Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Dl.exe


  • This topic is locked This topic is locked
5 replies to this topic

#1 mictamcody2000

mictamcody2000

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Location:Lansing, Michigan
  • Local time:03:21 PM

Posted 06 July 2008 - 12:53 PM

I have a problem, when I run .exe's sometimes a black dos prompt comes up and says dl.exe encountered an error. and it makes it so i cannot connect to the internet.

Screenshot:
http://img381.imageshack.us/img381/5890/dl1hz2.jpg



Here's a HIJACK THIS Logfile

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:09:01 PM, on 7/6/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Opera\Opera.exe
C:\wamp\wampmanager.exe
c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe
C:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\REGEDIT.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\NSIS\makensisw.exe
C:\WINDOWS\system32\NOTEPAD.EXE
G:\malware removal\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\RunOnce: [Cleanup] C:\cleanup.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.8\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.51b\bin\mysqld-nt.exe
O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe

--
End of file - 4733 bytes

Edited by mictamcody2000, 06 July 2008 - 01:18 PM.


BC AdBot (Login to Remove)

 


#2 mictamcody2000

mictamcody2000
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Location:Lansing, Michigan
  • Local time:03:21 PM

Posted 13 July 2008 - 05:47 PM

This is in continuation of: http://www.bleepingcomputer.com/forums/t/156488/windows-will-not-boot/

Hijack-This log from Deckards System Scanner:


Main:

Deckard's System Scanner v20071014.68
Run by Mike on 2008-07-13 14:52:48
Computer is in Normal Mode.
--------------------------------------------------------------------------------

[color=red]System Drive C: has 5.43 GiB (less than 15%) free.[/color]


-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-07-13 14:55:54
Platform: Windows XP Service Pack 2 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Cain\Abel.exe
C:\Program Files\ATI\WebPAM\jetty\extra\win32\Wrapper.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WLTRYSVC.EXE
C:\WINDOWS\system32\BCMWLTRY.EXE
C:\WINDOWS\system32\ZuneBusEnum.exe
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\ATI\WebPAM\_jvm\bin\java.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\TaskSwitch.exe
C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiprbxx.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HPQ\Shared\hpqwmi.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Mike\Desktop\dss.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\dllhost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = IE SuX
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:4001
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
R3 - URLSearchHook: (no name) - {e077da94-6314-41f1-9f08-6607df65952e} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: (no name) - {e077da94-6314-41f1-9f08-6607df65952e} - (no file)
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O8 - Extra context menu item: + Offline &Explorer: Download the link - file://C:\Program Files\Offline Explorer Pro\Add_UrlO.htm
O8 - Extra context menu item: + Offline E&xplorer: Download the current page - file://C:\Program Files\Offline Explorer Pro\Add_AllO.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (file missing)
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nwprovau.dll
O11 - Options Group: [TABS] Tabbed Browsing
O16 - DPF: {14C1B87C-3342-445F-9B5E-365FF330A3AC} () - http://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} () - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} () - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.2.100.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} () - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} () - http://129.15.200.151/activex/AMC.cab
O16 - DPF: {EE8B6D5F-FEF2-11D0-B13F-00A024798EF3} () - http://lg.home.microsoft.com/search/lobby/searchsettings.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (file missing)
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: AtiExtEvent - C:\WINDOWS\system32\Ati2evxx.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll
O23 - Service: Abel - oxid.it - C:\Program Files\Cain\Abel.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ATI WebPAM (ATIWebPAM) - Unknown owner - C:\Program Files\ATI\WebPAM\jetty\extra\win32\Wrapper.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\Shared\hpqwmi.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PHPGeekUtil - Unknown owner - c:\apache\APACHE.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\system32\WLTRYSVC.EXE
O24 - Desktop Component 0:  - file:///C:/DOCUME~1/Mike/LOCALS~1/Temp/msohtml1/01/clip_image002.jpg

--
End of file - 11721 bytes

-- Files created between 2008-06-13 and 2008-07-13 -----------------------------

2008-07-13 12:47:03		 0 dr-h---c- C:\Documents and Settings\Mike\Recent
2008-07-13 12:41:11		 0 d------c- C:\WINDOWS\Prefetch
2008-07-10 04:06:24	   234 --a----c- C:\WINDOWS\system32\dl.exe
2008-07-10 03:59:07	   234 --a----c- C:\Documents and Settings\Mike\dl.exe
2008-07-09 00:23:35	260288 -r-hs---- C:\cmldr
2008-07-09 00:23:12		 0 dr-hs--c- C:\cmdcons
2008-07-08 19:59:18		 0 d------c- C:\Documents and Settings\Mike.LAPTOP.000\Application Data\Identities
2008-07-08 19:59:05		 0 d--h---c- C:\Documents and Settings\Mike.LAPTOP.000\Templates
2008-07-08 19:59:05		 0 dr-----c- C:\Documents and Settings\Mike.LAPTOP.000\Start Menu
2008-07-08 19:59:05		 0 dr-h---c- C:\Documents and Settings\Mike.LAPTOP.000\SendTo
2008-07-08 19:59:05		 0 dr-h---c- C:\Documents and Settings\Mike.LAPTOP.000\Recent
2008-07-08 19:59:05		 0 d--h---c- C:\Documents and Settings\Mike.LAPTOP.000\PrintHood
2008-07-08 19:59:05		 0 d--h---c- C:\Documents and Settings\Mike.LAPTOP.000\NetHood
2008-07-08 19:59:05		 0 dr-----c- C:\Documents and Settings\Mike.LAPTOP.000\My Documents
2008-07-08 19:59:05		 0 d--h---c- C:\Documents and Settings\Mike.LAPTOP.000\Local Settings
2008-07-08 19:59:05		 0 dr-----c- C:\Documents and Settings\Mike.LAPTOP.000\Favorites
2008-07-08 19:59:05		 0 d------c- C:\Documents and Settings\Mike.LAPTOP.000\Desktop
2008-07-08 19:59:05		 0 d---s--c- C:\Documents and Settings\Mike.LAPTOP.000\Cookies
2008-07-08 19:59:05		 0 dr-h---c- C:\Documents and Settings\Mike.LAPTOP.000\Application Data
2008-07-08 19:59:05		 0 d---s--c- C:\Documents and Settings\Mike.LAPTOP.000\Application Data\Microsoft
2008-07-08 19:59:04	524288 --ah----- C:\Documents and Settings\Mike.LAPTOP.000\NTUSER.DAT
2008-07-08 19:57:04	786432 --ah----- C:\Documents and Settings\LocalService.NT AUTHORITY.000\NTUSER.DAT
2008-07-08 19:57:04		 0 d--h---c- C:\Documents and Settings\LocalService.NT AUTHORITY.000\Local Settings
2008-07-08 19:57:04		 0 d---s--c- C:\Documents and Settings\LocalService.NT AUTHORITY.000\Cookies
2008-07-08 19:57:04		 0 d------c- C:\Documents and Settings\LocalService.NT AUTHORITY.000\Application Data
2008-07-08 19:57:04		 0 d---s--c- C:\Documents and Settings\LocalService.NT AUTHORITY.000\Application Data\Microsoft
2008-07-08 19:56:34		 0 d---s--c- C:\Documents and Settings\NetworkService.NT AUTHORITY.000\Cookies
2008-07-08 19:56:34		 0 d------c- C:\Documents and Settings\NetworkService.NT AUTHORITY.000\Application Data
2008-07-08 19:56:34		 0 d---s--c- C:\Documents and Settings\NetworkService.NT AUTHORITY.000\Application Data\Microsoft
2008-07-08 19:56:33	786432 --ah----- C:\Documents and Settings\NetworkService.NT AUTHORITY.000\NTUSER.DAT
2008-07-08 19:56:33		 0 d--h---c- C:\Documents and Settings\NetworkService.NT AUTHORITY.000\Local Settings
2008-07-08 19:51:23	245760 ---h---c- C:\Documents and Settings\Default User.W1NBL0W5\NTUSER.DAT
2008-07-08 19:50:00		 0 d--hs--c- C:\Documents and Settings\All Users.W1NBL0W5\DRM
2008-07-08 15:28:40		 0 d--h---c- C:\Documents and Settings\Default User.W1NBL0W5\Templates
2008-07-08 15:28:40		 0 dr-----c- C:\Documents and Settings\Default User.W1NBL0W5\Start Menu
2008-07-08 15:28:40		 0 dr-h---c- C:\Documents and Settings\Default User.W1NBL0W5\SendTo
2008-07-08 15:28:40		 0 d--h---c- C:\Documents and Settings\Default User.W1NBL0W5\Recent
2008-07-08 15:28:40		 0 d--h---c- C:\Documents and Settings\Default User.W1NBL0W5\PrintHood
2008-07-08 15:28:40		 0 d--h---c- C:\Documents and Settings\Default User.W1NBL0W5\NetHood
2008-07-08 15:28:40		 0 d------c- C:\Documents and Settings\Default User.W1NBL0W5\My Documents
2008-07-08 15:28:40		 0 dr-h---c- C:\Documents and Settings\Default User.W1NBL0W5\Local Settings
2008-07-08 15:28:40		 0 d------c- C:\Documents and Settings\Default User.W1NBL0W5\Favorites
2008-07-08 15:28:40		 0 d------c- C:\Documents and Settings\Default User.W1NBL0W5\Desktop
2008-07-08 15:28:40		 0 d---s--c- C:\Documents and Settings\Default User.W1NBL0W5\Cookies
2008-07-08 15:28:40		 0 d--h---c- C:\Documents and Settings\All Users.W1NBL0W5\Templates
2008-07-08 15:28:40		 0 dr-----c- C:\Documents and Settings\All Users.W1NBL0W5\Start Menu
2008-07-08 15:28:40		 0 d------c- C:\Documents and Settings\All Users.W1NBL0W5\Favorites
2008-07-08 15:28:40		 0 dr-----c- C:\Documents and Settings\All Users.W1NBL0W5\Documents
2008-07-08 15:28:40		 0 d------c- C:\Documents and Settings\All Users.W1NBL0W5\Desktop
2008-07-08 15:28:14		 0 dr-h---c- C:\Documents and Settings\Default User.W1NBL0W5\Application Data
2008-07-08 15:28:14		 0 d---s--c- C:\Documents and Settings\Default User.W1NBL0W5\Application Data\Microsoft
2008-07-08 15:28:14		 0 dr-h---c- C:\Documents and Settings\All Users.W1NBL0W5\Application Data
2008-07-08 15:28:14		 0 d---s--c- C:\Documents and Settings\All Users.W1NBL0W5\Application Data\Microsoft
2008-07-08 15:06:58		 0 d------c- C:\Documents and Settings\Mike.LAPTOP\Application Data\Talkback
2008-07-08 15:05:56		 0 d------c- C:\Documents and Settings\Mike.LAPTOP\Application Data\Mozilla
2008-07-08 15:02:09  25477210 --a----c- C:\1.reg
2008-07-08 07:06:04	 87552 --a----c- C:\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-07-08 02:26:49		 0 d------c- C:\Documents and Settings\Mike.LAPTOP\Application Data\Identities
2008-07-08 02:26:36		 0 dr-h---c- C:\Documents and Settings\Mike.LAPTOP\SendTo
2008-07-08 02:26:36		 0 dr-h---c- C:\Documents and Settings\Mike.LAPTOP\Recent
2008-07-08 02:26:36		 0 d--h---c- C:\Documents and Settings\Mike.LAPTOP\PrintHood
2008-07-08 02:26:36		 0 d--h---c- C:\Documents and Settings\Mike.LAPTOP\NetHood
2008-07-08 02:26:36		 0 dr-----c- C:\Documents and Settings\Mike.LAPTOP\My Documents
2008-07-08 02:26:36		 0 d--h---c- C:\Documents and Settings\Mike.LAPTOP\Local Settings
2008-07-08 02:26:36		 0 dr-----c- C:\Documents and Settings\Mike.LAPTOP\Favorites
2008-07-08 02:26:36		 0 d------c- C:\Documents and Settings\Mike.LAPTOP\Desktop
2008-07-08 02:26:36		 0 d---s--c- C:\Documents and Settings\Mike.LAPTOP\Cookies
2008-07-08 02:26:36		 0 dr-h---c- C:\Documents and Settings\Mike.LAPTOP\Application Data
2008-07-08 02:26:36		 0 d---s--c- C:\Documents and Settings\Mike.LAPTOP\Application Data\Microsoft
2008-07-08 02:26:35		 0 d--h---c- C:\Documents and Settings\Mike.LAPTOP\Templates
2008-07-08 02:26:35		 0 dr-----c- C:\Documents and Settings\Mike.LAPTOP\Start Menu
2008-07-08 02:26:35	786432 --ah----- C:\Documents and Settings\Mike.LAPTOP\NTUSER.DAT
2008-07-08 02:24:56	786432 --ah----- C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.DAT
2008-07-08 02:24:56		 0 d--h---c- C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings
2008-07-08 02:24:56		 0 d---s--c- C:\Documents and Settings\LocalService.NT AUTHORITY\Cookies
2008-07-08 02:24:56		 0 d------c- C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data
2008-07-08 02:24:56		 0 d---s--c- C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Microsoft
2008-07-08 02:24:55		 0 d--h---c- C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings
2008-07-08 02:24:55		 0 d---s--c- C:\Documents and Settings\NetworkService.NT AUTHORITY\Cookies
2008-07-08 02:24:55		 0 d------c- C:\Documents and Settings\NetworkService.NT AUTHORITY\Application Data
2008-07-08 02:24:55		 0 d---s--c- C:\Documents and Settings\NetworkService.NT AUTHORITY\Application Data\Microsoft
2008-07-08 02:24:54	786432 --ah----- C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT
2008-07-08 02:17:38		 0 --a----c- C:\CONFIG.SYS
2008-07-08 02:17:38		 0 --a----c- C:\AUTOEXEC.BAT
2008-07-08 02:13:08		 0 d------c- C:\Program Files\Online Services
2008-07-07 21:39:36		 0 d------c- C:\W1NBL0W5
2008-07-05 21:21:47		 0 d------c- C:\WINDOWS\system32\CatRoot2
2008-07-05 21:18:10		 0 d------c- C:\WINDOWS\SoftwareDistribution
2008-07-05 20:56:52	162304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
2008-07-05 20:56:52	 77312 --a------ C:\WINDOWS\system32\ztvunace26.dll
2008-07-05 20:56:52	 69632 --a------ C:\WINDOWS\system32\ztvcabinet.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
2008-07-05 20:56:50	 75264 --a------ C:\WINDOWS\system32\unacev2.dll
2008-07-05 20:56:43	153088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2008-07-02 03:55:30		 0 d--hs---- C:\found.000
2008-07-02 01:30:15	 17045 --a----c- C:\WINDOWS\DIIUnin.dat
2008-07-02 01:30:10	  2829 --a----c- C:\WINDOWS\DIIUnin.pif
2008-07-02 01:30:09	 98304 --a----c- C:\WINDOWS\DIIUnin.exe <Not Verified; Blizzard Entertainment; Diablo II Uninstaller>
2008-06-30 21:23:06		 0 d------c- C:\Program Files\Copy of StealthBot
2008-06-20 16:14:46		 0 d------c- C:\Documents and Settings\Mike\Application Data\Smith Micro
2008-06-20 16:12:13	 77824 --a----c- C:\WINDOWS\system32\ptdmwmcp.dll <Not Verified; DEVGURU; Application Interface DLL>
2008-06-20 16:12:13		 0 d------c- C:\Program Files\PANTECH
2008-06-20 16:11:58		 0 d------c- C:\Program Files\Verizon Wireless


