Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IE 7.0 Unable To Access Windows Update


  • This topic is locked This topic is locked
24 replies to this topic

#1 GeorgiaIceCream

GeorgiaIceCream

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:45 PM

Posted 28 January 2009 - 08:41 AM

I started on this problem by opening an incident with Microsoft. Microsoft tried a few things and then suggested the possibility of virus/malware. Several days ago, Microsoft suggested uninstalling SP3. I did that to no avail. I since have reinstalled SP3 and the system should be current on Microsoft updates. Automatic Updates appears to be working. No symptoms have changed.

I moved to Bleeping Computer for virus/malware help. I have previous entries with this same title in 2 Bleeping Computer forums. I started in the Windows XP Home and Professional and then moved to the Am I Infected forum.

I observe 3 symptoms:

1) IE 7.0 is not recognized as a supported browser by the Windows Update website.

2) Doing a Google search with either IE 7.0 or FireFox 3.0.5 may yield links to questionable websites.

3) Attempting to open the System Restore tab on Systems Properties yields an error. This was a later discovery in the investigation process. There's a link to an image in the earlier posts.

DDS Txt below:


DDS (Ver_09-01-19.01) - NTFSx86
Run by Donna at 7:51:48.45 on Wed 01/28/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1535.837 [GMT -5:00]

AV: Norton Internet Security *On-access scanning enabled* (Updated)
FW: Norton Internet Security *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft LifeCam\MSCamSvc.exe
C:\Program Files\Norton Ghost\Agent\VProSvc.exe
C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\WINDOWS\SM1BG.EXE
C:\Program Files\Common Files\Real\Update_OB\rnathchk.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ASUS\Probe\AsusProb.exe
C:\WINDOWS\MXOALDR.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Norton Ghost\Agent\GhostTray.exe
C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\Plextor\PlexTool.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
C:\Program Files\TrayDay\TrayDay.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Donna\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Bar = hxxp://search.bearshare.com/sidebar.html?src=ssb
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
mCustomizeSearch =
mWinlogon: Userinit=c:\windows\system32\userinit.exe
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\norton internet security\engine\16.2.0.7\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\norton internet security\engine\16.2.0.7\IPSBHO.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: AOL Toolbar Launcher: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol\aol toolbar 3.0\aoltb.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Viewpoint Toolbar BHO: {a7327c09-b521-4edb-8509-7d2660c9ec98} - c:\program files\viewpoint\viewpoint toolbar\3.8.0\ViewBarBHO.dll
BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - c:\program files\aim toolbar\aimtb.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol\aol toolbar 3.0\aoltb.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - No File
TB: Viewpoint Toolbar: {f8ad5aa5-d966-4667-9daf-2561d68b2012} - c:\program files\common files\viewpoint\toolbar runtime\3.8.0\IEViewBar.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\norton internet security\engine\16.2.0.7\coIEPlg.dll
TB: AIM Search: {40d41a8b-d79b-43d7-99a7-9ee0f344c385} - blank
TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [LDM] "c:\program files\desktop messenger\8876480\program\LogitechDesktopMessenger.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Aim6]
uRun: [RealPlayer] "c:\program files\real\realplayer\realplay.exe" /RunUPGToolCommandReBoot
uRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] "nwiz.exe" /install
mRun: [C-Media Mixer] Mixer.exe /startup
mRun: [zBrowser Launcher] "c:\program files\logitech\itouch\iTouch.exe"
mRun: [LVCOMS] "c:\program files\common files\logitech\qcdriver\LVCOMS.EXE"
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe
mRun: [EM_EXEC] c:\progra~1\logitech\mousew~1\system\EM_EXEC.EXE
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [RoxioDragToDisc] "c:\program files\roxio\easy media creator 7\drag to disc\DrgToDsc.exe"
mRun: [SM1BG] c:\windows\SM1BG.EXE
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [ASUS Probe] "c:\program files\asus\probe\AsusProb.exe"
mRun: [MXOBG] c:\windows\MXOALDR.EXE
mRun: [Share-to-Web Namespace Daemon] "c:\program files\hewlett-packard\hp share-to-web\hpgs2wnd.exe"
mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [<NO NAME>]
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [Norton Ghost 10.0] "c:\program files\norton ghost\agent\GhostTray.exe"
mRun: [MaxtorOneTouch] "c:\program files\maxtor\onetouch\utils\Onetouch.exe"
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [VX3000] c:\windows\vVX3000.exe
mRun: [DiskeeperSystray] "c:\program files\diskeeper corporation\diskeeper\DkIcon.exe"
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [IPHSend] "c:\program files\common files\aol\iphsend\IPHSend.exe"
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
dRun: [ALUAlert] c:\program files\symantec\liveupdate\ALUNotify.exe
dRun: [Symantec Network Driver Update Warning] c:\progra~1\symantec\liveup~1\SNDWarn.EXE
dRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NVMCTRAY.DLL,NvTaskbarInit
dRun: [Symantec NetDriver Warning] c:\progra~1\symnet~1\SNDWarn.exe
dRun: [LDM] c:\program files\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
dRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
dRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\donna\startm~1\programs\startup\trayday.lnk - c:\program files\trayday\TrayDay.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\apcups~1.lnk - c:\program files\apc\apc powerchute personal edition\Display.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~2.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\plexto~1.lnk - c:\program files\plextor\PlexTool.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\zdwlan~1.lnk - c:\program files\zydas technology corporation\zydas_802.11g_utility\ZDWlan.exe
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim95\aim.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - c:\program files\yahoo!\messenger\YahooMessenger.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll
IE: {3369AF0D-62E9-4bda-8103-B4C75499B578} - {DE9C389F-3316-41A7-809B-AA305ED9D922} - c:\program files\aol\aol toolbar 3.0\aoltb.dll
IE: {44226DFF-747E-4edc-B30C-78752E50CD0C} - {44226DFF-747E-4edc-B30C-78752E50CD0C} - c:\program files\ati multimedia\tv\EXPLBAR.DLL
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://activation.rr.com/install/download/tgctlcm.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - hxxp://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc2.cab
DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} - hxxp://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} - hxxp://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1143733008546
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - hxxp://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37719.7399305556
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab
DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton internet security\norton internet security\engine\16.2.0.7\CoIEPlg.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxsrvc.dll
Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
Notify: NavLogon - c:\windows\system32\NavLogon.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\window~1\MpShHook.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
LSA: Notification Packages = scecli scecli

