Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected With Virtuemonde, Vundo, Zango, And More


  • This topic is locked This topic is locked
46 replies to this topic

#1 lizt

lizt

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:48 PM

Posted 01 August 2008 - 12:23 PM

HI,

I have run several removal programs as suggested by this this community but am still having problems. At this point normal mode is frozen, I have to boot to safe mode to run anything. In safe mode some programs will run and some will not open at all.
Also when connected to the internet I am sometimes redirected tp a webpage called winantivirus 2008, which starts a scan. I close it out immediately and am able to return to the desired webpage.

I have tried to follow all the steps of your prep guide before posting and will provide the logs i have now. After reading some other peoples post and help replies I am prepared for the long haul.
If there is more info I can provide please let me know.

Malwarebytes' Anti-Malware 1.23
Database version: 985
Windows 5.1.2600 Service Pack 2

1:02:56 PM 7/27/2008
mbam-log-7-27-2008 (13-02-56).txt

Scan type: Quick Scan
Objects scanned: 51242
Time elapsed: 16 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 4
Registry Keys Infected: 271
Registry Values Infected: 12
Registry Data Items Infected: 5
Folders Infected: 33
Files Infected: 186

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\SYSTEM32\qoMeDWpM.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\SYSTEM32\__c006BA8A.dat (Trojan.Downloader) -> Delete on reboot.
C:\WINDOWS\SYSTEM32\__c00E2400.dat (Trojan.Downloader) -> Delete on reboot.
C:\WINDOWS\SYSTEM32\geBrqoLb.dll (Trojan.Vundo) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0a883b60-8e82-4760-bbc0-965f9230ec8d} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{0a883b60-8e82-4760-bbc0-965f9230ec8d} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4acdb164-1246-4466-b553-416e6890401c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4acdb164-1246-4466-b553-416e6890401c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c006ba8a (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c00e2400 (Trojan.Downloader) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{663656df-6bae-460c-a612-8133df519346} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{663656df-6bae-460c-a612-8133df519346} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\gebrqolb (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\Interface\{0b6ef17e-18e5-4449-86ea-64c82d596eae} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b1e68d42-02c4-465b-8368-5ed9b732e22d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{6d0111e3-3060-4d23-b2bc-42ed86cbe9a3} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{72a128e0-2240-40c8-9e92-5387d64f839e} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72a128e0-2240-40c8-9e92-5387d64f839e} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xmllib.xmldp (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xmllib.xmldp.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1817ab5d-25bf-4d5e-ba90-6e5fe658fc5f} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbcoresrv.dynamicprop.1 (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1e0004ec-5df0-48c7-a8f0-fbb0488a3d94} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{00b77587-be1b-4201-b8e9-09fcf50ab771} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{067c6a37-72ea-4437-863a-5be20c246f3c} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostie.bho.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{34e29700-0d13-46aa-b9a5-ace68e21a091} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3661af2d-c27b-499c-9bcf-66c8502a3806} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{99123ac9-7dda-4c82-b252-44c2804bf392} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{08755390-f46d-4d09-968c-3430166b3189} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5a4737a8-b92a-4e54-970e-c2891d98ce3f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ace99e77-aa2a-43c2-8c9d-caf2020fdf2b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e0fb1610-b25b-49f6-be20-751b2f230e6f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{087c4054-0a2b-4f35-b0db-bed3e21650f4} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3f0915b8-b238-4c2d-ad1e-60db1e14d27a} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ea58c2ea-be26-49dd-9b9a-c8e4e5ca7791} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fca28ac5-c1e1-4d67-a5ae-c44d6c374d9f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{0923208c-e259-4ed5-a778-cb607da350ad} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1230cf51-6bc4-4a23-b3f1-c7cf0afed619} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1a2af056-1fe1-47ca-993d-5d09d18e674e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4e8b851b-05b0-4baf-b24d-d0dfe88dded3} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{50c3e2b3-4fd7-4cb9-91f9-641a6e6b3689} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{62b0b239-f9ac-4a5b-bfae-62c7a23f7627} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{726f0ab9-b842-4ae4-90c7-230e233e6a99} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b9cc2b92-5611-453f-8381-8b6f72d9c0b8} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c4543e64-1498-410d-8e72-4744eea99ab9} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{229d2451-a617-4b30-b5e8-8138694240cb} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2b81f920-6660-4f76-93bf-b1c67bf5d1a0} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{49155dae-c471-40fa-98ee-b2b3cad115ce} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4d783385-0dda-4188-a529-c97dc3d67cbd} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\wallpaper.wallpapermanager (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\wallpaper.wallpapermanager.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{54a3f8b7-228e-4ed8-895b-de832b2c3959} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{54a3f8b7-228e-4ed8-895b-de832b2c3959} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.htmlmenuui.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5b2e150d-4c8a-40e4-8c36-dd9c02771c67} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.toolbarctl.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{627d894a-8a77-416e-b522-432eaf2c818e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e10479b-31e8-4a3b-81b1-ddaf39097f19} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\srv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7138f250-5b72-48dd-adfb-9a83b429dd9e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.mailanim.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8971cb48-9fca-445a-be77-e8e8a4cc9df7} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbmain.commband.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e420a65f-9984-4b8c-9fa9-1ed69d3b0a13} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{9720de03-5820-4059-b4a4-639d5e52bd09} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b247f5bf-bd9d-4ecd-8fc1-365f36a1fda1} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbbfb891-98ae-4678-86f3-bd5a2eed86c9} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.lfgax.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b0cb585f-3271-4e42-88d9-ae5c9330d554} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hostol.webmailsend.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b88e4484-3ff6-4ea9-815b-a54fe20d4387} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bf1bf02c-5a86-4ecf-adac-472c54c4d21e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\instie.hbinstobj (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\instie.hbinstobj.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bfc08cff-c737-4433-bd5a-0ee7efcfee54} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c23fa5a4-1fea-419f-8b14-f7465df062bc} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{ccc6e232-aa4c-4813-a019-9c14b27776b6} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\coresrv.coreservices.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d2221ccb-f2bb-4858-aad4-57c754153603} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\hbr.hbmain.1 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ea0b6a1a-6a59-4a58-9c41-9966504898a5} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eddbb5ee-bb64-4bfc-9dbe-e7c85941335b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{621feacd-8857-43a6-ae26-451d670d5370} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlayembed (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{98635087-3f5d-418f-990c-b1efe0797a3b} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{38a7c9da-8db7-4d0f-a7b1-c4b1a305bddb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8d292ec0-6792-4a38-82ed-73a087e41ba6} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d778513b-1c40-4819-b0c5-49e40b39afd0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlayembed.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlaybarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlaybarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4d25f926-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{4d25f920-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4d25f923-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4d25f921-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4d25f921-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4d25f924-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\audio-video enhance (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-f3embed (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\multimediaControls.chl (Trojan.Zlob) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\f477d05a (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{663656df-6bae-460c-a612-8133df519346} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\my web search bar search scope monitor (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{1817ab5d-25bf-4d5e-ba90-6e5fe658fc5f} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{4d25f926-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\zango 10.0.370.0 (Adware.Zango) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo) -> Data: c:\windows\system32\qomedwpm -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\qomedwpm -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Agent) -> Data: c:\windows\system32\basesrv3232.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Downloader) -> Data: c:\windows\system32\basesrv32.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo) -> Data: c:\windows\system32\clb3232.dll -> Quarantined and deleted successfully.

Folders Infected:
C:\Program Files\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.0.26 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Video Add-on (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Application Data\ShoppingReport (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Application Data\ShoppingReport\cs\Documents and Settings (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Application Data\ShoppingReport\cs\res2 (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ZangoSA (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Start Menu\Programs\LiveAntispy (Rogue.LiveAntispy) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.

Files Infected:
C:\WINDOWS\SYSTEM32\qoMeDWpM.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\SYSTEM32\MpWDeMoq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\MpWDeMoq.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\hadoxp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\cytqbjdu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\udjbqtyc.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\ppdevbyb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\bybvedpp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\__c006BA8A.dat (Trojan.Downloader) -> Delete on reboot.
C:\WINDOWS\SYSTEM32\__c00E2400.dat (Trojan.Downloader) -> Delete on reboot.
C:\WINDOWS\SYSTEM32\geBrqoLb.dll (Trojan.Vundo) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\xml2u32h.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3BROVLY.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWaySA\SrchAsDe\1.bin\deSrcAs.dll (Adware.MyWay) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\cbXOhiGX.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\dvshhsvo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\fccdEvsp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\fnodqv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\ggrhkqfr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\ghbeej.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\gtlhnwmc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\hjumidxt.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\hnxbahcp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\jkkJayYo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\khfFUNGy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\lagsjroo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\ljJCsttq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\mlJBRJCr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\mlJCTJYr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\nlossuxv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\nnnkHAsQ.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\ojefqc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\ookxjdpq.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\ssqRJdBr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\tufkvjwu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\voownnvf.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\vslpacgd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\yfjjbivl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\msimg32.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Local Settings\Temp\_A00F3962CB.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Local Settings\Temp\cd3D5\z1.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Local Settings\Temp\cd3D6\z1.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Program Files\ShoppingReport\Uninst.exe (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\001738E2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0134F998.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\01350AFD.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0135109B.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\01352367.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\01352A9B.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\016CD305 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\02D164C2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\04ADB24A (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\04ADF399.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\04AE534D.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\04AE6AFB.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\04AE8307.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\04AEAA37.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\04AEB91B.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\04AEF8C4.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\04AF2C67.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\04AF5A2E (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\094153E9 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0E3C9D7C (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0FAB819E.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0FAB84AB.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History\search2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images\06272742.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\AvatarSmallBtn-new.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\AvatarSmallBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\FunBuddyIconBtn-new.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\FunBuddyIconBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn-new.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\WebfettiBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Video Add-on\isfmm.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Video Add-on\ot.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Video Add-on\ts.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Video Add-on\uninst.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Application Data\ShoppingReport\cs\res2\WhiteList.dbs (Adware.Shopping.Report) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSA.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAAbout.mht (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAau.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSAEula.mht (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\ZangoSA\ZangoSA_kyf.dat (Adware.Zango) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Start Menu\Programs\LiveAntispy\LiveAntispy.lnk (Rogue.LiveAntispy) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Start Menu\Programs\LiveAntispy\Uninstall.lnk (Rogue.LiveAntispy) -> Quarantined and deleted successfully.
C:\WINDOWS\xml2u32d.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\Program Files\KB37115.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\BASESRV3232.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\msnav32.ax (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\BASESRV32.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\CLB3232.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\cbxidked.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\afqgjnto.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\qjxlptpe.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\khfeffc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BMf744e3c6.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BMf744e3c6.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\iibuxcun.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\__c0012D3F.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\__c001BEFE.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\__c0049000.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\__c00885C2.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\__c00BCBE5.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\__c00CB813.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\__c00FE3A0.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\__c00FF2B.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Desktop\LiveAntispy.lnk (Rogue.LiveAntispy) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Favorites\Online Security Test.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\Shana\Local Settings\Temp\cd1DB.tmp (Heuristics.Malware) -> Quarantined and deleted successfully.


Malwarebytes' Anti-Malware 1.23
Database version: 999
Windows 5.1.2600 Service Pack 2

2:03:13 PM 7/27/2008
mbam-log-7-27-2008 (14-03-13).txt

Scan type: Quick Scan
Objects scanned: 51875
Time elapsed: 8 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 1
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8968688b-f2b8-4fa9-8be4-f4ccd3c643bf} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8968688b-f2b8-4fa9-8be4-f4ccd3c643bf} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{663656df-6bae-460c-a612-8133df519346} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{663656df-6bae-460c-a612-8133df519346} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\gebrqolb (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c00e2400 (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{663656df-6bae-460c-a612-8133df519346} (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo) -> Data: c:\windows\system32\qomedwpm -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\qomedwpm -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\SYSTEM32\qoMeDWpM.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\MpWDeMoq.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\MpWDeMoq.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\geBrqoLb.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\__c00E2400.dat (Trojan.Agent) -> Quarantined and deleted successfully.


Malwarebytes' Anti-Malware 1.23
Database version: 999
Windows 5.1.2600 Service Pack 2

11:15:51 PM 7/28/2008
mbam-log-7-28-2008 (23-15-51).txt

Scan type: Quick Scan
Objects scanned: 46328
Time elapsed: 5 minute(s), 25 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Malwarebytes' Anti-Malware 1.23
Database version: 999
Windows 5.1.2600 Service Pack 2

11:15:51 PM 7/28/2008
mbam-log-7-28-2008 (23-15-51).txt

Scan type: Quick Scan
Objects scanned: 46328
Time elapsed: 5 minute(s), 25 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Malwarebytes' Anti-Malware 1.23
Database version: 999
Windows 5.1.2600 Service Pack 2

12:34:35 PM 7/29/2008
mbam-log-7-29-2008 (12-34-35).txt

Scan type: Quick Scan
Objects scanned: 46973
Time elapsed: 6 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Malwarebytes' Anti-Malware 1.23
Database version: 999
Windows 5.1.2600 Service Pack 2

10:48:54 AM 7/30/2008
mbam-log-7-30-2008 (10-48-54).txt

Scan type: Quick Scan
Objects scanned: 43488
Time elapsed: 3 minute(s), 57 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Deckard's System Scanner v20071014.68
Run by Administrator on 2008-07-30 12:34:22
Computer is in Safe Mode with Networking.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Failed to create restore point; computer is in safe mode.


-- Last 3 Restore Point(s) --
3: 2008-07-28 19:33:26 UTC - RP3 - Installed Ad-Aware
2: 2008-07-28 07:16:10 UTC - RP2 - Installed SUPERAntiSpyware Free Edition
1: 2008-07-27 16:05:43 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 503 MiB (512 MiB recommended).


-- HijackThis (run as Administrator.exe) ---------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:47:07 PM, on 7/30/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
F:\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Administrator\Desktop\dss.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Administrator.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/def.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: (no name) - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: BellSouth Toolbar - {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - C:\PROGRA~1\BLSTOO~1\BLSTOO~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: (no name) - {CC677620-788F-46C8-87DA-D1D0F10581BB} - (no file)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: BellSouth Toolbar - {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - C:\PROGRA~1\BLSTOO~1\BLSTOO~1.DLL
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [DLBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HelpCenter4.1] C:\Program Files\FastAccessDSL\HelpCenter43\bin\sprtcmd.exe /P HelpCenter4.1
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {1A595EDD-978A-48C7-B730-AF3B9CC64DAB} (DLManager Class) - http://63.251.81.180/component/VZWDLManager.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O20 - AppInit_DLLs: yjauqjex.dll,C:\WINDOWS\System32\fkqrmlkt32.dll,C:\WINDOWS\System32\hdopsbwt32.dll,C:\WINDOWS\System32\foyjqsbr32.dll,C:\WINDOWS\System32\cdm32.dll,C:\WINDOWS\System32\dlyegice32.dll,C:\WINDOWS\System32\D3DIM32.dll,C:\WINDOWS\System32\CERTMGR32.dll,C:\WINDOWS\System32\DMDLGS32.dll,C:\WINDOWS\System32\DATIME32.dll,C:\WINDOWS\System32\CLB32.dll,C:\WINDOWS\System32\DMSCRIPT32.dll,C:\WINDOWS\System32\DBNETLIB32.dll,C:\WINDOWS\System32\CMCFG3232.dll,C:\WINDOWS\System32\DMSYNTH32.dll,C:\WINDOWS\System32\DDRAW32.dll,C:\WINDOWS\System32\CMUTIL32.dll,C:\WINDOWS\System32\dnsrslvr32.dll,C:\WINDOWS\System32\DESKPERF32.dll,C:\WINDOWS\System32\COMCAT32.dll,C:\WINDOWS\System32\DPLAY32.dll,C:\WINDOWS\System32\DGNET32.dll,C:\WINDOWS\System32\COMRES32.dll,C:\WINDOWS\System32\DPNET32.dll,C:\WINDOWS\System32\DHCPSAPI32.dll,C:\WINDOWS\System32\corpol32.dll,C:\WINDOWS\System32\DPNLOBBY3232.dll,C:\WINDOWS\System32\DINPUT32.dll,C:\WINDOWS\System32\CRYPTDLL32.dll,C:\WINDOWS\System32\DPSERIAL32.dll,C:\WINDOWS\Syste
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: f477d0f5372 - C:\WINDOWS\System32\fkqrmlkt32.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
O20 - Winlogon Notify: qomlmlm - qomlmlm.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - F:\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

--
End of file - 9316 bytes

-- File Associations -----------------------------------------------------------

.reg - regfile - shell\open\command - regedit.exe "%1" %*
.scr - scrfile - shell\open\command - "%1" %*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 MPFIREWL - c:\windows\system32\drivers\mpfirewall.sys <Not Verified; McAfee Security; McAfee Personal Firewall Plus>
R1 omci (OMCI WDM Device Driver) - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>

S2 ASCTRM - c:\windows\system32\drivers\asctrm.sys <Not Verified; Windows ® 2000 DDK provider; Windows ® 2000 DDK driver>
S3 DSproct - c:\program files\dellsupport\gtaction\triggers\dsproct.sys <Not Verified; Gteko Ltd.; processt>
S3 RT25USBAP (Nintendo Wi-Fi USB Connector Service) - c:\windows\system32\drivers\rt25usbap.sys <Not Verified; Ralink Technology Inc.; Ralink 802.11g Wireless USB Adapters>
S3 xbreader (ActionReplay XBox Driver (xbreader.sys)) - c:\windows\system32\drivers\xbreader.sys <Not Verified; Thesycon GmbH, Germany; Universal USB Device Driver>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

All services whitelisted.


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-07-18 19:17:54 350 --a------ C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (DJ912771-Shana).job
2006-06-20 15:07:22 258 --a------ C:\WINDOWS\Tasks\ISP signup reminder 1.job