-- Find3M Report ---------------------------------------------------------------

2008-07-13 14:48:00	287232 --a----c- C:\WINDOWS\winhlp32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:58	 29184 --a----c- C:\WINDOWS\twunk_32.exe <Not Verified; Twain Working Group; Twain Thunker>
2008-07-13 14:47:56	 18944 --a----c- C:\WINDOWS\taskman.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:44	 34816 --a----c- C:\WINDOWS\system32\xcopy.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:43	 35840 --a----c- C:\WINDOWS\system32\wupdmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:43	169984 --a----c- C:\WINDOWS\system32\wuauclt1.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:43	114688 --a----c- C:\WINDOWS\system32\wuauclt.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:43	118784 --a----c- C:\WINDOWS\system32\wscript.exe <Not Verified; Microsoft Corporation; Microsoft (r) Windows Script Host>
2008-07-13 14:47:43	  9216 --a----c- C:\WINDOWS\system32\write.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:43	 35840 --a----c- C:\WINDOWS\system32\wpnpinst.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:42	 35840 --a----c- C:\WINDOWS\system32\wpabaln.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:41	  9216 --a----c- C:\WINDOWS\system32\winver.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:41	 15360 --a----c- C:\WINDOWS\system32\winmsd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:41	123392 --a----c- C:\WINDOWS\system32\winmine.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:40	 11776 --a----c- C:\WINDOWS\system32\winhlp32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:40	 38912 --a----c- C:\WINDOWS\system32\winchat.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:40	437248 --a----c- C:\WINDOWS\system32\wiaacmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:40	 69120 --a----c- C:\WINDOWS\system32\wextract.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:35	 53248 --a----c- C:\WINDOWS\system32\w32tm.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:35	293376 --a----c- C:\WINDOWS\system32\vssvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:35	 37376 --a----c- C:\WINDOWS\system32\vssadmin.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:34	101888 --a----c- C:\WINDOWS\system32\verifier.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:34	 53760 --a----c- C:\WINDOWS\system32\utilman.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:33	 73728 --a----c- C:\WINDOWS\system32\usrshuta.exe <Not Verified; U.S. Robotics Corporation; U.S. Robotics Modem Driver>
2008-07-13 14:47:33	 65536 --a----c- C:\WINDOWS\system32\usrprbda.exe <Not Verified; U.S. Robotics Corporation; U.S. Robotics modem>
2008-07-13 14:47:33	 81920 --a----c- C:\WINDOWS\system32\usrmlnka.exe <Not Verified; U.S. Robotics Corporation; U.S. Robotics Modem Driver>
2008-07-13 14:47:32	 28160 --a----c- C:\WINDOWS\system32\userinit.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:32	 22528 --a----c- C:\WINDOWS\system32\ups.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:32	 20480 --a----c- C:\WINDOWS\system32\upnpcont.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:32	  8192 --a----c- C:\WINDOWS\system32\unlodctr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:31	 20480 --a----c- C:\WINDOWS\system32\tsshutdn.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:31	 19968 --a----c- C:\WINDOWS\system32\tskill.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:31	 18432 --a----c- C:\WINDOWS\system32\tsdiscon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:31	 48128 --a----c- C:\WINDOWS\system32\tscupgrd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:31	 18944 --a----c- C:\WINDOWS\system32\tscon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:30	 35328 --a----c- C:\WINDOWS\system32\tracert6.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:30	 16384 --a----c- C:\WINDOWS\system32\tracert.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:30	350720 --a----c- C:\WINDOWS\system32\tourstart.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:30	 20480 --a----c- C:\WINDOWS\system32\tftp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:30	 78848 --a----c- C:\WINDOWS\system32\telnet.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:30	 15872 --a----c- C:\WINDOWS\system32\tcmsetup.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:30	  7168 --a----c- C:\WINDOWS\system32\systray.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:29	110080 --a----c- C:\WINDOWS\system32\sysocmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:29	 40448 --a----c- C:\WINDOWS\system32\syskey.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:29	 54784 --a----c- C:\WINDOWS\system32\syncapp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:29	 13312 --a----c- C:\WINDOWS\system32\subst.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:29	 18432 --a----c- C:\WINDOWS\system32\stimon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:28	 13824 --a----c- C:\WINDOWS\system32\sprestrt.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:21	 15360 --a----c- C:\WINDOWS\system32\spnpinst.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:21	542208 --a----c- C:\WINDOWS\system32\spider.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:21	 27136 --a----c- C:\WINDOWS\system32\sort.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:21	 60416 --a----c- C:\WINDOWS\system32\sol.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:20	 12800 --a----c- C:\WINDOWS\system32\snmptrap.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:20	142848 --a----c- C:\WINDOWS\system32\sndvol32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:20	135168 --a----c- C:\WINDOWS\system32\sndrec32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:20	 93184 --a----c- C:\WINDOWS\system32\smlogsvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:20	 11776 --a----c- C:\WINDOWS\system32\smbinst.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:20	 30208 --a----c- C:\WINDOWS\system32\skeys.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:20	 73728 --a----c- C:\WINDOWS\system32\sigverif.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:19	 23552 --a----c- C:\WINDOWS\system32\shutdown.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:19	 81408 --a----c- C:\WINDOWS\system32\shrpubw.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:19	 46080 --a----c- C:\WINDOWS\system32\shmgrate.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:19	 18432 --a----c- C:\WINDOWS\system32\shadow.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:19	 13312 --a----c- C:\WINDOWS\system32\sfc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:19	 26624 --a----c- C:\WINDOWS\system32\setup.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:19	 35328 --a----c- C:\WINDOWS\system32\sethc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:18	144384 --a----c- C:\WINDOWS\system32\sessmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:18	 80896 --a----c- C:\WINDOWS\system32\sdbinst.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:17	 99328 --a----c- C:\WINDOWS\system32\scardsvr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:17	 34816 --a----c- C:\WINDOWS\system32\sc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:17	 16896 --a----c- C:\WINDOWS\system32\savedump.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:17	 19456 --a----c- C:\WINDOWS\system32\rwinsta.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:17	 17920 --a----c- C:\WINDOWS\system32\runonce.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:17	 36864 --a----c- C:\WINDOWS\system32\rundll32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:17	 19968 --a----c- C:\WINDOWS\system32\runas.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:17	 81408 --a----c- C:\WINDOWS\system32\rtcshare.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:17	136704 --a----c- C:\WINDOWS\system32\rsvp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:17	 52736 --a----c- C:\WINDOWS\system32\rsmui.exe <Not Verified; Microsoft Corporation; Microsoft® Windows Whistler® Operating System>
2008-07-13 14:47:17	 28160 --a----c- C:\WINDOWS\system32\rsmsink.exe <Not Verified; Microsoft Corporation; Microsoft® Windows Whistler® Operating System>
2008-07-13 14:47:17	 52736 --a----c- C:\WINDOWS\system32\rsm.exe <Not Verified; Microsoft Corp; Microsoft(R) Windows (R) 2000 Operating System>
2008-07-13 14:47:16	 18432 --a----c- C:\WINDOWS\system32\rsh.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:16	 29184 --a----c- C:\WINDOWS\system32\routemon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:16	 23552 --a----c- C:\WINDOWS\system32\route.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:16	 17408 --a----c- C:\WINDOWS\system32\rexec.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:16	 13312 --a----c- C:\WINDOWS\system32\reset.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:16	 16896 --a----c- C:\WINDOWS\system32\replace.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:12	  8192 --a----c- C:\WINDOWS\system32\regwiz.exe <Not Verified; Microsoft; RegWizExe>
2008-07-13 14:47:12	 15360 --a----c- C:\WINDOWS\system32\regsvr32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:12	 37888 --a----c- C:\WINDOWS\system32\regini.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:12	  7168 --a----c- C:\WINDOWS\system32\regedt32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:12	 53760 --a----c- C:\WINDOWS\system32\reg.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:12	 11264 --a----c- C:\WINDOWS\system32\recover.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:12	 70656 --a----c- C:\WINDOWS\system32\rdshost.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:12	 17408 --a----c- C:\WINDOWS\system32\rdsaddin.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:11	 66560 --a----c- C:\WINDOWS\system32\rdpclip.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:11	 25088 --a----c- C:\WINDOWS\system32\rcp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:11	 39424 --a----c- C:\WINDOWS\system32\rcimlby.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:11	 60416 --a----c- C:\WINDOWS\system32\rasphone.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:11	 15360 --a----c- C:\WINDOWS\system32\rasdial.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:11	 15360 --a----c- C:\WINDOWS\system32\rasautou.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:11	 25600 --a----c- C:\WINDOWS\system32\qwinsta.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:10	 24064 --a----c- C:\WINDOWS\system32\qprocess.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:10	 20480 --a----c- C:\WINDOWS\system32\qappsrv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:10	 12800 --a----c- C:\WINDOWS\system32\proxycfg.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:10	 53760 --a----c- C:\WINDOWS\system32\proquota.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:10	113664 --a----c- C:\WINDOWS\system32\progman.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:09	 13312 --a----c- C:\WINDOWS\system32\print.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:09	 52736 --a----c- C:\WINDOWS\system32\powercfg.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:09	 36864 --a----c- C:\WINDOWS\system32\ping6.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:09	 21504 --a----c- C:\WINDOWS\system32\ping.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:08	 19456 --a----c- C:\WINDOWS\system32\perfmon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:08	 18944 --a----c- C:\WINDOWS\system32\pentnt.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:08	 25088 --a----c- C:\WINDOWS\system32\pathping.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:08	 61952 --a----c- C:\WINDOWS\system32\packager.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:08	 44032 --a----c- C:\WINDOWS\system32\osuninst.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:08	219136 --a----c- C:\WINDOWS\system32\osk.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:01	423936 --a----c- C:\WINDOWS\system32\ntvdm.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:00	 35328 --a----c- C:\WINDOWS\system32\ntsd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:47:00	 80384 --a----c- C:\WINDOWS\system32\nslookup.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:59	 72704 --a----c- C:\WINDOWS\system32\notepad.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:59	 40448 --a----c- C:\WINDOWS\system32\netstat.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:59	 89600 --a----c- C:\WINDOWS\system32\netsh.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:59	335872 --a----c- C:\WINDOWS\system32\netsetup.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:58	114688 --a----c- C:\WINDOWS\system32\netdde.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:58	129024 --a----c- C:\WINDOWS\system32\net1.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:58	 46592 --a----c- C:\WINDOWS\system32\net.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:58	  8192 --a----c- C:\WINDOWS\system32\nddeapir.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:58	 24064 --a----c- C:\WINDOWS\system32\nbtstat.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:58	 57856 --a----c- C:\WINDOWS\system32\narrator.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:56	411136 --a----c- C:\WINDOWS\system32\mstsc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:56	 15872 --a----c- C:\WINDOWS\system32\mstinit.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:56	 10240 --a----c- C:\WINDOWS\system32\msswchx.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:55	346624 --a----c- C:\WINDOWS\system32\mspaint.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:54	 44544 --a----c- C:\WINDOWS\system32\msiregmv.exe <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
