Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bb.exe And Others Causing Me Persistant Malware Woes


  • This topic is locked This topic is locked
2 replies to this topic

#1 nashrm

nashrm

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:17 PM

Posted 30 May 2008 - 09:19 AM

Yesterday morning we had some machines at our office become infected with some type of malware. Initially the symptoms were recognized by the changing of the system time and date to the year 2000. The applications that appear to be effecting this change were showing up in the process list as bb.exe, aa.exe, an instance of cmd.exe. The HijackThis logs I was running have many BHO objects that couldn't be removed while they were in memory. They were also showing changes to the /HKLM/software/microsoft/windowsnt/logon/shell key. There are also some DLL files that have been added to the /HKLM/software/microsoft/windowsnt/windows/appinit_dll key. On one machine after successfully removing the appinit_dll entries and something was still running that was trying to alter the logon/shell and keeps starting the cmd process which in turn starts the bb.exe and the aa.exe processes. It is potentially a service but I have been unable to identify it yet.

Below are my log files after running the DSS scan. Any help you can give would be a godsend and much appreciated.


Deckard's System Scanner v20071014.68
Run by mmcquinn on 2000-05-30 09:49:52
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.


-- Last 1 Restore Point(s) --
1: 2000-05-30 13:49:55 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as mmcquinn.exe) --------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:52, on 2000-05-30
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\AVTC\PavSrv51.exe
C:\Program Files\Panda Software\AVTC\AVENGINE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Panda Software\Panda Administrator 3\Pav_Agent\Pagent.exe
C:\Program Files\Panda Software\Panda Administrator 3\Scheduler\pavsched.exe
C:\Program Files\Panda Software\Panda Administrator 3\Pav_Agent\pagentwd.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Software\AVTC\PSKMsSvc.exe
C:\Program Files\Panda Software\AVTC\PsImSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Panda Software\AVTC\ClShield.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Panda Software\AVTC\WebProxy.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Panda Software\AVTC\CpIcnMng.exe
C:\DOCUME~1\mmcquinn\LOCALS~1\Temp\aa.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\Acrobat_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\UltraMon\UltraMon.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\UltraMon\UltraMonTaskbar.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\DOCUME~1\mmcquinn\LOCALS~1\Temp\bb.exe
C:\Documents and Settings\mmcquinn\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\mmcquinn.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: rijxakin.dll - {15FD6584-698F-BCD2-602C-698745210351} - C:\WINDOWS\system32\rijxakin.dll
O2 - BHO: nhmxajkl.dll - {17AC9076-C898-B098-D098-A18319080971} - C:\WINDOWS\system32\nhmxajkl.dll
O2 - BHO: tisqatyu.dll - {18093456-9012-4568-9076-908765467181} - C:\WINDOWS\system32\tisqatyu.dll
O2 - BHO: opshbbty.dll - {22596546-2036-9451-6058-658402589722} - C:\WINDOWS\system32\opshbbty.dll
O2 - BHO: apsgbjba.dll - {2FD45A54-9875-698F-E56E-65102358FDF2} - C:\WINDOWS\system32\apsgbjba.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: pjjxcdwd.dll - {34FAE856-AD58-20CB-A025-CD4895FA6E43} - C:\WINDOWS\system32\pjjxcdwd.dll (file missing)
O2 - BHO: mpwdcapi.dll - {35694105-5108-9405-3695-954187462153} - C:\WINDOWS\system32\mpwdcapi.dll
O2 - BHO: apsgcjba.dll - {3FD45A54-9875-698F-E56E-65102358FDF3} - C:\WINDOWS\system32\apsgcjba.dll (file missing)
O2 - BHO: pjjxddwd.dll - {44FAE856-AD58-20CB-A025-CD4895FA6E44} - C:\WINDOWS\system32\pjjxddwd.dll
O2 - BHO: ozfydbyt.dll - {4A069845-2036-6084-9054-6087502480A4} - C:\WINDOWS\system32\ozfydbyt.dll
O2 - BHO: zycbdime.dll - {4A698102-5904-AFD0-20DF-CD1A65829CA4} - C:\WINDOWS\system32\zycbdime.dll
O2 - BHO: apsgdjba.dll - {4FD45A54-9875-698F-E56E-65102358FDF4} - C:\WINDOWS\system32\apsgdjba.dll
O2 - BHO: ptjhehlp.dll - {528DF602-9541-A985-210A-984A698C6F25} - C:\WINDOWS\system32\ptjhehlp.dll
O2 - BHO: oohxdbyt.dll - {5B1AEF69-DDAE-FDAD-DCAB-698F026ABDB5} - C:\WINDOWS\system32\oohxdbyt.dll
O2 - BHO: zywmfime.dll - {6319A1F1-9410-9654-3201-345FFA349136} - C:\WINDOWS\system32\zywmfime.dll
O2 - BHO: mndsfsrv.dll - {67FD640A-158F-48AC-FD14-1597F14A9776} - C:\WINDOWS\system32\mndsfsrv.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: yzzthmsn.dll - {8490415F-65F8-B5C5-D8BA-9405FB120548} - C:\WINDOWS\system32\yzzthmsn.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Viewpoint Toolbar - {F8AD5AA5-D966-4667-9DAF-2561D68B2012} - C:\Program Files\Common Files\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\AVTC\ClShield.exe"
O4 - HKLM\..\Run: [CpnIconMng] "C:\Program Files\Panda Software\AVTC\CpIcnMng.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunOnce: [svc] C:\DOCUME~1\mmcquinn\LOCALS~1\Temp\bb.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: UltraMon.lnk = C:\Program Files\UltraMon\UltraMon.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\windows media player\avife.dll
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = oci.local
O17 - HKLM\Software\..\Telephony: DomainName = oci.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = oci.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = oci.local
O20 - AppInit_DLLs: tisqatyu.dll,nhmxajkl.dll
O21 - SSODL: midimapmy - {4F4F0064-71E0-4f0d-0015-708476C7815F} - C:\WINDOWS\system32\midimapmy.dll
O21 - SSODL: midimapcq - {4F4F0064-71E0-4f0d-0023-708476C7815F} - C:\WINDOWS\system32\midimapcq.dll
O21 - SSODL: midimapms - {4F4F0064-71E0-4f0d-0014-708476C7815F} - C:\WINDOWS\system32\midimapms.dll
O21 - SSODL: midimapzx - {4F4F0064-71E0-4f0d-0005-708476C7815F} - C:\WINDOWS\system32\midimapzx.dll
O21 - SSODL: midimaptl - {4F4F0064-71E0-4f0d-0017-708476C7815F} - C:\WINDOWS\system32\midimaptl.dll
O21 - SSODL: midimapwl - {4F4F0064-71E0-4f0d-0004-708476C7815F} - C:\WINDOWS\system32\midimapwl.dll
O21 - SSODL: midimapcqsj - {4F4F0064-71E0-4f0d-0024-708476C7815F} - C:\WINDOWS\system32\midimapcqsj.dll
O21 - SSODL: midimapqn3 - {4F4F0064-71E0-4f0d-0022-708476C7815F} - C:\WINDOWS\system32\midimapqn3.dll
O21 - SSODL: midimapwd - {4F4F0064-71E0-4f0d-0018-708476C7815F} - C:\WINDOWS\system32\midimapwd.dll
O21 - SSODL: midimapwm - {4F4F0064-71E0-4f0d-0002-708476C7815F} - C:\WINDOWS\system32\midimapwm.dll
O21 - SSODL: midimapcb - {4F4F0064-71E0-4f0d-0006-708476C7815F} - C:\WINDOWS\system32\midimapcb.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda AdminSecure Communications Agent (PAVAGENTE) - Panda Software - C:\Program Files\Panda Software\Panda Administrator 3\Pav_Agent\Pagent.exe
O23 - Service: Panda AdminSecure Scheduler (PavAtScheduler) - Panda Software - C:\Program Files\Panda Software\Panda Administrator 3\Scheduler\pavsched.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda Antivirus Report Service (PavReport) - Panda Software - C:\Program Files\Panda Software\Panda Administrator 3\PavReport\PavReport.exe
O23 - Service: Panda Antivirus Service (PavSrv) - Panda Software International - C:\Program Files\Panda Software\AVTC\PavSrv51.exe
O23 - Service: Panda AntiSpam Engine (PMShellSrv) - Panda Software International - C:\Program Files\Panda Software\AVTC\PSKMsSvc.exe
O23 - Service: Panda IManager Service (PsImSvc) - Panda Software International - C:\Program Files\Panda Software\AVTC\PsImSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 12862 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20080528-105531-710 O4 - HKLM\..\RunOnce: [svc] C:\DOCUME~1\mmcquinn\LOCALS~1\Temp\bb.exe
backup-20080528-105806-133 F2 - REG:system.ini: Shell=Explorer.exe,gprCD.exe
backup-20080528-105806-975 O2 - BHO: apsgbjba.dll - {2FD45A54-9875-698F-E56E-65102358FDF2} - C:\WINDOWS\system32\apsgbjba.dll
backup-20080528-105807-504 O2 - BHO: ozfydbyt.dll - {4A069845-2036-6084-9054-6087502480A4} - C:\WINDOWS\system32\ozfydbyt.dll
backup-20080528-105809-912 O2 - BHO: ptjhehlp.dll - {528DF602-9541-A985-210A-984A698C6F25} - C:\WINDOWS\system32\ptjhehlp.dll
backup-20080528-105810-743 O2 - BHO: oohxdbyt.dll - {5B1AEF69-DDAE-FDAD-DCAB-698F026ABDB5} - C:\WINDOWS\system32\oohxdbyt.dll
backup-20080528-105811-458 O2 - BHO: zywmfime.dll - {6319A1F1-9410-9654-3201-345FFA349136} - C:\WINDOWS\system32\zywmfime.dll
backup-20080528-105812-918 O2 - BHO: yzzthmsn.dll - {8490415F-65F8-B5C5-D8BA-9405FB120548} - C:\WINDOWS\system32\yzzthmsn.dll
backup-20080528-150120-782 O2 - BHO: rijxakin.dll - {15FD6584-698F-BCD2-602C-698745210351} - C:\WINDOWS\system32\rijxakin.dll
backup-20080528-150120-886 O2 - BHO: nhmxajkl.dll - {17AC9076-C898-B098-D098-A18319080971} - C:\WINDOWS\system32\nhmxajkl.dll
backup-20080528-150120-918 O2 - BHO: tisqatyu.dll - {18093456-9012-4568-9076-908765467181} - C:\WINDOWS\system32\tisqatyu.dll
backup-20080528-150121-359 O2 - BHO: pjjxcdwd.dll - {34FAE856-AD58-20CB-A025-CD4895FA6E43} - C:\WINDOWS\system32\pjjxcdwd.dll
backup-20080528-150121-549 O2 - BHO: mpwdcapi.dll - {35694105-5108-9405-3695-954187462153} - C:\WINDOWS\system32\mpwdcapi.dll
backup-20080528-150121-830 O2 - BHO: opshbbty.dll - {22596546-2036-9451-6058-658402589722} - C:\WINDOWS\system32\opshbbty.dll
backup-20080528-150121-840 O2 - BHO: apsgbjba.dll - {2FD45A54-9875-698F-E56E-65102358FDF2} - C:\WINDOWS\system32\apsgbjba.dll
backup-20080528-150122-170 O2 - BHO: zycbdime.dll - {4A698102-5904-AFD0-20DF-CD1A65829CA4} - C:\WINDOWS\system32\zycbdime.dll
backup-20080528-150122-298 O2 - BHO: ozfydbyt.dll - {4A069845-2036-6084-9054-6087502480A4} - C:\WINDOWS\system32\ozfydbyt.dll
backup-20080528-150122-717 O2 - BHO: oohxdbyt.dll - {5B1AEF69-DDAE-FDAD-DCAB-698F026ABDB5} - C:\WINDOWS\system32\oohxdbyt.dll
backup-20080528-150122-853 O2 - BHO: ptjhehlp.dll - {528DF602-9541-A985-210A-984A698C6F25} - C:\WINDOWS\system32\ptjhehlp.dll
backup-20080528-150123-445 O2 - BHO: zywmfime.dll - {6319A1F1-9410-9654-3201-345FFA349136} - C:\WINDOWS\system32\zywmfime.dll
backup-20080528-150123-498 O2 - BHO: mndsfsrv.dll - {67FD640A-158F-48AC-FD14-1597F14A9776} - C:\WINDOWS\system32\mndsfsrv.dll
backup-20080528-150123-930 O2 - BHO: yzzthmsn.dll - {8490415F-65F8-B5C5-D8BA-9405FB120548} - C:\WINDOWS\system32\yzzthmsn.dll
backup-20080528-150336-154 O2 - BHO: nhmxajkl.dll - {17AC9076-C898-B098-D098-A18319080971} - C:\WINDOWS\system32\nhmxajkl.dll
backup-20080528-150336-218 O2 - BHO: opshbbty.dll - {22596546-2036-9451-6058-658402589722} - C:\WINDOWS\system32\opshbbty.dll
backup-20080528-150336-359 O2 - BHO: apsgbjba.dll - {2FD45A54-9875-698F-E56E-65102358FDF2} - C:\WINDOWS\system32\apsgbjba.dll
backup-20080528-150336-429 O2 - BHO: mndsfsrv.dll - {67FD640A-158F-48AC-FD14-1597F14A9776} - C:\WINDOWS\system32\mndsfsrv.dll
backup-20080528-150336-489 O2 - BHO: tisqatyu.dll - {18093456-9012-4568-9076-908765467181} - C:\WINDOWS\system32\tisqatyu.dll
backup-20080528-150336-511 O2 - BHO: rijxakin.dll - {15FD6584-698F-BCD2-602C-698745210351} - C:\WINDOWS\system32\rijxakin.dll
backup-20080528-150336-524 O2 - BHO: zycbdime.dll - {4A698102-5904-AFD0-20DF-CD1A65829CA4} - C:\WINDOWS\system32\zycbdime.dll
backup-20080528-150336-570 O2 - BHO: oohxdbyt.dll - {5B1AEF69-DDAE-FDAD-DCAB-698F026ABDB5} - C:\WINDOWS\system32\oohxdbyt.dll
backup-20080528-150336-582 O4 - HKLM\..\RunOnce: [svc] C:\DOCUME~1\mmcquinn\LOCALS~1\Temp\bb.exe
backup-20080528-150336-628 O2 - BHO: ptjhehlp.dll - {528DF602-9541-A985-210A-984A698C6F25} - C:\WINDOWS\system32\ptjhehlp.dll
backup-20080528-150336-642 O2 - BHO: ozfydbyt.dll - {4A069845-2036-6084-9054-6087502480A4} - C:\WINDOWS\system32\ozfydbyt.dll
backup-20080528-150336-691 O2 - BHO: mpwdcapi.dll - {35694105-5108-9405-3695-954187462153} - C:\WINDOWS\system32\mpwdcapi.dll
backup-20080528-150336-857 O2 - BHO: pjjxcdwd.dll - {34FAE856-AD58-20CB-A025-CD4895FA6E43} - C:\WINDOWS\system32\pjjxcdwd.dll
backup-20080528-150336-901 O2 - BHO: yzzthmsn.dll - {8490415F-65F8-B5C5-D8BA-9405FB120548} - C:\WINDOWS\system32\yzzthmsn.dll

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*
.scr - AutoCADScriptFile - shell\open\command - "C:\WINDOWS\notepad.exe" "%1"


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 VClone - c:\windows\system32\drivers\vclone.sys <Not Verified; Elaborate Bytes AG; Virtual CloneDrive>
R1 ShldDrv (Panda File Shield Driver) - c:\windows\system32\drivers\shlddrv.sys <Not Verified; Panda Software; Panda®Shield>
R2 ElbyCDIO (ElbyCDIO Driver) - c:\windows\system32\drivers\elbycdio.sys <Not Verified; Elaborate Bytes AG; CDRTools>
R2 HiddFldy - c:\windows\system32\d32dx9.sys
R2 PavProc (Panda Process Protection Driver) - c:\windows\system32\drivers\pavproc.sys <Not Verified; Panda Software; PandaShield>
R3 00fa43f008ab5b9e - c:\00fa43f008ab5b9e.dat (file missing)
R3 ElbyDelay - c:\windows\system32\drivers\elbydelay.sys <Not Verified; Elaborate Bytes AG; CDRTools>

S3 05eca794bd3cc252 - c:\05eca794bd3cc252.dat (file missing)
S3 08a889f83bda1ce1 - c:\08a889f83bda1ce1.dat (file missing)
S3 0d9aed9cf069f74d - c:\0d9aed9cf069f74d.dat (file missing)
S3 1fd458c0f8996b2f - c:\1fd458c0f8996b2f.dat (file missing)
S3 29a8a1b0c8e00046 - c:\29a8a1b0c8e00046.dat (file missing)
S3 524681180f2aad0d - c:\524681180f2aad0d.dat (file missing)
S3 53f7a1343dd2243b - c:\53f7a1343dd2243b.dat (file missing)
S3 5d5707581761dfac - c:\5d5707581761dfac.dat (file missing)
S3 806ca3a0c56e94a2 - c:\806ca3a0c56e94a2.dat (file missing)
S3 867a47e48cf378fa - c:\867a47e48cf378fa.dat (file missing)
S3 a30d5d1cb308e7f3 - c:\a30d5d1cb308e7f3.dat (file missing)
S3 ae0d6504d1400080 - c:\ae0d6504d1400080.dat (file missing)
S3 ae92c6289bf4dbd8 - c:\ae92c6289bf4dbd8.dat (file missing)
S3 c7e497d855e028bb - c:\c7e497d855e028bb.dat (file missing)
S3 d0be9cd875026ba4 - c:\d0be9cd875026ba4.dat (file missing)
S3 d3ef6208377ee7f8 - c:\d3ef6208377ee7f8.dat (file missing)
S3 d3ffe060be9c61fa - c:\d3ffe060be9c61fa.dat (file missing)
S3 d50aa2a80c755fdb - c:\d50aa2a80c755fdb.dat (file missing)
S3 dd4ec82c1ecf91f9 - c:\dd4ec82c1ecf91f9.dat (file missing)
S3 e0900bb453c783a0 - c:\e0900bb453c783a0.dat (file missing)
S3 e2412bd0427d0b7e - c:\e2412bd0427d0b7e.dat (file missing)
S3 ea74d2fcde8da619 - c:\ea74d2fcde8da619.dat (file missing)
S3 ee4bf6003bd6773b - c:\ee4bf6003bd6773b.dat