-- Files created between 2008-06-30 and 2008-07-30 -----------------------------

2008-07-30 12:46:51 0 d-------- C:\Program Files\Trend Micro
2008-07-29 12:26:34 0 d-------- C:\Documents and Settings\Administrator\Application Data\McAfee.com Personal Firewall
2008-07-29 11:54:04 0 d-------- C:\Documents and Settings\Administrator\Application Data\U3
2008-07-28 22:55:12 0 d-------- C:\Program Files\Common Files\SupportSoft
2008-07-28 22:55:01 0 d-------- C:\Program Files\FastAccessDSL
2008-07-28 17:00:22 122880 --a------ C:\WINDOWS\system32\DOCPROP232.dll
2008-07-28 14:33:39 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-07-28 14:14:21 0 d-------- C:\Program Files\Alwil Software
2008-07-28 03:21:43 0 d-------- C:\Program Files\EsetOnlineScanner
2008-07-28 02:16:11 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-07-28 02:16:11 0 d-------- C:\Documents and Settings\Shana\Application Data\SUPERAntiSpyware.com
2008-07-28 02:14:19 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-27 13:39:11 0 d---s---- C:\Documents and Settings\Administrator\UserData
2008-07-27 13:38:56 0 d-------- C:\Documents and Settings\Administrator\Application Data\Macromedia
2008-07-27 13:38:56 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-07-27 13:06:45 0 d-------- C:\Documents and Settings\Shana\Application Data\Malwarebytes
2008-07-27 12:34:22 0 d-------- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2008-07-27 12:34:09 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-27 12:34:09 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-23 01:35:59 122880 --a------ C:\WINDOWS\system32\CFGMGR323232323232323232.dll
2008-07-23 01:19:59 122880 --a------ C:\WINDOWS\system32\cdoorhmr3232323232323232323232.dll
2008-07-23 01:16:43 122880 --a------ C:\WINDOWS\system32\cbXOhiGX323232323232323232323232.dll
2008-07-23 01:15:40 122880 --a------ C:\WINDOWS\system32\cbxidked323232323232.dll
2008-07-23 01:14:39 122880 --a------ C:\WINDOWS\system32\catsrvut32323232323232.dll
2008-07-23 01:13:23 122880 --a------ C:\WINDOWS\system32\CABINET323232.dll
2008-07-23 01:12:14 122880 --a------ C:\WINDOWS\system32\BROWSELC3232.dll
2008-07-23 01:11:14 122880 --a------ C:\WINDOWS\system32\BOOTVID323232.dll
2008-07-23 01:10:34 122880 --a------ C:\WINDOWS\system32\capicom3232323232.dll
2008-07-23 01:09:50 122880 --a------ C:\WINDOWS\system32\CCFGNT323232323232.dll
2008-07-23 01:08:56 122880 --a------ C:\WINDOWS\system32\cdintf323232323232323232.dll
2008-07-23 01:08:15 122880 --a------ C:\WINDOWS\system32\blackbox32323232.dll
2008-07-23 01:07:32 122880 --a------ C:\WINDOWS\system32\CAMOCX323232323232323232.dll
2008-07-23 01:06:52 122880 --a------ C:\WINDOWS\system32\CCFGNT3232323232.dll
2008-07-23 01:06:11 122880 --a------ C:\WINDOWS\system32\BITSPRX33232.dll
2008-07-23 01:05:16 122880 --a------ C:\WINDOWS\system32\bkxskimw323232.dll
2008-07-23 01:04:34 122880 --a------ C:\WINDOWS\system32\CAMOCX3232323232323232.dll
2008-07-23 01:03:54 122880 --a------ C:\WINDOWS\system32\CCFGNT32323232.dll
2008-07-23 01:03:10 122880 --a------ C:\WINDOWS\system32\bbdwmpha32.dll
2008-07-23 01:02:10 122880 --a------ C:\WINDOWS\system32\BATMETER32.dll
2008-07-23 01:01:29 122880 --a------ C:\WINDOWS\system32\BTHSERV3232323232.dll
2008-07-23 01:00:49 122880 --a------ C:\WINDOWS\system32\catsrvut323232323232.dll
2008-07-23 01:00:09 122880 --a------ C:\WINDOWS\system32\AVTAPI323232.dll
2008-07-23 00:55:59 122880 --a------ C:\WINDOWS\system32\CLICONFG32323232323232.dll
2008-07-23 00:46:59 122880 --a------ C:\WINDOWS\system32\CLB323232323232323232323232.dll
2008-07-23 00:42:59 122880 --a------ C:\WINDOWS\system32\ciodm3232323232323232.dll
2008-07-23 00:33:54 122880 --a------ C:\WINDOWS\system32\CFGMGR3232323232323232.dll
2008-07-23 00:32:36 122880 --a------ C:\WINDOWS\system32\CDMODEM323232323232323232323232.dll
2008-07-23 00:31:33 122880 --a------ C:\WINDOWS\system32\cdm323232323232323232323232.dll
2008-07-23 00:30:30 122880 --a------ C:\WINDOWS\system32\cdintf3232323232323232.dll
2008-07-23 00:29:26 122880 --a------ C:\WINDOWS\system32\CCFGNT323232.dll
2008-07-23 00:28:06 122880 --a------ C:\WINDOWS\system32\CABVIEW3232.dll
2008-07-23 00:27:21 122880 --a------ C:\WINDOWS\system32\catsrvut3232323232.dll
2008-07-23 00:26:40 122880 --a------ C:\WINDOWS\system32\CDMODEM3232323232323232323232.dll
2008-07-23 00:26:00 122880 --a------ C:\WINDOWS\system32\BROWSEWM323232.dll
2008-07-23 00:24:58 122880 --a------ C:\WINDOWS\system32\CFGBKEND323232323232323232.dll
2008-07-23 00:23:49 122880 --a------ C:\WINDOWS\system32\cdosys323232323232323232.dll
2008-07-23 00:22:47 122880 --a------ C:\WINDOWS\system32\cdoorhmr32323232323232323232.dll
2008-07-23 00:22:07 122880 --a------ C:\WINDOWS\system32\BTHSERV32323232.dll
2008-07-23 00:21:26 122880 --a------ C:\WINDOWS\system32\catsrvut32323232.dll
2008-07-23 00:20:45 122880 --a------ C:\WINDOWS\system32\CDMODEM32323232323232323232.dll
2008-07-23 00:20:02 122880 --a------ C:\WINDOWS\system32\blucjpcd3232.dll
2008-07-23 00:18:52 122880 --a------ C:\WINDOWS\system32\cdosys3232323232323232.dll
2008-07-23 00:18:03 122880 --a------ C:\WINDOWS\system32\blackbox323232.dll
2008-07-23 00:17:21 122880 --a------ C:\WINDOWS\system32\CAPESNPN323232323232323232.dll
2008-07-23 00:16:41 122880 --a------ C:\WINDOWS\system32\cdintf32323232323232.dll
2008-07-23 00:15:54 122880 --a------ C:\WINDOWS\system32\cdosys32323232323232.dll
2008-07-23 00:15:13 122880 --a------ C:\WINDOWS\system32\BTHSERV323232.dll
2008-07-23 00:14:29 122880 --a------ C:\WINDOWS\system32\catsrv323232323232.dll
2008-07-23 00:13:43 122880 --a------ C:\WINDOWS\system32\cdintf323232323232.dll
2008-07-23 00:13:00 122880 --a------ C:\WINDOWS\system32\betggeje3232.dll
2008-07-23 00:12:03 122880 --a------ C:\WINDOWS\system32\BITSPRX2323232.dll
2008-07-23 00:11:23 122880 --a------ C:\WINDOWS\system32\CAMOCX32323232323232.dll
2008-07-23 00:10:43 122880 --a------ C:\WINDOWS\system32\cdfview323232323232.dll
2008-07-23 00:10:02 122880 --a------ C:\WINDOWS\system32\BATT32.dll
2008-07-23 00:09:14 122880 --a------ C:\WINDOWS\system32\BROWSER3232.dll
2008-07-23 00:08:25 122880 --a------ C:\WINDOWS\system32\CAMOCX323232323232.dll
2008-07-23 00:07:42 122880 --a------ C:\WINDOWS\system32\cbXOhiGX3232323232323232323232.dll
2008-07-23 00:06:51 122880 --a------ C:\WINDOWS\system32\cdm3232323232323232323232.dll
2008-07-23 00:05:24 122880 --a------ C:\WINDOWS\system32\byturmqn32.dll
2008-07-23 00:04:44 122880 --a------ C:\WINDOWS\system32\cbXOhiGX32323232323232323232.dll
2008-07-23 00:04:03 122880 --a------ C:\WINDOWS\system32\avifile3232.dll
2008-07-23 00:02:15 122880 --a------ C:\WINDOWS\system32\bkqkxada323232323232.dll
2008-07-23 00:01:33 122880 --a------ C:\WINDOWS\system32\CAPESNPN3232323232323232.dll
2008-07-23 00:00:51 122880 --a------ C:\WINDOWS\system32\cdintf3232323232.dll
2008-07-22 23:39:59 122880 --a------ C:\WINDOWS\system32\clbcatq323232323232323232.dll
2008-07-22 23:36:59 122880 --a------ C:\WINDOWS\system32\clbcatex32323232323232323232.dll
2008-07-22 23:25:35 122880 --a------ C:\WINDOWS\system32\cdoorhmr323232323232323232.dll
2008-07-22 23:24:33 122880 --a------ C:\WINDOWS\system32\CDMODEM323232323232323232.dll
2008-07-22 23:23:20 122880 --a------ C:\WINDOWS\system32\cbxidked3232323232.dll
2008-07-22 23:22:18 122880 --a------ C:\WINDOWS\system32\CATSRVPS323232.dll
2008-07-22 23:21:14 122880 --a------ C:\WINDOWS\system32\capicom32323232.dll
2008-07-22 23:20:33 122880 --a------ C:\WINDOWS\system32\cdm32323232323232323232.dll
2008-07-22 23:19:51 122880 --a------ C:\WINDOWS\system32\CFGBKEND3232323232323232.dll
2008-07-22 23:18:59 122880 --a------ C:\WINDOWS\system32\chuzwb323232323232323232.dll
2008-07-22 23:18:13 122880 --a------ C:\WINDOWS\system32\CAMOCX3232323232.dll
2008-07-22 23:17:28 122880 --a------ C:\WINDOWS\system32\cbXOhiGX323232323232323232.dll
2008-07-22 23:16:36 122880 --a------ C:\WINDOWS\system32\cdm323232323232323232.dll
2008-07-22 23:15:56 122880 --a------ C:\WINDOWS\system32\CFGMGR32323232323232.dll
2008-07-22 23:15:12 122880 --a------ C:\WINDOWS\system32\bwpijnci3232.dll
2008-07-22 23:14:24 122880 --a------ C:\WINDOWS\system32\catsrv3232323232.dll
2008-07-22 23:13:41 122880 --a------ C:\WINDOWS\system32\CDMODEM3232323232323232.dll
2008-07-22 23:12:56 122880 --a------ C:\WINDOWS\system32\CFGBKEND32323232323232.dll
2008-07-22 23:12:14 122880 --a------ C:\WINDOWS\system32\BTPANUI3232.dll
2008-07-22 23:11:30 122880 --a------ C:\WINDOWS\system32\cbxidked32323232.dll
2008-07-22 23:10:50 122880 --a------ C:\WINDOWS\system32\CERTCLI323232323232.dll
2008-07-22 23:10:10 122880 --a------ C:\WINDOWS\system32\BOOTVID3232.dll
2008-07-22 23:09:28 122880 --a------ C:\WINDOWS\system32\catsrv32323232.dll
2008-07-22 23:08:47 122880 --a------ C:\WINDOWS\system32\cdoorhmr3232323232323232.dll
2008-07-22 23:08:01 122880 --a------ C:\WINDOWS\system32\AVWAV323232.dll
2008-07-22 23:07:11 122880 --a------ C:\WINDOWS\system32\blackbox3232.dll
2008-07-22 23:06:30 122880 --a------ C:\WINDOWS\system32\catsrv323232.dll
2008-07-22 23:05:49 122880 --a------ C:\WINDOWS\system32\cdoorhmr32323232323232.dll
2008-07-22 23:05:03 122880 --a------ C:\WINDOWS\system32\AVTAPI3232.dll
2008-07-22 23:04:10 122880 --a------ C:\WINDOWS\system32\bkawkowc3232.dll
2008-07-22 23:03:29 122880 --a------ C:\WINDOWS\system32\capicom323232.dll
2008-07-22 23:02:46 122880 --a------ C:\WINDOWS\system32\cdm3232323232323232.dll
2008-07-22 23:01:23 122880 --a------ C:\WINDOWS\system32\BTPANUI32.dll
2008-07-22 23:00:43 122880 --a------ C:\WINDOWS\system32\cdfview3232323232.dll
2008-07-22 22:40:52 122880 --a------ C:\WINDOWS\system32\CLUSAPI323232323232323232.dll
2008-07-22 22:39:48 122880 --a------ C:\WINDOWS\system32\clbcatq3232323232323232.dll
2008-07-22 22:38:43 122880 --a------ C:\WINDOWS\system32\CLB3232323232323232323232.dll
2008-07-22 22:37:29 122880 --a------ C:\WINDOWS\system32\cfxjlmic323232323232.dll
2008-07-22 22:36:24 122880 --a------ C:\WINDOWS\system32\cewmdm323232323232323232.dll
2008-07-22 22:35:22 122880 --a------ C:\WINDOWS\system32\CERTMGR3232323232.dll
2008-07-22 22:34:21 122880 --a------ C:\WINDOWS\system32\CERTCLI3232323232.dll
2008-07-22 22:33:18 122880 --a------ C:\WINDOWS\system32\cdoorhmr323232323232.dll
2008-07-22 22:32:24 122880 --a------ C:\WINDOWS\system32\CERTMGR32323232.dll
2008-07-22 22:31:42 122880 --a------ C:\WINDOWS\system32\CIC323232323232323232323232.dll
2008-07-22 22:30:59 122880 --a------ C:\WINDOWS\system32\CLUSAPI3232323232323232.dll
2008-07-22 22:30:19 122880 --a------ C:\WINDOWS\system32\CDMODEM32323232323232.dll
2008-07-22 22:29:11 122880 --a------ C:\WINDOWS\system32\cbXOhiGX3232323232323232.dll
2008-07-22 22:28:26 122880 --a------ C:\WINDOWS\system32\CERTCLI32323232.dll
2008-07-22 22:27:39 122880 --a------ C:\WINDOWS\system32\chuzwb3232323232323232.dll
2008-07-22 22:26:57 122880 --a------ C:\WINDOWS\system32\clbcatq32323232323232.dll
2008-07-22 22:26:08 122880 --a------ C:\WINDOWS\system32\catsrv3232.dll
2008-07-22 22:25:21 122880 --a------ C:\WINDOWS\system32\cdm32323232323232.dll
2008-07-22 22:24:33 122880 --a------ C:\WINDOWS\system32\cewmdm3232323232323232.dll
2008-07-22 22:23:50 122880 --a------ C:\WINDOWS\system32\ciodm32323232323232.dll
2008-07-22 22:23:10 122880 --a------ C:\WINDOWS\system32\CARDS323232323232.dll
2008-07-22 22:22:08 122880 --a------ C:\WINDOWS\system32\CAPESNPN32323232323232.dll
2008-07-22 22:21:26 122880 --a------ C:\WINDOWS\system32\CDMODEM323232323232.dll
2008-07-22 22:20:44 122880 --a------ C:\WINDOWS\system32\chuzwb32323232323232.dll
2008-07-22 22:20:02 122880 --a------ C:\WINDOWS\system32\BTHCI3232.dll
2008-07-22 22:19:22 122880 --a------ C:\WINDOWS\system32\cdfview32323232.dll
2008-07-22 22:18:41 122880 --a------ C:\WINDOWS\system32\CFGMGR323232323232.dll
2008-07-22 22:17:57 122880 --a------ C:\WINDOWS\system32\CLB32323232323232323232.dll
2008-07-22 22:17:15 122880 --a------ C:\WINDOWS\system32\CARDS3232323232.dll
2008-07-22 22:16:35 122880 --a------ C:\WINDOWS\system32\CERTCLI323232.dll
2008-07-22 22:15:55 122880 --a------ C:\WINDOWS\system32\ciodm323232323232.dll
2008-07-22 22:15:04 122880 --a------ C:\WINDOWS\system32\BROWSER32.dll
2008-07-22 22:14:24 122880 --a------ C:\WINDOWS\system32\cbXOhiGX32323232323232.dll
2008-07-22 22:13:43 122880 --a------ C:\WINDOWS\system32\CFGBKEND323232323232.dll
2008-07-22 22:12:55 122880 --a------ C:\WINDOWS\system32\CIC3232323232323232323232.dll
2008-07-22 22:12:15 122880 --a------ C:\WINDOWS\system32\CAMOCX32323232.dll
2008-07-22 22:11:34 122880 --a------ C:\WINDOWS\system32\CDMODEM3232323232.dll
2008-07-22 22:10:45 122880 --a------ C:\WINDOWS\system32\CFGBKEND3232323232.dll
2008-07-22 22:10:05 122880 --a------ C:\WINDOWS\system32\bkqkxada3232323232.dll
2008-07-22 22:09:22 122880 --a------ C:\WINDOWS\system32\CARDS32323232.dll
2008-07-22 22:08:38 122880 --a------ C:\WINDOWS\system32\cdoorhmr3232323232.dll
2008-07-22 22:07:58 122880 --a------ C:\WINDOWS\system32\CIC32323232323232323232.dll
2008-07-22 22:07:06 122880 --a------ C:\WINDOWS\system32\bkawkowc32.dll
2008-07-22 22:06:23 122880 --a------ C:\WINDOWS\system32\capicom3232.dll
2008-07-22 22:05:40 122880 --a------ C:\WINDOWS\system32\cdoorhmr32323232.dll
2008-07-22 22:04:10 122880 --a------ C:\WINDOWS\system32\bkqkxada32323232.dll
2008-07-22 22:03:29 122880 --a------ C:\WINDOWS\system32\catsrvut323232.dll
2008-07-22 22:02:44 122880 --a------ C:\WINDOWS\system32\cdosys323232323232.dll
2008-07-22 22:02:04 122880 --a------ C:\WINDOWS\system32\AVMETER3232.dll
2008-07-22 22:01:24 122880 --a------ C:\WINDOWS\system32\CAMOCX323232.dll
2008-07-22 22:00:42 122880 --a------ C:\WINDOWS\system32\CDMODEM32323232.dll
2008-07-22 21:47:59 122880 --a------ C:\WINDOWS\system32\colbact323232323232323232.dll
2008-07-22 21:36:57 122880 --a------ C:\WINDOWS\system32\CMUTIL323232323232323232.dll
2008-07-22 21:35:54 122880 --a------ C:\WINDOWS\system32\CMPROPS323232323232323232.dll
2008-07-22 21:34:52 122880 --a------ C:\WINDOWS\system32\CMPBK32323232323232.dll
2008-07-22 21:33:51 122880 --a------ C:\WINDOWS\system32\cmirndrh3232323232323232.dll
2008-07-22 21:32:49 122880 --a------ C:\WINDOWS\system32\CMDIAL32323232323232.dll
2008-07-22 21:31:48 122880 --a------ C:\WINDOWS\system32\CMCFG32323232323232323232.dll
2008-07-22 21:30:36 122880 --a------ C:\WINDOWS\system32\CLB323232323232323232.dll
2008-07-22 21:29:29 122880 --a------ C:\WINDOWS\system32\CIADMIN323232323232.dll
2008-07-22 21:28:24 122880 --a------ C:\WINDOWS\system32\CFGMGR3232323232.dll
2008-07-22 21:27:22 122880 --a------ C:\WINDOWS\system32\cewmdm32323232323232.dll
2008-07-22 21:26:39 122880 --a------ C:\WINDOWS\system32\CLB3232323232323232.dll
2008-07-22 21:25:52 122880 --a------ C:\WINDOWS\system32\CMCFG323232323232323232.dll
2008-07-22 21:25:07 122880 --a------ C:\WINDOWS\system32\cbxidked323232.dll
2008-07-22 21:24:27 122880 --a------ C:\WINDOWS\system32\CFGMGR32323232.dll
2008-07-22 21:23:44 122880 --a------ C:\WINDOWS\system32\clbcatex323232323232323232.dll
2008-07-22 21:23:00 122880 --a------ C:\WINDOWS\system32\CABINET3232.dll
2008-07-22 21:22:20 122880 --a------ C:\WINDOWS\system32\cdoorhmr323232.dll
2008-07-22 21:21:40 122880 --a------ C:\WINDOWS\system32\ciodm3232323232.dll
2008-07-22 21:20:55 122880 --a------ C:\WINDOWS\system32\CMCFG3232323232323232.dll
2008-07-22 21:20:08 122880 --a------ C:\WINDOWS\system32\CARDS323232.dll
2008-07-22 21:19:24 122880 --a------ C:\WINDOWS\system32\cdosys3232323232.dll
2008-07-22 21:18:42 122880 --a------ C:\WINDOWS\system32\ciodm32323232.dll
2008-07-22 21:18:01 122880 --a------ C:\WINDOWS\system32\BSZIP3232.dll
2008-07-22 21:17:13 122880 --a------ C:\WINDOWS\system32\catsrvut3232.dll
2008-07-22 21:16:32 122880 --a------ C:\WINDOWS\system32\CFGBKEND32323232.dll
2008-07-22 21:15:51 122880 --a------ C:\WINDOWS\system32\clbcatq323232323232.dll
2008-07-22 21:15:08 122880 --a------ C:\WINDOWS\system32\CABVIEW32.dll
2008-07-22 21:14:28 122880 --a------ C:\WINDOWS\system32\cdosys32323232.dll
2008-07-22 21:13:45 122880 --a------ C:\WINDOWS\system32\ciodm323232.dll
2008-07-22 21:13:00 122880 --a------ C:\WINDOWS\system32\bkqkxada323232.dll
2008-07-22 21:12:20 122880 --a------ C:\WINDOWS\system32\cbXOhiGX323232323232.dll
2008-07-22 21:11:32 122880 --a------ C:\WINDOWS\system32\CERTMGR323232.dll
2008-07-22 21:10:52 122880 --a------ C:\WINDOWS\system32\clbcatex3232323232323232.dll
2008-07-22 21:10:00 122880 --a------ C:\WINDOWS\system32\BIDISPL3232.dll
2008-07-22 21:09:09 122880 --a------ C:\WINDOWS\system32\BSZIP32.dll
2008-07-22 21:08:29 122880 --a------ C:\WINDOWS\system32\cdm323232323232.dll
2008-07-22 21:07:48 122880 --a------ C:\WINDOWS\system32\CIC323232323232323232.dll
2008-07-22 21:07:00 122880 --a------ C:\WINDOWS\system32\AVWAV3232.dll
2008-07-22 21:06:20 122880 --a------ C:\WINDOWS\system32\CARDS3232.dll
2008-07-22 21:05:31 122880 --a------ C:\WINDOWS\system32\cdm3232323232.dll
2008-07-22 21:04:50 122880 --a------ C:\WINDOWS\system32\CIC3232323232323232.dll
2008-07-22 21:03:54 122880 --a------ C:\WINDOWS\system32\CLB32323232323232.dll
2008-07-22 21:03:12 122880 --a------ C:\WINDOWS\system32\BOOTVID32.dll
2008-07-22 21:02:32 122880 --a------ C:\WINDOWS\system32\cdintf32323232.dll
2008-07-22 21:01:52 122880 --a------ C:\WINDOWS\system32\CIC32323232323232.dll
2008-07-22 21:01:12 122880 --a------ C:\WINDOWS\system32\bkxskimw3232.dll
2008-07-22 21:00:32 122880 --a------ C:\WINDOWS\system32\cdfview323232.dll
2008-07-22 20:59:48 122880 --a------ C:\WINDOWS\system32\COMPSTUI3232323232323232.dll
2008-07-22 20:59:07 122880 --a------ C:\WINDOWS\system32\CMCFG32323232323232.dll
2008-07-22 20:57:55 122880 --a------ C:\WINDOWS\system32\COMRES323232323232.dll
2008-07-22 20:56:44 122880 --a------ C:\WINDOWS\system32\COMMDLG323232323232.dll
2008-07-22 20:55:41 122880 --a------ C:\WINDOWS\system32\comctl32323232323232.dll
2008-07-22 20:54:57 122880 --a------ C:\WINDOWS\system32\COMRES3232323232.dll
2008-07-22 20:54:16 122880 --a------ C:\WINDOWS\system32\cmirndrh32323232323232.dll
2008-07-22 20:53:35 122880 --a------ C:\WINDOWS\system32\CNVFAT323232323232323232323232.dll
2008-07-22 20:52:50 122880 --a------ C:\WINDOWS\system32\compatUI323232323232323232.dll
2008-07-22 20:51:59 122880 --a------ C:\WINDOWS\system32\COMRES32323232.dll
2008-07-22 20:51:13 122880 --a------ C:\WINDOWS\system32\CLUSAPI32323232323232.dll
2008-07-22 20:50:24 122880 --a------ C:\WINDOWS\system32\CMPROPS3232323232323232.dll
2008-07-22 20:49:38 122880 --a------ C:\WINDOWS\system32\CNVFAT3232323232323232323232.dll
2008-07-22 20:48:48 122880 --a------ C:\WINDOWS\system32\COMDLG323232323232.dll
2008-07-22 20:48:04 122880 --a------ C:\WINDOWS\system32\CIC323232323232.dll
2008-07-22 20:46:54 122880 --a------ C:\WINDOWS\system32\compatUI3232323232323232.dll
2008-07-22 20:45:49 122880 --a------ C:\WINDOWS\system32\comctl323232323232.dll
2008-07-22 20:44:33 122880 --a------ C:\WINDOWS\system32\CMUTIL3232323232323232.dll
2008-07-22 20:43:43 122880 --a------ C:\WINDOWS\system32\CNVFAT32323232323232323232.dll
2008-07-22 20:43:03 122880 --a------ C:\WINDOWS\system32\cfxjlmic3232323232.dll
2008-07-22 20:42:21 122880 --a------ C:\WINDOWS\system32\CLUSAPI323232323232.dll
2008-07-22 20:41:41 122880 --a------ C:\WINDOWS\system32\CNETCFG3232323232.dll
2008-07-22 20:40:58 122880 --a------ C:\WINDOWS\system32\compatUI32323232323232.dll
2008-07-22 20:40:17 122880 --a------ C:\WINDOWS\system32\clbcatex32323232323232.dll
2008-07-22 20:39:37 122880 --a------ C:\WINDOWS\system32\CMUTIL32323232323232.dll
2008-07-22 20:38:55 122880 --a------ C:\WINDOWS\system32\COMDLG3232323232.dll
2008-07-22 20:38:05 122880 --a------ C:\WINDOWS\system32\CFGBKEND323232.dll
2008-07-22 20:37:25 122880 --a------ C:\WINDOWS\system32\CLUSAPI3232323232.dll
2008-07-22 20:36:36 122880 --a------ C:\WINDOWS\system32\CMPROPS32323232323232.dll
2008-07-22 20:35:54 122880 --a------ C:\WINDOWS\system32\COMCAT3232323232.dll
2008-07-22 20:35:07 122880 --a------ C:\WINDOWS\system32\cewmdm323232323232.dll
2008-07-22 20:34:26 122880 --a------ C:\WINDOWS\system32\CLICONFG323232323232.dll
2008-07-22 20:33:45 122880 --a------ C:\WINDOWS\system32\CNBJMON323232323232323232323232.dll
2008-07-22 20:32:56 122880 --a------ C:\WINDOWS\system32\COMCAT32323232.dll
2008-07-22 20:32:13 122880 --a------ C:\WINDOWS\system32\cfxjlmic32323232.dll
2008-07-22 20:31:30 122880 --a------ C:\WINDOWS\system32\CLUSAPI32323232.dll
2008-07-22 20:30:47 122880 --a------ C:\WINDOWS\system32\CNBJMON3232323232323232323232.dll
2008-07-22 20:30:00 122880 --a------ C:\WINDOWS\system32\cbXOhiGX3232323232.dll
2008-07-22 20:28:56 122880 --a------ C:\WINDOWS\system32\colbact3232323232323232.dll
2008-07-22 20:27:46 122880 --a------ C:\WINDOWS\system32\CMUTIL323232323232.dll
2008-07-22 20:26:44 122880 --a------ C:\WINDOWS\system32\CMPROPS323232323232.dll
2008-07-22 20:25:43 122880 --a------ C:\WINDOWS\system32\CMPBK323232323232.dll
2008-07-22 20:24:42 122880 --a------ C:\WINDOWS\system32\cmirndrh323232323232.dll
2008-07-22 20:24:00 122880 --a------ C:\WINDOWS\system32\CAPESNPN323232323232.dll
2008-07-22 20:23:18 122880 --a------ C:\WINDOWS\system32\cewmdm3232323232.dll
2008-07-22 20:22:24 122880 --a------ C:\WINDOWS\system32\chuzwb323232323232.dll
2008-07-22 20:21:44 122880 --a------ C:\WINDOWS\system32\cmirndrh3232323232.dll
2008-07-22 20:20:54 122880 --a------ C:\WINDOWS\system32\CNBJMON32323232323232323232.dll
2008-07-22 20:20:14 122880 --a------ C:\WINDOWS\system32\cdm32323232.dll
2008-07-22 20:19:33 122880 --a------ C:\WINDOWS\system32\CLB323232323232.dll
2008-07-22 20:18:52 122880 --a------ C:\WINDOWS\system32\CMUTIL3232323232.dll
2008-07-22 20:18:09 122880 --a------ C:\WINDOWS\system32\catsrvut32.dll
2008-07-22 20:17:26 122880 --a------ C:\WINDOWS\system32\cfxjlmic323232.dll
2008-07-22 20:16:42 122880 --a------ C:\WINDOWS\system32\CLUSAPI323232.dll
2008-07-22 20:15:57 122880 --a------ C:\WINDOWS\system32\CNBJMON323232323232323232.dll
2008-07-22 20:15:14 122880 --a------ C:\WINDOWS\system32\cbXOhiGX32323232.dll
2008-07-22 20:14:34 122880 --a------ C:\WINDOWS\system32\CIC3232323232.dll
2008-07-22 20:13:51 122880 --a------ C:\WINDOWS\system32\CMPBK3232323232.dll
2008-07-22 20:13:02 122880 --a------ C:\WINDOWS\system32\BROWSELC32.dll
2008-07-22 20:12:22 122880 --a------ C:\WINDOWS\system32\CDMODEM323232.dll
2008-07-22 20:11:41 122880 --a------ C:\WINDOWS\system32\clbcatex323232323232.dll
2008-07-22 20:10:57 122880 --a------ C:\WINDOWS\system32\CMUTIL32323232.dll
2008-07-22 20:10:15 122880 --a------ C:\WINDOWS\system32\catsrv32.dll
2008-07-22 20:09:30 122880 --a------ C:\WINDOWS\system32\cewmdm32323232.dll
2008-07-22 20:08:45 122880 --a------ C:\WINDOWS\system32\clbcatq3232323232.dll
2008-07-22 20:07:52 122880 --a------ C:\WINDOWS\system32\CMDIAL323232323232.dll
2008-07-22 20:07:11 122880 --a------ C:\WINDOWS\system32\BTHSERV3232.dll
2008-07-22 20:06:31 122880 --a------ C:\WINDOWS\system32\CERTMGR3232.dll
2008-07-22 20:05:47 122880 --a------ C:\WINDOWS\system32\clbcatq32323232.dll
2008-07-22 20:05:01 122880 --a------ C:\WINDOWS\system32\AVTAPI32.dll
2008-07-22 20:04:06 122880 --a------ C:\WINDOWS\system32\BITSPRX23232.dll
2008-07-22 20:03:23 122880 --a------ C:\WINDOWS\system32\cbxidked3232.dll
2008-07-22 20:02:43 122880 --a------ C:\WINDOWS\system32\CIC32323232.dll
2008-07-22 20:01:21 122880 --a------ C:\WINDOWS\system32\CAPESNPN3232323232.dll
2008-07-22 20:00:41 122880 --a------ C:\WINDOWS\system32\chuzwb3232323232.dll
2008-07-22 19:52:59 122880 --a------ C:\WINDOWS\system32\CRYPTNET323232323232.dll
2008-07-22 19:50:59 122880 --a------ C:\WINDOWS\system32\CRYPTEXT3232323232323232.dll
2008-07-22 19:46:57 122880 --a------ C:\WINDOWS\system32\CRYPT323232323232323232.dll
2008-07-22 19:45:55 122880 --a------ C:\WINDOWS\system32\CRTDLL323232.dll
2008-07-22 19:44:54 122880 --a------ C:\WINDOWS\system32\corpol32323232.dll
2008-07-22 19:43:51 122880 --a------ C:\WINDOWS\system32\comuid3232323232.dll
2008-07-22 19:42:50 122880 --a------ C:\WINDOWS\system32\comsvcs323232.dll
2008-07-22 19:41:47 122880 --a------ C:\WINDOWS\system32\comrepl32323232323232323232.dll
2008-07-22 19:40:41 122880 --a------ C:\WINDOWS\system32\compatUI323232323232.dll
2008-07-22 19:39:38 122880 --a------ C:\WINDOWS\system32\COMDLG32323232.dll
2008-07-22 19:38:38 122880 --a------ C:\WINDOWS\system32\comctl3232323232.dll
2008-07-22 19:37:35 122880 --a------ C:\WINDOWS\system32\colbact32323232323232.dll
2008-07-22 19:36:29 122880 --a------ C:\WINDOWS\system32\CNBJMON3232323232323232.dll
2008-07-22 19:35:27 122880 --a------ C:\WINDOWS\system32\CMUTIL323232.dll
2008-07-22 19:34:24 122880 --a------ C:\WINDOWS\system32\CMPBK32323232.dll
2008-07-22 19:33:24 122880 --a------ C:\WINDOWS\system32\cmirndrh32323232.dll
2008-07-22 19:32:22 122880 --a------ C:\WINDOWS\system32\CMCFG323232323232.dll
2008-07-22 19:31:21 122880 --a------ C:\WINDOWS\system32\CLUSAPI3232.dll
2008-07-22 19:30:21 122880 --a------ C:\WINDOWS\system32\CLICONFG3232323232.dll
2008-07-22 19:29:19 122880 --a------ C:\WINDOWS\system32\clbcatex3232323232.dll
2008-07-22 19:28:36 122880 --a------ C:\WINDOWS\system32\CNETCFG32323232.dll
2008-07-22 19:27:50 122880 --a------ C:\WINDOWS\system32\compatUI3232323232.dll
2008-07-22 19:27:10 122880 --a------ C:\WINDOWS\system32\CFGBKEND3232.dll
2008-07-22 19:26:29 122880 --a------ C:\WINDOWS\system32\cmirndrh323232.dll
2008-07-22 19:25:47 122880 --a------ C:\WINDOWS\system32\comctl32323232.dll
2008-07-22 19:25:07 122880 --a------ C:\WINDOWS\system32\cdoorhmr3232.dll
2008-07-22 19:24:26 122880 --a------ C:\WINDOWS\system32\CLICONFG32323232.dll
2008-07-22 19:23:46 122880 --a------ C:\WINDOWS\system32\COMADDIN323232.dll
2008-07-22 19:23:06 122880 --a------ C:\WINDOWS\system32\cdintf323232.dll
2008-07-22 19:22:26 122880 --a------ C:\WINDOWS\system32\clbcatq323232.dll
2008-07-22 19:21:46 122880 --a------ C:\WINDOWS\system32\colbact323232323232.dll
2008-07-22 19:21:03 122880 --a------ C:\WINDOWS\system32\CATSRVPS3232.dll
2008-07-22 19:20:23 122880 --a------ C:\WINDOWS\system32\ciodm3232.dll
2008-07-22 19:19:41 122880 --a------ C:\WINDOWS\system32\CNBJMON32323232323232.dll
2008-07-22 19:19:01 122880 --a------ C:\WINDOWS\system32\CAMOCX3232.dll
2008-07-22 19:18:21 122880 --a------ C:\WINDOWS\system32\chuzwb32323232.dll
2008-07-22 19:17:39 122880 --a------ C:\WINDOWS\system32\cmsetACL3232.dll
2008-07-22 19:16:57 122880 --a------ C:\WINDOWS\system32\COMPOBJ3232.dll
2008-07-22 19:16:16 122880 --a------ C:\WINDOWS\system32\cdosys323232.dll
2008-07-22 19:15:36 122880 --a------ C:\WINDOWS\system32\CMDIAL3232323232.dll
2008-07-22 19:14:56 122880 --a------ C:\WINDOWS\system32\COMMDLG3232323232.dll
2008-07-22 19:14:02 122880 --a------ C:\WINDOWS\system32\BTHCI32.dll
2008-07-22 19:13:22 122880 --a------ C:\WINDOWS\system32\CFGBKEND32.dll
2008-07-22 19:12:42 122880 --a------ C:\WINDOWS\system32\CMPROPS3232323232.dll
2008-07-22 19:11:58 122880 --a------ C:\WINDOWS\system32\COMMDLG32323232.dll
2008-07-22 19:11:11 122880 --a------ C:\WINDOWS\system32\CARDS32.dll
2008-07-22 19:10:31 122880 --a------ C:\WINDOWS\system32\ciodm32.dll
2008-07-22 19:09:44 122880 --a------ C:\WINDOWS\system32\CMPROPS32323232.dll
2008-07-22 19:09:02 122880 --a------ C:\WINDOWS\system32\bkqkxada3232.dll
2008-07-22 19:08:22 122880 --a------ C:\WINDOWS\system32\cdoorhmr32.dll
2008-07-22 19:07:42 122880 --a------ C:\WINDOWS\system32\CMDIAL32323232.dll
2008-07-22 19:07:02 122880 --a------ C:\WINDOWS\system32\BITSPRX232.dll
2008-07-22 19:06:21 122880 --a------ C:\WINDOWS\system32\cdintf3232.dll
2008-07-22 19:05:40 122880 --a------ C:\WINDOWS\system32\CLICONFG323232.dll
2008-07-22 19:05:00 122880 --a------ C:\WINDOWS\system32\AVMETER32.dll
2008-07-22 19:04:05 122880 --a------ C:\WINDOWS\system32\BITSPRX332.dll
2008-07-22 19:03:25 122880 --a------ C:\WINDOWS\system32\CDMODEM3232.dll
2008-07-22 19:02:44 122880 --a------ C:\WINDOWS\system32\CMCFG3232323232.dll
2008-07-22 19:01:24 122880 --a------ C:\WINDOWS\system32\cdfview3232.dll
2008-07-22 19:00:43 122880 --a------ C:\WINDOWS\system32\CLICONFG3232.dll
2008-07-22 18:56:59 122880 --a------ C:\WINDOWS\system32\D3DIM700323232323232323232.dll
2008-07-22 18:48:53 122880 --a------ C:\WINDOWS\system32\ctafrcan3232323232.dll
2008-07-22 18:47:41 122880 --a------ C:\WINDOWS\system32\CRYPTDLL3232323232.dll
2008-07-22 18:46:40 122880 --a------ C:\WINDOWS\system32\CRYPTDLG32323232.dll
2008-07-22 18:45:26 122880 --a------ C:\WINDOWS\system32\comrepl323232323232323232.dll
2008-07-22 18:44:24 122880 --a------ C:\WINDOWS\system32\COMPSTUI32323232323232.dll
2008-07-22 18:43:22 122880 --a------ C:\WINDOWS\system32\compatUI32323232.dll
2008-07-22 18:42:17 122880 --a------ C:\WINDOWS\system32\COMADDIN3232.dll
2008-07-22 18:41:26 122880 --a------ C:\WINDOWS\system32\COMPSTUI323232323232.dll
2008-07-22 18:40:43 122880 --a------ C:\WINDOWS\system32\CRYPT3232323232323232.dll
2008-07-22 18:40:01 122880 --a------ C:\WINDOWS\system32\clbcatex32323232.dll
2008-07-22 18:39:17 122880 --a------ C:\WINDOWS\system32\CNVFAT323232323232323232.dll
2008-07-22 18:38:34 122880 --a------ C:\WINDOWS\system32\COMSNAP3232323232.dll
2008-07-22 18:37:50 122880 --a------ C:\WINDOWS\system32\CRYPTEXT32323232323232.dll
2008-07-22 18:37:07 122880 --a------ C:\WINDOWS\system32\CMCFG32323232.dll
2008-07-22 18:36:26 122880 --a------ C:\WINDOWS\system32\COMMDLG323232.dll
2008-07-22 18:35:42 122880 --a------ C:\WINDOWS\system32\corpol323232.dll
2008-07-22 18:35:01 122880 --a------ C:\WINDOWS\system32\CIADMIN3232323232.dll
2008-07-22 18:34:17 122880 --a------ C:\WINDOWS\system32\CNBJMON323232323232.dll
2008-07-22 18:33:30 122880 --a------ C:\WINDOWS\system32\COMPOBJ32.dll