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\donna\applic~1\mozilla\firefox\profiles\jl7ol55z.default\
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\coffplgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\ipsffplgn\components\IPSFFPl.dll
FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll
FF - plugin: c:\program files\google\google updater\2.4.1368.5602\npCIDetect13.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll

============= SERVICES / DRIVERS ===============

R0 SymEFA;Symantec Extended File Attributes;\SystemRoot\\SystemRoot\System32\Drivers\NIS\1002000.007\SYMEFA.SYS --> \SystemRoot\\SystemRoot\System32\Drivers\NIS\1002000.007\SYMEFA.SYS [?]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nis\1002000.007\BHDrvx86.sys [2008-12-10 255536]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1002000.007\cchpx86.sys [2008-12-10 362544]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20090120.002\IDSxpx86.sys [2009-1-28 274808]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-1-15 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-1-15 55024]
R3 Ausbflt;Ausbflt;c:\windows\system32\drivers\ausbflt.sys [2004-2-13 6354]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-1-13 99376]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090127.052\naveng.sys [2009-1-28 89104]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\virusdefs\20090127.052\navex15.sys [2009-1-28 876112]
R4 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2006-9-3 105632]
R4 IntuitUpdateService;Intuit Update Service;c:\program files\common files\intuit\update service\IntuitUpdateService.exe [2008-10-10 13088]
R4 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2006-8-13 3712]
R4 Norton Internet Security;Norton Internet Security;c:\program files\norton internet security\norton internet security\engine\16.2.0.7\ccSvcHst.exe [2008-12-10 115560]
R4 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2006-2-2 1252232]
R4 TTDec;ATI WDM Teletext Decoder;c:\windows\system32\drivers\atinttxx.sys [2002-2-21 21152]
R4 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-1-13 24652]
R4 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
S1 a096ceb5;a096ceb5;c:\windows\system32\drivers\a096ceb5.sys --> c:\windows\system32\drivers\a096ceb5.sys [?]
S3 BRGSp50;BRGSp50 NDIS Protocol Driver;c:\windows\system32\drivers\BRGSp50.sys [2006-5-2 20608]
S3 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2006-9-3 105632]
S3 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\ccPwdSvc.exe [2004-12-13 79472]
S3 LCcfltr;Logitech USB Filter Driver;c:\windows\system32\drivers\LCCFLTR.SYS [2002-5-22 14156]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2008-12-10 7808]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-1-15 7408]
S3 WBMSA;Winbond Memory Stick Storage (MS) Device Driver - A;c:\windows\system32\drivers\wbmsa.sys [2002-12-12 24214]
S4 ATIXBAR;ATI TV Wonder WDM Audio Crossbar;c:\windows\system32\drivers\ativxstw.sys [2002-11-4 28416]
S4 BT848;ATI TV Wonder BtCap, WDM Video Capture;c:\windows\system32\drivers\BT848.sys [2002-5-22 208720]
S4 BTTUNER;ATI TV Wonder TVTuner, WDM TvTuner;c:\windows\system32\drivers\ativtutw.sys [2002-11-4 17664]
S4 BTXBAR;ATI TV Wonder WDM Video Crossbar;c:\windows\system32\drivers\btxbar.sys [2002-5-22 10512]

