.08 | Size = 420992 bytes | Created Date = 2008-01-22 21:02:00 | Attr = ]
ltsm.sys -> %System32%\dllcache\ltsm.sys -> Lucent Technologies [Ver = 3.1.92.1 3.1.92.1 07/18/2001 12:51:10 | Size = 802683 bytes | Created Date = 2008-01-22 21:02:01 | Attr = ]
ltsmt.sys -> %System32%\dllcache\ltsmt.sys -> LT [Ver = 3.1.92.1 07/18/2001 13:02:42 | Size = 797500 bytes | Created Date = 2008-01-22 21:02:02 | Attr = ]
lwadihid.sys -> %System32%\dllcache\lwadihid.sys -> Logitech Inc. [Ver = 5.1.420.093 | Size = 20864 bytes | Created Date = 2008-01-22 21:02:04 | Attr = ]
lwusbhid.sys -> %System32%\dllcache\lwusbhid.sys -> Logitech Inc. [Ver = 5.1.410.190 | Size = 22848 bytes | Created Date = 2008-01-22 21:02:04 | Attr = ]
maestro.sys -> %System32%\dllcache\maestro.sys -> ESS Technology, Inc. [Ver = 5.1.2501.0 built by: WinDDK | Size = 48768 bytes | Created Date = 2008-01-22 21:02:06 | Attr = ]
mdgndis5.sys -> %System32%\dllcache\mdgndis5.sys -> Madge Networks Ltd [Ver = 6.06 | Size = 164586 bytes | Created Date = 2008-01-22 21:02:08 | Attr = ]
memstpci.sys -> %System32%\dllcache\memstpci.sys -> Sony Corporation [Ver = 1.00.1120.0 (xpsp_sp2_rtm.040803-2158) | Size = 26112 bytes | Created Date = 2008-01-22 21:02:09 | Attr = ]
mgaud.dll -> %System32%\dllcache\mgaud.dll -> Matrox Graphics Inc. [Ver = 5.00.2475.1200 (ReleasedBinaries.010308-1115) | Size = 235648 bytes | Created Date = 2008-01-22 21:02:11 | Attr = ]
mgaum.sys -> %System32%\dllcache\mgaum.sys -> Matrox Graphics Inc. [Ver = 5.00.2475.1200 (ReleasedBinaries.010308-1115) | Size = 320384 bytes | Created Date = 2008-01-22 21:02:11 | Attr = ]
mtxvideo.sys -> %System32%\dllcache\mtxvideo.sys -> Matrox Graphics Inc [Ver = 1.00.25 | Size = 103296 bytes | Created Date = 2008-01-22 21:02:49 | Attr = ]
mxcard.sys -> %System32%\dllcache\mxcard.sys -> Moxa Technologies Co., Ltd. [Ver = 1.1 (XPClient.010817-1148) | Size = 21888 bytes | Created Date = 2008-01-22 21:02:50 | Attr = ]
mxicfg.dll -> %System32%\dllcache\mxicfg.dll -> Moxa Technologies Co., Ltd [Ver = 1.1 | Size = 19968 bytes | Created Date = 2008-01-22 21:02:51 | Attr = ]
mxnic.sys -> %System32%\dllcache\mxnic.sys -> Macronix International Co., Ltd. [Ver = 2.12 (XPClient.010817-1148) | Size = 19968 bytes | Created Date = 2008-01-22 21:02:51 | Attr = ]
mxport.dll -> %System32%\dllcache\mxport.dll -> Moxa Technologies Co., Ltd [Ver = 1.1 | Size = 7168 bytes | Created Date = 2008-01-22 21:02:51 | Attr = ]
mxport.sys -> %System32%\dllcache\mxport.sys -> Moxa Technologies Co., Ltd. [Ver = 1.1 (XPClient.010817-1148) | Size = 75520 bytes | Created Date = 2008-01-22 21:02:52 | Attr = ]
n1000nt5.sys -> %System32%\dllcache\n1000nt5.sys -> Compaq Computer Corporation [Ver = 2.94.294.0 | Size = 52255 bytes | Created Date = 2008-01-22 21:02:52 | Attr = ]
n100325.sys -> %System32%\dllcache\n100325.sys -> Compaq Computer Corporation [Ver = 5.41.22.0000 built by: WinDDK | Size = 128000 bytes | Created Date = 2008-01-22 21:02:53 | Attr = ]
n9i128.dll -> %System32%\dllcache\n9i128.dll -> Number Nine Visual Technology Corp. [Ver = 5.01.101.03 | Size = 35392 bytes | Created Date = 2008-01-22 21:02:53 | Attr = ]
n9i128.sys -> %System32%\dllcache\n9i128.sys -> Number Nine Visual Technology Corp. [Ver = 5.01.101.03 | Size = 13664 bytes | Created Date = 2008-01-22 21:02:54 | Attr = ]
n9i128v2.dll -> %System32%\dllcache\n9i128v2.dll -> Number Nine Visual Technology Corp. [Ver = 5.01.102.35 | Size = 59104 bytes | Created Date = 2008-01-22 21:02:54 | Attr = ]
n9i128v2.sys -> %System32%\dllcache\n9i128v2.sys -> Number Nine Visual Technology Corp. [Ver = 5.01.102.35 | Size = 33088 bytes | Created Date = 2008-01-22 21:02:54 | Attr = ]
n9i3d.sys -> %System32%\dllcache\n9i3d.sys -> Number Nine Visual Technology Corp. [Ver = 5.01.103.09 | Size = 27936 bytes | Created Date = 2008-01-22 21:02:55 | Attr = ]
n9i3disp.dll -> %System32%\dllcache\n9i3disp.dll -> Number Nine Visual Technology Corp. [Ver = 5.01.103.09 | Size = 91488 bytes | Created Date = 2008-01-22 21:02:55 | Attr = ]
neo20xx.dll -> %System32%\dllcache\neo20xx.dll -> NeoMagic Corporation [Ver = 5.31.00 (ReleasedBinaries.010308-1115) | Size = 60480 bytes | Created Date = 2008-01-22 21:02:59 | Attr = ]
neo20xx.sys -> %System32%\dllcache\neo20xx.sys -> NeoMagic Corporation [Ver = 5.31.00 (ReleasedBinaries.010308-1115) | Size = 39264 bytes | Created Date = 2008-01-22 21:02:59 | Attr = ]
netflx3.sys -> %System32%\dllcache\netflx3.sys -> Compaq Computer Corporation [Ver = 5.0.1.18 | Size = 65278 bytes | Created Date = 2008-01-22 21:03:01 | Attr = ]
netwlan5.sys -> %System32%\dllcache\netwlan5.sys -> 802.11b [Ver = 3, 1, 4, 26 | Size = 132695 bytes | Created Date = 2008-01-22 21:03:03 | Attr = ]
ngrpci.sys -> %System32%\dllcache\ngrpci.sys -> NETGEAR Corporation. [Ver = 4.56 | Size = 32840 bytes | Created Date = 2008-01-22 21:03:04 | Attr = ]
nm5a2wdm.sys -> %System32%\dllcache\nm5a2wdm.sys -> NeoMagic Corporation [Ver = 5.1.2501.0 built by: WinDDK | Size = 126080 bytes | Created Date = 2008-01-22 21:03:05 | Attr = ]
nm6wdm.sys -> %System32%\dllcache\nm6wdm.sys -> NeoMagic Corporation [Ver = 5.1.2501.0 built by: WinDDK | Size = 87040 bytes | Created Date = 2008-01-22 21:03:05 | Attr = ]
nscirda.sys -> %System32%\dllcache\nscirda.sys -> National Semiconductor Corporation [Ver = 5,02,00,011 (xpsp_sp2_rtm.040803-2158) | Size = 28672 bytes | Created Date = 2008-01-22 21:03:10 | Attr = ]
ntgrip.sys -> %System32%\dllcache\ntgrip.sys -> Kensington Technology Group [Ver = 1.00 | Size = 51552 bytes | Created Date = 2008-01-22 21:03:15 | Attr = ]
nv3.dll -> %System32%\dllcache\nv3.dll -> NVIDIA Corporation [Ver = 5.1.3528.0343 (ReleasedBinaries.010717-0141) | Size = 123776 bytes | Created Date = 2008-01-22 21:03:24 | Attr = ]
nv3.sys -> %System32%\dllcache\nv3.sys -> NVIDIA Corporation [Ver = 5.1.3528.0343 (ReleasedBinaries.010717-0141) | Size = 198144 bytes | Created Date = 2008-01-22 21:03:24 | Attr = ]
opl3sax.sys -> %System32%\dllcache\opl3sax.sys -> Yamaha Corp. [Ver = 5.1.2501.0 built by: WinDDK | Size = 54528 bytes | Created Date = 2008-01-22 21:03:30 | Attr = ]
otc06x5.sys -> %System32%\dllcache\otc06x5.sys -> Ositech Communications, Inc. [Ver = 1.01.020 | Size = 27209 bytes | Created Date = 2008-01-22 21:03:30 | Attr = ]
otceth5.sys -> %System32%\dllcache\otceth5.sys -> Ositech Communications, Inc. [Ver = 1.02.014.3 | Size = 43689 bytes | Created Date = 2008-01-22 21:03:31 | Attr = ]
otcsercb.sys -> %System32%\dllcache\otcsercb.sys -> Ositech Communications, Inc. [Ver = 1.05.02 | Size = 54186 bytes | Created Date = 2008-01-22 21:03:31 | Attr = ]
pc100nds.sys -> %System32%\dllcache\pc100nds.sys -> Linksys [Ver = 5.00.2195.1 | Size = 30495 bytes | Created Date = 2008-01-22 21:03:36 | Attr = ]
pca200e.sys -> %System32%\dllcache\pca200e.sys -> Marconi Communications, Inc. [Ver = 5.0.12.6327 | Size = 29502 bytes | Created Date = 2008-01-22 21:03:36 | Attr = ]
pcmlm56.sys -> %System32%\dllcache\pcmlm56.sys -> Linksys [Ver = 5.00.2128.1 | Size = 26153 bytes | Created Date = 2008-01-22 21:03:38 | Attr = ]
pcntn5hl.sys -> %System32%\dllcache\pcntn5hl.sys -> AMD Inc. [Ver = 1.09.001 | Size = 30282 bytes | Created Date = 2008-01-22 21:03:39 | Attr = ]
pcntn5m.sys -> %System32%\dllcache\pcntn5m.sys -> AMD Inc. [Ver = 4.09.00 | Size = 29769 bytes | Created Date = 2008-01-22 21:03:39 | Attr = ]
pcntpci5.sys -> %System32%\dllcache\pcntpci5.sys -> AMD Inc. [Ver = 4.38.00 built by: WinDDK | Size = 35328 bytes | Created Date = 2008-01-22 21:03:39 | Attr = ]
pctspk.exe -> %System32%\dllcache\pctspk.exe -> PCtel, Inc. [Ver = 4.00 | Size = 86016 bytes | Created Date = 2008-01-22 21:03:40 | Attr = ]
pcx500.sys -> %System32%\dllcache\pcx500.sys -> Cisco Systems [Ver = 7.50.01 Firmware built by: Cisco Systems | Size = 169984 bytes | Created Date = 2008-01-22 21:03:40 | Attr = ]
perm2.sys -> %System32%\dllcache\perm2.sys -> Microsoft Corp., 3Dlabs Inc. Ltd. [Ver = 1.00-0009 (MS) (xpsp_sp2_rtm.040803-2158) | Size = 27904 bytes | Created Date = 2008-01-22 21:03:42 | Attr = ]
perm2dll.dll -> %System32%\dllcache\perm2dll.dll -> Microsoft Corp., 3Dlabs Inc. Ltd. [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 211712 bytes | Created Date = 2008-01-22 21:03:43 | Attr = ]
perm3.sys -> %System32%\dllcache\perm3.sys -> Microsoft Corp., 3Dlabs Inc. Ltd. [Ver = 1.00 (xpsp_sp2_rtm.040803-2158) | Size = 28032 bytes | Created Date = 2008-01-22 21:03:45 | Attr = ]
perm3dd.dll -> %System32%\dllcache\perm3dd.dll -> Microsoft Corp., 3Dlabs Inc. Ltd. [Ver = 1.00 (xpsp_sp2_rtm.040803-2158) | Size = 259328 bytes | Created Date = 2008-01-22 21:03:46 | Attr = ]
pscr.sys -> %System32%\dllcache\pscr.sys -> SCM Microsystems, Inc. [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 16128 bytes | Created Date = 2008-01-22 21:03:56 | Attr = ]
ptserli.sys -> %System32%\dllcache\ptserli.sys -> PCTEL, INC. [Ver = 7.54.07 | Size = 128286 bytes | Created Date = 2008-01-22 21:03:59 | Attr = ]
ptserlp.sys -> %System32%\dllcache\ptserlp.sys -> PCTEL, INC. [Ver = 7.54.07 | Size = 112574 bytes | Created Date = 2008-01-22 21:03:59 | Attr = ]
ptserlv.sys -> %System32%\dllcache\ptserlv.sys -> PCTEL, INC. [Ver = 7.54.07 | Size = 130942 bytes | Created Date = 2008-01-22 21:03:59 | Attr = ]
r2mdkxga.sys -> %System32%\dllcache\r2mdkxga.sys -> Xircom, Inc. [Ver = 1.90.7 | Size = 899146 bytes | Created Date = 2008-01-22 21:04:05 | Attr = ]
r2mdmkxx.sys -> %System32%\dllcache\r2mdmkxx.sys -> Xircom, Inc. [Ver = 1.90.7 | Size = 714762 bytes | Created Date = 2008-01-22 21:04:05 | Attr = ]
reslog32.dll -> %System32%\dllcache\reslog32.dll -> Xircom [Ver = 1.0.0.6 | Size = 86097 bytes | Created Date = 2008-01-22 21:04:15 | Attr = ]
rlnet5.sys -> %System32%\dllcache\rlnet5.sys -> RadioLAN [Ver = 2.30 | Size = 37563 bytes | Created Date = 2008-01-22 21:04:16 | Attr = ]
rocket.sys -> %System32%\dllcache\rocket.sys -> Comtrol Corporation [Ver = 4.50 | Size = 79104 bytes | Created Date = 2008-01-22 21:04:17 | Attr = ]
rpfun.sys -> %System32%\dllcache\rpfun.sys -> Conexant Systems Inc. [Ver = 5.12.01.0326 | Size = 3840 bytes | Created Date = 2008-01-22 21:04:19 | Attr = ]
rsmgrstr.dll -> %System32%\dllcache\rsmgrstr.dll -> Brother Industries, Ltd. [Ver = 1.45.15.340 | Size = 9216 bytes | Created Date = 2008-01-22 21:04:20 | Attr = ]
rthwcls.sys -> %System32%\dllcache\rthwcls.sys -> Conexant Systems Inc. [Ver = 5.12.01.0326 | Size = 30720 bytes | Created Date = 2008-01-22 21:04:21 | Attr = ]
rtl8029.sys -> %System32%\dllcache\rtl8029.sys -> Realtek Semiconductor Corporation [Ver = 5.508.0803.2000 | Size = 19017 bytes | Created Date = 2008-01-22 21:04:21 | Attr = ]
rw330ext.dll -> %System32%\dllcache\rw330ext.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 26624 bytes | Created Date = 2008-01-22 21:04:23 | Attr = ]
rw430ext.dll -> %System32%\dllcache\rw430ext.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 24576 bytes | Created Date = 2008-01-22 21:04:23 | Attr = ]
rw450ext.dll -> %System32%\dllcache\rw450ext.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 26624 bytes | Created Date = 2008-01-22 21:04:23 | Attr = ]
rwia001.dll -> %System32%\dllcache\rwia001.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 2008-01-22 21:04:24 | Attr = ]
rwia330.dll -> %System32%\dllcache\rwia330.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 2008-01-22 21:04:24 | Attr = ]
rwia430.dll -> %System32%\dllcache\rwia430.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 79872 bytes | Created Date = 2008-01-22 21:04:24 | Attr = ]
rwia450.dll -> %System32%\dllcache\rwia450.dll -> Ricoh Co., Ltd. [Ver = 5, 0, 2419, 1 | Size = 82432 bytes | Created Date = 2008-01-22 21:04:24 | Attr = ]
s3m.sys -> %System32%\dllcache\s3m.sys -> S3 Incorporated [Ver = 5.1024.329.0002 (ReleasedBinaries.010308-1115) | Size = 166720 bytes | Created Date = 2008-01-22 21:04:25 | Attr = ]
s3mt3d.dll -> %System32%\dllcache\s3mt3d.dll -> S3 Incorporated [Ver = 5.01.526.0007 (ReleasedBinaries.010718-0005) | Size = 182272 bytes | Created Date = 2008-01-22 21:04:26 | Attr = ]
s3mt3d.sys -> %System32%\dllcache\s3mt3d.sys -> S3 Incorporated [Ver = 5.01.526.0007 (ReleasedBinaries.010718-0005) | Size = 41216 bytes | Created Date = 2008-01-22 21:04:26 | Attr = ]
s3mtrio.dll -> %System32%\dllcache\s3mtrio.dll -> S3 Incorporated [Ver = 5.1024.329.0002 (ReleasedBinaries.010308-1115) | Size = 62496 bytes | Created Date = 2008-01-22 21:04:27 | Attr = ]
s3mvirge.dll -> %System32%\dllcache\s3mvirge.dll -> S3 Incorporated [Ver = 5.1024.329.0002 (ReleasedBinaries.010308-1115) | Size = 210496 bytes | Created Date = 2008-01-22 21:04:27 | Attr = ]
s3sav3d.dll -> %System32%\dllcache\s3sav3d.dll -> S3 Incorporated [Ver = 5.01.620.0006 (ReleasedBinaries.010308-1115) | Size = 179264 bytes | Created Date = 2008-01-22 21:04:27 | Attr = ]
s3sav3dm.sys -> %System32%\dllcache\s3sav3dm.sys -> S3 Incorporated [Ver = 5.01.620.0006 (ReleasedBinaries.010308-1115) | Size = 61504 bytes | Created Date = 2008-01-22 21:04:27 | Attr = ]
s3sav4.dll -> %System32%\dllcache\s3sav4.dll -> S3 Incorporated [Ver = 5.12.01.8012-8.40.03 built by: ReleasedBinaries | Size = 198400 bytes | Created Date = 2008-01-22 21:04:28 | Attr = ]
s3sav4m.sys -> %System32%\dllcache\s3sav4m.sys -> S3 Incorporated [Ver = 5.12.01.8012-8.40.03 built by: ReleasedBinaries | Size = 77824 bytes | Created Date = 2008-01-22 21:04:28 | Attr = ]
s3savmx.dll -> %System32%\dllcache\s3savmx.dll -> S3 Graphics, Inc. [Ver = 5.13.01.7056-7.50.16 | Size = 245632 bytes | Created Date = 2008-01-22 21:04:28 | Attr = ]
s3savmxm.sys -> %System32%\dllcache\s3savmxm.sys -> S3 Graphics, Inc. [Ver = 5.13.01.7056-7.50.16 | Size = 75392 bytes | Created Date = 2008-01-22 21:04:29 | Attr = ]
sblfx.dll -> %System32%\dllcache\sblfx.dll -> Creative Technology Ltd. [Ver = 5.12.01.3210 | Size = 495616 bytes | Created Date = 2008-01-22 21:04:30 | Attr = ]
sccmn50m.sys -> %System32%\dllcache\sccmn50m.sys -> OMNIKEY AG [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 23936 bytes | Created Date = 2008-01-22 21:04:31 | Attr = ]
sccmusbm.sys -> %System32%\dllcache\sccmusbm.sys -> OMNIKEY AG [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 23936 bytes | Created Date = 2008-01-22 21:04:32 | Attr = ]
scr111.sys -> %System32%\dllcache\scr111.sys -> SCM Microsystems [Ver = 1.01.006 (XPClient.010817-1148) | Size = 17280 bytes | Created Date = 2008-01-22 21:04:33 | Attr = ]
sfmanm.sys -> %System32%\dllcache\sfmanm.sys -> Creative Technology Ltd. [Ver = 4.10.3300 | Size = 36480 bytes | Created Date = 2008-01-22 21:04:40 | Attr = ]
sgiul50.dll -> %System32%\dllcache\sgiul50.dll -> Trident Microsystems Inc. [Ver = 5.1.2462.0032 (ReleasedBinaries.010308-1115) | Size = 386560 bytes | Created Date = 2008-01-22 21:04:41 | Attr = ]
sgiulnt5.sys -> %System32%\dllcache\sgiulnt5.sys -> Trident Microsystems Inc. [Ver = 5.1.2462.0032 (ReleasedBinaries.010308-1115) | Size = 98080 bytes | Created Date = 2008-01-22 21:04:41 | Attr = ]
sgsmld.sys -> %System32%\dllcache\sgsmld.sys -> Micro Systemation [Ver = 1.1 | Size = 18400 bytes | Created Date = 2008-01-22 21:04:41 | Attr = ]
sgsmusb.sys -> %System32%\dllcache\sgsmusb.sys -> Micro Systemation [Ver = 1, 0, 0, 4 | Size = 161568 bytes | Created Date = 2008-01-22 21:04:42 | Attr = ]
sis300ip.sys -> %System32%\dllcache\sis300ip.sys -> Silicon Integrated Systems Corporation [Ver = 5.13.01.1100 (Lab01_N(ericks).010612-1818) | Size = 101760 bytes | Created Date = 2008-01-22 21:04:48 | Attr = ]
sis300iv.dll -> %System32%\dllcache\sis300iv.dll -> Silicon Integrated Systems Corporation [Ver = 5.13.01.1100 (Lab01_N(ericks).010612-1818) | Size = 252032 bytes | Created Date = 2008-01-22 21:04:48 | Attr = ]
sis6306p.sys -> %System32%\dllcache\sis6306p.sys -> Silicon Integrated Systems Corporation [Ver = 5.12.01.1080 (Lab01_N(ericks).010522-2022) | Size = 68608 bytes | Created Date = 2008-01-22 21:04:49 | Attr = ]
sis6306v.dll -> %System32%\dllcache\sis6306v.dll -> Silicon Integrated Systems Corporation [Ver = 5.12.01.1080 (Lab01_N(ericks).010522-2022) | Size = 150144 bytes | Created Date = 2008-01-22 21:04:49 | Attr = ]
sisgrp.sys -> %System32%\dllcache\sisgrp.sys -> Silicon Integrated Systems Corporation [Ver = 5.13.01.2000 (ReleasedBinaries.010625-1804) | Size = 104064 bytes | Created Date = 2008-01-22 21:04:49 | Attr = ]
sisgrv.dll -> %System32%\dllcache\sisgrv.dll -> Silicon Integrated Systems Corporation [Ver = 5.13.01.2000 (ReleasedBinaries.010625-1804) | Size = 238592 bytes | Created Date = 2008-01-22 21:04:50 | Attr = ]
sisnic.sys -> %System32%\dllcache\sisnic.sys -> SiS Corporation [Ver = 1.16.00.05 built by: WinDDK | Size = 32768 bytes | Created Date = 2008-01-22 21:04:50 | Attr = ]
sisv.sys -> %System32%\dllcache\sisv.sys -> Silicon Integrated Systems Corporation [Ver = 5.12.01.1300 (Lab01_N(ericks).010522-2022) | Size = 50432 bytes | Created Date = 2008-01-22 21:04:52 | Attr = ]
sisv256.dll -> %System32%\dllcache\sisv256.dll -> Silicon Integrated Systems Corporation [Ver = 5.12.01.1300 (Lab01_N(ericks).010522-2022) | Size = 157696 bytes | Created Date = 2008-01-22 21:04:52 | Attr = ]
sk98xwin.sys -> %System32%\dllcache\sk98xwin.sys -> SysKonnect GmbH. [Ver = 3.12 | Size = 94698 bytes | Created Date = 2008-01-22 21:04:52 | Attr = ]
skfpwin.sys -> %System32%\dllcache\skfpwin.sys -> SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH. [Ver = 5.13 | Size = 91294 bytes | Created Date = 2008-01-22 21:04:53 | Attr = ]
sla30nd5.sys -> %System32%\dllcache\sla30nd5.sys -> Symbol Technologies [Ver = 4.2.0.8 | Size = 63547 bytes | Created Date = 2008-01-22 21:04:53 | Attr = ]
smc8000n.sys -> %System32%\dllcache\smc8000n.sys -> SMC Networks, Inc. [Ver = 3.13.1025.2000 built by: yfeng | Size = 24576 bytes | Created Date = 2008-01-22 21:05:03 | Attr = ]
smcirda.sys -> %System32%\dllcache\smcirda.sys -> SMC [Ver = 5.1.2462.0 | Size = 35913 bytes | Created Date = 2008-01-22 21:05:03 | Attr = ]
smcpwr2n.sys -> %System32%\dllcache\smcpwr2n.sys -> SMC Networks, Inc. [Ver = 3.28.1214.2000 | Size = 25034 bytes | Created Date = 2008-01-22 21:05:04 | Attr = ]
smidispb.dll -> %System32%\dllcache\smidispb.dll -> Silicon Motion Inc. [Ver = 5.01.2401.0143e | Size = 147200 bytes | Created Date = 2008-01-22 21:05:05 | Attr = ]