2008-07-22 18:32:44 122880 --a------ C:\WINDOWS\system32\corpol3232.dll
2008-07-22 18:32:01 122880 --a------ C:\WINDOWS\system32\cfxjlmic3232.dll
2008-07-22 18:31:09 122880 --a------ C:\WINDOWS\system32\clbcatex323232.dll
2008-07-22 18:30:26 122880 --a------ C:\WINDOWS\system32\colbact3232323232.dll
2008-07-22 18:29:45 122880 --a------ C:\WINDOWS\system32\CONSOLE3232.dll
2008-07-22 18:29:03 122880 --a------ C:\WINDOWS\system32\CFGMGR323232.dll
2008-07-22 18:28:22 122880 --a------ C:\WINDOWS\system32\CNBJMON3232323232.dll
2008-07-22 18:27:40 122880 --a------ C:\WINDOWS\system32\COMRES323232.dll
2008-07-22 18:27:00 122880 --a------ C:\WINDOWS\system32\CDMODEM32.dll
2008-07-22 18:25:59 122880 --a------ C:\WINDOWS\system32\CRYPTNET3232323232.dll
2008-07-22 18:25:11 122880 --a------ C:\WINDOWS\system32\CIC323232.dll
2008-07-22 18:24:29 122880 --a------ C:\WINDOWS\system32\CNVFAT3232323232323232.dll
2008-07-22 18:23:42 122880 --a------ C:\WINDOWS\system32\comrepl3232323232323232.dll
2008-07-22 18:22:57 122880 --a------ C:\WINDOWS\system32\CRYPTDLL32323232.dll
2008-07-22 18:22:13 122880 --a------ C:\WINDOWS\system32\CIADMIN32323232.dll
2008-07-22 18:21:33 122880 --a------ C:\WINDOWS\system32\colbact32323232.dll
2008-07-22 18:20:49 122880 --a------ C:\WINDOWS\system32\comuid32323232.dll
2008-07-22 18:20:05 122880 --a------ C:\WINDOWS\system32\cdintf32.dll
2008-07-22 18:19:25 122880 --a------ C:\WINDOWS\system32\CMPBK323232.dll
2008-07-22 18:18:43 122880 --a------ C:\WINDOWS\system32\COMPSTUI3232323232.dll
2008-07-22 18:18:01 122880 --a------ C:\WINDOWS\system32\CAPESNPN32323232.dll
2008-07-22 18:17:18 122880 --a------ C:\WINDOWS\system32\CIC3232.dll
2008-07-22 18:16:37 122880 --a------ C:\WINDOWS\system32\COMADDIN32.dll
2008-07-22 18:15:54 122880 --a------ C:\WINDOWS\system32\CONSOLE32.dll
2008-07-22 18:15:13 122880 --a------ C:\WINDOWS\system32\CERTCLI3232.dll
2008-07-22 18:14:33 122880 --a------ C:\WINDOWS\system32\CNBJMON32323232.dll
2008-07-22 18:13:53 122880 --a------ C:\WINDOWS\system32\comuid323232.dll
2008-07-22 18:13:00 122880 --a------ C:\WINDOWS\system32\BROWSEWM3232.dll
2008-07-22 18:12:20 122880 --a------ C:\WINDOWS\system32\chuzwb323232.dll
2008-07-22 18:11:39 122880 --a------ C:\WINDOWS\system32\CNVFAT32323232323232.dll
2008-07-22 18:10:55 122880 --a------ C:\WINDOWS\system32\comuid3232.dll
2008-07-22 18:10:14 122880 --a------ C:\WINDOWS\system32\cdfview32.dll
2008-07-22 18:09:34 122880 --a------ C:\WINDOWS\system32\CMPROPS323232.dll
2008-07-22 18:08:52 122880 --a------ C:\WINDOWS\system32\comrepl32323232323232.dll
2008-07-22 18:08:11 122880 --a------ C:\WINDOWS\system32\capicom32.dll
2008-07-22 18:07:30 122880 --a------ C:\WINDOWS\system32\clbcatq3232.dll
2008-07-22 18:06:45 122880 --a------ C:\WINDOWS\system32\COMCAT323232.dll
2008-07-22 18:06:05 122880 --a------ C:\WINDOWS\system32\blucjpcd32.dll
2008-07-22 18:05:25 122880 --a------ C:\WINDOWS\system32\cfxjlmic32.dll
2008-07-22 18:04:45 122880 --a------ C:\WINDOWS\system32\colbact323232.dll
2008-07-22 18:04:05 122880 --a------ C:\WINDOWS\system32\bkqkxada32.dll
2008-07-22 18:03:25 122880 --a------ C:\WINDOWS\system32\cewmdm323232.dll
2008-07-22 18:02:45 122880 --a------ C:\WINDOWS\system32\CNVFAT323232323232.dll
2008-07-22 18:02:05 122880 --a------ C:\WINDOWS\system32\betggeje32.dll
2008-07-22 18:01:25 122880 --a------ C:\WINDOWS\system32\CERTCLI32.dll
2008-07-22 18:00:43 122880 --a------ C:\WINDOWS\system32\CNBJMON323232.dll
2008-07-22 17:59:56 122880 --a------ C:\WINDOWS\system32\DellSys323232.dll
2008-07-22 17:58:53 122880 --a------ C:\WINDOWS\system32\DCIMAN32323232.dll
2008-07-22 17:57:51 122880 --a------ C:\WINDOWS\system32\DBMSRPCN3232.dll
2008-07-22 17:56:51 122880 --a------ C:\WINDOWS\system32\DBGHELP323232.dll
2008-07-22 17:55:45 122880 --a------ C:\WINDOWS\system32\D3DXOF323232323232.dll
2008-07-22 17:54:57 122880 --a------ C:\WINDOWS\system32\DDEML323232.dll
2008-07-22 17:54:17 122880 --a------ C:\WINDOWS\system32\CRYPTEXT323232323232.dll
2008-07-22 17:53:36 122880 --a------ C:\WINDOWS\system32\D3D8THK323232323232.dll
2008-07-22 17:52:53 122880 --a------ C:\WINDOWS\system32\DBGENG32.dll
2008-07-22 17:52:04 122880 --a------ C:\WINDOWS\system32\comrepl323232323232.dll
2008-07-22 17:51:22 122880 --a------ C:\WINDOWS\system32\CRYPTSVC323232.dll
2008-07-22 17:50:40 122880 --a------ C:\WINDOWS\system32\D3D93232323232.dll
2008-07-22 17:49:58 122880 --a------ C:\WINDOWS\system32\DBNMPNTW3232.dll
2008-07-22 17:49:17 122880 --a------ C:\WINDOWS\system32\CRYPT32323232323232.dll
2008-07-22 17:48:32 122880 --a------ C:\WINDOWS\system32\ctafrcan32323232.dll
2008-07-22 17:47:52 122880 --a------ C:\WINDOWS\system32\danim323232.dll
2008-07-22 17:47:12 122880 --a------ C:\WINDOWS\system32\comsvcs3232.dll
2008-07-22 17:46:32 122880 --a------ C:\WINDOWS\system32\CSSEQCHK323232.dll
2008-07-22 17:45:52 122880 --a------ C:\WINDOWS\system32\D3DXOF3232323232.dll
2008-07-22 17:45:07 122880 --a------ C:\WINDOWS\system32\compatUI323232.dll
2008-07-22 17:44:27 122880 --a------ C:\WINDOWS\system32\CRYPTNET32323232.dll
2008-07-22 17:43:45 122880 --a------ C:\WINDOWS\system32\D3D932323232.dll
2008-07-22 17:43:03 122880 --a------ C:\WINDOWS\system32\CNVFAT3232323232.dll
2008-07-22 17:42:23 122880 --a------ C:\WINDOWS\system32\CRYPT323232323232.dll
2008-07-22 17:41:41 122880 --a------ C:\WINDOWS\system32\cytqbjdu323232.dll
2008-07-22 17:41:01 122880 --a------ C:\WINDOWS\system32\CMUTIL3232.dll
2008-07-22 17:40:20 122880 --a------ C:\WINDOWS\system32\CONFMSP32323232.dll
2008-07-22 17:39:38 122880 --a------ C:\WINDOWS\system32\ctafrcan323232.dll
2008-07-22 17:38:56 122880 --a------ C:\WINDOWS\system32\D3DXOF32323232.dll
2008-07-22 17:38:15 122880 --a------ C:\WINDOWS\system32\COMPSTUI32323232.dll
2008-07-22 17:37:31 122880 --a------ C:\WINDOWS\system32\CRYPTEXT3232323232.dll
2008-07-22 17:36:49 122880 --a------ C:\WINDOWS\system32\D3D9323232.dll
2008-07-22 17:36:03 122880 --a------ C:\WINDOWS\system32\cmirndrh3232.dll
2008-07-22 17:35:11 122880 --a------ C:\WINDOWS\system32\colbact3232.dll
2008-07-22 17:34:29 122880 --a------ C:\WINDOWS\system32\CRYPT3232323232.dll
2008-07-22 17:33:48 122880 --a------ C:\WINDOWS\system32\D3D83232323232.dll
2008-07-22 17:33:03 122880 --a------ C:\WINDOWS\system32\CLUSAPI32.dll
2008-07-22 17:31:58 122880 --a------ C:\WINDOWS\system32\D3DRAMP3232.dll
2008-07-22 17:31:12 122880 --a------ C:\WINDOWS\system32\CNETCFG323232.dll
2008-07-22 17:30:32 122880 --a------ C:\WINDOWS\system32\CRYPT32323232.dll
2008-07-22 17:29:51 122880 --a------ C:\WINDOWS\system32\D3D832323232.dll
2008-07-22 17:29:06 122880 --a------ C:\WINDOWS\system32\clbcatq32.dll
2008-07-22 17:28:23 122880 --a------ C:\WINDOWS\system32\COMPSTUI323232.dll
2008-07-22 17:27:43 122880 --a------ C:\WINDOWS\system32\CSCDLL3232.dll
2008-07-22 17:26:59 122880 --a------ C:\WINDOWS\system32\D3DIM7003232323232323232.dll
2008-07-22 17:26:18 122880 --a------ C:\WINDOWS\system32\CNVFAT32323232.dll
2008-07-22 17:25:37 122880 --a------ C:\WINDOWS\system32\CRYPTDLG323232.dll
2008-07-22 17:24:56 122880 --a------ C:\WINDOWS\system32\D3D8THK3232323232.dll
2008-07-22 17:24:14 122880 --a------ C:\WINDOWS\system32\cmirndrh32.dll
2008-07-22 17:23:32 122880 --a------ C:\WINDOWS\system32\comsvcs32.dll
2008-07-22 17:22:42 122880 --a------ C:\WINDOWS\system32\CRYPTEXT32323232.dll
2008-07-22 17:22:00 122880 --a------ C:\WINDOWS\system32\CCFGNT3232.dll
2008-07-22 17:21:20 122880 --a------ C:\WINDOWS\system32\CNBJMON3232.dll
2008-07-22 17:20:36 122880 --a------ C:\WINDOWS\system32\CONFMSP323232.dll
2008-07-22 17:19:56 122880 --a------ C:\WINDOWS\system32\cytqbjdu3232.dll
2008-07-22 17:19:12 122880 --a------ C:\WINDOWS\system32\CIC32.dll
2008-07-22 17:18:30 122880 --a------ C:\WINDOWS\system32\compatUI3232.dll
2008-07-22 17:17:45 122880 --a------ C:\WINDOWS\system32\CRYPTEXT323232.dll
2008-07-22 17:17:04 122880 --a------ C:\WINDOWS\system32\cbXOhiGX323232.dll
2008-07-22 17:16:24 122880 --a------ C:\WINDOWS\system32\CNBJMON32.dll
2008-07-22 17:15:44 122880 --a------ C:\WINDOWS\system32\CRYPTDLG3232.dll
2008-07-22 17:15:04 122880 --a------ C:\WINDOWS\system32\CATSRVPS32.dll
2008-07-22 17:14:24 122880 --a------ C:\WINDOWS\system32\CMPROPS3232.dll
2008-07-22 17:13:41 122880 --a------ C:\WINDOWS\system32\CONFMSP3232.dll
2008-07-22 17:13:00 122880 --a------ C:\WINDOWS\system32\BTHSERV32.dll
2008-07-22 17:12:16 122880 --a------ C:\WINDOWS\system32\chuzwb3232.dll
2008-07-22 17:11:36 122880 --a------ C:\WINDOWS\system32\COMPSTUI3232.dll
2008-07-22 17:10:53 122880 --a------ C:\WINDOWS\system32\CRYPTUI3232323232.dll
2008-07-22 17:10:07 122880 --a------ C:\WINDOWS\system32\CAPESNPN323232.dll
2008-07-22 17:09:27 122880 --a------ C:\WINDOWS\system32\CMPBK3232.dll
2008-07-22 17:08:44 122880 --a------ C:\WINDOWS\system32\CONFMSP32.dll
2008-07-22 17:08:04 122880 --a------ C:\WINDOWS\system32\BROWSEWM32.dll
2008-07-22 17:07:24 122880 --a------ C:\WINDOWS\system32\CLB3232323232.dll
2008-07-22 17:06:44 122880 --a------ C:\WINDOWS\system32\COMSNAP32323232.dll
2008-07-22 17:06:03 122880 --a------ C:\WINDOWS\system32\bkxskimw32.dll
2008-07-22 17:05:23 122880 --a------ C:\WINDOWS\system32\CIADMIN323232.dll
2008-07-22 17:04:40 122880 --a------ C:\WINDOWS\system32\compatUI32.dll
2008-07-22 17:03:20 122880 --a------ C:\WINDOWS\system32\cdosys3232.dll
2008-07-22 17:02:40 122880 --a------ C:\WINDOWS\system32\COMDLG323232.dll
2008-07-22 17:01:58 122880 --a------ C:\WINDOWS\system32\CRYPTUI32323232.dll
2008-07-22 17:01:18 122880 --a------ C:\WINDOWS\system32\cbXOhiGX3232.dll
2008-07-22 17:00:38 122880 --a------ C:\WINDOWS\system32\CNVFAT323232.dll
2008-07-22 16:59:58 122880 --a------ C:\WINDOWS\system32\dlbtgf32.dll
2008-07-22 16:59:18 122880 --a------ C:\WINDOWS\system32\D3DXOF323232.dll
2008-07-22 16:58:36 122880 --a------ C:\WINDOWS\system32\DESKPERF32323232.dll
2008-07-22 16:57:56 122880 --a------ C:\WINDOWS\system32\djxacpdq323232.dll
2008-07-22 16:57:16 122880 --a------ C:\WINDOWS\system32\D3DIM70032323232323232.dll
2008-07-22 16:56:36 122880 --a------ C:\WINDOWS\system32\DESKMON323232323232.dll
2008-07-22 16:55:54 122880 --a------ C:\WINDOWS\system32\DINPUT8323232.dll
2008-07-22 16:55:14 122880 --a------ C:\WINDOWS\system32\D3D8THK32323232.dll
2008-07-22 16:54:34 122880 --a------ C:\WINDOWS\system32\DDRAWEX3232.dll
2008-07-22 16:53:47 122880 --a------ C:\WINDOWS\system32\DGNET323232323232.dll
2008-07-22 16:53:05 122880 --a------ C:\WINDOWS\system32\CRYPTUI323232.dll
2008-07-22 16:52:23 122880 --a------ C:\WINDOWS\system32\D3DRM3232.dll
2008-07-22 16:51:43 122880 --a------ C:\WINDOWS\system32\DEVMGR323232.dll
2008-07-22 16:51:03 122880 --a------ C:\WINDOWS\system32\CRYPTDLL323232.dll
2008-07-22 16:50:23 122880 --a------ C:\WINDOWS\system32\D3DPMESH323232.dll
2008-07-22 16:49:41 122880 --a------ C:\WINDOWS\system32\DESKMON3232323232.dll
2008-07-22 16:48:58 122880 --a------ C:\WINDOWS\system32\DINPUT83232.dll
2008-07-22 16:48:16 122880 --a------ C:\WINDOWS\system32\CTL3DV2323232.dll
2008-07-22 16:47:36 122880 --a------ C:\WINDOWS\system32\DBNMPNTW32.dll
2008-07-22 16:46:55 122880 --a------ C:\WINDOWS\system32\DHCPMON32323232.dll
2008-07-22 16:46:14 122880 --a------ C:\WINDOWS\system32\CSRSRV3232.dll
2008-07-22 16:45:32 122880 --a------ C:\WINDOWS\system32\DATACLEN3232323232.dll
2008-07-22 16:44:49 122880 --a------ C:\WINDOWS\system32\DFRGRES32323232.dll
2008-07-22 16:44:08 122880 --a------ C:\WINDOWS\system32\CRYPT323232.dll
2008-07-22 16:43:28 122880 --a------ C:\WINDOWS\system32\D3DIM700323232323232.dll
2008-07-22 16:42:47 122880 --a------ C:\WINDOWS\system32\DESKPERF323232.dll
2008-07-22 16:42:06 122880 --a------ C:\WINDOWS\system32\comuid32.dll
2008-07-22 16:41:20 122880 --a------ C:\WINDOWS\system32\ctafrcan3232.dll
2008-07-22 16:40:31 122880 --a------ C:\WINDOWS\system32\D3DPMESH3232.dll
2008-07-22 16:39:48 122880 --a------ C:\WINDOWS\system32\DESKMON32323232.dll
2008-07-22 16:39:08 122880 --a------ C:\WINDOWS\system32\COMSNAP323232.dll
2008-07-22 16:38:28 122880 --a------ C:\WINDOWS\system32\D3D8THK323232.dll
2008-07-22 16:37:47 122880 --a------ C:\WINDOWS\system32\DellSys3232.dll
2008-07-22 16:37:06 122880 --a------ C:\WINDOWS\system32\COMPSTUI32.dll
2008-07-22 16:36:25 122880 --a------ C:\WINDOWS\system32\CTL3D323232.dll
2008-07-22 16:35:44 122880 --a------ C:\WINDOWS\system32\DBNETLIB3232.dll
2008-07-22 16:35:00 122880 --a------ C:\WINDOWS\system32\cmsetACL32.dll
2008-07-22 16:34:17 122880 --a------ C:\WINDOWS\system32\CRYPTDLG32.dll
2008-07-22 16:33:37 122880 --a------ C:\WINDOWS\system32\D3DRM32.dll
2008-07-22 16:32:57 122880 --a------ C:\WINDOWS\system32\DFRGUI32.dll
2008-07-22 16:32:17 122880 --a------ C:\WINDOWS\system32\CREDUI3232.dll
2008-07-22 16:31:37 122880 --a------ C:\WINDOWS\system32\D3DIM7003232323232.dll
2008-07-22 16:30:55 122880 --a------ C:\WINDOWS\system32\DEVENUM3232.dll
2008-07-22 16:30:08 122880 --a------ C:\WINDOWS\system32\colbact32.dll
2008-07-22 16:29:26 122880 --a------ C:\WINDOWS\system32\CRYPTUI3232.dll
2008-07-22 16:28:44 122880 --a------ C:\WINDOWS\system32\DATACLEN32323232.dll
2008-07-22 16:28:04 122880 --a------ C:\WINDOWS\system32\CMCFG323232.dll
2008-07-22 16:27:22 122880 --a------ C:\WINDOWS\system32\CRTDLL3232.dll
2008-07-22 16:26:41 122880 --a------ C:\WINDOWS\system32\D3DPMESH32.dll
2008-07-22 16:25:58 122880 --a------ C:\WINDOWS\system32\DEVENUM32.dll
2008-07-22 16:25:16 122880 --a------ C:\WINDOWS\system32\COMMDLG3232.dll
2008-07-22 16:24:35 122880 --a------ C:\WINDOWS\system32\CTL3DV23232.dll
2008-07-22 16:23:47 122880 --a------ C:\WINDOWS\system32\DATACLEN323232.dll
2008-07-22 16:23:06 122880 --a------ C:\WINDOWS\system32\CLB32323232.dll
2008-07-22 16:22:21 122880 --a------ C:\WINDOWS\system32\comrepl3232323232.dll
2008-07-22 16:21:40 122880 --a------ C:\WINDOWS\system32\D3D8323232.dll
2008-07-22 16:21:00 122880 --a------ C:\WINDOWS\system32\cdm323232.dll
2008-07-22 16:20:12 122880 --a------ C:\WINDOWS\system32\CMDIAL323232.dll
2008-07-22 16:19:32 122880 --a------ C:\WINDOWS\system32\CRYPTNET323232.dll
2008-07-22 16:18:50 122880 --a------ C:\WINDOWS\system32\DATACLEN3232.dll
2008-07-22 16:18:06 122880 --a------ C:\WINDOWS\system32\cewmdm3232.dll
2008-07-22 16:17:25 122880 --a------ C:\WINDOWS\system32\comrepl32323232.dll
2008-07-22 16:16:44 122880 --a------ C:\WINDOWS\system32\D3D8THK3232.dll
2008-07-22 16:16:02 122880 --a------ C:\WINDOWS\system32\cbxidked32.dll
2008-07-22 16:15:22 122880 --a------ C:\WINDOWS\system32\COMCAT3232.dll
2008-07-22 16:14:42 122880 --a------ C:\WINDOWS\system32\CTL3DV232.dll
2008-07-22 16:14:02 122880 --a------ C:\WINDOWS\system32\CAPESNPN3232.dll
2008-07-22 16:13:19 122880 --a------ C:\WINDOWS\system32\CMPROPS32.dll
2008-07-22 16:12:38 122880 --a------ C:\WINDOWS\system32\CRYPTSVC3232.dll
2008-07-22 16:11:58 122880 --a------ C:\WINDOWS\system32\DBMSRPCN32.dll
2008-07-22 16:11:12 122880 --a------ C:\WINDOWS\system32\cewmdm32.dll
2008-07-22 16:10:32 122880 --a------ C:\WINDOWS\system32\COMSNAP3232.dll
2008-07-22 16:09:50 122880 --a------ C:\WINDOWS\system32\D3DIM3232.dll
2008-07-22 16:09:09 122880 --a------ C:\WINDOWS\system32\cbXOhiGX32.dll
2008-07-22 16:08:29 122880 --a------ C:\WINDOWS\system32\COMDLG3232.dll
2008-07-22 16:07:48 122880 --a------ C:\WINDOWS\system32\cytqbjdu32.dll
2008-07-22 16:07:08 122880 --a------ C:\WINDOWS\system32\CAMOCX32.dll
2008-07-22 16:06:27 122880 --a------ C:\WINDOWS\system32\CNETCFG3232.dll
2008-07-22 16:05:47 122880 --a------ C:\WINDOWS\system32\ctafrcan32.dll
2008-07-22 16:05:04 122880 --a------ C:\WINDOWS\system32\blackbox32.dll
2008-07-22 16:04:24 122880 --a------ C:\WINDOWS\system32\CLICONFG32.dll
2008-07-22 16:03:44 122880 --a------ C:\WINDOWS\system32\CRYPTSVC32.dll
2008-07-22 16:03:04 122880 --a------ C:\WINDOWS\system32\BIDISPL32.dll
2008-07-22 16:02:24 122880 --a------ C:\WINDOWS\system32\CLB323232.dll
2008-07-22 16:01:44 122880 --a------ C:\WINDOWS\system32\CRYPTEXT3232.dll
2008-07-22 16:01:04 122880 --a------ C:\WINDOWS\system32\AVWAV32.dll
2008-07-22 16:00:24 122880 --a------ C:\WINDOWS\system32\CIADMIN3232.dll
2008-07-22 15:59:42 122880 --a------ C:\WINDOWS\system32\DMCONFIG32.dll
2008-07-22 15:59:02 122880 --a------ C:\WINDOWS\system32\DATIME323232.dll
2008-07-22 15:58:22 122880 --a------ C:\WINDOWS\system32\DHCPMON323232.dll
2008-07-22 15:57:42 122880 --a------ C:\WINDOWS\system32\dlyegice32323232.dll
2008-07-22 15:57:01 122880 --a------ C:\WINDOWS\system32\D3DXOF3232.dll
2008-07-22 15:56:21 122880 --a------ C:\WINDOWS\system32\DGRPSETU3232.dll
2008-07-22 15:55:41 122880 --a------ C:\WINDOWS\system32\dlbtutil32.dll
2008-07-22 15:55:01 122880 --a------ C:\WINDOWS\system32\D3DIM70032323232.dll
2008-07-22 15:54:20 122880 --a------ C:\WINDOWS\system32\DFSSHLEX32.dll
2008-07-22 15:53:33 122880 --a------ C:\WINDOWS\system32\dkliuwyv32.dll
2008-07-22 15:52:50 122880 --a------ C:\WINDOWS\system32\DMLOADER32.dll
2008-07-22 15:52:10 122880 --a------ C:\WINDOWS\system32\DBGHELP3232.dll
2008-07-22 15:51:26 122880 --a------ C:\WINDOWS\system32\dhcpcsvc32.dll
2008-07-22 15:50:44 122880 --a------ C:\WINDOWS\system32\dlbtusb132.dll
2008-07-22 15:50:04 122880 --a------ C:\WINDOWS\system32\D3D93232.dll
2008-07-22 15:49:23 122880 --a------ C:\WINDOWS\system32\DFRGRES323232.dll
2008-07-22 15:48:43 122880 --a------ C:\WINDOWS\system32\dlbtpplc3232.dll
2008-07-22 15:48:03 122880 --a------ C:\WINDOWS\system32\cvkygkqr3232.dll
2008-07-22 15:47:19 122880 --a------ C:\WINDOWS\system32\DellSys32.dll
2008-07-22 15:46:36 122880 --a------ C:\WINDOWS\system32\DISPEX32.dll
2008-07-22 15:45:52 122880 --a------ C:\WINDOWS\system32\DMDSKMGR3232.dll
2008-07-22 15:45:12 122880 --a------ C:\WINDOWS\system32\D3DXOF32.dll
2008-07-22 15:44:31 122880 --a------ C:\WINDOWS\system32\DGSETUP32.dll
2008-07-22 15:43:51 122880 --a------ C:\WINDOWS\system32\DMBAND32.dll
2008-07-22 15:43:09 122880 --a------ C:\WINDOWS\system32\D3D83232.dll
2008-07-22 15:42:29 122880 --a------ C:\WINDOWS\system32\DFRGSNAP32.dll
2008-07-22 15:41:48 122880 --a------ C:\WINDOWS\system32\dlbtprox32.dll
2008-07-22 15:41:08 122880 --a------ C:\WINDOWS\system32\CSSEQCHK3232.dll
2008-07-22 15:40:28 122880 --a------ C:\WINDOWS\system32\DESKPERF3232.dll
2008-07-22 15:39:47 122880 --a------ C:\WINDOWS\system32\dlbtjswr32.dll
2008-07-22 15:39:07 122880 --a------ C:\WINDOWS\system32\CRYPTUI32.dll
2008-07-22 15:38:24 122880 --a------ C:\WINDOWS\system32\DCIMAN323232.dll
2008-07-22 15:37:43 122880 --a------ C:\WINDOWS\system32\diudxumi32.dll
2008-07-22 15:37:01 122880 --a------ C:\WINDOWS\system32\COMRES3232.dll
2008-07-22 15:36:21 122880 --a------ C:\WINDOWS\system32\DATACLEN32.dll
2008-07-22 15:35:40 122880 --a------ C:\WINDOWS\system32\DIACTFRM3232.dll
2008-07-22 15:34:58 122880 --a------ C:\WINDOWS\system32\DMDSKMGR32.dll
2008-07-22 15:34:18 122880 --a------ C:\WINDOWS\system32\D3D932.dll
2008-07-22 15:33:38 122880 --a------ C:\WINDOWS\system32\DGNET3232323232.dll
2008-07-22 15:32:57 122880 --a------ C:\WINDOWS\system32\dlyegice323232.dll
2008-07-22 15:32:17 122880 --a------ C:\WINDOWS\system32\CTL3D3232.dll
2008-07-22 15:31:36 122880 --a------ C:\WINDOWS\system32\DEVMGR3232.dll
2008-07-22 15:30:56 122880 --a------ C:\WINDOWS\system32\dlbtsnls3232.dll
2008-07-22 15:30:16 122880 --a------ C:\WINDOWS\system32\CSCDLL32.dll
2008-07-22 15:29:36 122880 --a------ C:\WINDOWS\system32\DESKMON323232.dll
2008-07-22 15:28:56 122880 --a------ C:\WINDOWS\system32\dlbtpplc32.dll
2008-07-22 15:28:15 122880 --a------ C:\WINDOWS\system32\CRYPTDLL3232.dll
2008-07-22 15:27:34 122880 --a------ C:\WINDOWS\system32\DDEML3232.dll
2008-07-22 15:26:51 122880 --a------ C:\WINDOWS\system32\djxacpdq3232.dll
2008-07-22 15:26:11 122880 --a------ C:\WINDOWS\system32\comrepl323232.dll
2008-07-22 15:25:31 122880 --a------ C:\WINDOWS\system32\DATIME3232.dll
2008-07-22 15:24:51 122880 --a------ C:\WINDOWS\system32\DISKCOPY3232.dll
2008-07-22 15:24:10 122880 --a------ C:\WINDOWS\system32\comctl323232.dll
2008-07-22 15:23:29 122880 --a------ C:\WINDOWS\system32\D3DIM700323232.dll
2008-07-22 15:22:49 122880 --a------ C:\WINDOWS\system32\DIACTFRM32.dll
2008-07-22 15:22:09 122880 --a------ C:\WINDOWS\system32\CNETCFG32.dll
2008-07-22 15:21:28 122880 --a------ C:\WINDOWS\system32\D3D832.dll
2008-07-22 15:20:47 122880 --a------ C:\WINDOWS\system32\DGNET32323232.dll
2008-07-22 15:20:06 122880 --a------ C:\WINDOWS\system32\clbcatex3232.dll
2008-07-22 15:19:26 122880 --a------ C:\WINDOWS\system32\CSCUI3232.dll
2008-07-22 15:18:46 122880 --a------ C:\WINDOWS\system32\DFRGRES3232.dll
2008-07-22 15:18:05 122880 --a------ C:\WINDOWS\system32\chuzwb32.dll
2008-07-22 15:17:25 122880 --a------ C:\WINDOWS\system32\CRYPTEXT32.dll
2008-07-22 15:16:45 122880 --a------ C:\WINDOWS\system32\DESKMON3232.dll
2008-07-22 15:16:04 122880 --a------ C:\WINDOWS\system32\cdosys32.dll
2008-07-22 15:15:24 122880 --a------ C:\WINDOWS\system32\CREDUI32.dll
2008-07-22 15:14:44 122880 --a------ C:\WINDOWS\system32\DDRAWEX32.dll
2008-07-22 15:14:03 122880 --a------ C:\WINDOWS\system32\CCFGNT32.dll
2008-07-22 15:13:23 122880 --a------ C:\WINDOWS\system32\COMSNAP32.dll
2008-07-22 15:12:42 122880 --a------ C:\WINDOWS\system32\DBGHELP32.dll
2008-07-22 15:12:01 122880 --a------ C:\WINDOWS\system32\CABINET32.dll
2008-07-22 15:11:19 122880 --a------ C:\WINDOWS\system32\CNVFAT3232.dll
2008-07-22 15:10:39 122880 --a------ C:\WINDOWS\system32\D3DRAMP32.dll
2008-07-22 15:09:58 122880 --a------ C:\WINDOWS\system32\DINPUT3232.dll
2008-07-22 15:08:35 122880 --a------ C:\WINDOWS\system32\CSSEQCHK32.dll
2008-07-22 15:07:55 122880 --a------ C:\WINDOWS\system32\DGRPSETU32.dll
2008-07-22 15:07:14 122880 --a------ C:\WINDOWS\system32\CFGMGR3232.dll
2008-07-22 15:06:34 122880 --a------ C:\WINDOWS\system32\CRYPTNET3232.dll
2008-07-22 15:05:53 122880 --a------ C:\WINDOWS\system32\DEVMGR32.dll
2008-07-22 15:05:13 122880 --a------ C:\WINDOWS\system32\cdm3232.dll
2008-07-22 15:04:33 122880 --a------ C:\WINDOWS\system32\CRTDLL32.dll
2008-07-22 15:03:53 122880 --a------ C:\WINDOWS\system32\DESKMON32.dll
2008-07-22 15:03:11 122880 --a------ C:\WINDOWS\system32\CAPESNPN32.dll
2008-07-22 15:02:31 122880 --a------ C:\WINDOWS\system32\comrepl3232.dll
2008-07-22 15:01:51 122880 --a------ C:\WINDOWS\system32\DCIMAN3232.dll
2008-07-22 15:01:11 122880 --a------ C:\WINDOWS\system32\bwpijnci32.dll
2008-07-22 15:00:31 122880 --a------ C:\WINDOWS\system32\COMMDLG32.dll
2008-07-22 14:59:50 122880 --a------ C:\WINDOWS\system32\ejyniscc32.dll
2008-07-22 14:59:10 122880 --a------ C:\WINDOWS\system32\dlbthbn1323232.dll
2008-07-22 14:58:30 122880 --a------ C:\WINDOWS\system32\DPNET3232.dll
2008-07-22 14:57:50 122880 --a------ C:\WINDOWS\system32\eghdgtrg32.dll
2008-07-22 14:57:10 122880 --a------ C:\WINDOWS\system32\dlbtcu32.dll
2008-07-22 14:56:30 122880 --a------ C:\WINDOWS\system32\DPLAYX32.dll
2008-07-22 14:55:48 122880 --a------ C:\WINDOWS\system32\dulefoji32.dll
2008-07-22 14:55:08 122880 --a------ C:\WINDOWS\system32\DINPUT832.dll
2008-07-22 14:54:27 122880 --a------ C:\WINDOWS\system32\DMUTIL3232.dll
2008-07-22 14:53:47 122880 --a------ C:\WINDOWS\system32\DSQUERY32.dll
2008-07-22 14:53:07 122880 --a------ C:\WINDOWS\system32\DHCPMON3232.dll
2008-07-22 14:52:27 122880 --a------ C:\WINDOWS\system32\DMSTYLE32.dll
2008-07-22 14:51:47 122880 --a------ C:\WINDOWS\system32\DSOUND3D32.dll
2008-07-22 14:51:07 122880 --a------ C:\WINDOWS\system32\DGNET323232.dll
2008-07-22 14:50:27 122880 --a------ C:\WINDOWS\system32\DMOCX32.dll
2008-07-22 14:49:47 122880 --a------ C:\WINDOWS\system32\DSKQUOTA3232.dll
2008-07-22 14:49:07 122880 --a------ C:\WINDOWS\system32\DFRGRES32.dll
2008-07-22 14:48:27 122880 --a------ C:\WINDOWS\system32\DMDSKRES32.dll
2008-07-22 14:47:47 122880 --a------ C:\WINDOWS\system32\DSAUTH32.dll
2008-07-22 14:47:07 122880 --a------ C:\WINDOWS\system32\DESKADP3232.dll
2008-07-22 14:46:26 122880 --a------ C:\WINDOWS\system32\dlyegice3232.dll
2008-07-22 14:45:45 122880 --a------ C:\WINDOWS\system32\DPWSOCKX32.dll
2008-07-22 14:45:04 122880 --a------ C:\WINDOWS\system32\DAVCLNT3232.dll
2008-07-22 14:44:24 122880 --a------ C:\WINDOWS\system32\dlbtpmui3232.dll
2008-07-22 14:43:44 122880 --a------ C:\WINDOWS\system32\DPSERIAL3232.dll
2008-07-22 14:43:04 122880 --a------ C:\WINDOWS\system32\danim3232.dll
2008-07-22 14:42:24 122880 --a------ C:\WINDOWS\system32\dlbthbn13232.dll
2008-07-22 14:41:44 122880 --a------ C:\WINDOWS\system32\DPNMODEM32.dll
2008-07-22 14:41:04 122880 --a------ C:\WINDOWS\system32\D3DIM7003232.dll
2008-07-22 14:40:24 122880 --a------ C:\WINDOWS\system32\dlbtcomm32.dll
2008-07-22 14:39:44 122880 --a------ C:\WINDOWS\system32\DPNHUPNP32.dll
2008-07-22 14:39:03 122880 --a------ C:\WINDOWS\system32\cvkygkqr32.dll
2008-07-22 14:38:23 122880 --a------ C:\WINDOWS\system32\DISKCOPY32.dll
2008-07-22 14:37:43 122880 --a------ C:\WINDOWS\system32\DPLAY3232.dll
2008-07-22 14:37:03 122880 --a------ C:\WINDOWS\system32\CSRSRV32.dll
2008-07-22 14:36:23 122880 --a------ C:\WINDOWS\system32\DIMAP32.dll
2008-07-22 14:35:43 122880 --a------ C:\WINDOWS\system32\DOCPROP23232.dll
2008-07-22 14:35:03 122880 --a------ C:\WINDOWS\system32\CRYPTNET32.dll
2008-07-22 14:34:23 122880 --a------ C:\WINDOWS\system32\DHCPMON32.dll
2008-07-22 14:33:43 122880 --a------ C:\WINDOWS\system32\dnsrslvr3232.dll
2008-07-22 14:33:03 122880 --a------ C:\WINDOWS\system32\CRYPT3232.dll
2008-07-22 14:32:23 122880 --a------ C:\WINDOWS\system32\DGNET3232.dll
2008-07-22 14:31:43 122880 --a------ C:\WINDOWS\system32\DMUTIL32.dll
2008-07-22 14:31:01 122880 --a------ C:\WINDOWS\system32\comrepl32.dll
2008-07-22 14:30:21 122880 --a------ C:\WINDOWS\system32\DESKADP32.dll
2008-07-22 14:29:41 122880 --a------ C:\WINDOWS\system32\DMINTF32.dll
2008-07-22 14:29:01 122880 --a------ C:\WINDOWS\system32\comctl3232.dll
2008-07-22 14:28:21 122880 --a------ C:\WINDOWS\system32\DDEML32.dll
2008-07-22 14:27:41 122880 --a------ C:\WINDOWS\system32\DMDLGS3232.dll
2008-07-22 14:27:01 122880 --a------ C:\WINDOWS\system32\CNVFAT32.dll
2008-07-22 14:26:20 122880 --a------ C:\WINDOWS\system32\DAVCLNT32.dll
2008-07-22 14:25:40 122880 --a------ C:\WINDOWS\system32\dlbtvs32.dll
2008-07-22 14:25:00 122880 --a------ C:\WINDOWS\system32\CMDIAL3232.dll
2008-07-22 14:24:20 122880 --a------ C:\WINDOWS\system32\danim32.dll
2008-07-22 14:23:40 122880 --a------ C:\WINDOWS\system32\dlbtsnls32.dll
2008-07-22 14:23:00 122880 --a------ C:\WINDOWS\system32\clbcatex32.dll
2008-07-22 14:22:20 122880 --a------ C:\WINDOWS\system32\D3DIM70032.dll
2008-07-22 14:21:40 122880 --a------ C:\WINDOWS\system32\dlbtpmui32.dll
2008-07-22 14:21:00 122880 --a------ C:\WINDOWS\system32\CIADMIN32.dll
2008-07-22 14:20:20 122880 --a------ C:\WINDOWS\system32\D3D8THK32.dll
2008-07-22 14:19:40 122880 --a------ C:\WINDOWS\system32\dlbthbn132.dll
2008-07-22 14:18:59 122880 --a------ C:\WINDOWS\system32\DPVVOX32.dll
2008-07-22 14:18:19 122880 --a------ C:\WINDOWS\system32\CSCUI32.dll
2008-07-22 14:17:39 122880 --a------ C:\WINDOWS\system32\djxacpdq32.dll
2008-07-22 14:16:59 122880 --a------ C:\WINDOWS\system32\DPSERIAL32.dll
2008-07-22 14:16:19 122880 --a------ C:\WINDOWS\system32\CRYPTDLL32.dll
2008-07-22 14:15:39 122880 --a------ C:\WINDOWS\system32\DINPUT32.dll
2008-07-22 14:14:59 122880 --a------ C:\WINDOWS\system32\DPNLOBBY3232.dll
2008-07-22 14:14:19 122880 --a------ C:\WINDOWS\system32\corpol32.dll
2008-07-22 14:13:39 122880 --a------ C:\WINDOWS\system32\DHCPSAPI32.dll
2008-07-22 14:12:59 122880 --a------ C:\WINDOWS\system32\DPNET32.dll
2008-07-22 14:12:19 122880 --a------ C:\WINDOWS\system32\COMRES32.dll
2008-07-22 14:11:39 122880 --a------ C:\WINDOWS\system32\DGNET32.dll
2008-07-22 14:10:59 122880 --a------ C:\WINDOWS\system32\DPLAY32.dll
2008-07-22 14:10:18 122880 --a------ C:\WINDOWS\system32\COMCAT32.dll
2008-07-22 14:09:38 122880 --a------ C:\WINDOWS\system32\DESKPERF32.dll
2008-07-22 14:08:58 122880 --a------ C:\WINDOWS\system32\dnsrslvr32.dll
2008-07-22 14:08:18 122880 --a------ C:\WINDOWS\system32\CMUTIL32.dll
2008-07-22 14:07:38 122880 --a------ C:\WINDOWS\system32\DDRAW32.dll
2008-07-22 14:06:58 122880 --a------ C:\WINDOWS\system32\DMSYNTH32.dll
2008-07-22 14:06:18 122880 --a------ C:\WINDOWS\system32\CMCFG3232.dll
2008-07-22 14:05:38 122880 --a------ C:\WINDOWS\system32\DBNETLIB32.dll
2008-07-22 14:04:58 122880 --a------ C:\WINDOWS\system32\DMSCRIPT32.dll
2008-07-22 14:04:18 122880 --a------ C:\WINDOWS\system32\CLB32.dll
2008-07-22 14:03:38 122880 --a------ C:\WINDOWS\system32\DATIME32.dll
2008-07-22 14:02:57 122880 --a------ C:\WINDOWS\system32\DMDLGS32.dll
2008-07-22 14:02:17 122880 --a------ C:\WINDOWS\system32\CERTMGR32.dll
2008-07-22 14:01:37 122880 --a------ C:\WINDOWS\system32\D3DIM32.dll
2008-07-22 14:00:57 122880 --a------ C:\WINDOWS\system32\dlyegice32.dll
2008-07-22 14:00:17 122880 --a------ C:\WINDOWS\system32\cdm32.dll
2008-07-22 13:59:37 122880 --a------ C:\WINDOWS\system32\foyjqsbr32.dll
2008-07-22 13:58:57 122880 --a------ C:\WINDOWS\system32\hdopsbwt32.dll
2008-07-22 13:55:37 122880 --a------ C:\WINDOWS\system32\fkqrmlkt32.dll
2008-07-09 12:08:12 0 d-------- C:\Documents and Settings\Shana\Application Data\MSNInstaller
2008-07-08 11:53:36 118784 --a------ C:\WINDOWS\system32\FILEMGMT32.dll
2008-07-03 11:50:34 102912 --a------ C:\WINDOWS\system32\tgywpn.dll
2008-07-03 11:50:32 102912 --a------ C:\WINDOWS\system32\lcmnteve.dll
2008-07-01 11:44:34 103424 --a------ C:\WINDOWS\system32\owtzxc.dll
2008-07-01 11:44:32 103424 --a------ C:\WINDOWS\system32\blucjpcd.dll
2008-06-30 17:03:00 0 d-------- C:\Documents and Settings\Shana\Application Data\U3


