Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please Help, Logs Included


  • Please log in to reply
1 reply to this topic

#1 kelly23

kelly23

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:21 AM

Posted 28 January 2008 - 06:53 AM

Hi - Hope you can help, I inherited my current laptop from someone else and I've had problem after problem since I got it, most recently with ad pop-ups and also error windows on start-up but running ad-aware seemed to get rid of all the intrusive stuff. However, this morning turned it on and more error windows and when I opened internet explorer and tried to go to any address tab upon tab opened up and I had to end task IE to stop it. Also my anti-virus program (McAfee) won't start anymore, error comes up saying myAgtTry.exe can't be found. Help would be greatly appreciated, it's driving me crazy!!

I found a suggestion in a post by a user having the same problems to run combofix and hijackthis and post the logs so:

ComboFix:

ComboFix 08-01-28.2 - Kelly Ridpath 2008-01-28 10:47:57.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.396 [GMT 0:00]
Running from: C:\Documents and Settings\Kelly Ridpath\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\b104.exe
C:\WINDOWS\Downloaded Program Files\UGA6P_0001_N122M2210NetInstaller.exe
C:\WINDOWS\system32\qwgavndl.dll
C:\WINDOWS\system32\sstqp.dll
C:\WINDOWS\uninstall_nmon.vbs
C:\Documents and Settings\Kelly Ridpath\My Documents\ECURIT~1
C:\Documents and Settings\Kelly Ridpath\My Documents\posA79.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA7A.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA7B.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA7C.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA7D.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA7E.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA7F.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA80.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA81.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA82.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA83.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA84.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA85.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA86.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA87.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA88.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA89.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA8A.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA8B.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA8C.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA8D.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA8E.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA8F.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA90.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA91.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA92.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA93.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA94.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA95.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA96.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA97.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA98.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA99.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA9A.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA9B.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA9C.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA9D.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA9E.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posA9F.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAA0.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAA1.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAA2.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAA3.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAA4.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAA5.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAA6.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAA7.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAA8.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAA9.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAAA.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAAB.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAAC.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAAD.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAAE.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAAF.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAB0.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAB1.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAB2.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAB3.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAB4.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAB5.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAB6.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAB7.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAB8.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAB9.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posABA.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posABB.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posABC.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posABD.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posABE.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posABF.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAC0.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAC1.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAC2.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAC3.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAC4.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAC5.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAC6.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAC7.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAC8.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAC9.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posACA.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posACB.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posACC.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posACD.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posACE.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posACF.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAD0.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAD1.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAD2.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAD3.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAD4.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAD5.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAD6.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAD7.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAD8.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAD9.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posADA.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posADB.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posADC.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posADD.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posADE.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posADF.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAE0.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAE1.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAE2.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAE3.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAE4.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAE5.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAE6.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAE7.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAE8.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAE9.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAEA.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAEB.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAEC.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAED.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAEE.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAEF.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAF0.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAF1.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAF2.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAF3.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAF4.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAF5.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAF6.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAF7.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAF8.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAF9.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAFA.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAFB.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAFC.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAFD.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAFE.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posAFF.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB00.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB01.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB02.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB03.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB04.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB05.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB06.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB07.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB08.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB09.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB0A.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB0B.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB0C.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB0D.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB0E.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB0F.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB10.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB11.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB12.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB13.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB14.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB15.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB16.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB17.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB18.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB19.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB1A.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB1B.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB1C.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB1D.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB1E.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB1F.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB20.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB21.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB22.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB23.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB24.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB25.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB26.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB27.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB28.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB29.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB2A.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB2B.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB2C.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB2D.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB2E.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB2F.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB30.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB31.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB32.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB33.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB34.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB35.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB36.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB37.