smiminib.sys -> %System32%\dllcache\smiminib.sys -> Silicon Motion Inc. [Ver = 5.01.2401.0143e | Size = 58368 bytes | Created Date = 2008-01-22 21:05:05 | Attr = ]
sonync.sys -> %System32%\dllcache\sonync.sys -> Sony Corporation [Ver = 6.0.0.05300 | Size = 20752 bytes | Created Date = 2008-01-22 21:05:14 | Attr = ]
sonypi.dll -> %System32%\dllcache\sonypi.dll -> Sony Corporation [Ver = 1.5.090699 | Size = 114688 bytes | Created Date = 2008-01-22 21:05:14 | Attr = ]
sonypi.sys -> %System32%\dllcache\sonypi.sys -> Sony Corporation [Ver = 6.0.5.07140 | Size = 37040 bytes | Created Date = 2008-01-22 21:05:15 | Attr = ]
sonypvu1.sys -> %System32%\dllcache\sonypvu1.sys -> Sony Corporation [Ver = 1.3.0526.0 (XPClient.010817-1148) | Size = 7552 bytes | Created Date = 2008-01-22 21:05:15 | Attr = ]
spdports.dll -> %System32%\dllcache\spdports.dll -> Perle Systems Ltd. [Ver = 1.0.0.0012 | Size = 106584 bytes | Created Date = 2008-01-22 21:05:16 | Attr = ]
speed.sys -> %System32%\dllcache\speed.sys -> Perle Systems Ltd. [Ver = 1.0.4.0021 (XPClient.010817-1148) | Size = 61824 bytes | Created Date = 2008-01-22 21:05:17 | Attr = ]
spxupchk.dll -> %System32%\dllcache\spxupchk.dll -> Perle Systems Ltd. [Ver = 1.0.0.0002 | Size = 24660 bytes | Created Date = 2008-01-22 21:05:18 | Attr = ]
srwlnd5.sys -> %System32%\dllcache\srwlnd5.sys -> 3Com [Ver = 3.0.4 alpha | Size = 48736 bytes | Created Date = 2008-01-22 21:05:21 | Attr = ]
stcusb.sys -> %System32%\dllcache\stcusb.sys -> SCM Microsystems, Inc. [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 16896 bytes | Created Date = 2008-01-22 21:05:23 | Attr = ]
stlnata.sys -> %System32%\dllcache\stlnata.sys -> Stallion Technologies [Ver = 5.6.5 | Size = 285760 bytes | Created Date = 2008-01-22 21:05:24 | Attr = ]
stlncoin.dll -> %System32%\dllcache\stlncoin.dll -> Stallion Technologies [Ver = 5.6.5 | Size = 53248 bytes | Created Date = 2008-01-22 21:05:24 | Attr = ]
stlnprop.dll -> %System32%\dllcache\stlnprop.dll -> Stallion Technologies [Ver = 5.6.4 | Size = 155648 bytes | Created Date = 2008-01-22 21:05:25 | Attr = ]
sx.sys -> %System32%\dllcache\sx.sys -> Perle Systems Ltd. [Ver = 1.1.2.0031 (XPClient.010817-1148) | Size = 103936 bytes | Created Date = 2008-01-22 21:05:28 | Attr = ]
sxports.dll -> %System32%\dllcache\sxports.dll -> Perle Systems Ltd. [Ver = 1.0.0.0008 | Size = 94293 bytes | Created Date = 2008-01-22 21:05:28 | Attr = ]
t2r4disp.dll -> %System32%\dllcache\t2r4disp.dll -> Number Nine Visual Technology [Ver = 5.01.104.09 | Size = 172768 bytes | Created Date = 2008-01-22 21:05:32 | Attr = ]
t2r4mini.sys -> %System32%\dllcache\t2r4mini.sys -> Number Nine Visual Technology Corp. [Ver = 5.01.104.09 | Size = 36640 bytes | Created Date = 2008-01-22 21:05:32 | Attr = ]
tbatm155.sys -> %System32%\dllcache\tbatm155.sys -> Toshiba Corporation [Ver = 0.4.0.0 (XPClient.010817-1148) | Size = 30464 bytes | Created Date = 2008-01-22 21:05:35 | Attr = ]
tdk100b.sys -> %System32%\dllcache\tdk100b.sys -> TDK Corporation [Ver = 1.00 | Size = 37961 bytes | Created Date = 2008-01-22 21:05:37 | Attr = ]
tdkcd31.sys -> %System32%\dllcache\tdkcd31.sys -> TDK Corporation [Ver = 5.00.2128.1 | Size = 17129 bytes | Created Date = 2008-01-22 21:05:38 | Attr = ]
tffsport.sys -> %System32%\dllcache\tffsport.sys -> M-Systems [Ver = 5.02 | Size = 149376 bytes | Created Date = 2008-01-22 21:05:39 | Attr = ]
tgiul50.dll -> %System32%\dllcache\tgiul50.dll -> Trident Microsystems Inc. [Ver = 5.1.2462.0015 (ReleasedBinaries.010308-1115) | Size = 81408 bytes | Created Date = 2008-01-22 21:05:40 | Attr = ]
tgiulnt5.sys -> %System32%\dllcache\tgiulnt5.sys -> Trident Microsystems Inc. [Ver = 5.1.2462.0015 (ReleasedBinaries.010308-1115) | Size = 138528 bytes | Created Date = 2008-01-22 21:05:41 | Attr = ]
tjisdn.sys -> %System32%\dllcache\tjisdn.sys -> Tiger Jet Network [Ver = 3.03 | Size = 123995 bytes | Created Date = 2008-01-22 21:05:43 | Attr = ]
tos4mo.sys -> %System32%\dllcache\tos4mo.sys -> TOSHIBA Corporation [Ver = 2.23 | Size = 28232 bytes | Created Date = 2008-01-22 21:05:44 | Attr = ]
tosdvd02.sys -> %System32%\dllcache\tosdvd02.sys -> Toshiba Corporation [Ver = 1.00.99.1004 (XPClient.010817-1148) | Size = 241664 bytes | Created Date = 2008-01-22 21:05:44 | Attr = ]
tosdvd03.sys -> %System32%\dllcache\tosdvd03.sys -> Toshiba Corporation [Ver = 1.00.99.1003 (XPClient.010817-1148) | Size = 230912 bytes | Created Date = 2008-01-22 21:05:44 | Attr = ]
tp4.dll -> %System32%\dllcache\tp4.dll -> IBM Corporation [Ver = 6.03 (XPClient.010817-1148) | Size = 31744 bytes | Created Date = 2008-01-22 21:05:46 | Attr = ]
tp4mon.exe -> %System32%\dllcache\tp4mon.exe -> IBM Corporation [Ver = 6.03 (xpsp_sp2_rtm.040803-2158) | Size = 82432 bytes | Created Date = 2008-01-22 21:05:46 | Attr = ]
tp4res.dll -> %System32%\dllcache\tp4res.dll -> IBM Corporation [Ver = 6.03 (XPClient.010817-1148) | Size = 42496 bytes | Created Date = 2008-01-22 21:05:48 | Attr = ]
tpro4.sys -> %System32%\dllcache\tpro4.sys -> Intel Corporation [Ver = 3.06.02.0000 | Size = 34375 bytes | Created Date = 2008-01-22 21:05:48 | Attr = ]
trid3d.dll -> %System32%\dllcache\trid3d.dll -> Trident Microsystems Inc. [Ver = 5.1.2471.0046 (ReleasedBinaries.000421-1946) | Size = 315520 bytes | Created Date = 2008-01-22 21:05:49 | Attr = ]
trid3dm.sys -> %System32%\dllcache\trid3dm.sys -> Trident Microsystems Inc. [Ver = 5.1.2471.0032 (ReleasedBinaries.000421-1946) | Size = 222336 bytes | Created Date = 2008-01-22 21:05:49 | Attr = ]
tridkb.dll -> %System32%\dllcache\tridkb.dll -> Trident Microsystems Inc. [Ver = 5.1.2489.0045 (ReleasedBinaries.000421-1946) | Size = 440576 bytes | Created Date = 2008-01-22 21:05:49 | Attr = ]
tridkbm.sys -> %System32%\dllcache\tridkbm.sys -> Trident Microsystems Inc. [Ver = 5.1.2489.0032 (ReleasedBinaries.000421-1946) | Size = 159232 bytes | Created Date = 2008-01-22 21:05:50 | Attr = ]
tridxp.dll -> %System32%\dllcache\tridxp.dll -> Trident Microsystems Inc. [Ver = 5.1.2475.0115 (ReleasedBinaries.010510-2313) | Size = 525568 bytes | Created Date = 2008-01-22 21:05:50 | Attr = ]
tridxpm.sys -> %System32%\dllcache\tridxpm.sys -> Trident Microsystems Inc. [Ver = 5.1.2475.96 (ReleasedBinaries.010510-2313) | Size = 166784 bytes | Created Date = 2008-01-22 21:05:50 | Attr = ]
twotrack.sys -> %System32%\dllcache\twotrack.sys -> IBM Corporation [Ver = 6.03 (XPClient.010817-1148) | Size = 11520 bytes | Created Date = 2008-01-22 21:05:53 | Attr = ]
um34scan.dll -> %System32%\dllcache\um34scan.dll -> UMAX Data Systems Inc. [Ver = 1.0.0.7 | Size = 216064 bytes | Created Date = 2008-01-22 21:05:54 | Attr = ]
um54scan.dll -> %System32%\dllcache\um54scan.dll -> UMAX Data Systems Inc. [Ver = 1.0.0.8 | Size = 211968 bytes | Created Date = 2008-01-22 21:05:55 | Attr = ]
umaxscan.dll -> %System32%\dllcache\umaxscan.dll -> UMAX DATA SYSTEMS INC. [Ver = 5.00.2434.1 | Size = 50688 bytes | Created Date = 2008-01-22 21:05:56 | Attr = ]
usb101et.sys -> %System32%\dllcache\usb101et.sys -> KLSI USA, Inc. [Ver = 3.43.0005.0000 | Size = 32384 bytes | Created Date = 2008-01-22 21:05:59 | Attr = ]
usr1801.sys -> %System32%\dllcache\usr1801.sys -> U.S. Robotics, Inc. [Ver = 1.00.034 | Size = 794654 bytes | Created Date = 2008-01-22 21:06:04 | Attr = ]
usr1806.sys -> %System32%\dllcache\usr1806.sys -> U.S. Robotics, Inc. [Ver = 1.00.036 | Size = 793598 bytes | Created Date = 2008-01-22 21:06:05 | Attr = ]
usr1806v.sys -> %System32%\dllcache\usr1806v.sys -> U.S. Robotics, Inc. [Ver = 1.00.036 | Size = 794399 bytes | Created Date = 2008-01-22 21:06:06 | Attr = ]
usr1807a.sys -> %System32%\dllcache\usr1807a.sys -> U.S. Robotics Corporation [Ver = 4. 11. 21 | Size = 224802 bytes | Created Date = 2008-01-22 21:06:07 | Attr = ]
usroslba.sys -> %System32%\dllcache\usroslba.sys -> U.S. Robotics Corporation [Ver = 4. 11. 21 | Size = 7556 bytes | Created Date = 2008-01-22 21:06:08 | Attr = ]
usrpda.sys -> %System32%\dllcache\usrpda.sys -> U.S. Robotics Corporation [Ver = 4. 11. 22 | Size = 113762 bytes | Created Date = 2008-01-22 21:06:08 | Attr = ]
usrti.sys -> %System32%\dllcache\usrti.sys -> U.S. Robotics, Inc. [Ver = 2.60.005 | Size = 765884 bytes | Created Date = 2008-01-22 21:06:09 | Attr = ]
usrwdxjs.sys -> %System32%\dllcache\usrwdxjs.sys -> U.S. Robotics Corporation [Ver = 3.27.036.0005 | Size = 687999 bytes | Created Date = 2008-01-22 21:06:10 | Attr = ]
viairda.sys -> %System32%\dllcache\viairda.sys -> VIA Technologies, Inc. [Ver = 5,1,2480,0 (XPClient.010817-1148) | Size = 24576 bytes | Created Date = 2008-01-22 21:06:14 | Attr = ]
vinwm.sys -> %System32%\dllcache\vinwm.sys -> Xircom [Ver = 2.1.0.10 | Size = 249402 bytes | Created Date = 2008-01-22 21:06:14 | Attr = ]
vmodem.sys -> %System32%\dllcache\vmodem.sys -> PCTEL, INC. [Ver = 7.60.10A | Size = 604253 bytes | Created Date = 2008-01-22 21:06:15 | Attr = ]
vpctcom.sys -> %System32%\dllcache\vpctcom.sys -> PCtel, Inc. [Ver = 8.00-9K | Size = 397502 bytes | Created Date = 2008-01-22 21:06:16 | Attr = ]
vvoice.sys -> %System32%\dllcache\vvoice.sys -> PCtel, Inc. [Ver = 3.53.00 | Size = 64605 bytes | Created Date = 2008-01-22 21:06:17 | Attr = ]
w840nd.sys -> %System32%\dllcache\w840nd.sys -> Winbond Electronics Corporation [Ver = 2.40 | Size = 19528 bytes | Created Date = 2008-01-22 21:06:18 | Attr = ]
w926nd.sys -> %System32%\dllcache\w926nd.sys -> Winbond Electronics Corporation [Ver = 1.60 | Size = 19016 bytes | Created Date = 2008-01-22 21:06:18 | Attr = ]
w940nd.sys -> %System32%\dllcache\w940nd.sys -> Winbond Electronics Corporation [Ver = 3.22 | Size = 16925 bytes | Created Date = 2008-01-22 21:06:18 | Attr = ]
wadv01nt.sys -> %System32%\dllcache\wadv01nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 12415 bytes | Created Date = 2008-01-22 21:06:20 | Attr = ]
wadv02nt.sys -> %System32%\dllcache\wadv02nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 12127 bytes | Created Date = 2008-01-22 21:06:21 | Attr = ]
wadv05nt.sys -> %System32%\dllcache\wadv05nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 11775 bytes | Created Date = 2008-01-22 21:06:22 | Attr = ]
watv01nt.sys -> %System32%\dllcache\watv01nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 29311 bytes | Created Date = 2008-01-22 21:06:24 | Attr = ]
watv02nt.sys -> %System32%\dllcache\watv02nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 19551 bytes | Created Date = 2008-01-22 21:06:26 | Attr = ]
watv04nt.sys -> %System32%\dllcache\watv04nt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 33599 bytes | Created Date = 2008-01-22 21:06:27 | Attr = ]
wbfirdma.sys -> %System32%\dllcache\wbfirdma.sys -> Winbond Electronics Corp. [Ver = 5.4.9820.0306 | Size = 35871 bytes | Created Date = 2008-01-22 21:06:30 | Attr = ]
wch7xxnt.sys -> %System32%\dllcache\wch7xxnt.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 23615 bytes | Created Date = 2008-01-22 21:06:32 | Attr = ]
wdhaalba.sys -> %System32%\dllcache\wdhaalba.sys -> 3Com Corporation [Ver = 3.34.034.0075 | Size = 701386 bytes | Created Date = 2008-01-22 21:06:33 | Attr = ]
winacisa.sys -> %System32%\dllcache\winacisa.sys -> Rockwell [Ver = 2,0,2,111 | Size = 771581 bytes | Created Date = 2008-01-22 21:06:39 | Attr = ]
wlandrv2.sys -> %System32%\dllcache\wlandrv2.sys -> Raytheon Corp. [Ver = 4.00.00.0004 | Size = 34890 bytes | Created Date = 2008-01-22 21:06:44 | Attr = ]
wlluc48.sys -> %System32%\dllcache\wlluc48.sys -> Lucent Technologies [Ver = 7.43.0.9 | Size = 154624 bytes | Created Date = 2008-01-22 21:06:44 | Attr = ]
wsiintxx.sys -> %System32%\dllcache\wsiintxx.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 12063 bytes | Created Date = 2008-01-22 21:07:28 | Attr = ]
wvchntxx.sys -> %System32%\dllcache\wvchntxx.sys -> Intel® Corporation [Ver = 6.13.01.3198 | Size = 19455 bytes | Created Date = 2008-01-22 21:07:35 | Attr = ]
xem336n5.sys -> %System32%\dllcache\xem336n5.sys -> US Robotics MCD (Megahertz) [Ver = 1.25.014 | Size = 16970 bytes | Created Date = 2008-01-22 21:07:43 | Attr = ]
xlog.exe -> %System32%\dllcache\xlog.exe -> Eicon Technology [Ver = 2.0.1.315 | Size = 99865 bytes | Created Date = 2008-01-22 21:07:44 | Attr = ]
xrxftplt.exe -> %System32%\dllcache\xrxftplt.exe -> [Ver = 1, 0, 0, 2 | Size = 27648 bytes | Created Date = 2008-01-22 21:07:47 | Attr = ]
xrxscnui.dll -> %System32%\dllcache\xrxscnui.dll -> [Ver = 1, 0, 0, 1 | Size = 17408 bytes | Created Date = 2008-01-22 21:07:47 | Attr = ]
xrxwbtmp.dll -> %System32%\dllcache\xrxwbtmp.dll -> Xerox Corporation [Ver = 1, 0, 0, 1 | Size = 23040 bytes | Created Date = 2008-01-22 21:07:48 | Attr = ]
xrxwiadr.dll -> %System32%\dllcache\xrxwiadr.dll -> Xerox [Ver = 1, 0, 0, 2 | Size = 116224 bytes | Created Date = 2008-01-22 21:07:48 | Attr = ]
svchost .exe -> %System32%\drivers\svchost .exe -> [Ver = | Size = 69489 bytes | Created Date = 2008-01-23 12:34:52 | Attr = ]
btask.dll -> %System32%\btask.dll -> Charter [Ver = 0, 1, 0, 1 | Size = 53760 bytes | Created Date = 2008-01-20 20:41:28 | Attr = ]
BTCPatcher.exe -> %System32%\BTCPatcher.exe -> [Ver = | Size = 1499136 bytes | Created Date = 2007-12-31 17:03:54 | Attr = ]
cs.dat -> %System32%\cs.dat -> [Ver = | Size = 1 bytes | Created Date = 2008-01-23 00:43:10 | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Created Date = 2008-01-22 20:50:44 | Attr = HS]
java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 135168 bytes | Created Date = 2008-01-13 09:13:45 | Attr = ]
javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 135168 bytes | Created Date = 2008-01-13 09:13:45 | Attr = ]
javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 6.0.40.12 | Size = 139264 bytes | Created Date = 2008-01-13 09:13:45 | Attr = ]
klnnn.ini -> %System32%\klnnn.ini -> [Ver = | Size = 6556 bytes | Created Date = 2008-01-24 14:30:10 | Attr = HS]
klnnn.ini2 -> %System32%\klnnn.ini2 -> [Ver = | Size = 6556 bytes | Created Date = 2008-01-24 14:30:16 | Attr = HS]
ktask.dll -> %System32%\ktask.dll -> Charter [Ver = 0, 1, 0, 1 | Size = 53760 bytes | Created Date = 2008-01-20 20:41:38 | Attr = ]
nnnlk.dll -> %System32%\nnnlk.dll -> [Ver = | Size = 334848 bytes | Created Date = 2008-01-24 14:29:38 | Attr = ]
nnnlk.exe -> %System32%\nnnlk.exe -> [Ver = | Size = 338432 bytes | Created Date = 2008-01-24 14:31:29 | Attr = ]
ps1.dat -> %System32%\ps1.dat -> [Ver = | Size = 1 bytes | Created Date = 2008-01-23 00:43:10 | Attr = ]
rc.dat -> %System32%\rc.dat -> [Ver = | Size = 1 bytes | Created Date = 2008-01-23 00:43:10 | Attr = ]
streamhlp.dll -> %System32%\streamhlp.dll -> [Ver = | Size = 59392 bytes | Created Date = 2008-01-12 18:52:41 | Attr = R ]
swreg.exe -> %System32%\swreg.exe -> SteelWerX [Ver = 2.0.1.11 | Size = 156160 bytes | Created Date = 2008-01-24 14:10:44 | Attr = ]
swsc.exe -> %System32%\swsc.exe -> SteelWerX [Ver = 2.0.0.5 | Size = 136704 bytes | Created Date = 2008-01-24 14:10:44 | Attr = ]
swxcacls.exe -> %System32%\swxcacls.exe -> SteelWerX [Ver = 1.0.1.1 | Size = 212480 bytes | Created Date = 2008-01-24 14:10:44 | Attr = ]
VFind.exe -> %System32%\VFind.exe -> [Ver = | Size = 49152 bytes | Created Date = 2008-01-24 14:10:44 | Attr = ]
ERDNT -> %SystemRoot%\ERDNT -> [Folder | Created Date = 2008-01-07 23:59:11 | Attr = ]
isRS-000.tmp -> %SystemRoot%\isRS-000.tmp -> [Ver = 51.46.0.0 | Size = 679424 bytes | Created Date = 2008-01-15 18:45:12 | Attr = ]
Minidump -> %SystemRoot%\Minidump -> [Folder | Created Date = 2008-01-16 05:15:36 | Attr = ]
Nircmd.exe -> %SystemRoot%\Nircmd.exe -> NirSoft [Ver = 2.00 | Size = 51200 bytes | Created Date = 2008-01-24 14:10:44 | Attr = ]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Created Date = 2008-01-20 16:08:13 | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Created Date = 2008-01-20 16:08:13 | Attr = H ]
TEMP -> %SystemRoot%\TEMP -> [Folder | Created Date = 2008-01-24 14:21:55 | Attr = ]
wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 2201 bytes | Created Date = 2008-01-12 14:19:59 | Attr = ]
[Files Created - Additional Folder Scans - Non-Microsoft Only]
ESET -> %AllUsersAppData%\ESET -> [Folder | Created Date = 2008-01-07 19:29:29 | Attr = ]
Lavasoft -> %AllUsersAppData%\Lavasoft -> [Folder | Created Date = 2008-01-13 01:12:43 | Attr = ]
SUPERAntiSpyware.com -> %AllUsersAppData%\SUPERAntiSpyware.com -> [Folder | Created Date = 2008-01-07 21:53:20 | Attr = ]
ESET -> %UserAppData%\ESET -> [Folder | Created Date = 2008-01-08 01:10:32 | Attr = ]
SUPERAntiSpyware.com -> %UserAppData%\SUPERAntiSpyware.com -> [Folder | Created Date = 2008-01-22 17:29:31 | Attr = ]
ESET -> %LocalAppData%\ESET -> [Folder | Created Date = 2008-01-22 20:35:59 | Attr = ]
Ad-Aware 2007.lnk -> %AllUsersDesktop%\Ad-Aware 2007.lnk -> [Ver = | Size = 1801 bytes | Created Date = 2008-01-13 01:15:02 | Attr = ]
iTunes.lnk -> %AllUsersDesktop%\iTunes.lnk -> [Ver = | Size = 2137 bytes | Created Date = 2007-12-31 19:57:53 | Attr = ]
SUPERAntiSpyware Free Edition.lnk -> %AllUsersDesktop%\SUPERAntiSpyware Free Edition.lnk -> [Ver = | Size = 950 bytes | Created Date = 2008-01-22 17:29:42 | Attr = ]
avenger.zip -> %UserDesktop%\avenger.zip -> [Ver = | Size = 127378 bytes | Created Date = 2008-01-23 12:38:11 | Attr = ]
ComboFix.exe -> %UserDesktop%\ComboFix.exe -> [Ver = | Size = 1551017 bytes | Created Date = 2008-01-24 12:34:51 | Attr = ]
HijackThis.lnk -> %UserDesktop%\HijackThis.lnk -> [Ver = | Size = 1745 bytes | Created Date = 2008-01-12 13:40:32 | Attr = ]
Shortcut to WinPFind35u.lnk -> %UserDesktop%\Shortcut to WinPFind35u.lnk -> [Ver = | Size = 718 bytes | Created Date = 2008-01-23 16:15:14 | Attr = ]
SUPERAntiSpyware.exe -> %UserDesktop%\SUPERAntiSpyware.exe -> [Ver = | Size = 5914648 bytes | Created Date = 2008-01-22 17:26:38 | Attr = ]
VundoFix.exe -> %UserDesktop%\VundoFix.exe -> Atribune.org [Ver = 6.07.0007 | Size = 132608 bytes | Created Date = 2008-01-22 17:26:38 | Attr = ]
WinPFind35u -> %UserDesktop%\WinPFind35u -> [Folder | Created Date = 2008-01-22 20:35:54 | Attr = ]
WinPFind35u.exe -> %UserDesktop%\WinPFind35u.exe -> [Ver = | Size = 477456 bytes | Created Date = 2008-01-22 17:26:32 | Attr = ]