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 PAVAGENTE (Panda AdminSecure Communications Agent) - c:\program files\panda software\panda administrator 3\pav_agent\pagent.exe <Not Verified; Panda Software; pagent>
R2 PavAtScheduler (Panda AdminSecure Scheduler) - c:\program files\panda software\panda administrator 3\scheduler\pavsched.exe <Not Verified; Panda Software; Panda AdminSecure Scheduler>
R2 PavPrSrv (Panda Process Protection Service) - "c:\program files\common files\panda software\pavshld\pavprsrv.exe" <Not Verified; Panda Software; PandaShield>
R2 PavSrv (Panda Antivirus Service) - "c:\program files\panda software\avtc\pavsrv51.exe" <Not Verified; Panda Software International; Panda Antimalware File Protection>
R2 PMShellSrv (Panda AntiSpam Engine) - "c:\program files\panda software\avtc\pskmssvc.exe" <Not Verified; Panda Software International; Panda Anti-malware>
R2 PsImSvc (Panda IManager Service) - "c:\program files\panda software\avtc\psimsvc.exe" <Not Verified; Panda Software International; Panda Interface Manager>
R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>

S3 PavReport (Panda Antivirus Report Service) - c:\program files\panda software\panda administrator 3\pavreport\pavreport.exe <Not Verified; Panda Software; Panda AdminSecure>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel® PRO/1000 MT Network Connection
Device ID: PCI\VEN_8086&DEV_100E&SUBSYS_80EE1043&REV_02\4&2E98101C&0&28F0
Manufacturer: Intel
Name: Intel® PRO/1000 MT Network Connection
PNP Device ID: PCI\VEN_8086&DEV_100E&SUBSYS_80EE1043&REV_02\4&2E98101C&0&28F0
Service: E1000


-- Scheduled Tasks -------------------------------------------------------------

2008-05-30 09:22:02 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2000-04-30 and 2000-05-30 -----------------------------