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB38.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB39.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB3A.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB3B.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB3C.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB3D.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB3E.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB3F.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB40.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB41.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB42.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB43.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB44.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB45.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB46.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB47.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB48.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB49.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB4A.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB4B.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB4C.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB4D.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB4E.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB4F.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB50.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB51.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB52.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB53.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB54.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB55.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB56.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB57.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB58.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB59.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB5A.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB5B.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB5C.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB5D.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB5E.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB5F.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB60.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB61.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB62.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB63.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB64.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB65.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB66.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB67.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB68.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB69.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB6A.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB6B.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB6C.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB6D.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB6E.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB6F.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB70.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB71.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB72.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB73.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB74.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB75.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB76.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB77.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB78.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB79.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB7A.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB7B.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB7C.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB7D.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB7E.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB7F.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB80.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB81.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB82.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB83.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB84.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB85.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB86.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB87.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB88.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB89.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB8A.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB8B.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB8C.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB8D.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB8E.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB8F.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB90.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB91.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB92.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB93.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB94.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB95.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB96.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB97.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB98.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB99.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB9A.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB9B.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB9C.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB9D.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB9E.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posB9F.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBA0.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBA1.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBA2.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBA3.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBA4.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBA5.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBA6.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBA7.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBA8.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBA9.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBAA.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBAB.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBAC.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBAD.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBAE.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBAF.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBB0.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBB1.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBB2.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBB3.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBB4.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBB5.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBB6.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBB7.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBB8.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBB9.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBBA.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBBB.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBBC.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBBD.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBBE.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBBF.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBC0.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBC1.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBC2.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBC3.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBC4.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBC5.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBC6.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBC7.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBC8.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBC9.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBCA.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBCB.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBCC.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBCD.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBCE.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBCF.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBD0.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBD1.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBD2.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBD3.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBD4.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBD5.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBD6.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBD7.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBD8.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBD9.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBDA.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBDB.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBDC.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBDD.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBDE.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBDF.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBE0.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBE1.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBE2.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBE3.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBE4.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBE5.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBE6.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBE7.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBE8.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBE9.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBEA.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBEB.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBEC.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBED.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBEE.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBEF.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBF0.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBF1.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBF2.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBF3.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBF4.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBF5.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBF6.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBF7.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBF8.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBF9.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBFA.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBFB.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBFC.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBFD.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBFE.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posBFF.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC00.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC01.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC02.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC03.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC04.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC05.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC06.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC07.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC08.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC09.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC0A.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC0B.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC0C.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC0D.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC0E.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC0F.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC10.