[Files/Folders - Modified Within 30 days]
!KillBox -> %SystemDrive%\!KillBox -> [Folder | Modified Date = 2008-01-16 19:02:28 | Attr = ]
avenger -> %SystemDrive%\avenger -> [Folder | Modified Date = 2008-01-23 12:44:22 | Attr = ]
boot.ini -> %SystemDrive%\boot.ini -> [Ver = | Size = 211 bytes | Modified Date = 2008-01-13 17:28:33 | Attr = RHS]
ComboFix -> %SystemDrive%\ComboFix -> [Folder | Modified Date = 2008-01-24 14:43:31 | Attr = ]
Config.Msi -> %SystemDrive%\Config.Msi -> [Folder | Modified Date = 2008-01-22 17:29:54 | Attr = ]
Deckard -> %SystemDrive%\Deckard -> [Folder | Modified Date = 2008-01-07 23:07:19 | Attr = ]
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [Ver = | Size = 234409984 bytes | Modified Date = 2008-01-24 14:26:35 | Attr = HS]
Program Files -> %ProgramFiles% -> [Folder | Modified Date = 2008-01-24 14:21:22 | Attr = R ]
Programas -> %SystemDrive%\Programas -> [Folder | Modified Date = 2008-01-07 21:38:59 | Attr = ]
QooBox -> %SystemDrive%\QooBox -> [Folder | Modified Date = 2008-01-24 14:38:46 | Attr = ]
RECYCLER -> %SystemDrive%\RECYCLER -> [Folder | Modified Date = 2008-01-22 20:44:32 | Attr = HS]
SUPERAntiSpyware.exe -> %SystemDrive%\SUPERAntiSpyware.exe -> [Ver = | Size = 5914648 bytes | Modified Date = 2008-01-22 11:44:00 | Attr = ]
System Volume Information -> %SystemDrive%\System Volume Information -> [Folder | Modified Date = 2008-01-08 02:05:23 | Attr = HS]
VundoFix Backups -> %SystemDrive%\VundoFix Backups -> [Folder | Modified Date = 2008-01-22 19:18:02 | Attr = ]
VundoFix.exe -> %SystemDrive%\VundoFix.exe -> Atribune.org [Ver = 6.07.0007 | Size = 132608 bytes | Modified Date = 2008-01-22 11:42:10 | Attr = ]
WINDOWS -> %SystemRoot% -> [Folder | Modified Date = 2008-01-24 14:28:47 | Attr = ]
WinPFind35u.exe -> %SystemDrive%\WinPFind35u.exe -> [Ver = | Size = 476717 bytes | Modified Date = 2008-01-21 20:16:04 | Attr = ]
etc -> %System32%\drivers\etc -> [Folder | Modified Date = 2008-01-24 14:28:33 | Attr = ]
hosts -> %System32%\drivers\etc\hosts -> [Ver = | Size = 27 bytes | Modified Date = 2008-01-24 14:28:33 | Attr = ]
hosts.20080115-185918.backup -> %System32%\drivers\etc\hosts.20080115-185918.backup -> [Ver = | Size = 65806 bytes | Modified Date = 2008-01-15 18:36:26 | Attr = R ]
hosts.20080115-185942.backup -> %System32%\drivers\etc\hosts.20080115-185942.backup -> [Ver = | Size = 65806 bytes | Modified Date = 2008-01-15 18:59:19 | Attr = R ]
hosts.20080115-191645.backup -> %System32%\drivers\etc\hosts.20080115-191645.backup -> [Ver = | Size = 65806 bytes | Modified Date = 2008-01-15 18:59:42 | Attr = R ]
hosts.20080115-202232.backup -> %System32%\drivers\etc\hosts.20080115-202232.backup -> [Ver = | Size = 223724 bytes | Modified Date = 2008-01-15 19:16:45 | Attr = R ]
hosts.20080116-004852.backup -> %System32%\drivers\etc\hosts.20080116-004852.backup -> [Ver = | Size = 223724 bytes | Modified Date = 2008-01-15 20:22:33 | Attr = R ]
hosts.20080116-060312.backup -> %System32%\drivers\etc\hosts.20080116-060312.backup -> [Ver = | Size = 223724 bytes | Modified Date = 2008-01-16 00:48:52 | Attr = R ]
hosts.20080116-073002.backup -> %System32%\drivers\etc\hosts.20080116-073002.backup -> [Ver = | Size = 223724 bytes | Modified Date = 2008-01-16 06:03:12 | Attr = R ]
hosts.20080116-073519.backup -> %System32%\drivers\etc\hosts.20080116-073519.backup -> [Ver = | Size = 223724 bytes | Modified Date = 2008-01-16 07:30:02 | Attr = R ]
hosts.20080116-095802.backup -> %System32%\drivers\etc\hosts.20080116-095802.backup -> [Ver = | Size = 223724 bytes | Modified Date = 2008-01-16 07:35:19 | Attr = R ]
hosts.20080116-181934.backup -> %System32%\drivers\etc\hosts.20080116-181934.backup -> [Ver = | Size = 223724 bytes | Modified Date = 2008-01-16 09:58:02 | Attr = R ]
hosts.20080116-182752.backup -> %System32%\drivers\etc\hosts.20080116-182752.backup -> [Ver = | Size = 223724 bytes | Modified Date = 2008-01-16 18:19:34 | Attr = R ]
hosts.20080116-200125.backup -> %System32%\drivers\etc\hosts.20080116-200125.backup -> [Ver = | Size = 223724 bytes | Modified Date = 2008-01-16 18:27:52 | Attr = R ]
hosts.20080117-010818.backup -> %System32%\drivers\etc\hosts.20080117-010818.backup -> [Ver = | Size = 223724 bytes | Modified Date = 2008-01-16 20:01:25 | Attr = R ]
hosts.20080117-162821.backup -> %System32%\drivers\etc\hosts.20080117-162821.backup -> [Ver = | Size = 223724 bytes | Modified Date = 2008-01-17 01:08:18 | Attr = R ]
hosts.20080118-202342.backup -> %System32%\drivers\etc\hosts.20080118-202342.backup -> [Ver = | Size = 223724 bytes | Modified Date = 2008-01-17 16:28:21 | Attr = R ]
hosts.20080118-232428.backup -> %System32%\drivers\etc\hosts.20080118-232428.backup -> [Ver = | Size = 223724 bytes | Modified Date = 2008-01-18 20:23:42 | Attr = R ]
hosts.20080119-003451.backup -> %System32%\drivers\etc\hosts.20080119-003451.backup -> [Ver = | Size = 223724 bytes | Modified Date = 2008-01-18 20:23:42 | Attr = ]
hosts.20080119-071510.backup -> %System32%\drivers\etc\hosts.20080119-071510.backup -> [Ver = | Size = 223724 bytes | Modified Date = 2008-01-19 00:34:52 | Attr = R ]
hosts.20080119-121310.backup -> %System32%\drivers\etc\hosts.20080119-121310.backup -> [Ver = | Size = 223724 bytes | Modified Date = 2008-01-19 07:15:10 | Attr = R ]
hosts.20080119-153035.backup -> %System32%\drivers\etc\hosts.20080119-153035.backup -> [Ver = | Size = 223724 bytes | Modified Date = 2008-01-19 12:13:10 | Attr = R ]
hosts.20080120-153645.backup -> %System32%\drivers\etc\hosts.20080120-153645.backup -> [Ver = | Size = 223724 bytes | Modified Date = 2008-01-19 15:30:35 | Attr = R ]
hosts.20080120-160639.backup -> %System32%\drivers\etc\hosts.20080120-160639.backup -> [Ver = | Size = 223724 bytes | Modified Date = 2008-01-19 15:30:35 | Attr = ]
hosts.20080120-164010.backup -> %System32%\drivers\etc\hosts.20080120-164010.backup -> [Ver = | Size = 223724 bytes | Modified Date = 2008-01-19 15:30:35 | Attr = ]
hosts.20080120-171303.backup -> %System32%\drivers\etc\hosts.20080120-171303.backup -> [Ver = | Size = 223724 bytes | Modified Date = 2008-01-20 16:40:10 | Attr = R ]
sptd.sys -> %System32%\drivers\sptd.sys -> [Ver = | Size = 715248 bytes | Modified Date = 2008-01-08 00:20:57 | Attr = ]
svchost .exe -> %System32%\drivers\svchost .exe -> [Ver = | Size = 69489 bytes | Modified Date = 2008-01-23 12:34:52 | Attr = ]
btask.dll -> %System32%\btask.dll -> Charter [Ver = 0, 1, 0, 1 | Size = 53760 bytes | Modified Date = 2008-01-20 21:51:24 | Attr = ]
BTCPatcher.exe -> %System32%\BTCPatcher.exe -> [Ver = | Size = 1499136 bytes | Modified Date = 2007-12-31 17:03:16 | Attr = ]
CatRoot -> %System32%\CatRoot -> [Folder | Modified Date = 2008-01-11 22:50:20 | Attr = ]
CatRoot2 -> %System32%\CatRoot2 -> [Folder | Modified Date = 2008-01-24 14:09:08 | Attr = ]
config -> %System32%\config -> [Folder | Modified Date = 2008-01-24 14:23:59 | Attr = ]
cs.dat -> %System32%\cs.dat -> [Ver = | Size = 1 bytes | Modified Date = 2008-01-23 00:43:10 | Attr = ]
dllcache -> %System32%\dllcache -> [Folder | Modified Date = 2008-01-23 12:32:15 | Attr = HS]
drivers -> %System32%\drivers -> [Folder | Modified Date = 2008-01-24 14:28:33 | Attr = ]
DRVSTORE -> %System32%\DRVSTORE -> [Folder | Modified Date = 2007-12-31 19:49:44 | Attr = ]
klnnn.ini -> %System32%\klnnn.ini -> [Ver = | Size = 6556 bytes | Modified Date = 2008-01-24 14:48:16 | Attr = HS]
klnnn.ini2 -> %System32%\klnnn.ini2 -> [Ver = | Size = 6556 bytes | Modified Date = 2008-01-24 14:47:34 | Attr = HS]
ktask.dll -> %System32%\ktask.dll -> Charter [Ver = 0, 1, 0, 1 | Size = 53760 bytes | Modified Date = 2008-01-21 23:23:40 | Attr = ]
nnnlk.dll -> %System32%\nnnlk.dll -> [Ver = | Size = 334848 bytes | Modified Date = 2008-01-24 14:29:40 | Attr = ]
nnnlk.exe -> %System32%\nnnlk.exe -> [Ver = | Size = 338432 bytes | Modified Date = 2008-01-24 14:31:31 | Attr = ]
perfc009.dat -> %System32%\perfc009.dat -> [Ver = | Size = 59448 bytes | Modified Date = 2008-01-11 20:45:55 | Attr = ]
perfh009.dat -> %System32%\perfh009.dat -> [Ver = | Size = 393506 bytes | Modified Date = 2008-01-11 20:45:55 | Attr = ]
ps1.dat -> %System32%\ps1.dat -> [Ver = | Size = 1 bytes | Modified Date = 2008-01-23 00:43:10 | Attr = ]
rc.dat -> %System32%\rc.dat -> [Ver = | Size = 1 bytes | Modified Date = 2008-01-23 00:43:10 | Attr = ]
Restore -> %System32%\Restore -> [Folder | Modified Date = 2008-01-08 02:05:23 | Attr = ]
streamhlp.dll -> %System32%\streamhlp.dll -> [Ver = | Size = 59392 bytes | Modified Date = 2008-01-12 18:53:12 | Attr = R ]
wbem -> %System32%\wbem -> [Folder | Modified Date = 2008-01-11 22:27:07 | Attr = ]
wpa.dbl -> %System32%\wpa.dbl -> [Ver = | Size = 12704 bytes | Modified Date = 2008-01-24 14:28:19 | Attr = ]
$hf_mig$ -> %SystemRoot%\$hf_mig$ -> [Folder | Modified Date = 2008-01-08 21:31:16 | Attr = H ]
bootstat.dat -> %SystemRoot%\bootstat.dat -> [Ver = | Size = 2048 bytes | Modified Date = 2008-01-24 14:26:36 | Attr = S]
Downloaded Program Files -> %SystemRoot%\Downloaded Program Files -> [Folder | Modified Date = 2008-01-08 00:02:15 | Attr = S]
ERDNT -> %SystemRoot%\ERDNT -> [Folder | Modified Date = 2008-01-24 14:22:41 | Attr = ]
inf -> %SystemRoot%\inf -> [Folder | Modified Date = 2008-01-12 12:20:31 | Attr = H ]
Installer -> %SystemRoot%\Installer -> [Folder | Modified Date = 2008-01-22 17:29:54 | Attr = HS]
isRS-000.tmp -> %SystemRoot%\isRS-000.tmp -> [Ver = 51.46.0.0 | Size = 679424 bytes | Modified Date = 2008-01-15 18:45:12 | Attr = ]
Minidump -> %SystemRoot%\Minidump -> [Folder | Modified Date = 2008-01-16 18:24:59 | Attr = ]
Prefetch -> %SystemRoot%\Prefetch -> [Folder | Modified Date = 2008-01-24 13:57:28 | Attr = ]
pss -> %SystemRoot%\pss -> [Folder | Modified Date = 2008-01-08 22:31:36 | Attr = ]
QTFont.for -> %SystemRoot%\QTFont.for -> [Ver = | Size = 1409 bytes | Modified Date = 2008-01-20 16:08:13 | Attr = ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn -> [Ver = | Size = 54156 bytes | Modified Date = 2008-01-24 14:30:55 | Attr = H ]
Registration -> %SystemRoot%\Registration -> [Folder | Modified Date = 2008-01-11 22:27:05 | Attr = ]
system.ini -> %SystemRoot%\system.ini -> [Ver = | Size = 227 bytes | Modified Date = 2008-01-24 14:28:45 | Attr = ]
system32 -> %System32% -> [Folder | Modified Date = 2008-01-24 14:31:36 | Attr = ]
Tasks -> %SystemRoot%\Tasks -> [Folder | Modified Date = 2008-01-24 14:21:52 | Attr = S]
TEMP -> %SystemRoot%\TEMP -> [Folder | Modified Date = 2008-01-24 14:39:51 | Attr = ]
win.ini -> %SystemRoot%\win.ini -> [Ver = | Size = 823 bytes | Modified Date = 2008-01-13 17:28:33 | Attr = ]
wininit.ini -> %SystemRoot%\wininit.ini -> [Ver = | Size = 2201 bytes | Modified Date = 2008-01-20 17:55:58 | Attr = ]
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [Ver = | Size = 284 bytes | Modified Date = 2007-12-31 12:18:19 | Attr = ]
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [Ver = | Size = 6 bytes | Modified Date = 2008-01-24 14:26:43 | Attr = H ]
[Files Modified - Additional Folder Scans - Non-Microsoft Only]
BVRP Software -> %AllUsersAppData%\BVRP Software -> [Folder | Modified Date = 2008-01-03 20:25:43 | Attr = ]
ESET -> %AllUsersAppData%\ESET -> [Folder | Modified Date = 2008-01-07 19:29:29 | Attr = ]
Lavasoft -> %AllUsersAppData%\Lavasoft -> [Folder | Modified Date = 2008-01-13 01:12:43 | Attr = ]
Spybot - Search & Destroy -> %AllUsersAppData%\Spybot - Search & Destroy -> [Folder | Modified Date = 2008-01-15 18:36:08 | Attr = ]
SUPERAntiSpyware.com -> %AllUsersAppData%\SUPERAntiSpyware.com -> [Folder | Modified Date = 2008-01-07 21:53:20 | Attr = ]
TEMP -> %AllUsersAppData%\TEMP -> [Folder | Modified Date = 2008-01-21 19:56:15 | Attr = ]
ESET -> %UserAppData%\ESET -> [Folder | Modified Date = 2008-01-08 01:10:32 | Attr = ]
SUPERAntiSpyware.com -> %UserAppData%\SUPERAntiSpyware.com -> [Folder | Modified Date = 2008-01-22 17:29:34 | Attr = ]
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %LocalAppData%\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [Ver = | Size = 15872 bytes | Modified Date = 2007-12-26 16:09:36 | Attr = ]
ESET -> %LocalAppData%\ESET -> [Folder | Modified Date = 2008-01-22 20:35:59 | Attr = ]
My Pictures -> %UserDocuments%\My Pictures -> [Folder | Modified Date = 2008-01-21 23:06:44 | Attr = R ]
Ad-Aware 2007.lnk -> %AllUsersDesktop%\Ad-Aware 2007.lnk -> [Ver = | Size = 1801 bytes | Modified Date = 2008-01-13 01:15:02 | Attr = ]
iTunes.lnk -> %AllUsersDesktop%\iTunes.lnk -> [Ver = | Size = 2137 bytes | Modified Date = 2008-01-13 00:53:10 | Attr = ]
SUPERAntiSpyware Free Edition.lnk -> %AllUsersDesktop%\SUPERAntiSpyware Free Edition.lnk -> [Ver = | Size = 950 bytes | Modified Date = 2008-01-22 19:33:02 | Attr = ]
avenger.zip -> %UserDesktop%\avenger.zip -> [Ver = | Size = 127378 bytes | Modified Date = 2008-01-23 12:38:09 | Attr = ]
ComboFix.exe -> %UserDesktop%\ComboFix.exe -> [Ver = | Size = 1551017 bytes | Modified Date = 2008-01-24 12:30:22 | Attr = ]
HijackThis.lnk -> %UserDesktop%\HijackThis.lnk -> [Ver = | Size = 1745 bytes | Modified Date = 2008-01-12 13:40:32 | Attr = ]
Microsoft Access.lnk -> %UserDesktop%\Microsoft Access.lnk -> [Ver = | Size = 2457 bytes | Modified Date = 2008-01-14 23:47:11 | Attr = ]
Microsoft Word.lnk -> %UserDesktop%\Microsoft Word.lnk -> [Ver = | Size = 2483 bytes | Modified Date = 2007-12-26 18:34:18 | Attr = ]
Shortcut to WinPFind35u.lnk -> %UserDesktop%\Shortcut to WinPFind35u.lnk -> [Ver = | Size = 718 bytes | Modified Date = 2008-01-23 16:15:14 | Attr = ]
SUPERAntiSpyware.exe -> %UserDesktop%\SUPERAntiSpyware.exe -> [Ver = | Size = 5914648 bytes | Modified Date = 2008-01-22 11:44:00 | Attr = ]
Unused Desktop Shortcuts -> %UserDesktop%\Unused Desktop Shortcuts -> [Folder | Modified Date = 2008-01-24 12:19:13 | Attr = ]
VundoFix.exe -> %UserDesktop%\VundoFix.exe -> Atribune.org [Ver = 6.07.0007 | Size = 132608 bytes | Modified Date = 2008-01-22 11:42:10 | Attr = ]
WinPFind35u -> %UserDesktop%\WinPFind35u -> [Folder | Modified Date = 2008-01-22 20:37:23 | Attr = ]
WinPFind35u.exe -> %UserDesktop%\WinPFind35u.exe -> [Ver = | Size = 477456 bytes | Modified Date = 2008-01-22 17:17:08 | Attr = ]
Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [Folder | Modified Date = 2008-01-12 14:22:34 | Attr = ]
qmgr0.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [Ver = | Size = 5470 bytes | Modified Date = 2008-01-24 14:27:41 | Attr = ]
qmgr1.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [Ver = | Size = 5470 bytes | Modified Date = 2008-01-24 14:27:41 | Attr = ]
data.dat -> C:\Documents and Settings\All Users\Application Data\Microsoft\Office\Data\data.dat -> [Ver = | Size = 1388 bytes | Modified Date = 2007-10-11 22:44:58 | Attr = ]