=============== Created Last 30 ================

2009-01-26 08:53 107,368 a------- c:\windows\system32\GEARAspi.dll
2009-01-26 08:53 15,464 a------- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-01-26 08:52 <DIR> --d----- c:\program files\iTunes
2009-01-26 08:52 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-26 08:52 <DIR> --d----- c:\program files\Bonjour
2009-01-26 08:33 <DIR> --d----- c:\program files\Windows Installer Clean Up
2009-01-26 08:33 <DIR> --d----- c:\program files\MSECACHE
2009-01-25 12:06 <DIR> --d----- c:\program files\common files\AnswerWorks 5.0
2009-01-23 18:01 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-01-23 18:01 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-01-23 18:01 <DIR> --d----- c:\docume~1\donna\applic~1\SUPERAntiSpyware.com
2009-01-23 18:00 <DIR> --d----- c:\program files\common files\Wise Installation Wizard
2009-01-22 17:19 <DIR> --d----- c:\documents and settings\donna\DoctorWeb
2009-01-22 14:26 116,224 a------- c:\windows\system32\dllcache\xrxwiadr.dll
2009-01-22 14:26 23,040 a------- c:\windows\system32\dllcache\xrxwbtmp.dll
2009-01-22 14:26 18,944 a------- c:\windows\system32\dllcache\xrxscnui.dll
2009-01-22 14:26 27,648 a------- c:\windows\system32\dllcache\xrxftplt.exe
2009-01-22 14:26 4,608 a------- c:\windows\system32\dllcache\xrxflnch.exe
2009-01-22 14:25 99,865 a------- c:\windows\system32\dllcache\xlog.exe
2009-01-22 14:25 28,288 a------- c:\windows\system32\dllcache\xjis.nls
2009-01-22 14:25 16,970 a------- c:\windows\system32\dllcache\xem336n5.sys
2009-01-22 14:25 19,455 a------- c:\windows\system32\dllcache\wvchntxx.sys
2009-01-22 14:25 12,063 a------- c:\windows\system32\dllcache\wsiintxx.sys
2009-01-22 14:25 8,192 a------- c:\windows\system32\dllcache\wshirda.dll
2009-01-22 14:25 8,832 a------- c:\windows\system32\dllcache\wmiacpi.sys
2009-01-22 14:25 154,624 a------- c:\windows\system32\dllcache\wlluc48.sys
2009-01-22 14:25 34,890 a------- c:\windows\system32\dllcache\wlandrv2.sys
2009-01-22 14:23 765,884 a------- c:\windows\system32\dllcache\usrti.sys
2009-01-22 14:22 37,961 a------- c:\windows\system32\dllcache\tdk100b.sys
2009-01-22 14:21 58,368 a------- c:\windows\system32\dllcache\smiminib.sys
2009-01-22 14:20 11,648 a------- c:\windows\system32\dllcache\scsiprnt.sys
2009-01-22 14:19 899,146 a------- c:\windows\system32\dllcache\r2mdkxga.sys
2009-01-22 14:18 30,495 a------- c:\windows\system32\dllcache\pc100nds.sys
2009-01-22 14:17 65,278 a------- c:\windows\system32\dllcache\netflx3.sys
2009-01-22 14:16 35,200 a------- c:\windows\system32\dllcache\msgame.sys
2009-01-22 14:15 727,786 a------- c:\windows\system32\dllcache\ltck000c.sys
2009-01-22 14:14 26,624 a------- c:\windows\system32\dllcache\irstusb.sys
2009-01-22 14:13 109,085 a------- c:\windows\system32\dllcache\ibmtrp.sys
2009-01-22 14:12 907,456 a------- c:\windows\system32\dllcache\hcf_msft.sys
2009-01-22 14:11 43,008 a------- c:\windows\system32\dllcache\esucm.dll
2009-01-22 14:10 29,696 a------- c:\windows\system32\dllcache\dm9pci5.sys
2009-01-22 14:09 60,970 a------- c:\windows\system32\dllcache\cpqtrnd5.sys
2009-01-22 14:08 314,752 a------- c:\windows\system32\dllcache\camdro21.sys
2009-01-22 14:07 2,944 a------- c:\windows\system32\dllcache\brfilt.sys
2009-01-22 14:06 16,969 a------- c:\windows\system32\dllcache\amb8002.sys
2009-01-22 14:05 66,048 a------- c:\windows\system32\dllcache\s3legacy.dll
2009-01-21 16:07 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-01-21 16:07 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-21 16:07 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-01-21 15:07 459,264 -------- c:\windows\system32\dllcache\msfeeds.dll
2009-01-21 15:07 52,224 -------- c:\windows\system32\dllcache\msfeedsbs.dll
2009-01-21 15:07 267,776 -------- c:\windows\system32\dllcache\iertutil.dll
2009-01-21 15:07 63,488 -------- c:\windows\system32\dllcache\icardie.dll
2009-01-21 15:07 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2009-01-21 15:07 383,488 -------- c:\windows\system32\dllcache\ieapfltr.dll
2009-01-21 15:07 2,455,488 -------- c:\windows\system32\dllcache\ieapfltr.dat
2009-01-21 15:07 991,232 -------- c:\windows\system32\dllcache\ieframe.dll.mui
2009-01-21 15:07 6,066,176 -------- c:\windows\system32\dllcache\ieframe.dll
2009-01-20 07:26 301,656 a------- c:\windows\system32\BtCoreIf.dll
2009-01-18 10:00 <DIR> --dsh--- c:\documents and settings\donna\PrivacIE
2009-01-18 09:47 81,920 a------- c:\windows\system32\ieencode.dll
2009-01-16 10:44 3,948 a------- C:\fix.reg
2009-01-15 19:26 <DIR> --d-h--- c:\windows\system32\GroupPolicy
2009-01-14 09:51 <DIR> --d----- C:\PollManager
2009-01-13 06:57 <DIR> --d----- c:\docume~1\donna\applic~1\Malwarebytes
2009-01-09 18:26 <DIR> --d----- C:\My Downloads
2009-01-05 16:18 90,112 a------- c:\windows\system32\QuickTimeVR.qtx
2009-01-05 16:18 57,344 a------- c:\windows\system32\QuickTime.qts
2008-12-31 12:43 <DIR> --d----- c:\program files\Microsoft ActiveSync

==================== Find3M ====================

2009-01-26 14:06 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2008-12-27 10:52 410,984 a------- c:\windows\system32\deploytk.dll
2008-12-13 01:40 3,593,216 a------- c:\windows\system32\dllcache\mshtml.dll
2008-12-11 05:57 333,952 a------- c:\windows\system32\drivers\srv.sys
2008-12-11 05:57 333,952 -------- c:\windows\system32\dllcache\srv.sys
2008-12-10 09:17 7,808 a------- c:\windows\system32\drivers\psi_mf.sys
2008-12-05 05:02 36,272 a----r-- c:\windows\system32\drivers\SymIM.sys
2008-12-04 19:54 524,288 a------- c:\windows\opuc.dll
2008-11-20 10:26 60,808 a------- c:\windows\system32\S32EVNT1.DLL
2003-08-27 13:19 36,963 a----r-- c:\program files\common files\SM1updtr.dll
2003-04-09 06:03 1,433 a------- c:\program files\INSTALL.LOG

============= FINISH: 7:52:58.37 ===============

Attach Txt below. The UPLOAD function appears to complete but nothing gets uploaded.


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-01-19.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 5/21/2002 12:13:19 PM
System Uptime: 1/28/2009 7:21:24 AM (0 hours ago)

Motherboard: ASUSTeK Computer INC. | | P4B266
Processor: Intel® Pentium® 4 CPU 2.00GHz | PGA 478 | 2018/100mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 33.266 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is FIXED (NTFS) - 77 GiB total, 61.209 GiB free.
H: is CDROM (CDFS)

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\C00D04A35042B5
Manufacturer: Microsoft
Name: 1394 Net Adapter #2
PNP Device ID: V1394\NIC1394\C00D04A35042B5
Service: NIC1394

