Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IE crashes, programs wont uninstall, windows freezes


  • This topic is locked This topic is locked
15 replies to this topic

#1 BBurdon

BBurdon

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:12 AM

Posted 19 October 2008 - 01:49 PM

When I go to IE and paste a URL, IE freezes and wont close. I cant uninstall my HP printer because it says that hpzcr01.exe has encountered an error and needs to close. Then it wants to send an error report. Windows will freeze up and crash when i click on IE or Firefox. It takes forever to start up and takes forever to load a program when i click an icon. It seems that all my RAM is being sucked up. I have 2GB of RAM on XP. Over all the CPU is running funny. Dont know what it is, if anything. Thought i would post and get an opinion, or if there is something wrong, a way to fix it. Thanks


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:42:27 PM, on 10/19/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\LVComS.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Linksys\WUSB54GSC\WLService.exe
C:\Program Files\Linksys\WUSB54GSC\WUSB54GSC.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1218388103750
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1218818586203
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: c:\windows\system32\iphlpapik.dll,avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: WUSB54GSC - GEMTEKS - C:\Program Files\Linksys\WUSB54GSC\WLService.exe

--
End of file - 6573 bytes

BC AdBot (Login to Remove)

 


m

#2 maranatha

maranatha

    Whats That !


  • Malware Response Team
  • 1,229 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Seattle Washington
  • Local time:09:12 PM

Posted 02 November 2008 - 01:56 PM

Hi BBurdon
Welcome to Bleeping Computer.
I'm maranatha and I will be handling your log to help you get cleaned up. I am a student here at BC so all my posts will be checked by one of our experts, so there may be a slight delay between posts.

Please do this.
  • Download RSIT by random/random and save it to your desktop.
  • Double click RSIT.exe to start the tool.
  • At the disclaimer, please use the drop down box to select 3 months for the file/folder search, then click Continue.
  • If prompted by your firewall to allow RSIT to access the internet, please allow it. It will be updating yourr version of HijackThis.
  • When the scan completes it will open a log named log.txt maximized, and a log named info.txt minimized.
  • Please post the contents of those logs here in your next reply.
Thanks
maranatha

Windows7 Professional 64 Bit

 

I'm going in the wrong direction to be in a hurry!


unite_mo.jpg


My help is always free, But I do accept donations.
Donate Here


#3 BBurdon

BBurdon
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:12 AM

Posted 04 November 2008 - 05:44 PM

Logfile of random's system information tool 1.04 (written by random/random)
Run by Brandon&Nicole at 2008-11-04 17:40:08
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 58 GB (76%) free of 76 GB
Total RAM: 2046 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:40:19 PM, on 11/4/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Linksys\WUSB54GSC\WLService.exe
C:\Program Files\Linksys\WUSB54GSC\WUSB54GSC.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Brandon&Nicole\Desktop\B's Stuff\Programs\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Brandon&Nicole.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1218388103750
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1218818586203
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: c:\windows\system32\iphlpapik.dll,avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: WUSB54GSC - GEMTEKS - C:\Program Files\Linksys\WUSB54GSC\WLService.exe

--
End of file - 5433 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-09-30 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 501400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WINDVDPatch"=C:\WINDOWS\system32\CTHELPER.EXE [2002-07-02 24576]
"CTStartup"=C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE [2001-12-20 28672]
"NvMediaCenter"=C:\WINDOWS\System32\NvMcTray.dll [2007-06-28 81920]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-10-01 1234712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
[]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\windows\system32\iphlpapik.dll,avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe"="C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe:*:Enabled:Java™ Platform SE binary"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Disabled:backWeb-8876480"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 3 months======