2008-07-13 14:46:54	 80896 --a----c- C:\WINDOWS\system32\msiexec.exe <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
2008-07-13 14:46:54	 33280 --a----c- C:\WINDOWS\system32\mshta.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:54	131072 --a----c- C:\WINDOWS\system32\mshearts.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:54	 24576 --a----c- C:\WINDOWS\system32\msg.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:52	 16896 --a----c- C:\WINDOWS\system32\mrinfo.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:52	 25600 --a----c- C:\WINDOWS\system32\mpnotify.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:52	126976 --a----c- C:\WINDOWS\system32\mplay32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:51	 11776 --a----c- C:\WINDOWS\system32\mountvol.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:51	147456 --a----c- C:\WINDOWS\system32\mobsync.exe <Not Verified; Microsoft Corporation; Microsoft Synchronization Manager>
2008-07-13 14:46:51	 36864 --a----c- C:\WINDOWS\system32\mnmsrvc.exe <Not Verified; Microsoft Corporation; Windows® NetMeeting®>
2008-07-13 14:46:51	818688 --a----c- C:\WINDOWS\system32\mmc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:51	 55808 --a----c- C:\WINDOWS\system32\migpwd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:48	 89600 --a----c- C:\WINDOWS\system32\makecab.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:48	 76288 --a----c- C:\WINDOWS\system32\magnify.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:46	 11776 --a----c- C:\WINDOWS\system32\lpr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:46	  9728 --a----c- C:\WINDOWS\system32\lpq.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:46	518656 --a----c- C:\WINDOWS\system32\logonui.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:46	 18944 --a----c- C:\WINDOWS\system32\logoff.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:46	 62976 --a----c- C:\WINDOWS\system32\logman.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:45	108032 --a----c- C:\WINDOWS\system32\logagent.exe <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services>
2008-07-13 14:46:45	  9216 --a----c- C:\WINDOWS\system32\lodctr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:45	 28672 --a----c- C:\WINDOWS\system32\lnkstub.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:45	 33792 --a----c- C:\WINDOWS\system32\lights.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:44	 13824 --a----c- C:\WINDOWS\system32\label.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:41	 27136 --a----c- C:\WINDOWS\system32\ipxroute.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:41	 57344 --a----c- C:\WINDOWS\system32\ipv6.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:41	 48128 --a----c- C:\WINDOWS\system32\ipsec6.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:41	 59392 --a----c- C:\WINDOWS\system32\ipconfig.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:38	153600 --a----c- C:\WINDOWS\system32\imapi.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:38	118272 --a----c- C:\WINDOWS\system32\iexpress.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:37	 11776 --a----c- C:\WINDOWS\system32\hostname.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:36	 18432 --a----c- C:\WINDOWS\system32\help.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:36	 43008 --a----c- C:\WINDOWS\system32\grpconv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:36	271360 --a----c- C:\WINDOWS\system32\fxssvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:36	 14848 --a----c- C:\WINDOWS\system32\fxssend.exe <Not Verified; Microsoft Corporation; Microsoft® Fax Server>
2008-07-13 14:46:35	232960 --a----c- C:\WINDOWS\system32\fxscover.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:35	146944 --a----c- C:\WINDOWS\system32\fxsclnt.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:35	 46080 --a----c- C:\WINDOWS\system32\ftp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:35	 59904 --a----c- C:\WINDOWS\system32\fsutil.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:35	196608 --a----c- C:\WINDOWS\system32\fsquirt.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:35	 58880 --a----c- C:\WINDOWS\system32\freecell.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:35	 10752 --a----c- C:\WINDOWS\system32\forcedos.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:35	 25088 --a----c- C:\WINDOWS\system32\fontview.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:35	 26624 --a----c- C:\WINDOWS\system32\fltMc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:34	  7168 --a----c- C:\WINDOWS\system32\fixmapi.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:34	 12800 --a----c- C:\WINDOWS\system32\finger.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:34	 30720 --a----c- C:\WINDOWS\system32\findstr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:34	 13312 --a----c- C:\WINDOWS\system32\find.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:34	 18944 --a----c- C:\WINDOWS\system32\fc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:34	 49152 --a----c- C:\WINDOWS\system32\extrac32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:34	 19456 --a----c- C:\WINDOWS\system32\expand.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:34	 95744 --a----c- C:\WINDOWS\system32\evntwin.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:34	 27648 --a----c- C:\WINDOWS\system32\evntcmd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:34	 12288 --a----c- C:\WINDOWS\system32\eventvwr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:33	196608 --a----c- C:\WINDOWS\system32\eudcedit.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:33	 43008 --a----c- C:\WINDOWS\system32\esentutl.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:32   1302528 --a----c- C:\WINDOWS\system32\dxdiag.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:32	184320 --a----c- C:\WINDOWS\system32\dwwin.exe <Not Verified; Microsoft Corporation; Microsoft Application Error Reporting>
2008-07-13 14:46:32	 21504 --a----c- C:\WINDOWS\system32\dvdupgrd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:32	 58880 --a----c- C:\WINDOWS\system32\dvdplay.exe <Not Verified;; dvdplay Application>
2008-07-13 14:46:32	 14336 --a----c- C:\WINDOWS\system32\dumprep.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:31	 49152 --a----c- C:\WINDOWS\system32\drwtsn32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:24	 87040 --a----c- C:\WINDOWS\system32\dpvsetup.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:24	 22016 --a----c- C:\WINDOWS\system32\dpnsvr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:24	 33792 --a----c- C:\WINDOWS\system32\dplaysvr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:24	 14848 --a----c- C:\WINDOWS\system32\doskey.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:46:24	 19456 --a----c- C:\WINDOWS\system32\dmremote.exe <Not Verified; Microsoft Corp.; Logical Disk Manager for Windows NT>
2008-07-13 14:46:24	228864 --a----c- C:\WINDOWS\system32\dmadmin.exe <Not Verified; Microsoft Corp., Veritas Software; Logical Disk Manager for Windows NT>
2008-07-13 14:46:24	  8704 --a----c- C:\WINDOWS\system32\dllhst3g.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:28	 21504 --a----c- C:\WINDOWS\system32\diskperf.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:28	167424 --a----c- C:\WINDOWS\system32\diskpart.exe <Not Verified; Microsoft Corporation; Microsoft Corporation Diskpart Application>
2008-07-13 14:45:24	 89600 --a----c- C:\WINDOWS\system32\diantz.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:23	 86016 --a----c- C:\WINDOWS\system32\dfrgfat.exe <Not Verified; Microsoft Corp. and Executive Software International, Inc.; Windows Disk Defragmenter>
2008-07-13 14:45:23	 28672 --a----c- C:\WINDOWS\system32\defrag.exe <Not Verified; Microsoft Corp. and Executive Software International, Inc.; Windows Disk Defragmenter>
2008-07-13 14:45:23	 33792 --a----c- C:\WINDOWS\system32\ddeshare.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:23	  8704 --a----c- C:\WINDOWS\system32\dcomcnfg.exe <Not Verified; Microsoft Corporation; COM Services>
2008-07-13 14:45:21	102400 --a----c- C:\WINDOWS\system32\cscript.exe <Not Verified; Microsoft Corporation; Microsoft (r) Windows Script Host>
2008-07-13 14:45:20	 17920 --a----c- C:\WINDOWS\system32\convert.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:20	 11776 --a----c- C:\WINDOWS\system32\control.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:20	 31232 --a----c- C:\WINDOWS\system32\conime.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:12	 21504 --a----c- C:\WINDOWS\system32\compact.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:12	 19968 --a----c- C:\WINDOWS\system32\comp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:12	 67584 --a----c- C:\WINDOWS\system32\cmstp.exe <Not Verified; Microsoft Corporation; Microsoft(R) Connection Manager>
2008-07-13 14:45:12	 43520 --a----c- C:\WINDOWS\system32\cmmon32.exe <Not Verified; Microsoft Corporation; Microsoft(R) Connection Manager>
2008-07-13 14:45:12	 50688 --a----c- C:\WINDOWS\system32\cmdl32.exe <Not Verified; Microsoft Corporation; Microsoft(R) Connection Manager>
2008-07-13 14:45:11	392192 --a----c- C:\WINDOWS\system32\cmd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:11	 37376 --a----c- C:\WINDOWS\system32\clipsrv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:11	106496 --a----c- C:\WINDOWS\system32\clipbrd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:11	 67584 --a----c- C:\WINDOWS\system32\cleanmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:11	 11776 --a----c- C:\WINDOWS\system32\ckcnv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:11	  9728 --a----c- C:\WINDOWS\system32\cisvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:11	 12288 --a----c- C:\WINDOWS\system32\cidaemon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:11	 15360 --a----c- C:\WINDOWS\system32\chkntfs.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:11	 15872 --a----c- C:\WINDOWS\system32\chkdsk.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:11	 83968 --a----c- C:\WINDOWS\system32\charmap.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:04	118272 --a----c- C:\WINDOWS\system32\calc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:04	 22016 --a----c- C:\WINDOWS\system32\cacls.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:04	  8704 --a----c- C:\WINDOWS\system32\bootvrfy.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:04	  8192 --a----c- C:\WINDOWS\system32\bootok.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:04	 75264 --a----c- C:\WINDOWS\system32\blastcln.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:04	 14848 --a----c- C:\WINDOWS\system32\autolfn.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:03	584704 --a----c- C:\WINDOWS\system32\autofmt.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:03	606208 --a----c- C:\WINDOWS\system32\autoconv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:03	592384 --a----c- C:\WINDOWS\system32\autochk.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:03	 18432 --a----c- C:\WINDOWS\system32\auditusr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:03	 15360 --a----c- C:\WINDOWS\system32\attrib.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:03	 14848 --a----c- C:\WINDOWS\system32\atmadm.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:02	 28672 --a----c- C:\WINDOWS\system32\Ati2mdxx.exe <Not Verified; ATI Technologies, Inc.; ATI Default Resolution Update>