2008-05-30 08:56:16 25920 --a------ C:\WINDOWS\system32\gpr20.exe
2008-05-30 08:54:01 27980 --a------ C:\WINDOWS\system32\gpr19.exe
2008-05-30 08:23:34 25920 --a------ C:\WINDOWS\system32\gpr16.exe
2008-05-30 03:11:49 27980 --a------ C:\WINDOWS\system32\gprE.exe
2008-05-29 14:16:50 68096 --a------ C:\WINDOWS\zip.exe
2008-05-29 14:16:50 49152 --a------ C:\WINDOWS\VFind.exe
2008-05-29 14:16:50 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-05-29 14:16:50 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-05-29 14:16:50 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-05-29 14:16:50 98816 --a------ C:\WINDOWS\sed.exe
2008-05-29 14:16:50 80412 --a------ C:\WINDOWS\grep.exe
2008-05-29 14:16:50 89504 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-05-29 10:24:14 25920 --a------ C:\WINDOWS\system32\gpr11.exe
2008-05-28 15:36:45 0 d-------- C:\Documents and Settings\turdbird\Application Data\Identities
2008-05-28 15:36:23 0 d--h----- C:\Documents and Settings\turdbird\Templates
2008-05-28 15:36:23 0 dr------- C:\Documents and Settings\turdbird\Start Menu
2008-05-28 15:36:23 0 dr-h----- C:\Documents and Settings\turdbird\SendTo
2008-05-28 15:36:23 0 dr-h----- C:\Documents and Settings\turdbird\Recent
2008-05-28 15:36:23 0 d--h----- C:\Documents and Settings\turdbird\PrintHood
2008-05-28 15:36:23 1310720 --ah----- C:\Documents and Settings\turdbird\NTUSER.DAT
2008-05-28 15:36:23 0 d--h----- C:\Documents and Settings\turdbird\NetHood
2008-05-28 15:36:23 0 dr------- C:\Documents and Settings\turdbird\My Documents
2008-05-28 15:36:23 0 d--h----- C:\Documents and Settings\turdbird\Local Settings
2008-05-28 15:36:23 0 dr------- C:\Documents and Settings\turdbird\Favorites
2008-05-28 15:36:23 0 d-------- C:\Documents and Settings\turdbird\Desktop
2008-05-28 15:36:23 0 d---s---- C:\Documents and Settings\turdbird\Cookies
2008-05-28 15:36:23 0 dr-h----- C:\Documents and Settings\turdbird\Application Data
2008-05-28 15:36:23 0 d---s---- C:\Documents and Settings\turdbird\Application Data\Microsoft
2008-05-28 15:05:55 24 --a------ C:\WINDOWS\system32\pzwmaime.sys
2008-05-28 15:05:55 24 --a------ C:\WINDOWS\system32\pzcbaime.sys
2008-05-28 15:05:55 24 --a------ C:\WINDOWS\system32\ngjxakin.sys
2008-05-28 15:05:55 24 --a------ C:\WINDOWS\system32\ijsgajba.sys
2008-05-28 11:47:35 0 d-------- C:\WINDOWS\system32\scripting
2008-05-28 11:47:34 0 d-------- C:\WINDOWS\l2schemas
2008-05-28 11:47:33 0 d-------- C:\WINDOWS\system32\en
2008-05-28 11:47:33 0 d-------- C:\WINDOWS\system32\bits
2008-05-28 11:43:38 0 d-------- C:\WINDOWS\ServicePackFiles
2008-05-28 11:39:44 0 d-------- C:\WINDOWS\network diagnostic
2008-05-28 11:33:14 1032192 --a------ C:\WINDOWS\explorer.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-28 11:32:26 163644 --a------ C:\WINDOWS\system32\drivers\secdrv.sys <Not Verified; Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.; Macrovision SECURITY Driver>
2008-05-28 10:59:50 225792 --ah----- C:\WINDOWS\system32\wyrsdj.dll
2008-05-28 10:59:10 218624 --ah----- C:\WINDOWS\system32\zrexgx.dll
2008-05-28 10:56:44 232960 --ah----- C:\WINDOWS\system32\wfrdvq.dll
2008-05-28 10:54:50 218624 --ah----- C:\WINDOWS\system32\jhrcar.dll
2008-05-28 10:53:08 0 d-------- C:\WINDOWS\system32\CatRoot_bak
2008-05-28 10:52:33 6592 --a-s---- C:\WINDOWS\system32\d32dx9.sys
2008-05-28 10:52:11 0 d-------- C:\Program Files\Trend Micro
2008-05-28 10:49:44 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-28 10:48:38 279552 --ah----- C:\WINDOWS\system32\mtewdh.dll
2008-05-28 10:25:10 0 d-------- C:\Program Files\Declan's German FlashCards
2008-05-28 10:23:50 0 d-------- C:\Program Files\Electronic Arts
2008-05-26 10:59:55 8912896 --a------ C:\Documents and Settings\mmcquinn\ntuser.dat
2008-05-26 10:59:55 229376 --a------ C:\Documents and Settings\LocalService\ntuser.dat
2008-05-23 08:55:23 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\LearnLift
2008-05-23 08:54:15 0 d-------- C:\Program Files\LearnLift
2008-05-22 11:09:36 0 d-------- C:\Program Files\MSXML 4.0
2008-05-22 11:08:39 0 d-------- C:\Documents and Settings\All Users\Application Data\CAPS
2008-05-22 10:55:35 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\InstallShield
2008-04-30 14:33:02 0 d-------- C:\Documents and Settings\pjafarian\Application Data\Autodesk
2008-04-30 14:31:38 0 d-------- C:\Documents and Settings\pjafarian\Application Data\Adobe
2008-04-30 14:31:15 0 d-------- C:\Documents and Settings\pjafarian\Application Data\Logitech
2008-04-30 14:31:11 0 d-------- C:\Documents and Settings\pjafarian\Application Data\Realtime Soft
2008-04-30 14:31:06 0 d-------- C:\Documents and Settings\pjafarian\Application Data\Real
2008-04-30 14:30:22 0 d-------- C:\Documents and Settings\pjafarian\Application Data\Identities
2008-04-30 14:30:11 0 d--h----- C:\Documents and Settings\pjafarian\Templates
2008-04-30 14:30:11 0 dr------- C:\Documents and Settings\pjafarian\Start Menu
2008-04-30 14:30:11 0 dr-h----- C:\Documents and Settings\pjafarian\SendTo
2008-04-30 14:30:11 0 dr-h----- C:\Documents and Settings\pjafarian\Recent
2008-04-30 14:30:11 0 d--h----- C:\Documents and Settings\pjafarian\PrintHood
2008-04-30 14:30:11 0 d--h----- C:\Documents and Settings\pjafarian\NetHood
2008-04-30 14:30:11 0 dr------- C:\Documents and Settings\pjafarian\My Documents
2008-04-30 14:30:11 0 d--h----- C:\Documents and Settings\pjafarian\Local Settings
2008-04-30 14:30:11 0 dr------- C:\Documents and Settings\pjafarian\Favorites
2008-04-30 14:30:11 0 d-------- C:\Documents and Settings\pjafarian\Desktop
2008-04-30 14:30:11 0 d---s---- C:\Documents and Settings\pjafarian\Cookies
2008-04-30 14:30:11 0 dr-h----- C:\Documents and Settings\pjafarian\Application Data
2008-04-30 14:30:11 0 d---s---- C:\Documents and Settings\pjafarian\Application Data\Microsoft
2008-04-30 14:30:10 786432 --ah----- C:\Documents and Settings\pjafarian\ntuser.dat
2008-04-18 08:32:15 0 d-------- C:\Documents and Settings\rvelazquez\Application Data\Mozilla
2008-04-18 08:25:07 0 d-------- C:\AutoCAD 2005 PC3 Files
2008-04-18 08:24:02 0 d-------- C:\Documents and Settings\rvelazquez\Application Data\Autodesk
2008-04-08 12:02:49 0 d-------- C:\Program Files\Wide Angle Software
2008-04-08 11:49:34 0 d-------- C:\Program Files\Tansee iPhone Transfer
2008-04-08 08:47:59 0 d-------- C:\temp
2008-04-08 08:44:13 0 d-------- C:\Program Files\Common Files\PQDVD
2008-04-08 08:44:12 0 d-------- C:\Program Files\PQDVD
2008-04-08 08:42:51 0 d-------- C:\ConverterOutput
2008-04-08 08:41:03 200704 --a------ C:\WINDOWS\system32\TomsMoComp_ff.dll
2008-04-08 08:41:03 404480 --a------ C:\WINDOWS\system32\libmplayer.dll
2008-04-08 08:41:03 114688 --a------ C:\WINDOWS\system32\libmpeg2_ff.dll
2008-04-08 08:41:03 34820 --a------ C:\WINDOWS\system32\ffdshow.reg
2008-04-08 08:41:02 3049984 --a------ C:\WINDOWS\system32\libavcodec.dll
2008-04-08 08:41:00 0 d-------- C:\Program Files\Cucusoft
2008-04-08 08:39:35 0 d-------- C:\Program Files\Common Files\Download Manager
2008-03-31 17:25:48 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2008-03-31 17:25:48 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2008-03-31 17:25:46 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-03-31 17:25:46 831488 --a------ C:\WINDOWS\system32\divx_xx0a.dll
2008-03-31 17:25:46 682496 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2008-03-24 13:55:01 0 d-------- C:\Program Files\Safari
2008-03-21 16:30:08 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-03-21 16:28:54 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-03-21 16:28:54 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-03-21 16:28:20 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2008-02-28 10:35:21 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\Amazon
2008-02-28 10:09:04 0 d-------- C:\Program Files\Amazon
2008-02-11 17:25:58 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\Trane
2008-02-11 09:31:54 0 d-------- C:\Program Files\Business Objects
2008-01-09 10:53:52 0 d-------- C:\Program Files\Common Files\xing shared
2008-01-07 10:19:06 0 d-------- C:\Documents and Settings\All Users\Application Data\AVS4YOU
2008-01-07 10:19:03 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\AVSMedia
2007-12-03 16:24:53 0 d-------- C:\Program Files\iPod
2007-12-03 16:24:49 0 d-------- C:\Program Files\iTunes
2007-12-03 16:23:32 0 d-------- C:\Program Files\QuickTime
2007-12-03 16:22:16 0 d------c- C:\WINDOWS\system32\DRVSTORE
2007-12-03 16:22:01 0 d-------- C:\Program Files\Common Files\Apple
2007-12-03 16:12:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2007-11-09 11:44:22 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\Sibelius Software
2007-11-09 11:44:02 0 d-------- C:\Program Files\Sibelius Software
2007-10-01 09:14:40 139264 --a------ C:\WINDOWS\system32\xvidvfw.dll
2007-10-01 09:14:40 524288 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-10-01 09:14:40 413760 --a------ C:\WINDOWS\system32\mpg4c32.dll <Not Verified; Microsoft Corporation; Microsoft MPEG-4 Video Codec>
2007-10-01 09:14:40 261632 --a------ C:\WINDOWS\system32\mcdvd_32.dll <Not Verified; MainConcept; MainConcept DV Codec "2.0.4>
2007-10-01 09:14:40 0 d-------- C:\Program Files\Common Files\AVSMedia
2007-10-01 09:14:39 0 d-------- C:\Program Files\AVSMedia
2007-09-21 08:18:55 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\Mozilla
2007-09-18 14:29:07 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\DivX
2007-09-18 14:23:28 0 d-------- C:\Program Files\DivX
2007-09-10 15:16:09 0 d-------- C:\Program Files\UBISOFT
2007-09-06 13:51:00 0 d-------- C:\Program Files\EA SPORTS
2007-08-27 16:50:13 0 d-------- C:\Program Files\Microsoft Silverlight
2007-08-21 17:03:49 0 d-------- C:\Documents and Settings\rvelazquez\Application Data\Adobe
2007-08-21 17:03:36 0 d-------- C:\Documents and Settings\rvelazquez\Application Data\Logitech
2007-08-21 17:03:32 0 d-------- C:\Documents and Settings\rvelazquez\Application Data\Realtime Soft
2007-08-21 17:03:25 0 d-------- C:\Documents and Settings\rvelazquez\Application Data\Real
2007-08-21 17:02:54 0 d-------- C:\Documents and Settings\rvelazquez\Application Data\Identities
2007-08-21 17:02:43 0 d--h----- C:\Documents and Settings\rvelazquez\Templates
2007-08-21 17:02:43 0 dr------- C:\Documents and Settings\rvelazquez\Start Menu
2007-08-21 17:02:43 0 dr-h----- C:\Documents and Settings\rvelazquez\SendTo
2007-08-21 17:02:43 0 dr-h----- C:\Documents and Settings\rvelazquez\Recent
2007-08-21 17:02:43 0 d--h----- C:\Documents and Settings\rvelazquez\PrintHood
2007-08-21 17:02:43 1048576 --ah----- C:\Documents and Settings\rvelazquez\ntuser.dat
2007-08-21 17:02:43 0 d--h----- C:\Documents and Settings\rvelazquez\NetHood
2007-08-21 17:02:43 0 dr------- C:\Documents and Settings\rvelazquez\My Documents
2007-08-21 17:02:43 0 d--h----- C:\Documents and Settings\rvelazquez\Local Settings
2007-08-21 17:02:43 0 dr------- C:\Documents and Settings\rvelazquez\Favorites
2007-08-21 17:02:43 0 d-------- C:\Documents and Settings\rvelazquez\Desktop
2007-08-21 17:02:43 0 d---s---- C:\Documents and Settings\rvelazquez\Cookies
2007-08-21 17:02:43 0 dr-h----- C:\Documents and Settings\rvelazquez\Application Data
2007-08-21 17:02:43 0 d---s---- C:\Documents and Settings\rvelazquez\Application Data\Microsoft
2007-08-20 16:48:39 344064 --a------ C:\WINDOWS\system32\dzsactx.dll <Not Verified; Inner Media, Inc.; DynaZip Secure Zip ActiveX Component>
2007-08-20 16:48:39 290816 --a------ C:\WINDOWS\system32\dznscore.dll <Not Verified; Inner Media, Inc.; DynaZip Secure .NET Core Functions>
2007-08-20 16:48:39 65536 --a------ C:\WINDOWS\system32\dznets.dll <Not Verified; Inner Media, Inc.; DynaZip Secure for .NET>
2007-08-20 16:48:39 188416 --a------ C:\WINDOWS\system32\dzips32.dll <Not Verified; Inner Media, Inc.; DynaZip Secure Multi-Threading Zip DLL>
2007-08-20 16:48:39 327680 --a------ C:\WINDOWS\system32\duzsactx.dll <Not Verified; Inner Media, Inc.; DynaZip Secure UnZip ActiveX Control>
2007-08-20 16:48:39 167936 --a------ C:\WINDOWS\system32\dunzips32.dll <Not Verified; Inner Media, Inc.; DynaZip Secure Multi-Threading UnZip DLL>
2007-08-20 16:47:51 290816 --a------ C:\WINDOWS\system32\winhttp5.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-26 09:27:47 0 dr------- C:\Documents and Settings\LocalService\Favorites
2007-07-26 09:27:43 0 d-------- C:\Program Files\Common Files\Viewpoint
2007-06-27 08:35:52 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\Viewpoint
2007-06-14 16:39:04 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-06-08 09:48:35 0 d-------- C:\Documents and Settings\kprzeclawski\Application Data\Autodesk
2007-06-08 09:48:02 0 d-------- C:\Documents and Settings\kprzeclawski\Application Data\Macromedia
2007-06-08 09:46:52 0 d-------- C:\Documents and Settings\kprzeclawski\Application Data\Adobe
2007-06-08 09:46:43 0 d-------- C:\Documents and Settings\kprzeclawski\Application Data\Logitech
2007-06-08 09:46:38 0 d-------- C:\Documents and Settings\kprzeclawski\Application Data\Realtime Soft
2007-06-08 09:46:31 0 d-------- C:\Documents and Settings\kprzeclawski\Application Data\Real
2007-06-08 09:46:04 0 d-------- C:\Documents and Settings\kprzeclawski\Application Data\Identities
2007-06-08 09:45:48 0 d--h----- C:\Documents and Settings\kprzeclawski\Templates
2007-06-08 09:45:48 0 dr------- C:\Documents and Settings\kprzeclawski\Start Menu
2007-06-08 09:45:48 0 dr-h----- C:\Documents and Settings\kprzeclawski\SendTo
2007-06-08 09:45:48 0 dr-h----- C:\Documents and Settings\kprzeclawski\Recent
2007-06-08 09:45:48 0 d--h----- C:\Documents and Settings\kprzeclawski\PrintHood
2007-06-08 09:45:48 1048576 --ah----- C:\Documents and Settings\kprzeclawski\ntuser.dat
2007-06-08 09:45:48 0 d--h----- C:\Documents and Settings\kprzeclawski\NetHood
2007-06-08 09:45:48 0 dr------- C:\Documents and Settings\kprzeclawski\My Documents
2007-06-08 09:45:48 0 d--h----- C:\Documents and Settings\kprzeclawski\Local Settings
2007-06-08 09:45:48 0 dr------- C:\Documents and Settings\kprzeclawski\Favorites
2007-06-08 09:45:48 0 d-------- C:\Documents and Settings\kprzeclawski\Desktop
2007-06-08 09:45:48 0 d---s---- C:\Documents and Settings\kprzeclawski\Cookies
2007-06-08 09:45:48 0 dr-h----- C:\Documents and Settings\kprzeclawski\Application Data
2007-06-08 09:45:48 0 d---s---- C:\Documents and Settings\kprzeclawski\Application Data\Microsoft
2007-06-06 11:34:48 2153 --a------ C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
2007-06-05 13:48:05 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\Apple Computer
2007-06-05 13:46:29 0 d-------- C:\Program Files\Apple Software Update
2007-06-05 13:46:09 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-06-01 13:52:36 0 d-------- C:\Program Files\Audible
2007-05-23 13:24:57 0 d-------- C:\Program Files\Halo CE
2007-05-08 15:03:04 1275392 --a------ C:\WINDOWS\system32\msxml4.dll <Not Verified; Microsoft Corporation; Microsoft® MSXML 4.0 SP 2>
2007-04-25 11:31:47 0 d-------- C:\Program Files\MOHPA
2007-04-20 08:12:06 0 d-------- C:\Program Files\Elaborate Bytes
2007-04-18 14:50:01 0 d-------- C:\WINDOWS\Sun
2007-04-18 14:49:43 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\Sun
2007-04-18 14:49:27 0 d-------- C:\Program Files\Java
2007-04-18 14:49:27 0 d-------- C:\Program Files\Common Files\Java
2007-04-18 10:33:59 0 d-------- C:\Program Files\EA GAMES
2007-04-10 16:22:24 299008 --a------ C:\WINDOWS\system32\msdbrptr.dll <Not Verified; Microsoft Corporation; MSDataReport>
2007-04-10 16:18:23 0 d-------- C:\Program Files\Esp
2007-04-10 15:52:39 24990 --a------ C:\WINDOWS\system32\Vfp6run.exe <Not Verified; Microsoft Corporation; Microsoft® Visual FoxPro®>
2007-04-10 15:52:39 876032 --a------ C:\WINDOWS\system32\Vfp6renu.dll <Not Verified; Microsoft Corporation; Microsoft® Visual FoxPro®>
2007-04-10 15:52:39 3372816 --a------ C:\WINDOWS\system32\Vfp6r.dll <Not Verified; Microsoft Corporation; Microsoft® Visual FoxPro®>
2007-04-10 15:52:38 0 d-------- C:\Taco2002
2007-04-10 15:50:55 0 d-------- C:\TACOWIN
2007-03-30 08:42:17 0 d-------- C:\Start Menu
2007-03-30 08:42:17 0 d-------- C:\Program Files\MTV Networks
2007-03-30 08:37:49 0 d-------- C:\Program Files\Windows Media Connect 2
2007-03-30 08:36:34 0 d-------- C:\42c108ca7b29a24b9b1f65
2007-03-30 08:36:29 0 d-------- C:\WINDOWS\system32\LogFiles
2007-03-30 08:36:29 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2007-03-19 16:22:24 6821083 --a------ C:\WINDOWS\PavAgent.exe
2007-03-19 16:22:24 45056 --a------ C:\WINDOWS\ExecAg.exe <Not Verified; Panda Sotfware; Panda AdminSecure>
2007-03-12 14:38:45 0 d-------- C:\Documents and Settings\rnash\Application Data\Autodesk
2007-03-12 14:29:55 0 d-------- C:\Documents and Settings\rnash\Application Data\Real
2007-02-21 10:23:24 0 d-------- C:\Program Files\illiminable
2007-02-16 09:06:10 0 d-------- C:\Documents and Settings\LocalService\Start Menu
2007-02-16 09:05:55 143360 --a------ C:\WINDOWS\system32\TpUtil.dll <Not Verified; Panda Software; TpUtil Dynamic Link Library>
2007-02-16 09:05:55 47360 --a------ C:\WINDOWS\system32\drivers\npaflt.sys <Not Verified; Panda Software; © Panda Software 2006>
2007-02-16 09:05:55 45056 --a------ C:\WINDOWS\system32\avldr.dll <Not Verified; Panda Software International; Panda Antimalware File Protection>
2007-02-16 09:05:51 0 d-------- C:\Program Files\Common Files\Cisco Systems
2007-02-14 00:29:44 544768 --a------ C:\WINDOWS\system32\stringres115_en.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-14 00:22:52 27136 --a------ C:\WINDOWS\system32\iculx30.dll <Not Verified; IBM Corporation and others; International Components for Unicode>
2007-02-14 00:21:16 114688 --a------ C:\WINDOWS\system32\icule30.dll <Not Verified; IBM Corporation and others; International Components for Unicode>
2007-02-14 00:18:28 585728 --a------ C:\WINDOWS\system32\fssl-1-2-1-2.dll <Not Verified; Business Objects; Threads Module>
2007-02-14 00:07:16 1732608 --a------ C:\WINDOWS\system32\ebus-3-3-2-5.dll <Not Verified; Business Objects; EBus Module>
2007-02-14 00:04:32 86016 --a------ C:\WINDOWS\system32\etc-1-0-12-4.dll <Not Verified; Business Objects; Threads Module>
2007-02-14 00:03:24 1757184 --a------ C:\WINDOWS\system32\cslibu-2-1.dll <Not Verified; Business Objects; Crystal Reports>
2007-02-13 23:55:26 815104 --a------ C:\WINDOWS\system32\libOCASecurityw-2-0.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:53:28 258048 --a------ C:\WINDOWS\system32\nsclient115w.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:53:12 253952 --a------ C:\WINDOWS\system32\nsclient115.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:52:50 1576960 --a------ C:\WINDOWS\system32\libOCAHelperw-3-1.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:48:28 1638400 --a------ C:\WINDOWS\system32\libOCAHelper-3-1.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:46:48 1331200 --a------ C:\WINDOWS\system32\cxlibw-3-1.dll <Not Verified; Business Objects; Crystal Enterprise>