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC11.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC12.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC13.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC14.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC15.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC16.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC17.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC18.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC19.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC1A.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC1B.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC1C.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC1D.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC1E.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC1F.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC20.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC21.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC22.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC23.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC24.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC25.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC26.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC27.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC28.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC29.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC2A.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC2B.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC2C.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC2D.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC2E.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC2F.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC30.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC31.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC32.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC33.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC34.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC35.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC36.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC37.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC38.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC39.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC3A.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC3B.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC3C.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC3D.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC3E.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC3F.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC40.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC41.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC42.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC43.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC44.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC45.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC46.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC47.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC48.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC49.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC4A.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC4B.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC4C.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC4D.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC4E.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC4F.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC50.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC51.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC52.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC53.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC54.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC55.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC56.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC57.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC58.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC59.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC5A.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC5B.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC5C.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC5D.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC5E.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC5F.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC60.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC61.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC62.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC63.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC64.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC65.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC66.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC67.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC68.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC69.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC6A.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC6B.tmp
C:\Documents and Settings\Kelly Ridpath\My Documents\posC6C.tmp
C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Documents and Settings\LocalService\Application Data\NetMon\domains.txt
C:\Documents and Settings\LocalService\Application Data\NetMon\log.txt
C:\Documents and Settings\NetworkService\Application Data\NetMon
C:\Documents and Settings\NetworkService\Application Data\NetMon\domains.txt
C:\Documents and Settings\NetworkService\Application Data\NetMon\log.txt
C:\pos867.tmp
C:\pos868.tmp
C:\pos869.tmp
C:\pos86A.tmp
C:\pos86B.tmp
C:\pos86C.tmp
C:\pos86D.tmp
C:\pos86E.tmp
C:\pos86F.tmp
C:\pos872.tmp
C:\pos873.tmp
C:\pos874.tmp
C:\pos875.tmp
C:\pos876.tmp
C:\pos877.tmp
C:\pos878.tmp
C:\pos879.tmp
C:\pos87A.tmp
C:\pos87C.tmp
C:\pos87D.tmp
C:\pos87E.tmp
C:\pos87F.tmp
C:\pos880.tmp
C:\pos881.tmp
C:\pos882.tmp
C:\pos883.tmp
C:\pos884.tmp
C:\pos885.tmp
C:\pos886.tmp
C:\pos887.tmp
C:\pos888.tmp
C:\pos88B.tmp
C:\pos88C.tmp
C:\pos88D.tmp
C:\pos88E.tmp
C:\pos88F.tmp
C:\pos890.tmp
C:\pos891.tmp
C:\pos892.tmp
C:\pos893.tmp
C:\pos894.tmp
C:\pos895.tmp
C:\pos896.tmp
C:\pos897.tmp
C:\pos898.tmp
C:\pos899.tmp
C:\pos89A.tmp
C:\pos89B.tmp
C:\pos89C.tmp
C:\pos89D.tmp
C:\pos89E.tmp
C:\pos89F.tmp
C:\pos8A0.tmp
C:\pos8A1.tmp
C:\pos8A2.tmp
C:\pos8A3.tmp
C:\pos8A4.tmp
C:\pos8A5.tmp
C:\pos8A6.tmp
C:\pos8A7.tmp
C:\pos8A8.tmp
C:\pos8A9.tmp
C:\pos8AA.tmp
C:\pos8AB.tmp
C:\pos8AC.tmp
C:\pos8AD.tmp
C:\pos8AE.tmp
C:\pos8B0.tmp
C:\pos8B1.tmp
C:\pos8B2.tmp
C:\pos8B3.tmp
C:\pos8B4.tmp
C:\pos8B5.tmp
C:\pos8B6.tmp
C:\pos8B7.tmp
C:\pos8B8.tmp
C:\pos8B9.tmp
C:\pos8BA.tmp
C:\pos8BB.tmp
C:\pos8BC.tmp
C:\pos8BD.tmp
C:\pos8BE.tmp
C:\pos8BF.tmp
C:\pos8C0.tmp
C:\pos8C1.tmp
C:\pos8C2.tmp
C:\pos8C3.tmp
C:\pos8C4.tmp
C:\pos8C5.tmp
C:\pos8C6.tmp
C:\pos8C7.tmp
C:\pos8C8.tmp
C:\pos8C9.tmp
C:\pos8CA.tmp
C:\pos8CB.tmp
C:\pos8CC.tmp
C:\pos8CD.tmp
C:\pos8CE.tmp
C:\pos8D1.tmp
C:\pos8D2.tmp
C:\pos8D3.tmp
C:\pos8D4.tmp
C:\pos8D5.tmp
C:\pos8D6.tmp
C:\pos8D8.tmp
C:\pos8D9.tmp
C:\pos8DA.tmp
C:\pos8DB.tmp
C:\pos8DC.tmp
C:\pos8DD.tmp
C:\pos8DE.tmp
C:\pos8DF.tmp
C:\pos8E0.tmp
C:\pos8E1.tmp
C:\pos8E2.tmp
C:\pos8E3.tmp
C:\pos8E4.tmp
C:\pos8E5.tmp
C:\pos8E6.tmp
C:\pos8E7.tmp
C:\pos8E8.tmp
C:\pos8E9.tmp
C:\pos8EA.tmp
C:\pos8EB.tmp
C:\pos8EC.tmp
C:\pos8ED.tmp
C:\pos8EE.tmp
C:\pos8EF.tmp
C:\pos8F0.tmp
C:\pos8F1.tmp
C:\pos8F3.tmp
C:\pos8F5.tmp
C:\pos8F6.tmp
C:\pos8F7.tmp
C:\pos8F8.tmp
C:\pos8F9.tmp
C:\pos8FA.tmp
C:\pos8FB.tmp
C:\pos8FC.tmp
C:\pos8FD.tmp
C:\pos8FF.tmp
C:\pos900.tmp
C:\pos901.tmp
C:\pos902.tmp
C:\pos903.tmp
C:\pos904.tmp
C:\pos907.tmp
C:\pos908.tmp
C:\pos909.tmp
C:\pos90A.tmp
C:\pos90B.tmp
C:\pos90D.tmp
C:\pos90E.tmp
C:\pos90F.tmp
C:\pos910.tmp
C:\pos911.tmp
C:\pos912.tmp
C:\pos913.tmp
C:\pos914.tmp
C:\pos915.tmp
C:\pos916.tmp
C:\pos917.tmp
C:\pos918.tmp
C:\pos919.tmp
C:\pos91A.tmp
C:\pos91B.tmp
C:\pos91C.tmp
C:\pos91D.tmp
C:\pos91F.tmp
C:\pos921.tmp
C:\pos922.tmp
C:\pos923.tmp
C:\pos924.tmp
C:\pos925.tmp
C:\pos926.tmp
C:\pos927.tmp
C:\pos928.tmp
C:\pos92A.tmp
C:\pos92B.tmp
C:\pos92C.tmp
C:\pos92D.tmp
C:\pos92E.tmp
C:\pos92F.tmp
C:\pos930.tmp
C:\pos931.tmp
C:\pos932.tmp
C:\pos933.tmp
C:\pos934.tmp
C:\pos935.tmp
C:\pos936.tmp
C:\pos937.tmp
C:\pos938.tmp
C:\pos939.tmp
C:\pos93A.tmp
C:\pos93B.tmp
C:\pos93C.tmp
C:\pos93D.tmp
C:\pos93E.tmp
C:\pos93F.tmp
C:\pos940.tmp
C:\pos941.tmp
C:\pos942.tmp
C:\pos943.tmp
C:\pos944.tmp
C:\pos945.tmp
C:\pos946.tmp
C:\pos947.tmp
C:\pos948.tmp
C:\pos949.tmp
C:\pos94A.tmp
C:\pos94B.tmp
C:\pos94C.tmp
C:\pos94D.tmp
C:\pos94E.tmp
C:\pos94F.tmp
C:\pos950.tmp
C:\pos951.tmp
C:\pos952.tmp
C:\pos953.tmp
C:\pos954.tmp
C:\pos955.tmp
C:\pos956.tmp
C:\pos957.tmp
C:\pos958.tmp
C:\pos959.tmp
C:\pos95A.tmp
C:\pos95B.tmp
C:\pos95C.tmp
C:\pos95D.tmp
C:\pos95E.tmp
C:\pos95F.tmp
C:\pos960.tmp
C:\pos961.tmp
C:\pos962.tmp
C:\pos963.tmp
C:\pos964.tmp
C:\pos965.tmp
C:\pos966.tmp
C:\pos967.tmp
C:\pos968.tmp
C:\pos96B.tmp
C:\pos96C.tmp
C:\pos96D.tmp
C:\pos96E.tmp
C:\pos96F.tmp
C:\pos970.tmp
C:\pos971.tmp
C:\pos972.tmp
C:\pos974.tmp
C:\pos975.tmp
C:\pos976.tmp
C:\pos977.tmp
C:\pos978.tmp
C:\pos979.tmp
C:\pos97A.tmp
C:\pos97C.tmp
C:\pos97E.tmp
C:\pos97F.tmp
C:\pos980.tmp
C:\pos982.tmp
C:\pos983.tmp
C:\pos984.tmp
C:\pos985.tmp
C:\pos986.tmp
C:\pos987.tmp
C:\pos988.tmp
C:\pos989.tmp
C:\pos98A.tmp
C:\pos98B.tmp
C:\pos98C.tmp
C:\pos98D.tmp
C:\pos98E.tmp
C:\pos98F.tmp
C:\pos990.tmp
C:\pos991.tmp
C:\pos992.tmp
C:\pos993.tmp
C:\pos994.tmp
C:\pos995.tmp
C:\pos996.tmp
C:\pos997.tmp
C:\pos99A.tmp
C:\pos99B.tmp
C:\pos99C.tmp
C:\pos99D.tmp
C:\pos99E.tmp
C:\pos99F.tmp
C:\pos9A0.tmp
C:\pos9A1.tmp
C:\pos9A3.tmp
C:\pos9A4.tmp
C:\pos9A5.tmp
C:\pos9A6.tmp
C:\pos9A7.tmp
C:\pos9A8.tmp
C:\pos9A9.tmp
C:\pos9AA.tmp
C:\pos9AD.tmp
C:\pos9AE.tmp
C:\pos9AF.tmp
C:\pos9B0.tmp
C:\pos9B1.tmp
C:\pos9B3.tmp
C:\pos9B4.tmp
C:\pos9B5.tmp
C:\pos9B6.tmp
C:\pos9B7.tmp
C:\pos9B8.tmp
C:\pos9B9.tmp
C:\pos9BA.tmp
C:\pos9BB.tmp
C:\pos9BC.tmp
C:\pos9BD.tmp
C:\pos9BE.tmp
C:\pos9BF.tmp
C:\pos9C0.tmp
C:\pos9C1.tmp
C:\pos9C2.tmp
C:\pos9C3.tmp
C:\pos9C4.tmp
C:\pos9C5.tmp
C:\pos9C6.tmp
C:\pos9C7.tmp
C:\pos9C8.tmp
C:\pos9C9.tmp
C:\pos9CA.tmp
C:\pos9CB.tmp
C:\pos9CC.tmp
C:\pos9CD.tmp
C:\pos9CE.tmp
C:\pos9CF.tmp
C:\pos9D0.tmp
C:\pos9D1.tmp
C:\pos9D2.tmp
C:\pos9D3.tmp
C:\pos9D4.tmp
C:\pos9D5.tmp
C:\pos9D6.tmp
C:\pos9D7.tmp
C:\pos9D8.tmp
C:\pos9D9.tmp
C:\pos9DA.tmp
C:\pos9DB.tmp
C:\pos9DC.tmp
C:\pos9DD.tmp
C:\pos9DE.tmp
C:\pos9DF.tmp
C:\pos9E0.tmp
C:\pos9E1.tmp
C:\pos9E2.tmp
C:\pos9E3.tmp
C:\pos9E4.tmp
C:\pos9E5.tmp
C:\pos9E6.tmp
C:\pos9E7.tmp
C:\pos9E8.tmp
C:\pos9E9.tmp
C:\pos9EA.tmp
C:\pos9EB.tmp
C:\pos9EC.tmp
C:\pos9ED.tmp
C:\pos9EE.tmp
C:\pos9EF.tmp
C:\pos9F0.tmp
C:\pos9F1.tmp
C:\pos9F2.tmp
C:\pos9F3.tmp
C:\pos9F4.tmp
C:\pos9F5.tmp
C:\pos9F6.tmp
C:\pos9F7.tmp
C:\pos9F8.tmp
C:\pos9F9.tmp
C:\pos9FA.tmp
C:\pos9FB.tmp
C:\pos9FC.tmp
C:\pos9FD.tmp
C:\pos9FE.tmp
C:\pos9FF.tmp
C:\posA00.tmp
C:\Program Files\inetget2
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtTry .exe
C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe
C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe
C:\Program Files\network monitor
C:\Program Files\Online Services\rtenefsu.html
C:\Program Files\Protector Suite QL\menusw .exe
C:\Program Files\Router
C:\Program Files\Router\UnInstall.exe
C:\Program Files\Temporary
C:\Program Files\Temporary\kernInstall.exe
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\WINDOWS\b104.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\Downloaded Program Files\UGA6P_0001_N122M2210NetInstaller.exe
C:\WINDOWS\mrofinu1000106.exe
C:\WINDOWS\mrofinu572.exe
C:\WINDOWS\S2VsbHkgUmlkcGF0aA\
C:\WINDOWS\smante~1
C:\WINDOWS\system32\ctfmon.exe.tmp
C:\WINDOWS\system32\hlikdbmb.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mynrpsns.dll
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\pqtss.ini
C:\WINDOWS\system32\pqtss.ini2
C:\WINDOWS\system32\qwgavndl.dll
C:\WINDOWS\system32\qwgavndl.dllbox
C:\WINDOWS\system32\RCX30.tmp
C:\WINDOWS\system32\RCX31.tmp
C:\WINDOWS\system32\RCX32.tmp
C:\WINDOWS\system32\RCX4D.tmp
C:\WINDOWS\system32\RCX57.tmp
C:\WINDOWS\system32\RCX59.tmp
C:\WINDOWS\system32\rramknat.dll
C:\WINDOWS\system32\snsprnym.ini
C:\WINDOWS\system32\sstqp.dll
C:\WINDOWS\system32\wnscpicomsv32.exe
C:\WINDOWS\tsks~1
C:\WINDOWS\uninstall_nmon.vbs