2008-11-04 17:40:08 ----D---- C:\rsit
2008-10-24 11:19:14 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-19 12:59:14 ----D---- C:\Program Files\Panda Security
2008-10-19 12:33:03 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\HP
2008-10-19 12:24:17 ----D---- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2008-10-16 06:38:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-16 06:38:24 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-16 06:38:18 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-16 06:23:40 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-15 18:09:49 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-11 12:53:47 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\InfraRecorder
2008-10-10 11:43:55 ----D---- C:\Program Files\Linksys
2008-10-10 11:43:43 ----A---- C:\WINDOWS\system32\WLAN.INI
2008-10-10 11:33:24 ----A---- C:\WINDOWS\system32\GTW32N50.dll
2008-10-05 16:55:52 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-10-03 18:29:31 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-10-03 18:29:24 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-10-03 17:16:09 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-10-03 17:16:09 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-10-03 17:16:04 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-09-30 18:15:20 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-09-30 18:15:08 ----D---- C:\Program Files\AVG
2008-09-30 18:15:08 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-09-30 17:17:15 ----D---- C:\Program Files\PC Tools AntiVirus
2008-09-27 09:49:32 ----D---- C:\Program Files\Trend Micro
2008-09-27 09:46:48 ----D---- C:\Program Files\WinZip
2008-09-25 14:34:45 ----D---- C:\Program Files\Common Files\Adobe
2008-09-25 14:34:45 ----D---- C:\Program Files\Adobe
2008-09-22 13:15:42 ----D---- C:\Program Files\directx
2008-09-22 13:13:40 ----D---- C:\Program Files\Common Files\Logitech
2008-09-22 13:13:35 ----A---- C:\WINDOWS\_delis32.ini
2008-09-22 13:13:17 ----D---- C:\Program Files\Logitech
2008-09-22 13:11:27 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2008-09-18 19:46:43 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-09-14 00:33:39 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\Apple Computer
2008-09-14 00:29:16 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-09-06 10:52:36 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\InstallShield
2008-09-06 10:51:51 ----A---- C:\WINDOWS\system32\SysRestore.dll
2008-09-06 10:51:51 ----A---- C:\WINDOWS\system32\ConTest.dll
2008-08-28 23:23:09 ----HDC---- C:\WINDOWS\ie8
2008-08-28 23:10:47 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2008-08-28 23:10:35 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2008-08-28 23:10:27 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2008-08-22 02:05:00 ----N---- C:\WINDOWS\system32\PrivacIE.dll
2008-08-21 05:05:54 ----D---- C:\WINDOWS\Sun
2008-08-20 16:20:59 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-08-20 16:20:55 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2008-08-20 16:20:47 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-08-20 16:20:43 ----D---- C:\Program Files\Windows Media Connect 2
2008-08-20 16:20:30 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-08-20 16:19:54 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-08-20 16:19:39 ----D---- C:\WINDOWS\system32\LogFiles
2008-08-20 16:19:32 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-08-17 14:41:11 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\MP3Rocket
2008-08-17 14:38:37 ----A---- C:\WINDOWS\system32\javaws.exe
2008-08-17 14:38:37 ----A---- C:\WINDOWS\system32\javaw.exe
2008-08-17 14:38:37 ----A---- C:\WINDOWS\system32\java.exe
2008-08-17 14:38:15 ----D---- C:\Program Files\Java
2008-08-17 14:38:12 ----D---- C:\Program Files\Common Files\Java
2008-08-17 14:38:04 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\Sun
2008-08-16 12:59:40 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\Malwarebytes
2008-08-16 12:59:37 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-16 12:31:30 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-08-16 12:31:21 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\SUPERAntiSpyware.com
2008-08-15 16:10:48 ----D---- C:\WINDOWS\ie7updates
2008-08-15 12:07:08 ----A---- C:\WINDOWS\system32\MSVCR71.dll
2008-08-15 12:07:08 ----A---- C:\WINDOWS\system32\MSVCP71.dll
2008-08-15 12:07:08 ----A---- C:\WINDOWS\system32\MFC71.dll
2008-08-15 12:07:06 ----D---- C:\Program Files\Alwil Software
2008-08-15 11:59:06 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-08-15 11:59:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-15 11:58:57 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-08-15 11:58:50 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2008-08-15 11:58:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-08-15 11:58:42 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-08-15 11:58:39 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-08-15 11:58:12 ----A---- C:\WINDOWS\system32\MRT.exe
2008-08-15 11:58:07 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-15 11:58:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-08-15 11:57:57 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-08-15 11:57:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-08-15 11:57:49 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-08-15 11:57:47 ----D---- C:\Program Files\MSXML 4.0
2008-08-15 11:57:40 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2008-08-15 11:57:32 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-08-15 11:55:41 ----D---- C:\WINDOWS\WBEM
2008-08-15 11:54:30 ----HDC---- C:\WINDOWS\ie7
2008-08-15 11:54:24 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-08-15 11:54:17 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-08-15 11:51:26 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-08-12 11:21:37 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\HPAppData
2008-08-10 16:10:20 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-08-10 14:37:03 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-08-10 14:35:24 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-08-10 14:35:18 ----D---- C:\Program Files\Windows Live
2008-08-10 14:35:10 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-08-10 14:34:30 ----A---- C:\YServer.txt
2008-08-10 14:33:58 ----D---- C:\Program Files\Yahoo!
2008-08-10 14:32:23 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-10 14:32:18 ----D---- C:\Program Files\Common Files\PC Tools
2008-08-10 14:31:50 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-08-10 14:31:50 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-10 14:30:39 ----D---- C:\Program Files\Lavasoft
2008-08-10 14:30:39 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-08-10 13:57:44 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\Macromedia
2008-08-10 13:57:43 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\Adobe
2008-08-10 13:55:17 ----N---- C:\WINDOWS\system32\vxblock.dll
2008-08-10 13:55:17 ----N---- C:\WINDOWS\system32\pxwave.dll
2008-08-10 13:55:17 ----N---- C:\WINDOWS\system32\pxsfs.dll
2008-08-10 13:55:17 ----N---- C:\WINDOWS\system32\pxmas.dll
2008-08-10 13:55:17 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2008-08-10 13:55:17 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2008-08-10 13:55:17 ----N---- C:\WINDOWS\system32\pxdrv.dll
2008-08-10 13:55:17 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2008-08-10 13:55:17 ----N---- C:\WINDOWS\system32\pxafs.dll
2008-08-10 13:55:17 ----N---- C:\WINDOWS\system32\px.dll
2008-08-10 13:54:36 ----D---- C:\Program Files\Winamp
2008-08-10 13:50:32 ----D---- C:\Documents and Settings\All Users\Application Data\WEBREG
2008-08-10 13:49:03 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2008-08-10 13:48:51 ----D---- C:\Program Files\Hewlett-Packard
2008-08-10 13:48:48 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2008-08-10 13:48:39 ----D---- C:\Program Files\Common Files\HP
2008-08-10 13:48:03 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-08-10 13:47:55 ----RA---- C:\WINDOWS\system32\hpzids01.dll
2008-08-10 13:47:55 ----A---- C:\WINDOWS\system32\hpz3l5mu.dll
2008-08-10 13:47:36 ----RA---- C:\WINDOWS\system32\hppldcoi.dll
2008-08-10 13:47:36 ----RA---- C:\WINDOWS\system32\hpowiax7.dll
2008-08-10 13:47:36 ----RA---- C:\WINDOWS\system32\hpovst15.dll
2008-08-10 13:47:36 ----RA---- C:\WINDOWS\system32\hpotscl6.dll
2008-08-10 13:47:36 ----RA---- C:\WINDOWS\system32\difxapi.dll
2008-08-10 13:46:17 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-08-10 13:45:53 ----D---- C:\Program Files\HP
2008-08-10 13:45:38 ----HD---- C:\Config.Msi
2008-08-10 13:41:16 ----A---- C:\WINDOWS\ODBC.INI
2008-08-10 13:41:12 ----A---- C:\WINDOWS\system32\mdimon.dll
2008-08-10 13:40:44 ----D---- C:\Program Files\Microsoft ActiveSync
2008-08-10 13:40:41 ----D---- C:\Program Files\Common Files\DESIGNER
2008-08-10 13:40:29 ----D---- C:\WINDOWS\SHELLNEW
2008-08-10 13:39:58 ----D---- C:\Program Files\Microsoft Office
2008-08-10 13:38:36 ----RHD---- C:\MSOCache
2008-08-10 13:30:26 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2008-08-10 13:29:10 ----A---- C:\WINDOWS\vuepro32.ini
2008-08-10 13:29:10 ----A---- C:\WINDOWS\vuepro32.exe
2008-08-10 13:16:35 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\Mozilla
2008-08-10 13:16:17 ----D---- C:\Program Files\Mozilla Firefox
2008-08-10 13:14:36 ----D---- C:\WINDOWS\Prefetch
2008-08-10 13:10:27 ----D---- C:\WINDOWS\system32\scripting
2008-08-10 13:10:27 ----D---- C:\WINDOWS\system32\en-us
2008-08-10 13:10:26 ----D---- C:\WINDOWS\system32\en
2008-08-10 13:10:26 ----D---- C:\WINDOWS\l2schemas
2008-08-10 13:07:08 ----D---- C:\WINDOWS\network diagnostic
2008-08-10 13:01:38 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2008-08-10 13:01:37 ----A---- C:\WINDOWS\system32\xmllite.dll
2008-08-10 13:01:35 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-08-10 13:01:33 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-08-10 13:01:32 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-08-10 13:01:32 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-08-10 13:01:31 ----N---- C:\WINDOWS\system32\verclsid.exe
2008-08-10 13:01:29 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-08-10 13:01:29 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-08-10 13:01:29 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-08-10 13:01:23 ----N---- C:\WINDOWS\system32\setupn.exe
2008-08-10 13:01:22 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-08-10 13:01:22 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-08-10 13:01:22 ----N---- C:\WINDOWS\system32\qutil.dll
2008-08-10 13:01:21 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-08-10 13:01:21 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-08-10 13:01:21 ----N---- C:\WINDOWS\system32\qagent.dll
2008-08-10 13:01:20 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-08-10 13:01:19 ----N---- C:\WINDOWS\system32\onex.dll
2008-08-10 13:01:16 ----N---- C:\WINDOWS\system32\napstat.exe
2008-08-10 13:01:16 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-08-10 13:01:16 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-08-10 13:01:15 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-08-10 13:01:15 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-08-10 13:01:14 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-08-10 13:01:14 ----N---- C:\WINDOWS\system32\mssha.dll
2008-08-10 13:01:09 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-08-10 13:01:09 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-08-10 13:01:09 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-08-10 13:01:09 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-08-10 13:01:04 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-08-10 13:01:04 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-08-10 13:01:04 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-08-10 13:01:04 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-08-10 13:01:04 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-08-10 13:01:04 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-08-10 13:01:00 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-08-10 13:01:00 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-08-10 13:01:00 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-08-10 13:01:00 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-08-10 13:01:00 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-08-10 13:01:00 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-08-10 13:01:00 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-08-10 13:01:00 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-08-10 13:01:00 ----A---- C:\WINDOWS\004992_.tmp
2008-08-10 13:00:58 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-08-10 13:00:58 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-08-10 13:00:58 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-08-10 13:00:58 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-08-10 13:00:58 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-08-10 13:00:58 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-08-10 13:00:58 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-08-10 13:00:58 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-08-10 13:00:58 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-08-10 13:00:58 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-08-10 13:00:57 ----N---- C:\WINDOWS\system32\credssp.dll
2008-08-10 13:00:53 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-08-10 13:00:53 ----N---- C:\WINDOWS\system32\azroles.dll
2008-08-10 13:00:52 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-08-10 12:33:02 ----D---- C:\WINDOWS\provisioning
2008-08-10 12:33:02 ----D---- C:\WINDOWS\peernet
2008-08-10 12:32:11 ----D---- C:\WINDOWS\ServicePackFiles
2008-08-10 12:28:40 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-08-10 12:28:39 ----D---- C:\WINDOWS\EHome
2008-08-10 12:27:22 ----N---- C:\WINDOWS\system32\spnpinst.exe
2008-08-10 12:22:27 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-08-10 12:19:02 ----D---- C:\WINDOWS\system32\PreInstall
2008-08-10 12:19:00 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-08-10 12:18:59 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-08-10 12:18:59 ----HD---- C:\WINDOWS\$hf_mig$
2008-08-10 12:18:40 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2008-08-10 12:18:21 ----D---- C:\WINDOWS\system32\bits
2008-08-10 12:18:14 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$
2008-08-10 12:17:58 ----N---- C:\WINDOWS\system32\xpob2res.dll
2008-08-10 12:17:58 ----N---- C:\WINDOWS\system32\bitsprx3.dll
2008-08-10 12:17:58 ----N---- C:\WINDOWS\system32\bitsprx2.dll
2008-08-10 12:17:58 ----A---- C:\WINDOWS\system32\winhttp.dll
2008-08-10 12:17:58 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-08-10 12:08:54 ----A---- C:\WINDOWS\system32\wups2.dll
2008-08-10 12:08:54 ----A---- C:\WINDOWS\system32\wups.dll
2008-08-10 12:08:54 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-08-10 12:08:54 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-08-10 12:08:54 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-08-10 12:08:54 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-08-10 12:08:54 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-08-10 12:08:34 ----D---- C:\WINDOWS\SoftwareDistribution
2008-08-10 12:04:34 ----A---- C:\WINDOWS\{00000001-00000000-00000006-00001102-00000002-80651102}.BAK
2008-08-10 12:02:59 ----SD---- C:\WINDOWS\system32\Microsoft
2008-08-10 12:01:07 ----D---- C:\WINDOWS\nview
2008-08-10 12:01:07 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-08-10 12:00:09 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-08-10 11:59:32 ----D---- C:\WINDOWS\RegisteredPackages
2008-08-10 11:59:06 ----A---- C:\WINDOWS\system32\wstdecod.dll
2008-08-10 11:59:06 ----A---- C:\WINDOWS\system32\psisdecd.dll
2008-08-10 11:59:06 ----A---- C:\WINDOWS\system32\msyuv.dll
2008-08-10 11:59:05 ----A---- C:\WINDOWS\system32\msvidctl.dll
2008-08-10 11:59:04 ----A---- C:\WINDOWS\system32\quartz.dll
2008-08-10 11:59:04 ----A---- C:\WINDOWS\system32\qedwipes.dll
2008-08-10 11:59:04 ----A---- C:\WINDOWS\system32\qedit.dll
2008-08-10 11:59:04 ----A---- C:\WINDOWS\system32\qdvd.dll
2008-08-10 11:59:04 ----A---- C:\WINDOWS\system32\qdv.dll
2008-08-10 11:59:04 ----A---- C:\WINDOWS\system32\qcap.dll
2008-08-10 11:59:04 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2008-08-10 11:59:04 ----A---- C:\WINDOWS\system32\msdmo.dll
2008-08-10 11:59:04 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\mciqtz32.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\encapi.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\dxdiag.exe
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\dswave.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\dmusic.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\dmsynth.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\dmstyle.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\dmscript.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\dmloader.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\dmime.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\dmcompos.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\dmband.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\devenum.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\d3d9.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\d3d8.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\amstream.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dx8vb.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dx7vb.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dsound3d.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dsound.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dsdmo.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpvvox.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpvoice.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpvacm.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpnet.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpmodemx.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dplayx.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\ddrawex.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\ddraw.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\d3dim700.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2008-08-10 11:57:36 ----N---- C:\WINDOWS\UNMRW.exe
2008-08-10 11:56:55 ----N---- C:\WINDOWS\NuNinst.exe
2008-08-10 11:56:27 ----A---- C:\WINDOWS\system32\wmvdmod.dll
2008-08-10 11:56:27 ----A---- C:\WINDOWS\system32\WMSPDMOD.dll
2008-08-10 11:56:27 ----A---- C:\WINDOWS\system32\MPG4DMOD.dll
2008-08-10 11:56:27 ----A---- C:\WINDOWS\system32\MP4SDMOD.dll
2008-08-10 11:56:27 ----A---- C:\WINDOWS\system32\MP43DMOD.dll
2008-08-10 11:56:26 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll
2008-08-10 11:56:26 ----A---- C:\WINDOWS\system32\WMSPDMOE.dll
2008-08-10 11:56:26 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll
2008-08-10 11:56:26 ----A---- C:\WINDOWS\system32\wmsdmod.dll
2008-08-10 11:56:26 ----A---- C:\WINDOWS\system32\WMNetMgr.dll
2008-08-10 11:56:26 ----A---- C:\WINDOWS\system32\WMADMOE.dll
2008-08-10 11:56:26 ----A---- C:\WINDOWS\system32\WMADMOD.dll
2008-08-10 11:56:26 ----A---- C:\WINDOWS\system32\qasf.dll
2008-08-10 11:56:26 ----A---- C:\WINDOWS\system32\logagent.exe
2008-08-10 11:56:26 ----A---- C:\WINDOWS\system32\LAPRXY.dll
2008-08-10 11:56:25 ----A---- C:\WINDOWS\system32\wmvcore.dll
2008-08-10 11:56:25 ----A---- C:\WINDOWS\system32\wmidx.dll
2008-08-10 11:56:25 ----A---- C:\WINDOWS\system32\wmasf.dll