2007-02-13 23:44:44 471040 --a------ C:\WINDOWS\system32\stringres115_pt.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:44:40 446464 --a------ C:\WINDOWS\system32\stringres115_sv.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:44:36 274432 --a------ C:\WINDOWS\system32\stringres115_ko.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:44:34 208896 --a------ C:\WINDOWS\system32\stringres115_cht.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:44:30 204800 --a------ C:\WINDOWS\system32\stringres115_chs.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:44:26 282624 --a------ C:\WINDOWS\system32\stringres115_jp.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:44:24 483328 --a------ C:\WINDOWS\system32\stringres115_nl.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:44:20 499712 --a------ C:\WINDOWS\system32\stringres115_es.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:44:16 479232 --a------ C:\WINDOWS\system32\stringres115_it.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:44:12 503808 --a------ C:\WINDOWS\system32\stringres115_de.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:44:10 499712 --a------ C:\WINDOWS\system32\stringres115_fr.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:44:02 1699840 --a------ C:\WINDOWS\system32\htmlres115_pt.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:43:54 1691648 --a------ C:\WINDOWS\system32\htmlres115_sv.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:43:48 1691648 --a------ C:\WINDOWS\system32\htmlres115_ko.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:43:42 1654784 --a------ C:\WINDOWS\system32\htmlres115_cht.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:43:34 1650688 --a------ C:\WINDOWS\system32\htmlres115_chs.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:43:28 1703936 --a------ C:\WINDOWS\system32\htmlres115_jp.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:43:22 1687552 --a------ C:\WINDOWS\system32\htmlres115_nl.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:43:16 1699840 --a------ C:\WINDOWS\system32\htmlres115_es.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:43:10 1691648 --a------ C:\WINDOWS\system32\htmlres115_it.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:43:10 1339392 --a------ C:\WINDOWS\system32\cxlib-3-1.dll <Not Verified; Business Objects; Crystal Enterprise>
2007-02-13 23:43:04 1695744 --a------ C:\WINDOWS\system32\htmlres115_de.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:42:58 1708032 --a------ C:\WINDOWS\system32\htmlres115_fr.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-02-13 23:42:50 1675264 --a------ C:\WINDOWS\system32\htmlres115_en.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-01-25 14:07:46 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\My The Lord of the Rings, The Rise of the Witch-king Files
2007-01-23 17:33:12 770048 --a------ C:\WINDOWS\system32\libOCASecurityw-1-6.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-01-23 17:33:12 1470464 --a------ C:\WINDOWS\system32\libOCAHelperw-2-13.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-01-23 17:33:12 602112 --a------ C:\WINDOWS\system32\icuuc30.dll <Not Verified; IBM Corporation and others; International Components for Unicode>
2007-01-23 17:33:11 692224 --a------ C:\WINDOWS\system32\icuin30.dll <Not Verified; IBM Corporation and others; International Components for Unicode>
2007-01-23 17:33:11 8568832 --a------ C:\WINDOWS\system32\icudt30.dll <Not Verified; IBM Corporation and others; International Components for Unicode>
2007-01-23 17:33:11 585728 --a------ C:\WINDOWS\system32\fssl-1-2-1-1.dll <Not Verified; Business Objects; Threads Module>
2007-01-23 17:33:11 86016 --a------ C:\WINDOWS\system32\etc-1-0-12-3.dll <Not Verified; Business Objects; Threads Module>
2007-01-23 17:33:11 1728512 --a------ C:\WINDOWS\system32\ebus-3-3-2-4.dll <Not Verified; Business Objects; EBus Module>
2007-01-23 17:33:11 1265664 --a------ C:\WINDOWS\system32\cxlibw-2-6.dll <Not Verified; Business Objects; Crystal Enterprise>
2007-01-23 17:33:11 1273856 --a------ C:\WINDOWS\system32\cxlib-2-6.dll <Not Verified; Business Objects; Crystal Enterprise>
2007-01-23 17:33:10 1658880 -----n--- C:\WINDOWS\system32\cslibu-2-0-0.dll <Not Verified; Business Objects; Crystal Reports>
2007-01-23 17:33:06 2265088 --a------ C:\WINDOWS\system32\EgcSvr2004A.dll <Not Verified; Florida Solar Energy Center; Egc2004 Server>
2007-01-23 17:32:47 9728 -----n--- C:\WINDOWS\system32\sscsdk80_res_en.dll <Not Verified; Business Objects; Charting Engine DLL>
2007-01-23 17:32:45 0 d-------- C:\Program Files\Common Files\Business Objects
2007-01-23 17:32:40 24576 -----n--- C:\WINDOWS\system32\u2lsamp1.dll <Not Verified; Seagate Software, Inc.; Seagate Crystal Reports>
2007-01-23 17:32:40 2019328 --a------ C:\WINDOWS\system32\log_xn_system.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-01-23 17:32:40 69632 --a------ C:\WINDOWS\system32\cplib.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-01-23 17:32:40 696320 --a------ C:\WINDOWS\system32\cpi18n.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-01-23 17:32:40 0 d-------- C:\Program Files\EnergyGauge
2007-01-23 17:32:39 12288 --a------ C:\WINDOWS\system32\cpcoll.dll <Not Verified; Business Objects; BusinessObjects Enterprise>
2007-01-17 11:04:40 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2007-01-12 08:37:05 0 d-------- C:\Program Files\Common Files\Real
2007-01-12 08:37:04 0 d-------- C:\Program Files\Real
2007-01-12 08:36:28 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\Real
2007-01-12 08:35:24 0 d-------- C:\My Downloads
2007-01-10 16:34:13 26752 --a------ C:\WINDOWS\system32\drivers\ShldDrv.sys <Not Verified; Panda Software; Panda®Shield>
2007-01-10 16:34:13 165120 --a------ C:\WINDOWS\system32\drivers\PavProc.sys <Not Verified; Panda Software; PandaShield>
2007-01-10 16:34:13 0 d-------- C:\Program Files\Common Files\Panda Software
2007-01-02 09:46:08 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\My Battle for Middle-earth™ II Files
2006-12-19 14:58:59 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL OCP
2006-12-19 14:58:00 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL
2006-12-19 14:57:58 0 d-------- C:\Program Files\Viewpoint
2006-12-19 14:57:58 0 d-------- C:\Documents and Settings\All Users\Application Data\Viewpoint
2006-12-19 14:45:18 335 --a------ C:\WINDOWS\nsreg.dat
2006-12-19 14:44:17 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL Downloads
2006-11-29 17:26:47 0 d-------- C:\Program Files\CAPS
2006-11-03 11:39:56 0 d-------- C:\Program Files\armlink
2006-11-02 14:54:20 2829 --a------ C:\WINDOWS\War3Unin.pif
2006-11-02 14:54:20 139264 --a------ C:\WINDOWS\War3Unin.exe <Not Verified; Blizzard Entertainment; Warcraft III Uninstaller>
2006-11-02 14:52:56 0 d-------- C:\Program Files\Warcraft III
2006-10-31 19:32:58 0 d-------- C:\Program Files\AutoCAD 2007
2006-10-31 19:32:01 0 d-------- C:\Program Files\Autodesk
2006-10-17 11:42:48 0 d-------- C:\WINDOWS\pss
2006-09-26 15:44:52 0 d-------- C:\Documents and Settings\rnash\Application Data\Adobe
2006-09-26 15:44:49 0 d-------- C:\Documents and Settings\rnash\Application Data\Realtime Soft
2006-09-26 15:44:48 0 d-------- C:\Documents and Settings\rnash\Application Data\Logitech
2006-09-26 15:44:39 0 d-------- C:\Documents and Settings\rnash\Application Data\Identities
2006-09-26 15:44:31 0 d--h----- C:\Documents and Settings\rnash\Templates
2006-09-26 15:44:31 0 dr------- C:\Documents and Settings\rnash\Start Menu
2006-09-26 15:44:31 0 dr-h----- C:\Documents and Settings\rnash\SendTo
2006-09-26 15:44:31 0 dr-h----- C:\Documents and Settings\rnash\Recent
2006-09-26 15:44:31 0 d--h----- C:\Documents and Settings\rnash\PrintHood
2006-09-26 15:44:31 1048576 --ah----- C:\Documents and Settings\rnash\ntuser.dat
2006-09-26 15:44:31 0 d--h----- C:\Documents and Settings\rnash\NetHood
2006-09-26 15:44:31 0 dr------- C:\Documents and Settings\rnash\My Documents
2006-09-26 15:44:31 0 d--h----- C:\Documents and Settings\rnash\Local Settings
2006-09-26 15:44:31 0 dr------- C:\Documents and Settings\rnash\Favorites
2006-09-26 15:44:31 0 d-------- C:\Documents and Settings\rnash\Desktop
2006-09-26 15:44:31 0 d---s---- C:\Documents and Settings\rnash\Cookies
2006-09-26 15:44:31 0 dr-h----- C:\Documents and Settings\rnash\Application Data
2006-09-26 15:44:31 0 d---s---- C:\Documents and Settings\rnash\Application Data\Microsoft
2006-08-18 11:02:24 0 d-------- C:\Program Files\Wolfenstein - Enemy Territory on File on Velazquez
2006-08-11 11:06:41 497760 -----n--- C:\WINDOWS\system32\mspst32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows™ Operating System>
2006-08-11 11:05:08 98304 -----n--- C:\WINDOWS\system32\sqaotm32.dll <Not Verified; Rational Software Corporation; Rational Test>
2006-08-11 11:05:08 147456 -----n--- C:\WINDOWS\system32\SmtpX.DLL <Not Verified; Mabry Software, Inc.; Internet SMTP/X COM Object>
2006-08-11 11:04:39 147456 -----n--- C:\WINDOWS\system32\MimeX.dll <Not Verified; Mabry Software, Inc.; Mabry MIME/X COM Object>
2006-08-11 11:04:25 139264 -----n--- C:\WINDOWS\system32\EncodeX.dll <Not Verified; Mabry Software, Inc.; EncX COM Module>
2006-08-11 11:04:04 0 d-------- C:\Dot Net Pipeline
2006-08-11 11:04:01 84 -----n--- C:\WINDOWS\system32\TOPSSreg.bat
2006-08-11 11:04:00 398416 -----n--- C:\WINDOWS\system32\Vbrun300.dll <Not Verified; Microsoft Corporation; Visual Basic 3.0>
2006-08-11 11:04:00 101888 -----n--- C:\WINDOWS\system32\VB6STKIT.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2006-08-11 11:04:00 722192 -----n--- C:\WINDOWS\system32\Vb40032.DLL <Not Verified; Microsoft Corporation; Visual Basic 4.0>
2006-08-11 11:04:00 935632 -----n--- C:\WINDOWS\system32\Vb40016.dll <Not Verified; Microsoft Corporation; Visual Basic 4.0>
2006-08-11 11:04:00 143360 -----n--- C:\WINDOWS\system32\trpref.dll <Not Verified; American Standard Companies, Inc.; LYNX Preferences Utility>
2006-08-11 11:04:00 57344 -----n--- C:\WINDOWS\system32\TgfWriterX2.dll <Not Verified; ; TgfWriter Dynamic Link Library>
2006-08-11 11:04:00 57344 -----n--- C:\WINDOWS\system32\TgfWriter.dll <Not Verified; ; TgfWriter Dynamic Link Library>
2006-08-11 11:04:00 1056768 -----n--- C:\WINDOWS\system32\ROBOEX32.DLL <Not Verified; Blue Sky Software Corporation.; RoboHELP Classic 2000>
2006-08-11 11:04:00 57344 -----n--- C:\WINDOWS\system32\rcbuild.dll <Not Verified; ; rcbuild Dynamic Link Library>
2006-08-11 11:04:00 50688 -----n--- C:\WINDOWS\system32\psych32.dll <Not Verified; The Trane Company
La Crosse, WI; PSYCH32>
2006-08-11 11:04:00 286720 -----n--- C:\WINDOWS\system32\PipelineX2.dll <Not Verified; ; Pipeline Dynamic Link Library>
2006-08-11 11:04:00 262144 -----n--- C:\WINDOWS\system32\PipelineX.dll <Not Verified; ; Pipeline Dynamic Link Library>
2006-08-11 11:03:59 536048 -----n--- C:\WINDOWS\system32\Oc25.dll <Not Verified; Microsoft Corporation; Microsoft® OLE Controls Development Kit>
2006-08-11 11:03:59 44544 --a------ C:\WINDOWS\system32\msxml4a.dll <Not Verified; Microsoft Corporation; Microsoft® MSXML 4.0 SP1>
2006-08-11 11:03:59 254464 -----n--- C:\WINDOWS\system32\Msvcrt2x.dll
2006-08-11 11:03:59 210944 -----n--- C:\WINDOWS\system32\Msvcrt10.dll
2006-08-11 11:03:59 98356 -----n--- C:\WINDOWS\system32\Msjter32.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2006-08-11 11:03:59 938256 -----n--- C:\WINDOWS\system32\msjt3032.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2006-08-11 11:03:59 33552 -----n--- C:\WINDOWS\system32\Msjint32.dll <Not Verified; Microsoft Corporation; Microsoft® Jet Database Engine>
2006-08-11 11:03:59 15936 -----n--- C:\WINDOWS\system32\Msjetint.dll <Not Verified; Microsoft Corporation; Microsoft® Jet Database Engine>
2006-08-11 11:03:59 11232 -----n--- C:\WINDOWS\system32\Msjeterr.dll <Not Verified; Microsoft Corporation; Microsoft® Jet Database Engine>
2006-08-11 11:03:59 995056 -----n--- C:\WINDOWS\system32\Msajt200.dll <Not Verified; Microsoft Corporation; Microsoft® Access>
2006-08-11 11:03:59 169567 -----n--- C:\WINDOWS\system32\LJWing.dll
2006-08-11 11:03:58 113936 -----n--- C:\WINDOWS\system32\Mstx3032.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2006-08-11 11:03:58 410624 --a------ C:\WINDOWS\system32\dforrt.dll
2006-08-11 11:03:58 543584 -----n--- C:\WINDOWS\system32\Dao2516.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2006-08-11 11:03:57 251904 -----n--- C:\WINDOWS\system32\orant71.dll
2006-08-11 11:03:57 339456 --a------ C:\WINDOWS\system32\ora73.dll <Not Verified; Oracle Corporation; >
2006-08-11 11:03:57 64080 -----n--- C:\WINDOWS\system32\odbctl16.dll <Not Verified; Microsoft Corporation; Microsoft Open Database Connectivity>
2006-08-11 11:03:57 246928 -----n--- C:\WINDOWS\system32\odbcjt16.dll <Not Verified; Microsoft Corporation; Microsoft ODBC Desktop Driver Pack 2.>
2006-08-11 11:03:57 92576 -----n--- C:\WINDOWS\system32\odbcinst.dll <Not Verified; Microsoft Corporation; Microsoft Open Database Connectivity>
2006-08-11 11:03:57 88896 -----n--- C:\WINDOWS\system32\odbccurs.dll <Not Verified; Microsoft Corporation; Microsoft Open Database Connectivity>
2006-08-11 11:03:57 6464 -----n--- C:\WINDOWS\system32\odbcadm.exe <Not Verified; Microsoft Corporation; Microsoft Open Database Connectivity>
2006-08-11 11:03:57 5792 -----n--- C:\WINDOWS\system32\odbc16ut.dll
2006-08-11 11:03:57 56240 -----n--- C:\WINDOWS\system32\odbc.dll <Not Verified; Microsoft Corporation; Microsoft Open Database Connectivity>
2006-08-11 11:03:57 34816 -----n--- C:\WINDOWS\system32\ociw32.dll <Not Verified; Oracle Corporation; Oracle Corporation Ociw32>
2006-08-11 11:03:57 280576 --a------ C:\WINDOWS\system32\nlsrtl32.dll <Not Verified; Oracle Corporation; >
2006-08-11 11:03:57 271360 -----n--- C:\WINDOWS\system32\ivutl12.dll <Not Verified; INTERSOLV, Inc.; Q+E Utilities>
2006-08-11 11:03:57 47104 -----n--- C:\WINDOWS\system32\ivtrn12.dll
2006-08-11 11:03:57 122368 -----n--- C:\WINDOWS\system32\ivor712.dll <Not Verified; INTERSOLV, Inc.; ODBC Pack>
2006-08-11 11:03:57 54272 -----n--- C:\WINDOWS\system32\Ivinfo.exe
2006-08-11 11:03:57 320512 -----n--- C:\WINDOWS\system32\ivflt12.dll <Not Verified; INTERSOLV, Inc.; ODBC Pack>
2006-08-11 11:03:57 288256 -----n--- C:\WINDOWS\system32\ivbas12.dll <Not Verified; INTERSOLV, Inc.; ODBC Pack>
2006-08-11 11:03:56 775168 -----n--- C:\WINDOWS\system32\corent23.dll
2006-08-11 11:03:56 135680 --a------ C:\WINDOWS\system32\core35o.dll <Not Verified; Oracle Corporation; >
2006-08-11 11:03:56 168960 --a------ C:\WINDOWS\system32\core35.dll <Not Verified; Oracle Corporation; >
2006-08-11 11:02:30 570128 -----n--- C:\WINDOWS\system32\dao350.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2006-08-11 11:02:30 73728 -----n--- C:\WINDOWS\system32\CRxmlx09r.dll <Not Verified; DataDirect Technologies; XML Closed Provider Resources>
2006-08-11 11:02:30 1007616 -----n--- C:\WINDOWS\system32\CRxmlx09.dll <Not Verified; DataDirect Technologies; Closed XML ADO Provider>
2006-08-11 11:02:30 69632 --a------ C:\WINDOWS\system32\CRxmlx07r.dll <Not Verified; DataDirect; XML Closed Provider Resources>
2006-08-11 11:02:30 942080 --a------ C:\WINDOWS\system32\CRxmlx07.dll <Not Verified; DataDirect; Closed XML ADO Provider>
2006-08-11 11:02:30 53248 -----n--- C:\WINDOWS\system32\crxml18s.dll <Not Verified; DataDirect Technologies; ODBC Pack>
2006-08-11 11:02:30 20480 -----n--- C:\WINDOWS\system32\crxml18r.dll <Not Verified; DataDirect Technologies; ODBC Pack>
2006-08-11 11:02:30 176128 -----n--- C:\WINDOWS\system32\crxml18.dll <Not Verified; DataDirect Technologies; ODBC Pack>
2006-08-11 11:02:30 40960 -----n--- C:\WINDOWS\system32\CRXML15S.DLL <Not Verified; MERANT, Inc.; ODBC Pack>
2006-08-11 11:02:30 20480 -----n--- C:\WINDOWS\system32\CRXML15R.DLL <Not Verified; MERANT, Inc.; ODBC Pack>
2006-08-11 11:02:30 2068480 -----n--- C:\WINDOWS\system32\CRiadx09.dll <Not Verified; DataDirect Technologies; Integrator ADO Base>
2006-08-11 11:02:30 1994752 --a------ C:\WINDOWS\system32\CRiadx07.dll <Not Verified; DataDirect; Integrator ADO Base>
2006-08-11 11:02:29 1641052 -----n--- C:\WINDOWS\system32\webReporting.dll <Not Verified; Crystal Decisions; WebReporting Module>
2006-08-11 11:02:29 167936 -----n--- C:\WINDOWS\system32\CRXML15.DLL <Not Verified; MERANT, Inc.; ODBC Pack>
2006-08-11 11:02:29 24576 -----n--- C:\WINDOWS\system32\crutl18r.dll <Not Verified; DataDirect Technologies; DataDirect Resource Utilities>
2006-08-11 11:02:29 335872 -----n--- C:\WINDOWS\system32\crutl18.dll <Not Verified; DataDirect Technologies; DataDirect Utilities>
2006-08-11 11:02:29 20480 -----n--- C:\WINDOWS\system32\CRUTL15R.DLL <Not Verified; MERANT, Inc.; MERANT Resource Utilities>
2006-08-11 11:02:29 290816 -----n--- C:\WINDOWS\system32\CRUTL15.DLL <Not Verified; MERANT, Inc.; MERANT Utilities>
2006-08-11 11:02:29 98304 -----n--- C:\WINDOWS\system32\CRiadx09r.dll <Not Verified; DataDirect Technologies; Closed Integrator Base Resources>
2006-08-11 11:02:29 94208 --a------ C:\WINDOWS\system32\CRiadx07r.dll <Not Verified; DataDirect; Closed Integrator Base Resources>
2006-08-11 11:02:29 36864 -----n--- C:\WINDOWS\system32\crbas18r.dll <Not Verified; DataDirect Technologies; ODBC Pack>
2006-08-11 11:02:29 364544 -----n--- C:\WINDOWS\system32\crbas18.dll <Not Verified; DataDirect Technologies; ODBC Pack>
2006-08-11 11:02:29 32768 -----n--- C:\WINDOWS\system32\CRBAS15R.DLL <Not Verified; MERANT, Inc.; ODBC Pack>
2006-08-11 11:02:29 307200 -----n--- C:\WINDOWS\system32\CRBAS15.DLL <Not Verified; MERANT, Inc.; ODBC Pack>
2006-08-11 11:02:27 1093220 -----n--- C:\WINDOWS\system32\ReportRenderer.dll <Not Verified; Crystal Decisions; ReportRenderer Module>
2006-08-11 11:02:27 2463859 -----n--- C:\WINDOWS\system32\pageObjectModel.dll <Not Verified; Crystal Decisions; PageObjectModel Module>
2006-08-11 11:02:25 495688 -----n--- C:\WINDOWS\system32\ExportModeller.dll <Not Verified; Crystal Decisions Inc.; ExportModeller Module>
2006-08-11 11:02:24 30793 -----n--- C:\WINDOWS\system32\crtslv.dll <Not Verified; ; TSLV Reader>
2006-08-11 11:02:24 1552457 -----n--- C:\WINDOWS\system32\crqe.dll <Not Verified; Crystal Decisions Inc.; Crystal Reports>
2006-08-11 11:02:23 447760 -----n--- C:\WINDOWS\system32\dao3032.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2006-07-20 11:30:01 0 d-------- C:\Program Files\directx
2006-07-20 11:26:40 0 d-------- C:\UnrealTournament
2006-07-11 13:27:08 0 d-------- C:\Program Files\Check
2006-07-06 15:19:45 0 d-------- C:\Program Files\BOCAEL
2006-06-23 08:19:04 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\Lavasoft
2006-06-23 08:18:57 0 d-------- C:\Program Files\Lavasoft
2006-06-15 11:41:20 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\Help
2006-06-15 10:42:49 151552 -----n--- C:\WINDOWS\system32\vsppg7.dll <Not Verified; ; VSPPG7 VideoSoft Property Pages>
2006-06-15 10:42:49 102400 -----n--- C:\WINDOWS\system32\VsPPG.dll <Not Verified; ; VSPPG Module>
2006-06-15 10:42:49 122880 -----n--- C:\WINDOWS\system32\qpro32.dll <Not Verified; Crescent Division of Progress Software Corporation; QuickPak Professional>
2006-06-15 10:42:49 86016 --a------ C:\WINDOWS\system32\dzstactx.dll <Not Verified; Inner Media, Inc.; DynaZip Status ActiveX Control>
2006-06-15 10:42:49 249856 -----n--- C:\WINDOWS\system32\dzactx.dll <Not Verified; Inner Media, Inc.; DynaZIP-32 ZIP ActiveX Control>
2006-06-15 10:42:49 229376 -----n--- C:\WINDOWS\system32\duzactx.dll <Not Verified; Inner Media, Inc.; DynaZIP-32 UnZIP ActiveX Control>
2006-06-15 10:42:48 143360 -----n--- C:\WINDOWS\system32\DartSock.dll <Not Verified; Dart Communications; PowerTCP Winsock Tool>
2006-06-15 10:42:48 131072 -----n--- C:\WINDOWS\system32\DartFtp.dll <Not Verified; Dart Communications; PowerTCP FTP Tool>
2006-06-15 10:42:37 434176 -----n--- C:\WINDOWS\system32\c4dll.dll <Not Verified; Sequiter Software Inc.; CodeBase>
2006-06-15 10:42:15 0 d-------- C:\Program Files\CAFWin
2006-06-05 13:50:58 0 d-------- C:\Program Files\Call of Duty
2006-05-10 07:51:20 0 d-------- C:\Program Files\McQuay
2006-05-05 11:32:58 0 d-------- C:\Program Files\Greenheck
2006-05-01 15:24:47 81920 --a------ C:\WINDOWS\system32\ElbyCDIO.dll <Not Verified; Elaborate Bytes AG; Elaborate Bytes CDRTools>
2006-04-25 10:06:02 0 d-------- C:\Program Files\Common Files\Borland Shared
2006-04-25 10:06:00 0 d-------- C:\Program Files\EnCStd4
2006-04-25 10:05:46 0 d-------- C:\WINDOWS\Downloaded Installations
2006-04-25 10:04:09 28672 --a------ C:\WINDOWS\system32\doecom.dll <Not Verified; ; DOECOM Module>