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_CMDSERVICE
-------\LEGACY_NETWORK_MONITOR
-------\cmdService
-------\Network Monitor


((((((((((((((((((((((((( Files Created from 2007-12-28 to 2008-01-28 )))))))))))))))))))))))))))))))
.

2008-01-24 12:22 . 2008-01-24 12:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\espionServerData
2008-01-22 11:44 . 2008-01-22 11:52 <DIR> d-------- C:\Documents and Settings\Kelly Ridpath\Application Data\BitTorrent
2008-01-22 11:43 . 2008-01-28 10:48 <DIR> d-------- C:\Program Files\DNA
2008-01-22 11:43 . 2008-01-22 11:43 <DIR> d-------- C:\Program Files\BitTorrent
2008-01-22 11:43 . 2008-01-28 10:03 <DIR> d-------- C:\Documents and Settings\Kelly Ridpath\Application Data\DNA
2008-01-17 14:08 . 2008-01-17 14:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HP
2008-01-17 14:08 . 2008-01-17 14:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-01-17 13:51 . 2004-08-20 13:02 102,400 --a------ C:\WINDOWS\system32\PMLJNI.dll
2008-01-17 13:51 . 2003-06-16 21:52 74,752 --a------ C:\WINDOWS\system32\jst.dll
2008-01-17 13:51 . 2004-05-10 20:11 40,960 --a------ C:\WINDOWS\system32\d4channel.dll
2008-01-17 13:51 . 2003-06-20 17:21 36,864 --a------ C:\WINDOWS\system32\hpbmmjno.dll
2008-01-17 13:51 . 2005-02-03 17:31 32,768 --a------ C:\WINDOWS\system32\compJNI.dll
2008-01-17 13:50 . 2008-01-17 13:52 <DIR> d--h----- C:\Program Files\Zero G Registry
2008-01-17 13:42 . 2008-01-17 13:47 <DIR> d-------- C:\Program Files\Common Files\HP
2008-01-17 13:38 . 2008-01-17 13:52 <DIR> d-------- C:\Program Files\Hewlett-Packard
2008-01-17 13:37 . 2008-01-17 13:37 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-01-17 12:23 . 2004-12-24 11:07 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll
2008-01-17 12:23 . 2004-12-24 11:05 61,440 --a------ C:\WINDOWS\system32\HPZinw12.exe
2008-01-17 12:23 . 2004-12-24 11:07 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll
2008-01-17 12:21 . 2001-08-17 13:53 6,784 --a------ C:\WINDOWS\system32\drivers\serscan.sys
2008-01-17 12:21 . 2001-08-17 13:53 6,784 --a--c--- C:\WINDOWS\system32\dllcache\serscan.sys
2008-01-17 12:20 . 2005-04-08 09:58 212,992 --a------ C:\WINDOWS\system32\hptcpmui.dll
2008-01-17 12:20 . 2005-04-08 09:58 110,592 --a------ C:\WINDOWS\system32\hptcpmon.dll
2008-01-17 12:20 . 2005-04-08 09:58 98,304 --a------ C:\WINDOWS\system32\hpzjsn01.dll
2008-01-17 12:20 . 2005-04-08 09:58 73,728 --a------ C:\WINDOWS\system32\hptcpmib.dll
2008-01-17 12:20 . 2005-04-08 09:58 28,672 --a------ C:\WINDOWS\system32\hpzjfw01.dll
2008-01-17 12:20 . 2005-04-08 09:58 9,864 --a------ C:\WINDOWS\system32\hptcpmui.hlp
2008-01-17 12:20 . 2005-04-08 09:58 9,820 --a------ C:\WINDOWS\system32\hpipxmui.hlp
2008-01-17 12:20 . 2005-04-08 09:58 3,399 --a------ C:\WINDOWS\system32\hptcpmon.ini
2008-01-17 12:20 . 2008-01-17 12:20 128 --a------ C:\WINDOWS\system32\AddPort.ini
2008-01-17 12:19 . 2008-01-17 12:20 677 --a------ C:\WINDOWS\hpntwksetup.ini
2008-01-17 12:17 . 2008-01-17 13:49 <DIR> d-------- C:\Program Files\HP
2008-01-17 12:17 . 2008-01-17 14:08 53,971 --a------ C:\WINDOWS\hppins01.dat
2008-01-17 12:17 . 2005-04-08 08:52 2,392 --------- C:\WINDOWS\hppmdl01.dat
2008-01-17 12:15 . 2008-01-17 12:15 <DIR> d-------- C:\Program Files\Common Files\SWF Studio
2008-01-17 12:11 . 2008-01-17 12:15 <DIR> d-------- C:\hp_CLJ_2820-2840_Full_Solution
2008-01-16 21:49 . 2008-01-16 21:49 <DIR> d-------- C:\Documents and Settings\Kelly Ridpath\Application Data\InterVideo
2008-01-16 17:37 . 2007-10-10 23:55 6,065,664 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-01-16 17:37 . 2007-07-01 03:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-01-16 17:37 . 2007-07-01 03:36 991,232 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-01-16 17:37 . 2007-10-10 23:55 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-01-16 17:37 . 2007-10-10 23:55 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-01-16 17:37 . 2007-10-10 23:55 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-01-16 17:37 . 2007-10-10 23:55 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-01-16 17:37 . 2007-10-10 23:55 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-01-16 17:37 . 2007-10-10 10:59 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-01-16 17:04 . 2007-08-13 18:54 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll
2008-01-16 14:29 . 2008-01-16 14:30 <DIR> d-------- C:\Program Files\GoldWave
2008-01-14 16:47 . 2006-05-29 13:50 <DIR> d-------- C:\Documents and Settings\McAfeeMVSUser\Application Data\Sony Corporation
2008-01-14 16:47 . 2006-05-29 12:14 <DIR> d-------- C:\Documents and Settings\McAfeeMVSUser\Application Data\Intel
2008-01-11 17:04 . 2008-01-11 17:13 <DIR> d-------- C:\Program Files\Windows Live
2008-01-10 10:32 . 2008-01-10 10:35 <DIR> d-------- C:\Documents and Settings\Kelly Ridpath\.housecall6.6
2008-01-10 10:32 . 2008-01-10 10:32 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-01-09 17:33 . 2007-04-23 16:18 184,320 --a------ C:\WINDOWS\system32\GrabPicturePlugin.dll
2008-01-09 16:25 . 2008-01-09 16:25 <DIR> d-------- C:\Documents and Settings\Kelly Ridpath\Contacts
2008-01-09 14:34 . 2008-01-09 14:34 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Bytemobile
2008-01-09 14:16 . 2008-01-09 14:16 <DIR> d-------- C:\Documents and Settings\Kelly Ridpath\Application Data\InstallShield
2008-01-09 14:16 . 2008-01-09 14:16 <DIR> d-------- C:\Documents and Settings\Kelly Ridpath\Application Data\Bytemobile
2008-01-09 14:16 . 2008-01-09 14:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-01-09 14:12 . 2008-01-09 14:12 <DIR> d-------- C:\Program Files\Vodafone
2008-01-09 12:56 . 2008-01-09 12:56 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-01-09 12:56 . 2008-01-09 12:56 8,464 --a------ C:\WINDOWS\system32\SpOrder.dll
2008-01-09 12:45 . 2008-01-09 12:45 <DIR> d-------- C:\Documents and Settings\Kelly Ridpath\Application Data\Apple Computer
2008-01-09 12:45 . 2008-01-28 09:03 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-09 12:45 . 2008-01-09 12:45 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-09 12:44 . 2008-01-09 12:44 <DIR> d-------- C:\Program Files\iPod
2008-01-09 12:43 . 2008-01-28 11:07 <DIR> d-------- C:\Program Files\iTunes
2008-01-09 12:40 . 2008-01-28 10:48 <DIR> d-------- C:\Program Files\QuickTime
2008-01-09 12:40 . 2008-01-09 12:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-01-09 12:39 . 2008-01-09 12:39 <DIR> d-------- C:\Program Files\Apple Software Update
2008-01-09 12:38 . 2008-01-09 12:38 <DIR> d-------- C:\Program Files\Common Files\Apple
2008-01-09 12:38 . 2008-01-09 12:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-01-09 10:10 . 2008-01-09 16:21 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller
2008-01-09 10:09 . 2008-01-11 17:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-09 09:09 . 2006-05-01 11:42 128,768 --a------ C:\WINDOWS\system32\drivers\mfehidk.sys
2008-01-09 09:09 . 2006-05-01 11:43 73,568 --a------ C:\WINDOWS\system32\drivers\MfeAVFK.sys