==== System Restore Points ===================

RP2552: 1/23/2009 6:01:09 PM - Installed SUPERAntiSpyware Free Edition
RP2553: 1/24/2009 6:46:07 PM - System Checkpoint
RP2554: 1/25/2009 12:01:32 PM - Installed TurboTax 2008 wrapper
RP2555: 1/25/2009 12:01:54 PM - Installed TurboTax 2008 WinPerReleaseEngine
RP2556: 1/25/2009 12:04:11 PM - Installed TurboTax 2008 WinPerFedFormset
RP2557: 1/25/2009 12:05:09 PM - Installed TurboTax 2008 WinPerTaxSupport
RP2558: 1/25/2009 12:05:38 PM - Installed TurboTax 2008 WinPerProgramHelp
RP2559: 1/25/2009 12:06:14 PM - Installed TurboTax 2008 WinPerUserEducation
RP2560: 1/25/2009 12:06:31 PM - Installed AnswerWorks 5.0 English Runtime
RP2561: 1/26/2009 8:02:46 AM - Configured iTunes
RP2562: 1/26/2009 8:33:21 AM - Installed Windows Installer Clean Up
RP2563: 1/26/2009 8:52:31 AM - Installed iTunes
RP2564: 1/26/2009 1:08:58 PM - Software Distribution Service 3.0
RP2565: 1/26/2009 1:09:23 PM - Installed Windows XP KB956802.
RP2566: 1/26/2009 1:10:01 PM - Installed Windows XP KB954600.
RP2567: 1/26/2009 1:10:36 PM - Installed Windows XP KB958687.
RP2568: 1/26/2009 1:35:58 PM - Software Distribution Service 3.0
RP2569: 1/26/2009 1:51:33 PM - Installed Windows XP Service Pack 3.
RP2570: 1/26/2009 2:09:52 PM - Installed Windows XP KB938464.
RP2571: 1/26/2009 2:10:38 PM - Installed Windows XP KB946648.
RP2572: 1/26/2009 2:11:29 PM - Installed Windows XP KB950762.
RP2573: 1/26/2009 2:12:19 PM - Installed Windows XP KB950974.
RP2574: 1/26/2009 2:13:06 PM - Installed Windows XP KB951066.
RP2575: 1/26/2009 2:13:57 PM - Installed Windows XP KB951376.
RP2576: 1/26/2009 2:14:41 PM - Installed Windows XP KB951376-v2.
RP2577: 1/26/2009 2:15:26 PM - Installed Windows XP KB951698.
RP2578: 1/26/2009 2:16:09 PM - Installed Windows XP KB951748.
RP2579: 1/26/2009 2:16:54 PM - Installed Windows XP KB952287.
RP2580: 1/26/2009 2:17:34 PM - Installed Windows XP KB952954.
RP2581: 1/26/2009 2:18:20 PM - Installed Windows XP KB954211.
RP2582: 1/26/2009 2:19:06 PM - Installed Windows XP KB954600.
RP2583: 1/26/2009 2:19:48 PM - Installed Windows XP KB955069.
RP2584: 1/26/2009 2:20:34 PM - Installed Windows XP KB956802.
RP2585: 1/26/2009 2:21:16 PM - Installed Windows XP KB956803.
RP2586: 1/26/2009 2:21:57 PM - Installed Windows XP KB956841.
RP2587: 1/26/2009 2:22:40 PM - Installed Windows XP KB957095.
RP2588: 1/26/2009 2:23:22 PM - Installed Windows XP KB957097.
RP2589: 1/26/2009 2:24:04 PM - Installed Windows XP KB958644.
RP2590: 1/26/2009 2:24:49 PM - Installed Windows XP KB958687.
RP2591: 1/26/2009 6:27:14 PM - Software Distribution Service 3.0
RP2592: 1/26/2009 6:27:38 PM - Installed Windows XP KB954459.
RP2593: 1/26/2009 6:28:10 PM - Installed Windows XP KB951978.
RP2594: 1/27/2009 6:35:45 PM - System Checkpoint

==== Installed Programs ======================


Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Photoshop Album 2.0 Starter Edition
Adobe Reader 7.1.0
AIM 6
AIM Toolbar
AnswerWorks 4.0 Runtime - English
AnswerWorks 5.0 English Runtime
AOL Explorer
AOL Instant Messenger
AOL Toolbar 2.0
AOL Uninstaller (Choose which Products to Remove)
APC PowerChute Personal Edition
Apple Mobile Device Support
Apple Software Update
ASUS Probe V2.15.07
AT&T Global Network Client
ATI Multimedia Center
BearShare
BearShare MediaBar
Bicycle Card Games
Bicycle Card Games 1.0 Demo
Bicycle Casino
Bonjour
CaptureWizPro 3.20
CDDRV_Installer
Chaos Pack 1.00 for Pocket Tanks Deluxe
Cole2k Media - Codec Pack V5.25 Advanced
Collapse! Deluxe II
Creative DVD Audio Plugin for Audigy Series
Cypress USB Mass Storage Driver Installation
Data Lifeguard Tools
Diskeeper Professional Edition
Download Updater (AOL LLC)
Easy CD Creator 5 Platinum
eMusic - 50 Free MP3 offer
Event Planner
Flamethrower Pack 1.00a for Pocket Tanks Deluxe
Google Earth
Google Updater
Hallmark Card Studio 3 Deluxe
Hemera Products
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
Hotfix for Windows XP (KB952287)
hp instant support
HP Memories Disc
HP Photo and Imaging 2.0 - Scanners
Intel Application Accelerator
Intel® Processor Frequency ID Utility
InterActual Player
InterVideo WinDVD 6
iPod for Windows 2005-06-26
iPod for Windows 2005-11-17
iPod for Windows 2006-01-10
ItsDeductible Express
iTunes
Java™ 6 Update 11
JumpStart First Grade v2.4
JumpStart Kindergarten v2.4b
KhalInstallWrapper
KhalSetup
LimeWire 4.18.8
LiveReg (Symantec Corporation)
LiveUpdate 3.1 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Logitech Desktop Messenger
Logitech iTouch Software
Logitech MouseWare 9.73
Logitech QuickCam
Logitech Resource Center
Logitech SetPoint
Lotus NotesSQL 3.01 driver
Lotus SmartSuite - English
MadOnion.com/3DMark2001 SE
MadOnion.com/PCMark2002
Malwarebytes' Anti-Malware
Maxtor OneTouch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB886903)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Baseline Security Analyzer 1.2.1
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft LifeCam
Microsoft National Language Support Downlevel APIs
Microsoft Office Standard Edition 2003
Microsoft Train Simulator
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows Journal Viewer
MobileMe Control Panel
Mozilla Firefox (3.0.5)
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Norton Ghost 10.0
Norton Internet Security
Nuke Pack 1.00 for Pocket Tanks Deluxe
NVIDIA Display Driver
NVIDIA Windows 2000/XP Display Drivers
Password Manager 2.5
PC Magazine StartupCop Pro
PCI Audio Driver
PlexTools Professional V2.23
Pocket Tanks Deluxe 1.00b
PowerDVD
PSP WIFI Max
Quicken 2003 Deluxe
QuickTime
RealOne Player
Roxio Burn Engine
Roxio Easy Media Creator 7
Secunia PSI
Security Update for CAPICOM (KB931906)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
ShareIns
Shockwave
SMARTDefender
Super DX-Ball Deluxe v1.00
Super Pack v1.1 for Pocket Tanks Deluxe
SUPERAntiSpyware Free Edition
Symantec Network Driver Update
The Sims 2
The Sims Unleashed
TrayDay
TurboTax 2008
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wrapper
TurboTax Deluxe 2004
TurboTax Deluxe 2005
TurboTax Deluxe 2007
TurboTax ItsDeductible 2005
TurboTax ItsDeductible 2006
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
USB Storage Adapter FX (MXO)
USB Storage Adapter FX (SM1)
USBControl
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Viewpoint Toolbar
WebFldrs XP
WexTech AnswerWorks
WildTangent Web Driver
Winamp
Windows Defender
Windows Defender Signatures
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool
Windows Installer Clean Up
Windows Internet Explorer 7
Windows Live installer
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format Runtime
Windows Media Player 10
Windows XP Service Pack 3
WinMX
WinZip
Yahoo! Browser Services
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Toolbar
ZyDAS IEEE 802.11 b+g Wireless LAN - USB