2006-04-25 10:04:08 65536 --a------ C:\WINDOWS\system32\SynTPFcs.dll <Not Verified; Synaptics, Inc.; Progressive Touch>
2006-04-25 10:04:08 17920 -----n--- C:\WINDOWS\system32\IMPLODE.DLL
2006-04-25 10:04:08 544768 -----n--- C:\WINDOWS\system32\EXLATE32.dll <Not Verified; Seagate Software, Inc.; Crystal Reports For Windows>
2006-04-25 10:04:08 442368 -----n--- C:\WINDOWS\system32\cpeaut32.dll <Not Verified; Seagate Software, Inc; Cyrstal Reports 8 Print Engine Object Library>
2006-04-25 10:04:07 401408 --a------ C:\WINDOWS\system32\PVShared.dll <Not Verified; Infragistics Inc.; PVShared Module>
2006-04-25 10:04:07 716849 --a------ C:\WINDOWS\system32\Olapdbmg.dll <Not Verified; ; OLAPDATABASEMANAGER Dynamic Link Library>
2006-04-25 10:04:06 217088 --a------ C:\WINDOWS\system32\OtxWb.dll <Not Verified; Stingray Software, a division of Rogue Wave Software, Inc.; Objective Toolkit/X Version 2.0>
2006-04-25 10:04:06 704512 --a------ C:\WINDOWS\system32\OtxShortcutBar.dll <Not Verified; Stingray Software, a division of Rogue Wave Software, Inc.; Objective Toolkit/X Version 2.0>
2006-04-25 10:04:06 9216 --a------ C:\WINDOWS\system32\otxrtvb5.dll <Not Verified; Stingray Software Inc.; Objective Toolkit/X>
2006-04-25 10:04:06 188416 --a------ C:\WINDOWS\system32\otxrt.dll <Not Verified; Stingray Software, a division of Rogue Wave Software, Inc.; Objective Toolkit/X version 2.0>
2006-04-25 10:04:06 630784 --a------ C:\WINDOWS\system32\OtxMenu.dll <Not Verified; Stingray Software, a division of Rogue Wave Software, Inc.; Objective Toolkit/X Version 2.0>
2006-04-25 10:03:59 1372160 -----n--- C:\WINDOWS\system32\sscsdk80.dll <Not Verified; Business Objects; Charting Engine DLL>
2006-04-25 10:03:59 2301952 --a------ C:\WINDOWS\system32\sscrc.dll <Not Verified; Three D Graphics, Inc.; Amigo Application>
2006-04-25 10:03:59 548864 --a------ C:\WINDOWS\system32\sscdlg.dll <Not Verified; Three D Graphics, Inc.; Amigo Dialogs DLL>
2006-04-25 10:03:59 6144 --a------ C:\WINDOWS\system32\idle.dll <Not Verified; Yahoo! Inc.; Yahoo! Inc. idle>
2006-04-25 10:03:59 462848 --a------ C:\WINDOWS\system32\hpzpm309.dll <Not Verified; HP; Printer Property UI dll>
2006-04-25 10:03:59 404992 --a------ C:\WINDOWS\system32\amzi4.dll
2006-04-25 10:03:58 24576 --a------ C:\WINDOWS\system32\CRXLAT32.DLL <Not Verified; Seagate Software, Inc.; Seagate Crystal Reports>
2006-04-25 10:03:58 66560 --a------ C:\WINDOWS\system32\crwrap32.dll <Not Verified; Seagate Software, Inc.; Seagate Crystal Reports>
2006-04-25 10:03:58 4587577 --a------ C:\WINDOWS\system32\crpe32.dll <Not Verified; Seagate Software, Inc.; Crystal Reports>
2006-04-25 10:03:57 286720 --a------ C:\WINDOWS\system32\p2sodbc.dll <Not Verified; Seagate Software Information Management Group, Inc.; Crystal Reports>
2006-04-25 10:03:57 188416 --a------ C:\WINDOWS\system32\P2smon.dll <Not Verified; Seagate Software, Inc; Crystal Reports>
2006-04-25 10:03:57 618496 --a------ C:\WINDOWS\system32\Crpaig80.dll <Not Verified; Seagate Software; Seagate Crystal Reports for Windows>
2006-04-25 10:03:57 0 d-------- C:\WINDOWS\Crystal
2006-04-25 10:03:57 0 d-------- C:\Program Files\Seagate Software
2006-04-25 10:03:56 0 d-------- C:\Program Files\Florida Solar Energy Center
2006-04-22 15:59:21 24320 --a------ C:\WINDOWS\system32\drivers\VClone.sys <Not Verified; Elaborate Bytes AG; Virtual CloneDrive>
2006-04-22 15:49:40 73728 --a------ C:\WINDOWS\system32\ElbyVCD.dll <Not Verified; Elaborate Bytes AG; Elaborate Bytes VirtualCloneDrive>
2006-04-21 21:44:39 8064 --a------ C:\WINDOWS\system32\drivers\ElbyCDIO.sys <Not Verified; Elaborate Bytes AG; CDRTools>
2006-04-12 15:09:45 0 d-------- C:\Program Files\MsnMusic
2006-04-12 15:09:01 0 d-------- C:\WINDOWS\RegisteredPackages
2006-04-11 10:45:45 0 d-------- C:\Program Files\Return to Castle Wolfenstein
2006-04-11 10:43:26 0 d-------- C:\Program Files\Castle Wolfenstein
2006-04-06 12:12:10 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\Macromedia
2006-04-03 13:11:20 197 --a------ C:\WINDOWS\system32\FixTRACE.bat
2006-04-03 13:10:58 0 d-------- C:\Program Files\Common Files\Crystal Decisions
2006-04-03 13:10:51 368912 --a------ C:\WINDOWS\system32\VBAR332.DLL <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Applications>
2006-04-03 13:10:51 44304 --a------ C:\WINDOWS\system32\msrpfs35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2006-04-03 13:10:51 415504 --a------ C:\WINDOWS\system32\msrepl35.dll <Not Verified; Microsoft Corporation; Microsoft® Access>
2006-04-03 13:10:51 24848 --a------ C:\WINDOWS\system32\msjter35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2006-04-03 13:10:51 139264 --a------ C:\WINDOWS\system32\msjint35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2006-04-03 13:10:51 344064 --a------ C:\WINDOWS\system32\msexch35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2006-04-03 13:10:51 39424 --a------ C:\WINDOWS\system32\JETCOMP.exe <Not Verified; Microsoft Corporation; Microsoft® Database Compact Utility>
2006-04-03 13:10:50 72704 -----n--- C:\WINDOWS\system32\Odbctl32.dll <Not Verified; Microsoft Corporation; Microsoft Open Database Connectivity>
2006-04-03 13:10:50 294912 --a------ C:\WINDOWS\system32\msxbse35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2006-04-03 13:10:50 166672 --a------ C:\WINDOWS\system32\mstext35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2006-04-03 13:10:50 262144 --a------ C:\WINDOWS\system32\msrd2x35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2006-04-03 13:10:50 250128 --a------ C:\WINDOWS\system32\mspdox35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2006-04-03 13:10:50 168720 --a------ C:\WINDOWS\system32\msltus35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2006-04-03 13:10:50 1238288 --a------ C:\WINDOWS\system32\msjt4jlt.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2006-04-03 13:10:50 1050896 --a------ C:\WINDOWS\system32\msjet35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2006-04-03 13:10:50 252688 --a------ C:\WINDOWS\system32\msexcl35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2006-04-03 13:10:49 1427456 --a------ C:\WINDOWS\system32\Pegrp32a.dll <Not Verified; Gigasoft, Inc.; ProEssentials -32>
2006-04-03 13:10:49 0 d-------- C:\WINDOWS\system32\HelpFiles
2006-04-03 13:10:47 0 d-------- C:\CDS
2006-04-03 12:08:04 0 d-------- C:\Program Files\Activision
2006-04-03 12:06:25 0 d--hs---- C:\WINDOWS\ftpcache
2006-04-03 12:05:04 5248 --a------ C:\WINDOWS\system32\drivers\a347scsi.sys
2006-04-03 12:05:03 160640 --a------ C:\WINDOWS\system32\drivers\a347bus.sys
2006-04-03 12:05:02 0 d-------- C:\Program Files\Alcohol Soft
2006-04-03 09:27:24 737280 --a------ C:\WINDOWS\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
2006-04-03 09:26:40 0 d-------- C:\Program Files\ASHRAE
2006-04-03 09:11:23 0 d-------- C:\Documents and Settings\All Users\Application Data\QuickTime
2006-04-03 09:07:50 0 d-------- C:\Program Files\Price Video CD 2.0
2006-04-03 08:49:31 0 d-------- C:\WINDOWS\Cache
2006-04-03 08:46:59 0 d-------- C:\Program Files\Price Digital Office
2006-04-03 08:08:45 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\Logitech
2006-04-03 08:07:04 0 d-------- C:\Program Files\Common Files\Logitech
2006-04-03 08:07:01 0 d-------- C:\Program Files\Logitech
2006-04-03 07:02:06 0 d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2006-03-31 12:49:20 0 d-------- C:\Documents and Settings\jhadmin\Application Data\Adobe
2006-03-31 12:49:17 0 d-------- C:\Documents and Settings\jhadmin\Application Data\Realtime Soft
2006-03-31 12:49:11 0 d-------- C:\Documents and Settings\jhadmin\Application Data\Identities
2006-03-31 12:49:05 0 d--h----- C:\Documents and Settings\jhadmin\Templates
2006-03-31 12:49:05 0 dr------- C:\Documents and Settings\jhadmin\Start Menu
2006-03-31 12:49:05 0 dr-h----- C:\Documents and Settings\jhadmin\SendTo
2006-03-31 12:49:05 0 dr-h----- C:\Documents and Settings\jhadmin\Recent
2006-03-31 12:49:05 0 d--h----- C:\Documents and Settings\jhadmin\PrintHood
2006-03-31 12:49:05 0 d--h----- C:\Documents and Settings\jhadmin\NetHood
2006-03-31 12:49:05 0 dr------- C:\Documents and Settings\jhadmin\My Documents
2006-03-31 12:49:05 0 d--h----- C:\Documents and Settings\jhadmin\Local Settings
2006-03-31 12:49:05 0 dr------- C:\Documents and Settings\jhadmin\Favorites
2006-03-31 12:49:05 0 d-------- C:\Documents and Settings\jhadmin\Desktop
2006-03-31 12:49:05 0 d---s---- C:\Documents and Settings\jhadmin\Cookies
2006-03-31 12:49:05 0 dr-h----- C:\Documents and Settings\jhadmin\Application Data
2006-03-31 12:49:05 0 d---s---- C:\Documents and Settings\jhadmin\Application Data\Microsoft
2006-03-31 12:49:04 786432 --ah----- C:\Documents and Settings\jhadmin\ntuser.dat
2006-03-28 17:48:57 0 d-------- C:\Program Files\AnswerWorks 4.0
2006-03-28 17:46:27 0 d-------- C:\Program Files\Common Files\Autodesk Shared
2006-03-28 17:46:27 0 d-------- C:\Program Files\AutoCAD 2005
2006-03-28 17:46:27 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\Autodesk
2006-03-28 17:46:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Autodesk
2006-03-28 17:43:47 101888 --a------ C:\WINDOWS\system32\SYSTOOLS.dll <Not Verified; Panda Software; SYSTOOLS>
2006-03-28 17:43:47 131072 --a------ C:\WINDOWS\system32\PavWait.dll <Not Verified; Panda Software; PavWait Dynamic Link Library>
2006-03-28 17:43:47 245760 --a------ C:\WINDOWS\system32\PavSHook.dll <Not Verified; Panda Software; PavSHook Dynamic Link Library>
2006-03-28 17:43:47 57344 --a------ C:\WINDOWS\system32\pavipc.dll <Not Verified; Panda Software; PavIpc Dynamic Link Library>
2006-03-28 17:43:47 39199 --a------ C:\WINDOWS\system32\drivers\prevnd.sys <Not Verified; Panda Software; Copyright © Panda Software 2004>
2006-03-28 17:43:47 12928 --a------ C:\WINDOWS\system32\drivers\pcontnt.sys <Not Verified; Panda Software; Panda Content Filter>
2006-03-28 17:43:38 0 d-------- C:\WINDOWS\system32\URTTemp
2006-03-28 17:43:30 0 d-------- C:\WINDOWS\pavtemp
2006-03-28 17:38:58 7904 --a------ C:\WINDOWS\system32\smbios.dat
2006-03-28 17:38:09 507904 --a------ C:\WINDOWS\system32\libxml2.dll
2006-03-28 17:38:09 0 d-------- C:\Program Files\Panda Software
2006-03-28 17:36:10 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\Realtime Soft
2006-03-28 17:36:10 0 d-------- C:\Documents and Settings\All Users\Application Data\Realtime Soft
2006-03-28 17:36:05 0 d-------- C:\Program Files\UltraMon
2006-03-28 17:15:19 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\Corel
2006-03-28 17:03:34 111616 --------- C:\WINDOWS\system32\Ltih30tb.dll <Not Verified; Lernout & Hauspie; NLI for RTF and HTML>
2006-03-28 17:03:34 204800 --a------ C:\WINDOWS\system32\awrtl30.dll <Not Verified; WexTech Systems, Inc.; AnswerWorks>
2006-03-28 17:03:34 0 d-------- C:\Program Files\WexTech
2006-03-28 17:03:34 0 d-------- C:\Program Files\Common Files\WexTech Shared
2006-03-28 17:03:34 0 d-------- C:\Program Files\Common Files\LHSPF
2006-03-28 17:03:31 0 d-------- C:\Documents and Settings\mmcquinn\WINDOWS
2006-03-28 17:03:03 112688 --------- C:\WINDOWS\system32\shw32.dll
2006-03-28 17:02:34 54272 --------- C:\WINDOWS\system32\sfxfe32.exe <Not Verified; Inner Media, Inc.; 32-bit Active Delivery Self Extracting Front End>
2006-03-28 17:02:34 60928 --------- C:\WINDOWS\system32\sfxbe322.dll <Not Verified; Inner Media, Inc.; 32-bit Active Delivery Self Extracting Back End>
2006-03-28 17:02:34 60416 --------- C:\WINDOWS\system32\sfxbe321.dll <Not Verified; Inner Media, Inc.; 32-bit Active Delivery Self Extracting Back End>
2006-03-28 17:02:34 123392 --------- C:\WINDOWS\system32\dzip32.dll <Not Verified; Inner Media, Inc.; DynaZIP-32>
2006-03-28 17:02:34 96768 --------- C:\WINDOWS\system32\dunzip32.dll <Not Verified; Inner Media, Inc.; DynaZIP-32>
2006-03-28 17:02:34 14848 --------- C:\WINDOWS\system32\adreg32.exe <Not Verified; Inner Media, Inc.; 32-bit OCX/DLL registration utility>
2006-03-28 17:02:34 204800 --------- C:\WINDOWS\system32\adfactry.dll <Not Verified; Iner Media, Inc.; Active Delivery Factory DLL>
2006-03-28 17:02:19 100864 --------- C:\WINDOWS\system32\awpe.dll <Not Verified; Corel Corporation Limited; AnswerWorks PerfectExpert>
2006-03-28 17:02:16 126976 --------- C:\WINDOWS\system32\FXAB32.DLL <Not Verified; Corel; >
2006-03-28 17:02:15 421888 --------- C:\WINDOWS\system32\fxdb.dll <Not Verified; Corel Corporation Limited; CorelCENTRAL TM 9>
2006-03-28 17:01:37 93184 --------- C:\WINDOWS\system32\LTIH21TB.DLL <Not Verified; Novell Inc.; NLIH SDK>
2006-03-28 17:01:29 7680 --------- C:\WINDOWS\system32\shlwp9en.dll <Not Verified; Corel Corporation Limited; WordPerfect Shell Extensions>
2006-03-28 17:01:29 131072 --------- C:\WINDOWS\system32\shellwp.dll <Not Verified; Corel Corporation Limited; WordPerfect Shell Extensions>
2006-03-28 17:01:28 1213440 --------- C:\WINDOWS\system32\opengl.dll
2006-03-28 17:01:28 154624 --------- C:\WINDOWS\system32\glut.dll
2006-03-28 17:01:28 315904 --------- C:\WINDOWS\system32\glu.dll
2006-03-28 17:01:28 46592 --------- C:\WINDOWS\system32\csh.dll <Not Verified; Blue Sky Software Corporation; What's This? Help Composer>
2006-03-28 17:01:04 0 d-------- C:\Program Files\Corel
2006-03-28 17:00:19 0 d-------- C:\WINDOWS\Corel
2006-03-28 08:37:08 0 d-------- C:\WINDOWS\system32\Adobe
2006-03-28 08:25:34 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2006-03-28 07:58:46 0 d-------- C:\Program Files\OfficeUpdate11
2006-03-28 07:58:06 0 d---s---- C:\Documents and Settings\mmcquinn\UserData
2006-03-28 07:56:34 0 d-------- C:\Program Files\Common Files\L&H
2006-03-28 07:56:32 0 d-------- C:\Program Files\Microsoft.NET
2006-03-28 07:56:29 0 d-------- C:\Program Files\Microsoft ActiveSync
2006-03-28 07:56:05 0 d-------- C:\WINDOWS\SHELLNEW
2006-03-28 07:54:03 0 dr-h----- C:\MSOCache
2006-03-28 07:53:06 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\AdobeUM
2006-03-28 07:43:48 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems
2006-03-28 07:43:45 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\Adobe
2006-03-28 07:43:42 0 d-------- C:\Program Files\Common Files\Adobe Systems Shared
2006-03-28 07:42:41 0 d-------- C:\Program Files\Common Files\Adobe
2006-03-28 07:33:03 0 d-a------ C:\Program Files\Canon
2006-03-28 07:30:28 0 d-------- C:\WINDOWS\nview
2006-03-28 07:29:58 0 d-------- C:\NVIDIA
2006-03-28 07:26:23 0 d-------- C:\Documents and Settings\mmcquinn\Application Data\Identities
2006-03-28 07:26:17 0 d--h----- C:\Documents and Settings\mmcquinn\Templates
2006-03-28 07:26:17 0 dr------- C:\Documents and Settings\mmcquinn\Start Menu
2006-03-28 07:26:17 0 dr-h----- C:\Documents and Settings\mmcquinn\SendTo
2006-03-28 07:26:17 0 dr-h----- C:\Documents and Settings\mmcquinn\Recent
2006-03-28 07:26:17 0 d--h----- C:\Documents and Settings\mmcquinn\PrintHood
2006-03-28 07:26:17 0 d--h----- C:\Documents and Settings\mmcquinn\NetHood
2006-03-28 07:26:17 0 dr------- C:\Documents and Settings\mmcquinn\My Documents
2006-03-28 07:26:17 0 d--h----- C:\Documents and Settings\mmcquinn\Local Settings
2006-03-28 07:26:17 0 dr------- C:\Documents and Settings\mmcquinn\Favorites
2006-03-28 07:26:17 0 d-------- C:\Documents and Settings\mmcquinn\Desktop
2006-03-28 07:26:17 0 d---s---- C:\Documents and Settings\mmcquinn\Cookies
2006-03-28 07:26:17 0 dr-h----- C:\Documents and Settings\mmcquinn\Application Data
2006-03-27 19:21:55 262144 --a------ C:\Documents and Settings\All Users\ntuser.dat
2006-03-27 19:12:42 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2006-03-27 19:09:01 0 d-------- C:\WINDOWS\system32\PreInstall
2006-03-27 19:08:59 0 d--h----- C:\WINDOWS\$hf_mig$
2006-03-27 19:07:16 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2006-03-27 19:06:17 0 d---s---- C:\Documents and Settings\Administrator\UserData
2006-03-27 19:06:02 0 d-------- C:\WINDOWS\SchCache
2006-03-27 19:04:21 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2006-03-27 19:04:15 0 d--h----- C:\Documents and Settings\Administrator\Templates
2006-03-27 19:04:15 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2006-03-27 19:04:15 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2006-03-27 19:04:15 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2006-03-27 19:04:15 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2006-03-27 19:04:15 786432 --ah----- C:\Documents and Settings\Administrator\ntuser.dat
2006-03-27 19:04:15 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2006-03-27 19:04:15 0 dr------- C:\Documents and Settings\Administrator\My Documents
2006-03-27 19:04:15 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2006-03-27 19:04:15 0 dr------- C:\Documents and Settings\Administrator\Favorites
2006-03-27 19:04:15 0 d-------- C:\Documents and Settings\Administrator\Desktop
2006-03-27 19:04:15 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2006-03-27 19:04:15 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2006-03-27 19:04:15 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2006-03-27 19:04:05 0 d--hs---- C:\WINDOWS\CSC
2006-03-27 19:00:07 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2006-03-27 18:58:50 30208 --a------ C:\WINDOWS\system32\wdmioctl.dll <Not Verified; Analog Devices Inc.; Analog Devices Inc. wdmioctl>
2006-03-27 18:58:50 1285632 --a------ C:\WINDOWS\system32\SMMedia.dll <Not Verified; Analog Devices; SoundMAX Integrated Digital Audio>
2006-03-27 18:58:47 0 d-------- C:\WINDOWS\VirtualEar
2006-03-27 18:58:47 765952 --a------ C:\WINDOWS\system\crlds3d.dll <Not Verified; Sensaura Ltd; Sensaura 3DPA>
2006-03-27 18:58:45 49152 --a------ C:\WINDOWS\system32\DSndUp.exe <Not Verified; Analog Devices Inc.; adi DSndUp>
2006-03-27 18:58:45 45056 --a------ C:\WINDOWS\system32\CleanUp.exe <Not Verified; adi; adi CleanUp>
2006-03-27 18:58:45 0 d-------- C:\Program Files\Analog Devices
2006-03-27 18:58:44 0 d--h----- C:\Program Files\InstallShield Installation Information
2006-03-27 18:58:24 0 d-------- C:\Program Files\Common Files\InstallShield
2006-03-27 18:57:40 135168 --------- C:\WINDOWS\system32\PRONtObj.dll <Not Verified; Intel Corporation; Intel® PROSet II>
2006-03-27 18:57:40 385024 --------- C:\WINDOWS\system32\NcsCoLib.dll <Not Verified; Intel® Corporation; Intel ® PROSet for Windows* Device Manager>
2006-03-27 18:57:40 126976 --------- C:\WINDOWS\system32\Ncs2InstUtility.dll <Not Verified; Intel® Corporation; Intel ® PROSet for Windows* Device Manager>
2006-03-27 18:57:40 385024 --------- C:\WINDOWS\system32\Ncs2DMIX.dll <Not Verified; Intel® Corporation; Intel ® PROSet for Windows* Device Manager>
2006-03-27 18:57:40 19456 --------- C:\WINDOWS\system32\drivers\iqvw32.sys <Not Verified; Intel Corporation; Intel® iQVW32.SYS>
2006-03-27 18:57:40 290816 --------- C:\WINDOWS\system32\Accesor.dll <Not Verified; Intel® Corporation; Intel ® PROSet for Windows* Device Manager>
2006-03-27 18:56:52 0 d-------- C:\Program Files\Intel
2006-03-27 18:56:40 5824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2006-03-27 18:55:11 0 d-------- C:\Documents and Settings\matt\Application Data\Identities
2006-03-27 18:55:03 0 d--h----- C:\Documents and Settings\matt\Templates
2006-03-27 18:55:03 0 dr------- C:\Documents and Settings\matt\Start Menu
2006-03-27 18:55:03 0 dr-h----- C:\Documents and Settings\matt\SendTo
2006-03-27 18:55:03 0 dr-h----- C:\Documents and Settings\matt\Recent
2006-03-27 18:55:03 0 d--h----- C:\Documents and Settings\matt\PrintHood
2006-03-27 18:55:03 524288 --ah----- C:\Documents and Settings\matt\ntuser.dat
2006-03-27 18:55:03 0 d--h----- C:\Documents and Settings\matt\NetHood
2006-03-27 18:55:03 0 dr------- C:\Documents and Settings\matt\My Documents
2006-03-27 18:55:03 0 d--h----- C:\Documents and Settings\matt\Local Settings
2006-03-27 18:55:03 0 dr------- C:\Documents and Settings\matt\Favorites
2006-03-27 18:55:03 0 d-------- C:\Documents and Settings\matt\Desktop