2008-01-09 09:09 . 2006-05-01 11:43 41,888 --a------ C:\WINDOWS\system32\drivers\mfetdik.sys
2008-01-09 09:09 . 2006-05-01 11:44 24,224 --a------ C:\WINDOWS\system32\drivers\MfeBOPK.sys
2008-01-08 18:12 . 2008-01-08 18:12 <DIR> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-01-08 18:06 . 2006-08-21 09:14 128,896 -----c--- C:\WINDOWS\system32\dllcache\fltmgr.sys
2008-01-08 18:06 . 2006-08-21 09:14 23,040 -----c--- C:\WINDOWS\system32\dllcache\fltmc.exe
2008-01-08 18:06 . 2006-08-21 12:21 16,896 -----c--- C:\WINDOWS\system32\dllcache\fltlib.dll
2008-01-08 18:03 . 2008-01-08 18:03 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-01-08 13:36 . 2006-02-23 11:39 186 --a------ C:\WINDOWS\myClean.bat
2008-01-08 11:22 . 2008-01-08 11:22 <DIR> d--h----- C:\WINDOWS\PIF
2008-01-08 10:13 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-01-08 10:13 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-01-08 10:13 . 2004-08-04 00:56 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2008-01-08 10:13 . 2004-08-04 00:56 21,504 --a--c--- C:\WINDOWS\system32\dllcache\hidserv.dll
2008-01-08 10:13 . 2004-08-03 22:58 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2008-01-08 10:13 . 2004-08-03 22:58 14,848 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys
2008-01-08 10:13 . 2001-08-17 14:02 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-01-08 10:13 . 2001-08-17 14:02 9,600 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-01-08 10:00 . 2007-07-09 13:09 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2008-01-08 09:51 . 2008-01-08 09:51 <DIR> d-------- C:\Program Files\Lavasoft
2008-01-08 09:51 . 2008-01-08 09:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-08 09:49 . 2008-01-08 09:49 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-08 09:43 . 2006-12-07 05:29 2,374,472 -----c--- C:\WINDOWS\system32\dllcache\wmvcore.dll
2008-01-08 09:41 . 2008-01-08 09:41 <DIR> d-------- C:\Documents and Settings\Kelly Ridpath\Application Data\Symantec
2008-01-08 09:06 . 2008-01-24 09:12 15,360 --a------ C:\WINDOWS\system32\ctfmon .exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-16 17:05 --------- d-----w C:\Program Files\Apoint
2008-01-15 17:45 315,392 ----a-w C:\WINDOWS\reminder.exe
2008-01-09 17:33 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-09 14:12 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-01-08 13:54 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-01-07 09:09 --------- d-----w C:\Program Files\Google
2008-01-06 21:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-01-06 21:20 --------- d-----w C:\Program Files\Sony
2008-01-06 21:10 --------- d-----w C:\Program Files\Common Files\Adobe
2008-01-06 21:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony Corporation
2008-01-06 21:08 --------- d-----w C:\Program Files\Common Files\Sony Shared
.
<pre>
----a-w		   483,328 2008-01-25 09:10:14  C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray .exe
----a-w		   307,200 2008-01-07 16:22:32  C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager .exe
----a-w		   118,784 2008-01-16 16:53:27  C:\Program Files\Apoint\Apoint .exe
----a-w		   218,032 2008-01-28 10:48:24  C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM		  .exe
----a-w		   572,928 2008-01-24 09:11:32  C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM		 .exe
----a-w		   572,928 2008-01-22 09:07:47  C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM		.exe
----a-w		   572,928 2008-01-17 09:12:11  C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM	   .exe
----a-w		   572,928 2008-01-16 21:44:45  C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM	  .exe
----a-w		   572,928 2008-01-14 16:57:48  C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM   .exe
----a-w		   572,928 2008-01-14 09:30:12  C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM  .exe
----a-w		   218,032 2008-01-10 10:58:44  C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM .exe
----a-w			52,848 2008-01-08 09:16:09  C:\Program Files\Common Files\Symantec Shared\ccApp .exe
----a-w		   286,528 2008-01-24 09:12:58  C:\Program Files\DNA\btdna .exe
----a-w		   171,448 2008-01-24 21:39:06  C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier .exe
----a-w		   245,760 2008-01-24 21:38:44  C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp .exe
----a-w			49,152 2008-01-25 09:10:49  C:\Program Files\HP\HP Software Update\HPWuSchd2 .exe
----a-w			36,864 2008-01-24 21:38:43  C:\Program Files\HP\HP UT\bin\hppusg .exe
----a-w		   569,416 2008-01-16 16:53:43  C:\Program Files\Intel\Wireless\Bin\EOUWiz .exe
----a-w		   602,184 2008-01-16 16:53:43  C:\Program Files\Intel\Wireless\Bin\ifrmewrk .exe
----a-w		   667,720 2008-01-16 16:53:38  C:\Program Files\Intel\Wireless\Bin\ZCfgSvc .exe
----a-w		   267,048 2008-01-28 09:03:10  C:\Program Files\iTunes\iTunesHelper .exe
----a-w			36,976 2008-01-16 16:53:58  C:\Program Files\Java\jre1.5.0_06\bin\jusched .exe
----a-w		   409,600 2008-01-28 09:03:07  C:\Program Files\McAfee\Managed VirusScan\Agent\Splash .exe
----a-w		 1,694,208 2008-01-09 14:36:29  C:\Program Files\Messenger\msmsgs .exe
----a-w		   286,720 2008-01-28 10:48:57  C:\Program Files\QuickTime\qttask		  .exe
----a-w		   642,048 2008-01-25 09:09:47  C:\Program Files\QuickTime\qttask		 .exe
----a-w		   642,048 2008-01-24 21:37:54  C:\Program Files\QuickTime\qttask		.exe
----a-w		   642,048 2008-01-24 09:11:58  C:\Program Files\QuickTime\qttask	   .exe
----a-w		   642,048 2008-01-23 09:13:06  C:\Program Files\QuickTime\qttask	  .exe
----a-w		   642,048 2008-01-21 08:53:47  C:\Program Files\QuickTime\qttask	 .exe
----a-w		   642,048 2008-01-17 21:40:59  C:\Program Files\QuickTime\qttask	.exe
----a-w		   642,048 2008-01-17 09:12:26  C:\Program Files\QuickTime\qttask   .exe
----a-w		   642,048 2008-01-16 21:45:05  C:\Program Files\QuickTime\qttask  .exe
----a-w		   642,048 2008-01-16 17:16:17  C:\Program Files\QuickTime\qttask .exe
----a-w			53,248 2008-01-16 16:53:33  C:\Program Files\Realtek\InstallShield\AzMixerSel .exe
----a-w			32,768 2008-01-16 16:53:43  C:\Program Files\Sony\ISB Utility\ISBMgr .exe
----a-w		   217,088 2008-01-16 16:53:44  C:\Program Files\Sony\VAIO Power Management\SPMgr .exe
----a-w		   151,552 2008-01-16 16:53:50  C:\Program Files\Sony\VAIO Update 2\VAIOUpdt .exe
----a-w		   176,128 2008-01-16 16:53:44  C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher .exe
----a-w			40,960 2008-01-16 16:53:50  C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice .exe
----a-w		 5,724,184 2008-01-14 16:59:32  C:\Program Files\Windows Live\Messenger\MsnMsgr  .Exe
----a-w		   315,392 2008-01-15 08:55:01  C:\WINDOWS\reminder .exe
----a-w			15,360 2008-01-24 09:12:07  C:\WINDOWS\system32\ctfmon .exe
----a-w			77,824 2008-01-16 16:53:30  C:\WINDOWS\system32\hkcmd .exe
----a-w		   118,784 2008-01-16 16:53:30  C:\WINDOWS\system32\igfxpers .exe
----a-w			94,208 2008-01-16 16:53:30  C:\WINDOWS\system32\igfxtray .exe
</pre>