2008-07-13 14:45:02	364544 --a----c- C:\WINDOWS\system32\ati2evxx.exe <Not Verified; ATI Technologies Inc.; ATI External Event Utility for WindowsNT and Windows9X>
2008-07-13 14:45:02	 28672 --a----c- C:\WINDOWS\system32\at.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:02	 23040 --a----c- C:\WINDOWS\system32\arp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:02	101888 --a----c- C:\WINDOWS\system32\ahui.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:45:01	  8192 --a----c- C:\WINDOWS\system32\actmovie.exe <Not Verified; Microsoft Corporation; DirectShow>
2008-07-13 14:45:01	187392 --a----c- C:\WINDOWS\system32\accwiz.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:44:20	150016 --a----c- C:\WINDOWS\regedit.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:43:51	 72704 --a----c- C:\WINDOWS\notepad.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-13 14:42:00	 14336 --a----c- C:\WINDOWS\hh.exe <Not Verified; Microsoft Corporation; HTML Help>
2008-07-13 12:46:46		 0 d------c- C:\Documents and Settings\Mike\Application Data\VMware
2008-07-13 02:05:23	 22816 --a----c- C:\WINDOWS\system32\emptyregdb.dat
2008-07-13 02:03:25		 0 d------c- C:\Program Files\Messenger
2008-07-11 17:33:10		 0 d------c- C:\Program Files\Movie Maker
2008-07-11 17:31:37		 0 d------c- C:\Program Files\Windows NT
2008-07-10 03:55:48		 0 d------c- C:\Program Files\AIM6
2008-07-10 02:12:19	296960 --a----c- C:\WINDOWS\system32\WISPTIS.EXE <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-10 02:12:19	296960 --a----c- C:\WINDOWS\system32\wisptis.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-08 19:49:29		 0 d--h---c- C:\Program Files\WindowsUpdate
2008-07-05 21:40:36		 0 d------c- C:\Program Files\StealthBot
2008-07-05 21:40:06	 73728 --a----c- C:\WINDOWS\zllsputility.exe <Not Verified; Zone Labs, LLC; ZoneLabs LSP Removal Utility>
2008-07-05 21:40:00	204800 --a----c- C:\WINDOWS\unzip.exe
2008-07-05 21:40:00	970752 --a----c- C:\WINDOWS\UNRecode.exe <Not Verified; Nero AG; Nero Installer>
2008-07-05 21:40:00	970752 --a----c- C:\WINDOWS\UNNeroVision.exe <Not Verified; Nero AG; Nero Installer>
2008-07-05 21:39:59	970752 --a----c- C:\WINDOWS\UNNeroShowTime.exe <Not Verified; Nero AG; Nero Installer>
2008-07-05 21:39:59	970752 --a----c- C:\WINDOWS\UNNeroMediaHome.exe <Not Verified; Nero AG; Nero Installer>
2008-07-05 21:39:59	970752 --a----c- C:\WINDOWS\UNNeroBackItUp.exe <Not Verified; Nero AG; Nero Installer>
2008-07-05 21:39:59	303104 --a----c- C:\WINDOWS\uninst.exe <Not Verified; InstallShield Corporation, Inc.; InstallShield unInstaller>
2008-07-05 21:39:59	685056 --a----c- C:\WINDOWS\unins000.exe
2008-07-05 21:39:59	126976 --a----c- C:\WINDOWS\UnGins.exe
2008-07-05 21:39:58	278528 --a----c- C:\WINDOWS\TLCUninstall.exe <Not Verified; Riverdeep Interactive Learning Limited; Launcher>
2008-07-05 21:39:58	239104 --a----c- C:\WINDOWS\system32\ZuneWlanCfgSvc.exe <Not Verified; Microsoft Corporation; Zune®>
2008-07-05 21:39:54	150528 --a----c- C:\WINDOWS\system32\WudfHost.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-05 21:39:54	 20992 --a----c- C:\WINDOWS\system32\wpdshextautoplay.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-05 21:39:54	505856 --a----c- C:\WINDOWS\system32\winlogon_original.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-05 21:39:53	 12288 --a----c- C:\WINDOWS\system32\wdfmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-05 21:39:51	 12288 --a----c- C:\WINDOWS\system32\uwdf.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-05 21:39:50	 13824 --a----c- C:\WINDOWS\system32\UDBDef.exe
2008-07-05 21:39:50	 73216 --a----c- C:\WINDOWS\system32\twunk_32.exe <Not Verified; Twain Working Group; Twain Thunker>
2008-07-05 21:39:50	 73216 --a----c- C:\WINDOWS\system32\TWUNK_32.EXE <Not Verified; Twain Working Group; Twain Thunker>
2008-07-05 21:39:50	263168 --a----c- C:\WINDOWS\system32\TweakUI.exe <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Shell PowerToys>
2008-07-05 21:39:50	 20480 --a----c- C:\WINDOWS\system32\tswpfwrp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-05 21:39:47	 20992 --a----c- C:\WINDOWS\system32\spupdsvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-05 21:39:43	 11776 --a----c- C:\WINDOWS\system32\spdwnwxp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-05 21:39:41	186368 --a----c- C:\WINDOWS\system32\searchprotocolhost.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-05 21:39:41	303616 --a----c- C:\WINDOWS\system32\searchindexer.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-05 21:39:41	 80384 --a----c- C:\WINDOWS\system32\searchfilterhost.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-05 21:39:38	350208 --a----c- C:\WINDOWS\system32\RmActivate_ssp_isv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-05 21:39:38	353792 --a----c- C:\WINDOWS\system32\RmActivate_ssp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-05 21:39:38	527360 --a----c- C:\WINDOWS\system32\RmActivate_isv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-05 21:39:37	519168 --a----c- C:\WINDOWS\system32\RmActivate.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-05 21:39:30	345088 --a----c- C:\WINDOWS\system32\PresentationHost.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-05 21:39:30   1191936 --a----c- C:\WINDOWS\system32\PnkBstrB.exe
2008-07-05 21:39:30	 88064 --a----c- C:\WINDOWS\system32\pintool.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-05 21:39:30	 23040 --a----c- C:\WINDOWS\system32\pgdfgsvc.exe <Not Verified; Sysinternals - www.sysinternals.com; Page File Defragmenter>
2008-07-05 21:39:29   2510848 --a----c- C:\WINDOWS\system32\oodtray.exe <Not Verified; O&O Software GmbH; O&O Defrag>
2008-07-05 21:39:29	192000 --a----c- C:\WINDOWS\system32\oodbs.exe <Not Verified; O&O Software GmbH; O&O Defrag>
2008-07-05 21:39:29	 81920 --a----c- C:\WINDOWS\system32\OnlineScannerUninstaller.exe <Not Verified;; OnlineScannerUninstaller>
2008-07-05 21:39:27	188416 --a----c- C:\WINDOWS\system32\NPSWF32_FlashUtil.exe <Not Verified; Adobe Systems, Inc.; Flash Player Helper>
2008-07-05 21:39:27	 81920 --a----c- C:\WINDOWS\system32\nmapwin.exe <Not Verified; JVSoftware; NMapWin nmap front-end>
2008-07-05 21:39:27	290816 --a----c- C:\WINDOWS\system32\nmapserv.exe
2008-07-05 21:39:27	455680 --a----c- C:\WINDOWS\system32\nmap.exe <Not Verified;; Nmap>
2008-07-05 21:39:23	 28672 --a----c- C:\WINDOWS\system32\MASetupCleaner.exe <Not Verified; (?)????; MASetupCleaner ?? ????>
2008-07-05 21:39:21	178688 --a----c- C:\WINDOWS\system32\LEXPPS(2).EXE <Not Verified; Lexmark International, Inc.; MarkVision for Windows (32 bit)>
2008-07-05 21:39:21	307200 --a----c- C:\WINDOWS\system32\LEXBCES(3).EXE <Not Verified; Lexmark International, Inc.; MarkVision for Windows (32 bit)>
2008-07-05 21:39:21   2324096 --a----c- C:\WINDOWS\system32\kernel1.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-05 21:39:19	573952 --a----c- C:\WINDOWS\system32\icardagt.exe <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
2008-07-05 21:39:19	 86016 --a----c- C:\WINDOWS\system32\HPZipm12.exe <Not Verified; HP; HP PML>
2008-07-05 21:39:19	 81920 --a----c- C:\WINDOWS\system32\HPZinw12.exe <Not Verified; HP; HP Dot4Net Windows>
2008-07-05 21:39:18	249344 --a----c- C:\WINDOWS\system32\fixflash.exe
2008-07-05 21:39:17	253440 --a----c- C:\WINDOWS\system32\drmupgds.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-05 21:39:15	 86016 --a----c- C:\WINDOWS\system32\dns-sd.exe <Not Verified; Apple Inc.; Bonjour>
2008-07-05 21:38:22	505856 --a----c- C:\WINDOWS\system32\Copy of winlogon_original.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-05 21:38:20	392192 --a----c- C:\WINDOWS\system32\CF9830.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-07-05 21:38:19	598016 --a----c- C:\WINDOWS\system32\ati2sgag.exe <Not Verified;; ATI Smart>
2008-07-05 21:38:18	196608 --a----c- C:\WINDOWS\system32\AegisI5.exe <Not Verified;; AegisInstall Application>
2008-07-05 21:38:18	 49152 --a----c- C:\WINDOWS\system32\AADL.exe <Not Verified;; Auction Aux Downloader>
2008-07-05 21:38:17	 76800 --a----c- C:\WINDOWS\st6unst.exe <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2008-07-05 21:38:17	 76800 --a----c- C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2008-07-05 21:38:16	 28672 --a----c- C:\WINDOWS\shortcut.exe <Not Verified;; dshortcut Application>
2008-07-05 21:38:15	339968 --a----c- C:\WINDOWS\setuplus.exe <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Windows>
2008-07-05 21:38:14	 98304 --a----c- C:\WINDOWS\ScUnin.exe <Not Verified; Blizzard Entertainment; Starcraft Uninstaller>
2008-07-05 21:37:36	102912 --a----c- C:\WINDOWS\Matrix Code.exe <Not Verified; Macromedia, Inc.; Macromedia Director>
2008-07-05 21:37:36	290816 --a----c- C:\WINDOWS\iun506.exe <Not Verified; Indigo Rose Corporation; Setup Factory 5.0 Uninstaller>
2008-07-05 21:37:36	310272 --a----c- C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2008-07-05 21:37:09	 45056 --a----c- C:\WINDOWS\hpmonZ.exe <Not Verified; Hewlett-Packard Company; Hewlett-Packard Monitor Service>
2008-07-05 21:34:54	 28672 --a----c- C:\WINDOWS\ciaunwdm.exe <Not Verified; Conexant Systems Inc.; Conexant WDM Audio Uninstallation Utility>
2008-07-05 21:34:53   3866624 --a----c- C:\SP2004.exe <Not Verified; Johnny Lee; SP2004>
2008-07-02 18:06:34		 0 d------c- C:\Program Files\Starcraft
2008-07-02 16:39:57		 0 d------c- C:\Program Files\D2TBPK
2008-07-02 16:24:00		 0 d------c- C:\Program Files\Diablo II
2008-07-02 03:23:47		 0 d------c- C:\Documents and Settings\Mike\Application Data\Adobe
2008-07-02 01:59:25		 0 d------c- C:\Program Files\Common Files
2008-06-30 22:12:53		 0 d------c- C:\Documents and Settings\Mike\Application Data\uTorrent
2008-06-30 17:15:08		 0 d------c- C:\Program Files\D22
2008-06-29 15:26:41		 0 d------c- C:\Program Files\nLite
2008-06-18 07:00:06	 55808 --a------ C:\WINDOWS\system32\ZuneBusEnum.exe <Not Verified; Microsoft Corporation; Zune®>
2008-06-18 07:00:04	118784 --a------ C:\WINDOWS\system32\vmnetdhcp.exe <Not Verified; VMware, Inc.; VMware Workstation>
2008-06-18 07:00:04	147456 --a------ C:\WINDOWS\system32\vmnat.exe <Not Verified; VMware, Inc.; VMware Workstation>
2008-06-18 07:00:04	 81920 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2008-06-18 07:00:02	 32768 --a------ C:\WINDOWS\system32\verclsid.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-06-18 07:00:02	 40960 --a------ C:\WINDOWS\system32\TaskSwitch.exe
2008-06-18 07:00:00   1048576 --a------ C:\WINDOWS\system32\oodag.exe <Not Verified; O&O Software GmbH; O&O Defrag>
2008-06-15 08:44:11		 0 d------c- C:\Program Files\BitPim
2008-06-12 20:03:33		 0 d------c- C:\Documents and Settings\Mike\Application Data\Offline Explorer
2008-06-12 15:58:04		 0 d------c- C:\Program Files\Offline Explorer Pro
2008-06-11 18:21:26		 0 d--h---c- C:\Program Files\InstallShield Installation Information
2008-06-11 15:17:16		 0 d------c- C:\Program Files\Activision
2008-06-11 10:20:17		 0 d---s--c- C:\Program Files\Xfire
2008-06-10 17:30:34		 0 d------c- C:\Documents and Settings\Mike\Application Data\Xfire
2008-06-09 21:09:59		 0 d------c- C:\Program Files\Hp
2008-06-09 16:40:13	  4212 --ah---c- C:\WINDOWS\system32\zllictbl.dat
2008-06-09 11:24:13		 0 d------c- C:\Program Files\PE Explorer
2008-06-09 11:21:05		 0 d------c- C:\Program Files\MobiMB Mobile Media Browser
2008-06-09 11:21:05		 0 d------c- C:\Program Files\Common Files\LogoManager
2008-06-09 11:14:31		 0 d------c- C:\Program Files\Line Adventures
2008-06-09 11:13:51		 0 d------c- C:\Program Files\Trojan Remover
2008-05-30 22:22:03	 35112 --a----c- C:\WINDOWS\scunin.dat
2008-05-30 22:21:44	   967 --a----c- C:\WINDOWS\ScUnin.pif
2008-05-30 02:34:28		 0 d------c- C:\Program Files\Cain
2008-05-28 19:10:36		 0 d------c- C:\Program Files\Alpha
2008-05-28 18:45:55		 0 d------c- C:\Program Files\WinMerge
2008-05-24 22:04:11		 0 d------c- C:\Program Files\Windows Live Safety Center
2008-05-24 01:57:41		 0 d------c- C:\Program Files\AutoIt3
2008-05-19 09:20:13		 0 d------c- C:\Program Files\EsetOnlineScanner
2008-05-17 16:49:35		 0 d------c- C:\Program Files\OGPlanet
2008-05-15 20:25:24		 0 d------c- C:\Program Files\Syncplicity
2008-05-13 14:12:25		 0 d------c- C:\Program Files\Games-Masters.com
2008-04-17 14:34:28		 0 --a----c- C:\WINDOWS\ativpsrm.bin
2008-04-14 08:00:00	250048 -rahs---- C:\ntldr