2006-03-27 18:55:03 0 d---s---- C:\Documents and Settings\matt\Cookies
2006-03-27 18:55:03 0 dr-h----- C:\Documents and Settings\matt\Application Data
2006-03-27 18:55:03 0 d---s---- C:\Documents and Settings\matt\Application Data\Microsoft
2006-03-27 18:54:03 0 d-------- C:\WINDOWS\SoftwareDistribution
2006-03-27 18:54:01 0 d---s---- C:\WINDOWS\system32\Microsoft
2006-03-27 18:54:01 0 d-------- C:\WINDOWS\Prefetch
2006-03-27 18:54:00 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2006-03-27 18:54:00 0 d---s---- C:\Documents and Settings\LocalService\Cookies
2006-03-27 18:54:00 0 d-------- C:\Documents and Settings\LocalService\Application Data
2006-03-27 18:54:00 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2006-03-27 18:53:54 262144 --a------ C:\Documents and Settings\NetworkService\NTUSER.DAT
2006-03-27 18:53:54 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2006-03-27 18:53:54 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2006-03-27 18:53:54 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2006-03-27 18:53:54 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2006-03-27 18:51:23 0 d-------- C:\WINDOWS\system32\xircom
2006-03-27 18:51:23 0 d-------- C:\Program Files\microsoft frontpage
2006-03-27 18:51:14 225280 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2006-03-27 18:51:08 0 -rahs---- C:\MSDOS.SYS
2006-03-27 18:51:08 0 -rahs---- C:\IO.SYS
2006-03-27 18:51:08 0 --a------ C:\CONFIG.SYS
2006-03-27 18:51:08 0 --a------ C:\AUTOEXEC.BAT
2006-03-27 18:50:18 0 d--hs---- C:\Documents and Settings\All Users\DRM
2006-03-27 18:50:09 0 dr------- C:\WINDOWS\Offline Web Pages
2006-03-27 18:50:09 0 d---s---- C:\WINDOWS\Downloaded Program Files
2006-03-27 18:50:00 0 d--h----- C:\Program Files\WindowsUpdate
2006-03-27 18:49:44 0 d-------- C:\WINDOWS\system32\DirectX
2006-03-27 18:49:19 0 d---s---- C:\WINDOWS\Tasks
2006-03-27 18:49:18 0 d-------- C:\Program Files\Common Files\MSSoap
2006-03-27 18:49:15 0 d-------- C:\WINDOWS\system32\Macromed
2006-03-27 18:49:15 0 d-------- C:\WINDOWS\srchasst
2006-03-27 18:49:09 0 d-------- C:\Program Files\Movie Maker
2006-03-27 18:49:03 0 d-------- C:\WINDOWS\system32\Restore
2006-03-27 18:48:32 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2006-03-27 18:48:19 0 d-------- C:\WINDOWS\Registration
2006-03-27 18:48:13 0 d-------- C:\Program Files\Online Services
2006-03-27 18:48:08 0 d-------- C:\Program Files\Messenger
2006-03-27 18:48:05 0 d-------- C:\Program Files\MSN Gaming Zone
2006-03-27 18:47:36 0 d-------- C:\Program Files\Windows NT
2006-03-27 18:47:34 0 d-------- C:\WINDOWS\system32\MsDtc
2006-03-27 18:47:33 0 d-------- C:\WINDOWS\system32\Com
2006-03-27 13:43:00 0 d--hs---- C:\WINDOWS\Installer
2006-03-27 13:43:00 0 d-------- C:\Program Files\Common Files\ODBC
2006-03-27 13:42:57 0 d-------- C:\Program Files
2006-03-27 13:42:57 0 d-------- C:\Program Files\Common Files
2006-03-27 13:42:57 0 d-------- C:\Program Files\Common Files\SpeechEngines
2006-03-27 13:42:34 0 d--h----- C:\Documents and Settings\Default User\Templates
2006-03-27 13:42:34 0 dr------- C:\Documents and Settings\Default User\Start Menu
2006-03-27 13:42:34 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2006-03-27 13:42:34 0 d--h----- C:\Documents and Settings\Default User\Recent
2006-03-27 13:42:34 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2006-03-27 13:42:34 0 d--h----- C:\Documents and Settings\Default User\NetHood
2006-03-27 13:42:34 0 d-------- C:\Documents and Settings\Default User\My Documents
2006-03-27 13:42:34 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2006-03-27 13:42:34 0 d-------- C:\Documents and Settings\Default User\Favorites
2006-03-27 13:42:34 0 d-------- C:\Documents and Settings\Default User\Desktop
2006-03-27 13:42:34 0 d---s---- C:\Documents and Settings\Default User\Cookies
2006-03-27 13:42:34 0 d--h----- C:\Documents and Settings\All Users\Templates
2006-03-27 13:42:34 0 d-------- C:\Documents and Settings\All Users\Start Menu
2006-03-27 13:42:34 0 d-------- C:\Documents and Settings\All Users\Favorites
2006-03-27 13:42:34 0 dr------- C:\Documents and Settings\All Users\Documents
2006-03-27 13:42:34 0 d-------- C:\Documents and Settings\All Users\Desktop
2006-03-27 13:42:22 0 d-------- C:\WINDOWS\system32\CatRoot2
2006-03-27 13:42:22 0 d-------- C:\WINDOWS\system32\CatRoot
2006-03-27 13:42:17 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2006-03-27 13:42:17 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2006-03-27 13:42:16 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2006-03-27 13:42:16 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2006-03-27 13:41:56 0 d-------- C:\Documents and Settings
2006-03-27 13:41:55 0 d--hs---- C:\System Volume Information
2006-03-27 13:36:32 0 d-------- C:\WINDOWS
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\WinSxS
2006-03-27 13:36:32 0 dr------- C:\WINDOWS\Web
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\twain_32
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\wins
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\wbem
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\usmt
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\spool
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\ShellExt
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\Setup
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\ras
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\oobe
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\npp
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\mui
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\inetsrv
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\IME
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\icsxml
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\ias
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\export
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\drivers
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\drivers\etc
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\drivers\disdn
2006-03-27 13:36:32 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\dhcp
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\config
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\3com_dmi
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\3076
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\2052
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\1054
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\1042
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\1041
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\1037
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\1033
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\1031
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\1028
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system32\1025
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\system
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\security
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\Resources
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\repair
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\Provisioning
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\PeerNet
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\pchealth
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\mui
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\msapps
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\msagent
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\Media
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\java
2006-03-27 13:36:32 0 d--h----- C:\WINDOWS\inf
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\ime
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\Help
2006-03-27 13:36:32 0 dr--s---- C:\WINDOWS\Fonts
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\ehome
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\Driver Cache
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\Debug
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\Cursors
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\Connection Wizard
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\Config
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\AppPatch
2006-03-27 13:36:32 0 d-------- C:\WINDOWS\addins
2005-12-21 17:59:06 21504 --a------ C:\WINDOWS\system32\plds4.dll <Not Verified; Netscape Communications Corporation; Netscape Portable Runtime>
2005-12-21 17:58:42 28160 --a------ C:\WINDOWS\system32\plc4.dll <Not Verified; Netscape Communications Corporation; Netscape Portable Runtime>
2005-12-21 17:58:30 475136 --a------ C:\WINDOWS\system32\nss3.dll <Not Verified; Netscape Communications Corporation; Network Security Services>
2005-12-21 17:58:20 294912 --a------ C:\WINDOWS\system32\nspr4.dll <Not Verified; Netscape Communications Corporation; Netscape Portable Runtime>
2005-12-21 17:57:36 139264 --a------ C:\WINDOWS\system32\nsldap32v50.dll
2005-12-21 17:57:04 24576 --a------ C:\WINDOWS\system32\nsldappr32v50.dll
2005-12-21 17:54:34 40960 --a------ C:\WINDOWS\system32\nsldapssl32v50.dll
2005-12-10 04:06:00 1622016 --a------ C:\WINDOWS\system32\nwiz.exe
2005-12-10 04:06:00 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2005-12-10 04:06:00 1662976 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2005-12-10 04:06:00 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2005-12-10 04:06:00 1470464 --a------ C:\WINDOWS\system32\nview.dll
2005-12-10 04:06:00 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2005-12-10 04:06:00 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2005-12-10 04:06:00 425984 --a------ C:\WINDOWS\system32\keystone.exe
2005-09-23 07:28:52 74240 --a------ C:\WINDOWS\system32\mscories.dll <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
2005-09-23 07:28:52 150016 --a------ C:\WINDOWS\system32\mscorier.dll <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
2005-09-23 07:28:52 270848 --a------ C:\WINDOWS\system32\mscoree.dll <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
2005-09-23 07:28:38 83456 --a------ C:\WINDOWS\system32\dfshim.dll <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
2005-04-18 02:24:56 1175552 --a------ C:\WINDOWS\system32\cxlibw7-1-6.dll <Not Verified; Crystal Decisions; Crystal Enterprise>
2005-04-18 01:59:54 1249334 --a------ C:\WINDOWS\system32\cxlibw-1-6.dll <Not Verified; Crystal Decisions; Crystal Enterprise>
2005-04-18 01:56:28 1265716 --a------ C:\WINDOWS\system32\cxlib-1-6.dll <Not Verified; Crystal Decisions; Crystal Enterprise>
2005-04-12 04:41:20 4608 --a------ C:\WINDOWS\system32\drivers\ElbyDelay.sys <Not Verified; Elaborate Bytes AG; CDRTools>
2004-12-14 03:12:06 22016 --a------ C:\WINDOWS\system32\AdobePDF.dll <Not Verified; Adobe Systems Incorporated.; Acrobat ® PDF Port for Windows>
2004-08-08 15:46:48 520 ---hs---- C:\WINDOWS\system32\smdsbsrv.sys
2004-08-08 14:46:40 534536 ---hs---- C:\WINDOWS\system32\pjjxddwd.dll
2004-08-08 13:58:26 520 ---hs---- C:\WINDOWS\system32\spwdbapi.sys
2004-08-08 13:58:26 16140 ---hs---- C:\WINDOWS\system32\siwdaapi.exe
2004-08-08 13:58:26 536072 ---h----- C:\WINDOWS\system32\mpwdcapi.dll
2004-08-08 10:59:41 533512 ---hs---- C:\WINDOWS\system32\nhmxajkl.dll
2004-08-08 10:59:01 536072 ---hs---- C:\WINDOWS\system32\rijxakin.dll
2004-08-08 10:58:01 537096 ---hs---- C:\WINDOWS\system32\zycbdime.dll
2004-08-08 10:57:07 533000 ---hs---- C:\WINDOWS\system32\tisqatyu.dll
2004-08-08 10:56:22 533512 ---hs---- C:\WINDOWS\system32\mndsfsrv.dll
2004-08-08 10:55:27 536584 ---hs---- C:\WINDOWS\system32\oohxdbyt.dll
2004-08-08 10:54:31 537096 ---hs---- C:\WINDOWS\system32\zywmfime.dll
2004-08-08 10:53:27 534024 ---hs---- C:\WINDOWS\system32\ozfydbyt.dll
2004-08-08 10:48:58 535560 ---hs---- C:\WINDOWS\system32\yzzthmsn.dll
2004-08-08 10:25:43 2600 ---hs---- C:\WINDOWS\system32\fxcbbime.sys
2004-08-08 10:25:43 16313 ---hs---- C:\WINDOWS\system32\azcbaime.exe
2004-08-08 09:54:33 14831 ---hs---- C:\WINDOWS\system32\posqatyu.exe
2004-08-08 09:54:03 8320 ---hs---- C:\WINDOWS\system32\ysjxbdwd.sys
2004-08-08 09:54:03 15343 ---hs---- C:\WINDOWS\system32\lojxadwd.exe
2004-08-08 09:53:30 8320 ---hs---- C:\WINDOWS\system32\smhxbbyt.sys
2004-08-08 09:53:30 16531 ---hs---- C:\WINDOWS\system32\jbhxabyt.exe
2004-08-08 09:53:19 16191 ---hs---- C:\WINDOWS\system32\lpsgajba.exe
2004-08-08 09:53:19 8840 ---hs---- C:\WINDOWS\system32\gpsgajba.sys
2004-08-08 09:52:55 10920 ---hs---- C:\WINDOWS\system32\fxwmbime.sys
2004-08-08 09:52:34 15037 ---hs---- C:\WINDOWS\system32\tjfyabyt.exe
2004-08-08 09:52:34 520 ---hs---- C:\WINDOWS\system32\snfybbyt.sys
2004-08-08 09:49:28 15857 ---hs---- C:\WINDOWS\system32\spjhahlp.exe
2004-08-08 09:49:28 3120 ---hs---- C:\WINDOWS\system32\pmjhbhlp.sys
2004-08-08 09:49:08 16009 ---hs---- C:\WINDOWS\system32\zaztamsn.exe
2004-08-08 09:49:08 520 ---hs---- C:\WINDOWS\system32\xfztbmsn.sys
2004-08-08 08:57:27 520 ---hs---- C:\WINDOWS\system32\jashbbty.sys
2004-08-08 08:57:27 14882 ---hs---- C:\WINDOWS\system32\etshabty.exe
2004-08-08 08:57:14 520 ---hs---- C:\WINDOWS\system32\cgsqatyu.sys
2004-08-08 08:55:04 16461 ---hs---- C:\WINDOWS\system32\azwmaime.exe
2004-08-08 08:26:13 1040 ---hs---- C:\WINDOWS\system32\rnmxajkl.sys
2004-08-08 08:26:13 14852 ---hs---- C:\WINDOWS\system32\lpmxajkl.exe
2004-08-08 08:25:38 15956 ---hs---- C:\WINDOWS\system32\stjxakin.exe
2004-08-08 08:25:38 6240 ---hs---- C:\WINDOWS\system32\erjxakin.sys
2004-08-08 04:33:10 533512 ---hs---- C:\WINDOWS\system32\opshbbty.dll
2004-08-08 04:31:39 536584 ---hs---- C:\WINDOWS\system32\apsgdjba.dll
2004-08-08 04:29:42 535048 ---hs---- C:\WINDOWS\system32\ptjhehlp.dll
2004-08-04 08:00:00 95360 --a------ C:\WINDOWS\system32\drivers\atapi.sys
2004-05-01 18:37:14 104448 --a------ C:\WINDOWS\UltraMon.scr <Not Verified; Realtime Soft; UltraMon>
2003-12-29 19:38:32 214016 --a------ C:\WINDOWS\system32\UltraMon.dll <Not Verified; Realtime Soft; UltraMon Components>
2003-12-29 19:06:26 90112 --a------ C:\WINDOWS\system32\UltraMonIndDisp.exe <Not Verified; Realtime Soft; UltraMon Components>
2003-12-29 19:06:10 36864 --a------ C:\WINDOWS\system32\UltraMonHook.dll <Not Verified; Realtime Soft; UltraMon Components>
2003-12-29 14:04:40 53248 --a------ C:\WINDOWS\system32\UltraMonIndDispHook.dll <Not Verified; Realtime Soft; UltraMon Components>
2003-04-18 21:29:26 82432 --a------ C:\WINDOWS\system32\msxml4r.dll <Not Verified; Microsoft Corporation; Microsoft® MSXML 4.0 SP1>
2003-02-20 20:16:34 32768 --a------ C:\WINDOWS\system32\netfxperf.dll <Not Verified; Microsoft Corporation; Microsoft ® .NET Framework>
2002-11-09 11:44:23 1024 --a------ C:\WINDOWS\system32\atsdrve.dll
2002-09-06 18:30:50 307200 --a------ C:\WINDOWS\system32\SmAgentAPI.dll <Not Verified; Netegrity, Inc.; SiteMinder ™>
2002-08-21 06:13:12 189952 --a------ C:\WINDOWS\system32\WISPTIS.EXE <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2002-08-21 06:10:16 204800 --a------ C:\WINDOWS\system32\INKED.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2002-02-27 09:41:28 106496 --a------ C:\WINDOWS\system32\ssl3.dll <Not Verified; Netscape Communications Corporation; Network Security Services>
2001-05-30 09:53:38 148 --a------ C:\WINDOWS\system32\midimapcqsj.dat
2001-05-30 09:52:45 568 --a------ C:\WINDOWS\system32\midimapwl.dat
2001-05-30 09:52:23 288 --a------ C:\WINDOWS\system32\midimaptl.dat
2001-05-30 09:51:43 288 --a------ C:\WINDOWS\system32\midimapzx.dat
2001-05-30 09:49:51 288 --a------ C:\WINDOWS\system32\midimapms.dat
2001-05-30 09:49:43 288 --a------ C:\WINDOWS\system32\midimapwd.dat
2001-05-30 09:49:36 428 --a------ C:\WINDOWS\system32\midimapcq.dat
2001-05-30 09:49:16 428 --a------ C:\WINDOWS\system32\midimapmy.dat
2001-05-30 08:58:00 148 --a------ C:\WINDOWS\system32\midimapqn3.dat
2001-05-30 08:57:53 428 --a------ C:\WINDOWS\system32\midimapcb.dat
2001-05-30 08:26:31 148 --a------ C:\WINDOWS\system32\midimapwm.dat
2001-05-29 14:47:43 21932 --a------ C:\WINDOWS\system32\midimapcb.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-05-29 10:27:03 22164 --a------ C:\WINDOWS\system32\midimapwm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-05-29 10:19:02 21792 --a------ C:\WINDOWS\system32\midimapwd.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-05-28 10:58:09 19604 --a------ C:\WINDOWS\system32\midimapqn3.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-05-28 10:55:38 18580 --a------ C:\WINDOWS\system32\midimapcqsj.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-05-28 10:53:44 23468 --a------ C:\WINDOWS\system32\midimapwl.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-05-28 10:52:41 20768 --a------ C:\WINDOWS\system32\midimaptl.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-05-28 10:51:34 22816 --a------ C:\WINDOWS\system32\midimapzx.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-05-28 10:50:55 24352 --a------ C:\WINDOWS\system32\midimapms.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-05-28 10:50:03 23700 --a------ C:\WINDOWS\system32\midimapcq.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-05-28 10:49:10 21280 --a------ C:\WINDOWS\system32\midimapmy.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-05-28 09:33:49 20768 --a------ C:\WINDOWS\system32\midimaptl(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-05-28 09:20:01 18580 --a------ C:\WINDOWS\system32\midimapqn3(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-05-28 09:17:54 18580 --a------ C:\WINDOWS\system32\midimapcqsj(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-05-28 09:16:35 22304 --a------ C:\WINDOWS\system32\midimapwl(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-05-28 09:15:30 22816 --a------ C:\WINDOWS\system32\midimapzx(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-05-28 09:15:22 24352 --a------ C:\WINDOWS\system32\midimapms(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-05-28 09:14:48 23700 --a------ C:\WINDOWS\system32\midimapcq(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-05-28 09:14:11 20256 --a------ C:\WINDOWS\system32\midimapmy(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2000-05-31 09:39:44 588288 --a------ C:\WINDOWS\system32\IPX32d56.dll <Not Verified; Internet Pictures Corp.; Internet Pictures Corp. iPIX SDK Dynamic>
2000-05-30 09:52:15 27980 --a------ C:\WINDOWS\system32\gpr4A.exe
2000-05-30 04:33:18 215040 --ah----- C:\WINDOWS\system32\hfrdzx.dll
2000-05-30 04:32:12 25920 --a------ C:\WINDOWS\system32\gprF.exe
2000-05-30 04:30:21 27980 --a------ C:\WINDOWS\system32\gprA.exe
2000-05-30 03:19:28 25920 --a------ C:\WINDOWS\system32\gpr1A.exe
2000-05-30 03:17:46 27980 --a------ C:\WINDOWS\system32\gpr15.exe
2000-05-30 03:15:00 4416 --a------ C:\ee4bf6003bd6773b.dat
2000-05-30 02:53:08 25920 --a------ C:\WINDOWS\system32\gpr22.exe
2000-05-30 02:51:29 27980 --a------ C:\WINDOWS\system32\gpr1C.exe
2000-05-29 14:48:49 218624 --ah----- C:\WINDOWS\system32\zdesfx.dll
2000-05-29 14:12:14 0 d-------- C:\spyware_tools <SPYWAR~1>
2000-05-29 10:19:46 0 d-------- C:\WINDOWS\system32\appmgmt
2000-05-28 15:43:06 124 --a------ C:\Documents and Settings\turdbird\delme.bat
2000-05-28 15:38:07 0 d-------- C:\Documents and Settings\turdbird\Application Data\Adobe
2000-05-28 15:37:56 0 d-------- C:\Documents and Settings\turdbird\Application Data\Logitech
2000-05-28 15:37:50 0 d-------- C:\Documents and Settings\turdbird\Application Data\Realtime Soft
2000-05-28 15:37:19 0 d-------- C:\Documents and Settings\turdbird\Application Data\Macromedia
2000-05-28 15:37:07 0 d-------- C:\Documents and Settings\turdbird\Application Data\Real
2000-05-28 10:03:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2000-05-11 14:06:20 397312 --a------ C:\WINDOWS\system32\MSRDO20.DLL <Not Verified; Microsoft Corporation; Microsoft Corporation Remote Data Object>