-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{24E9ECC2-B4FA-46CE-B38B-70997F065FA3}]
C:\Program Files\ComPlus Applications\meso4444.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{50908263-85AC-4EAF-83AC-72CE72BF4BBE}]
C:\Program Files\ComPlus Applications\meso83122.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C7339F13-4B35-4340-B18D-4685BE02D519}]
C:\Program Files\Online Services\qufaqy.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-01-28 10:48 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-01-28 10:48 171448]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM .exe" [2008-01-28 10:48 218032]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-01-28 10:48 286528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [ ]
"SkyTel"="SkyTel.EXE" [2006-04-24 06:20 1448960 C:\WINDOWS\SkyTel.exe]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [ ]
"Mouse Suite 98 Daemon"="ICO.EXE" [2002-03-14 15:46 45056 C:\WINDOWS\system32\ico.exe]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [ ]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [ ]
"EOUApp"="C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" [ ]
"SonyPowerCfg"="C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" [ ]
"ISBMgr.exe"="C:\Program Files\Sony\ISB Utility\ISBMgr.exe" [ ]
"Switcher.exe"="C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe" [ ]
"VAIO Update 2"="C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" [ ]
"PDService.exe"="C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe" [ ]
"Biomenu"="C:\Program Files\Protector Suite QL\menusw.exe" [ ]
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-01-28 10:48 483328]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [ ]
"MVS Splash"="C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe" [ ]
"McAfee Managed Services Tray"="C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe" [ ]
"QuickTime Task"="C:\Program Files\QuickTime\qttask .exe" [2008-01-28 10:48 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [ ]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2008-01-28 10:49 49152]
"HPUsageTracking"="C:\Program Files\HP\HP UT\bin\hppusg.exe" [2008-01-28 10:49 36864]
"TomcatStartup 2.5"="C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe" [2008-01-28 10:49 245760]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2006-02-02 22:19:10 1753088]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-04 19:28:24 258048]
HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2004-11-04 19:50:52 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\byxvtuv]
byxvtuv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
fusstub.dll 2006-02-22 18:11 39936 C:\WINDOWS\system32\fusstub.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
VESWinlogon.dll 2006-03-09 13:51 73728 C:\WINDOWS\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\system32\sstqp