2008-08-10 11:56:25 ----A---- C:\WINDOWS\system32\msnetobj.dll
2008-08-10 11:56:25 ----A---- C:\WINDOWS\system32\drmv2clt.dll
2008-08-10 11:56:25 ----A---- C:\WINDOWS\system32\drmstor.dll
2008-08-10 11:56:25 ----A---- C:\WINDOWS\system32\blackbox.dll
2008-08-10 11:56:24 ----A---- C:\WINDOWS\system32\drmclien.dll
2008-08-10 11:55:52 ----D---- C:\Program Files\Ahead
2008-08-10 11:53:53 ----SHD---- C:\RECYCLER
2008-08-10 11:53:13 ----A---- C:\WINDOWS\SBWIN.INI
2008-08-10 11:53:05 ----A---- C:\WINDOWS\IsUninst.exe
2008-08-10 11:53:04 ----N---- C:\WINDOWS\Updreg.EXE
2008-08-10 11:53:03 ----N---- C:\WINDOWS\system32\SFCVRT32.DLL
2008-08-10 11:53:03 ----N---- C:\WINDOWS\system32\MFCUIA32.DLL
2008-08-10 11:53:03 ----N---- C:\WINDOWS\system32\MFCANS32.DLL
2008-08-10 11:53:03 ----N---- C:\WINDOWS\system32\INETWH32.DLL
2008-08-10 11:53:03 ----N---- C:\WINDOWS\system32\CTWFLT32.DLL
2008-08-10 11:53:03 ----N---- C:\WINDOWS\CTRES.DLL
2008-08-10 11:53:03 ----N---- C:\WINDOWS\CTCCW.DLL
2008-08-10 11:53:03 ----N---- C:\WINDOWS\AC3API.INI
2008-08-10 11:53:02 ----N---- C:\WINDOWS\system32\CTL3D.DLL
2008-08-10 11:53:01 ----D---- C:\WINDOWS\system32\Defaults
2008-08-10 11:52:56 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-08-10 11:52:30 ----D---- C:\WINDOWS\system32\Data
2008-08-10 11:52:30 ----A---- C:\WINDOWS\system32\Emu10kx.ini
2008-08-10 11:52:30 ----A---- C:\WINDOWS\system32\ctzapxx.ini
2008-08-10 11:52:30 ----A---- C:\WINDOWS\INRES.DLL
2008-08-10 11:52:26 ----A---- C:\WINDOWS\system32\sfman32.dll
2008-08-10 11:52:24 ----A---- C:\WINDOWS\system32\a3d.dll
2008-08-10 11:52:19 ----A---- C:\WINDOWS\CTDCRES.DLL
2008-08-10 11:52:18 ----A---- C:\WINDOWS\system32\SFMS32.DLL
2008-08-10 11:52:18 ----A---- C:\WINDOWS\system32\REGPLIB.EXE
2008-08-10 11:52:18 ----A---- C:\WINDOWS\system32\PIAPROXY.DLL
2008-08-10 11:52:18 ----A---- C:\WINDOWS\system32\OPENAL32.DLL
2008-08-10 11:52:18 ----A---- C:\WINDOWS\system32\KILLAPPS.EXE
2008-08-10 11:52:18 ----A---- C:\WINDOWS\system32\KILL.INI
2008-08-10 11:52:18 ----A---- C:\WINDOWS\system32\EAXAC3.DLL
2008-08-10 11:52:18 ----A---- C:\WINDOWS\READREG.EXE
2008-08-10 11:52:18 ----A---- C:\WINDOWS\PSCONV.EXE
2008-08-10 11:52:18 ----A---- C:\WINDOWS\MIDIDEF.EXE
2008-08-10 11:52:18 ----A---- C:\WINDOWS\DEVREG.DLL
2008-08-10 11:52:17 ----A---- C:\WINDOWS\system32\CTSPKHLP.DLL
2008-08-10 11:52:17 ----A---- C:\WINDOWS\system32\CTSBLFX.DLL
2008-08-10 11:52:17 ----A---- C:\WINDOWS\system32\CTOSUSER.DLL
2008-08-10 11:52:17 ----A---- C:\WINDOWS\system32\CTHELPER.EXE
2008-08-10 11:52:17 ----A---- C:\WINDOWS\system32\CTEMUPIA.DLL
2008-08-10 11:52:14 ----A---- C:\WINDOWS\system32\CTDPROXY.DLL
2008-08-10 11:52:14 ----A---- C:\WINDOWS\system32\CTDEVCON.DLL
2008-08-10 11:52:14 ----A---- C:\WINDOWS\system32\CTASIO.DLL
2008-08-10 11:52:14 ----A---- C:\WINDOWS\system32\CTAGENT.DLL
2008-08-10 11:52:13 ----A---- C:\WINDOWS\system32\COMMONFX.DLL
2008-08-10 11:52:13 ----A---- C:\WINDOWS\system32\AC3API.DLL
2008-08-10 11:51:57 ----HD---- C:\Program Files\InstallShield Installation Information
2008-08-10 11:50:29 ----N---- C:\WINDOWS\CTRegRun.exe
2008-08-10 11:50:24 ----D---- C:\Program Files\Creative
2008-08-10 11:50:21 ----D---- C:\Program Files\Common Files\InstallShield
2008-08-10 11:50:17 ----A---- C:\WINDOWS\system32\wpa.bak
2008-08-10 11:48:02 ----SHD---- C:\WINDOWS\Installer
2008-08-10 11:48:00 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\Identities
2008-08-10 11:47:56 ----HD---- C:\Program Files\Uninstall Information
2008-08-10 11:47:54 ----ASH---- C:\Documents and Settings\Brandon&Nicole\Application Data\desktop.ini
2008-08-10 11:47:53 ----SD---- C:\Documents and Settings\Brandon&Nicole\Application Data\Microsoft
2008-08-10 11:46:17 ----SHD---- C:\System Volume Information
2008-08-10 11:46:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-08-10 11:43:51 ----D---- C:\WINDOWS\system32\xircom
2008-08-10 11:43:51 ----D---- C:\Program Files\xerox
2008-08-10 11:43:51 ----D---- C:\Program Files\microsoft frontpage
2008-08-10 11:43:43 ----A---- C:\WINDOWS\control.ini
2008-08-10 11:43:43 ----A---- C:\AUTOEXEC.BAT
2008-08-10 11:43:38 ----A---- C:\WINDOWS\OEWABLog.txt
2008-08-10 11:43:35 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-08-10 11:42:58 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-08-10 11:42:58 ----RD---- C:\WINDOWS\Offline Web Pages
2008-08-10 11:42:58 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-08-10 11:42:54 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-08-10 11:42:36 ----D---- C:\WINDOWS\system32\DirectX
2008-08-10 11:42:18 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-08-10 11:42:18 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-08-10 11:42:18 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-08-10 11:42:18 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-08-10 11:42:18 ----A---- C:\WINDOWS\system32\atrace.dll
2008-08-10 11:42:16 ----A---- C:\WINDOWS\system32\desktop.ini
2008-08-10 11:42:16 ----A---- C:\WINDOWS\desktop.ini
2008-08-10 11:42:10 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-08-10 11:42:10 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-08-10 11:42:10 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-08-10 11:42:09 ----D---- C:\Program Files\Common Files\Services
2008-08-10 11:42:09 ----A---- C:\WINDOWS\system32\acctres.dll
2008-08-10 11:42:08 ----A---- C:\WINDOWS\system32\inetres.dll
2008-08-10 11:42:06 ----SD---- C:\WINDOWS\Tasks
2008-08-10 11:42:06 ----A---- C:\WINDOWS\system32\isign32.dll
2008-08-10 11:42:06 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-08-10 11:42:06 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-08-10 11:42:05 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-08-10 11:42:05 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-08-10 11:42:04 ----D---- C:\Program Files\Common Files\MSSoap
2008-08-10 11:42:01 ----D---- C:\WINDOWS\srchasst
2008-08-10 11:42:00 ----D---- C:\WINDOWS\system32\Macromed
2008-08-10 11:42:00 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-08-10 11:41:59 ----D---- C:\Program Files\Movie Maker
2008-08-10 11:41:57 ----D---- C:\WINDOWS\PCHealth
2008-08-10 11:41:56 ----D---- C:\WINDOWS\system32\Restore
2008-08-10 11:41:56 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-08-10 11:41:56 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-08-10 11:41:56 ----A---- C:\WINDOWS\system32\srclient.dll
2008-08-10 11:41:56 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-08-10 11:41:56 ----A---- C:\WINDOWS\system32\msconf.dll
2008-08-10 11:41:56 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-08-10 11:41:56 ----A---- C:\WINDOWS\system32\ils.dll
2008-08-10 11:41:54 ----D---- C:\Program Files\NetMeeting
2008-08-10 11:41:54 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-08-10 11:41:54 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-08-10 11:41:53 ----D---- C:\Program Files\Outlook Express
2008-08-10 11:41:53 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-08-10 11:41:53 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-08-10 11:41:53 ----A---- C:\WINDOWS\system32\mstask.dll
2008-08-10 11:41:53 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-08-10 11:41:51 ----D---- C:\Program Files\Common Files\System
2008-08-10 11:41:48 ----D---- C:\Program Files\Internet Explorer
2008-08-10 11:41:36 ----D---- C:\Program Files\ComPlus Applications
2008-08-10 11:41:34 ----A---- C:\WINDOWS\vbaddin.ini
2008-08-10 11:41:34 ----A---- C:\WINDOWS\vb.ini
2008-08-10 11:41:31 ----D---- C:\WINDOWS\Registration
2008-08-10 11:41:11 ----HD---- C:\Program Files\WindowsUpdate
2008-08-10 11:41:10 ----D---- C:\Program Files\Windows Media Player
2008-08-10 11:41:06 ----D---- C:\Program Files\Messenger
2008-08-10 11:41:02 ----D---- C:\Program Files\MSN Gaming Zone
2008-08-10 11:41:02 ----A---- C:\WINDOWS\system32\write.exe
2008-08-10 11:40:56 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-08-10 11:40:56 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-08-10 11:40:56 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-08-10 11:40:56 ----A---- C:\WINDOWS\system32\hticons.dll
2008-08-10 11:40:56 ----A---- C:\WINDOWS\system32\avwav.dll
2008-08-10 11:40:56 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-08-10 11:40:56 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-08-10 11:40:55 ----A---- C:\WINDOWS\system32\winchat.exe
2008-08-10 11:40:55 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-08-10 11:40:50 ----A---- C:\WINDOWS\system32\winmine.exe
2008-08-10 11:40:50 ----A---- C:\WINDOWS\system32\sol.exe
2008-08-10 11:40:50 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-08-10 11:40:50 ----A---- C:\WINDOWS\system32\getuname.dll
2008-08-10 11:40:50 ----A---- C:\WINDOWS\system32\charmap.exe
2008-08-10 11:40:50 ----A---- C:\WINDOWS\system32\calc.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\tskill.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\tscon.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\shadow.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\reset.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\regini.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\freecell.exe
2008-08-10 11:40:48 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-08-10 11:40:48 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-08-10 11:40:48 ----A---- C:\WINDOWS\system32\msg.exe
2008-08-10 11:40:48 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-08-10 11:40:48 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-08-10 11:40:48 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-08-10 11:40:48 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-08-10 11:40:48 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-08-10 11:40:48 ----A---- C:\WINDOWS\system32\logoff.exe
2008-08-10 11:40:48 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-08-10 11:40:47 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-08-10 11:40:47 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-08-10 11:40:47 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-08-10 11:40:47 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-08-10 11:40:47 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-08-10 11:40:47 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-08-10 11:40:47 ----A---- C:\WINDOWS\system32\colbact.dll
2008-08-10 11:40:46 ----A---- C:\WINDOWS\system32\stclient.dll
2008-08-10 11:40:46 ----A---- C:\WINDOWS\system32\comuid.dll
2008-08-10 11:40:46 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-08-10 11:40:46 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-08-10 11:40:46 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-08-10 11:40:46 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-08-10 11:40:46 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-08-10 11:40:42 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-08-10 11:40:42 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-08-10 11:40:42 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-08-10 11:40:41 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-08-10 11:40:38 ----D---- C:\Program Files\Windows NT
2008-08-10 11:40:38 ----D---- C:\Program Files\MSN
2008-08-10 11:40:38 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-08-10 11:40:38 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-08-10 11:40:37 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-08-10 11:40:37 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-08-10 11:40:37 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-08-10 11:40:37 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-08-10 11:40:37 ----A---- C:\WINDOWS\system32\spider.exe
2008-08-10 11:40:37 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-08-10 11:40:37 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-08-10 11:40:35 ----D---- C:\WINDOWS\system32\MsDtc
2008-08-10 11:40:35 ----D---- C:\WINDOWS\system32\Com
2008-08-10 11:40:35 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-08-10 11:40:35 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-08-10 11:40:35 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-08-10 11:40:33 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-08-10 07:39:06 ----A---- C:\WINDOWS\system32\h323log.txt
2008-08-10 07:35:02 ----A---- C:\WINDOWS\system32\usbui.dll
2008-08-10 07:34:12 ----A---- C:\WINDOWS\imsins.BAK
2008-08-10 07:34:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-08-10 07:34:08 ----D---- C:\Program Files\Common Files\ODBC
2008-08-10 07:34:08 ----A---- C:\WINDOWS\ODBCINST.INI
2008-08-10 07:34:06 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-08-10 07:34:06 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-08-10 07:34:05 ----RD---- C:\Program Files
2008-08-10 07:34:05 ----D---- C:\Program Files\Common Files
2008-08-10 07:34:04 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-08-10 07:34:04 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-08-10 07:34:04 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-08-10 07:34:03 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-08-10 07:34:03 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-08-10 07:34:03 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-08-10 07:34:03 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-08-10 07:34:03 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-08-10 07:34:03 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-08-10 07:34:02 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-08-10 07:34:02 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-08-10 07:34:02 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-08-10 07:34:02 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-08-10 07:34:02 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-08-10 07:34:02 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-08-10 07:34:01 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-08-10 07:34:01 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-08-10 07:34:01 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-08-10 07:34:01 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-08-10 07:34:01 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-08-10 07:34:01 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-08-10 07:34:01 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-08-10 07:34:00 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-08-10 07:34:00 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-08-10 07:34:00 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-08-10 07:34:00 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-08-10 07:34:00 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-08-10 07:33:59 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-08-10 07:33:59 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-08-10 07:33:59 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-08-10 07:33:59 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-08-10 07:33:59 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-08-10 07:33:59 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-08-10 07:33:59 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-08-10 07:33:59 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-08-10 07:33:59 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-08-10 07:33:59 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-08-10 07:33:59 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-08-10 07:33:58 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-08-10 07:33:58 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-08-10 07:33:57 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-08-10 07:33:57 ----A---- C:\WINDOWS\system32\irclass.dll
2008-08-10 07:33:57 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-08-10 07:33:57 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-08-10 07:33:57 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-08-10 07:33:55 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-08-10 07:33:55 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-08-10 07:33:55 ----A---- C:\WINDOWS\system32\batt.dll
2008-08-10 07:33:55 ----A---- C:\WINDOWS\notepad.exe
2008-08-10 07:33:54 ----A---- C:\WINDOWS\system32\storprop.dll
2008-08-10 07:33:48 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-08-10 07:33:46 ----RA---- C:\WINDOWS\SET7.tmp
2008-08-10 07:33:44 ----RA---- C:\WINDOWS\SET3.tmp
2008-08-10 07:33:39 ----D---- C:\WINDOWS\system32\CatRoot2
2008-08-10 07:33:39 ----D---- C:\WINDOWS\system32\CatRoot
2008-08-10 07:33:34 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-08-10 07:33:24 ----A---- C:\WINDOWS\setuplog.txt
2008-08-10 07:33:19 ----D---- C:\Documents and Settings
2008-08-10 07:32:20 ----RASH---- C:\boot.ini
2008-08-10 07:29:48 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-08-10 07:29:48 ----RSD---- C:\WINDOWS\Fonts
2008-08-10 07:29:48 ----RD---- C:\WINDOWS\Web
2008-08-10 07:29:48 ----HD---- C:\WINDOWS\inf
2008-08-10 07:29:48 ----D---- C:\WINDOWS\WinSxS
2008-08-10 07:29:48 ----D---- C:\WINDOWS\twain_32
2008-08-10 07:29:48 ----D---- C:\WINDOWS\Temp
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\wins
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\wbem
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\usmt
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\spool
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\ShellExt
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\Setup
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\ras
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\oobe
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\npp
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\mui
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\inetsrv
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\IME
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\icsxml
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\ias
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\export
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\drivers
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\dhcp
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\config
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\3com_dmi
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\3076
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\2052
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\1054
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\1042
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\1041
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\1037
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\1033
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\1031
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\1028
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\1025
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system
2008-08-10 07:29:48 ----D---- C:\WINDOWS\security
2008-08-10 07:29:48 ----D---- C:\WINDOWS\Resources
2008-08-10 07:29:48 ----D---- C:\WINDOWS\repair
2008-08-10 07:29:48 ----D---- C:\WINDOWS\mui
2008-08-10 07:29:48 ----D---- C:\WINDOWS\msapps
2008-08-10 07:29:48 ----D---- C:\WINDOWS\msagent
2008-08-10 07:29:48 ----D---- C:\WINDOWS\Media
2008-08-10 07:29:48 ----D---- C:\WINDOWS\java
2008-08-10 07:29:48 ----D---- C:\WINDOWS\ime
2008-08-10 07:29:48 ----D---- C:\WINDOWS\Help
2008-08-10 07:29:48 ----D---- C:\WINDOWS\Driver Cache
2008-08-10 07:29:48 ----D---- C:\WINDOWS\Debug
2008-08-10 07:29:48 ----D---- C:\WINDOWS\Cursors
2008-08-10 07:29:48 ----D---- C:\WINDOWS\Connection Wizard
2008-08-10 07:29:48 ----D---- C:\WINDOWS\Config
2008-08-10 07:29:48 ----D---- C:\WINDOWS\AppPatch
2008-08-10 07:29:48 ----D---- C:\WINDOWS\addins
2008-08-10 07:29:48 ----D---- C:\WINDOWS
2008-08-05 16:55:38 ----A---- C:\WINDOWS\system32\msdbg2.dll