-- Find3M Report ---------------------------------------------------------------

2008-01-29 17:54:44 0 --a------ C:\Documents and Settings\mmcquinn\Application Data\AVSDVDPlayer.m3u
2006-11-01 15:13:29 61678 --a------ C:\Documents and Settings\mmcquinn\Application Data\PFP90JPR.{PB
2006-11-01 15:13:29 12358 --a------ C:\Documents and Settings\mmcquinn\Application Data\PFP90JCM.{PB
2006-05-16 10:55:36 151552 --a------ C:\WINDOWS\system32\rdocurs.dll <Not Verified; Microsoft Corporation; Microsoft RDO Client Cursor Library>
2006-03-27 13:42:34 62 --ahs---- C:\Documents and Settings\mmcquinn\Application Data\desktop.ini
2004-08-08 09:56:48 520 ---hs---- C:\WINDOWS\system32\xbfsbjbo.sys
2004-08-08 09:56:48 15130 ---hs---- C:\WINDOWS\system32\tpfsajbo.exe
2004-08-08 09:56:48 534024 ---hs---- C:\WINDOWS\system32\lofsdjbo.dll
2000-05-30 09:53:43 25920 --a------ C:\WINDOWS\system32\gpr61.exe
2000-04-04 01:05:58 118784 --a------ C:\WINDOWS\system32\msstdfmt.dll <Not Verified; Microsoft Corporation; MSSTDFMT Object Library>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{15FD6584-698F-BCD2-602C-698745210351}]
2004-08-08 10:59 536072 ---hs---- C:\WINDOWS\system32\rijxakin.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{17AC9076-C898-B098-D098-A18319080971}]
2004-08-08 10:59 533512 ---hs---- C:\WINDOWS\system32\nhmxajkl.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18093456-9012-4568-9076-908765467181}]
2004-08-08 10:57 533000 ---hs---- C:\WINDOWS\system32\tisqatyu.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{22596546-2036-9451-6058-658402589722}]
2004-08-08 04:33 533512 ---hs---- C:\WINDOWS\system32\opshbbty.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2FD45A54-9875-698F-E56E-65102358FDF2}]
C:\WINDOWS\system32\apsgbjba.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{34FAE856-AD58-20CB-A025-CD4895FA6E43}]
C:\WINDOWS\system32\pjjxcdwd.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{35694105-5108-9405-3695-954187462153}]
2004-08-08 13:58 536072 ---h----- C:\WINDOWS\system32\mpwdcapi.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3FD45A54-9875-698F-E56E-65102358FDF3}]
C:\WINDOWS\system32\apsgcjba.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{44FAE856-AD58-20CB-A025-CD4895FA6E44}]
2004-08-08 14:46 534536 ---hs---- C:\WINDOWS\system32\pjjxddwd.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{470165F1-9F65-569F-F895-F14F58F41074}]
2004-08-08 09:56 534024 ---hs---- C:\WINDOWS\system32\lofsdjbo.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4A069845-2036-6084-9054-6087502480A4}]
2004-08-08 10:53 534024 ---hs---- C:\WINDOWS\system32\ozfydbyt.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4A698102-5904-AFD0-20DF-CD1A65829CA4}]
2004-08-08 10:58 537096 ---hs---- C:\WINDOWS\system32\zycbdime.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4FD45A54-9875-698F-E56E-65102358FDF4}]
2004-08-08 04:31 536584 ---hs---- C:\WINDOWS\system32\apsgdjba.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{528DF602-9541-A985-210A-984A698C6F25}]
2004-08-08 04:29 535048 ---hs---- C:\WINDOWS\system32\ptjhehlp.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5B1AEF69-DDAE-FDAD-DCAB-698F026ABDB5}]
2004-08-08 10:55 536584 ---hs---- C:\WINDOWS\system32\oohxdbyt.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6319A1F1-9410-9654-3201-345FFA349136}]
2004-08-08 10:54 537096 ---hs---- C:\WINDOWS\system32\zywmfime.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{67FD640A-158F-48AC-FD14-1597F14A9776}]
2004-08-08 10:56 533512 ---hs---- C:\WINDOWS\system32\mndsfsrv.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8490415F-65F8-B5C5-D8BA-9405FB120548}]
2004-08-08 10:48 535560 ---hs---- C:\WINDOWS\system32\yzzthmsn.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 10:11]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22]
"nwiz"="nwiz.exe" [2006-10-22 12:22 C:\WINDOWS\system32\nwiz.exe]
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 02:08]
"APVXDWIN"="C:\Program Files\Panda Software\AVTC\ClShield.exe" [2006-09-27 05:56]
"CpnIconMng"="C:\Program Files\Panda Software\AVTC\CpIcnMng.exe" [2006-03-24 05:56]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 12:22]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25]
"VirtualCloneDrive"="C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2006-04-29 09:21]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-11-15 00:43]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-15 14:11]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-01-09 10:53]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"svc"=C:\DOCUME~1\mmcquinn\LOCALS~1\Temp\bb.exe

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2006-03-28 07:43:37]
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-03-28 08:26:57]
AutoCAD Startup Accelerator.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart17.exe [2006-03-05 08:43:54]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2006-04-03 08:07:02]
UltraMon.lnk - C:\Program Files\UltraMon\UltraMon.exe [2004-05-10 15:28:28]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{189F087F-4378-405F-85FA-37D955AD7A8C}"= C:\WINDOWS\system32\mtewdh.dll [2000-05-30 09:43 279552]
"{8490415F-65F8-B5C5-D8BA-9405FB120548}"= C:\WINDOWS\system32\yzzthmsn.dll [2004-08-08 10:48 535560]
"{4F4F0064-71E0-4f0d-0015-708476C7815F}"= C:\WINDOWS\system32\midimapmy.dll [2001-05-30 09:44 21280]
"{4F4F0064-71E0-4f0d-0023-708476C7815F}"= C:\WINDOWS\system32\midimapcq.dll [2001-05-30 09:44 23700]
"{4F4F0064-71E0-4f0d-0014-708476C7815F}"= C:\WINDOWS\system32\midimapms.dll [2001-05-30 09:45 24352]
"{4F4F0064-71E0-4f0d-0005-708476C7815F}"= C:\WINDOWS\system32\midimapzx.dll [2001-05-30 09:45 22816]
"{4F4F0064-71E0-4f0d-0017-708476C7815F}"= C:\WINDOWS\system32\midimaptl.dll [2001-05-30 08:54 20768]
"{4A069845-2036-6084-9054-6087502480A4}"= C:\WINDOWS\system32\ozfydbyt.dll [2004-08-08 10:53 534024]
"{4F4F0064-71E0-4f0d-0004-708476C7815F}"= C:\WINDOWS\system32\midimapwl.dll [2001-05-30 08:54 23468]
"{6319A1F1-9410-9654-3201-345FFA349136}"= C:\WINDOWS\system32\zywmfime.dll [2004-08-08 10:54 537096]
"{CAED0F3B-DF8B-4DBF-BB20-8DFBC3199068}"= C:\WINDOWS\system32\jhrcar.dll [2000-05-30 09:53 218624]
"{2FD45A54-9875-698F-E56E-65102358FDF2}"= C:\WINDOWS\system32\apsgbjba.dll [ ]
"{5B1AEF69-DDAE-FDAD-DCAB-698F026ABDB5}"= C:\WINDOWS\system32\oohxdbyt.dll [2004-08-08 10:55 536584]
"{4F4F0064-71E0-4f0d-0024-708476C7815F}"= C:\WINDOWS\system32\midimapcqsj.dll [2001-05-30 08:56 18580]
"{67FD640A-158F-48AC-FD14-1597F14A9776}"= C:\WINDOWS\system32\mndsfsrv.dll [2004-08-08 10:56 533512]
"{34FAE856-AD58-20CB-A025-CD4895FA6E43}"= C:\WINDOWS\system32\pjjxcdwd.dll [ ]
"{6BBAA1E6-CF54-4139-AB9C-8491A9F909D7}"= C:\WINDOWS\system32\wfrdvq.dll [2000-05-30 09:54 232960]
"{18093456-9012-4568-9076-908765467181}"= C:\WINDOWS\system32\tisqatyu.dll [2004-08-08 10:57 533000]
"{1DB3C525-5271-46F7-887A-D4E1ADAA7632}"= C:\WINDOWS\system32\hfrdzx.dll [2000-05-30 09:54 215040]
"{4A698102-5904-AFD0-20DF-CD1A65829CA4}"= C:\WINDOWS\system32\zycbdime.dll [2004-08-08 10:58 537096]
"{4F4F0064-71E0-4f0d-0022-708476C7815F}"= C:\WINDOWS\system32\midimapqn3.dll [2001-05-30 08:58 19604]
"{15FD6584-698F-BCD2-602C-698745210351}"= C:\WINDOWS\system32\rijxakin.dll [2004-08-08 10:59 536072]
"{45AADFAA-DD36-42AB-83AD-0521BBF58C24}"= C:\WINDOWS\system32\zdesfx.dll [2000-05-30 09:56 218624]
"{17AC9076-C898-B098-D098-A18319080971}"= C:\WINDOWS\system32\nhmxajkl.dll [2004-08-08 10:59 533512]
"{1E51C0FD-EE36-434B-AD2A-FD1FF3731C38}"= C:\WINDOWS\system32\wyrsdj.dll [2000-05-28 15:49 225792]
"{35694105-5108-9405-3695-954187462153}"= C:\WINDOWS\system32\mpwdcapi.dll [2004-08-08 13:58 536072]
"{4F4F0064-71E0-4f0d-0018-708476C7815F}"= C:\WINDOWS\system32\midimapwd.dll [2001-05-30 09:44 21792]
"{3FD45A54-9875-698F-E56E-65102358FDF3}"= C:\WINDOWS\system32\apsgcjba.dll [ ]
"{4F4F0064-71E0-4f0d-0002-708476C7815F}"= C:\WINDOWS\system32\midimapwm.dll [2001-05-30 08:26 22164]
"{44FAE856-AD58-20CB-A025-CD4895FA6E44}"= C:\WINDOWS\system32\pjjxddwd.dll [2004-08-08 14:46 534536]
"{4F4F0064-71E0-4f0d-0006-708476C7815F}"= C:\WINDOWS\system32\midimapcb.dll [2001-05-30 08:57 21932]
"{528DF602-9541-A985-210A-984A698C6F25}"= C:\WINDOWS\system32\ptjhehlp.dll [2004-08-08 04:29 535048]
"{4FD45A54-9875-698F-E56E-65102358FDF4}"= C:\WINDOWS\system32\apsgdjba.dll [2004-08-08 04:31 536584]
"{22596546-2036-9451-6058-658402589722}"= C:\WINDOWS\system32\opshbbty.dll [2004-08-08 04:33 533512]
"{470165F1-9F65-569F-F895-F14F58F41074}"= C:\WINDOWS\system32\lofsdjbo.dll [2004-08-08 09:56 534024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"midimapmy"= {4F4F0064-71E0-4f0d-0015-708476C7815F} - C:\WINDOWS\system32\midimapmy.dll [2001-05-30 09:44 21280]
"midimapcq"= {4F4F0064-71E0-4f0d-0023-708476C7815F} - C:\WINDOWS\system32\midimapcq.dll [2001-05-30 09:44 23700]
"midimapms"= {4F4F0064-71E0-4f0d-0014-708476C7815F} - C:\WINDOWS\system32\midimapms.dll [2001-05-30 09:45 24352]
"midimapzx"= {4F4F0064-71E0-4f0d-0005-708476C7815F} - C:\WINDOWS\system32\midimapzx.dll [2001-05-30 09:45 22816]
"midimaptl"= {4F4F0064-71E0-4f0d-0017-708476C7815F} - C:\WINDOWS\system32\midimaptl.dll [2001-05-30 08:54 20768]
"midimapwl"= {4F4F0064-71E0-4f0d-0004-708476C7815F} - C:\WINDOWS\system32\midimapwl.dll [2001-05-30 08:54 23468]
"midimapcqsj"= {4F4F0064-71E0-4f0d-0024-708476C7815F} - C:\WINDOWS\system32\midimapcqsj.dll [2001-05-30 08:56 18580]
"midimapqn3"= {4F4F0064-71E0-4f0d-0022-708476C7815F} - C:\WINDOWS\system32\midimapqn3.dll [2001-05-30 08:58 19604]
"midimapwd"= {4F4F0064-71E0-4f0d-0018-708476C7815F} - C:\WINDOWS\system32\midimapwd.dll [2001-05-30 09:44 21792]
"midimapwm"= {4F4F0064-71E0-4f0d-0002-708476C7815F} - C:\WINDOWS\system32\midimapwm.dll [2001-05-30 08:26 22164]
"midimapcb"= {4F4F0064-71E0-4f0d-0006-708476C7815F} - C:\WINDOWS\system32\midimapcb.dll [2001-05-30 08:57 21932]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Shell"="Explorer.exe,gpr4A.exe,gpr61.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
avldr.dll 2006-02-17 04:32 45056 C:\WINDOWS\system32\avldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=tisqatyu.dll,nhmxajkl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\Machine\Scripts\Startup\0\0]
"Script"=fm_route.bat