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CoolSwitch"="C:\WINDOWS\system32\taskswitch.exe" [06/18/2008 07:00 AM]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [07/13/2008 02:31 PM]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [07/05/2008 09:29 PM]
"AMD_Display"="" []
"hpWirelessAssistant"="C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [05/04/2005 10:59 AM]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [07/05/2008 09:29 PM]
"vmware-tray"="C:\Program Files\VMware\VMware Workstation\vmware-tray.exe" [07/05/2008 09:34 PM]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [07/13/2008 02:42 PM]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE" [07/13/2008 02:42 PM]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [07/13/2008 02:46 PM]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [07/13/2008 02:46 PM]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [07/13/2008 02:46 PM]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [07/05/2008 09:35 PM]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [07/05/2008 09:35 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"="C:\Program Files\CCleaner\ccleaner.exe" [07/05/2008 09:29 PM]
"STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [05/24/2006 02:31 PM]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [10/18/2007 12:34 PM]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [07/10/2008 01:54 AM]
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [07/10/2008 01:56 AM]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [07/09/2008 09:18 AM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 08:00 AM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"tscuninstall"=%systemroot%\system32\tscupgrd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"=0 (0x0)
"SynchronousUserGroupPolicy"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoStartMenuNetworkPlaces"=0 (0x0)
"NoTrayItemsDisplay"=0 (0x0)
"LockTaskbar"=0 (0x0)
"NoSimpleStartMenu"=0 (0x0)
"HideClock"=0 (0x0)
"NoNetworkConnections"=0 (0x0)
"NoRecentDocsHistory"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"EditLevel"=0 (0x0)
"ClearRecentDocsOnExit"=1 (0x1)
"NoLowDiskSpaceChecks"=1 (0x1)
"StartMenuLogoff"=1 (0x1)
"MaxRecentDocs"=15 (0xf)
"NoDesktopCleanupWizard"=1 (0x1)
"NoBandCustomize"=0 (0x0)
"NoInstrumentation"=1 (0x1)
"NoSMBalloonTip"=1 (0x1)
"NoRecentDocsHistory"=1 (0x1)
"NoFileMenu"=0 (0x0)
"NoCommonGroups"=0 (0x0)
"NoSMHelp"=01000000
"NoToolbarCustomize"=0 (0x0)
"NoStartMenuMFUprogramsList"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy] 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Notification Packages"=  scecli scecli scecli scecli scecli scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hp psc 2000 Series.lnk]
backup=C:\WINDOWS\pss\hp psc 2000 Series.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^hpoddt01.exe.lnk]
backup=C:\WINDOWS\pss\hpoddt01.exe.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Mike^Start Menu^Programs^Startup^Adobe Gamma.lnk]
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Mike^Start Menu^Programs^Startup^HDDlife.lnk]
backup=C:\WINDOWS\pss\HDDlife.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Mike^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
backup=C:\WINDOWS\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Mike^Start Menu^Programs^Startup^Xfire.lnk]
backup=C:\WINDOWS\pss\Xfire.lnkStartup


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
"C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoTBar]
AUTOTBAR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CoreComponent]
krnl32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eabconfg.cpl]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
%ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher]
c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobrfksr]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSPY2002]
C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\osCheck]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync]
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Run]
???
?