======List of files/folders modified in the last 3 months======

2008-10-16 06:37:58 ----A---- C:\WINDOWS\win.ini
2008-10-15 11:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-08-22 02:15:56 ----A---- C:\WINDOWS\system32\ieframe.dll.mui
2008-08-22 02:14:40 ----A---- C:\WINDOWS\system32\advpack.dll.mui
2008-08-22 02:10:34 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-08-22 02:09:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-22 02:08:22 ----A---- C:\WINDOWS\system32\WinFXDocObj.exe
2008-08-22 02:08:22 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-22 02:08:08 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-08-22 02:08:06 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-22 02:08:00 ----A---- C:\WINDOWS\system32\licmgr10.dll
2008-08-22 02:07:58 ----A---- C:\WINDOWS\system32\url.dll
2008-08-22 02:07:50 ----A---- C:\WINDOWS\system32\occache.dll
2008-08-22 02:07:50 ----A---- C:\WINDOWS\system32\msrating.dll
2008-08-22 02:07:08 ----A---- C:\WINDOWS\system32\corpol.dll
2008-08-22 02:06:58 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-08-22 02:06:44 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2008-08-22 02:06:40 ----A---- C:\WINDOWS\system32\ieaksie.dll
2008-08-22 02:06:36 ----A---- C:\WINDOWS\system32\vbscript.dll
2008-08-22 02:06:36 ----A---- C:\WINDOWS\system32\ieakeng.dll
2008-08-22 02:06:30 ----A---- C:\WINDOWS\system32\jscript.dll
2008-08-22 02:06:30 ----A---- C:\WINDOWS\system32\admparse.dll
2008-08-22 02:06:24 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-08-22 02:06:24 ----A---- C:\WINDOWS\system32\iesetup.dll
2008-08-22 02:06:24 ----A---- C:\WINDOWS\system32\ieakui.dll
2008-08-22 02:06:24 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2008-08-22 02:06:20 ----A---- C:\WINDOWS\system32\iernonce.dll
2008-08-22 02:06:16 ----A---- C:\WINDOWS\system32\inseng.dll
2008-08-22 02:06:16 ----A---- C:\WINDOWS\system32\advpack.dll
2008-08-22 02:06:02 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-08-22 02:05:48 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-08-22 02:05:34 ----A---- C:\WINDOWS\system32\mstime.dll
2008-08-22 02:05:24 ----A---- C:\WINDOWS\system32\iepeers.dll
2008-08-22 02:05:22 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2008-08-22 02:05:22 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-08-22 02:05:20 ----A---- C:\WINDOWS\system32\icardie.dll
2008-08-22 02:05:16 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-08-22 02:05:14 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-08-22 02:05:14 ----A---- C:\WINDOWS\system32\imgutil.dll
2008-08-22 02:05:10 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-08-22 02:05:08 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-08-22 02:05:00 ----A---- C:\WINDOWS\system32\mshtmler.dll
2008-08-22 02:04:54 ----A---- C:\WINDOWS\system32\mshta.exe
2008-08-22 01:58:12 ----A---- C:\WINDOWS\system32\ieui.dll
2008-08-22 01:57:56 ----A---- C:\WINDOWS\system32\msls31.dll
2008-08-22 01:42:22 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-08-14 05:09:26 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 04:33:16 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-10 12:30:40 ----RASH---- C:\NTDETECT.COM
2008-08-10 07:34:05 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-09-30 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-09-30 26824]
R1 incdrm;InCD EasyWrite Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2002-10-08 7582]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-10-10 17801]
R2 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-09-30 76040]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2002-07-18 127948]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2002-07-18 837548]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-07-18 11068]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2002-07-18 213860]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2002-07-18 156604]
R3 GTNDIS5;GTNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\GTNDIS5.SYS []
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2002-07-24 998004]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2007-06-28 6807328]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2002-07-18 195432]
R3 USB_RNDIS;Compact Wireless-G USB Network Adapter with SpeedBooster; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\System32\DRIVERS\AN983.sys [2002-08-28 36224]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ctljystk;Creative SBLive! Gameport; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-10-30 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-10-30 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-10-30 21568]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 BsUDF;InCD UDF Driver; C:\WINDOWS\system32\drivers\BsUDF.sys [2003-02-12 389504]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;System Restore Filter Driver; C:\WINDOWS\System32\DRIVERS\sr.sys [2008-04-13 73472]
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-03-31 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-07-07 611664]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-09-30 875288]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-09-30 231704]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2007-06-28 155716]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 WUSB54GSC;WUSB54GSC; C:\Program Files\Linksys\WUSB54GSC\WLService.exe [2005-07-04 53307]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

-----------------EOF-----------------



info.txt logfile of random's system information tool 1.04 2008-11-04 17:40:52

======Uninstall list======

-->"C:\Program Files\Creative\SBLive\Program\Ctzapxx.EXE" /X /U /S
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Ahead InCD EasyWrite Reader-->C:\WINDOWS\UNMrw.exe /UNINSTALL
Ahead InCD-->C:\WINDOWS\NuNInst.exe /UNINSTALL
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Compact Wireless-G USB Network Adapter with SpeedBooster-->C:\Program Files\InstallShield Installation Information\{65563451-00B6-458C-9F9A-03A7757355A6}\setup.exe -runfromtemp -l0x0009 -removeonly
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP Customer Participation Program 10.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3-->C:\Program Files\HP\Digital Imaging\{AE9A67F9-ADF1-4a44-BAB5-C1DB302B37A2}\setup\hpzscr01.exe -datfile hposcr28.dat -onestop
HP Imaging Device Functions 10.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential 2.5-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 10.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}
Java™ SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Nero - Burning Rom-->MsiExec.exe /X{A4D7B764-4140-11D4-88EB-0050DA3579C0}
NVIDIA Drivers-->C:\WINDOWS\System32\nvudisp.exe UninstallGUI
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Sound Blaster Live!-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9115E7DB-3B29-445A-802D-11E0AA945B7F}\SETUP.EXE" -l0x9
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
VuePrint-->c:\windows\vuepro32.exe /Remove
Winamp (remove only)-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Internet Explorer 8 Beta 2-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinZip 12.0-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG

======Security center information======

AV: AVG Anti-Virus Free

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6b02
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO

-----------------EOF-----------------

#4 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:12 AM

Posted 05 November 2008 - 07:35 PM

Hi BBurden.

Marantha has some problems that he needs to deal with. I'll be helping you for this log instead.
Give me so time looking over the log. I'll be back ASAP.

Thanks :thumbsup:

With regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#5 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:12 AM

Posted 06 November 2008 - 07:41 AM

Hi BBurdon.

Do you still have the same problems as before?

When I go to IE and paste a URL, IE freezes and wont close. I cant uninstall my HP printer because it says that hpzcr01.exe has encountered an error and needs to close. Then it wants to send an error report. Windows will freeze up and crash when i click on IE or Firefox. It takes forever to start up and takes forever to load a program when i click an icon. It seems that all my RAM is being sucked up. I have 2GB of RAM on XP. Over all the CPU is running funny. Dont know what it is, if anything. Thought i would post and get an opinion, or if there is something wrong, a way to fix it. Thanks


If so please tell me in your next reply, if not, do you have any other problems?

Peer-to-Peer Programs Warning

Your log shows that you are using so called peer-to-peer or file-sharing programs (in your case BitTorrent). These programs allow to share files between users as the name(s) suggest. In today's world cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: File-Sharing, otherwise known as Peer To Peer and Risks of File-Sharing Technology.

It is also important to note that sharing entertainment files and proprietary software infringes the copyright laws in many countries over the world and you are putting yourself at risk of being indicted through organizations watching over the rights of the authors of such files (i.e. the RIAA for music files, or the MPAA for movie files in the USA) or the authors of the files themselves.

Naturally there are also legal ways to use these services, such as downloading Linux distributions or office suites such as "Open Office."

It is your decision whether or not you wish to keep your program(s) but I suggest you remove it via add/remove. However, please refrain from using them until your computer has been declared clean.

Submit File to Online Scanner

There is an unidentified file that I would like you to check out for me using Jotti/VirusTotal.
  • Click Submit.
  • Wait for the scan to finish.
  • Copy Scanner Results into your next reply.
Update Java to Version 6 Update 10

Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Scroll down to where it says "Java Runtime Environment (JRE) 6 Update 10...allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • Click Continue and the page will refresh.
  • Click on the link to download Windows Offline Installation and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u10-windows-i586-p.exe to install the newest version.
Run Scan with Kaspersky

Please do a scan with Kaspersky Online Scanner.

This scan is for Internet Explorer Only.

If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
  • Please disable your realtime protection software before proceeding. Refer to this page if you are unsure how.
  • Open the Kaspersky Scanner page.
  • Click on Accept and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
You can refer to this animation by sundavis.

Post back with:
-Scanner Results
-Kaspersky scan log
-Any Other Problems


Thanks :thumbsup:

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#6 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:12 AM

Posted 08 November 2008 - 01:33 PM

Hi.

Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 5 days the topic will need to be closed.

Thanks for understanding. :thumbsup:

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#7 BBurdon

BBurdon
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:12 AM

Posted 08 November 2008 - 04:29 PM

I only installed Bit Torrent once to download Ubuntu, and uninstalled it after i got it. So that is gone. Also that file called C://windows/system32/iphlpapik.dll could not be pasted into either of those scanner programs, so i went and looked for it following the path. I couldn't find that one, i did however find one called C:/windows/systme32/iphlpapi.dll, and the scan results are for that file. A subsequent search for that file yielded nothing.

Scanner results
Scan taken on 08 Nov 2008 20:21:39 (GMT)
A-Squared
Found nothing
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
CPsecure
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
G DATA
Found nothing
Ikarus
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Sophos Antivirus
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing

There was nothing to post from Kaspersky.

#8 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:12 AM

Posted 08 November 2008 - 05:32 PM

Hi BBurdon.