-- Find3M Report ---------------------------------------------------------------

2008-07-30 11:17:07 11 --ahs---- C:\Documents and Settings\Administrator\Application Data\02000000a56674bbO.manifest
2008-07-30 11:16:57 11 --ahs---- C:\Documents and Settings\Administrator\Application Data\02000000a56674bbS.manifest
2008-07-30 11:16:57 13 --ahs---- C:\Documents and Settings\Administrator\Application Data\02000000a56674bbC.manifest
2008-07-30 11:16:56 447 --ahs---- C:\Documents and Settings\Administrator\Application Data\02000000a56674bbP.manifest
2008-07-30 11:16:55 0 --ahs---- C:\Documents and Settings\Administrator\Application Data\02000000a56674bbR.manifest
2008-07-28 23:18:00 0 d-------- C:\Program Files\Support.com
2008-07-28 22:55:12 0 d-------- C:\Program Files\Common Files
2008-07-28 18:00:00 11970 --a------ C:\logfile
2008-06-27 16:57:39 102912 --a------ C:\WINDOWS\system32\qrfmefjw.dll
2008-06-27 16:57:39 102912 --a------ C:\WINDOWS\system32\hsjitn.dll
2008-06-17 17:52:02 0 d-------- C:\Program Files\QuickTime
2008-06-17 17:49:20 0 d-------- C:\Program Files\Kodak
2008-06-17 17:47:56 0 d-------- C:\Program Files\Common Files\Kodak
2008-06-16 20:54:53 0 d-------- C:\Program Files\Dl_cats
2008-06-03 17:35:28 1781 --a------ C:\xcrashdump.dat
2008-05-30 15:44:38 134144 --a------ C:\WINDOWS\system32\aadstlck.dll
2008-05-21 20:19:58 135680 --a------ C:\WINDOWS\system32\wmvcomjw.dll
2008-05-20 19:11:04 135168 --a------ C:\WINDOWS\system32\vtbtbikw.dll