< End of report >


Does it look like a difficult one?

#13 OldTimer

OldTimer

    Malware Expert


  • Members
  • 11,092 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina
  • Local time:09:16 AM

Posted 24 January 2008 - 04:44 PM

Hi Cunnysmythe. Please follow the steps below in order.

Step #1

1. Close any open browsers.

2. Open notepad and copy/paste the text in the codebox below into it:

RenV::
----a-w		   486,856 2008-01-21 19:54:23  C:\Program Files\DAEMON Tools Lite\daemon .exe
----a-w		 1,443,072 2008-01-16 18:53:11  C:\Program Files\ESET\ESET Smart Security\egui .exe
----a-w		   267,048 2008-01-24 14:29:42  C:\Program Files\iTunes\iTunesHelper .exe
----a-w		   144,784 2008-01-13 16:35:49  C:\Program Files\Java\jre1.6.0_04\bin\jusched .exe
----a-w		 1,694,208 2008-01-23 00:38:30  C:\Program Files\Messenger\msmsgs .exe
----a-w		 1,460,560 2008-01-20 17:04:12  C:\Program Files\Spybot - Search & Destroy\TeaTimer .exe
----a-w		 1,318,912 2008-01-24 14:29:57  C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware .exe
----a-w		 1,046,688 2008-01-13 00:37:01  C:\Program Files\TrojanHunter 5.0\THGuard .exe
----a-w		   158,208 2008-01-11 22:34:47  C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig .exe
----a-w			15,360 2008-01-13 13:01:51  C:\WINDOWS\system32\ctfmon .exe
----a-w			69,489 2008-01-23 12:34:52  C:\WINDOWS\system32\drivers\svchost .exe

Save this as CFScript.txt, in the same location as ComboFix.exe


Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at "C:\ComboFix.txt"

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall


Step #2

Next, use the Internet Explorer browser (or FireFox with IETab), and do an online scan with Kaspersky Online Scanner

Note: If you have used this particular scanner before, you MAY HAVE TO UNINSTALL the program through Add/Remove Programs before downloading the new ActiveX component

Click Yes, when prompted to install its ActiveX component.
(Note.. for Internet Explorer 7 users: If at any time you have trouble with the "Accept" button of the license, click on the "Zoom" tool located at the bottom right of the IE window and set the zoom to 75 %. Once the license has been accepted, reset to 100%.)
The program launches and downloads the latest definition files.
  • Once the files are downloaded click on Next
  • Click on Scan Settings and configure as follows:
    • Scan using the following Anti-Virus database:
      • Extended
    • Scan Options:Scan Archives
      Scan Mail Bases
  • Click OK and, under select a target to scan, select My Computer
When the scan is done, in the Scan is completed window (below), any infection is displayed.
There is no option to clean/disinfect, however, we need to analyze the information on the report.
Posted Image
Posted Image
To obtain the report:
Click on: Save Report As (above - red blinking arrow)
Next, in the Save as prompt, Save in area, select: Desktop
In the File name area, use KScan, or something similar
In Save as type, click the drop arrow and select: Text file [*.txt]
Then, click: Save
Please post the Kaspersky Online Scanner Report in your reply.

Step #3

Post the following back here:The ComboFix report (c:\combofix.txt)
The Kapersky scan report
I will review the information when it comes in.

Cheers.

TO
I do not respond to PM's requesting help. That's what the forums are here for. Please use them so that others may benefit from your questions and the responses you receive.
OldTimer

Posted Image

#14 Cunnysmythe

Cunnysmythe
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Local time:02:16 PM

Posted 25 January 2008 - 05:18 PM

This one looked nasty. Scariest virus scan ever.

Plus, as soon as I switched the comp on, I could see it being reinfected when the fake Windows Update and Help and Support icons redirecting to StorageProtector reappeared on the desktop.


ComboFix 08-01-23.2 - Glendora Wooding 2008-01-25 17:41:38.2 - NTFSx86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.60 [GMT 0:00]
Running from: C:\Documents and Settings\Glendora Wooding\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Glendora Wooding\Desktop\CFScript.txt