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SIDEBAR]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP]
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPStart]
C:\Program Files\Synaptics\SynTP\SynTPStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinVNC]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YCentral]
C:\Program Files\Yahoo!\YCentral\YahooCentral.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ZuneNetworkSvc"=2 (0x2)
"WMPNetworkSvc"=2 (0x2)
"WmiApSrv"=2 (0x2)
"WmdmPmSN"=3 (0x3)
"Microsoft Office Groove Audit Service"=3 (0x3)
"LightScribeService"=2 (0x2)
"FontCache3.0.0.0"=3 (0x3)
"FLEXnet Licensing Service"=3 (0x3)
"Fax"=2 (0x2)
"CLTNetCnService"=2 (0x2)
"Viewpoint Manager Service"=2 (0x2)
"SQLWriter"=2 (0x2)
"SQLBrowser"=2 (0x2)
"PHPGeekUtil"=2 (0x2)
"ose"=3 (0x3)
"NMIndexingService"=3 (0x3)
"NBService"=3 (0x3)
"MSSQL$SQLEXPRESS"=2 (0x2)
"iPod Service"=3 (0x3)
"idsvc"=3 (0x3)
"IDriverT"=3 (0x3)
"Bonjour Service"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
"Adobe LM Service"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc	p2psvc p2pimsvc p2pgasvc PNRPSvc
eapsvcs	eaphost
dot3svc	dot3svc


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{067666ef-736b-11da-8462-806d6172696f}]
AutoRun\command- D:\SWSETUP\APPINSTL\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{27b0a869-5cb3-11dc-87f9-000fb0bc5ce5}]
AutoRun\command- F:\LaunchU3.exe -a

*Newly Created Service* - MSISERVER



-- End of Deckard's System Scanner: finished at 2008-07-13 14:57:34 ------------



Extra:

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: AMD Athlon(tm) 64 Processor 3200+
Percentage of Memory in Use: 55%
Physical Memory (total/avail): 1150.48 MiB / 511.15 MiB
Pagefile Memory (total/avail): 2753.38 MiB / 2328.7 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1920.96 MiB

C: is Fixed (NTFS) - 93.15 GiB total, 5.91 GiB free. 
D: is CDROM (CDFS)

\\.\PHYSICALDRIVE0 - ST9100822A - 93.16 GiB - 1 partition
  \PARTITION0 (bootable) - Installable File System - 93.15 GiB - C:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.

FW: ZoneAlarm Firewall v7.0.470.000 (Check Point, LTD.) [COLOR=RED]Disabled[/COLOR]
FW: COMODO Firewall Pro v3.0 (COMODO)
AV: ZoneAlarm Antivirus v7.0.470.000 (Check Point, LTD.) [COLOR=RED]Disabled[/COLOR] [COLOR=RED]Outdated[/COLOR]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\FlashFXP\\FlashFXP.exe"="C:\\Program Files\\FlashFXP\\FlashFXP.exe:*:Enabled:FlashFXP v3"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Xfire\\xfire.exe"="C:\\Program Files\\Xfire\\xfire.exe:*:Enabled:Xfire"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Diablo II\\RedVex_v2.6\\RedVex.exe"="C:\\Program Files\\Diablo II\\RedVex_v2.6\\RedVex.exe:*:Enabled:RedVex"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:YServer Module"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Microsoft Games\\Halo\\halo.exe"="C:\\Program Files\\Microsoft Games\\Halo\\halo.exe:*:Enabled:Halo"
"C:\\Program Files\\Microsoft Games\\Copy of Halo\\halo.exe"="C:\\Program Files\\Microsoft Games\\Copy of Halo\\halo.exe:*:Enabled:Halo"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\Diablo II\\RedVex_3.0\\RedVexs.exe"="C:\\Program Files\\Diablo II\\RedVex_3.0\\RedVexs.exe:*:Enabled:RedVexs"
"C:\\Program Files\\AIM6\\aim6.exe"="C:\\Program Files\\AIM6\\aim6.exe:*:Enabled:AIM"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\D22\\RedVex_v2.6\\RedVex.exe"="C:\\Program Files\\D22\\RedVex_v2.6\\RedVex.exe:*:Enabled:RedVex"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\Program Files\\DiskTrix\\UltimateDefrag\\UDefrag.exe"="C:\\Program Files\\DiskTrix\\UltimateDefrag\\UDefrag.exe:*:Enabled:UltimateDefrag V1"
"C:\\apache\\Apache.exe"="C:\\apache\\Apache.exe:*:Enabled:Apache"
"C:\\apache\\mysql\\bin\\mysqld-nt.exe"="C:\\apache\\mysql\\bin\\mysqld-nt.exe:*:Enabled:mysqld-nt"
"C:\\Program Files\\Adobe\\Adobe Flash CS3\\Flash.exe"="C:\\Program Files\\Adobe\\Adobe Flash CS3\\Flash.exe:*:Enabled:Adobe Flash CS3"
"C:\\apache\\mysql\\bin\\mysqld.exe"="C:\\apache\\mysql\\bin\\mysqld.exe:*:Enabled:mysqld"
"C:\\Program Files\\D2TBPK\\RedVex_v2.6\\RedVex.exe"="C:\\Program Files\\D2TBPK\\RedVex_v2.6\\RedVex.exe:*:Enabled:RedVex"
"C:\\Program Files\\Cain\\Cain.exe"="C:\\Program Files\\Cain\\Cain.exe:*:Enabled:Cain - Password Recovery Utility"
"C:\\Program Files\\SmartFTP Client\\SmartFTP.exe"="C:\\Program Files\\SmartFTP Client\\SmartFTP.exe:*:Enabled:SmartFTP Client 2.5"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Enabled:Microsoft Management Console"
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
"C:\\Program Files\\Net Tools\\nettools5.exe"="C:\\Program Files\\Net Tools\\nettools5.exe:*:Enabled:Net Tools by Mohammad Ahmadi Bidakhvidi"
"C:\\Program Files\\mIRC\\mirc.exe"="C:\\Program Files\\mIRC\\mirc.exe:*:Enabled:mIRC"
"C:\\Program Files\\Net Tools\\DirectConnect.exe"="C:\\Program Files\\Net Tools\\DirectConnect.exe:*:Enabled:Direct Connect lets two PC directly connect and Send/Receive files and chat."
"C:\\Program Files\\Net Tools\\FastFTPClient.exe"="C:\\Program Files\\Net Tools\\FastFTPClient.exe:*:Enabled:Fast FTP Client for NetTools"
"C:\\WINDOWS\\system\\server\\Server.exe"="C:\\WINDOWS\\system\\server\\Server.exe:*:Disabled:Hacker Desktop Server"
"C:\\Games\\Counter-Strike Source\\hl2.exe"="C:\\Games\\Counter-Strike Source\\hl2.exe:*:Disabled:hl2"
"C:\\Documents and Settings\\Mike\\Application Data\\Thinstall\\{004F83E4-AD02-4137-9078-AB72B8E03BC6}\\40000010900002i\\oodag.exe"="C:\\Documents and Settings\\Mike\\Application Data\\Thinstall\\{004F83E4-AD02-4137-9078-AB72B8E03BC6}\\40000010900002i\\oodag.exe:*:Disabled:oodag"
"C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Disabled:Run a DLL as an App"
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"="C:\\Program Files\\Winamp Remote\\bin\\Orb.exe:*:Enabled:Orb"
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe:*:Enabled:OrbTray"
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\\WINDOWS\\system32\\muzapp.exe"="C:\\WINDOWS\\system32\\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"="C:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Mike\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=LAPTOP
ComSpec=C:\WINDOWS\system32\cmd.exe
DXSDK_DIR=C:\Program Files\Microsoft DirectX SDK (November 2007)\
FP_NO_HOST_CHECK=NO
HellgateEnv=C:\Program Files\Flagship Studios\Hellgate London\
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Mike
LOGONSERVER=\\LAPTOP
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Internet Explorer;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\WBEM;C:\Perl\site\bin;C:\Perl\bin;C:\Program Files\Microsoft DirectX SDK (November 2007)\Utilities\Bin\x86;C:\WINDOWS\system32;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Support Tools\;C:\Program Files\Common Files\Adobe\AGL;c:\Program Files\Microsoft SQL Server\90\Tools\binn\;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727;C:\Program Files\Nmap
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=2f02
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Mike\LOCALS~1\Temp
TMP=C:\DOCUME~1\Mike\LOCALS~1\Temp
USERDOMAIN=LAPTOP
USERNAME=Mike
USERPROFILE=C:\Documents and Settings\Mike
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI 


-- User Profiles ---------------------------------------------------------------

James [I](admin)[/I]
Mike [I](admin)[/I]
Test Account [I](admin)[/I]
Administrator [I](admin)[/I]