I only installed Bit Torrent once to download Ubuntu, and uninstalled it after i got it. So that is gone.

Okay. Thanks for letting me know :thumbsup:

Also that file called C://windows/system32/iphlpapik.dll could not be pasted into either of those scanner programs

What do you mean by you can't paste it? Do you get some kind of error or message. If you can't copy and paste
C:/windows/system32/iphlpapik.dll. Try typing it in manually into the scanner.

however find one called C:/windows/systme32/iphlpapi.dll

That's not the one I need. I know that iphlpapi.dll is legitimate.

Also watch your spelling if you can't copy/paste it in the scanner. it is system32 not systme32 and there's only one \ after C:. Just wanted to let you know incase you have to type it in manually ;).

Also please Update your Java and also run the Kaspersky online scan.

Post back with:
-Scanner Results
-Kaspersky onlin scan log
-Fresh RSIT logs.


Thanks :)

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#9 BBurdon

BBurdon
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:12 AM

Posted 09 November 2008 - 09:51 AM

What I mean is you cant paste it into the field for upload. when you click on it to paste, it brings up the "file to upload" box. I cant find the actual file by following the path. A search of the file using windows search doesn't find anything. You cant type it in manually either, so your not going to get any scanner results for that file. Java has been updated.

Here is you Kasperski result

Saturday, November 8, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Saturday, November 08, 2008 19:16:19
Records in database: 1374670
Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes
Scan area My Computer
C:\
D:\
E:\
F:\
Scan statistics
Files scanned 41515
Threat name 0
Infected objects 0
Suspicious objects 0
Duration of the scan 00:36:06

No malware has been detected. The scan area is clean.
The selected area was scanned.

What is an RSIT log?

#10 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:12 AM

Posted 09 November 2008 - 10:18 AM

Hi.

What I mean is you cant paste it into the field for upload. when you click on it to paste, it brings up the "file to upload" box. I cant find the actual file by following the path. A search of the file using windows search doesn't find anything. You cant type it in manually either, so your not going to get any scanner results for that file. Java has been updated.

That's strange, never heard of it before.

What is an RSIT log?

It is the program that you were told to run in post #2.

If you lost your copy, please download it again and paste the results back.

What problems are you still recieving? Still the same as before?


Please post back with the RSIT logs so I see what is your current state of your machine.

Thanks :thumbsup:

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#11 BBurdon

BBurdon
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:12 AM

Posted 09 November 2008 - 03:06 PM

I am still having the same problems...nothing has changed. Also that RSIT program only gave me one log, and it is posted here.


Logfile of random's system information tool 1.04 (written by random/random)
Run by Brandon&Nicole at 2008-11-09 14:53:32
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 58 GB (76%) free of 76 GB
Total RAM: 2046 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:53:34 PM, on 11/9/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Linksys\WUSB54GSC\WLService.exe
C:\Program Files\Linksys\WUSB54GSC\WUSB54GSC.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Brandon&Nicole\Desktop\B's Stuff\Programs\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Brandon&Nicole.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1218388103750
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1218818586203
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: c:\windows\system32\iphlpapik.dll,avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: WUSB54GSC - GEMTEKS - C:\Program Files\Linksys\WUSB54GSC\WLService.exe

--
End of file - 6213 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-09-30 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-09 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-09 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-09 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WINDVDPatch"=C:\WINDOWS\system32\CTHELPER.EXE [2002-07-02 24576]
"CTStartup"=C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE [2001-12-20 28672]
"NvMediaCenter"=C:\WINDOWS\System32\NvMcTray.dll [2007-06-28 81920]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"LogitechVideoRepair"=C:\Program Files\Logitech\Video\ISStart.exe []
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-10-01 1234712]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-09 136600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
[]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\windows\system32\iphlpapik.dll,avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe"="C:\Program Files\Java\jre1.6.0_01\bin\javaw.exe:*:Enabled:Java™ Platform SE binary"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe:*:Disabled:backWeb-8876480"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java™ Platform SE binary"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