==== Event Viewer Messages From Past Week ========

1/21/2009 2:55:37 PM, error: Service Control Manager [7000] - The ATI TV Wonder WDM Video Crossbar service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
1/21/2009 2:55:37 PM, error: Service Control Manager [7000] - The ATI TV Wonder TVTuner, WDM TvTuner service failed to start due to the following error: The system cannot find the file specified.
1/21/2009 2:55:37 PM, error: Service Control Manager [7000] - The ATI TV Wonder BtCap, WDM Video Capture service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
1/21/2009 2:55:37 PM, error: Service Control Manager [7000] - The ATI TV Wonder WDM Audio Crossbar service failed to start due to the following error: The system cannot find the file specified.
1/21/2009 2:53:13 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
1/21/2009 2:50:59 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
1/21/2009 2:39:48 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
1/21/2009 2:38:43 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BHDrvx86 ccHP eeCtrl Fips IDSxpx86 intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SRTSP SRTSPX SYMTDI Tcpip V2IMount
1/21/2009 2:38:43 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/21/2009 2:38:43 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD Networking Support Environment service which failed to start because of the following error: A device attached to the system is not functioning.
1/21/2009 2:38:43 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
1/21/2009 2:38:43 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBT service which failed to start because of the following error: A device attached to the system is not functioning.
1/21/2009 10:23:06 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx86 ccHP eeCtrl Fips IDSxpx86 intelppm SRTSP SRTSPX SYMTDI V2IMount
1/22/2009 1:40:32 PM, error: NetBT [4321] - The name "NAS8-20163 :1d" could not be registered on the Interface with IP address 192.168.0.10. The machine with the IP address 192.168.0.3 did not allow the name to be claimed by this machine.
1/23/2009 8:25:31 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
1/23/2009 6:08:07 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx86 ccHP eeCtrl Fips IDSxpx86 intelppm SASDIFSV SASKUTIL SRTSP SRTSPX SYMTDI V2IMount
1/26/2009 12:39:10 PM, error: Service Control Manager [7000] - The Upload Manager service failed to start due to the following error: The account specified for this service is different from the account specified for other services running in the same process.
1/26/2009 1:10:27 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework, Version 1.1 Service Pack 1 (KB886903).
1/22/2009 2:02:56 PM, information: Windows File Protection [64016] - Windows File Protection file scan was started.
1/22/2009 2:26:31 PM, information: Windows File Protection [64017] - Windows File Protection file scan completed successfully.

==== End Of File ===========================

BC AdBot (Login to Remove)

 


#2 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:45 PM

Posted 07 February 2009 - 02:18 PM

Hi

My name is Extremeboy (or EB for short), and I will be helping you with your log.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a description of your problem, along with any steps you may have performed so far.

If you do not make a reply in 5 days, we will need to close your topic.

You may want to keep the link to this topic in your favourites. Alternatively, you can click the Posted Image button at the top bar of this topic and Track this Topic. The topics you are tracking can be found here.

Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.
  • Please reply using the Posted Image button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply.
  • Old topics are closed after 3 days with no reply, and working topics are closed after 5 days. If for any reason you cannot complete instructions within that time, that's fine, just post back here so that we know you're still here.


Download and Run ATFCleaner

Please download ATF Cleaner by Atribune. This program will clear out temporary files and settings. You will likely be logged out of the forum where you are recieving help.

This program is for XP and Windows 2000 only.
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main Select Files to Delete choose: Select All.
  • Click the Empty Selected button.
If you use Firefox browser also...
  • Click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browser also...
  • Click Opera at the top and choose: Select All
  • Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Download and Run OTScanIt

Download OTScanIt by OldTimer to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt on your desktop.
  • Open the OTScanIt folder and double-click on OTScanIt.exe to start the program. If you are running on Vista then right-click the program and choose Run as Administrator.
  • Check the Scan all users box at the top left.
  • Change the Rootkit Scan setting from "No" to Yes.
  • Click the Extras button under "Additional Scans".
  • Now click the Run Scan button on the toolbar.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
  • Close Notepad (saving the change if necessary).
  • Use the Add Reply button in the forum and Attach the scan back here (do not copy/paste it as it will be too big to fit into the post). It will be located in the OTScanIt folder and named OTScanIt.txt.
Download and Run Scan with GMER