R0 shpf;Sony HDD Protection Filter Driver;C:\WINDOWS\system32\DRIVERS\shpf.sys [2005-11-21 05:06]
R1 PrivateDisk;PrivateDisk;C:\WINDOWS\system32\Drivers\PrivateDiskM.sys [2004-07-06 13:07]
R1 tcpipBM;Bytemobile Kernel Network Provider;C:\WINDOWS\system32\drivers\tcpipBM.sys [2007-01-30 16:03]
R2 FdRedir;FdRedir;C:\Program Files\Common Files\Protector Suite QL\Drivers\FdRedir.sys [2006-02-22 18:13]
R2 FileDisk2;FileDisk Protector Kernel Driver;C:\Program Files\Common Files\Protector Suite QL\Drivers\filedisk.sys [2006-02-22 18:13]
R2 myAgtSvc;McAfee Total Protection Agent Service;C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe [2006-05-04 18:05]
R3 IFXTPM;IFXTPM;C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2005-10-21 02:19]
R3 SPI;Sony Programmable I/O Control Device;C:\WINDOWS\system32\DRIVERS\SonyPI.sys [2002-08-20 02:59]
R3 TcUsb;TC USB Kernel Driver;C:\WINDOWS\system32\Drivers\tcusb.sys [2006-02-22 18:05]
R3 ti21sony;ti21sony;C:\WINDOWS\system32\drivers\ti21sony.sys [2006-02-21 09:32]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\Image Converter 2\IcVzMon.exe [2005-07-14 19:10]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5e24beed-bf63-11dc-809e-0018de0b4863}]
\Shell\AutoRun\command - H:\LaunchU3.exe -a