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3521953765-3696617155-3064245809-1173\Scripts\Logon\0\0]
"Script"=timesync.bat

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3521953765-3696617155-3064245809-1175\Scripts\Logon\0\0]
"Script"=timesync.bat

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3521953765-3696617155-3064245809-1180\Scripts\Logon\0\0]
"Script"=timesync.bat

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3521953765-3696617155-3064245809-1180\Scripts\Logon\1\0]
"Script"=oci.bat

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3521953765-3696617155-3064245809-1218\Scripts\Logon\0\0]
"Script"=timesync.bat

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3521953765-3696617155-3064245809-1218\Scripts\Logon\1\0]
"Script"=oci.bat

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3521953765-3696617155-3064245809-1227\Scripts\Logon\0\0]
"Script"=timesync.bat

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3521953765-3696617155-3064245809-1227\Scripts\Logon\1\0]
"Script"=oci.bat

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3521953765-3696617155-3064245809-1230\Scripts\Logon\0\0]
"Script"=timesync.bat

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3521953765-3696617155-3064245809-1230\Scripts\Logon\1\0]
"Script"=oci.bat

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3521953765-3696617155-3064245809-1234\Scripts\Logon\0\0]
"Script"=timesync.bat

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-3521953765-3696617155-3064245809-1234\Scripts\Logon\1\0]
"Script"=oci.bat

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc

*Newly Created Service* - 00FA43F008AB5B9E



-- End of Deckard's System Scanner: finished at 2000-05-30 09:57:16 ------------


Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 3.0
Architecture: X86; Language: English

CPU 0: Intel® Pentium® 4 CPU 3.00GHz
CPU 1: Intel® Pentium® 4 CPU 3.00GHz
Percentage of Memory in Use: 43%
Physical Memory (total/avail): 1023.23 MiB / 577.05 MiB
Pagefile Memory (total/avail): 2461.71 MiB / 2089.22 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1888.39 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 74.53 GiB total, 26.47 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)
F: is CDROM (No Media)
J: is Network (NTFS)
K: is Network (NTFS)
M: is Network (NTFS)

\\.\PHYSICALDRIVE0 - WDC WD800JD-08LSA0 - 74.54 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 74.53 GiB - C:



-- Security Center -------------------------------------------------------------

AUOptions is disabled.


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\mmcquinn\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=MCQUINN
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\mmcquinn
LOGONSERVER=\\FS1
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\Intel\DMIX;C:\Program Files\Common Files\Autodesk Shared;C:\Program Files\QuickTime\QTSystem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 3, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0403
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\mmcquinn\LOCALS~1\Temp
TMP=C:\DOCUME~1\mmcquinn\LOCALS~1\Temp
ULTRAMON_LANGDIR=C:\Program Files\UltraMon\Resources\en
USERDNSDOMAIN=OCI.LOCAL
USERDOMAIN=OCI
USERNAME=mmcquinn
USERPROFILE=C:\Documents and Settings\mmcquinn
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

matt (admin)
Administrator (admin)
turdbird (admin)
jhadmin (new local, admin, net ready)
rvelazquez (admin)
mmcquinn (admin)
kprzeclawski (new local, admin, net ready)
rnash (admin)
pjafarian (new local, admin, net ready)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2005 ASHRAE Handbook --> C:\WINDOWS\iun6002.exe "C:\Program Files\ASHRAE\2005 ASHRAE Handbook\irunin.ini"
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Acrobat 7.1.0 Professional --> msiexec /I {AC76BA86-1033-0000-7760-000000000002}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop 6.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 6.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 6.0\Uninst.dll"
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe SVG Viewer 3.0 --> C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Alcohol 120% (Trial Version) --> MsiExec.exe /X{E9F81423-211E-46B6-9AE0-38568BC5CF6F}
Amazon MP3 Downloader 1.0.2 --> C:\Program Files\Amazon\MP3 Downloader\Uninstall.exe
AnswerWorks Runtime --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\WexTech\AnswerWorks\Uninst.isu"
Apple Mobile Device Support --> MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Armlink ACE® --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\armlink\Uninst.isu"
AudibleManager --> C:\Program Files\Audible\Bin\Upgrade.exe /Uninstall
AutoCAD 2005 - English --> MsiExec.exe /I{5783F2D7-0301-0409-0002-0060B0CE6BBA}
AutoCAD 2005 Express Tools Volumes 1-9 --> MsiExec.exe /X{5783F2D7-0311-0409-0000-0060B0CE6BBA}
AutoCAD 2007 - English --> MsiExec.exe /I{5783F2D7-5001-0409-0002-0060B0CE6BBA}
Autodesk DWF Viewer --> C:\PROGRA~1\Autodesk\AUTODE~1\Setup.exe /remove /q0
AVS DVD Player version 2.4 --> "C:\Program Files\AVSMedia\DVDPlayer\unins000.exe"
BOCA EL v2000 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\BOCAEL\OutPti01.isu"
Call of Duty® 2 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D0A05794-48C2-4424-A15A-9F20FCFDD374} /l1033
CAPS 3.7 --> C:\Program Files\InstallShield Installation Information\{A6C6AB3A-8E92-411F-85D8-4A3EB1624DB9}\setup.exe -runfromtemp -l0x0009 -removeonly
COMcheck 3.2.1 --> C:\PROGRA~1\Check\COMcheck\UNWISE.EXE C:\PROGRA~1\Check\COMcheck\INSTALL.LOG
Compute-A-Fan 9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EABEFBBA-B4D3-4DD0-B921-F06097194488}\setup.exe" -l0x9
Corel Applications --> C:\WINDOWS\Corel\Uninst32.exe
Declan's German FlashCards v1.6 --> "C:\Program Files\Declan's German FlashCards\unins000.exe"
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
EA SPORTS online 2007 --> C:\Program Files\EA SPORTS\EA SPORTS online\EASOUNInstaller.exe
EnCStd4 --> MsiExec.exe /X{E33B8355-1859-4480-8C5D-687D2E8CB1DE}
EnergyGauge FlaCom2004 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DBA09560-5840-42F1-BE45-08F99AA9F9DF}\setup.exe" -l0x9
EnergyGauge FlaRes --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe /M{40E39B6B-25CD-4C21-9BC9-7BFBA0A07336}
EnergyGaugeSummit --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{14A47AA2-AD17-4095-A278-D613804A31E4}\setup.exe" -l0x9 -removeonly
Esp --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D97741D0-39A5-11D5-BFB7-000102B33C8F}\Setup.exe"
EspPlus-Steam --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4B0DC7E0-F8A3-488B-ADBE-A2AD0635B6F1}\setup.exe" -l0x9
EspPlus - Pumps --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB484E0C-8FF1-11D5-B38D-006008C4EE5A}\Setup.exe" -l0x9
EspPlus - Tanks --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9209C7A-0480-42F6-BB5C-B8D64B030A84}\setup.exe" -l0x9
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format SDK (KB902344) --> "C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"
Intel® PRO Network Connections Software v9.2.4.9 --> C:\Program Files\Intel\DMIX\uninst\DxSetup.exe /x /qr /le C:\DOCUME~1\matt\LOCALS~1\Temp\PROSetDX\DMIX\\DxUninst.log
Intel® PROSafe for Wired Connections --> MsiExec.exe /I{36BD0774-6CD6-4FF9-A148-83CA09AC123E}
Intel® PROSafe for Wired Connections --> MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
iTunes --> MsiExec.exe /I{4F5CE18C-D97D-48FF-A510-A0D90C918294}
Java 2 Runtime Environment, SE v1.4.2_04 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142040}
Java Advanced Imaging 1.1.1_01 For JRE --> C:\WINDOWS\IsUninst.exe -fC:\PROGRA~1\Java\JRE16~2.0_0\Uninstjai.isu
Java™ 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java™ 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java™ 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java™ SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Logitech SetPoint --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x9 -removeonly
Medal of Honor Allied Assault --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DEA94ED-915A-4834-A87E-388D012C8E02}\Setup.exe" -l0x9
MemoryLifter --> MsiExec.exe /X{A3D453EB-630D-4796-86AB-18E6C6864053}
Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual J# 2.0 Redistributable Package --> C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft Visual J# 2.0 Redistributable Package\install.exe
Mozilla Firefox (2.0.0.14) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
MSN Music Assistant --> rundll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\msninst.inf,Uninstall
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
oggcodecs 0.71.0946 --> C:\Program Files\illiminable\oggcodecs\uninst.exe
Panda ClientShield --> "C:\Program Files\Panda Software\AVTC\Install\UNAVTC.exe" -A:UNINSTALL -DeleteQtine:1 -DEL -SHOWIFACE
PQ DVD to iPhone Video Suite (remove only) --> "C:\Program Files\PQDVD\PQ DVD to iPhone Video Suite\bt-uninst.exe"
Price Digital Catalog --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{9C421757-EE53-494F-90EB-EBDB2B4D53F1}
Price Video CD 2.0 --> MsiExec.exe /I{9D5FDA92-BE47-49B6-BA95-1DAAAE1E69AA}
QuickTime --> MsiExec.exe /I{9763E36A-08E9-4228-BBCE-12989A4EB1A8}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Return to Castle Wolfenstein --> C:\PROGRA~1\RETURN~1\Uninstall\Unwise.exe /u C:\PROGRA~1\RETURN~1\Uninstall\Install.log
Rhapsody Player Engine --> MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
Rhapsody Player Engine --> MsiExec.exe /I{84F1DE76-C48C-4281-87A0-CC9548D1E7F9}
Safari --> MsiExec.exe /I{0AFC9710-5DD6-4C6A-BA52-91AE992B2C9D}
Sibelius Scorch --> MsiExec.exe /I{51C65CD6-A344-41B5-81E2-3CCAC8024F68}
SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x9 -removeonly
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Taco 2002 HX Selection --> C:\Taco2002\UNWISE.EXE C:\Taco2002\INSTALL.LOG
Tansee iPhone Transfer v3.0.0.0 --> "C:\Program Files\Tansee iPhone Transfer\unins000.exe"
TOPSS --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B2093599-1478-425C-884E-677312C20424}\setup.exe" -l0x9 -uninst -removeonly
TouchCopy --> MsiExec.exe /I{79F1197A-CED4-45B8-9484-D7ECA4D57EC2}
TRACE 700 Client Install --> C:\Program Files\InstallShield Installation Information\{629BF42B-EBD5-4C2D-8617-634A354BF3FA}\Setup.exe -runfromtemp -l0x0009 -removeonly
Trace 700 Report Framework --> MsiExec.exe /I{4704DD74-4288-4706-9528-4DE96ADA18B4}
Tweak UI --> "C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
UltraMon --> MsiExec.exe /I{8B9F6E7C-1EEA-46C5-8BB3-DC976AED2016}
URGE --> MsiExec.exe /I{8BBF6DFD-0AD9-43A7-9FBD-BF065E3866AF}
Viewpoint Manager (Remove Only) --> C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgrInstaller.exe /u /k
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Viewpoint Toolbar --> C:\Program Files\Viewpoint\Viewpoint Toolbar\3.8.0\Uninstaller.exe /u /k /url "http://www.viewpoint.com/pub/uninstallcompleted.html"
VirtualCloneDrive --> "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\vcd-uninst.exe" /D="C:\Program Files\Elaborate Bytes\VirtualCloneDrive"
Warcraft III: All Products --> C:\WINDOWS\War3Unin.exe C:\WINDOWS\War3Unin.dat
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122 --> "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
WinZip --> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall


-- Application Event Log -------------------------------------------------------

Event Record #/Type8139 / Error
Event Submitted/Written: 05/30/2008 08:36:50 AM
Event ID/Source: 11719 / MsiInstaller
Event Description:
Product: Call of Duty® 2 -- Error 1719.The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.

Event Record #/Type8138 / Warning
Event Submitted/Written: 05/30/2008 08:36:47 AM
Event ID/Source: 1015 / MsiInstaller
Event Description:
Failed to connect to server. Error: 0x80080005

Event Record #/Type8137 / Warning
Event Submitted/Written: 05/30/2008 08:36:17 AM
Event ID/Source: 1015 / MsiInstaller
Event Description:
Failed to connect to server. Error: 0x80080005

Event Record #/Type8136 / Warning
Event Submitted/Written: 05/30/2008 08:28:25 AM
Event ID/Source: 1217 / Winlogon
Event Description:
Execution of GPO scripts has timed out and have been terminated.

Event Record #/Type8135 / Error
Event Submitted/Written: 05/30/2008 08:23:08 AM
Event ID/Source: 11719 / MsiInstaller
Event Description:
Product: Call of Duty® 2 -- Error 1719.The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type776 / Error
Event Submitted/Written: 05/30/2000 09:43:31 AM
Event ID/Source: 1003 / System Error
Event Description:
Error code 1000007f, parameter1 00000008, parameter2 80042000, parameter3 00000000, parameter4 00000000.

Event Record #/Type775 / Error
Event Submitted/Written: 05/30/2000 09:43:27 AM
Event ID/Source: 1003 / System Error
Event Description:
Error code 1000007f, parameter1 00000008, parameter2 80042000, parameter3 00000000, parameter4 00000000.

Event Record #/Type772 / Error
Event Submitted/Written: 05/30/2000 09:43:09 AM
Event ID/Source: 1003 / System Error
Event Description:
Error code 1000008e, parameter1 c0000005, parameter2 80585743, parameter3 b9bb7cdc, parameter4 00000000.

Event Record #/Type714 / Error
Event Submitted/Written: 05/30/2008 08:51:45 AM
Event ID/Source: 1003 / System Error
Event Description:
Error code 1000007f, parameter1 00000008, parameter2 80042000, parameter3 00000000, parameter4 00000000.

Event Record #/Type688 / Error
Event Submitted/Written: 05/30/2008 08:36:47 AM
Event ID/Source: 10010 / DCOM
Event Description:
The server {000C101C-0000-0000-C000-000000000046} did not register with DCOM within the required timeout.



-- End of Deckard's System Scanner: finished at 2000-05-30 09:57:16 ------------

BC AdBot (Login to Remove)

 


#2 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:04:17 AM

Posted 04 June 2008 - 11:08 PM

Hello nashrm, my name is fenzodahl512 and welcome to Bleeping Computer..

If you still need our help, please post a fresh Deckard System Scanner log for further review..

Regards
fenzodahl512

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive


#3 fenzodahl512

fenzodahl512

  • Members
  • 6,738 posts
  • OFFLINE
  •  
  • Local time:04:17 AM

Posted 16 June 2008 - 08:25 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic

Keep calm, make it simple, use your brain, don't freak out, and you'll be just fine..
Awesomeness: When I get sad, I stop being sad and be awesome instead.. True story - Barney Stinson
Posted Image Posted Image
Its gonna be legen.. wait for it.. dary! Cherish the pain, it means you're still alive





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users