-- Add/Remove Programs ---------------------------------------------------------

 --> C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
 --> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
 --> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
 --> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
 --> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
 --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
 --> C:\WINDOWS\UNRecode.exe /UNINSTALL
 --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
ActivePerl 5.10.0 Build 1002 --> MsiExec.exe /I{49C69876-0196-4620-B237-EA334C2E40B5}
Adobe Acrobat 4.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 4.0\NT\Uninst.dll"
Adobe Anchor Service CS3 --> MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3 --> MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3 --> MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting --> MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0 --> MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps --> MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific --> MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings --> C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings --> MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Extra Settings --> MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings --> MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings --> MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Default Language CS3 --> MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3 --> MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Dreamweaver CS3 --> C:\Program Files\Common Files\Adobe\Installers\435a6af7459cb02a9c1138113a26e93\Setup.exe
Adobe Dreamweaver CS3 --> MsiExec.exe /I{F01D5ED5-D53A-4468-B428-149DC2CB3110}
Adobe ExtendScript Toolkit 2 --> C:\Program Files\Common Files\Adobe\Installers\5bc0f8414ec36c555a3e7e5ec2e225e\Setup.exe
Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{1BCEA516-B4C5-4B2D-BFA0-AB7910BAD862}
Adobe Extension Manager CS3 --> MsiExec.exe /I{D7A53E41-3F32-4A44-989C-53DDEBB2130C}
Adobe Fireworks CS3 --> C:\Program Files\Common Files\Adobe\Installers\bbef028176efa5abf0233d3e1747be8\Setup.exe
Adobe Fireworks CS3 --> MsiExec.exe /I{E16110F7-1C85-4675-99F4-7938F832C825}
Adobe Flash CS3 --> MsiExec.exe /I{6B52140A-F189-4945-BFFC-DB3F00B8C589}
Adobe Flash CS3 Professional --> C:\Program Files\Common Files\Adobe\Installers\c3c7fe8b09d497ab2b3fd91c9353390\Setup.exe
Adobe Flash Player 9 ActiveX --> MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Video Encoder --> MsiExec.exe /I{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}
Adobe Fonts All --> MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3 --> MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3 --> MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files --> MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Photoshop CS3 --> C:\Program Files\Common Files\Adobe\Installers\719d6f144d0c086a0dfa7ff76bb9ac1\Setup.exe
Adobe Photoshop CS3 --> MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}
Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Adobe Setup --> MsiExec.exe /I{15C768E2-AB61-4DE3-952F-6B237A834951}
Adobe Setup --> MsiExec.exe /I{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}
Adobe Setup --> MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup --> MsiExec.exe /I{D504303A-717D-414C-BA9F-FE01093E2EF8}
Adobe Setup --> MsiExec.exe /I{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}
Adobe Setup --> MsiExec.exe /I{FFC1ADE3-944B-4231-894E-3903C37271D2}
Adobe Stock Photos 1.0 --> MsiExec.exe /I{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}
Adobe Stock Photos CS3 --> MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support --> MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3 --> MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client --> MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin --> MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3 --> MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Adobe® Photoshop® Album Starter Edition 3.2 --> MsiExec.exe /I{A654A805-41D9-40C7-AA46-4AF04F044D61}
Advanced Archive Password Recovery (remove only) --> C:\Program Files\ElcomSoft\ARCHPR\uninstall.exe
AIM 6 --> C:\Program Files\AIM6\uninst.exe
Alt-Tab Task Switcher Powertoy for Windows XP --> MsiExec.exe /I{A7050037-F0EA-4BAB-BCD5-FC05507D6147}
AMD CPUInfo --> MsiExec.exe /X{9A27B530-AC8F-4C21-AA59-271FBFD9FE1F}
AMD Power Monitor --> MsiExec.exe /X{68F19BCC-49D3-49FF-BAAC-A147C66A9710}
AMD Processor Driver --> C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe -runfromtemp -l0x0009 -removeonly
AOL Uninstaller (Choose which Products to Remove) --> C:\Program Files\Common Files\AOL\uninstaller.exe
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0 
ATI Catalyst Registration --> MsiExec.exe /X{72736F5F-520D-472A-88CC-7B02872FD34E}
ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" 
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATITool Overclocking Utility --> "C:\Program Files\ATITool\Uninstall.exe"
AutoIt v3.2.10.0 --> C:\Program Files\AutoIt3\Uninstall.exe
AutoIt v3.2.11.12 (Beta) --> C:\Program Files\AutoIt3\beta\Uninstall.exe
BitPim 1.0.5 --> "C:\Program Files\BitPim\unins000.exe"
Bonjour --> MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
Broadcom 802.11 Wireless LAN Adapter --> C:\WINDOWS\system32\BCMWLU00.exe verbose /rootkey=Software\Broadcom\802.11\UninstallInfo
Broadcom Wireless Utility --> C:\WINDOWS\system32\BCMWLU00.exe verbose /rootkey=Software\Broadcom\802.11_App\UninstallInfo
CABAL Online --> "C:\Program Files\OGPlanet\CABAL Online\unins000.exe"
Cain & Abel v4.9.7 --> C:\PROGRA~1\Cain\UNINSTAL.EXE C:\PROGRA~1\Cain\Install.log
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Conexant AC-Link Audio --> CIAunwdm.exe
Counter-Strike Source 1.0.0.25 --> "C:\Games\Counter-Strike Source\unins000.exe"
Data Fax SoftModem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_1002&DEV_4378&SUBSYS_3085103C\HXFSETUP.EXE -U -Icpl30855.inf
Defraggler (remove only) --> "C:\Program Files\Defraggler\uninst.exe"
Dev-C++ 5 beta 9 release (4.9.9.2) --> "C:\Dev-Cpp\uninstall.exe"
Diablo II --> C:\WINDOWS\DIIUnin.exe C:\WINDOWS\DIIUnin.dat
DukesterX 1.5.1 --> "C:\Program Files\Fazsoftware\Dukester X\1.5\unins000.exe"
DVD Flick --> "C:\Program Files\DVD Flick\unins000.exe"
ESET Online Scanner --> C:\WINDOWS\system32\OnlineScannerUninstaller.exe
GdiplusUpgrade --> MsiExec.exe /I{5421155F-B033-49DB-9B33-8F80F233D4D5}
Hellgate: London --> MsiExec.exe /X{A2B4455D-1046-4732-BFBC-0821BEFC07BC}
Hero Editor V0.90 --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\Hero Editor\ST6UNST.LOG"  
Hero Editor V0.90 (C:\Program Files\Hero Editor\) --> C:\WINDOWS\st6unst.exe -n "C:\Program Files\Hero Editor\ST6UNST.LOG"  
HP Help and Support --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.exe" -l0x9  -removeonly
HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HP Wireless Assistant --> MsiExec.exe /I{0289B18A-F99F-423F-B79F-1150D0F85492}
HP Wireless Assistant 1.01 C1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\Setup.exe" -l0x9  hpquninst
InterVideo WinDVD --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iTunes --> MsiExec.exe /I{7FF9CD9C-6E0C-4462-9670-F424DCB32DAF}
J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
J2SE Runtime Environment 5.0 Update 7 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150070}
J2SE Runtime Environment 5.0 Update 9 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
KGB Archiver 1.2.1.24 --> "C:\Program Files\KGB Archiver\unins000.exe"
Lame ACM MP3 Codec --> "C:\WINDOWS\IFinst26.exe" -UC:\Program Files\Lame MP3 Codec\IFUFF.inf
Line Adventures 1.0 --> "C:\Program Files\Line Adventures\unins000.exe"
Macromedia Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
MetaProducts Offline Explorer Pro --> C:\Program Files\Offline Explorer Pro\OE.exe /UnInstall
Metasploit Framework 3.0 --> C:\Program Files\Metasploit\Framework3\uninst.exe
Microsoft Baseline Security Analyzer 2.0.1 --> MsiExec.exe /I{7F231232-C309-4401-964A-2A002B6E1ED9}
Microsoft DirectX SDK (November 2007) --> MsiExec.exe /I{CA97B421-06CB-4040-8EC9-6ED02EA87930}
Microsoft Halo --> "C:\Program Files\Microsoft Games\Halo\UNINSTAL.EXE" /runtemp /addremove
Microsoft MSDN 2005 Express Edition - ENU --> C:\Program Files\Microsoft Visual Studio 8\Microsoft MSDN 2005 Express Edition - ENU\install.exe
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007 --> MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Standard Edition 2003 --> MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft SQL Server 2005 --> "c:\Program Files\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) --> MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
Microsoft SQL Server 2005 Tools Express Edition --> MsiExec.exe /I{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}
Microsoft SQL Server Native Client --> MsiExec.exe /I{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}
Microsoft SQL Server Setup Support Files (English) --> MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer --> MsiExec.exe /I{E9F44C98-B8B6-480F-AF7B-E42A0A46F4E3}
Microsoft Visual Basic 2005 Express Edition - ENU --> C:\Program Files\Microsoft Visual Studio 8\Microsoft Visual Basic 2005 Express Edition - ENU\setup.exe
Microsoft Visual Basic 2005 Express Edition - ENU --> MsiExec.exe /X{577AD794-8B34-40B4-9E7A-BE4CFFE396E6}
Microsoft Visual Basic 2005 Express Edition - ENU Service Pack 1 (KB926747) --> C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {355AD171-6294-4265-95EC-741E081E98F3} /package {577AD794-8B34-40B4-9E7A-BE4CFFE396E6}
Microsoft Visual C# 2005 Express Edition - ENU --> C:\Program Files\Microsoft Visual Studio 8\Microsoft Visual C# 2005 Express Edition - ENU\setup.exe
Microsoft Visual C# 2005 Express Edition - ENU --> MsiExec.exe /X{7E7D7935-B0C8-4032-80BA-2CDC9E43C3B8}
Microsoft Visual C# 2005 Express Edition - ENU Service Pack 1 (KB926749) --> C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {B6B0F76A-873E-438E-BC25-6704193DD344} /package {7E7D7935-B0C8-4032-80BA-2CDC9E43C3B8}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 6.0 Standard Edition --> "C:\Program Files\Microsoft Visual Studio\VC98\Setup\1033\Setup.exe"
Microsoft Visual Web Developer 2005 Express Edition - ENU --> C:\Program Files\Microsoft Visual Studio 8\Microsoft Visual Web Developer 2005 Express Edition - ENU\setup.exe
Microsoft Visual Web Developer 2005 Express Edition - ENU --> MsiExec.exe /X{221125DC-6A40-4900-B844-591F5E1195B0}
Microsoft Visual Web Developer 2005 Express Edition - ENU Service Pack 1 (KB926751) --> C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {D07A13F7-D30C-47DD-AD95-7D0105811327} /package {221125DC-6A40-4900-B844-591F5E1195B0}
Microsoft Works --> MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
mIRC --> C:\Program Files\mIRC\uninstall.exe _?=C:\Program Files\mIRC
MobiMB Mobile Media Browser --> C:\Program Files\MobiMB Mobile Media Browser\_Unins.exe
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nero 7 Ultra Edition --> MsiExec.exe /X{A20A58C4-6784-4B4B-86CC-94E2E3671033}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NetTools 5.0 --> "C:\Program Files\Net Tools\unins000.exe"
O&O Defrag Professional Edition --> MsiExec.exe /I{53480330-E1D1-41CA-B8F8-7F78644F7F50}
Oblivion --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35CB6715-41F8-4F99-8881-6FC75BF054B0}\setup.exe" -l0x9  -removeonly
PDF Settings --> MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PE Explorer --> MsiExec.exe /I{706DDF5C-9987-4B90-8B14-10C3FA29E37C}
Quest4Bush --> "C:\WINDOWS\Quest4Bush\uninstall.exe" "/U:C:\Program Files\Quest4Bush\Uninstall\uninstall.xml"
Quick Launch Buttons 5.20 H1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEB326EC-8F40-47B2-BA22-BB092565D66F}\Setup.exe" -l0x9  -uninst
REALTEK Gigabit and Fast Ethernet NIC Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x9 REMOVE
Samsung USB Driver (MCCI 4.34) WHQL v3.0 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{FAD03728-DA19-4313-959F-872A9C432A86} 
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Excel 2007 (KB946974) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E}
Security Update for Microsoft Office Publisher 2007 (KB950114) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office Word 2007 (KB950113) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Office 2007 (KB934062) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33}
Security Update for Office 2007 (KB947801) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E}
Security Update for Outlook 2007 (KB946983) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
Security Update for the 2007 Microsoft Office System (KB936960) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5E5BD655-7AA9-47F9-BB6D-A1D8CE29AC86}
Security Update for Visio 2007 (KB947590) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
SmartFTP Client --> MsiExec.exe /I{C169D3BB-9A27-43F5-9979-09A0D65FE95C}
Sonic Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Spelling Dictionaries Support For Adobe Reader 8 --> MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spybot - Search & Destroy 1.5.2.20 --> "C:\WINDOWS\unins000.exe"
Starcraft --> C:\WINDOWS\SCunin.exe C:\WINDOWS\SCunin.dat
StealthBot v2.6 Revision 3 (remove only) --> "C:\Program Files\StealthBot1\uninst.exe"
StuffPlug 3 --> C:\Program Files\StuffPlug3\Uninstall.exe
StyleXP (remove only) --> "C:\Program Files\TGTSoft\StyleXP\StyleXP-uninstall.exe"
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Syncplicity --> MsiExec.exe /I{1CF0C26D-A6F7-4146-A72B-73E0FBE32FA6}
System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe
Texas Instruments PCIxx21/x515 drivers. --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{FF6F491D-BC82-4DCC-A72F-1824957C6466} /l1033 
Texas Instruments PCIxx21/x515/xx12 drivers. --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A} /l1033 
Tro browse --> rundll32.exe dfshim.dll,ShArpMaintain Tro browse.application, Culture=neutral, PublicKeyToken=3642b73da32843a4, processorArchitecture=msil
Trojan Remover 6.6.1 --> "C:\Program Files\Trojan Remover\unins000.exe"
Tweak UI --> "C:\WINDOWS\system32\mshta.exe" "res://C:\WINDOWS\system32\TweakUI.exe/uninstall.hta"
TXTDC6 (remove only) --> "C:\Documents and Settings\Mike\My Documents\d2modding\txt dc6\TXTDC6\uninstall.exe"
UltimateDefrag --> C:\Program Files\DiskTrix\UltimateDefrag\Uninstall.EXE /u:"UltimateDefrag"
Ultra Flash Video FLV Converter 3.2.0623 --> "C:\Program Files\Ultra Flash Video FLV Converter\unins000.exe"
Update for Office 2007 (KB932080) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}
Update for Office 2007 (KB934391) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}
Update for Office 2007 (KB946691) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb950378) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F6296086-AED5-4EC0-938B-08EA0254F20E}
User Profile Hive Cleanup Service --> MsiExec.exe /I{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}
Ventrilo Client --> MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
VeohTV BETA --> C:\Program Files\InstallShield Installation Information\{97A96172-A963-4A37-9FFB-DA6805BB915A}\setup.exe -runfromtemp -l0x0409
VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Viewer --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{D33DE13A-9F12-45F5-94AB-02CFC2288C86} 
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
VMware Workstation --> MsiExec.exe /I{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}
WD Diagnostics --> MsiExec.exe /X{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}
WebPAM --> C:\Program Files\InstallShield Installation Information\{EDC5E937-F707-4241-BB2F-111C4B83FF2C}\setup.exe -runfromtemp -l0x0409
Winamp --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Defender Signatures --> MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}
Windows Driver Package - Microsoft WPD (12/01/2006 1.2.0.0) --> rundll32.exe C:\PROGRA~1\DIFX\F78795BBB376EE09\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\system32\DRVSTORE\Zune_C6317AD6BF989B5AA21DD2422BEA915EC068CA80\Zune.inf
Windows Installer Clean Up --> MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{0ED47137-C071-46CC-A243-E5E33271E10E}
Windows Media Connect --> "C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe"
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Rights Management Client Backwards Compatibility SP2 --> MsiExec.exe /X{EC905264-BCFE-423B-9C42-C3A106266790}
Windows Rights Management Client with Service Pack 2 --> MsiExec.exe /X{BDCF27CA-BFC4-4F49-8D24-A925C9505AB8}
Windows Support Tools --> MsiExec.exe /I{89B078C4-50B0-453E-BF53-3A7E6A0D85FA}
WinPcap 3.0 --> "C:\Program Files\WinPcap\Uninstall.exe" "C:\Program Files\WinPcap\install.log"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
WinXP Manager --> MsiExec.exe /I{784CFD4D-1BA5-4DB5-9377-84DAF0D19EF1}
Xfire (remove only) --> "C:\Program Files\Xfire\uninst.exe"
XML Paper Specification Shared Components Pack 1.0 --> 
XviD MPEG-4 Video Codec --> "C:\Program Files\XviD\unins000.exe"
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
ZoneAlarm Security Suite --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
Zune --> MsiExec.exe /X{7583239A-D4BE-48CA-A253-396122B3D3E9}
Zune Language Pack (ES) --> MsiExec.exe /X{EE4ACABF-531E-419A-9225-B8E0FA4955AF}
Zune Language Pack (FR) --> MsiExec.exe /X{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}