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Glendora Wooding\My Documents\pos237.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos239.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos23A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos23B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos23C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos23D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos23E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos23F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos240.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos241.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos242.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos243.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos244.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos245.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos246.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos247.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos248.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos249.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos24A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos24B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos24C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos24D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos24E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos24F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos250.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos251.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos252.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos253.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos254.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos255.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos256.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos257.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos258.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos259.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos25A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos25B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos25C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos25D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos25E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos25F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos260.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos261.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos262.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos263.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos264.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos265.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos266.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos267.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos268.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos269.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos26A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos26B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos26C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos26D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos26E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos26F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos270.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos271.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos272.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos273.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos274.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos275.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos276.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos277.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos278.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos279.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos27A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos27B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos27C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos27D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos27E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos27F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos280.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos281.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos282.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos283.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos284.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos285.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos286.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos287.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos288.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos289.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos28A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos28B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos28C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos28D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos28E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos28F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos290.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos291.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos292.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos293.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos294.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos295.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos296.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos297.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos298.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos299.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos29A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos29B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos29C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos29D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos29E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos29F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2A0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2A1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2A2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2A3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2A4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2A5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2A6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2A7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2A8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2A9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2AA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2AB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2AC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2AD.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2AE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2AF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2B0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2B1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2B2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2B3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2B4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2B5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2B6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2B7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2B8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2B9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2BA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2BB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2BC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2BD.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2BE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2BF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2C0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2C1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2C2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2C3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2C4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2C5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2C6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2C7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2C8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2C9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2CA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2CB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2CC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2CD.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2CE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2CF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2D0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2D1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2D2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2D3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2D4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2D5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2D6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2D7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2D8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2D9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2DA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2DB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2DC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2DD.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2DE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2DF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2E0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2E1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2E2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2E3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2E4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2E5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2E6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2E7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2E8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2E9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2EA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2EB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2EC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2ED.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2EE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2EF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2F0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2F1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2F2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2F3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2F4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2F5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2F6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2F7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2F8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2F9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2FA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2FB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2FC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2FD.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2FE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos2FF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos300.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos301.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos302.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos303.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos304.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos305.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos306.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos307.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos308.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos309.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos30A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos30B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos30C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos30D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos30E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos30F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos310.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos311.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos312.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos313.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos314.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos315.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos316.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos317.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos318.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos319.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos31A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos31B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos31C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos31D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos31E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos31F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos320.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos321.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos322.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos323.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos324.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos325.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos326.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos327.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos328.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos329.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos32A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos32B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos32C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos32D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos32E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos32F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos330.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos331.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos332.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos333.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos334.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos335.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos336.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos337.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos338.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos339.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos33A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos33B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos33C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos33D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos33E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos33F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos340.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos341.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos342.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos343.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos344.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos345.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos346.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos347.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos348.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos349.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos34A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos34B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos34C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos34D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos34E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos34F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos350.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos351.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos352.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos353.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos354.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos355.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos356.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos357.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos358.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos359.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos35A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos35B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos35C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos35D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos35E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos35F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos360.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos361.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos362.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos363.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos364.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos365.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos366.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos367.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos368.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos369.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos36A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos36B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos36C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos36D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos36E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos36F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos370.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos371.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos372.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos373.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos374.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos375.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos376.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos377.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos378.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos379.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos37A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos37B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos37C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos37D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos37E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos37F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos380.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos381.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos382.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos383.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos384.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos385.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos386.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos387.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos388.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos389.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos38A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos38B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos38C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos38D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos38E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos38F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos390.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos391.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos392.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos393.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos394.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos395.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos396.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos397.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos398.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos399.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos39A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos39B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos39C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos39D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos39E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos39F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3A0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3A1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3A2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3A3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3A4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3A5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3A6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3A7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3A8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3A9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3AA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3AB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3AC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3AD.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3AE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3AF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3B0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3B1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3B2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3B3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3B4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3B5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3B6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3B7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3B8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3B9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3BA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3BB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3BC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3BD.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3BE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3BF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3C0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3C1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3C2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3C3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3C4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3C5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3C6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3C7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3C8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3C9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3CA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3CB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3CC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3CD.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3CE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3CF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3D0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3D1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3D2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3D3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3D4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3D5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3D6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3D7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3D8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3D9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3DA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3DB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3DC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3DD.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3DE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3DF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3E0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3E1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3E2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3E3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3E4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3E5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3E6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3E7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3E8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3E9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3EA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3EB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3EC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3ED.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3EE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3EF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3F0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3F1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3F2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3F3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3F4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3F5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3F6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3F7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3F8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3F9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3FA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3FB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3FC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3FD.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3FE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos3FF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos400.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos401.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos402.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos403.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos404.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos405.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos406.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos407.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos408.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos409.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos40A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos40B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos40C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos40D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos40E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos40F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos410.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos411.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos412.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos413.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos414.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos415.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos416.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos417.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos418.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos419.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos41A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos41B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos41C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos41D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos41E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos41F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos420.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos421.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos422.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos423.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos424.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos425.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos426.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos427.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos428.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos429.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos42A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos42B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos42C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos42D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos42E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos42F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos430.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos431.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos432.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos433.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos434.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos435.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos436.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos437.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos438.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos439.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos43A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos43B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos43C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos43D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos43E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos43F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos440.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos441.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos442.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos443.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos444.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos445.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos446.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos447.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos448.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos449.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos44A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos44B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos44C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos44D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos44E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos44F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos450.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos451.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos452.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos453.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos454.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos455.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos456.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos457.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos458.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos459.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos45A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos45B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos45C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos45D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos45E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos45F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos460.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos461.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos462.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos463.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos464.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos465.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos466.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos467.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos468.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos469.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos46A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos46B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos46C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos46D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos46E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos46F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos470.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos471.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos472.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos473.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos474.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos475.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos476.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos477.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos478.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos479.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos47A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos47B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos47C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos47D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos47E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos47F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos480.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos481.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos482.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos483.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos484.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos485.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos486.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos487.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos488.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos489.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos48A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos48B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos48C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos48D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos48E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos48F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos490.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos491.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos492.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos493.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos494.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos495.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos496.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos497.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos498.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos499.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos49A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos49B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos49C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos49D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos49E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos49F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4A0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4A1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4A2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4A3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4A4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4A5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4A6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4A7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4A8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4A9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4AA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4AB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4AC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4AD.