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CC677620-788F-46C8-87DA-D1D0F10581BB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DLBTCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll" [11/09/2004 04:41 PM]
"MCUpdateExe"="C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe" [01/11/2006 01:05 PM]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\McAgent.exe" [09/22/2005 07:29 PM]
"MMTray"="C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [01/17/2006 01:03 PM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [09/01/2006 03:57 PM]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [07/19/2008 09:38 AM]
"HelpCenter4.1"="C:\Program Files\FastAccessDSL\HelpCenter43\bin\sprtcmd.exe" [06/18/2008 12:13 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [03/15/2007 11:09 AM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 05:00 AM]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [02/01/2008 03:32 PM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
DESKTOP.INI [8/10/2004 1:04:12 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DESKTOP.INI [8/10/2004 1:04:12 PM]
Kodak EasyShare software.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2/20/2007 5:10:26 AM]
KODAK Software Updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2/13/2004 2:12:08 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [05/13/2008 10:13 AM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 01:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\f477d0f5372]
C:\WINDOWS\System32\fkqrmlkt32.dll 07/22/2008 01:55 PM 122880 C:\WINDOWS\SYSTEM32\fkqrmlkt32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll 02/17/2008 02:37 PM 10792 C:\Program Files\Citrix\GoToAssist\480\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\qomlmlm]
qomlmlm.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=yjauqjex.dll,C:\WINDOWS\System32\fkqrmlkt32.dll,C:\WINDOWS\System32\hdopsbwt32.dll,C:\WINDOWS\System32\foyjqsbr32.dll,C:\WINDOWS\System32\cdm32.dll,C:\WINDOWS\System32\dlyegice32.dll,C:\WINDOWS\System32\D3DIM32.dll,C:\WINDOWS\System32\CERTMGR32.dll,C:\WINDOWS\System32\DMDLGS32.dll,C:\WINDOWS\System32\DATIME32.dll,C:\WINDOWS\System32\CLB32.dll,C:\WINDOWS\System32\DMSCRIPT32.dll,C:\WINDOWS\System32\DBNETLIB32.dll,C:\WINDOWS\System32\CMCFG3232.dll,C:\WINDOWS\System32\DMSYNTH32.dll,C:\WINDOWS\System32\DDRAW32.dll,C:\WINDOWS\System32\CMUTIL32.dll,C:\WINDOWS\System32\dnsrslvr32.dll,C:\WINDOWS\System32\DESKPERF32.dll,C:\WINDOWS\System32\COMCAT32.dll,C:\WINDOWS\System32\DPLAY32.dll,C:\WINDOWS\System32\DGNET32.dll,C:\WINDOWS\System32\COMRES32.dll,C:\WINDOWS\System32\DPNET32.dll,C:\WINDOWS\System32\DHCPSAPI32.dll,C:\WINDOWS\System32\corpol32.dll,C:\WINDOWS\System32\DPNLOBBY3232.dll,C:\WINDOWS\System32\DINPUT32.dll,C:\WINDOWS\System32\CRYPTDLL32.dll,C:\WINDOWS\System32\DPSERIAL32.dll,C:\WINDOWS\System32\djxacpdq32.dll,C:\WINDOWS\System32\CSCUI32.dll,C:\WINDOWS\System32\DPVVOX32.dll,C:\WINDOWS\System32\dlbthbn132.dll,C:\WINDOWS\System32\D3D8THK32.dll,C:\WINDOWS\System32\CIADMIN32.dll,C:\WINDOWS\System32\dlbtpmui32.dll,C:\WINDOWS\System32\D3DIM70032.dll,C:\WINDOWS\System32\clbcatex32.dll,C:\WINDOWS\System32\dlbtsnls32.dll,C:\WINDOWS\System32\danim32.dll,C:\WINDOWS\System32\CMDIAL3232.dll,C:\WINDOWS\System32\dlbtvs32.dll,C:\WINDOWS\System32\DAVCLNT32.dll,C:\WINDOWS\System32\CNVFAT32.dll,C:\WINDOWS\System32\DMDLGS3232.dll,C:\WINDOWS\System32\DDEML32.dll,C:\WINDOWS\System32\comctl3232.dll,C:\WINDOWS\System32\DMINTF32.dll,C:\WINDOWS\System32\DESKADP32.dll,C:\WINDOWS\System32\comrepl32.dll,C:\WINDOWS\System32\DMUTIL32.dll,C:\WINDOWS\System32\DGNET3232.dll,C:\WINDOWS\System32\CRYPT3232.dll,C:\WINDOWS\System32\dnsrslvr3232.dll,C:\WINDOWS\System32\DHCPMON32.dll,C:\WINDOWS\System32\CRYPTNET32.dll,C:\WINDOWS\System32\DOCPROP23232.dll,C:\WINDOWS\System32\DIMAP32.dll,C:\WINDOWS\System32\CSRSRV32.dll,C:\WINDOWS\System32\DPLAY3232.dll,C:\WINDOWS\System32\DISKCOPY32.dll,C:\WINDOWS\System32\cvkygkqr32.dll,C:\WINDOWS\System32\DPNHUPNP32.dll,C:\WINDOWS\System32\dlbtcomm32.dll,C:\WINDOWS\System32\D3DIM7003232.dll,C:\WINDOWS\System32\DPNMODEM32.dll,C:\WINDOWS\System32\dlbthbn13232.dll,C:\WINDOWS\System32\danim3232.dll,C:\WINDOWS\System32\DPSERIAL3232.dll,C:\WINDOWS\System32\dlbtpmui3232.dll,C:\WINDOWS\System32\DAVCLNT3232.dll,C:\WINDOWS\System32\DPWSOCKX32.dll,C:\WINDOWS\System32\dlyegice3232.dll,C:\WINDOWS\System32\DESKADP3232.dll,C:\WINDOWS\System32\DSAUTH32.dll,C:\WINDOWS\System32\DMDSKRES32.dll,C:\WINDOWS\System32\DFRGRES32.dll,C:\WINDOWS\System32\DSKQUOTA3232.dll,C:\WINDOWS\System32\DMOCX32.dll,C:\WINDOWS\System32\DGNET323232.dll,C:\WINDOWS\System32\DSOUND3D32.dll,C:\WINDOWS\System32\DMSTYLE32.dll,C:\WINDOWS\System32\DHCPMON3232.dll,C:\WINDOWS\System32\DSQUERY32.dll,C:\WINDOWS\System32\DMUTIL3232.dll,C:\WINDOWS\System32\DINPUT832.dll,C:\WINDOWS\System32\dulefoji32.dll,C:\WINDOWS\System32\DPLAYX32.dll,C:\WINDOWS\System32\dlbtcu32.dll,C:\WINDOWS\System32\eghdgtrg32.dll,C:\WINDOWS\System32\DPNET3232.dll,C:\WINDOWS\System32\dlbthbn1323232.dll,C:\WINDOWS\System32\ejyniscc32.dll,C:\WINDOWS\System32\COMMDLG32.dll,C:\WINDOWS\System32\bwpijnci32.dll,C:\WINDOWS\System32\DCIMAN3232.dll,C:\WINDOWS\System32\comrepl3232.dll,C:\WINDOWS\System32\CAPESNPN32.dll,C:\WINDOWS\System32\DESKMON32.dll,C:\WINDOWS\System32\CRTDLL32.dll,C:\WINDOWS\System32\cdm3232.dll,C:\WINDOWS\System32\DEVMGR32.dll,C:\WINDOWS\System32\CRYPTNET3232.dll,C:\WINDOWS\System32\CFGMGR3232.dll,C:\WINDOWS\System32\DGRPSETU32.dll,C:\WINDOWS\System32\CSSEQCHK32.dll,C:\WINDOWS\System32\DINPUT3232.dll,C:\WINDOWS\System32\D3DRAMP32.dll,C:\WINDOWS\System32\CNVFAT3232.dll,C:\WINDOWS\System32\CABINET32.dll,C:\WINDOWS\System32\DBGHELP32.dll,C:\WINDOWS\System32\COMSNAP32.dll,C:\WINDOWS\System32\CCFGNT32.dll,C:\WINDOWS\System32\DDRAWEX32.dll,C:\WINDOWS\System32\CREDUI32.dll,C:\WINDOWS\System32\cdosys32.dll,C:\WINDOWS\System32\DESKMON3232.dll,C:\WINDOWS\System32\CRYPTEXT32.dll,C:\WINDOWS\System32\chuzwb32.dll,C:\WINDOWS\System32\DFRGRES3232.dll,C:\WINDOWS\System32\CSCUI3232.dll,C:\WINDOWS\System32\clbcatex3232.dll,C:\WINDOWS\System32\DGNET32323232.dll,C:\WINDOWS\System32\D3D832.dll,C:\WINDOWS\System32\CNETCFG32.dll,C:\WINDOWS\System32\DIACTFRM32.dll,C:\WINDOWS\System32\D3DIM700323232.dll,C:\WINDOWS\System32\comctl323232.dll,C:\WINDOWS\System32\DISKCOPY3232.dll,C:\WINDOWS\System32\DATIME3232.dll,C:\WINDOWS\System32\comrepl323232.dll,C:\WINDOWS\System32\djxacpdq3232.dll,C:\WINDOWS\System32\DDEML3232.dll,C:\WINDOWS\System32\CRYPTDLL3232.dll,C:\WINDOWS\System32\dlbtpplc32.dll,C:\WINDOWS\System32\DESKMON323232.dll,C:\WINDOWS\System32\CSCDLL32.dll,C:\WINDOWS\System32\dlbtsnls3232.dll,C:\WINDOWS\System32\DEVMGR3232.dll,C:\WINDOWS\System32\CTL3D3232.dll,C:\WINDOWS\System32\dlyegice323232.dll,C:\WINDOWS\System32\DGNET3232323232.dll,C:\WINDOWS\System32\D3D932.dll,C:\WINDOWS\System32\DMDSKMGR32.dll,C:\WINDOWS\System32\DIACTFRM3232.dll,C:\WINDOWS\System32\DATACLEN32.dll,C:\WINDOWS\System32\COMRES3232.dll,C:\WINDOWS\System32\diudxumi32.dll,C:\WINDOWS\System32\DCIMAN323232.dll,C:\WINDOWS\System32\CRYPTUI32.dll,C:\WINDOWS\System32\dlbtjswr32.dll,C:\WINDOWS\System32\DESKPERF3232.dll,C:\WINDOWS\System32\CSSEQCHK3232.dll,C:\WINDOWS\System32\dlbtprox32.dll,C:\WINDOWS\System32\DFRGSNAP32.dll,C:\WINDOWS\System32\D3D83232.dll,C:\WINDOWS\System32\DMBAND32.dll,C:\WINDOWS\System32\DGSETUP32.dll,C:\WINDOWS\System32\D3DXOF32.dll,C:\WINDOWS\System32\DMDSKMGR3232.dll,C:\WINDOWS\System32\DISPEX32.dll,C:\WINDOWS\System32\DellSys32.dll,C:\WINDOWS\System32\cvkygkqr3232.dll,C:\WINDOWS\System32\dlbtpplc3232.dll,C:\WINDOWS\System32\DFRGRES323232.dll,C:\WINDOWS\System32\D3D93232.dll,C:\WINDOWS\System32\dlbtusb132.dll,C:\WINDOWS\System32\dhcpcsvc32.dll,C:\WINDOWS\System32\DBGHELP3232.dll,C:\WINDOWS\System32\DMLOADER32.dll,C:\WINDOWS\System32\dkliuwyv32.dll,C:\WINDOWS\System32\DFSSHLEX32.dll,C:\WINDOWS\System32\D3DIM70032323232.dll,C:\WINDOWS\System32\dlbtutil32.dll,C:\WINDOWS\System32\DGRPSETU3232.dll,C:\WINDOWS\System32\D3DXOF3232.dll,C:\WINDOWS\System32\dlyegice32323232.dll,C:\WINDOWS\System32\DHCPMON323232.dll,C:\WINDOWS\System32\DATIME323232.dll,C:\WINDOWS\System32\DMCONFIG32.dll,C:\WINDOWS\System32\CIADMIN3232.dll,C:\WINDOWS\System32\AVWAV32.dll,C:\WINDOWS\System32\CRYPTEXT3232.dll,C:\WINDOWS\System32\CLB323232.dll,C:\WINDOWS\System32\BIDISPL32.dll,C:\WINDOWS\System32\CRYPTSVC32.dll,C:\WINDOWS\System32\CLICONFG32.dll,C:\WINDOWS\System32\blackbox32.dll,C:\WINDOWS\System32\ctafrcan32.dll,C:\WINDOWS\System32\CNETCFG3232.dll,C:\WINDOWS\System32\CAMOCX32.dll,C:\WINDOWS\System32\cytqbjdu32.dll,C:\WINDOWS\System32\COMDLG3232.dll,C:\WINDOWS\System32\cbXOhiGX32.dll,C:\WINDOWS\System32\D3DIM3232.dll,C:\WINDOWS\System32\COMSNAP3232.dll,C:\WINDOWS\System32\cewmdm32.dll,C:\WINDOWS\System32\DBMSRPCN32.dll,C:\WINDOWS\System32\CRYPTSVC3232.dll,C:\WINDOWS\System32\CMPROPS32.dll,C:\WINDOWS\System32\CAPESNPN3232.dll,C:\WINDOWS\System32\CTL3DV232.dll,C:\WINDOWS\System32\COMCAT3232.dll,C:\WINDOWS\System32\cbxidked32.dll,C:\WINDOWS\System32\D3D8THK3232.dll,C:\WINDOWS\System32\comrepl32323232.dll,C:\WINDOWS\System32\cewmdm3232.dll,C:\WINDOWS\System32\DATACLEN3232.dll,C:\WINDOWS\System32\CRYPTNET323232.dll,C:\WINDOWS\System32\CMDIAL323232.dll,C:\WINDOWS\System32\cdm323232.dll,C:\WINDOWS\System32\D3D8323232.dll,C:\WINDOWS\System32\comrepl3232323232.dll,C:\WINDOWS\System32\CLB32323232.dll,C:\WINDOWS\System32\DATACLEN323232.dll,C:\WINDOWS\System32\CTL3DV23232.dll,C:\WINDOWS\System32\COMMDLG3232.dll,C:\WINDOWS\System32\DEVENUM32.dll,C:\WINDOWS\System32\D3DPMESH32.dll,C:\WINDOWS\System32\CRTDLL3232.dll,C:\WINDOWS\System32\CMCFG323232.dll,C:\WINDOWS\System32\DATACLEN32323232.dll,C:\WINDOWS\System32\CRYPTUI3232.dll,C:\WINDOWS\System32\colbact32.dll,C:\WINDOWS\System32\DEVENUM3232.dll,C:\WINDOWS\System32\D3DIM7003232323232.dll,C:\WINDOWS\System32\CREDUI3232.dll,C:\WINDOWS\System32\DFRGUI32.dll,C:\WINDOWS\System32\D3DRM32.dll,C:\WINDOWS\System32\CRYPTDLG32.dll,C:\WINDOWS\System32\cmsetACL32.dll,C:\WINDOWS\System32\DBNETLIB3232.dll,C:\WINDOWS\System32\CTL3D323232.dll,C:\WINDOWS\System32\COMPSTUI32.dll,C:\WINDOWS\System32\DellSys3232.dll,C:\WINDOWS\System32\D3D8THK323232.dll,C:\WINDOWS\System32\COMSNAP323232.dll,C:\WINDOWS\System32\DESKMON32323232.dll,C:\WINDOWS\System32\D3DPMESH3232.dll,C:\WINDOWS\System32\ctafrcan3232.dll,C:\WINDOWS\System32\comuid32.dll,C:\WINDOWS\System32\DESKPERF323232.dll,C:\WINDOWS\System32\D3DIM700323232323232.dll,C:\WINDOWS\System32\CRYPT323232.dll,C:\WINDOWS\System32\DFRGRES32323232.dll,C:\WINDOWS\System32\DATACLEN3232323232.dll,C:\WINDOWS\System32\CSRSRV3232.dll,C:\WINDOWS\System32\DHCPMON32323232.dll,C:\WINDOWS\System32\DBNMPNTW32.dll,C:\WINDOWS\System32\CTL3DV2323232.dll,C:\WINDOWS\System32\DINPUT83232.dll,C:\WINDOWS\System32\DESKMON3232323232.dll,C:\WINDOWS\System32\D3DPMESH323232.dll,C:\WINDOWS\System32\CRYPTDLL323232.dll,C:\WINDOWS\System32\DEVMGR323232.dll,C:\WINDOWS\System32\D3DRM3232.dll,C:\WINDOWS\System32\CRYPTUI323232.dll,C:\WINDOWS\System32\DGNET323232323232.dll,C:\WINDOWS\System32\DDRAWEX3232.dll,C:\WINDOWS\System32\D3D8THK32323232.dll,C:\WINDOWS\System32\DINPUT8323232.dll,C:\WINDOWS\System32\DESKMON323232323232.dll,C:\WINDOWS\System32\D3DIM70032323232323232.dll,C:\WINDOWS\System32\djxacpdq323232.dll,C:\WINDOWS\System32\DESKPERF32323232.dll,C:\WINDOWS\System32\D3DXOF323232.dll,C:\WINDOWS\System32\dlbtgf32.dll,C:\WINDOWS\System32\CNVFAT323232.dll,C:\WINDOWS\System32\cbXOhiGX3232.dll,C:\WINDOWS\System32\CRYPTUI32323232.dll,C:\WINDOWS\System32\COMDLG323232.dll,C:\WINDOWS\System32\cdosys3232.dll,C:\WINDOWS\System32\compatUI32.dll,C:\WINDOWS\System32\CIADMIN323232.dll,C:\WINDOWS\System32\bkxskimw32.dll,C:\WINDOWS\System32\COMSNAP32323232.dll,C:\WINDOWS\System32\CLB3232323232.dll,C:\WINDOWS\System32\BROWSEWM32.dll,C:\WINDOWS\System32\CONFMSP32.dll,C:\WINDOWS\System32\CMPBK3232.dll,C:\WINDOWS\System32\CAPESNPN323232.dll,C:\WINDOWS\System32\CRYPTUI3232323232.dll,C:\WINDOWS\System32\COMPSTUI3232.dll,C:\WINDOWS\System32\chuzwb3232.dll,C:\WINDOWS\System32\BTHSERV32.dll,C:\WINDOWS\System32\CONFMSP3232.dll,C:\WINDOWS\System32\CMPROPS3232.dll,C:\WINDOWS\System32\CATSRVPS32.dll,C:\WINDOWS\System32\CRYPTDLG3232.dll,C:\WINDOWS\System32\CNBJMON32.dll,C:\WINDOWS\System32\cbXOhiGX323232.dll,C:\WINDOWS\System32\CRYPTEXT323232.dll,C:\WINDOWS\System32\compatUI3232.dll,C:\WINDOWS\System32\CIC32.dll,C:\WINDOWS\System32\cytqbjdu3232.dll,C:\WINDOWS\System32\CONFMSP323232.dll,C:\WINDOWS\System32\CNBJMON3232.dll,C:\WINDOWS\System32\CCFGNT3232.dll,C:\WINDOWS\System32\CRYPTEXT32323232.dll,C:\WINDOWS\System32\comsvcs32.dll,C:\WINDOWS\System32\cmirndrh32.dll,C:\WINDOWS\System32\D3D8THK3232323232.dll,C:\WINDOWS\System32\CRYPTDLG323232.dll,C:\WINDOWS\System32\CNVFAT32323232.dll,C:\WINDOWS\System32\D3DIM7003232323232323232.dll,C:\WINDOWS\System32\CSCDLL3232.dll,C:\WINDOWS\System32\COMPSTUI323232.dll,C:\WINDOWS\System32\clbcatq32.dll,C:\WINDOWS\System32\D3D832323232.dll,C:\WINDOWS\System32\CRYPT32323232.dll,C:\WINDOWS\System32\CNETCFG323232.dll,C:\WINDOWS\System32\D3DRAMP3232.dll,C:\WINDOWS\System32\CLUSAPI32.dll,C:\WINDOWS\System32\D3D83232323232.dll,C:\WINDOWS\System32\CRYPT3232323232.dll,C:\WINDOWS\System32\colbact3232.dll,C:\WINDOWS\System32\cmirndrh3232.dll,C:\WINDOWS\System32\D3D9323232.dll,C:\WINDOWS\System32\CRYPTEXT3232323232.dll,C:\WINDOWS\System32\COMPSTUI32323232.dll,C:\WINDOWS\System32\D3DXOF32323232.dll,C:\WINDOWS\System32\ctafrcan323232.dll,C:\WINDOWS\System32\CONFMSP32323232.dll,C:\WINDOWS\System32\CMUTIL3232.dll,C:\WINDOWS\System32\cytqbjdu323232.dll,C:\WINDOWS\System32\CRYPT323232323232.dll,C:\WINDOWS\System32\CNVFAT3232323232.dll,C:\WINDOWS\System32\D3D932323232.dll,C:\WINDOWS\System32\CRYPTNET32323232.dll,C:\WINDOWS\System32\compatUI323232.dll,C:\WINDOWS\System32\D3DXOF3232323232.dll,C:\WINDOWS\System32\CSSEQCHK323232.dll,C:\WINDOWS\System32\comsvcs3232.dll,C:\WINDOWS\System32\danim323232.dll,C:\WINDOWS\System32\ctafrcan32323232.dll,C:\WINDOWS\System32\CRYPT32323232323232.dll,C:\WINDOWS\System32\DBNMPNTW3232.dll,C:\WINDOWS\System32\D3D93232323232.dll,C:\WINDOWS\System32\CRYPTSVC323232.dll,C:\WINDOWS\System32\comrepl323232323232.dll,C:\WINDOWS\System32\DBGENG32.dll,C:\WINDOWS\System32\D3D8THK323232323232.dll,C:\WINDOWS\System32\CRYPTEXT323232323232.dll,C:\WINDOWS\System32\DDEML323232.dll,C:\WINDOWS\System32\D3DXOF323232323232.dll,C:\WINDOWS\System32\DBGHELP323232.dll,C:\WINDOWS\System32\DBMSRPCN3232.dll,C:\WINDOWS\System32\DCIMAN32323232.dll,C:\WINDOWS\System32\DellSys323232.dll,C:\WINDOWS\System32\CNBJMON323232.dll,C:\WINDOWS\System32\CERTCLI32.dll,C:\WINDOWS\System32\betggeje32.dll,C:\WINDOWS\System32\CNVFAT323232323232.dll,C:\WINDOWS\System32\cewmdm323232.dll,C:\WINDOWS\System32\bkqkxada32.dll,C:\WINDOWS\System32\colbact323232.dll,C:\WINDOWS\System32\cfxjlmic32.dll,C:\WINDOWS\System32\blucjpcd32.dll,C:\WINDOWS\System32\COMCAT323232.dll,C:\WINDOWS\System32\clbcatq3232.dll,C:\WINDOWS\System32\capicom32.dll,C:\WINDOWS\System32\comrepl32323232323232.dll,C:\WINDOWS\System32\CMPROPS323232.dll,C:\WINDOWS\System32\cdfview32.dll,C:\WINDOWS\System32\comuid3232.dll,C:\WINDOWS\System32\CNVFAT32323232323232.dll,C:\WINDOWS\System32\chuzwb323232.dll,C:\WINDOWS\System32\BROWSEWM3232.dll,C:\WINDOWS\System32\comuid323232.dll,C:\WINDOWS\System32\CNBJMON32323232.dll,C:\WINDOWS\System32\CERTCLI3232.dll,C:\WINDOWS\System32\CONSOLE32.dll,C:\WINDOWS\System32\COMADDIN32.dll,C:\WINDOWS\System32\CIC3232.dll,C:\WINDOWS\System32\CAPESNPN32323232.dll,C:\WINDOWS\System32\COMPSTUI3232323232.dll,C:\WINDOWS\System32\CMPBK323232.dll,C:\WINDOWS\System32\cdintf32.dll,C:\WINDOWS\System32\comuid32323232.dll,C:\WINDOWS\System32\colbact32323232.dll,C:\WINDOWS\System32\CIADMIN32323232.dll,C:\WINDOWS\System32\CRYPTDLL32323232.dll,C:\WINDOWS\System32\comrepl3232323232323232.dll,C:\WINDOWS\System32\CNVFAT3232323232323232.dll,C:\WINDOWS\System32\CIC323232.dll,C:\WINDOWS\System32\CRYPTNET3232323232.dll,C:\WINDOWS\System32\CDMODEM32.dll,C:\WINDOWS\System32\COMRES323232.dll,C:\WINDOWS\System32\CNBJMON3232323232.dll,C:\WINDOWS\System32\CFGMGR323232.dll,C:\WINDOWS\System32\CONSOLE3232.dll,C:\WINDOWS\System32\colbact3232323232.dll,C:\WINDOWS\System32\clbcatex323232.dll,C:\WINDOWS\System32\cfxjlmic3232.dll,C:\WINDOWS\System32\corpol3232.dll,C:\WINDOWS\System32\COMPOBJ32.dll,C:\WINDOWS\System32\CNBJMON323232323232.dll,C:\WINDOWS\System32\CIADMIN3232323232.dll,C:\WINDOWS\System32\corpol323232.dll,C:\WINDOWS\System32\COMMDLG323232.dll,C:\WINDOWS\System32\CMCFG32323232.dll,C:\WINDOWS\System32\CRYPTEXT32323232323232.dll,C:\WINDOWS\System32\COMSNAP3232323232.dll,C:\WINDOWS\System32\CNVFAT323232323232323232.dll,C:\WINDOWS\System32\clbcatex32323232.dll,C:\WINDOWS\System32\CRYPT3232323232323232.dll,C:\WINDOWS\System32\COMPSTUI323232323232.dll,C:\WINDOWS\System32\COMADDIN3232.dll,C:\WINDOWS\System32\compatUI32323232.dll,C:\WINDOWS\System32\COMPSTUI32323232323232.dll,C:\WINDOWS\System32\comrepl323232323232323232.dll,C:\WINDOWS\System32\CRYPTDLG32323232.dll,C:\WINDOWS\System32\CRYPTDLL3232323232.dll,C:\WINDOWS\System32\ctafrcan3232323232.dll,C:\WINDOWS\System32\D3DIM700323232323232323232.dll,C:\WINDOWS\System32\CLICONFG3232.dll,C:\WINDOWS\System32\cdfview3232.dll,C:\WINDOWS\System32\CMCFG3232323232.dll,C:\WINDOWS\System32\CDMODEM3232.dll,C:\WINDOWS\System32\BITSPRX332.dll,C:\WINDOWS\System32\AVMETER32.dll,C:\WINDOWS\System32\CLICONFG323232.dll,C:\WINDOWS\System32\cdintf3232.dll,C:\WINDOWS\System32\BITSPRX232.dll,C:\WINDOWS\System32\CMDIAL32323232.dll,C:\WINDOWS\System32\cdoorhmr32.dll,C:\WINDOWS\System32\bkqkxada3232.dll,C:\WINDOWS\System32\CMPROPS32323232.dll,C:\WINDOWS\System32\ciodm32.dll,C:\WINDOWS\System32\CARDS32.dll,C:\WINDOWS\System32\COMMDLG32323232.dll,C:\WINDOWS\System32\CMPROPS3232323232.dll,C:\WINDOWS\System32\CFGBKEND32.dll,C:\WINDOWS\System32\BTHCI32.dll,C:\WINDOWS\System32\COMMDLG3232323232.dll,C:\WINDOWS\System32\CMDIAL3232323232.dll,C:\WINDOWS\System32\cdosys323232.dll,C:\WINDOWS\System32\COMPOBJ3232.dll,C:\WINDOWS\System32\cmsetACL3232.dll,C:\WINDOWS\System32\chuzwb32323232.dll,C:\WINDOWS\System32\CAMOCX3232.dll,C:\WINDOWS\System32\CNBJMON32323232323232.dll,C:\WINDOWS\System32\ciodm3232.dll,C:\WINDOWS\System32\CATSRVPS3232.dll,C:\WINDOWS\System32\colbact323232323232.dll,C:\WINDOWS\System32\clbcatq323232.dll,C:\WINDOWS\System32\cdintf323232.dll,C:\WINDOWS\System32\COMADDIN323232.dll,C:\WINDOWS\System32\CLICONFG32323232.dll,C:\WINDOWS\System32\cdoorhmr3232.dll,C:\WINDOWS\System32\comctl32323232.dll,C:\WINDOWS\System32\cmirndrh323232.dll,C:\WINDOWS\System32\CFGBKEND3232.dll,C:\WINDOWS\System32\compatUI3232323232.dll,C:\WINDOWS\System32\CNETCFG32323232.dll,C:\WINDOWS\System32\clbcatex3232323232.dll,C:\WINDOWS\System32\CLICONFG3232323232.dll,C:\WINDOWS\System32\CLUSAPI3232.dll,C:\WINDOWS\System32\CMCFG323232323232.dll,C:\WINDOWS\System32\cmirndrh32323232.dll,C:\WINDOWS\System32\CMPBK32323232.dll,C:\WINDOWS\System32\CMUTIL323232.dll,C:\WINDOWS\System32\CNBJMON3232323232323232.dll,C:\WINDOWS\System32\colbact32323232323232.dll,C:\WINDOWS\System32\comctl3232323232.dll,C:\WINDOWS\System32\COMDLG32323232.dll,C:\WINDOWS\System32\compatUI323232323232.dll,C:\WINDOWS\System32\comrepl32323232323232323232.dll,C:\WINDOWS\System32\comsvcs323232.dll,C:\WINDOWS\System32\comuid3232323232.dll,C:\WINDOWS\System32\corpol32323232.dll,C:\WINDOWS\System32\CRTDLL323232.dll,C:\WINDOWS\System32\CRYPT323232323232323232.dll,C:\WINDOWS\System32\CRYPTEXT3232323232323232.dll,C:\WINDOWS\System32\CRYPTNET323232323232.dll,C:\WINDOWS\System32\chuzwb3232323232.dll,C:\WINDOWS\System32\CAPESNPN3232323232.dll,C:\WINDOWS\System32\CIC32323232.dll,C:\WINDOWS\System32\cbxidked3232.dll,C:\WINDOWS\System32\BITSPRX23232.dll,C:\WINDOWS\System32\AVTAPI32.dll,C:\WINDOWS\System32\clbcatq32323232.dll,C:\WINDOWS\System32\CERTMGR3232.dll,C:\WINDOWS\System32\BTHSERV3232.dll,C:\WINDOWS\System32\CMDIAL323232323232.dll,C:\WINDOWS\System32\clbcatq3232323232.dll,C:\WINDOWS\System32\cewmdm32323232.dll,C:\WINDOWS\System32\catsrv32.dll,C:\WINDOWS\System32\CMUTIL32323232.dll,C:\WINDOWS\System32\clbcatex323232323232.dll,C:\WINDOWS\System32\CDMODEM323232.dll,C:\WINDOWS\System32\BROWSELC32.dll,C:\WINDOWS\System32\CMPBK3232323232.dll,C:\WINDOWS\System32\CIC3232323232.dll,C:\WINDOWS\System32\cbXOhiGX32323232.dll,C:\WINDOWS\System32\CNBJMON323232323232323232.dll,C:\WINDOWS\System32\CLUSAPI323232.dll,C:\WINDOWS\System32\cfxjlmic323232.dll,C:\WINDOWS\System32\catsrvut32.dll,C:\WINDOWS\System32\CMUTIL3232323232.dll,C:\WINDOWS\System32\CLB323232323232.dll,C:\WINDOWS\System32\cdm32323232.dll,C:\WINDOWS\System32\CNBJMON32323232323232323232.dll,C:\WINDOWS\System32\cmirndrh3232323232.dll,C:\WINDOWS\System32\chuzwb323232323232.dll,C:\WINDOWS\System32\cewmdm3232323232.dll,C:\WINDOWS\System32\CAPESNPN323232323232.dll,C:\WINDOWS\System32\cmirndrh323232323232.dll,C:\WINDOWS\System32\CMPBK323232323232.dll,C:\WINDOWS\System32\CMPROPS323232323232.dll,C:\WINDOWS\System32\CMUTIL323232323232.dll,C:\WINDOWS\System32\colbact3232323232323232.dll,C:\WINDOWS\System32\cbXOhiGX3232323232.dll,C:\WINDOWS\System32\CNBJMON3232323232323232323232.dll,C:\WINDOWS\System32\CLUSAPI32323232.dll,C:\WINDOWS\System32\cfxjlmic32323232.dll,C:\WINDOWS\System32\COMCAT32323232.dll,C:\WINDOWS\System32\CNBJMON323232323232323232323232.dll,C:\WINDOWS\System32\CLICONFG323232323232.dll,C:\WINDOWS\System32\cewmdm323232323232.dll,C:\WINDOWS\System32\COMCAT3232323232.dll,C:\WINDOWS\System32\CMPROPS32323232323232.dll,C:\WINDOWS\System32\CLUSAPI3232323232.dll,C:\WINDOWS\System32\CFGBKEND323232.dll,C:\WINDOWS\System32\COMDLG3232323232.dll,C:\WINDOWS\System32\CMUTIL32323232323232.dll,C:\WINDOWS\System32\clbcatex32323232323232.dll,C:\WINDOWS\System32\compatUI32323232323232.dll,C:\WINDOWS\System32\CNETCFG3232323232.dll,C:\WINDOWS\System32\CLUSAPI323232323232.dll,C:\WINDOWS\System32\cfxjlmic3232323232.dll,C:\WINDOWS\System32\CNVFAT32323232323232323232.dll,C:\WINDOWS\System32\CMUTIL3232323232323232.dll,C:\WINDOWS\System32\comctl323232323232.dll,C:\WINDOWS\System32\compatUI3232323232323232.dll,C:\WINDOWS\System32\CIC323232323232.dll,C:\WINDOWS\System32\COMDLG323232323232.dll,C:\WINDOWS\System32\CNVFAT3232323232323232323232.dll,C:\WINDOWS\System32\CMPROPS3232323232323232.dll,C:\WINDOWS\System32\CLUSAPI32323232323232.dll,C:\WINDOWS\System32\COMRES32323232.dll,C:\WINDOWS\System32\compatUI323232323232323232.dll,C:\WINDOWS\System32\CNVFAT323232323232323232323232.dll,C:\WINDOWS\System32\cmirndrh32323232323232.dll,C:\WINDOWS\System32\COMRES3232323232.dll,C:\WINDOWS\System32\comctl32323232323232.dll,C:\WINDOWS\System32\COMMDLG323232323232.dll,C:\WINDOWS\System32\COMRES323232323232.dll,C:\WINDOWS\System32\CMCFG32323232323232.dll,C:\WINDOWS\System32\COMPSTUI3232323232323232.dll,C:\WINDOWS\System32\cdfview323232.dll,C:\WINDOWS\System32\bkxskimw3232.dll,C:\WINDOWS\System32\CIC32323232323232.dll,C:\WINDOWS\System32\cdintf32323232.dll,C:\WINDOWS\System32\BOOTVID32.dll,C:\WINDOWS\System32\CLB32323232323232.dll,C:\WINDOWS\System32\CIC3232323232323232.dll,C:\WINDOWS\System32\cdm3232323232.dll,C:\WINDOWS\System32\CARDS3232.dll,C:\WINDOWS\System32\AVWAV3232.dll,C:\WINDOWS\System32\CIC323232323232323232.dll,C:\WINDOWS\System32\cdm323232323232.dll,C:\WINDOWS\System32\BSZIP32.dll,C:\WINDOWS\System32\BIDISPL3232.dll,C:\WINDOWS\System32\clbcatex3232323232323232.dll,C:\WINDOWS\System32\CERTMGR323232.dll,C:\WINDOWS\System32\cbXOhiGX323232323232.dll,C:\WINDOWS\System32\bkqkxada323232.dll,C:\WINDOWS\System32\ciodm323232.dll,C:\WINDOWS\System32\cdosys32323232.dll,C:\WINDOWS\System32\CABVIEW32.dll,C:\WINDOWS\System32\clbcatq323232323232.dll,C:\WINDOWS\System32\CFGBKEND32323232.dll,C:\WINDOWS\System32\catsrvut3232.dll,C:\WINDOWS\System32\BSZIP3232.dll,C:\WINDOWS\System32\ciodm32323232.dll,C:\WINDOWS\System32\cdosys3232323232.dll,C:\WINDOWS\System32\CARDS323232.dll,C:\WINDOWS\System32\CMCFG3232323232323232.dll,C:\WINDOWS\System32\ciodm3232323232.dll,C:\WINDOWS\System32\cdoorhmr323232.dll,C:\WINDOWS\System32\CABINET3232.dll,C:\WINDOWS\System32\clbcatex323232323232323232.dll,C:\WINDOWS\System32\CFGMGR32323232.dll,C:\WINDOWS\System32\cbxidked323232.dll,C:\WINDOWS\System32\CMCFG323232323232323232.dll,C:\WINDOWS\System32\CLB3232323232323232.dll,C:\WINDOWS\System32\cewmdm32323232323232.dll,C:\WINDOWS\System32\CFGMGR3232323232.dll,C:\WINDOWS\System32\CIADMIN323232323232.dll,C:\WINDOWS\System32\CLB323232323232323232.dll,C:\WINDOWS\System32\CMCFG32323232323232323232.dll,C:\WINDOWS\System32\CMDIAL32323232323232.dll,C:\WINDOWS\System32\cmirndrh3232323232323232.dll,C:\WINDOWS\System32\CMPBK32323232323232.dll,C:\WINDOWS\System32\CMPROPS323232323232323232.dll,C:\WINDOWS\System32\CMUTIL323232323232323232.dll,C:\WINDOWS\System32\colbact323232323232323232.dll,C:\WINDOWS\System32\CDMODEM32323232.dll,C:\WINDOWS\System32\CAMOCX323232.dll,C:\WINDOWS\System32\AVMETER3232.dll,C:\WINDOWS\System32\cdosys323232323232.dll,C:\WINDOWS\System32\catsrvut323232.dll,C:\WINDOWS\System32\bkqkxada32323232.dll,C:\WINDOWS\System32\cdoorhmr32323232.dll,C:\WINDOWS\System32\capicom3232.dll,C:\WINDOWS\System32\bkawkowc32.dll,C:\WINDOWS\System32\CIC32323232323232323232.dll,C:\WINDOWS\System32\cdoorhmr3232323232.dll,C:\WINDOWS\System32\CARDS32323232.dll,C:\WINDOWS\System32\bkqkxada3232323232.dll,C:\WINDOWS\System32\CFGBKEND3232323232.dll,C:\WINDOWS\System32\CDMODEM3232323232.dll,C:\WINDOWS\System32\CAMOCX32323232.dll,C:\WINDOWS\System32\CIC3232323232323232323232.dll,C:\WINDOWS\System32\CFGBKEND323232323232.dll,C:\WINDOWS\System32\cbXOhiGX32323232323232.dll,C:\WINDOWS\System32\BROWSER32.dll,C:\WINDOWS\System32\ciodm323232323232.dll,C:\WINDOWS\System32\CERTCLI323232.dll,C:\WINDOWS\System32\CARDS3232323232.dll,C:\WINDOWS\System32\CLB32323232323232323232.dll,C:\WINDOWS\System32\CFGMGR323232323232.dll,C:\WINDOWS\System32\cdfview32323232.dll,C:\WINDOWS\System32\BTHCI3232.dll,C:\WINDOWS\System32\chuzwb32323232323232.dll,C:\WINDOWS\System32\CDMODEM323232323232.dll,C:\WINDOWS\System32\CAPESNPN32323232323232.dll,C:\WINDOWS\System32\CARDS323232323232.dll,C:\WINDOWS\System32\ciodm32323232323232.dll,C:\WINDOWS\System32\cewmdm3232323232323232.dll,C:\WINDOWS\System32\cdm32323232323232.dll,C:\WINDOWS\System32\catsrv3232.dll,C:\WINDOWS\System32\clbcatq32323232323232.dll,C:\WINDOWS\System32\chuzwb3232323232323232.dll,C:\WINDOWS\System32\CERTCLI32323232.dll,C:\WINDOWS\System32\cbXOhiGX3232323232323232.dll,C:\WINDOWS\System32\CDMODEM32323232323232.dll,C:\WINDOWS\System32\CLUSAPI3232323232323232.dll,C:\WINDOWS\System32\CIC323232323232323232323232.dll,C:\WINDOWS\System32\CERTMGR32323232.dll,C:\WINDOWS\System32\cdoorhmr323232323232.dll,C:\WINDOWS\System32\CERTCLI3232323232.dll,C:\WINDOWS\System32\CERTMGR3232323232.dll,C:\WINDOWS\System32\cewmdm323232323232323232.dll,C:\WINDOWS\System32\cfxjlmic323232323232.dll,C:\WINDOWS\System32\CLB3232323232323232323232.dll,C:\WINDOWS\System32\clbcatq3232323232323232.dll,C:\WINDOWS\System32\CLUSAPI323232323232323232.dll,C:\WINDOWS\System32\cdfview3232323232.dll,C:\WINDOWS\System32\BTPANUI32.dll,C:\WINDOWS\System32\cdm3232323232323232.dll,C:\WINDOWS\System32\capicom323232.dll,C:\WINDOWS\System32\bkawkowc3232.dll,C:\WINDOWS\System32\AVTAPI3232.dll,C:\WINDOWS\System32\cdoorhmr32323232323232.dll,C:\WINDOWS\System32\catsrv323232.dll,C:\WINDOWS\System32\blackbox3232.dll,C:\WINDOWS\System32\AVWAV323232.dll,C:\WINDOWS\System32\cdoorhmr3232323232323232.dll,C:\WINDOWS\System32\catsrv32323232.dll,C:\WINDOWS\System32\BOOTVID3232.dll,C:\WINDOWS\System32\CERTCLI323232323232.dll,C:\WINDOWS\System32\cbxidked32323232.dll,C:\WINDOWS\System32\BTPANUI3232.dll,C:\WINDOWS\System32\CFGBKEND32323232323232.dll,C:\WINDOWS\System32\CDMODEM3232323232323232.dll,C:\WINDOWS\System32\catsrv3232323232.dll,C:\WINDOWS\System32\bwpijnci3232.dll,C:\WINDOWS\System32\CFGMGR32323232323232.dll,C:\WINDOWS\System32\cdm323232323232323232.dll,C:\WINDOWS\System32\cbXOhiGX323232323232323232.dll,C:\WINDOWS\System32\CAMOCX3232323232.dll,C:\WINDOWS\System32\chuzwb323232323232323232.dll,C:\WINDOWS\System32\CFGBKEND3232323232323232.dll,C:\WINDOWS\System32\cdm32323232323232323232.dll,C:\WINDOWS\System32\capicom32323232.dll,C:\WINDOWS\System32\CATSRVPS323232.dll,C:\WINDOWS\System32\cbxidked3232323232.dll,C:\WINDOWS\System32\CDMODEM323232323232323232.dll,C:\WINDOWS\System32\cdoorhmr323232323232323232.dll,C:\WINDOWS\System32\clbcatex32323232323232323232.dll,C:\WINDOWS\System32\clbcatq323232323232323232.dll,C:\WINDOWS\System32\cdintf3232323232.dll,C:\WINDOWS\System32\CAPESNPN3232323232323232.dll,C:\WINDOWS\System32\bkqkxada323232323232.dll,C:\WINDOWS\System32\cbXOhiGX32323232323232323232.dll,C:\WINDOWS\System32\byturmqn32.dll,C:\WINDOWS\System32\cdm3232323232323232323232.dll,C:\WINDOWS\System32\cbXOhiGX3232323232323232323232.dll,C:\WINDOWS\System32\CAMOCX323232323232.dll,C:\WINDOWS\System32\BROWSER3232.dll,C:\WINDOWS\System32\BATT32.dll,C:\WINDOWS\System32\cdfview323232323232.dll,C:\WINDOWS\System32\CAMOCX32323232323232.dll,C:\WINDOWS\System32\BITSPRX2323232.dll,C:\WINDOWS\System32\betggeje3232.dll,C:\WINDOWS\System32\cdintf323232323232.dll,C:\WINDOWS\System32\catsrv323232323232.dll,C:\WINDOWS\System32\BTHSERV323232.dll,C:\WINDOWS\System32\cdosys32323232323232.dll,C:\WINDOWS\System32\cdintf32323232323232.dll,C:\WINDOWS\System32\CAPESNPN323232323232323232.dll,C:\WINDOWS\System32\blackbox323232.dll,C:\WINDOWS\System32\cdosys3232323232323232.dll,C:\WINDOWS\System32\blucjpcd3232.dll,C:\WINDOWS\System32\CDMODEM32323232323232323232.dll,C:\WINDOWS\System32\catsrvut32323232.dll,C:\WINDOWS\System32\BTHSERV32323232.dll,C:\WINDOWS\System32\cdoorhmr32323232323232323232.dll,C:\WINDOWS\System32\cdosys323232323232323232.dll,C:\WINDOWS\System32\CFGBKEND323232323232323232.dll,C:\WINDOWS\System32\BROWSEWM323232.dll,C:\WINDOWS\System32\CDMODEM3232323232323232323232.dll,C:\WINDOWS\System32\catsrvut3232323232.dll,C:\WINDOWS\System32\CABVIEW3232.dll,C:\WINDOWS\System32\CCFGNT323232.dll,C:\WINDOWS\System32\cdintf3232323232323232.dll,C:\WINDOWS\System32\cdm323232323232323232323232.dll,C:\WINDOWS\System32\CDMODEM323232323232323232323232.dll,C:\WINDOWS\System32\CFGMGR3232323232323232.dll,C:\WINDOWS\System32\ciodm3232323232323232.dll,C:\WINDOWS\System32\CLB323232323232323232323232.dll,C:\WINDOWS\System32\CLICONFG32323232323232.dll,C:\WINDOWS\System32\AVTAPI323232.dll,C:\WINDOWS\System32\catsrvut323232323232.dll,C:\WINDOWS\System32\BTHSERV3232323232.dll,C:\WINDOWS\System32\BATMETER32.dll,C:\WINDOWS\System32\bbdwmpha32.dll,C:\WINDOWS\System32\CCFGNT32323232.dll,C:\WINDOWS\System32\CAMOCX3232323232323232.dll,C:\WINDOWS\System32\bkxskimw323232.dll,C:\WINDOWS\System32\BITSPRX33232.dll,C:\WINDOWS\System32\CCFGNT3232323232.dll,C:\WINDOWS\System32\CAMOCX323232323232323232.dll,C:\WINDOWS\System32\blackbox32323232.dll,C:\WINDOWS\System32\cdintf323232323232323232.dll,C:\WINDOWS\System32\CCFGNT323232323232.dll,C:\WINDOWS\System32\capicom3232323232.dll,C:\WINDOWS\System32\BOOTVID323232.dll,C:\WINDOWS\System32\BROWSELC3232.dll,C:\WINDOWS\System32\CABINET323232.dll,C:\WINDOWS\System32\catsrvut32323232323232.dll,C:\WINDOWS\System32\cbxidked323232323232.dll,C:\WINDOWS\System32\cbXOhiGX323232323232323232323232.dll,C:\WINDOWS\System32\cdoorhmr3232323232323232323232.dll,C:\WINDOWS\System32\CFGMGR323232323232323232.dll,C:\WINDOWS\System32\DOCPROP232.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]
backup=C:\WINDOWS\pss\America Online 9.0 Tray Icon.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
backup=C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]
backup=C:\WINDOWS\pss\QuickBooks Update Agent.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Run Nintendo Wi-Fi USB Connector Registration Tool.lnk]
backup=C:\WINDOWS\pss\Run Nintendo Wi-Fi USB Connector Registration Tool.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Shana^Start Menu^Programs^Startup^DW_Start.lnk]
backup=C:\WINDOWS\pss\DW_Start.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\A00F3962CB.exe]
C:\DOCUME~1\Shana\LOCALS~1\Temp\_A00F3962CB.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BellSouthAlertManager.exe]
"C:\Program Files\BellSouth\AM\BellSouthAlertManager.exe" /AUTORUN