-- Application Event Log -------------------------------------------------------

Event Record #/Type214978 / Error
Event Submitted/Written: 07/13/2008 01:40:44 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Event Record #/Type214977 / Error
Event Submitted/Written: 07/13/2008 01:40:44 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Event Record #/Type214976 / Error
Event Submitted/Written: 07/13/2008 01:40:44 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Event Record #/Type214975 / Error
Event Submitted/Written: 07/13/2008 01:40:44 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Event Record #/Type214974 / Error
Event Submitted/Written: 07/13/2008 01:40:44 PM
Event ID/Source: 8 / crypt32
Event Description:
Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type133640 / Error
Event Submitted/Written: 07/13/2008 01:39:09 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The TrueVector Internet Monitor service failed to start due to the following error: 
%%1053

Event Record #/Type133639 / Error
Event Submitted/Written: 07/13/2008 01:39:09 PM
Event ID/Source: 7009 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for the TrueVector Internet Monitor service to connect.

Event Record #/Type133637 / Error
Event Submitted/Written: 07/13/2008 01:31:45 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The TrueVector Internet Monitor service failed to start due to the following error: 
%%1053

Event Record #/Type133636 / Error
Event Submitted/Written: 07/13/2008 01:31:45 PM
Event ID/Source: 7009 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for the TrueVector Internet Monitor service to connect.

Event Record #/Type133635 / Warning
Event Submitted/Written: 07/13/2008 01:31:44 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.



-- End of Deckard's System Scanner: finished at 2008-07-13 13:41:56 ------------

I also have to end up doing a "Repair" everytime I reboot my computer to get it starting up again.

Merged topics. Title was: Windows Boot Issue ~ OB

Edited by Orange Blossom, 18 July 2008 - 11:09 PM.


#3 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:03:21 PM

Posted 28 July 2008 - 11:54 AM

Hello mictamcody2000

Welcome to the Bleeping Computer Malware Removal Forum, sorry for the delay in responding, but the amount of people posting with infected computers is through the roof and we sometimes can't get to logs as fast as we would like to.

A couple of things to go over.

Please do not quote or code any logs or reports, it makes it hard to analyze.


Use of P2P (Person to Person) file sharing programs

We have noticed that most people seeking help from us are coming with infections contracted from the use of P2P programs.

* If your helper detects the presence of such programs on your computer he/she will ask you to remove them. We will withdraw our help should you not agree to their removal.
* If we clean your computer of infection, and you return to us a short time later with an infection contracted by the use of P2P programmes, we will refuse our help.



We do not ask you to do this without reason.

P2P programs form a direct conduit onto your computer, their security measures are easily circumvented, and Malware writers are increasingly exploiting them to spread their wares onto your computer. Further to that, if your P2P programme is not configured correctly you may be sharing more files than you realise. There have been cases where people's Passwords, Address Books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured programme.

This article from InfoWorld illustrates perfectly the dangers of a poorly configured P2P program.
http://www.infoworld.com/article/07/...D-theft_1.html

Many of the programs come bundled with other unwanted programs, but even the ones free of any bundled software are not safe to use.

When you use them you are downloading software from an unknown source directly onto your computer, bypassing your Firewall and Anti-Virus software. Hardly surprising then that many of these Downloads are being targeted to carry infections.

We see no purpose in cleaning your machine if you use P2P programs, as it is pretty much certain that if you continue to use them then you will get infected again.






You have the following P-2-P program(s) installed

C:\Program Files\Cain\Abel.exe

This is how you uninstall it/them:

* Click Start
* Go to Control Panel
* Go to Add/Remove Programs
* Find and click Remove for the following (if present):

NOTE: Take care when answering any questions posed by an uninstaller. Some questions may be worded to deceive you into keeping the progra


If you have not resolved your issue, remove that software and post a new HJT log please

Edited by ken545, 28 July 2008 - 11:56 AM.

mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



donate.gif Please consider a donation to help me keep up my fight against malware.

 

Just a reminder that threads will be closed if no response in 3 days


#4 mictamcody2000

mictamcody2000
  • Topic Starter

  • Members
  • 57 posts
  • OFFLINE
  •  
  • Location:Lansing, Michigan
  • Local time:03:21 PM

Posted 29 July 2008 - 10:44 AM

I'll remove it, but how is Cain&Abel a P-2-P Program?

Cain and Abel is a Packet Sniffer mainly.

Edited by mictamcody2000, 29 July 2008 - 11:01 AM.


#5 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:03:21 PM

Posted 29 July 2008 - 11:23 AM

Hello,

Cain Abel exe torrent download at Windows Software . Its coming up as a torrent downloader. Keep it if you wish and post a new Hijackthis log.

mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



donate.gif Please consider a donation to help me keep up my fight against malware.

 

Just a reminder that threads will be closed if no response in 3 days


#6 ken545

ken545

    Malware Response Team


  • Malware Response Team
  • 1,685 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Space Coast of Florida
  • Local time:03:21 PM

Posted 06 August 2008 - 06:04 AM

This thread is being closed due to lack of response, if you need it reopened PM a Moderator or start a new thread.

mvp_host.pngConsumer Security 2007-2008-2009-2010-2011-2012-2013-2014



donate.gif Please consider a donation to help me keep up my fight against malware.

 

Just a reminder that threads will be closed if no response in 3 days





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users