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4AE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4AF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4B0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4B1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4B2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4B3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4B4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4B5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4B6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4B7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4B8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4B9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4BA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4BB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4BC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4BD.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4BE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4BF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4C0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4C1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4C2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4C3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4C4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4C5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4C6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4C7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4C8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4C9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4CA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4CB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4CC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4CD.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4CE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4CF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4D0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4D1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4D2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4D3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4D4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4D5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4D6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4D7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4D8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4D9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4DA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4DB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4DC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4DD.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4DE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4DF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4E0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4E1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4E2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4E3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4E4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4E5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4E6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4E7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4E8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4E9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4EA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4EB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4EC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4ED.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4EE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4EF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4F0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4F1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4F2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4F3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4F4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4F5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4F6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4F7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4F8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4F9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4FA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4FB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4FC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4FD.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4FE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos4FF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos500.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos501.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos502.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos503.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos504.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos505.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos506.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos507.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos508.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos509.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos50A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos50B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos50C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos50D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos50E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos50F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos510.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos511.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos512.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos513.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos514.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos515.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos516.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos517.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos518.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos519.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos51A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos51B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos51C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos51D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos51E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos51F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos520.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos521.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos522.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos523.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos524.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos525.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos526.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos527.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos528.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos529.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos52A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos52B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos52C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos52D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos52E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos52F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos530.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos531.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos532.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos533.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos534.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos535.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos536.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos537.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos538.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos539.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos53A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos53B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos53C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos53D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos53E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos53F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos540.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos541.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos542.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos543.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos544.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos545.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos546.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos547.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos548.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos549.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos54A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos54B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos54C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos54D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos54E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos54F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos550.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos551.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos552.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos553.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos554.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos555.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos556.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos557.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos558.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos559.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos55A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos55B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos55C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos55D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos55E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos55F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos560.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos561.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos562.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos563.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos564.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos565.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos566.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos567.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos568.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos569.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos56A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos56B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos56C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos56D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos56E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos56F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos570.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos571.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos572.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos573.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos574.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos575.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos576.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos577.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos578.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos579.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos57A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos57B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos57C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos57D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos57E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos57F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos580.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos581.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos582.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos583.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos584.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos585.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos586.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos587.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos588.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos589.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos58A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos58B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos58C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos58D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos58E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos58F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos590.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos591.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos592.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos593.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos594.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos595.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos596.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos597.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos598.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos599.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos59A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos59B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos59C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos59D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos59E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos59F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5A0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5A1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5A2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5A3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5A4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5A5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5A6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5A7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5A8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5A9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5AA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5AB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5AC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5AD.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5AE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5AF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5B0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5B1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5B2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5B3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5B4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5B5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5B6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5B7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5B8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5B9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5BA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5BB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5BC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5BD.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5BE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5BF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5C0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5C1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5C2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5C3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5C4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5C5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5C6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5C7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5C8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5C9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5CA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5CB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5CC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5CD.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5CE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5CF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5D0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5D1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5D2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5D3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5D4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5D5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5D6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5D7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5D8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5D9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5DA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5DB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5DC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5DD.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5DE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5DF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5E0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5E1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5E2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5E3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5E4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5E5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5E6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5E7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5E8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5E9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5EA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5EB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5EC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5ED.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5EE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5EF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5F0.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5F1.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5F2.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5F3.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5F4.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5F5.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5F6.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5F7.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5F8.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5F9.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5FA.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5FB.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5FC.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5FD.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5FE.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos5FF.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos600.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos601.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos602.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos603.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos604.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos605.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos606.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos607.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos608.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos609.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos60A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos60B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos60C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos60D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos60E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos60F.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos610.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos611.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos612.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos613.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos614.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos615.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos616.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos617.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos618.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos619.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos61A.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos61B.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos61C.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos61D.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos61E.tmp
C:\Documents and Settings\Glendora Wooding\My Documents\pos61F.tmp
C:\pos10.tmp
C:\pos100.tmp
C:\pos101.tmp
C:\pos102.tmp
C:\pos103.tmp
C:\pos104.tmp
C:\pos105.tmp
C:\pos106.tmp
C:\pos107.tmp
C:\pos108.tmp
C:\pos109.tmp
C:\pos10A.tmp
C:\pos10B.tmp
C:\pos10C.tmp
C:\pos10D.tmp
C:\pos10E.tmp
C:\pos10F.tmp
C:\pos11.tmp
C:\pos110.tmp
C:\pos111.tmp
C:\pos112.tmp
C:\pos113.tmp
C:\pos114.tmp
C:\pos115.tmp
C:\pos116.tmp
C:\pos117.tmp
C:\pos118.tmp
C:\pos119.tmp
C:\pos11A.tmp
C:\pos11B.tmp
C:\pos11C.tmp
C:\pos11D.tmp
C:\pos11E.tmp
C:\pos11F.tmp
C:\pos12.tmp
C:\pos120.tmp
C:\pos121.tmp
C:\pos122.tmp
C:\pos123.tmp
C:\pos124.tmp
C:\pos125.tmp
C:\pos126.tmp
C:\pos127.tmp
C:\pos128.tmp
C:\pos129.tmp
C:\pos12A.tmp
C:\pos12B.tmp
C:\pos12C.tmp
C:\pos12D.tmp
C:\pos12E.tmp
C:\pos12F.tmp
C:\pos13.tmp
C:\pos130.tmp
C:\pos131.tmp
C:\pos132.tmp
C:\pos133.tmp
C:\pos134.tmp
C:\pos135.tmp
C:\pos136.tmp
C:\pos137.tmp
C:\pos138.tmp
C:\pos139.tmp
C:\pos13A.tmp
C:\pos13B.tmp
C:\pos13C.tmp
C:\pos13D.tmp
C:\pos13E.tmp
C:\pos13F.tmp
C:\pos14.tmp
C:\pos140.tmp
C:\pos141.tmp
C:\pos142.tmp
C:\pos143.tmp
C:\pos144.tmp
C:\pos145.tmp
C:\pos146.tmp
C:\pos147.tmp
C:\pos148.tmp
C:\pos149.tmp
C:\pos14A.tmp
C:\pos14B.tmp
C:\pos14C.tmp
C:\pos14D.tmp
C:\pos14E.tmp
C:\pos14F.tmp
C:\pos15.tmp
C:\pos150.tmp
C:\pos151.tmp
C:\pos152.tmp
C:\pos153.tmp
C:\pos154.tmp
C:\pos155.tmp
C:\pos156.tmp
C:\pos157.tmp
C:\pos158.tmp
C:\pos159.tmp
C:\pos15A.tmp
C:\pos15B.tmp
C:\pos15C.tmp
C:\pos15D.tmp
C:\pos15E.tmp
C:\pos15F.tmp
C:\pos16.tmp
C:\pos160.tmp
C:\pos161.tmp
C:\pos162.tmp
C:\pos163.tmp
C:\pos164.tmp
C:\pos165.tmp
C:\pos166.tmp
C:\pos167.tmp
C:\pos168.tmp
C:\pos169.tmp
C:\pos16A.tmp
C:\pos16B.tmp
C:\pos16C.tmp
C:\pos16D.tmp
C:\pos16E.tmp
C:\pos16F.tmp
C:\pos17.tmp
C:\pos170.tmp
C:\pos171.tmp
C:\pos172.tmp
C:\pos173.tmp
C:\pos174.tmp
C:\pos175.tmp
C:\pos176.tmp
C:\pos177.tmp
C:\pos178.tmp
C:\pos179.tmp
C:\pos17A.tmp
C:\pos17B.tmp
C:\pos17C.tmp
C:\pos17D.tmp
C:\pos17E.tmp
C:\pos17F.tmp
C:\pos18.tmp
C:\pos180.tmp
C:\pos181.tmp
C:\pos182.tmp
C:\pos183.tmp
C:\pos184.tmp
C:\pos185.tmp
C:\pos186.tmp
C:\pos187.tmp
C:\pos188.tmp
C:\pos189.tmp
C:\pos18A.tmp
C:\pos18B.tmp
C:\pos18C.tmp
C:\pos18D.tmp
C:\pos18E.tmp
C:\pos18F.tmp
C:\pos19.tmp
C:\pos190.tmp
C:\pos191.tmp
C:\pos192.tmp
C:\pos193.tmp
C:\pos194.tmp
C:\pos195.tmp
C:\pos196.tmp
C:\pos197.tmp
C:\pos198.tmp
C:\pos199.tmp
C:\pos19A.tmp
C:\pos19B.tmp
C:\pos19C.tmp
C:\pos19D.tmp
C:\pos19E.tmp
C:\pos19F.tmp
C:\pos1A.tmp
C:\pos1A0.tmp
C:\pos1A1.tmp
C:\pos1A2.tmp
C:\pos1A3.tmp
C:\pos1A4.tmp
C:\pos1A5.tmp
C:\pos1A6.tmp
C:\pos1A7.tmp
C:\pos1A8.tmp
C:\pos1A9.tmp
C:\pos1AA.tmp
C:\pos1AB.tmp
C:\pos1AC.tmp
C:\pos1AD.tmp
C:\pos1AE.tmp
C:\pos1AF.tmp
C:\pos1B.tmp
C:\pos1B0.tmp
C:\pos1B1.tmp
C:\pos1B2.tmp
C:\pos1B3.tmp
C:\pos1B4.tmp
C:\pos1B5.tmp
C:\pos1B6.tmp
C:\pos1B7.tmp
C:\pos1B8.tmp
C:\pos1B9.tmp
C:\pos1BA.tmp
C:\pos1BB.tmp
C:\pos1BC.tmp
C:\pos1BD.tmp
C:\pos1BE.tmp
C:\pos1BF.tmp
C:\pos1C.tmp
C:\pos1C0.tmp
C:\pos1C1.tmp
C:\pos1C2.tmp
C:\pos1C3.tmp
C:\pos1C4.tmp
C:\pos1C5.tmp
C:\pos1C6.tmp
C:\pos1C7.tmp
C:\pos1C8.tmp
C:\pos1C9.tmp
C:\pos1CA.tmp
C:\pos1CB.tmp
C:\pos1CC.tmp
C:\pos1CD.tmp
C:\pos1CE.tmp
C:\pos1CF.tmp
C:\pos1D.tmp
C:\pos1D0.tmp
C:\pos1D1.tmp
C:\pos1D2.tmp
C:\pos1D3.tmp
C:\pos1D4.tmp
C:\pos1D5.tmp
C:\pos1D6.tmp
C:\pos1D7.tmp
C:\pos1D8.tmp
C:\pos1D9.tmp
C:\pos1DA.tmp
C:\pos1DB.tmp
C:\pos1DC.tmp
C:\pos1DD.tmp
C:\pos1DE.tmp
C:\pos1DF.tmp
C:\pos1E.tmp
C:\pos1E0.tmp
C:\pos1E1.tmp
C:\pos1E2.tmp
C:\pos1E3.tmp
C:\pos1E4.tmp
C:\pos1E5.tmp
C:\pos1E6.tmp
C:\pos1E7.tmp
C:\pos1E8.tmp
C:\pos1E9.tmp
C:\pos1EA.tmp
C:\pos1EB.tmp
C:\pos1EC.tmp
C:\pos1ED.tmp
C:\pos1EE.tmp
C:\pos1EF.tmp
C:\pos1F0.tmp
C:\pos1F1.tmp
C:\pos1F2.tmp
C:\pos1F3.tmp
C:\pos1F4.tmp
C:\pos1F5.tmp
C:\pos1F6.tmp
C:\pos1F7.tmp
C:\pos1F8.tmp
C:\pos1F9.tmp
C:\pos1FA.tmp
C:\pos1FB.tmp
C:\pos1FC.tmp
C:\pos1FD.tmp
C:\pos1FE.tmp
C:\pos1FF.tmp
C:\pos20.tmp
C:\pos200.tmp
C:\pos201.tmp
C:\pos202.tmp
C:\pos203.tmp
C:\pos204.tmp
C:\pos205.tmp
C:\pos206.tmp
C:\pos207.tmp
C:\pos208.tmp
C:\pos209.tmp
C:\pos20A.tmp
C:\pos20B.tmp
C:\pos20C.tmp
C:\pos20D.tmp
C:\pos20E.tmp
C:\pos20F.tmp
C:\pos21.tmp
C:\pos210.tmp
C:\pos211.tmp
C:\pos212.tmp
C:\pos213.tmp
C:\pos214.tmp
C:\pos215.tmp
C:\pos216.tmp
C:\pos217.tmp
C:\pos218.tmp
C:\pos219.tmp
C:\pos21A.tmp
C:\pos21B.tmp
C:\pos21C.tmp
C:\pos21D.tmp
C:\pos21E.tmp
C:\pos21F.tmp
C:\pos22.tmp
C:\pos220.tmp
C:\pos221.tmp
C:\pos222.tmp
C:\pos223.tmp
C:\pos224.tmp
C:\pos225.tmp
C:\pos226.tmp
C:\pos227.tmp
C:\pos228.tmp
C:\pos229.tmp
C:\pos22A.tmp
C:\pos22B.tmp
C:\pos22C.tmp
C:\pos22D.tmp
C:\pos22E.tmp
C:\pos22F.tmp
C:\pos23.tmp
C:\pos230.tmp
C:\pos231.tmp
C:\pos232.tmp
C:\pos233.tmp
C:\pos234.tmp
C:\pos235.tmp
C:\pos236.tmp
C:\pos237.tmp
C:\pos238.tmp
C:\pos239.tmp
C:\pos23A.tmp
C:\pos23B.tmp
C:\pos23C.tmp
C:\pos23D.tmp
C:\pos23E.tmp
C:\pos23F.tmp
C:\pos24.tmp
C:\pos240.tmp
C:\pos241.tmp
C:\pos242.tmp
C:\pos243.tmp
C:\pos244.tmp
C:\pos245.tmp
C:\pos246.tmp
C:\pos247.tmp
C:\pos248.tmp
C:\pos249.tmp
C:\pos24A.tmp
C:\pos24B.tmp
C:\pos24C.tmp
C:\pos24D.tmp
C:\pos24E.tmp
C:\pos24F.tmp
C:\pos25.tmp
C:\pos250.tmp
C:\pos251.tmp
C:\pos252.tmp
C:\pos253.tmp
C:\pos254.tmp
C:\pos255.tmp
C:\pos256.tmp
C:\pos257.tmp
C:\pos258.tmp
C:\pos259.tmp
C:\pos25A.tmp
C:\pos25B.tmp
C:\pos25C.tmp
C:\pos25D.tmp
C:\pos25E.tmp
C:\pos25F.tmp
C:\pos26.tmp
C:\pos260.tmp
C:\pos261.tmp
C:\pos262.tmp
C:\pos263.tmp
C:\pos264.tmp
C:\pos265.tmp
C:\pos266.tmp
C:\pos267.tmp
C:\pos268.tmp
C:\pos269.tmp
C:\pos26A.tmp
C:\pos26B.tmp
C:\pos26C.tmp
C:\pos26D.tmp
C:\pos26E.tmp
C:\pos26F.tmp
C:\pos27.tmp
C:\pos270.tmp
C:\pos271.tmp
C:\pos272.tmp
C:\pos273.tmp
C:\pos274.tmp
C:\pos275.tmp
C:\pos276.tmp
C:\pos277.tmp
C:\pos278.tmp
C:\pos279.tmp
C:\pos27A.tmp
C:\pos27B.tmp
C:\pos27C.tmp
C:\pos27D.tmp
C:\pos27E.tmp
C:\pos27F.tmp
C:\pos28.tmp
C:\pos280.tmp
C:\pos281.tmp
C:\pos282.tmp
C:\pos283.tmp
C:\pos284.tmp
C:\pos285.tmp
C:\pos286.tmp
C:\pos287.tmp
C:\pos288.tmp
C:\pos289.tmp
C:\pos28A.tmp
C:\pos28B.tmp
C:\pos28C.tmp
C:\pos28D.tmp
C:\pos28E.tmp
C:\pos28F.tmp
C:\pos29.tmp
C:\pos290.tmp
C:\pos291.tmp
C:\pos292.tmp
C:\pos293.tmp
C:\pos294.tmp
C:\pos295.tmp
C:\pos296.tmp
C:\pos297.tmp
C:\pos298.tmp
C:\pos299.tmp
C:\pos29A.tmp
C:\pos29B.tmp
C:\pos29C.tmp
C:\pos29D.tmp
C:\pos29E.tmp
C:\pos29F.tmp
C:\pos2A.tmp
C:\pos2A0.tmp
C:\pos2A1.tmp
C:\pos2A2.tmp
C:\pos2A3.tmp
C:\pos2A4.tmp
C:\pos2A5.tmp
C:\pos2A6.tmp
C:\pos2A7.tmp
C:\pos2A8.tmp
C:\pos2A9.tmp
C:\pos2AA.tmp
C:\pos2AB.tmp
C:\pos2AC.tmp
C:\pos2AD.tmp
C:\pos2AE.tmp
C:\pos2AF.tmp
C:\pos2B.tmp
C:\pos2B0.tmp
C:\pos2B1.tmp
C:\pos2B2.tmp
C:\pos2B3.tmp
C:\pos2B4.tmp
C:\pos2B5.tmp
C:\pos2B6.tmp
C:\pos2B7.tmp
C:\pos2B8.tmp
C:\pos2B9.tmp
C:\pos2BA.tmp
C:\pos2BB.tmp
C:\pos2BC.tmp
C:\pos2BD.tmp
C:\pos2BE.tmp
C:\pos2BF.tmp
C:\pos2C.tmp
C:\pos2C0.tmp
C:\pos2C1.tmp
C:\pos2C2.tmp
C:\pos2C3.tmp
C:\pos2C4.tmp
C:\pos2C5.tmp
C:\pos2C6.tmp
C:\pos2C7.tmp
C:\pos2C8.tmp
C:\pos2C9.tmp
C:\pos2CA.tmp
C:\pos2CB.tmp
C:\pos2CC.tmp
C:\pos2CD.tmp
C:\pos2CE.tmp
C:\pos2CF.tmp
C:\pos2D.tmp
C:\pos2D0.tmp
C:\pos2D1.tmp
C:\pos2D2.tmp
C:\pos2D3.tmp
C:\pos2D4.tmp
C:\pos2D5.tmp
C:\pos2D6.tmp
C:\pos2D7.tmp
C:\pos2D8.tmp
C:\pos2D9.tmp
C:\pos2DA.tmp
C:\pos2DB.tmp
C:\pos2DC.tmp
C:\pos2DD.tmp
C:\pos2DE.tmp
C:\pos2DF.tmp
C:\pos2E.tmp
C:\pos2E0.tmp
C:\pos2E1.tmp
C:\pos2E2.tmp
C:\pos2E3.tmp
C:\pos2E4.tmp
C:\pos2E5.tmp
C:\pos2E6.tmp
C:\pos2E7.tmp
C:\pos2E8.tmp
C:\pos2E9.tmp
C:\pos2EA.tmp
C:\pos2EB.tmp
C:\pos2EC.tmp
C:\pos2ED.tmp
C:\pos2EE.tmp
C:\pos2EF.tmp
C:\pos2F.tmp
C:\pos2F0.tmp
C:\pos2F1.tmp
C:\pos2F2.tmp
C:\pos2F3.tmp
C:\pos2F4.tmp
C:\pos2F5.tmp
C:\pos2F6.tmp
C:\pos2F7.tmp
C:\pos2F8.tmp
C:\pos2F9.tmp
C:\pos2FA.tmp
C:\pos2FB.tmp
C:\pos2FC.tmp
C:\pos2FD.tmp
C:\pos2FE.tmp
C:\pos2FF.tmp
C:\pos30.tmp
C:\pos300.tmp
C:\pos301.tmp
C:\pos302.tmp
C:\pos303.tmp
C:\pos304.tmp
C:\pos305.tmp
C:\pos306.tmp
C:\pos307.tmp
C:\pos308.tmp
C:\pos309.tmp
C:\pos30A.tmp
C:\pos30B.tmp
C:\pos30C.tmp
C:\pos30D.tmp
C:\pos30E.tmp
C:\pos30F.tmp
C:\pos31.tmp
C:\pos310.tmp
C:\pos311.tmp
C:\pos312.tmp
C:\pos313.tmp
C:\pos314.tmp
C:\pos315.tmp
C:\pos316.tmp
C:\pos317.tmp
C:\pos318.tmp
C:\pos319.tmp
C:\pos31A.tmp
C:\pos31B.tmp
C:\pos31C.tmp
C:\pos31D.tmp
C:\pos31E.tmp
C:\pos31F.tmp
C:\pos32.tmp
C:\pos320.tmp
C:\pos321.tmp
C:\pos322.tmp
C:\pos323.tmp
C:\pos324.tmp
C:\pos325.tmp
C:\pos326.tmp
C:\pos327.tmp
C:\pos328.tmp
C:\pos329.tmp
C:\pos32A.tmp
C:\pos32B.tmp
C:\pos32C.tmp
C:\pos32D.tmp
C:\pos32E.tmp
C:\pos32F.tmp
C:\pos33.tmp
C:\pos330.tmp
C:\pos331.tmp
C:\pos332.tmp
C:\pos333.tmp
C:\pos334.tmp
C:\pos335.tmp
C:\pos336.tmp
C:\pos337.tmp
C:\pos338.tmp
C:\pos339.tmp
C:\pos33A.tmp
C:\pos33B.tmp
C:\pos33C.tmp
C:\pos33D.tmp
C:\pos33E.tmp
C:\pos33F.tmp
C:\pos34.tmp
C:\pos340.tmp
C:\pos341.tmp
C:\pos342.tmp
C:\pos343.tmp
C:\pos344.tmp
C:\pos345.tmp
C:\pos346.tmp
C:\pos347.tmp
C:\pos348.tmp
C:\pos349.tmp
C:\pos34A.tmp
C:\pos34B.tmp
C:\pos34C.tmp
C:\pos34D.tmp
C:\pos34E.tmp
C:\pos34F.tmp
C:\pos35.tmp
C:\pos350.tmp
C:\pos351.tmp
C:\pos352.tmp
C:\pos353.tmp
C:\pos354.tmp
C:\pos355.tmp
C:\pos356.tmp
C:\pos357.tmp
C:\pos358.tmp
C:\pos359.tmp
C:\pos35A.tmp
C:\pos35B.tmp
C:\pos35C.tmp
C:\pos35D.tmp
C:\pos35E.tmp
C:\pos35F.tmp
C:\pos36.tmp
C:\pos360.tmp
C:\pos361.tmp
C:\pos362.tmp
C:\pos363.tmp
C:\pos364.tmp
C:\pos365.tmp
C:\pos366.tmp
C:\pos367.tmp
C:\pos368.tmp
C:\pos369.tmp
C:\pos36A.tmp
C:\pos36B.tmp
C:\pos36C.tmp
C:\pos36D.tmp
C:\pos36E.tmp
C:\pos36F.tmp
C:\pos37.tmp
C:\pos370.tmp
C:\pos371.tmp
C:\pos372.tmp
C:\pos373.tmp
C:\pos374.tmp
C:\pos375.tmp
C:\pos376.tmp
C:\pos377.tmp
C:\pos378.tmp
C:\pos379.tmp
C:\pos37A.tmp
C:\pos37B.tmp
C:\pos37C.tmp
C:\pos37D.tmp
C:\pos37E.tmp
C:\pos37F.tmp
C:\pos38.tmp
C:\pos380.tmp
C:\pos381.tmp
C:\pos382.tmp
C:\pos383.tmp
C:\pos384.tmp
C:\pos385.tmp
C:\pos386.tmp
C:\pos387.tmp
C:\pos388.tmp
C:\pos389.tmp
C:\pos38A.tmp
C:\pos38B.tmp
C:\pos38C.tmp
C:\pos38D.tmp
C:\pos38E.tmp
C:\pos38F.tmp
C:\pos39.tmp
C:\pos390.tmp
C:\pos391.tmp
C:\pos392.tmp
C:\pos393.tmp
C:\pos394.tmp
C:\pos395.tmp
C:\pos396.tmp
C:\pos397.tmp
C:\pos398.tmp
C:\pos399.tmp
C:\pos39A.tmp
C:\pos39B.tmp
C:\pos39C.tmp
C:\pos39D.tmp
C:\pos39E.tmp
C:\pos39F.tmp
C:\pos3A.tmp
C:\pos3A0.tmp
C:\pos3A1.tmp
C:\pos3A2.tmp
C:\pos3A3.tmp
C:\pos3A4.tmp
C:\pos3A5.tmp
C:\pos3A6.tmp
C:\pos3A7.tmp
C:\pos3A8.tmp
C:\pos3A9.tmp
C:\pos3AA.tmp
C:\pos3AB.tmp
C:\pos3AC.tmp
C:\pos3AD.tmp
C:\pos3AE.tmp
C:\pos3AF.tmp
C:\pos3B.tmp
C:\pos3B0.tmp
C:\pos3B1.tmp
C:\pos3B2.tmp
C:\pos3B3.tmp
C:\pos3B4.tmp
C:\pos3B5.tmp
C:\pos3B6.tmp
C:\pos3B7.tmp
C:\pos3B8.tmp
C:\pos3B9.tmp
C:\pos3BA.tmp
C:\pos3BB.tmp
C:\pos3BC.tmp
C:\pos3BD.tmp
C:\pos3BE.tmp
C:\pos3BF.tmp
C:\pos3C.tmp
C:\pos3C0.tmp
C:\pos3C1.tmp
C:\pos3C2.tmp
C:\pos3C3.tmp
C:\pos3C4.tmp
C:\pos3C5.tmp
C:\pos3C6.tmp
C:\pos3C7.tmp
C:\pos3C8.tmp
C:\pos3C9.tmp
C:\pos3CA.tmp
C:\pos3CB.tmp
C:\pos3CC.tmp
C:\pos3CD.tmp
C:\pos3CE.tmp
C:\pos3CF.tmp
C:\pos3D.tmp
C:\pos3D0.tmp
C:\pos3D1.tmp
C:\pos3D2.tmp
C:\pos3D3.tmp
C:\pos3D4.tmp
C:\pos3D5.tmp
C:\pos3D6.tmp
C:\pos3D7.tmp
C:\pos3D8.tmp
C:\pos3D9.tmp
C:\pos3DA.tmp
C:\pos3DB.tmp
C:\pos3DC.tmp
C:\pos3DD.tmp
C:\pos3DE.tmp
C:\pos3DF.tmp
C:\pos3E.tmp
C:\pos3E0.tmp
C:\pos3E1.tmp
C:\pos3E2.tmp
C:\pos3E3.tmp
C:\pos3E4.tmp
C:\pos3E5.tmp
C:\pos3E6.tmp
C:\pos3E7.tmp
C:\pos3E8.tmp
C:\pos3E9.tmp
C:\pos3EA.tmp
C:\pos3EB.tmp
C:\pos3EC.tmp
C:\pos3ED.tmp
C:\pos3EE.tmp
C:\pos3EF.tmp
C:\pos3F.tmp
C:\pos3F0.tmp
C:\pos40.tmp
C:\pos41.tmp
C:\pos42.tmp
C:\pos43.tmp
C:\pos44.tmp
C:\pos45.tmp
C:\pos46.tmp
C:\pos47.tmp
C:\pos48.tmp
C:\pos49.tmp
C:\pos4A.tmp
C:\pos4B.tmp
C:\pos4C.tmp
C:\pos4D.tmp
C:\pos4E.tmp
C:\pos4F.tmp
C:\pos50.tmp
C:\pos51.tmp
C:\pos52.tmp
C:\pos53.tmp
C:\pos54.tmp
C:\pos55.tmp
C:\pos56.tmp
C:\pos57.tmp
C:\pos58.tmp
C:\pos59.tmp
C:\pos5A.tmp
C:\pos5B.tmp
C:\pos5C.tmp
C:\pos5D.tmp
C:\pos5E.tmp
C:\pos5F.tmp
C:\pos6.tmp
C:\pos60.tmp
C:\pos61.tmp
C:\pos62.tmp
C:\pos63.tmp
C:\pos64.tmp
C:\pos65.tmp
C:\pos66.tmp
C:\pos67.tmp
C:\pos68.tmp
C:\pos69.tmp
C:\pos6A.tmp
C:\pos6B.tmp
C:\pos6C.tmp
C:\pos6D.tmp
C:\pos6E.tmp
C:\pos6F.tmp
C:\pos7.tmp
C:\pos70.tmp
C:\pos71.tmp
C:\pos72.tmp
C:\pos73.tmp
C:\pos74.tmp
C:\pos75.tmp
C:\pos76.tmp
C:\pos77.tmp
C:\pos78.tmp
C:\pos79.tmp
C:\pos7A.tmp
C:\pos7B.tmp
C:\pos7C.tmp
C:\pos7D.tmp
C:\pos7E.tmp
C:\pos7F.tmp
C:\pos8.tmp
C:\pos80.tmp
C:\pos81.tmp
C:\pos82.tmp
C:\pos83.tmp
C:\pos84.tmp
C:\pos85.tmp
C:\pos86.tmp
C:\pos87.tmp
C:\pos88.tmp
C:\pos89.tmp
C:\pos8A.tmp
C:\pos8B.tmp
C:\pos8C.tmp
C:\pos8D.tmp
C:\pos8E.tmp
C:\pos8F.tmp
C:\pos90.tmp
C:\pos91.tmp
C:\pos92.tmp
C:\pos93.tmp
C:\pos94.tmp
C:\pos95.tmp
C:\pos96.tmp
C:\pos97.tmp
C:\pos98.tmp
C:\pos99.tmp
C:\pos9A.tmp
C:\pos9B.tmp
C:\pos9C.tmp
C:\pos9D.tmp
C:\pos9E.tmp
C:\pos9F.tmp
C:\posA0.tmp
C:\posA1.tmp
C:\posA2.tmp
C:\posA3.tmp
C:\posA4.tmp
C:\posA5.tmp
C:\posA6.tmp
C:\posA7.tmp
C:\posA8.tmp
C:\posA9.tmp
C:\posAA.tmp
C:\posAB.tmp
C:\posAC.tmp
C:\posAD.tmp
C:\posAE.tmp
C:\posAF.tmp
C:\posB.tmp
C:\posB0.tmp
C:\posB1.tmp
C:\posB2.tmp
C:\posB3.tmp
C:\posB4.tmp
C:\posB5.tmp
C:\posB6.tmp
C:\posB7.tmp
C:\posB8.tmp
C:\posB9.tmp
C:\posBA.tmp
C:\posBB.tmp
C:\posBC.tmp
C:\posBD.tmp
C:\posBE.tmp
C:\posBF.tmp
C:\posC.tmp
C:\posC0.tmp
C:\posC1.tmp
C:\posC2.tmp
C:\posC3.tmp
C:\posC4.tmp
C:\posC5.tmp
C:\posC6.tmp
C:\posC7.tmp
C:\posC8.tmp
C:\posC9.tmp
C:\posCA.tmp
C:\posCB.tmp
C:\posCC.tmp
C:\posCD.tmp
C:\posCE.tmp
C:\posCF.tmp
C:\posD.tmp
C:\posD0.tmp
C:\posD1.tmp
C:\posD2.tmp
C:\posD3.tmp
C:\posD4.tmp
C:\posD5.tmp
C:\posD6.tmp
C:\posD7.tmp
C:\posD8.tmp
C:\posD9.tmp
C:\posDA.tmp
C:\posDB.tmp
C:\posDC.tmp
C:\posDD.tmp
C:\posDE.tmp
C:\posDF.tmp
C:\posE.tmp
C:\posE0.tmp
C:\posE1.tmp
C:\posE2.tmp
C:\posE3.tmp
C:\posE4.tmp
C:\posE5.tmp
C:\posE6.tmp
C:\posE7.tmp
C:\posE8.tmp
C:\posE9.tmp
C:\posEA.tmp
C:\posEB.tmp
C:\posEC.tmp
C:\posED.tmp
C:\posEE.tmp
C:\posEF.tmp
C:\posF.tmp
C:\posF0.tmp
C:\posF1.tmp
C:\posF2.tmp
C:\posF3.tmp
C:\posF4.tmp
C:\posF5.tmp
C:\posF6.tmp
C:\posF7.tmp
C:\posF8.tmp
C:\posF9.tmp
C:\posFA.tmp
C:\posFB.tmp
C:\posFC.tmp
C:\posFD.tmp
C:\posFE.tmp
C:\posFF.tmp
C:\WINDOWS\system32\drivers\svchost.exe
C:\WINDOWS\system32\jscbohps.dll
C:\WINDOWS\system32\jscbohps.dllbox
C:\WINDOWS\system32\klnnn.ini
C:\WINDOWS\system32\klnnn.ini2
C:\WINDOWS\system32\mvxxamcr.dll
C:\WINDOWS\system32\nnnlk.dll
C:\WINDOWS\system32\nnnlk.exe
C:\WINDOWS\system32\pgfosulu.dll
C:\WINDOWS\system32\windows
.
---- Previous Run -------
.
C:\Program Files\Helper
C:\Program Files\Helper\superfindout.dll
C:\WINDOWS\25651.exe
C:\WINDOWS\3427.exe
C:\WINDOWS\37594.exe
C:\WINDOWS\43098.exe
C:\WINDOWS\system32\alog.txt
C:\WINDOWS\system32\ctfmon.exe.tmp
C:\WINDOWS\system32\klnnn.ini
C:\WINDOWS\system32\klnnn.ini2
C:\WINDOWS\system32\nnnlk.dll
C:\WINDOWS\system32\nnnlk.exe
C:\WINDOWS\system32\RCX8.tmp