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Photo AIO Printer 922]
"C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
"C:\Program Files\DellSupport\DSAgnt.exe" /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellTransferAgent]
"C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
C:\WINDOWS\system32\dla\tfswctrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\f477d05a]
rundll32.exe "C:\WINDOWS\system32\__c0070470.dat",b

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCAgentExe]
c:\PROGRA~1\mcafee.com\agent\mcagent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe]
C:\PROGRA~1\mcafee.com\agent\McUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
"C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]
"C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPFExe]
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar Search Scope Monitor]
"C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM]
C:\Program Files\MySpace\IM\MySpaceIM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pure Networks Port Magic]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tgcmd]
"C:\Program Files\Support.com\BellSouth\hcenter.exe" /starthidden /tgcmdwrapper

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
"C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online]
c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VSOCheckTask]
"c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZangoOE]
C:\Program Files\Zango\bin\10.0.370.0\OEAddOn.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZangoSA]
"C:\Program Files\Zango\bin\10.0.370.0\ZangoSA.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{7D-D0-0F-F5-DW}]
C:\WINDOWS\SYSTEM32\__c00FE3A0.exe DWmhst


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
AutoRun\command- E:\LaunchU3.exe -a




-- End of Deckard's System Scanner: finished at 2008-07-30 12:50:14 ------------



Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Pentium® 4 CPU 2.80GHz
Percentage of Memory in Use: 36%
Physical Memory (total/avail): 502.07 MiB / 318.84 MiB
Pagefile Memory (total/avail): 1225.47 MiB / 1099.14 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1938.06 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 71.07 GiB total, 55.26 GiB free.
D: is CDROM (No Media)
E: is CDROM (CDFS)
F: is Removable (FAT)

\\.\PHYSICALDRIVE0 - Maxtor 6Y080M0 - 74.5 GiB - 3 partitions
\PARTITION0 - Unknown - 47.03 MiB
\PARTITION1 (bootable) - Installable File System - 71.07 GiB - C:
\PARTITION2 - Unknown - 3.39 GiB

\\.\PHYSICALDRIVE1 - USB Flash Memory USB Device - 1898.31 MiB - 1 partition
\PARTITION0 (bootable) - Win95 w/Extended Int 13 - 1901.84 MiB - F:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.