======List of files/folders created in the last 3 months======

2008-11-09 09:41:22 ----A---- C:\WINDOWS\system32\javaws.exe
2008-11-09 09:41:22 ----A---- C:\WINDOWS\system32\javaw.exe
2008-11-09 09:41:22 ----A---- C:\WINDOWS\system32\java.exe
2008-11-09 09:41:22 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-11-08 15:09:21 ----D---- C:\Program Files\Adobe
2008-11-04 17:40:08 ----D---- C:\rsit
2008-10-24 11:19:14 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-19 12:59:14 ----D---- C:\Program Files\Panda Security
2008-10-19 12:33:03 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\HP
2008-10-19 12:24:17 ----D---- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2008-10-16 06:38:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-16 06:38:24 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-16 06:38:18 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-16 06:23:40 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-15 18:09:49 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-11 12:53:47 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\InfraRecorder
2008-10-10 11:43:55 ----D---- C:\Program Files\Linksys
2008-10-10 11:43:43 ----A---- C:\WINDOWS\system32\WLAN.INI
2008-10-10 11:33:24 ----A---- C:\WINDOWS\system32\GTW32N50.dll
2008-10-05 16:55:52 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-10-03 18:29:31 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-10-03 18:29:24 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-10-03 17:16:09 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-10-03 17:16:09 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-10-03 17:16:04 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-09-30 18:15:20 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-09-30 18:15:08 ----D---- C:\Program Files\AVG
2008-09-30 18:15:08 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-09-30 17:17:15 ----D---- C:\Program Files\PC Tools AntiVirus
2008-09-27 09:49:32 ----D---- C:\Program Files\Trend Micro
2008-09-27 09:46:48 ----D---- C:\Program Files\WinZip
2008-09-25 14:34:45 ----D---- C:\Program Files\Common Files\Adobe
2008-09-22 13:15:42 ----D---- C:\Program Files\directx
2008-09-22 13:13:40 ----D---- C:\Program Files\Common Files\Logitech
2008-09-22 13:13:35 ----A---- C:\WINDOWS\_delis32.ini
2008-09-22 13:13:17 ----D---- C:\Program Files\Logitech
2008-09-22 13:11:27 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2008-09-18 19:46:43 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-09-14 00:33:39 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\Apple Computer
2008-09-14 00:29:16 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-09-06 10:52:36 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\InstallShield
2008-09-06 10:51:51 ----A---- C:\WINDOWS\system32\SysRestore.dll
2008-09-06 10:51:51 ----A---- C:\WINDOWS\system32\ConTest.dll
2008-08-28 23:23:09 ----HDC---- C:\WINDOWS\ie8
2008-08-28 23:10:47 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2008-08-28 23:10:35 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2008-08-28 23:10:27 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2008-08-22 02:05:00 ----N---- C:\WINDOWS\system32\PrivacIE.dll
2008-08-21 05:05:54 ----D---- C:\WINDOWS\Sun
2008-08-20 16:20:59 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-08-20 16:20:55 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2008-08-20 16:20:47 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-08-20 16:20:43 ----D---- C:\Program Files\Windows Media Connect 2
2008-08-20 16:20:30 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-08-20 16:19:54 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-08-20 16:19:39 ----D---- C:\WINDOWS\system32\LogFiles
2008-08-20 16:19:32 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-08-17 14:41:11 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\MP3Rocket
2008-08-17 14:38:15 ----D---- C:\Program Files\Java
2008-08-17 14:38:04 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\Sun
2008-08-16 12:59:40 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\Malwarebytes
2008-08-16 12:59:37 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-16 12:31:30 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-08-16 12:31:21 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\SUPERAntiSpyware.com
2008-08-15 16:10:48 ----D---- C:\WINDOWS\ie7updates
2008-08-15 12:07:08 ----A---- C:\WINDOWS\system32\MSVCR71.dll
2008-08-15 12:07:08 ----A---- C:\WINDOWS\system32\MSVCP71.dll
2008-08-15 12:07:08 ----A---- C:\WINDOWS\system32\MFC71.dll
2008-08-15 12:07:06 ----D---- C:\Program Files\Alwil Software
2008-08-15 11:59:06 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-08-15 11:59:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-15 11:58:57 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-08-15 11:58:50 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2008-08-15 11:58:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-08-15 11:58:42 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-08-15 11:58:39 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-08-15 11:58:12 ----A---- C:\WINDOWS\system32\MRT.exe
2008-08-15 11:58:07 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-15 11:58:02 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-08-15 11:57:57 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-08-15 11:57:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-08-15 11:57:49 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-08-15 11:57:47 ----D---- C:\Program Files\MSXML 4.0
2008-08-15 11:57:40 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2008-08-15 11:57:32 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-08-15 11:55:41 ----D---- C:\WINDOWS\WBEM
2008-08-15 11:54:30 ----HDC---- C:\WINDOWS\ie7
2008-08-15 11:54:24 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-08-15 11:54:17 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-08-15 11:51:26 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-08-12 11:21:37 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\HPAppData
2008-08-10 16:10:20 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-08-10 14:37:03 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2008-08-10 14:35:24 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-08-10 14:35:18 ----D---- C:\Program Files\Windows Live
2008-08-10 14:35:10 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-08-10 14:34:30 ----A---- C:\YServer.txt
2008-08-10 14:33:58 ----D---- C:\Program Files\Yahoo!
2008-08-10 14:32:23 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-10 14:32:18 ----D---- C:\Program Files\Common Files\PC Tools
2008-08-10 14:31:50 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-08-10 14:31:50 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-10 14:30:39 ----D---- C:\Program Files\Lavasoft
2008-08-10 14:30:39 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-08-10 13:57:44 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\Macromedia
2008-08-10 13:57:43 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\Adobe
2008-08-10 13:55:17 ----N---- C:\WINDOWS\system32\vxblock.dll
2008-08-10 13:55:17 ----N---- C:\WINDOWS\system32\pxwave.dll
2008-08-10 13:55:17 ----N---- C:\WINDOWS\system32\pxsfs.dll
2008-08-10 13:55:17 ----N---- C:\WINDOWS\system32\pxmas.dll
2008-08-10 13:55:17 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2008-08-10 13:55:17 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2008-08-10 13:55:17 ----N---- C:\WINDOWS\system32\pxdrv.dll
2008-08-10 13:55:17 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2008-08-10 13:55:17 ----N---- C:\WINDOWS\system32\pxafs.dll
2008-08-10 13:55:17 ----N---- C:\WINDOWS\system32\px.dll
2008-08-10 13:54:36 ----D---- C:\Program Files\Winamp
2008-08-10 13:50:32 ----D---- C:\Documents and Settings\All Users\Application Data\WEBREG
2008-08-10 13:49:03 ----D---- C:\Documents and Settings\All Users\Application Data\HP
2008-08-10 13:48:51 ----D---- C:\Program Files\Hewlett-Packard
2008-08-10 13:48:48 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2008-08-10 13:48:39 ----D---- C:\Program Files\Common Files\HP
2008-08-10 13:48:03 ----D---- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-08-10 13:47:55 ----RA---- C:\WINDOWS\system32\hpzids01.dll
2008-08-10 13:47:55 ----A---- C:\WINDOWS\system32\hpz3l5mu.dll
2008-08-10 13:47:36 ----RA---- C:\WINDOWS\system32\hppldcoi.dll
2008-08-10 13:47:36 ----RA---- C:\WINDOWS\system32\hpowiax7.dll
2008-08-10 13:47:36 ----RA---- C:\WINDOWS\system32\hpovst15.dll
2008-08-10 13:47:36 ----RA---- C:\WINDOWS\system32\hpotscl6.dll
2008-08-10 13:47:36 ----RA---- C:\WINDOWS\system32\difxapi.dll
2008-08-10 13:46:17 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-08-10 13:45:53 ----D---- C:\Program Files\HP
2008-08-10 13:45:38 ----HD---- C:\Config.Msi
2008-08-10 13:41:16 ----A---- C:\WINDOWS\ODBC.INI
2008-08-10 13:41:12 ----A---- C:\WINDOWS\system32\mdimon.dll
2008-08-10 13:40:44 ----D---- C:\Program Files\Microsoft ActiveSync
2008-08-10 13:40:41 ----D---- C:\Program Files\Common Files\DESIGNER
2008-08-10 13:40:29 ----D---- C:\WINDOWS\SHELLNEW
2008-08-10 13:39:58 ----D---- C:\Program Files\Microsoft Office
2008-08-10 13:38:36 ----RHD---- C:\MSOCache
2008-08-10 13:30:26 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2008-08-10 13:29:10 ----A---- C:\WINDOWS\vuepro32.ini
2008-08-10 13:29:10 ----A---- C:\WINDOWS\vuepro32.exe
2008-08-10 13:16:35 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\Mozilla
2008-08-10 13:16:17 ----D---- C:\Program Files\Mozilla Firefox
2008-08-10 13:14:36 ----D---- C:\WINDOWS\Prefetch
2008-08-10 13:10:27 ----D---- C:\WINDOWS\system32\scripting
2008-08-10 13:10:27 ----D---- C:\WINDOWS\system32\en-us
2008-08-10 13:10:26 ----D---- C:\WINDOWS\system32\en
2008-08-10 13:10:26 ----D---- C:\WINDOWS\l2schemas
2008-08-10 13:07:08 ----D---- C:\WINDOWS\network diagnostic
2008-08-10 13:01:38 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2008-08-10 13:01:37 ----A---- C:\WINDOWS\system32\xmllite.dll
2008-08-10 13:01:35 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-08-10 13:01:33 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-08-10 13:01:32 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-08-10 13:01:32 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-08-10 13:01:31 ----N---- C:\WINDOWS\system32\verclsid.exe
2008-08-10 13:01:29 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-08-10 13:01:29 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-08-10 13:01:29 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-08-10 13:01:23 ----N---- C:\WINDOWS\system32\setupn.exe
2008-08-10 13:01:22 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-08-10 13:01:22 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-08-10 13:01:22 ----N---- C:\WINDOWS\system32\qutil.dll
2008-08-10 13:01:21 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-08-10 13:01:21 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-08-10 13:01:21 ----N---- C:\WINDOWS\system32\qagent.dll
2008-08-10 13:01:20 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-08-10 13:01:19 ----N---- C:\WINDOWS\system32\onex.dll
2008-08-10 13:01:16 ----N---- C:\WINDOWS\system32\napstat.exe
2008-08-10 13:01:16 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-08-10 13:01:16 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-08-10 13:01:15 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-08-10 13:01:15 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-08-10 13:01:14 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-08-10 13:01:14 ----N---- C:\WINDOWS\system32\mssha.dll
2008-08-10 13:01:09 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-08-10 13:01:09 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-08-10 13:01:09 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-08-10 13:01:09 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-08-10 13:01:04 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-08-10 13:01:04 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-08-10 13:01:04 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-08-10 13:01:04 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-08-10 13:01:04 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-08-10 13:01:04 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-08-10 13:01:00 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-08-10 13:01:00 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-08-10 13:01:00 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-08-10 13:01:00 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-08-10 13:01:00 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-08-10 13:01:00 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-08-10 13:01:00 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-08-10 13:01:00 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-08-10 13:01:00 ----A---- C:\WINDOWS\004992_.tmp
2008-08-10 13:00:58 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-08-10 13:00:58 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-08-10 13:00:58 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-08-10 13:00:58 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-08-10 13:00:58 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-08-10 13:00:58 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-08-10 13:00:58 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-08-10 13:00:58 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-08-10 13:00:58 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-08-10 13:00:58 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-08-10 13:00:57 ----N---- C:\WINDOWS\system32\credssp.dll
2008-08-10 13:00:53 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-08-10 13:00:53 ----N---- C:\WINDOWS\system32\azroles.dll
2008-08-10 13:00:52 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-08-10 12:33:02 ----D---- C:\WINDOWS\provisioning
2008-08-10 12:33:02 ----D---- C:\WINDOWS\peernet
2008-08-10 12:32:11 ----D---- C:\WINDOWS\ServicePackFiles
2008-08-10 12:28:40 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-08-10 12:28:39 ----D---- C:\WINDOWS\EHome
2008-08-10 12:27:22 ----N---- C:\WINDOWS\system32\spnpinst.exe
2008-08-10 12:22:27 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-08-10 12:19:02 ----D---- C:\WINDOWS\system32\PreInstall
2008-08-10 12:19:00 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-08-10 12:18:59 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-08-10 12:18:59 ----HD---- C:\WINDOWS\$hf_mig$
2008-08-10 12:18:40 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2008-08-10 12:18:21 ----D---- C:\WINDOWS\system32\bits
2008-08-10 12:18:14 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$
2008-08-10 12:17:58 ----N---- C:\WINDOWS\system32\xpob2res.dll
2008-08-10 12:17:58 ----N---- C:\WINDOWS\system32\bitsprx3.dll
2008-08-10 12:17:58 ----N---- C:\WINDOWS\system32\bitsprx2.dll
2008-08-10 12:17:58 ----A---- C:\WINDOWS\system32\winhttp.dll
2008-08-10 12:17:58 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-08-10 12:08:54 ----A---- C:\WINDOWS\system32\wups2.dll
2008-08-10 12:08:54 ----A---- C:\WINDOWS\system32\wups.dll
2008-08-10 12:08:54 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-08-10 12:08:54 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-08-10 12:08:54 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-08-10 12:08:54 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-08-10 12:08:54 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-08-10 12:08:34 ----D---- C:\WINDOWS\SoftwareDistribution
2008-08-10 12:04:34 ----A---- C:\WINDOWS\{00000001-00000000-00000006-00001102-00000002-80651102}.BAK
2008-08-10 12:02:59 ----SD---- C:\WINDOWS\system32\Microsoft
2008-08-10 12:01:07 ----D---- C:\WINDOWS\nview
2008-08-10 12:01:07 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-08-10 12:00:09 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-08-10 11:59:32 ----D---- C:\WINDOWS\RegisteredPackages
2008-08-10 11:59:06 ----A---- C:\WINDOWS\system32\wstdecod.dll
2008-08-10 11:59:06 ----A---- C:\WINDOWS\system32\psisdecd.dll
2008-08-10 11:59:06 ----A---- C:\WINDOWS\system32\msyuv.dll
2008-08-10 11:59:05 ----A---- C:\WINDOWS\system32\msvidctl.dll
2008-08-10 11:59:04 ----A---- C:\WINDOWS\system32\quartz.dll
2008-08-10 11:59:04 ----A---- C:\WINDOWS\system32\qedwipes.dll
2008-08-10 11:59:04 ----A---- C:\WINDOWS\system32\qedit.dll
2008-08-10 11:59:04 ----A---- C:\WINDOWS\system32\qdvd.dll
2008-08-10 11:59:04 ----A---- C:\WINDOWS\system32\qdv.dll
2008-08-10 11:59:04 ----A---- C:\WINDOWS\system32\qcap.dll
2008-08-10 11:59:04 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2008-08-10 11:59:04 ----A---- C:\WINDOWS\system32\msdmo.dll
2008-08-10 11:59:04 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\mciqtz32.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\encapi.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\dxdiag.exe
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\dswave.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\dmusic.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\dmsynth.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\dmstyle.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\dmscript.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\dmloader.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\dmime.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\dmcompos.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\dmband.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\devenum.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\d3d9.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\d3d8.dll
2008-08-10 11:59:03 ----A---- C:\WINDOWS\system32\amstream.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dx8vb.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dx7vb.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dsound3d.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dsound.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dsdmo.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpvvox.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpvoice.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpvacm.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpnet.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dpmodemx.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dplayx.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\ddrawex.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\ddraw.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\d3dim700.dll
2008-08-10 11:59:02 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2008-08-10 11:57:36 ----N---- C:\WINDOWS\UNMRW.exe
2008-08-10 11:56:55 ----N---- C:\WINDOWS\NuNinst.exe
2008-08-10 11:56:27 ----A---- C:\WINDOWS\system32\wmvdmod.dll
2008-08-10 11:56:27 ----A---- C:\WINDOWS\system32\WMSPDMOD.dll
2008-08-10 11:56:27 ----A---- C:\WINDOWS\system32\MPG4DMOD.dll
2008-08-10 11:56:27 ----A---- C:\WINDOWS\system32\MP4SDMOD.dll
2008-08-10 11:56:27 ----A---- C:\WINDOWS\system32\MP43DMOD.dll
2008-08-10 11:56:26 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll
2008-08-10 11:56:26 ----A---- C:\WINDOWS\system32\WMSPDMOE.dll
2008-08-10 11:56:26 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll
2008-08-10 11:56:26 ----A---- C:\WINDOWS\system32\wmsdmod.dll
2008-08-10 11:56:26 ----A---- C:\WINDOWS\system32\WMNetMgr.dll
2008-08-10 11:56:26 ----A---- C:\WINDOWS\system32\WMADMOE.dll
2008-08-10 11:56:26 ----A---- C:\WINDOWS\system32\WMADMOD.dll
2008-08-10 11:56:26 ----A---- C:\WINDOWS\system32\qasf.dll
2008-08-10 11:56:26 ----A---- C:\WINDOWS\system32\logagent.exe
2008-08-10 11:56:26 ----A---- C:\WINDOWS\system32\LAPRXY.dll
2008-08-10 11:56:25 ----A---- C:\WINDOWS\system32\wmvcore.dll
2008-08-10 11:56:25 ----A---- C:\WINDOWS\system32\wmidx.dll
2008-08-10 11:56:25 ----A---- C:\WINDOWS\system32\wmasf.dll