We will use GMER to scan for rootkits.
  • Download gmer.zip and save to your desktop.
    Alternate Download Site 1
    Alternate Download Site 2
  • Unzip/extract the file to its own folder. (Click here for information on how to do this if not sure. Win 2000 users click here.
  • When you have done this, disconnect from the Internet and close all running programs.
    There is a small chance this application may crash your computer so save any work you have open.
  • Double-click on Gmer.exe to start the program.
  • Allow the gmer.sys driver to load if asked.
  • If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO.
  • Click the >>>
  • Click on Settings, then check the first five settings:
    • System Protection and Tracing
    • Processes
    • Save created processes to the log
    • Drivers
    • Save loaded drivers to the log
  • You will be prompted to restart your computer. Please do so.
After the reboot, run Gmer again and click on the Rootkit tab.
  • Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive.
  • Make sure all other boxes on the right of the screen are checked, EXCEPT for Show All.
  • Click on the Scan and wait for the scan to finish.
    Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan. You will know that the scan is done when the Stop buttons turns back to Scan.
  • When completed, click on the Copy button and right-click on your Desktop, choose New>Text document. Once the file is created, open it and right-click again and choose Paste. Save the file as gmer.txt and copy the information in your next reply.
Important!:Please do not select the Show all checkbox during the scan..

Run Scan with Kaspersky

Please do a scan with Kaspersky Online Scanner.

If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
  • Please disable your realtime protection software before proceeding. Refer to this page if you are unsure how.
  • Open the Kaspersky Scanner page.
  • Click on Accept and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
You can refer to this animation by sundavis.

Some questions:

1) IE 7.0 is not recognized as a supported browser by the Windows Update website.

2) Doing a Google search with either IE 7.0 or FireFox 3.0.5 may yield links to questionable websites.

1) What do you mean it is not supproted/recongnized? Do you get an error when visiting this page? Such as: "Internet Explorer cannot display the webpage"?
2)Why do you say questionable sites? Do they get redirected to something else or the address itself isn't correct>

Post back with the answer to my question and then do the scans I mentioned above.

Please post back with:
-OTScanIT log
-GMER Log
-Kaspersky log
-Answers to my question
-What Problems do you still have?


With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#3 GeorgiaIceCream

GeorgiaIceCream
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:45 PM

Posted 07 February 2009 - 03:27 PM

EB, I appreciate your help. I'm out of town and won't have access to the problem PC until early next week.

I'll attempt to answer your 2 questions now.

1) When I say that the Windows Update website doesn't recognize the IE 7.0 browser on the PC. I mean that it returns the following message:

" Thank you for your interest in obtaining updates from our site.

To use this site, you must be running Microsoft Internet Explorer 5 or later.

To upgrade to the latest version of the browser, go to the Internet Explorer Downloads website.

If you prefer to use a different web browser, you can obtain updates from the Microsoft Download Center or you can stay up to date with the latest critical and security updates by using Automatic Updates. To turn on Automatic Updates:

  • Click Start, and then click Control Panel.
  • Depending on which Control Panel view you use, Classic or Category, do one of the following:
    • Click System, and then click the Automatic Updates tab.
    • Click Performance and Maintenance, click System, and then click the Automatic Updates tab.
  • Click the option that you want. Make sure Automatic Updates is not turned off."
2) What do I mean by questionable websites returned from Google searches? The info below was originally posted in the Am-I-Infected forum of the same topic "IE 7.0 Unable To Access Windows Update". It was Post #10:

"
I have continued to research the issue. Mostly, I've used another PC that doesn't have a problem. I just tried to a Google search on "ASPNET" using the PC with the problem. Here are the search results:


<h2 class="hd">Search Results</h2>
Very clearly, the results contain bogus websites. Whatever the bad guy is, it also affects Google searches.

This post has been edited by GeorgiaIceCream: Jan 27 2009, 01:26 PM "

I apologize for the messy look. The underlined topics returned are O.K. The websites that are supposedly related are not the right ones. I did the same search on a PC w/o the problem and got the same underlined topics but very different websites.

The PC still has all the problems that I stipulated. I've read over your list of to-dos. I don't see anything that I'm not comfortable with. I'll post again when I get back in town and have access to the problem PC.



lt;/body&gt; &lt;/html&gt;

#4 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:45 PM

Posted 07 February 2009 - 03:45 PM

Hello.

Since you are going to be away for a week. I will close this topic for now and once you come back just Send Me a Message. In your message please include the address of this thread in your request.

Just to be fair since we close topics that do not have a reply more than 5 days. OnceI open it you can post the logs.

Thanks for understanding.

With regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#5 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:45 PM

Posted 10 February 2009 - 12:59 PM

Hello.

Topic Re-opened upon user's request. Please post back with the logs when you are ready.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#6 GeorgiaIceCream

GeorgiaIceCream
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:45 PM

Posted 11 February 2009 - 02:10 PM

1) Downloaded and ran ATF Cleaner. It ran to normal completion.

2) Downloaded and ran OTScanIt. For whatever reason, I can't include attachments to BC forums on this PC. I have sent it to another PC and will attach it from there.

3) Downloaded and ran GMER. Results below:

GMER 1.0.14.14536 - httpwww.gmer.net
Rootkit scan 2009-02-11 094135
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.14 ----