FW: McAfee Personal Firewall Plus v5000 (McAfee Security)
AV: avast! antivirus 4.8.1229 [VPS 080728-0] v4.8.1229 (ALWIL Software) Disabled
AV: McAfee VirusScan v (McAfee) Outdated

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Application Loader"
"C:\\Program Files\\America Online 9.0a\\waol.exe"="C:\\Program Files\\America Online 9.0a\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe:*:Enabled:AOLTsMon"
"C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"="C:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe:*:Enabled:AOLTopSpeed"
"C:\\Program Files\\Common Files\\AOL\\1150846968\\EE\\AOLServiceHost.exe"="C:\\Program Files\\Common Files\\AOL\\1150846968\\EE\\AOLServiceHost.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"="C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\AOLSP Scheduler.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe"="C:\\Program Files\\Common Files\\AOL\\AOL Spyware Protection\\asp.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe"="C:\\Program Files\\Common Files\\AolCoach\\en_en\\player\\AOLNySEV.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLAcsd.exe:*:Enabled:AOL"
"C:\\Program Files\\America Online 9.0\\waol.exe"="C:\\Program Files\\America Online 9.0\\waol.exe:*:Enabled:America Online 9.0"
"C:\\Program Files\\Common Files\\AOL\\1155171741\\ee\\aolsoftware.exe"="C:\\Program Files\\Common Files\\AOL\\1155171741\\ee\\aolsoftware.exe:*:Enabled:AOL Services"
"C:\\Program Files\\Common Files\\AOL\\1155171741\\ee\\aim6.exe"="C:\\Program Files\\Common Files\\AOL\\1155171741\\ee\\aim6.exe:*:Enabled:AIM"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Disabled:Kodak Software Updater"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\WiFiConnector\\NintendoWFCReg.exe"="C:\\Program Files\\WiFiConnector\\NintendoWFCReg.exe:*:Enabled:Nintendo Wi-Fi USB Connector"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"="C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe:*:Enabled:MySpaceIM"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Administrator\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_08\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=DJ912771
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Administrator
LOGONSERVER=\\DJ912771
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 1, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0401
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_08\lib\ext\QTJava.zip
SAFEBOOT_OPTION=NETWORK
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp
USERDOMAIN=DJ912771
USERNAME=Administrator
USERPROFILE=C:\Documents and Settings\Administrator
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI


-- User Profiles ---------------------------------------------------------------

Shana (admin)
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> C:\WINDOWS\system32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
--> MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
--> MsiExec.exe /I{F543B12A-13F5-487E-9314-F7D25E1BBE3E}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
9Dragons --> MsiExec.exe /I{EB0508A0-162A-4996-85A1-00C07D33445A}
ABBYY FineReader 5.0 Sprint Plus --> MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}
ActionReplay Xbox --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Datel\ActionReplay Xbox\Uninst.isu"
Ad-Aware --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat - Reader 6.0.2 Update --> MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 6.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7646-000000000001}
AOL You've Got Pictures Screensaver --> C:\Program Files\Common Files\AOL\Screensaver\uninst_ygpss.exe
Ask Toolbar --> rundll32 C:\PROGRA~1\AskSBar\bar\1.bin\AskSBar.dll,O
avast! Antivirus --> C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
BellSouth Application Management --> C:\WINDOWS\Motive\BellSouth\UninstallAppManagement.exe
BellSouth Internet Security - Alert Manager 1.5.11 --> "C:\Program Files\BellSouth\AM\unins000.exe"
BellSouth Toolbar 1.0 --> C:\Program Files\blstoolbar\uninstall.exe -uninstall -prompt
CCScore --> MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
Command & Conquer Red Alert 2 --> C:\Westwood\RA2\Uninstll.EXE
Command & Conquer Tiberian Sun --> C:\Westwood\SUN\Uninstll.EXE
Command && Conquer Red Alert 2 - Yuri's Revenge --> C:\Westwood\RA2\Uninstll.EXE
Conexant D850 56K V.9x DFVc Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSETUP.EXE -U -Idel200fk.inf
Dell Digital Jukebox Driver --> C:\Program Files\Dell\Digital Jukebox Drivers\DrvUnins.exe /s
Dell Driver Reset Tool --> MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
Dell Media Experience --> MsiExec.exe /I{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}
Dell Photo AIO Printer 922 --> C:\WINDOWS\system32\spool\drivers\w32x86\3\DLBTUNST.EXE -NOLICENSE
Dell Picture Studio v3.0 --> MsiExec.exe /I{AF06CAE4-C134-44B1-B699-14FBDB63BD37}
DellSupport --> MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}
Digital Line Detect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
EarthLink setup files --> MsiExec.exe /X{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}
ESET Online Scanner --> C:\WINDOWS\system32\OnlineScannerUninstaller.exe
ESSCDBK --> MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore --> MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}
ESSgui --> MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESSini --> MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD --> MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSSONIC --> MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34}
ESSTOOLS --> MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
essvatgt --> MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
FastAccess® DSL Help Center 4.3 --> "C:\Program Files\FastAccessDSL\HelpCenter43\unins000.exe"
GoToAssist 8.0.0.480 --> C:\Program Files\Citrix\GoToAssist\480\G2AUninstaller.exe /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Intel® Graphics Media Accelerator Driver --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2782 PCI\VEN_8086&DEV_2582
Intel® PRO Network Adapters and Drivers --> Prounstl.exe
Intel® PROSet for Wired Connections --> MsiExec.exe /I{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7}
Internet Explorer Default Page --> MsiExec.exe /I{35BDEFF1-A610-4956-A00D-15453C116395}
J2SE Runtime Environment 5.0 Update 8 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150080}
Jasc Paint Shop Photo Album --> MsiExec.exe /I{CC000127-5E5D-4A1C-90CB-EEAAAC1E3AC0}
Jasc Paint Shop Photo Album 5 --> MsiExec.exe /I{4192EAC0-6B36-4723-B216-D0E86E7757AC}
Jasc Paint Shop Pro 8 Dell Edition --> MsiExec.exe /I{81A34902-9D0B-4920-A25C-4CDC5D14B328}
Jasc Paint Shop Pro Studio, Dell Editon --> MsiExec.exe /I{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}
Java 2 Runtime Environment, SE v1.4.2_03 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
kgcbaby --> MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344}
kgcbase --> MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
kgchday --> MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E}
kgchlwn --> MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1}
kgcinvt --> MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B}
kgckids --> MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4}
kgcmove --> MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC}
kgcvday --> MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549}
Kodak EasyShare software --> C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140002_149a9cc\Setup.exe /APR-REMOVE
KSU --> MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}
LabelCreator --> C:\WINDOWS\uninst.exe -f"C:\Program Files\LabelCreator\DeIsL2.isu" -cC:\PROGRA~1\LABELC~1\_ISREG32.DLL
Learn2 Player (Uninstall Only) --> C:\Program Files\Learn2.com\StRunner\stuninst.exe
LG USB Drivers --> C:\PROGRA~1\LGDRIV~1\LGUSBD~1\UNWISE.EXE C:\PROGRA~1\LGDRIV~1\LGUSBD~1\INSTALL.LOG
LimeWire 4.16.2 --> "C:\Program Files\LimeWire\uninstall.exe"
Macromedia Flash Player --> MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c}
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee Personal Firewall Plus --> C:\PROGRA~1\McAfee.com\PERSON~1\MpfUninstall.exe
McAfee SecurityCenter --> C:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /appid=msc /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\screm.ui::uninstall.htm
McAfee VirusScan --> c:\PROGRA~1\mcafee.com\shared\mcappins.exe /v=3 /uninstall=1 /interact=1 /script_proactive=1 /start=c:\PROGRA~1\mcafee.com\agent\uninst\vsoremui.dll::uninstall.htm
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Plus! Digital Media Edition Installer --> MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}
Microsoft Plus! Photo Story 2 LE --> MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Modem Helper --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F142D56-3326-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanel
MSN --> C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
Musicmatch® Jukebox --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}\setup.exe" -l0x9 -uninst
My Way Search Assistant --> rundll32 C:\PROGRA~1\MyWaySA\SrchAsDe\1.bin\desrcas.dll,O
MySpaceIM --> C:\Program Files\MySpace\IM\Uninstall.exe
netbrdg --> MsiExec.exe /I{56AB063D-1450-4BDE-9F0D-E9C693429C51}
NetWaiting --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" -l0x9 ControlPanelAnyText
NetZeroInstallers --> MsiExec.exe /X{352310C3-E46B-42D3-8F32-54721FDD72D9}
Nintendo Wi-Fi USB Connector Registration Tool --> C:\Program Files\WiFiConnector\SoftAPUninst.exe
Norton Spyware Scan provided by Yahoo! --> C:\PROGRA~1\Yahoo!\Common\unynss.exe
Notifier --> MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}
OfotoXMI --> MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
PCDADDIN --> MsiExec.exe /I{65D85050-5610-4A91-A3B1-D5C744291AD4}
PCDHELP --> MsiExec.exe /I{C99DCDA4-7407-4F72-A77E-C81C551D0C4E}
Photo Click --> MsiExec.exe /I{6E179C77-7335-458D-9537-4F4EAC0181ED}
Qualxserve Service Agreement --> MsiExec.exe /X{0F756CD9-4A1E-409B-B101-601DDC4C03AA}
QuickBooks Simple Start Special Edition --> msiexec.exe /I {F543B12A-13F5-487E-9314-F7D25E1BBE3E} UNIQUE_NAME="atomlimited" QBFULLNAME="QuickBooks Simple Start Special Edition" ADDREMOVE=1
QuickTime --> MsiExec.exe /I{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}
RealPlayer Basic --> C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
SFR --> MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SHASTA --> MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
SimCity 3000 --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Maxis\SimCity 3000\Uninst.isu"
SKIN0001 --> MsiExec.exe /I{FDF9943A-3D5C-46B3-9679-586BD237DDEE}
SKINXSDK --> MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Sonic Update Manager --> MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
staticcr --> MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
tooltips --> MsiExec.exe /I{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}
V CAST Music --> MsiExec.exe /X{3249FD43-B24B-413F-B786-F8FEA32FA747}
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
VPRINTOL --> MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
Westwood Shared Internet Components --> C:\Westwood\Internet\UnstllAP.EXE
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WIRELESS --> MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
WordPerfect Office 12 --> MsiExec.exe /I{AF19F291-F22F-4798-9662-525305AE9E48}
Yahoo! Browser Services --> C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S
Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL
Yahoo! Internet Mail --> C:\WINDOWS\system32\regsvr32 /u /s C:\PROGRA~1\Yahoo!\Common\YMMAPI.dll
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type2692 / Warning
Event Submitted/Written: 07/30/2008 00:12:56 PM
Event ID/Source: 1015 / MsiInstaller
Event Description:
Failed to connect to server. Error: 0x8007043C

Event Record #/Type2691 / Warning
Event Submitted/Written: 07/30/2008 01:00:20 AM
Event ID/Source: 1015 / MsiInstaller
Event Description:
Failed to connect to server. Error: 0x8007043C

Event Record #/Type2690 / Warning
Event Submitted/Written: 07/30/2008 01:00:20 AM
Event ID/Source: 1001 / MsiInstaller
Event Description:
Detection of product '{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}', feature 'Complete' failed during request for component '{A6C8A50F-4808-43A4-A147-ACAA2598DE52}'

Event Record #/Type2689 / Warning
Event Submitted/Written: 07/30/2008 01:00:20 AM
Event ID/Source: 1004 / MsiInstaller
Event Description:
Detection of product '{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}', feature 'Complete', component '{B2B6EDF3-22B8-47B3-8358-4D1976F0949D}' failed. The resource 'C:\Program Files\SUPERAntiSpyware\Quarantine\' does not exist.

Event Record #/Type2688 / Error
Event Submitted/Written: 07/29/2008 00:05:45 PM
Event ID/Source: 1008 / MsiInstaller
Event Description:
The installation of http://javadl.sun.com/webapps/download/Get...6.0_07-iftw.msi is not permitted due to an error in software restriction policy processing. The object cannot be trusted.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type41327 / Error
Event Submitted/Written: 07/30/2008 00:43:35 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Event Record #/Type41325 / Error
Event Submitted/Written: 07/30/2008 00:12:56 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service MSIServer with arguments ""
in order to run the server:
{000C101C-0000-0000-C000-000000000046}

Event Record #/Type41324 / Error
Event Submitted/Written: 07/30/2008 00:11:40 PM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Event Record #/Type41319 / Error
Event Submitted/Written: 07/30/2008 11:16:59 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Event Record #/Type41318 / Error
Event Submitted/Written: 07/30/2008 11:15:42 AM
Event ID/Source: 7023 / Service Control Manager
Event Description:
The Computer Browser service terminated with the following error:
%%1460



-- End of Deckard's System Scanner: finished at 2008-07-30 12:50:14 ------------

BC AdBot (Login to Remove)

 


m

#2 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:01:48 AM

Posted 03 August 2008 - 03:00 PM

Hello Lizt and welcome to BleepingComputer,

1. * Clean your Cache and Cookies in IE:
  • Close all instances of Outlook Express and Internet Explorer
  • Go to Control Panel > Internet Options > General tab
  • Under Browsing History, click Delete.
  • Click Delete Files, Delete cookies and Delete history
  • Click Close below.
* Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):
  • Go to Tools > Options.
  • Click Privacy in the menu..
  • Click the Clear now button below.. A new window will popup what to clear.
  • Select all and click the Clear button again.
  • Click OK to close the Options window
* Clean other Temporary files + Recycle bin
  • Go to start > run and type: cleanmgr and click ok.
  • Let it scan your system for files to remove.
  • Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.
  • Press OK to remove them.
2. Please visit this webpage for instructions for downloading and running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please ensure you read this guide carefully and install the Recovery Console first (not for Windows Vista users !).
The Windows Recovery Console will allow you to boot up into a special recovery mode, in case your computer has a problem after an attempted removal of malware. This allows us to help you. (WinXP SP3 users, please download the appropriate SP2 file, Home or Pro, to install the RC)

In the event you already have Combofix, delete your current version and download the latest version as described in the tutorial.
It must be saved directly to your desktop.

If necessary, you can run it in safe mode.

Note: Make sure not to click ComboFix's window while it's running. That may cause it to stall or freeze.

Please post the log from ComboFix (can also be found as C:\ComboFix.txt) in your next reply. :thumbsup:

If you have any questions along the way, STOP and ask them before proceeding !!

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#3 lizt

lizt
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:48 PM

Posted 03 August 2008 - 06:38 PM

Hi Thunder,
Thanks for getting to me so quickly. I have cleaned the temp files and such as you asked. and downloaded the Combofix, but now I'm a bit confused. In trying to install the Recovery Console ( I have no cd)I clicked on the link to the Microsoft web page and it says" how to obtain win xp setup disks for floppy disk installation". Nothing about Recovery Conlole. What should I do?

#4 lizt

lizt
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:48 PM

Posted 04 August 2008 - 01:15 AM

Well, I did a bit of reading and thought I understood and went ahead and downloaded the recovery console file for xp home sp2.. I followed the instructions and dropped the file on the combofix icon, combofix started and went through the first few boxes then aborted saying that the xp file I downloaded was invalid. Here is the name of the file that I downloaded: WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe. Is this the wrong file? Again this is all being done in safe mode as I can't do anything at all in normal mode. I am also logged in as Administrator. Please advise.

#5 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:01:48 AM

Posted 04 August 2008 - 05:03 AM

Hello Lizt,

From safe mode, please run ComboFix without installing the Recovery Console.

We'll take it from there. :thumbsup:

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#6 lizt

lizt
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:48 PM

Posted 04 August 2008 - 10:39 AM

HI Thunder,
I just don't seem to be having much luck so far. I ran Combofix. When it finished and created a log I copied and pasted it into notepad. Two other boxes were on screen, one that said combofix was going to restart the computer in four minutes and another that said a problem had been encountered and was going to shut windows down,. It is the one you get occasionally that gives you and option to send a report. Anyway it would not allow me to save the log (clicked on save but nothing) to my flash drive before it restarted the pc. I have been accessing the internet from another computer and trying not to use the infected computer online for fear of more infections, thus the use of the flash drive. Is there a way to retrieve the log? Should I be using safe mode with networkin?
So sorry I messed up. What should I do now?

#7 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:01:48 AM

Posted 04 August 2008 - 12:43 PM

Hello Lizt,

You should be able to find the log as C:\ComboFix.txt, or in the Qoobox folder. :thumbsup:

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#8 lizt

lizt
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:48 PM

Posted 04 August 2008 - 01:16 PM

Thank you. Here is the log as attachment. When I tried to post the whole log I got a message saying it was to long.

Attached Files



#9 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:01:48 AM

Posted 04 August 2008 - 05:43 PM

Hello Lizt,

Let's clean up some more :

Download the attached txtfile CFScript to your desktop.

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

Posted Image

This will start ComboFix again. Upon reboot, (in case it asks to reboot), post the contents of the Combofix log in your next reply, as well as a fresh HijackThislog.

When CF finishes running, the ComboFix log will open along with a message box, --do not be alarmed. With the above script, ComboFix will capture a file to submit for analysis.

Ensure you are connected to the internet and click OK on the message box. A browser will open.
Simply follow the instructions to copy/paste/send the requested file [9]-Submit_Date_Time.zip.

Are you still having problems ?

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#10 lizt

lizt
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:48 PM

Posted 04 August 2008 - 08:00 PM

HI Thunder,

Yes I am still having problems. Everything is about the same as when we started. In normal mode most things are still frozen up. I did get back a few icons on the taskbar though. In safe mode I still can't access a lot of programs and no icons on the taskbar except McAfee.

I am at work now, but will run Combofix with the attachment when I get home tonight.

#11 lizt

lizt
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:48 PM

Posted 05 August 2008 - 01:39 AM

Here are the logs:

ComboFix 08-08-03.01 - Administrator 2008-08-05 0:41:46.2 - NTFSx86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.351 [GMT -5:00]
Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrator\Desktop\CFScript.txt

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\FILEMGMT32.dll
C:\WINDOWS\System32\fkqrmlkt32.dll
F:\combofix.txt

.
((((((((((((((((((((((((( Files Created from 2008-07-05 to 2008-08-05 )))))))))))))))))))))))))))))))
.

2008-08-04 09:59 . <DIR> C:\WINDOWS\LastGood.Tmp
2008-07-30 12:46 . 2008-07-30 12:46 <DIR> d-------- C:\Program Files\Trend Micro
2008-07-30 12:33 . 2008-07-30 12:33 <DIR> d-------- C:\Deckard
2008-07-29 12:26 . 2008-07-29 12:26 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\McAfee.com Personal Firewall
2008-07-29 11:54 . 2008-07-29 11:54 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\U3
2008-07-28 22:55 . 2008-07-28 22:55 <DIR> d-------- C:\Program Files\FastAccessDSL
2008-07-28 22:55 . 2008-07-28 22:55 <DIR> d-------- C:\Program Files\Common Files\SupportSoft
2008-07-28 17:00 . 2008-07-28 17:00 122,880 --a------ C:\WINDOWS\SYSTEM32\DOCPROP232.dll
2008-07-28 14:33 . 2008-07-28 14:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-07-28 14:14 . 2008-07-28 14:14 <DIR> d-------- C:\Program Files\Alwil Software
2008-07-28 03:21 . 2008-07-28 03:25 <DIR> d-------- C:\Program Files\EsetOnlineScanner
2008-07-28 02:16 . 2008-07-28 02:16 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-07-28 02:16 . 2008-07-28 02:16 <DIR> d-------- C:\Documents and Settings\Shana\Application Data\SUPERAntiSpyware.com
2008-07-28 02:14 . 2008-07-28 14:30 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-27 13:39 . 2008-07-27 13:39 <DIR> d---s---- C:\Documents and Settings\Administrator\UserData
2008-07-27 13:07 . 2008-08-04 09:58 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-07-27 13:07 . 2008-07-27 13:07 1,409 --a------ C:\WINDOWS\QTFont.for
2008-07-27 13:06 . 2008-07-27 13:06 <DIR> d-------- C:\Documents and Settings\Shana\Application Data\Malwarebytes
2008-07-27 12:34 . 2008-07-27 12:34 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-27 12:34 . 2008-07-27 12:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-27 12:34 . 2008-07-27 12:34 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2008-07-27 12:34 . 2008-07-23 20:09 38,472 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mbamswissarmy.sys
2008-07-27 12:34 . 2008-07-23 20:09 17,144 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\mbam.sys
2008-07-27 11:08 . 2008-06-13 08:10 272,128 --------- C:\WINDOWS\SYSTEM32\DRIVERS\bthport.sys
2008-07-27 11:08 . 2008-06-13 08:10 272,128 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\bthport.sys
2008-07-26 00:54 . 2004-08-04 00:56 21,504 --a------ C:\WINDOWS\SYSTEM32\hidserv.dll
2008-07-26 00:54 . 2004-08-04 00:56 21,504 --a------ C:\WINDOWS\SYSTEM32\DLLCACHE\hidserv.dll
2008-07-23 01:35 . 2008-07-23 01:35 122,880 --a------ C:\WINDOWS\SYSTEM32\CFGMGR323232323232323232.dll
2008-07-23 01:19 . 2008-07-23 01:19 122,880 --a------ C:\WINDOWS\SYSTEM32\cdoorhmr3232323232323232323232.dll
2008-07-23 01:16 . 2008-07-23 01:16 122,880 --a------ C:\WINDOWS\SYSTEM32\cbXOhiGX323232323232323232323232.dll
2008-07-23 01:15 . 2008-07-23 01:15 122,880 --a------ C:\WINDOWS\SYSTEM32\cbxidked323232323232.dll
2008-07-23 01:14 . 2008-07-23 01:14 122,880 --a------ C:\WINDOWS\SYSTEM32\catsrvut32323232323232.dll
2008-07-23 01:13 . 2008-07-23 01:13 122,880 --a------ C:\WINDOWS\SYSTEM32\CABINET323232.dll
2008-07-23 01:12 . 2008-07-23 01:12 122,880 --a------ C:\WINDOWS\SYSTEM32\BROWSELC3232.dll
2008-07-23 01:11 . 2008-07-23 01:11 122,880 --a------ C:\WINDOWS\SYSTEM32\BOOTVID323232.dll
2008-07-23 01:10 . 2008-07-23 01:10 122,880 --a------ C:\WINDOWS\SYSTEM32\capicom3232323232.dll
2008-07-23 01:09 . 2008-07-23 01:09 122,880 --a------ C:\WINDOWS\SYSTEM32\CCFGNT323232323232.dll
2008-07-23 01:08 . 2008-07-23 01:08 122,880 --a------ C:\WINDOWS\SYSTEM32\cdintf323232323232323232.dll
2008-07-23 01:08 . 2008-07-23 01:08 122,880 --a------ C:\WINDOWS\SYSTEM32\blackbox32323232.dll
2008-07-23 01:07 . 2008-07-23 01:07 122,880 --a------ C:\WINDOWS\SYSTEM32\CAMOCX323232323232323232.dll
2008-07-23 01:06 . 2008-07-23 01:06 122,880 --a------ C:\WINDOWS\SYSTEM32\CCFGNT3232323232.dll
2008-07-23 01:06 . 2008-07-23 01:06 122,880 --a------ C:\WINDOWS\SYSTEM32\BITSPRX33232.dll
2008-07-23 01:05 . 2008-07-23 01:05 122,880 --a------ C:\WINDOWS\SYSTEM32\bkxskimw323232.dll
2008-07-23 01:04 . 2008-07-23 01:04 122,880 --a------ C:\WINDOWS\SYSTEM32\CAMOCX3232323232323232.dll
2008-07-23 01:03 . 2008-07-23 01:03 122,880 --a------ C:\WINDOWS\SYSTEM32\CCFGNT32323232.dll
2008-07-23 01:03 . 2008-07-23 01:03 122,880 --a------ C:\WINDOWS\SYSTEM32\bbdwmpha32.dll
2008-07-23 01:02 . 2008-07-23 01:02 122,880 --a------ C:\WINDOWS\SYSTEM32\BATMETER32.dll
2008-07-23 01:01 . 2008-07-23 01:01 122,880 --a------ C:\WINDOWS\SYSTEM32\BTHSERV3232323232.dll
2008-07-23 01:00 . 2008-07-23 01:00 122,880 --a------ C:\WINDOWS\SYSTEM32\catsrvut323232323232.dll
2008-07-23 01:00 . 2008-07-23 01:00 122,880 --a------ C:\WINDOWS\SYSTEM32\AVTAPI323232.dll
2008-07-23 00:55 . 2008-07-23 00:55 122,880 --a------ C:\WINDOWS\SYSTEM32\CLICONFG32323232323232.dll
2008-07-23 00:46 . 2008-07-23 00:46 122,880 --a------ C:\WINDOWS\SYSTEM32\CLB323232323232323232323232.dll
2008-07-23 00:42 . 2008-07-23 00:42 122,880 --a------ C:\WINDOWS\SYSTEM32\ciodm3232323232323232.dll
2008-07-23 00:33 . 2008-07-23 00:33 122,880 --a------ C:\WINDOWS\SYSTEM32\CFGMGR3232323232323232.dll
2008-07-23 00:32 . 2008-07-23 00:32 122,880 --a------ C:\WINDOWS\SYSTEM32\CDMODEM323232323232323232323232.dll
2008-07-23 00:31 . 2008-07-23 00:31 122,880 --a------ C:\WINDOWS\SYSTEM32\cdm323232323232323232323232.dll
2008-07-23 00:30 . 2008-07-23 00:30 122,880 --a------ C:\WINDOWS\SYSTEM32\cdintf3232323232323232.dll
2008-07-23 00:29 . 2008-07-23 00:29 122,880 --a------ C:\WINDOWS\SYSTEM32\CCFGNT323232.dll
2008-07-23 00:28 . 2008-07-23 00:28 122,880 --a------ C:\WINDOWS\SYSTEM32\CABVIEW3232.dll
2008-07-23 00:27 . 2008-07-23 00:27 122,880 --a------ C:\WINDOWS\SYSTEM32\catsrvut3232323232.dll
2008-07-23 00:26 . 2008-07-23 00:26 122,880 --a------ C:\WINDOWS\SYSTEM32\CDMODEM3232323232323232323232.dll
2008-07-23 00:26 . 2008-07-23 00:26 122,880 --a------ C:\WINDOWS\SYSTEM32\BROWSEWM323232.dll
2008-07-23 00:24 . 2008-07-23 00:24 122,880 --a------ C:\WINDOWS\SYSTEM32\CFGBKEND323232323232323232.dll
2008-07-23 00:23 . 2008-07-23 00:23 122,880 --a------ C:\WINDOWS\SYSTEM32\cdosys323232323232323232.dll
2008-07-23 00:22 . 2008-07-23 00:22 122,880 --a------ C:\WINDOWS\SYSTEM32\cdoorhmr32323232323232323232.dll
2008-07-23 00:22 . 2008-07-23 00:22 122,880 --a------ C:\WINDOWS\SYSTEM32\BTHSERV32323232.dll
2008-07-23 00:21 . 2008-07-23 00:21 122,880 --a------ C:\WINDOWS\SYSTEM32\catsrvut32323232.dll
2008-07-23 00:20 . 2008-07-23 00:20 122,880 --a------ C:\WINDOWS\SYSTEM32\CDMODEM32323232323232323232.dll
2008-07-23 00:20 . 2008-07-23 00:20 122,880 --a------ C:\WINDOWS\SYSTEM32\blucjpcd3232.dll
2008-07-23 00:18 . 2008-07-23 00:18 122,880 --a------ C:\WINDOWS\SYSTEM32\cdosys3232323232323232.dll
2008-07-23 00:18 . 2008-07-23 00:18 122,880 --a------ C:\WINDOWS\SYSTEM32\blackbox323232.dll
2008-07-23 00:17 . 2008-07-23 00:17 122,880 --a------ C:\WINDOWS\SYSTEM32\CAPESNPN323232323232323232.dll
2008-07-23 00:16 . 2008-07-23 00:16 122,880 --a------ C:\WINDOWS\SYSTEM32\cdintf32323232323232.dll
2008-07-23 00:15 . 2008-07-23 00:15 122,880 --a------ C:\WINDOWS\SYSTEM32\cdosys32323232323232.dll
2008-07-23 00:15 . 2008-07-23 00:15 122,880 --a------ C:\WINDOWS\SYSTEM32\BTHSERV323232.dll
2008-07-23 00:14 . 2008-07-23 00:14 122,880 --a------ C:\WINDOWS\SYSTEM32\catsrv323232323232.dll
2008-07-23 00:13 . 2008-07-23 00:13 122,880 --a------ C:\WINDOWS\SYSTEM32\cdintf323232323232.dll
2008-07-23 00:13 . 2008-07-23 00:13 122,880 --a------ C:\WINDOWS\SYSTEM32\betggeje3232.dll
2008-07-23 00:12 . 2008-07-23 00:12 122,880 --a------ C:\WINDOWS\SYSTEM32\BITSPRX2323232.dll
2008-07-23 00:11 . 2008-07-23 00:11 122,880 --a------ C:\WINDOWS\SYSTEM32\CAMOCX32323232323232.dll
2008-07-23 00:10 . 2008-07-23 00:10 122,880 --a------ C:\WINDOWS\SYSTEM32\cdfview323232323232.dll
2008-07-23 00:10 . 2008-07-23 00:10 122,880 --a------ C:\WINDOWS\SYSTEM32\BATT32.dll
2008-07-23 00:09 . 2008-07-23 00:09 122,880 --a------ C:\WINDOWS\SYSTEM32\BROWSER3232.dll
2008-07-23 00:08 . 2008-07-23 00:08 122,880 --a------ C:\WINDOWS\SYSTEM32\CAMOCX323232323232.dll
2008-07-23 00:07 . 2008-07-23 00:07 122,880 --a------ C:\WINDOWS\SYSTEM32\cbXOhiGX3232323232323232323232.dll
2008-07-23 00:06 . 2008-07-23 00:06 122,880 --a------ C:\WINDOWS\SYSTEM32\cdm3232323232323232323232.dll
2008-07-23 00:05 . 2008-07-23 00:05 122,880 --a------ C:\WINDOWS\SYSTEM32\byturmqn32.dll
2008-07-23 00:04 . 2008-07-23 00:04 122,880 --a------ C:\WINDOWS\SYSTEM32\cbXOhiGX32323232323232323232.dll
2008-07-23 00:04 . 2008-07-23 00:04 122,880 --a------ C:\WINDOWS\SYSTEM32\avifile3232.dll
2008-07-23 00:02 . 2008-07-23 00:02 122,880 --a------ C:\WINDOWS\SYSTEM32\bkqkxada323232323232.dll
2008-07-23 00:01 . 2008-07-23 00:01 122,880 --a------ C:\WINDOWS\SYSTEM32\CAPESNPN3232323232323232.dll
2008-07-23 00:00 . 2008-07-23 00:00 122,880 --a------ C:\WINDOWS\SYSTEM32\cdintf3232323232.dll
2008-07-22 23:39 . 2008-07-22 23:39 122,880 --a------ C:\WINDOWS\SYSTEM32\clbcatq323232323232323232.dll
2008-07-22 23:36 . 2008-07-22 23:36 122,880 --a------ C:\WINDOWS\SYSTEM32\clbcatex32323232323232323232.dll
2008-07-22 23:25 . 2008-07-22 23:25 122,880 --a------ C:\WINDOWS\SYSTEM32\cdoorhmr323232323232323232.dll
2008-07-22 23:24 . 2008-07-22 23:24 122,880 --a------ C:\WINDOWS\SYSTEM32\CDMODEM323232323232323232.dll
2008-07-22 23:23 . 2008-07-22 23:23 122,880 --a------ C:\WINDOWS\SYSTEM32\cbxidked3232323232.dll
2008-07-22 23:22 . 2008-07-22 23:22 122,880 --a------ C:\WINDOWS\SYSTEM32\CATSRVPS323232.dll
2008-07-22 23:21 . 2008-07-22 23:21 122,880 --a------ C:\WINDOWS\SYSTEM32\capicom32323232.dll
2008-07-22 23:20 . 2008-07-22 23:20 122,880 --a------ C:\WINDOWS\SYSTEM32\cdm32323232323232323232.dll
2008-07-22 23:19 . 2008-07-22 23:19 122,880 --a------ C:\WINDOWS\SYSTEM32\CFGBKEND3232323232323232.dll
2008-07-22 23:18 . 2008-07-22 23:18 122,880 --a------ C:\WINDOWS\SYSTEM32\chuzwb323232323232323232.dll
2008-07-22 23:18 . 2008-07-22 23:18 122,880 --a------ C:\WINDOWS\SYSTEM32\CAMOCX3232323232.dll
2008-07-22 23:17 . 2008-07-22 23:17 122,880 --a------ C:\WINDOWS\SYSTEM32\cbXOhiGX323232323232323232.dll
2008-07-22 23:16 . 2008-07-22 23:16 122,880 --a------ C:\WINDOWS\SYSTEM32\cdm323232323232323232.dll
2008-07-22 23:15 . 2008-07-22 23:15 122,880 --a------ C:\WINDOWS\SYSTEM32\CFGMGR32323232323232.dll
2008-07-22 23:15 . 2008-07-22 23:15 122,880 --a------ C:\WINDOWS\SYSTEM32\bwpijnci3232.dll
2008-07-22 23:14 . 2008-07-22 23:14 122,880 --a------ C:\WINDOWS\SYSTEM32\catsrv3232323232.dll
2008-07-22 23:13 . 2008-07-22 23:13 122,880 --a------ C:\WINDOWS\SYSTEM32\CDMODEM3232323232323232.dll
2008-07-22 23:12 . 2008-07-22 23:12 122,880 --a------ C:\WINDOWS\SYSTEM32\CFGBKEND32323232323232.dll
2008-07-22 23:12 . 2008-07-22 23:12 122,880 --a------ C:\WINDOWS\SYSTEM32\BTPANUI3232.dll
2008-07-22 23:11 . 2008-07-22 23:11 122,880 --a------ C:\WINDOWS\SYSTEM32\cbxidked32323232.dll
2008-07-22 23:10 . 2008-07-22 23:10 122,880 --a------ C:\WINDOWS\SYSTEM32\CERTCLI323232323232.dll
2008-07-22 23:10 . 2008-07-22 23:10 122,880 --a------ C:\WINDOWS\SYSTEM32\BOOTVID3232.dll
2008-07-22 23:09 . 2008-07-22 23:09 122,880 --a------ C:\WINDOWS\SYSTEM32\catsrv32323232.dll
2008-07-22 23:08 . 2008-07-22 23:08 122,880 --a------ C:\WINDOWS\SYSTEM32\cdoorhmr3232323232323232.dll
2008-07-22 23:08 . 2008-07-22 23:08 122,880 --a------ C:\WINDOWS\SYSTEM32\AVWAV323232.dll
2008-07-22 23:07 . 2008-07-22 23:07 122,880 --a------ C:\WINDOWS\SYSTEM32\blackbox3232.dll
2008-07-22 23:06 . 2008-07-22 23:06 122,880 --a------ C:\WINDOWS\SYSTEM32\catsrv323232.dll
2008-07-22 23:05 . 2008-07-22 23:05 122,880 --a------ C:\WINDOWS\SYSTEM32\cdoorhmr32323232323232.dll
2008-07-22 23:05 . 2008-07-22 23:05 122,880 --a------ C:\WINDOWS\SYSTEM32\AVTAPI3232.dll
2008-07-22 23:04 . 2008-07-22 23:04 122,880 --a------ C:\WINDOWS\SYSTEM32\bkawkowc3232.dll
2008-07-22 23:03 . 2008-07-22 23:03 122,880 --a------ C:\WINDOWS\SYSTEM32\capicom323232.dll
2008-07-22 23:02 . 2008-07-22 23:02 122,880 --a------ C:\WINDOWS\SYSTEM32\cdm3232323232323232.dll
2008-07-22 23:01 . 2008-07-22 23:01 122,880 --a------ C:\WINDOWS\SYSTEM32\BTPANUI32.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-29 04:18 --------- d-----w C:\Program Files\Support.com
2008-06-30 23:34 --------- d-----w C:\Documents and Settings\Shana\Application Data\U3
2008-06-30 23:29 --------- d-----w C:\Documents and Settings\Shana\Application Data\Yahoo!
2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\SYSTEM32\mswsock.dll
2008-06-20 17:41 245,248 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\mswsock.dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dnsapi.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-06-20 10:44 138,368 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\tcpip6.sys
2008-06-17 22:52 --------- d-----w C:\Program Files\QuickTime
2008-06-17 22:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-17 22:49 --------- d-----w C:\Program Files\Kodak
2008-06-17 22:47 --------- d-----w C:\Program Files\Common Files\Kodak
2008-06-17 01:54 --------- d-----w C:\Program Files\Dl_cats
2008-06-16 22:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kodak
2008-05-16 16:58 12,632 ----a-w C:\WINDOWS\SYSTEM32\lsdelete.exe
2008-05-08 17:28 1,526,640 ----a-w C:\WINDOWS\is-3ASDG.tmp
2008-05-08 12:28 202,752 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\rmcast.sys
2008-05-07 05:18 1,287,680 ----a-w C:\WINDOWS\SYSTEM32\quartz.dll
2008-05-07 05:18 1,287,680 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\quartz.dll
2008-02-17 19:35 0 ----a-w C:\Documents and Settings\Shana\GoToAssistDownloadHelper.exe
2007-10-29 22:50 66,269 ----a-w C:\Program Files\INSTALL.LOG
.