2008-08-10 11:56:25 ----A---- C:\WINDOWS\system32\msnetobj.dll
2008-08-10 11:56:25 ----A---- C:\WINDOWS\system32\drmv2clt.dll
2008-08-10 11:56:25 ----A---- C:\WINDOWS\system32\drmstor.dll
2008-08-10 11:56:25 ----A---- C:\WINDOWS\system32\blackbox.dll
2008-08-10 11:56:24 ----A---- C:\WINDOWS\system32\drmclien.dll
2008-08-10 11:55:52 ----D---- C:\Program Files\Ahead
2008-08-10 11:53:53 ----SHD---- C:\RECYCLER
2008-08-10 11:53:13 ----A---- C:\WINDOWS\SBWIN.INI
2008-08-10 11:53:05 ----A---- C:\WINDOWS\IsUninst.exe
2008-08-10 11:53:04 ----N---- C:\WINDOWS\Updreg.EXE
2008-08-10 11:53:03 ----N---- C:\WINDOWS\system32\SFCVRT32.DLL
2008-08-10 11:53:03 ----N---- C:\WINDOWS\system32\MFCUIA32.DLL
2008-08-10 11:53:03 ----N---- C:\WINDOWS\system32\MFCANS32.DLL
2008-08-10 11:53:03 ----N---- C:\WINDOWS\system32\INETWH32.DLL
2008-08-10 11:53:03 ----N---- C:\WINDOWS\system32\CTWFLT32.DLL
2008-08-10 11:53:03 ----N---- C:\WINDOWS\CTRES.DLL
2008-08-10 11:53:03 ----N---- C:\WINDOWS\CTCCW.DLL
2008-08-10 11:53:03 ----N---- C:\WINDOWS\AC3API.INI
2008-08-10 11:53:02 ----N---- C:\WINDOWS\system32\CTL3D.DLL
2008-08-10 11:53:01 ----D---- C:\WINDOWS\system32\Defaults
2008-08-10 11:52:56 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-08-10 11:52:30 ----D---- C:\WINDOWS\system32\Data
2008-08-10 11:52:30 ----A---- C:\WINDOWS\system32\Emu10kx.ini
2008-08-10 11:52:30 ----A---- C:\WINDOWS\system32\ctzapxx.ini
2008-08-10 11:52:30 ----A---- C:\WINDOWS\INRES.DLL
2008-08-10 11:52:26 ----A---- C:\WINDOWS\system32\sfman32.dll
2008-08-10 11:52:24 ----A---- C:\WINDOWS\system32\a3d.dll
2008-08-10 11:52:19 ----A---- C:\WINDOWS\CTDCRES.DLL
2008-08-10 11:52:18 ----A---- C:\WINDOWS\system32\SFMS32.DLL
2008-08-10 11:52:18 ----A---- C:\WINDOWS\system32\REGPLIB.EXE
2008-08-10 11:52:18 ----A---- C:\WINDOWS\system32\PIAPROXY.DLL
2008-08-10 11:52:18 ----A---- C:\WINDOWS\system32\OPENAL32.DLL
2008-08-10 11:52:18 ----A---- C:\WINDOWS\system32\KILLAPPS.EXE
2008-08-10 11:52:18 ----A---- C:\WINDOWS\system32\KILL.INI
2008-08-10 11:52:18 ----A---- C:\WINDOWS\system32\EAXAC3.DLL
2008-08-10 11:52:18 ----A---- C:\WINDOWS\READREG.EXE
2008-08-10 11:52:18 ----A---- C:\WINDOWS\PSCONV.EXE
2008-08-10 11:52:18 ----A---- C:\WINDOWS\MIDIDEF.EXE
2008-08-10 11:52:18 ----A---- C:\WINDOWS\DEVREG.DLL
2008-08-10 11:52:17 ----A---- C:\WINDOWS\system32\CTSPKHLP.DLL
2008-08-10 11:52:17 ----A---- C:\WINDOWS\system32\CTSBLFX.DLL
2008-08-10 11:52:17 ----A---- C:\WINDOWS\system32\CTOSUSER.DLL
2008-08-10 11:52:17 ----A---- C:\WINDOWS\system32\CTHELPER.EXE
2008-08-10 11:52:17 ----A---- C:\WINDOWS\system32\CTEMUPIA.DLL
2008-08-10 11:52:14 ----A---- C:\WINDOWS\system32\CTDPROXY.DLL
2008-08-10 11:52:14 ----A---- C:\WINDOWS\system32\CTDEVCON.DLL
2008-08-10 11:52:14 ----A---- C:\WINDOWS\system32\CTASIO.DLL
2008-08-10 11:52:14 ----A---- C:\WINDOWS\system32\CTAGENT.DLL
2008-08-10 11:52:13 ----A---- C:\WINDOWS\system32\COMMONFX.DLL
2008-08-10 11:52:13 ----A---- C:\WINDOWS\system32\AC3API.DLL
2008-08-10 11:51:57 ----HD---- C:\Program Files\InstallShield Installation Information
2008-08-10 11:50:29 ----N---- C:\WINDOWS\CTRegRun.exe
2008-08-10 11:50:24 ----D---- C:\Program Files\Creative
2008-08-10 11:50:21 ----D---- C:\Program Files\Common Files\InstallShield
2008-08-10 11:50:17 ----A---- C:\WINDOWS\system32\wpa.bak
2008-08-10 11:48:02 ----SHD---- C:\WINDOWS\Installer
2008-08-10 11:48:00 ----D---- C:\Documents and Settings\Brandon&Nicole\Application Data\Identities
2008-08-10 11:47:56 ----HD---- C:\Program Files\Uninstall Information
2008-08-10 11:47:54 ----ASH---- C:\Documents and Settings\Brandon&Nicole\Application Data\desktop.ini
2008-08-10 11:47:53 ----SD---- C:\Documents and Settings\Brandon&Nicole\Application Data\Microsoft
2008-08-10 11:46:17 ----SHD---- C:\System Volume Information
2008-08-10 11:46:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-08-10 11:43:51 ----D---- C:\WINDOWS\system32\xircom
2008-08-10 11:43:51 ----D---- C:\Program Files\xerox
2008-08-10 11:43:51 ----D---- C:\Program Files\microsoft frontpage
2008-08-10 11:43:43 ----A---- C:\WINDOWS\control.ini
2008-08-10 11:43:43 ----A---- C:\AUTOEXEC.BAT
2008-08-10 11:43:38 ----A---- C:\WINDOWS\OEWABLog.txt
2008-08-10 11:43:35 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-08-10 11:42:58 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-08-10 11:42:58 ----RD---- C:\WINDOWS\Offline Web Pages
2008-08-10 11:42:58 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-08-10 11:42:54 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-08-10 11:42:36 ----D---- C:\WINDOWS\system32\DirectX
2008-08-10 11:42:18 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-08-10 11:42:18 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-08-10 11:42:18 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-08-10 11:42:18 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-08-10 11:42:18 ----A---- C:\WINDOWS\system32\atrace.dll
2008-08-10 11:42:16 ----A---- C:\WINDOWS\system32\desktop.ini
2008-08-10 11:42:16 ----A---- C:\WINDOWS\desktop.ini
2008-08-10 11:42:10 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-08-10 11:42:10 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-08-10 11:42:10 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-08-10 11:42:09 ----D---- C:\Program Files\Common Files\Services
2008-08-10 11:42:09 ----A---- C:\WINDOWS\system32\acctres.dll
2008-08-10 11:42:08 ----A---- C:\WINDOWS\system32\inetres.dll
2008-08-10 11:42:06 ----SD---- C:\WINDOWS\Tasks
2008-08-10 11:42:06 ----A---- C:\WINDOWS\system32\isign32.dll
2008-08-10 11:42:06 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-08-10 11:42:06 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-08-10 11:42:05 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-08-10 11:42:05 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-08-10 11:42:04 ----D---- C:\Program Files\Common Files\MSSoap
2008-08-10 11:42:01 ----D---- C:\WINDOWS\srchasst
2008-08-10 11:42:00 ----D---- C:\WINDOWS\system32\Macromed
2008-08-10 11:42:00 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-08-10 11:41:59 ----D---- C:\Program Files\Movie Maker
2008-08-10 11:41:57 ----D---- C:\WINDOWS\PCHealth
2008-08-10 11:41:56 ----D---- C:\WINDOWS\system32\Restore
2008-08-10 11:41:56 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-08-10 11:41:56 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-08-10 11:41:56 ----A---- C:\WINDOWS\system32\srclient.dll
2008-08-10 11:41:56 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-08-10 11:41:56 ----A---- C:\WINDOWS\system32\msconf.dll
2008-08-10 11:41:56 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-08-10 11:41:56 ----A---- C:\WINDOWS\system32\ils.dll
2008-08-10 11:41:54 ----D---- C:\Program Files\NetMeeting
2008-08-10 11:41:54 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-08-10 11:41:54 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-08-10 11:41:53 ----D---- C:\Program Files\Outlook Express
2008-08-10 11:41:53 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-08-10 11:41:53 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-08-10 11:41:53 ----A---- C:\WINDOWS\system32\mstask.dll
2008-08-10 11:41:53 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-08-10 11:41:51 ----D---- C:\Program Files\Common Files\System
2008-08-10 11:41:48 ----D---- C:\Program Files\Internet Explorer
2008-08-10 11:41:36 ----D---- C:\Program Files\ComPlus Applications
2008-08-10 11:41:34 ----A---- C:\WINDOWS\vbaddin.ini
2008-08-10 11:41:34 ----A---- C:\WINDOWS\vb.ini
2008-08-10 11:41:31 ----D---- C:\WINDOWS\Registration
2008-08-10 11:41:11 ----HD---- C:\Program Files\WindowsUpdate
2008-08-10 11:41:10 ----D---- C:\Program Files\Windows Media Player
2008-08-10 11:41:06 ----D---- C:\Program Files\Messenger
2008-08-10 11:41:02 ----D---- C:\Program Files\MSN Gaming Zone
2008-08-10 11:41:02 ----A---- C:\WINDOWS\system32\write.exe
2008-08-10 11:40:56 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-08-10 11:40:56 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-08-10 11:40:56 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-08-10 11:40:56 ----A---- C:\WINDOWS\system32\hticons.dll
2008-08-10 11:40:56 ----A---- C:\WINDOWS\system32\avwav.dll
2008-08-10 11:40:56 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-08-10 11:40:56 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-08-10 11:40:55 ----A---- C:\WINDOWS\system32\winchat.exe
2008-08-10 11:40:55 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-08-10 11:40:50 ----A---- C:\WINDOWS\system32\winmine.exe
2008-08-10 11:40:50 ----A---- C:\WINDOWS\system32\sol.exe
2008-08-10 11:40:50 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-08-10 11:40:50 ----A---- C:\WINDOWS\system32\getuname.dll
2008-08-10 11:40:50 ----A---- C:\WINDOWS\system32\charmap.exe
2008-08-10 11:40:50 ----A---- C:\WINDOWS\system32\calc.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\tskill.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\tscon.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\shadow.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\reset.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\regini.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-08-10 11:40:49 ----A---- C:\WINDOWS\system32\freecell.exe
2008-08-10 11:40:48 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-08-10 11:40:48 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-08-10 11:40:48 ----A---- C:\WINDOWS\system32\msg.exe
2008-08-10 11:40:48 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-08-10 11:40:48 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-08-10 11:40:48 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-08-10 11:40:48 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-08-10 11:40:48 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-08-10 11:40:48 ----A---- C:\WINDOWS\system32\logoff.exe
2008-08-10 11:40:48 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-08-10 11:40:47 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-08-10 11:40:47 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-08-10 11:40:47 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-08-10 11:40:47 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-08-10 11:40:47 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-08-10 11:40:47 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-08-10 11:40:47 ----A---- C:\WINDOWS\system32\colbact.dll
2008-08-10 11:40:46 ----A---- C:\WINDOWS\system32\stclient.dll
2008-08-10 11:40:46 ----A---- C:\WINDOWS\system32\comuid.dll
2008-08-10 11:40:46 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-08-10 11:40:46 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-08-10 11:40:46 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-08-10 11:40:46 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-08-10 11:40:46 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-08-10 11:40:42 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-08-10 11:40:42 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-08-10 11:40:42 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-08-10 11:40:41 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-08-10 11:40:38 ----D---- C:\Program Files\Windows NT
2008-08-10 11:40:38 ----D---- C:\Program Files\MSN
2008-08-10 11:40:38 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-08-10 11:40:38 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-08-10 11:40:37 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-08-10 11:40:37 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-08-10 11:40:37 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-08-10 11:40:37 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-08-10 11:40:37 ----A---- C:\WINDOWS\system32\spider.exe
2008-08-10 11:40:37 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-08-10 11:40:37 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-08-10 11:40:36 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-08-10 11:40:35 ----D---- C:\WINDOWS\system32\MsDtc
2008-08-10 11:40:35 ----D---- C:\WINDOWS\system32\Com
2008-08-10 11:40:35 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-08-10 11:40:35 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-08-10 11:40:35 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-08-10 11:40:33 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-08-10 07:39:06 ----A---- C:\WINDOWS\system32\h323log.txt
2008-08-10 07:35:02 ----A---- C:\WINDOWS\system32\usbui.dll
2008-08-10 07:34:12 ----A---- C:\WINDOWS\imsins.BAK
2008-08-10 07:34:09 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-08-10 07:34:08 ----D---- C:\Program Files\Common Files\ODBC
2008-08-10 07:34:08 ----A---- C:\WINDOWS\ODBCINST.INI
2008-08-10 07:34:06 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-08-10 07:34:06 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-08-10 07:34:05 ----RD---- C:\Program Files
2008-08-10 07:34:05 ----D---- C:\Program Files\Common Files
2008-08-10 07:34:04 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-08-10 07:34:04 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-08-10 07:34:04 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-08-10 07:34:03 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-08-10 07:34:03 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-08-10 07:34:03 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-08-10 07:34:03 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-08-10 07:34:03 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-08-10 07:34:03 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-08-10 07:34:02 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-08-10 07:34:02 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-08-10 07:34:02 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-08-10 07:34:02 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-08-10 07:34:02 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-08-10 07:34:02 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-08-10 07:34:01 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-08-10 07:34:01 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-08-10 07:34:01 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-08-10 07:34:01 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-08-10 07:34:01 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-08-10 07:34:01 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-08-10 07:34:01 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-08-10 07:34:00 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-08-10 07:34:00 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-08-10 07:34:00 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-08-10 07:34:00 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-08-10 07:34:00 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-08-10 07:33:59 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-08-10 07:33:59 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-08-10 07:33:59 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-08-10 07:33:59 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-08-10 07:33:59 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-08-10 07:33:59 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-08-10 07:33:59 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-08-10 07:33:59 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-08-10 07:33:59 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-08-10 07:33:59 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-08-10 07:33:59 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-08-10 07:33:58 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-08-10 07:33:58 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-08-10 07:33:57 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-08-10 07:33:57 ----A---- C:\WINDOWS\system32\irclass.dll
2008-08-10 07:33:57 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-08-10 07:33:57 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-08-10 07:33:57 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-08-10 07:33:55 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-08-10 07:33:55 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-08-10 07:33:55 ----A---- C:\WINDOWS\system32\batt.dll
2008-08-10 07:33:55 ----A---- C:\WINDOWS\notepad.exe
2008-08-10 07:33:54 ----A---- C:\WINDOWS\system32\storprop.dll
2008-08-10 07:33:48 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-08-10 07:33:46 ----RA---- C:\WINDOWS\SET7.tmp
2008-08-10 07:33:44 ----RA---- C:\WINDOWS\SET3.tmp
2008-08-10 07:33:39 ----D---- C:\WINDOWS\system32\CatRoot2
2008-08-10 07:33:39 ----D---- C:\WINDOWS\system32\CatRoot
2008-08-10 07:33:34 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-08-10 07:33:24 ----A---- C:\WINDOWS\setuplog.txt
2008-08-10 07:33:19 ----D---- C:\Documents and Settings
2008-08-10 07:32:20 ----RASH---- C:\boot.ini
2008-08-10 07:29:48 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-08-10 07:29:48 ----RSD---- C:\WINDOWS\Fonts
2008-08-10 07:29:48 ----RD---- C:\WINDOWS\Web
2008-08-10 07:29:48 ----HD---- C:\WINDOWS\inf
2008-08-10 07:29:48 ----D---- C:\WINDOWS\WinSxS
2008-08-10 07:29:48 ----D---- C:\WINDOWS\twain_32
2008-08-10 07:29:48 ----D---- C:\WINDOWS\Temp
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\wins
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\wbem
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\usmt
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\spool
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\ShellExt
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\Setup
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\ras
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\oobe
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\npp
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\mui
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\inetsrv
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\IME
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\icsxml
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\ias
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\export
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\drivers
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\dhcp
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\config
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\3com_dmi
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\3076
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\2052
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\1054
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\1042
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\1041
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\1037
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\1033
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\1031
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\1028
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32\1025
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system32
2008-08-10 07:29:48 ----D---- C:\WINDOWS\system
2008-08-10 07:29:48 ----D---- C:\WINDOWS\security
2008-08-10 07:29:48 ----D---- C:\WINDOWS\Resources
2008-08-10 07:29:48 ----D---- C:\WINDOWS\repair
2008-08-10 07:29:48 ----D---- C:\WINDOWS\mui
2008-08-10 07:29:48 ----D---- C:\WINDOWS\msapps
2008-08-10 07:29:48 ----D---- C:\WINDOWS\msagent
2008-08-10 07:29:48 ----D---- C:\WINDOWS\Media
2008-08-10 07:29:48 ----D---- C:\WINDOWS\java
2008-08-10 07:29:48 ----D---- C:\WINDOWS\ime
2008-08-10 07:29:48 ----D---- C:\WINDOWS\Help
2008-08-10 07:29:48 ----D---- C:\WINDOWS\Driver Cache
2008-08-10 07:29:48 ----D---- C:\WINDOWS\Debug
2008-08-10 07:29:48 ----D---- C:\WINDOWS\Cursors
2008-08-10 07:29:48 ----D---- C:\WINDOWS\Connection Wizard
2008-08-10 07:29:48 ----D---- C:\WINDOWS\Config
2008-08-10 07:29:48 ----D---- C:\WINDOWS\AppPatch
2008-08-10 07:29:48 ----D---- C:\WINDOWS\addins
2008-08-10 07:29:48 ----D---- C:\WINDOWS