SSDT 8904A050 ZwAlertResumeThread
SSDT 888F5050 ZwAlertThread
SSDT 8875D990 ZwAllocateVirtualMemory
SSDT 888F2050 ZwAssignProcessToJobObject
SSDT a347bus.sys (Plug and Play BIOS Extension ) ZwClose [0xF75BC028]
SSDT 891A07B8 ZwConnectPort
SSDT CWINDOWSsystem32DriversSYMEVENT.SYS (Symantec Event LibrarySymantec Corporation) ZwCreateKey [0xB94D2020]
SSDT 8875D188 ZwCreateMutant
SSDT a347bus.sys (Plug and Play BIOS Extension ) ZwCreatePagingFile [0xF75AFB00]
SSDT 8875CC48 ZwCreateSymbolicLinkObject
SSDT 89142B38 ZwCreateThread
SSDT 89048050 ZwDebugActiveProcess
SSDT CWINDOWSsystem32DriversSYMEVENT.SYS (Symantec Event LibrarySymantec Corporation) ZwDeleteKey [0xB94D22A0]
SSDT CWINDOWSsystem32DriversSYMEVENT.SYS (Symantec Event LibrarySymantec Corporation) ZwDeleteValueKey [0xB94D2800]
SSDT 8875DAE8 ZwDuplicateObject
SSDT a347bus.sys (Plug and Play BIOS Extension ) ZwEnumerateKey [0xF75B05DC]
SSDT a347bus.sys (Plug and Play BIOS Extension ) ZwEnumerateValueKey [0xF75BC120]
SSDT 8875D7F0 ZwFreeVirtualMemory
SSDT 8910C050 ZwImpersonateAnonymousToken
SSDT 8887A050 ZwImpersonateThread
SSDT 892D83C8 ZwLoadDriver
SSDT 887DB2C0 ZwMapViewOfSection
SSDT 89049050 ZwOpenEvent
SSDT a347bus.sys (Plug and Play BIOS Extension ) ZwOpenFile [0xF75AFB40]
SSDT a347bus.sys (Plug and Play BIOS Extension ) ZwOpenKey [0xF75BBFA4]
SSDT 8875DC88 ZwOpenProcess
SSDT 8910E050 ZwOpenProcessToken
SSDT 8910B050 ZwOpenSection
SSDT 8875DBB8 ZwOpenThread
SSDT 8875CD18 ZwProtectVirtualMemory
SSDT a347bus.sys (Plug and Play BIOS Extension ) ZwQueryKey [0xF75B05FC]
SSDT a347bus.sys (Plug and Play BIOS Extension ) ZwQueryValueKey [0xF75BC076]
SSDT 8914FCF0 ZwResumeThread
SSDT 8904B050 ZwSetContextThread
SSDT 8875D610 ZwSetInformationProcess
SSDT 888F3050 ZwSetSystemInformation
SSDT a347bus.sys (Plug and Play BIOS Extension ) ZwSetSystemPowerState [0xF75BB550]
SSDT CWINDOWSsystem32DriversSYMEVENT.SYS (Symantec Event LibrarySymantec Corporation) ZwSetValueKey [0xB94D2A50]
SSDT 88879050 ZwSuspendProcess
SSDT 8910D050 ZwSuspendThread
SSDT 8913F2F0 ZwTerminateProcess
SSDT 8887B050 ZwTerminateThread
SSDT 888F6050 ZwUnmapViewOfSection
SSDT 8875D8C0 ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.14 ----

SYMEFA.SYS The system cannot find the file specified. !

---- User code sections - GMER 1.0.14 ----

.text CProgram FilesWindows LiveMessengerMsnMsgr.Exe[1412] kernel32.dll!SetUnhandledExceptionFilter 7C8449FD 5 Bytes JMP 0056DBBD CProgram FilesWindows LiveMessengerMsnMsgr.Exe (Windows Live MessengerMicrosoft Corporation)

---- User IATEAT - GMER 1.0.14 ----

IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32USER32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32USER32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32USER32.dll [KERNEL32.dll!GetProcAddress] [63602441] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32USER32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32GDI32.dll [KERNEL32.dll!GetProcAddress] [63602441] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32GDI32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32SHELL32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32SHELL32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32SHELL32.dll [KERNEL32.dll!GetProcAddress] [63602441] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [63602AE9] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32SHELL32.dll [USER32.dll!AnimateWindow] [63601740] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32SHELL32.dll [USER32.dll!TrackPopupMenuEx] [636015EF] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32SHELL32.dll [USER32.dll!DefWindowProcA] [6360208F] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32SHELL32.dll [USER32.dll!GetSysColor] [63601FC4] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32SHELL32.dll [USER32.dll!DefWindowProcW] [63602065] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32SHELL32.dll [USER32.dll!TrackPopupMenu] [636015C8] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [63602AE9] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [63602441] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32SHLWAPI.dll [USER32.dll!DefWindowProcA] [6360208F] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32SHLWAPI.dll [USER32.dll!DefWindowProcW] [63602065] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32SHLWAPI.dll [USER32.dll!GetSysColor] [63601FC4] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32SHLWAPI.dll [USER32.dll!TrackPopupMenu] [636015C8] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)
IAT CProgram FilesYahoo!Messengerymsgr_tray.exe[4260] @ CWINDOWSsystem32SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [636015EF] CProgram FilesYahoo!SharedYbSkin2.dll (Yahoo! Skinning ObjectYahoo! Inc.)

---- Devices - GMER 1.0.14 ----

Device FileSystemNtfs Ntfs 8A65CA10

AttachedDevice FileSystemNtfs Ntfs SymSnap.sys (StorageCraft Volume Snap-ShotStorageCraft)

Device FileSystemFastfat FatCdrom 882121B0

AttachedDevice DriverTcpip DeviceIp SYMTDI.SYS (Network Dispatch DriverSymantec Corporation)

Device FileSystemUdfReadr_xp DeviceUdfReadr_XP 89190790
Device FileSystemUDFReadr DeviceUdfReadr 89205B88

AttachedDevice DriverTcpip DeviceTcp SYMTDI.SYS (Network Dispatch DriverSymantec Corporation)
AttachedDevice DriverFtdisk DeviceHarddiskVolume1 SymSnap.sys (StorageCraft Volume Snap-ShotStorageCraft)
AttachedDevice DriverFtdisk DeviceHarddiskVolume1 fltmgr.sys (Microsoft Filesystem Filter ManagerMicrosoft Corporation)
AttachedDevice DriverFtdisk DeviceHarddiskVolume2 SymSnap.sys (StorageCraft Volume Snap-ShotStorageCraft)
AttachedDevice DriverFtdisk DeviceHarddiskVolume2 fltmgr.sys (Microsoft Filesystem Filter ManagerMicrosoft Corporation)