.
((((((((((((((((((((((((( Files Created from 2007-12-25 to 2008-01-25 )))))))))))))))))))))))))))))))
.

2008-01-24 14:10 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe
2008-01-23 00:43 . 2008-01-23 00:43 1 --a------ C:\WINDOWS\system32\rc.dat
2008-01-23 00:43 . 2008-01-23 00:43 1 --a------ C:\WINDOWS\system32\ps1.dat
2008-01-23 00:43 . 2008-01-23 00:43 1 --a------ C:\WINDOWS\system32\cs.dat
2008-01-22 21:07 . 2004-08-04 07:56 116,224 --a------ C:\WINDOWS\system32\dllcache\xrxwiadr.dll
2008-01-22 21:07 . 2001-08-17 22:37 99,865 --a------ C:\WINDOWS\system32\dllcache\xlog.exe
2008-01-22 21:07 . 2001-08-17 22:37 27,648 --a------ C:\WINDOWS\system32\dllcache\xrxftplt.exe
2008-01-22 21:07 . 2001-08-17 22:36 23,040 --a------ C:\WINDOWS\system32\dllcache\xrxwbtmp.dll
2008-01-22 21:07 . 2004-08-04 05:29 19,455 --a------ C:\WINDOWS\system32\dllcache\wvchntxx.sys
2008-01-22 21:07 . 2001-08-17 22:36 17,408 --a------ C:\WINDOWS\system32\dllcache\xrxscnui.dll
2008-01-22 21:07 . 2001-08-17 12:11 16,970 --a------ C:\WINDOWS\system32\dllcache\xem336n5.sys
2008-01-22 21:07 . 2004-08-04 05:29 12,063 --a------ C:\WINDOWS\system32\dllcache\wsiintxx.sys
2008-01-22 21:07 . 2004-08-04 07:56 8,192 --a------ C:\WINDOWS\system32\dllcache\wshirda.dll
2008-01-22 21:07 . 2001-08-17 22:37 4,608 --a------ C:\WINDOWS\system32\dllcache\xrxflnch.exe
2008-01-22 21:05 . 2001-08-17 22:36 525,568 --a------ C:\WINDOWS\system32\dllcache\tridxp.dll
2008-01-22 21:04 . 2001-08-17 13:28 899,146 --a------ C:\WINDOWS\system32\dllcache\r2mdkxga.sys
2008-01-22 21:03 . 2001-08-17 14:05 351,616 --a------ C:\WINDOWS\system32\dllcache\ovcodek2.sys
2008-01-22 21:02 . 2001-08-17 13:28 802,683 --a------ C:\WINDOWS\system32\dllcache\ltsm.sys
2008-01-22 21:01 . 2001-08-17 13:28 727,786 --a------ C:\WINDOWS\system32\dllcache\ltck000c.sys
2008-01-22 21:00 . 2004-08-04 07:56 702,845 --a------ C:\WINDOWS\system32\dllcache\i81xdnt5.dll
2008-01-22 20:59 . 2001-08-17 14:56 1,733,120 --a------ C:\WINDOWS\system32\dllcache\g400d.dll
2008-01-22 20:58 . 2001-08-17 12:14 952,007 --a------ C:\WINDOWS\system32\dllcache\diwan.sys
2008-01-22 20:57 . 2001-08-17 12:13 980,034 --a------ C:\WINDOWS\system32\dllcache\cicap.sys
2008-01-22 20:56 . 2001-08-17 13:28 762,780 --a------ C:\WINDOWS\system32\dllcache\3cwmcru.sys
2008-01-22 20:55 . 2001-08-17 14:56 66,048 --a------ C:\WINDOWS\system32\dllcache\s3legacy.dll
2008-01-22 20:50 . 2008-01-23 12:32 <DIR> d--hs---- C:\WINDOWS\system32\dllcache
2008-01-22 17:03 . 2008-01-22 11:44 5,914,648 --a------ C:\SUPERAntiSpyware.exe
2008-01-22 17:03 . 2008-01-21 20:16 476,717 --a------ C:\WinPFind35u.exe
2008-01-22 17:03 . 2008-01-22 11:42 132,608 --a------ C:\VundoFix.exe
2008-01-20 20:41 . 2008-01-21 23:23 53,760 --a------ C:\WINDOWS\system32\ktask.dll
2008-01-20 20:41 . 2008-01-20 21:51 53,760 --a------ C:\WINDOWS\system32\btask.dll
2008-01-20 16:08 . 2008-01-25 16:50 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-20 16:08 . 2008-01-20 16:08 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-15 18:45 . 2008-01-15 18:45 679,424 --a------ C:\WINDOWS\isRS-000.tmp
2008-01-15 18:23 . 2008-01-15 18:24 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-01-13 03:44 . 2008-01-22 19:18 <DIR> d-------- C:\VundoFix Backups
2008-01-13 01:13 . 2008-01-13 01:13 <DIR> d-------- C:\Program Files\Lavasoft
2008-01-12 18:52 . 2008-01-25 17:41 <DIR> d-------- C:\Program Files\TrojanHunter 5.0
2008-01-12 14:19 . 2008-01-20 17:55 2,201 --a------ C:\WINDOWS\wininit.ini
2008-01-12 13:40 . 2008-01-12 13:40 <DIR> d-------- C:\Program Files\Trend Micro
2008-01-11 20:39 . 2008-01-11 22:29 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-01-11 19:32 . 2008-01-11 22:24 <DIR> d-------- C:\Program Files\RogueRemover FREE
2008-01-08 00:39 . 2008-01-25 17:41 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-01-07 23:07 . 2008-01-07 23:07 <DIR> d-------- C:\Deckard
2008-01-07 22:10 . 2008-01-25 17:41 355,328 --a------ C:\WINDOWS\system32\ctfmon.exe
2008-01-07 21:38 . 2008-01-07 21:38 <DIR> d-------- C:\Programas
2008-01-07 17:21 . 2008-01-07 17:48 <DIR> d-------- C:\Program Files\MagicDisc
2008-01-06 20:31 . 2008-01-20 16:26 <DIR> d-------- C:\Program Files\RESIDENT EVIL
2008-01-06 18:04 . 2008-01-06 18:04 <DIR> d-------- C:\Program Files\MagicISO
2008-01-05 23:22 . 2008-01-05 23:22 <DIR> d-------- C:\Program Files\Tierra
2008-01-04 21:47 . 2008-01-04 21:47 <DIR> d-------- C:\Program Files\LucasFan Games
2007-12-31 19:56 . 2008-01-25 17:42 <DIR> d-------- C:\Program Files\iTunes
2007-12-31 17:03 . 2007-12-31 17:03 1,499,136 --a------ C:\WINDOWS\system32\BTCPatcher.exe
2007-12-31 17:03 . 2007-12-31 17:03 37,888 --a------ C:\WINDOWS\system32\rar.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-25 17:42 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-01-13 09:10 --------- d-----w C:\Program Files\Java
2008-01-12 14:22 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-01-08 00:20 715,248 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-01-03 20:21 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-03 20:21 --------- d-----w C:\Program Files\Creative
2008-01-03 20:15 --------- d-----w C:\Program Files\DivX
2007-12-31 19:57 --------- d-----w C:\Program Files\iPod
2007-12-31 19:54 --------- d-----w C:\Program Files\QuickTime
2007-12-22 15:11 --------- d-----w C:\Program Files\VideoLAN
2007-12-21 08:21 71,176 ----a-w C:\WINDOWS\system32\drivers\epfw.sys
2007-12-21 08:21 53,768 ----a-w C:\WINDOWS\system32\drivers\epfwtdi.sys
2007-12-21 08:21 30,728 ----a-w C:\WINDOWS\system32\drivers\epfwndis.sys
2007-12-21 08:20 30,216 ----a-w C:\WINDOWS\system32\drivers\easdrv.sys
2007-12-21 08:19 39,944 ----a-w C:\WINDOWS\system32\drivers\eamon.sys
2007-11-30 05:22 --------- d-----w C:\Program Files\Matroska Pack
.