======List of files/folders modified in the last 3 months======

2008-10-16 06:37:58 ----A---- C:\WINDOWS\win.ini
2008-10-15 11:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-08-22 02:15:56 ----A---- C:\WINDOWS\system32\ieframe.dll.mui
2008-08-22 02:14:40 ----A---- C:\WINDOWS\system32\advpack.dll.mui
2008-08-22 02:10:34 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-08-22 02:09:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-22 02:08:22 ----A---- C:\WINDOWS\system32\WinFXDocObj.exe
2008-08-22 02:08:22 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-22 02:08:08 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-08-22 02:08:06 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-22 02:08:00 ----A---- C:\WINDOWS\system32\licmgr10.dll
2008-08-22 02:07:58 ----A---- C:\WINDOWS\system32\url.dll
2008-08-22 02:07:50 ----A---- C:\WINDOWS\system32\occache.dll
2008-08-22 02:07:50 ----A---- C:\WINDOWS\system32\msrating.dll
2008-08-22 02:07:08 ----A---- C:\WINDOWS\system32\corpol.dll
2008-08-22 02:06:58 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-08-22 02:06:44 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2008-08-22 02:06:40 ----A---- C:\WINDOWS\system32\ieaksie.dll
2008-08-22 02:06:36 ----A---- C:\WINDOWS\system32\vbscript.dll
2008-08-22 02:06:36 ----A---- C:\WINDOWS\system32\ieakeng.dll
2008-08-22 02:06:30 ----A---- C:\WINDOWS\system32\jscript.dll
2008-08-22 02:06:30 ----A---- C:\WINDOWS\system32\admparse.dll
2008-08-22 02:06:24 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-08-22 02:06:24 ----A---- C:\WINDOWS\system32\iesetup.dll
2008-08-22 02:06:24 ----A---- C:\WINDOWS\system32\ieakui.dll
2008-08-22 02:06:24 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2008-08-22 02:06:20 ----A---- C:\WINDOWS\system32\iernonce.dll
2008-08-22 02:06:16 ----A---- C:\WINDOWS\system32\inseng.dll
2008-08-22 02:06:16 ----A---- C:\WINDOWS\system32\advpack.dll
2008-08-22 02:06:02 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-08-22 02:05:48 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-08-22 02:05:34 ----A---- C:\WINDOWS\system32\mstime.dll
2008-08-22 02:05:24 ----A---- C:\WINDOWS\system32\iepeers.dll
2008-08-22 02:05:22 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2008-08-22 02:05:22 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-08-22 02:05:20 ----A---- C:\WINDOWS\system32\icardie.dll
2008-08-22 02:05:16 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-08-22 02:05:14 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-08-22 02:05:14 ----A---- C:\WINDOWS\system32\imgutil.dll
2008-08-22 02:05:10 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-08-22 02:05:08 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-08-22 02:05:00 ----A---- C:\WINDOWS\system32\mshtmler.dll
2008-08-22 02:04:54 ----A---- C:\WINDOWS\system32\mshta.exe
2008-08-22 01:58:12 ----A---- C:\WINDOWS\system32\ieui.dll
2008-08-22 01:57:56 ----A---- C:\WINDOWS\system32\msls31.dll
2008-08-22 01:42:22 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-08-14 05:09:26 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 04:33:16 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-10 12:30:40 ----RASH---- C:\NTDETECT.COM
2008-08-10 07:34:05 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-09-30 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-09-30 26824]
R1 incdrm;InCD EasyWrite Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2002-10-08 7582]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-10-10 17801]
R2 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-09-30 76040]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2002-07-18 127948]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2002-07-18 837548]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-07-18 11068]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2002-07-18 213860]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2002-07-18 156604]
R3 GTNDIS5;GTNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\GTNDIS5.SYS []
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2002-07-24 998004]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2007-06-28 6807328]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2002-07-18 195432]
R3 USB_RNDIS;Compact Wireless-G USB Network Adapter with SpeedBooster; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2008-04-13 12800]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\System32\DRIVERS\AN983.sys [2002-08-28 36224]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ctljystk;Creative SBLive! Gameport; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-10-30 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-10-30 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-10-30 21568]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 BsUDF;InCD UDF Driver; C:\WINDOWS\system32\drivers\BsUDF.sys [2003-02-12 389504]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;System Restore Filter Driver; C:\WINDOWS\System32\DRIVERS\sr.sys [2008-04-13 73472]
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-03-31 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-07-07 611664]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-09-30 875288]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-09-30 231704]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-09 152984]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2007-06-28 155716]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 WUSB54GSC;WUSB54GSC; C:\Program Files\Linksys\WUSB54GSC\WLService.exe [2005-07-04 53307]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

-----------------EOF-----------------

#12 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:12 AM

Posted 09 November 2008 - 04:09 PM

Hi again.

Let's try this again.

Submit File to Online Scanner
There is an unidentified file that I would like you to check out for me using Jotti/VirusTotal.
  • Open Jotti Online Scanner, or VirusTotal Online Scanner. If one site is busy or down, try the other
  • At the top of the page you'll see a box(The box says File to upload & scan:) . Paste in the following line.
  • C:\windows\system32\iphlpapik.dll
  • Click Submit.
  • Wait for the scan to finish.
  • Copy Scanner Results into your next reply.
After pasting it in the Box, please click Submit to upload it. I don't understand why you can't type it manually though?


Also the problems you are having doesn't seem malware related, so I can't help much on that we we'll redirect you to another forum if required. Let's see what else we can find out.

I see that you are using Internet Explorer 8. If you haven't noticed, it is a beta version. Beta means it is a pre-release version of a software product. This beta version is used for testing purposes.

Therefore, there could be problems with it. I suggest you install Internet explorer 7 instead and see if that helps and deals with the problem.

You can download it from here.

Other than that, I don't see anything else that is causing much. Your log looks clean except that one file. Also the Online scan is clean too, so I can't say much.


Can you take a look at Task manager and see what's hogging up a lot of resources?

Press CTRL+ALT then + DEL to open Task Manager. See what is using alot of CPU usage and also MEM usages under the Processes tab.

Post back with:
-The Scanner results
-Answers to my questions
-Fresh RSIT log


With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#13 BBurdon

BBurdon
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:12:12 AM

Posted 09 November 2008 - 07:24 PM

I am just going to format the HDD. I cant type in anything manually, i cant even find that file. That file doesn't exist according to windows. Ctrl+V doesn't even work. Have you tried looking at those scanners? You cant type, you cant paste, and when you click on the bar to put the cursor there, it automatically pops up with a file upload window. The file doesn't exist when you look for it following the path. This all seems to be a lost cause so im just going to format...I appreciate your help.

#14 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:12 AM

Posted 09 November 2008 - 08:37 PM

Hi.

You cant type, you cant paste, and when you click on the bar to put the cursor there, it automatically pops up with a file upload window. The file doesn't exist when you look for it following the path. This all seems to be a lost cause so im just going to format...I appreciate your help.

Well, yes I can paste it and also type it manually, not sure what's wrong.

Anyways,if you wish to format that's fine.

Thanks for letting me know. :thumbsup:

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#15 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:12 AM

Posted 10 November 2008 - 08:41 AM

Hi, since you are going to format, I'll give you some prevention tips and things to be safe and secure.

After the format your computer is probably clean so below are some things you might want to keep in mind.

Congratulations! You now appear clean! :)

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:
  • Use an AntiVirus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.

    See this link for a listing of some online & their stand-alone antivirus programs:

    Virus, Spyware, and Malware Protection and Removal Resources

    Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
  • Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.

    For a tutorial on Firewalls and a listing of some available ones see the link below:
    Understanding and Using Firewalls
Please also have a look at the following links, giving some advice and suggestions for preventing future infections:I recommend you regularly visit the Windows Update Site!
  • Lots of Hacking/Trojans use the methods found (plugged by the updates) that have not been stopped by people not updating.
  • By updating your machine, you have one less headache! Posted Image
  • Update ALL Critical updates and any other Windows updates for services/programs that you use.
  • If you wish, you can also use automatic updates. This is a good thing to have if you want to be up-to-date all the time, but can also be a bit of an annoyance due to its handling and the sizes of the updates. If you wish to turn on automatic updates then you will find here is a nice little article about turning on automatic updates.
  • Note that it will download them for you, but you still have to actually click install.
  • If you do not want to have automatic updates turned on, or are on dial-up, you can always download updates seperately at: http://windowsupdate.microsoft.com.
It is also a good idea to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities. You can check these by visiting Secunia Software Inspector and Calendar of Updates.

For a nice list of freeware programmes in all categories, please have a look at this thread with freeware products that are regarded as useful by the users of this forum: Commonly Used Freeware Replacements.

Some Other Recommendations are:

Below are some recommendations of programs to lower your chances of (re)infection. (This does not mean you have to install it.)Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically.

Finally, and definitely the MOST IMPORTANT step, click on the following tutorial and follow each step listed there:

Simple and easy ways to keep your computer safe and secure on the Internet


Glad I was able to help and thank you for choosing Bleeping Computer as you malware removal source.
Don't forget to tell your friends about us and Good luck :thumbsup:


If you have no more questions, comments or problems please tell us, so we can close off the topic.

Thanks :)

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users