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-28 11:15:04
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bmwebcfg.exe
C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SkyTel.EXE
C:\WINDOWS\system32\ICO.EXE
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\HP UT\bin\hppusg.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM .exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
.
**************************************************************************
.
Completion time: 2008-01-28 11:20:14 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-28 11:20:08
.
2008-01-25 17:13:34 --- E O F ---




And HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:26:27, on 28/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bmwebcfg.exe
C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SkyTel.EXE
C:\WINDOWS\system32\ICO.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\HP UT\bin\hppusg.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM .exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\PROGRA~1\HEWLET~1\Toolbox\STATUS~1\STATUS~1.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Kelly Ridpath\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.club-vaio.com/en/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {24E9ECC2-B4FA-46CE-B38B-70997F065FA3} - C:\Program Files\ComPlus Applications\meso4444.dll (file missing)
O2 - BHO: (no name) - {50908263-85AC-4EAF-83AC-72CE72BF4BBE} - C:\Program Files\ComPlus Applications\meso83122.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: 0 - {C7339F13-4B35-4340-B18D-4685BE02D519} - C:\Program Files\Online Services\qufaqy.dll (file missing)
O2 - BHO: GoogleAFE - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\GoogleAFE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [Biomenu] "C:\Program Files\Protector Suite QL\menusw.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [MVS Splash] C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe
O4 - HKLM\..\Run: [McAfee Managed Services Tray] "C:\Program Files\McAfee\Managed VirusScan\Agent\myagttry.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask .exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HPUsageTracking] "C:\Program Files\HP\HP UT\bin\hppusg.exe" "C:\Program Files\HP\HP UT\"
O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM .exe" -scheduler
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Grab image and send to CInergy server - {5D4E9D28-E498-4DD6-8ECA-E1675E73DB23} - C:\WINDOWS\system32\GrabPicturePlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/en/
O15 - Trusted Zone: *.sony-europe.com
O15 - Trusted Zone: *.sonystyle-europe.com
O15 - Trusted Zone: *.vaio-link.com
O16 - DPF: {40C83AF8-FEA7-4A6A-A470-431EE84A0886} (SecureObjectFactory Class) - http://vs.mcafeeasap.com/MC/ENU/VS40/bin/m...60504175614.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O20 - Winlogon Notify: byxvtuv - byxvtuv.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\WINDOWS\system32\bmwebcfg.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McShield - McAfee, Inc. - C:\PROGRA~1\McAfee\MANAGE~1\VScan\McShield.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Avlib\MSCSPTISRV.exe
O23 - Service: McAfee Total Protection Agent Service (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Avlib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Avlib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\Avlib\SSScsiSV.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--
End of file - 12617 bytes

BC AdBot (Login to Remove)

 


#2 RichieUK

RichieUK

    Malware Assassin


  • Malware Response Team
  • 13,614 posts
  • OFFLINE
  •  
  • Local time:08:21 AM

Posted 09 February 2008 - 10:34 AM

Welcome to the BleepingComputer HijackThis Logs and Analysis forum.
My name is Richie and i'll be helping you to fix your problems.

Apologies for the late response,as i'm sure you can appreciate we are extremely busy.

If you've already recieved help at another forum and your issues have been resolved,or you're presently recieving help elsewhere then please let us know.

If you have not followed the info in the link below prior to posting your log then please do so now:
Preparation Guide for use before posting a HijackThis Log:
http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

If you still require help,please post a new Hijackthis log into this topic in your next reply.

Also post a detailed description of the issues you're experiencing.

*Note*
Post all reports/logs directly into this topic,not as attachments,thanks.
Posted Image
Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users