((((((((((((((((((((((((((((( snapshot@2008-08-04_ 9.59.35.78 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-21 06:56:54 1,024,000 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\browseui.dll
+ 2008-04-21 06:56:54 151,040 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\cdfview.dll
+ 2008-04-21 06:56:55 1,054,208 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\danim.dll
+ 2008-04-21 06:56:55 357,888 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\dxtmsft.dll
+ 2008-04-21 06:56:55 205,312 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\dxtrans.dll
+ 2008-04-21 06:56:55 55,808 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\extmgr.dll
+ 2008-04-17 10:46:59 18,432 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\iedw.exe
+ 2008-04-21 06:56:56 251,904 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\iepeers.dll
+ 2008-04-21 06:56:56 96,256 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\inseng.dll
+ 2008-04-21 06:56:56 16,384 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\jsproxy.dll
+ 2008-04-21 06:56:57 3,066,880 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\mshtml.dll
+ 2008-04-21 06:56:57 449,024 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\mshtmled.dll
+ 2008-04-21 06:56:57 146,432 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\msrating.dll
+ 2008-04-21 06:56:58 532,480 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\mstime.dll
+ 2008-04-21 06:56:58 39,424 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\pngfilt.dll
+ 2008-04-21 06:56:58 1,499,136 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\shdocvw.dll
+ 2008-04-21 06:56:58 474,112 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\shlwapi.dll
+ 2008-04-21 06:56:58 618,496 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\urlmon.dll
+ 2008-04-21 06:56:59 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\wininet.dll
+ 2008-04-17 10:37:04 351,744 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\xpsp3res.dll
+ 2008-04-21 06:44:29 3,066,880 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP3GDR\mshtml.dll
+ 2008-04-21 06:44:29 666,112 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP3GDR\wininet.dll
+ 2008-04-21 06:24:01 3,067,392 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP3QFE\mshtml.dll
+ 2008-04-21 06:24:02 666,624 ----a-w C:\WINDOWS\$hf_mig$\KB950759\SP3QFE\wininet.dll
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB950759\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB950759\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950759\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB950759\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB950759\update\updspapi.dll
+ 2008-05-07 04:55:40 1,288,192 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP2QFE\quartz.dll
+ 2008-05-07 05:12:40 1,288,192 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3GDR\quartz.dll
+ 2008-05-07 05:04:15 1,288,192 ----a-w C:\WINDOWS\$hf_mig$\KB951698\SP3QFE\quartz.dll
+ 2007-11-30 11:18:51 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB951698\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB951698\update\updspapi.dll
+ 2006-08-16 12:08:32 100,352 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08 138,368 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:36:11 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:36:11 245,248 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42 360,960 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39 225,920 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:46:57 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:46:57 245,248 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12 361,600 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27 225,856 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:43:05 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:43:05 245,248 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02 361,600 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44 225,856 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\updspapi.dll
+ 2008-06-13 13:10:50 272,128 ------w C:\WINDOWS\Driver Cache\I386\bthport.sys
- 2008-02-16 08:59:34 1,023,488 ----a-w C:\WINDOWS\SYSTEM32\browseui.dll
+ 2008-04-21 07:03:56 1,023,488 ----a-w C:\WINDOWS\SYSTEM32\browseui.dll
- 2008-02-16 08:59:35 151,040 ----a-w C:\WINDOWS\SYSTEM32\cdfview.dll
+ 2008-04-21 07:03:56 151,040 ----a-w C:\WINDOWS\SYSTEM32\cdfview.dll
- 2008-02-16 08:59:35 1,054,208 ----a-w C:\WINDOWS\SYSTEM32\danim.dll
+ 2008-04-21 07:03:57 1,054,208 ----a-w C:\WINDOWS\SYSTEM32\danim.dll
- 2008-02-16 08:59:34 1,023,488 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\browseui.dll
+ 2008-04-21 07:03:56 1,023,488 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\browseui.dll
- 2008-02-16 08:59:35 151,040 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\cdfview.dll
+ 2008-04-21 07:03:56 151,040 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\cdfview.dll
- 2008-02-16 08:59:35 1,054,208 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\danim.dll
+ 2008-04-21 07:03:57 1,054,208 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\danim.dll
- 2008-02-16 08:59:35 357,888 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dxtmsft.dll
+ 2008-04-21 07:03:57 357,888 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dxtmsft.dll
- 2008-02-16 08:59:35 205,312 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dxtrans.dll
+ 2008-04-21 07:03:57 205,312 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dxtrans.dll
- 2008-02-16 08:59:35 55,808 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\extmgr.dll
+ 2008-04-21 07:03:57 55,808 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\extmgr.dll
- 2008-02-15 09:23:37 18,432 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\iedw.exe
+ 2008-04-17 10:52:54 18,432 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\iedw.exe
- 2008-02-16 08:59:35 251,392 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\iepeers.dll
+ 2008-04-21 07:03:58 251,392 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\iepeers.dll
- 2008-02-16 08:59:35 96,256 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\inseng.dll
+ 2008-04-21 07:03:58 96,256 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\inseng.dll
- 2008-02-16 08:59:35 16,384 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\jsproxy.dll
+ 2008-04-21 07:03:58 16,384 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\jsproxy.dll
- 2008-02-16 22:29:38 3,059,712 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtml.dll
+ 2008-04-21 07:03:59 3,059,712 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtml.dll
- 2008-02-16 08:59:37 449,024 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtmled.dll
+ 2008-04-21 07:03:59 449,024 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtmled.dll
- 2008-02-16 08:59:37 146,432 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msrating.dll
+ 2008-04-21 07:03:59 146,432 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msrating.dll
- 2008-02-16 08:59:37 532,480 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mstime.dll
+ 2008-04-21 07:03:59 532,480 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mstime.dll
- 2008-02-16 08:59:37 39,424 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\pngfilt.dll
+ 2008-04-21 07:03:59 39,424 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\pngfilt.dll
- 2008-02-16 08:59:38 1,494,528 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\shdocvw.dll
+ 2008-04-21 07:04:00 1,494,528 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\shdocvw.dll
- 2008-02-16 08:59:38 474,112 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\shlwapi.dll
+ 2008-04-21 07:04:00 474,112 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\shlwapi.dll
- 2008-02-16 08:59:38 615,936 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\urlmon.dll
+ 2008-04-21 07:04:00 615,936 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\urlmon.dll
- 2008-02-16 08:59:39 659,456 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\wininet.dll
+ 2008-04-21 07:04:00 659,456 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\wininet.dll
- 2008-02-20 05:32:43 148,992 ----a-w C:\WINDOWS\SYSTEM32\dnsapi.dll
+ 2008-06-20 17:41:10 148,992 ----a-w C:\WINDOWS\SYSTEM32\dnsapi.dll
- 2006-07-13 08:48:58 202,240 ----a-w C:\WINDOWS\SYSTEM32\DRIVERS\rmcast.sys
+ 2008-05-08 12:28:49 202,752 ----a-w C:\WINDOWS\SYSTEM32\DRIVERS\rmcast.sys
- 2008-02-16 08:59:35 357,888 ----a-w C:\WINDOWS\SYSTEM32\dxtmsft.dll
+ 2008-04-21 07:03:57 357,888 ----a-w C:\WINDOWS\SYSTEM32\dxtmsft.dll
- 2008-02-16 08:59:35 205,312 ----a-w C:\WINDOWS\SYSTEM32\dxtrans.dll
+ 2008-04-21 07:03:57 205,312 ----a-w C:\WINDOWS\SYSTEM32\dxtrans.dll
- 2008-02-16 08:59:35 55,808 ----a-w C:\WINDOWS\SYSTEM32\extmgr.dll
+ 2008-04-21 07:03:57 55,808 ----a-w C:\WINDOWS\SYSTEM32\extmgr.dll
- 2008-02-16 08:59:35 251,392 ----a-w C:\WINDOWS\SYSTEM32\iepeers.dll
+ 2008-04-21 07:03:58 251,392 ----a-w C:\WINDOWS\SYSTEM32\iepeers.dll
- 2008-02-16 08:59:35 96,256 ----a-w C:\WINDOWS\SYSTEM32\inseng.dll
+ 2008-04-21 07:03:58 96,256 ----a-w C:\WINDOWS\SYSTEM32\inseng.dll
- 2008-02-16 08:59:35 16,384 ----a-w C:\WINDOWS\SYSTEM32\jsproxy.dll
+ 2008-04-21 07:03:58 16,384 ----a-w C:\WINDOWS\SYSTEM32\jsproxy.dll
- 2008-02-16 22:29:38 3,059,712 ----a-w C:\WINDOWS\SYSTEM32\mshtml.dll
+ 2008-04-21 07:03:59 3,059,712 ----a-w C:\WINDOWS\SYSTEM32\mshtml.dll
- 2008-02-16 08:59:37 449,024 ----a-w C:\WINDOWS\SYSTEM32\mshtmled.dll
+ 2008-04-21 07:03:59 449,024 ----a-w C:\WINDOWS\SYSTEM32\mshtmled.dll
- 2008-02-16 08:59:37 146,432 ----a-w C:\WINDOWS\SYSTEM32\msrating.dll
+ 2008-04-21 07:03:59 146,432 ----a-w C:\WINDOWS\SYSTEM32\msrating.dll
- 2008-02-16 08:59:37 532,480 ----a-w C:\WINDOWS\SYSTEM32\mstime.dll
+ 2008-04-21 07:03:59 532,480 ----a-w C:\WINDOWS\SYSTEM32\mstime.dll
- 2008-02-16 08:59:37 39,424 ----a-w C:\WINDOWS\SYSTEM32\pngfilt.dll
+ 2008-04-21 07:03:59 39,424 ----a-w C:\WINDOWS\SYSTEM32\pngfilt.dll
- 2008-02-16 08:59:38 1,494,528 ----a-w C:\WINDOWS\SYSTEM32\shdocvw.dll
+ 2008-04-21 07:04:00 1,494,528 ----a-w C:\WINDOWS\SYSTEM32\shdocvw.dll
- 2008-02-16 08:59:38 474,112 ----a-w C:\WINDOWS\SYSTEM32\shlwapi.dll
+ 2008-04-21 07:04:00 474,112 ----a-w C:\WINDOWS\SYSTEM32\shlwapi.dll
- 2006-09-25 23:58:48 14,640 ------w C:\WINDOWS\SYSTEM32\spmsg.dll
+ 2007-11-30 11:18:51 17,272 ------w C:\WINDOWS\SYSTEM32\spmsg.dll
- 2008-02-16 08:59:38 615,936 ----a-w C:\WINDOWS\SYSTEM32\urlmon.dll
+ 2008-04-21 07:04:00 615,936 ----a-w C:\WINDOWS\SYSTEM32\urlmon.dll
- 2008-02-16 08:59:39 659,456 ----a-w C:\WINDOWS\SYSTEM32\wininet.dll
+ 2008-04-21 07:04:00 659,456 ----a-w C:\WINDOWS\SYSTEM32\wininet.dll
- 2008-02-15 09:06:21 351,744 ----a-w C:\WINDOWS\SYSTEM32\xpsp3res.dll
+ 2008-04-17 10:37:04 351,744 ----a-w C:\WINDOWS\SYSTEM32\xpsp3res.dll
+ 2008-08-05 05:45:39 16,384 ----atw C:\WINDOWS\temp\Perflib_Perfdata_680.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 05:00 15360]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 17:43 4670704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DLBTCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll" [2004-11-09 16:41 69632]
"MCUpdateExe"="c:\PROGRA~1\mcafee.com\agent\McUpdate.exe" [2006-01-11 13:05 212992]
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\McAgent.exe" [2005-09-22 19:29 303104]
"MMTray"="C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [2006-01-17 13:03 135168]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 15:57 282624]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 09:38 78008]
"HelpCenter4.1"="C:\Program Files\FastAccessDSL\HelpCenter43\bin\sprtcmd.exe" [2008-06-18 00:13 198184]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2008-02-01 15:32 8699904]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Kodak EasyShare software.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2007-02-20 05:10:26 282624]
KODAK Software Updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2004-02-13 14:12:08 16423]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 10:13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2008-02-17 14:37 10792 C:\Program Files\Citrix\GoToAssist\480\g2awinlogon.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]
backup=C:\WINDOWS\pss\America Online 9.0 Tray Icon.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
backup=C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]
backup=C:\WINDOWS\pss\QuickBooks Update Agent.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Run Nintendo Wi-Fi USB Connector Registration Tool.lnk]
backup=C:\WINDOWS\pss\Run Nintendo Wi-Fi USB Connector Registration Tool.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Shana^Start Menu^Programs^Startup^DW_Start.lnk]
backup=C:\WINDOWS\pss\DW_Start.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pure Networks Port Magic

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BellSouthAlertManager.exe]
--a------ 2007-01-28 12:14 2061816 C:\Program Files\BellSouth\AM\BellSouthAlertManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-04 05:00 15360 C:\WINDOWS\SYSTEM32\CTFMON.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Photo AIO Printer 922]
--a------ 2004-11-10 14:36 290816 C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
--a------ 2007-03-15 11:09 460784 C:\Program Files\DellSupport\DSAgnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellTransferAgent]
--a------ 2007-11-13 16:46 135168 C:\Documents and Settings\All Users\Application Data\Dell\TransferAgent\TransferAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
--a------ 2004-12-06 01:05 127035 C:\WINDOWS\SYSTEM32\dla\tfswctrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
--a------ 2004-08-20 15:51 118784 C:\WINDOWS\SYSTEM32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
--a------ 2004-08-20 15:55 155648 C:\WINDOWS\SYSTEM32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCAgentExe]
--a------ 2005-09-22 19:29 303104 c:\PROGRA~1\McAfee.com\Agent\mcagent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MCUpdateExe]
--a------ 2006-01-11 13:05 212992 C:\PROGRA~1\McAfee.com\Agent\mcupdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
--a------ 2006-01-17 13:03 53248 C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mmtask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]
--a------ 2006-01-17 13:03 135168 C:\Program Files\MUSICMATCH\Musicmatch Jukebox\mm_tray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPFExe]
--a------ 2004-08-22 15:31 1327104 C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM]
--a------ 2008-02-01 15:32 8699904 C:\Program Files\MySpace\IM\MySpaceIM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2006-09-01 15:57 282624 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
--a------ 2005-04-04 21:18 26112 C:\Program Files\Real\RealPlayer\realplay.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2006-07-26 04:03 49263 C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
--a------ 2004-01-07 01:01 110592 C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online]
--a------ 2004-08-17 16:55 180224 c:\PROGRA~1\McAfee.com\VSO\mcvsshld.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VSOCheckTask]
--a------ 2004-07-01 15:15 139264 c:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 2007-08-30 17:43 4670704 C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"C:\\StubInstaller.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\WiFiConnector\\NintendoWFCReg.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 09:35]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 09:37]
S3 GoToAssist;GoToAssist;C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe Start=service []
S3 xbreader;ActionReplay XBox Driver (xbreader.sys);C:\WINDOWS\system32\Drivers\xbreader.sys [2001-01-02 16:53]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\Shell\AutoRun\command - E:\LaunchU3.exe
.
Contents of the 'Scheduled Tasks' folder

2006-06-20 C:\WINDOWS\Tasks\ISP signup reminder 1.job
- C:\WINDOWS\system32\OOBE\OOBEBALN.EXE [2004-08-04 05:00]

2008-07-19 C:\WINDOWS\Tasks\McAfee.com Scan for Viruses - My Computer (DJ912771-Shana).job
- c:\program files\mcafee.com\vso\mcmnhdlr.exe [2004-07-01 15:15]
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-05 00:46:18
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
F:\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\McAfee.com\Agent\Mcdetect.exe
C:\PROGRA~1\McAfee.com\Agent\McTskshd.exe
C:\PROGRA~1\McAfee.com\VSO\mcvsrte.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe
C:\WINDOWS\SYSTEM32\FXSSVC.EXE
C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\McAfee.com\VSO\McShield.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
.
**************************************************************************
.
Completion time: 2008-08-05 0:51:57 - machine was rebooted [Shana]
ComboFix-quarantined-files.txt 2008-08-05 05:51:48
ComboFix2.txt 2008-08-04 15:01:40

Pre-Run: 61,670,133,760 bytes free
Post-Run: 61,120,843,776 bytes free

465 --- E O F --- 2008-08-04 15:04:00


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:26, on 2008-08-05
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
F:\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.com/
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: BellSouth Toolbar - {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - C:\PROGRA~1\BLSTOO~1\BLSTOO~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: BellSouth Toolbar - {4E7BD74F-2B8D-469E-8CBD-FD60BB9AAE2E} - C:\PROGRA~1\BLSTOO~1\BLSTOO~1.DLL
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [DLBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HelpCenter4.1] C:\Program Files\FastAccessDSL\HelpCenter43\bin\sprtcmd.exe /P HelpCenter4.1
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {1A595EDD-978A-48C7-B730-AF3B9CC64DAB} (DLManager Class) - http://63.251.81.180/component/VZWDLManager.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - F:\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

--
End of file - 7542 bytes

#12 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:01:48 AM

Posted 05 August 2008 - 03:09 AM

Hello Lizt,

It's very important you copy ComboFix.exe to your desktop, prior to running the CFScript !
Most of the malware wasn't taken out on the first run.

Can you do this last step over (dragging the CFScript to ComboFix), AFTER copying ComboFix to your desktop please ?

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#13 lizt

lizt
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:48 PM

Posted 05 August 2008 - 03:25 AM

Thunder, I don't understand. Combofix was already on my desktop and I dragged and dropped Cffix to it. Please explain what you mean by copying Combofix to the desktop.
Thanks,

#14 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:01:48 AM

Posted 05 August 2008 - 03:37 AM

Never mind, Lizt,

My mistake, I was looking at your first ComboFix run.

Please download the attached new CFScript to your desktop, and let's try again. :thumbsup:

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#15 lizt

lizt
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:48 PM

Posted 05 August 2008 - 03:49 AM

Thunder,
LOL, its ok, I have to get some sleep. Back in the morning.
lizt




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users