((((((((((((((((((((((((((((( snapshot@2008-01-24_14.37.41.30 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-01-24 14:12:02 1,429,504 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\Users\00000001\NTUSER.DAT
+ 2008-01-25 17:38:59 1,429,504 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\Users\00000001\NTUSER.DAT
- 2008-01-24 14:12:02 8,192 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\Users\00000002\UsrClass.dat
+ 2008-01-25 17:38:59 8,192 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\Users\00000002\UsrClass.dat
- 2008-01-24 14:12:02 1,429,504 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\Users\00000003\ntuser.dat
+ 2008-01-25 17:38:59 1,429,504 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\Users\00000003\ntuser.dat
- 2008-01-24 14:12:02 8,192 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\Users\00000004\UsrClass.dat
+ 2008-01-25 17:39:00 8,192 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\Users\00000004\UsrClass.dat
- 2008-01-24 14:12:02 3,649,536 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\Users\00000005\ntuser.dat
+ 2008-01-25 17:39:00 3,649,536 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\Users\00000005\ntuser.dat
- 2008-01-24 14:12:02 151,552 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\Users\00000006\UsrClass.dat
+ 2008-01-25 17:39:00 151,552 ----a-w C:\WINDOWS\ERDNT\Hiv-backup\Users\00000006\UsrClass.dat
- 2004-08-04 07:56:53 158,208 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Binaries\msconfig.exe
+ 2008-01-11 22:34:47 158,208 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E1290342-AAFF-4f7c-9F45-D665E4BF1A00}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-01-25 17:41 355328]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-01-25 17:42 1771008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [ ]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [ ]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [ ]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [ ]
"PRONoMgr.exe"="C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe" [ ]
"Easy-PrintToolBox"="C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.exe" [ ]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [ ]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-01-25 17:42 696832]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [ ]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2008-01-25 17:42 1906688]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-01-25 17:41 355328]
"Symantec NetDriver Warning"="C:\PROGRA~1\SYMNET~1\SNDWarn.exe" [2004-10-29 08:52 218232]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SRUUninstall"="C:\WINDOWS\system32\msiexec.exe" [2005-03-21 14:00 78848]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]
C:\WINDOWS\System32\LgNotify.dll 2003-12-16 15:49 110592 C:\WINDOWS\system32\LgNotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SoundMan"=SOUNDMAN.EXE
"CHotkey"=mHotkey.exe


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fed78bd1-9939-11dc-8099-0090f5490c06}]
\Shell\AutoRun\command - F:\panel.exe -SecondCD

.
Contents of the 'Scheduled Tasks' folder
"2007-12-31 12:18:19 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-25 18:22:23
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.


-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Friday, January 25, 2008 10:08:47 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 25/01/2008
Kaspersky Anti-Virus database records: 532688
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 59724
Number of viruses found: 22
Number of infected objects: 666
Number of suspicious objects: 0
Duration of the scan process: 01:13:48

Infected Object Name / Virus Name / Last Action
C:\!KillBox\khfgg.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\!KillBox\khfgg.dll( 1) Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\!KillBox\khfgg.dll( 2) Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\!KillBox\khfgg.dll( 3) Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\avenger\backup.zip/avenger/dxdss.sys Infected: Trojan.Win32.Pakes.bxx skipped
C:\avenger\backup.zip/avenger/nnnlk.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\avenger\backup.zip/avenger/nnnlk.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\avenger\backup.zip/avenger/svchost.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\avenger\backup.zip ZIP: infected - 4 skipped
C:\Deckard\System Scanner\20080115163423\backup\DOCUME~1\Cunny\LOCALS~1\Temp\BIT3B8.tmp/stream/data0002 Infected: not-a-virus:AdWare.Win32.Vapsup.jp skipped
C:\Deckard\System Scanner\20080115163423\backup\DOCUME~1\Cunny\LOCALS~1\Temp\BIT3B8.tmp/stream/data0003 Infected: not-a-virus:AdWare.Win32.Vapsup.ki skipped
C:\Deckard\System Scanner\20080115163423\backup\DOCUME~1\Cunny\LOCALS~1\Temp\BIT3B8.tmp/stream/data0004 Infected: not-a-virus:AdWare.Win32.Vapsup.jm skipped
C:\Deckard\System Scanner\20080115163423\backup\DOCUME~1\Cunny\LOCALS~1\Temp\BIT3B8.tmp/stream/data0005 Infected: not-a-virus:AdWare.Win32.Vapsup.jo skipped
C:\Deckard\System Scanner\20080115163423\backup\DOCUME~1\Cunny\LOCALS~1\Temp\BIT3B8.tmp/stream/data0007 Infected: not-a-virus:AdWare.Win32.Vapsup.jf skipped
C:\Deckard\System Scanner\20080115163423\backup\DOCUME~1\Cunny\LOCALS~1\Temp\BIT3B8.tmp/stream/data0008 Infected: not-a-virus:AdWare.Win32.Vapsup.jn skipped
C:\Deckard\System Scanner\20080115163423\backup\DOCUME~1\Cunny\LOCALS~1\Temp\BIT3B8.tmp/stream Infected: not-a-virus:AdWare.Win32.Vapsup.jn skipped
C:\Deckard\System Scanner\20080115163423\backup\DOCUME~1\Cunny\LOCALS~1\Temp\BIT3B8.tmp NSIS: infected - 7 skipped
C:\Deckard\System Scanner\20080115163423\backup\DOCUME~1\Cunny\LOCALS~1\Temp\RCX19.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Deckard\System Scanner\20080115163423\backup\DOCUME~1\Cunny\LOCALS~1\Temp\RCX1C.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Deckard\System Scanner\20080115163423\backup\DOCUME~1\Cunny\LOCALS~1\Temp\RCX1F.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Deckard\System Scanner\20080115163423\backup\DOCUME~1\Cunny\LOCALS~1\Temp\SAB67.ZIP/movctrlnkd.dll Infected: not-a-virus:AdWare.Win32.Vapsup.jf skipped
C:\Deckard\System Scanner\20080115163423\backup\DOCUME~1\Cunny\LOCALS~1\Temp\SAB67.ZIP/nssfrch.dll Infected: not-a-virus:AdWare.Win32.Vapsup.jk skipped
C:\Deckard\System Scanner\20080115163423\backup\DOCUME~1\Cunny\LOCALS~1\Temp\SAB67.ZIP ZIP: infected - 2 skipped
C:\Deckard\System Scanner\20080115163423\backup\DOCUME~1\Cunny\LOCALS~1\Temp\TEMP.ZIP/BTCPatcher.exe Infected: Trojan-Dropper.Win32.Agent.dmy skipped
C:\Deckard\System Scanner\20080115163423\backup\DOCUME~1\Cunny\LOCALS~1\Temp\TEMP.ZIP CAB: infected - 1 skipped
C:\Documents and Settings\Administrator\Desktop\WinPFind35u\MovedFiles\01222008_204353\WINDOWS\System32\nnnlk.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Administrator\Desktop\WinPFind35u\MovedFiles\01222008_204353\WINDOWS\System32\NTSpool.exe Infected: Backdoor.Win32.SdBot.crq skipped
C:\Documents and Settings\Administrator\Desktop\WinPFind35u\MovedFiles\01222008_204353\WINDOWS\System32\opnmnmk.dll Infected: Trojan-Downloader.Win32.Small.hqz skipped
C:\Documents and Settings\Administrator\Desktop\WinPFind35u\MovedFiles\01222008_204353\WINDOWS\System32\tardeme2.dll Infected: Trojan-Spy.Win32.Banker.hcc skipped
C:\Documents and Settings\Administrator\Desktop\WinPFind35u\MovedFiles\01222008_204353\WINDOWS\System32\tardm2.dll Infected: Trojan-Spy.Win32.Banker.hcc skipped
C:\Documents and Settings\Administrator\Desktop\WinPFind35u\MovedFiles\01222008_204907\WINDOWS\System32\nnnlk.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\All Users\Documents\MagicISO Maker 5.4.251.exe/data.rar/_gorvedi.exe Infected: Backdoor.Win32.DSSdoor.d skipped
C:\Documents and Settings\All Users\Documents\MagicISO Maker 5.4.251.exe/data.rar Infected: Backdoor.Win32.DSSdoor.d skipped
C:\Documents and Settings\All Users\Documents\MagicISO Maker 5.4.251.exe RarSFX: infected - 2 skipped
C:\Documents and Settings\Cunny\1 Infected: Backdoor.Win32.SdBot.crq skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\mofugclq.exe Infected: not-a-virus:Downloader.Win32.WinFixer.ba skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\qrjatydi.exe Infected: not-a-virus:Downloader.Win32.WinFixer.ba skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX10.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX11.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX113.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX116.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX11C.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX12.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX13.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX14.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX15.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX16.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX17.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX175.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX18.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX19.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX1A.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX1B.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX1C.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX1D.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX1E.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX1F.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX20.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX21.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX22.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX23.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX24.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX25.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX26.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX27.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX28.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX29.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX2A.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX2C.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX2D.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX2E.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX2F.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX30.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX31.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX32.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX33.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX34.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX35.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX36.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX37.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX38.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX39.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX3A.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX3B.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX3C.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX3D.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX3E.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX3F.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX43.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX44.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX53.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX56.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX5C.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX6A1.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX6AF.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX6B3.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX6BD.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX9281.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX9424.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCX976B.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCXB.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCXC.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCXD.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCXE.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\RCXF.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\TEMP.ZIP/BTCPatcher.exe Infected: Trojan-Dropper.Win32.Agent.dmy skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\TEMP.ZIP CAB: infected - 1 skipped
C:\Documents and Settings\Cunny\Local Settings\Temp\TMP17.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Glendora Wooding\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Glendora Wooding\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Glendora Wooding\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Glendora Wooding\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Glendora Wooding\Local Settings\Temp\RCX4.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Glendora Wooding\Local Settings\Temp\RCX9.tmp Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Documents and Settings\Glendora Wooding\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Glendora Wooding\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Glendora Wooding\ntuser.dat Object is locked skipped
C:\Documents and Settings\Glendora Wooding\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\ESET\ESET Smart Security\egui.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\iTunes\iTunesHelper.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\ctfmon.exe.tmp.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\nnnlk.exe.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\pgfosulu.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\RCX8.tmp.vir Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\windows.vir Infected: Trojan.Win32.Zapchast.dt skipped
C:\QooBox\Quarantine\catchme2008-01-24_142839.40.zip/nnnlk.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\QooBox\Quarantine\catchme2008-01-24_142839.40.zip ZIP: infected - 1 skipped
C:\QooBox\Quarantine\catchme2008-01-25_182213.58.zip/jscbohps.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\QooBox\Quarantine\catchme2008-01-25_182213.58.zip/nnnlk.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dyx skipped
C:\QooBox\Quarantine\catchme2008-01-25_182213.58.zip ZIP: infected - 2 skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP444\A0114853.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP444\A0114859.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP444\A0114862.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP444\A0114868.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP445\A0114902.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP445\A0114904.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP445\A0114906.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP445\A0114911.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP445\A0114918.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP445\A0114961.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP445\A0114962.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP445\A0114964.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP445\A0114966.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP445\A0114971.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP446\A0114996.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP446\A0114997.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP446\A0114998.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP446\A0115004.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP446\A0115006.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP446\A0115029.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP446\A0115030.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP446\A0115032.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP446\A0115037.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP446\A0115038.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP446\A0115055.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP446\A0115056.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP446\A0115058.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP446\A0115063.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP446\A0115065.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP446\A0116056.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP446\A0116057.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP446\A0116058.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP446\A0116059.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP446\A0116061.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP447\A0116067.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP447\A0116068.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP447\A0116069.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP447\A0116070.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP447\A0116071.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP447\A0116072.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP447\A0116073.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP447\A0116182.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dlm skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP447\A0116187.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP447\A0116330.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP447\A0116344.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP447\A0116347.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP447\A0116350.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP447\A0116365.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP447\A0116768.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP448\A0116777.exe Infected: Trojan.Win32.Pakes.bxx skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP449\A0116797.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.din skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP449\A0116801.dll Infected: not-a-virus:AdWare.Win32.BHO.rh skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP449\A0116807.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP449\A0116813.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP449\A0116817.dll Infected: not-a-virus:AdWare.Win32.BHO.rh skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP449\A0116818.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP449\A0116819.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP449\A0116820.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP449\A0116822.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP449\A0116826.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP449\A0117809.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP449\A0117810.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP449\A0117811.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP449\A0117812.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP449\A0117813.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP450\A0117817.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP450\A0117818.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP450\A0117819.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP450\A0117820.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP450\A0117821.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP450\A0117822.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP450\A0117832.dll Infected: not-a-virus:AdWare.Win32.BHO.rh skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP450\A0117879.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.din skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP450\A0117884.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP450\A0117885.dll Infected: Trojan-Spy.Win32.Banker.hcc skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP450\A0117892.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP450\A0118268.dll Infected: not-a-virus:AdWare.Win32.BHO.rh skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP450\A0118270.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP450\A0118272.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP450\A0118273.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP450\A0118275.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP450\A0118276.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP450\A0118277.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0118280.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0118281.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0118282.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0118284.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0118286.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0118288.dll Infected: not-a-virus:AdWare.Win32.BHO.rh skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0118343.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.din skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0118348.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0118349.dll Infected: Trojan-Spy.Win32.Banker.hcc skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0118356.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0118732.dll Infected: not-a-virus:AdWare.Win32.BHO.rh skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0118736.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0118737.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0118739.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0118740.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0118741.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119734.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119735.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119736.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119737.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119738.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119746.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119748.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119749.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119750.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119751.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119752.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119754.dll Infected: not-a-virus:AdWare.Win32.BHO.rh skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119775.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119777.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119778.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119779.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119780.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119782.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119791.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119793.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119794.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119795.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119796.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119797.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119798.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119808.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119810.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119811.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119812.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119813.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119814.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119815.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119826.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119828.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119829.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119830.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119831.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119832.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119833.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119841.dll Infected: not-a-virus:AdWare.Win32.BHO.rh skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119843.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119844.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119845.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119846.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119847.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119849.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP451\A0119850.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP452\A0119861.dll Infected: not-a-virus:AdWare.Win32.BHO.rh skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP452\A0119874.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP452\A0119896.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP454\A0120843.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP454\A0120844.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP454\A0120846.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP454\A0120848.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP455\A0121842.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP455\A0121844.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP455\A0121846.dll Infected: not-a-virus:AdWare.Win32.BHO.rh skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP455\A0121848.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP455\A0121850.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP455\A0121853.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP455\A0122842.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP455\A0122843.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP455\A0122844.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP455\A0122845.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP455\A0122846.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP455\A0122847.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP455\A0122848.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP455\A0122851.dll Infected: not-a-virus:AdWare.Win32.BHO.rh skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP455\A0123040.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP455\A0123042.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP455\A0123043.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP455\A0123044.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP455\A0123046.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP455\A0123047.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP455\A0123048.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP455\A0123049.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP456\A0123053.dll Infected: not-a-virus:AdWare.Win32.BHO.rh skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP456\A0124038.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP456\A0124039.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP456\A0124040.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP456\A0124041.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP456\A0124042.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP456\A0124043.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP456\A0124044.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP456\A0124046.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP456\A0124047.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.din skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP456\A0124055.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP456\A0124064.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP456\A0124067.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP456\A0124069.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP456\A0124070.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP456\A0124071.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP457\A0124077.dll Infected: not-a-virus:AdWare.Win32.BHO.rh skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP457\A0124083.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP457\A0124087.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP457\A0124088.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP457\A0124089.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP457\A0124090.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP457\A0124091.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP458\A0124097.dll Infected: not-a-virus:AdWare.Win32.BHO.rh skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP459\A0124105.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP459\A0124107.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP459\A0124108.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP459\A0124109.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP459\A0124110.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP459\A0124111.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP460\A0124117.dll Infected: not-a-virus:AdWare.Win32.BHO.rh skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP461\A0124124.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dqi skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP461\A0124125.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP461\A0124138.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP461\A0124139.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP461\A0124145.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP461\A0124146.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP461\A0124148.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP461\A0124149.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP463\A0124169.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP463\A0124171.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP463\A0124176.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP463\A0124177.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP463\A0124178.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP464\A0124182.dll Infected: not-a-virus:AdWare.Win32.BHO.rh skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP464\A0124196.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP464\A0124198.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP464\A0124199.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP464\A0124200.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP464\A0124201.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP464\A0124202.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124211.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124220.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124221.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124222.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124232.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124234.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124235.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124236.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124237.dll Infected: not-a-virus:AdWare.Win32.BHO.rh skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124241.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124243.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124260.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124262.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124263.dll Infected: not-a-virus:AdWare.Win32.BHO.rh skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124264.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124267.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124271.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124272.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124281.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124283.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124284.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124285.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124286.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124287.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124290.dll Infected: not-a-virus:AdWare.Win32.BHO.rh skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124292.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dnn skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124296.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124298.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124299.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124303.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124304.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP465\A0124305.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP466\A0124308.dll Infected: not-a-virus:AdWare.Win32.BHO.rh skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP466\A0124323.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP466\A0124324.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP466\A0124325.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP466\A0124327.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP466\A0124328.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP466\A0124331.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP466\A0124363.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP466\A0124368.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP466\A0124369.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP466\A0124371.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP466\A0124372.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP466\A0124377.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP466\A0124397.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP466\A0124401.dll Infected: not-a-virus:AdWare.Win32.BHO.rh skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP466\A0124404.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP466\A0124409.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP466\A0124411.exe Infected: Trojan-Dropper.Win32.Agent.dgo skipped
C:\System Volume Information\_restore{8BA43D27-A4EA-4627-BCC1-99CF2EA08FFB}\RP466&