Device DriverCdrom DeviceCdRom0 8932FAB0
Device FileSystemRdbss DeviceFsWrap 8913C380
Device FileSystemDVDVRRdr_xp DeviceDVDVRRdr 893451B8
Device DriverCdrom DeviceCdRom1 8932FAB0
Device DriverIdeChnDr DeviceIdeIdeDeviceP1T0L0 8933D450
Device DriverIdeChnDr DeviceIdeIdeDeviceP1T1L0 8933D450
Device DriverIdeChnDr DeviceIdeIdeDeviceP0T0L0 8933D450
Device DriverIdeChnDr DeviceIdeIdeChnDr0 8933D450
Device DriverIdeChnDr DeviceIdeIdeChnDr1 8933D450
Device DriverIdeChnDr DeviceIdeIdeDeviceP0T1L0 8933D450
Device DriverCdrom DeviceCdRom2 8932FAB0
Device FileSystemSrv DeviceLanmanServer 88214B60

AttachedDevice DriverTcpip DeviceUdp SYMTDI.SYS (Network Dispatch DriverSymantec Corporation)
AttachedDevice DriverTcpip DeviceRawIp SYMTDI.SYS (Network Dispatch DriverSymantec Corporation)

Device FileSystemMRxSmb DeviceLanmanDatagramReceiver 888FCAA0
Device FileSystemMRxSmb DeviceLanmanRedirector 888FCAA0
Device FileSystemNpfs DeviceNamedPipe 8918D4C0
Device FileSystemcdudf_XP DeviceCdUdf_XP 891992C8
Device FileSystemMsfs DeviceMailslot 891832C0
Device Drivera347scsi DeviceScsia347scsi1Port2Path0Target0Lun0 892DBF00
Device Drivera347scsi DeviceScsia347scsi1 892DBF00
Device FileSystemFastfat Fat 882121B0

AttachedDevice FileSystemFastfat Fat fltmgr.sys (Microsoft Filesystem Filter ManagerMicrosoft Corporation)
AttachedDevice FileSystemFastfat Fat SymSnap.sys (StorageCraft Volume Snap-ShotStorageCraft)

Device FileSystemFs_Rec FileSystemUdfsCdRomRecognizer 891A58A0
Device FileSystemFs_Rec FileSystemFatCdRomRecognizer 891A58A0
Device FileSystemFs_Rec FileSystemCdfsRecognizer 891A58A0
Device FileSystemFs_Rec FileSystemFatDiskRecognizer 891A58A0
Device FileSystemFs_Rec FileSystemUdfsDiskRecognizer 891A58A0
Device FileSystemCdfs Cdfs 885DB178

---- Modules - GMER 1.0.14 ----

Module ____________ F745A000-F7472000 (98304 bytes)

---- Registry - GMER 1.0.14 ----

Reg HKLMSYSTEMCurrentControlSetServicesa347scsiConfigjdgg40
Reg HKLMSYSTEMCurrentControlSetServicesa347scsiConfigjdgg40@ujdew 0x20 0x02 0x00 0x00 ...
Reg HKLMSYSTEMCurrentControlSetServicesa347scsiConfigjdgg40@ljej40 0x56 0x2E 0x0B 0xFD ...
Reg HKLMSOFTWAREClassesCLSID{A40F8BBE-77CD-78A3-DF6D-3C14B7105899}InprocServer32@ CWINDOWSSystem32quartz.dll
Reg HKLMSOFTWAREClassesCLSID{A40F8BBE-77CD-78A3-DF6D-3C14B7105899}InprocServer32@ThreadingModel Both

---- EOF - GMER 1.0.14 ----

4) Downloaded and ran Kaspersky scan. Results below:

KASPERSKY ONLINE SCANNER 7 REPORT Wednesday, February 11, 2009
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Wednesday, February 11, 2009 15:19:44
Records in database: 1782735

Scan settings Scan using the following database extended Scan archives yes Scan mail databases yes
Scan area My Computer A:\
C:\
D:\
E:\
F:\
H:\
Scan statistics Files scanned 172243 Threat name 3 Infected objects 8 Suspicious objects 0 Duration of the scan 03:07:42
File name Threat name Threats count C:\Documents and Settings\Donna\DoctorWeb\Quarantine\A0306905.exeInfected: not-a-virus:AdWare.Win32.Mostofate.aa1

C:\Documents and Settings\Donna\DoctorWeb\Quarantine\A0306905.exeInfected: not-a-virus:AdWare.Win32.Shopper.am1

C:\Documents and Settings\Donna\DoctorWeb\Quarantine\Dc227.exeInfected: not-a-virus:AdWare.Win32.Mostofate.aa1

C:\Documents and Settings\Donna\DoctorWeb\Quarantine\Dc227.exeInfected: not-a-virus:AdWare.Win32.Shopper.am1

C:\Documents and Settings\Donna\DoctorWeb\Quarantine\mediabar.dllInfected: not-a-virus:AdWare.Win32.Mostofate.aa1

C:\Documents and Settings\Donna\DoctorWeb\Quarantine\MediaBar.exeInfected: not-a-virus:AdWare.Win32.Mostofate.aa1

C:\Documents and Settings\Donna\Shared\biggest freak keri hilson - greatest hits.wmaInfected: Trojan-Downloader.WMA.Wimad.n1

C:\Documents and Settings\Donna\Shared\bootleg strizzo.wmaInfected: Trojan-Downloader.WMA.Wimad.n1

The selected area was scanned.

#7 GeorgiaIceCream

GeorgiaIceCream
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:45 PM

Posted 11 February 2009 - 02:19 PM

Hmm. I can't attach files from this PC either. They appear to UPLOAD but never show up as a current attachment. We're talking the OTScanIt log. Got an email address I can send it to?

#8 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:45 PM

Posted 11 February 2009 - 04:49 PM

Hello.

We're talking the OTScanIt log. Got an email address I can send it to?

Upload it to MediaFire then. There seem to be something suspicious going on. I will need to confirm that with the OTScanIT log.

Upload File to MediaFire
Please upload the OTScanIT2 log using MediaFire.
  • Go to Media Fire
  • Click the Large Green button that says UPLOAD FILE TO MEDIAFIRE
  • When asked do you have a MediaFire account please select: I want to upload without an account
  • A Browser window shall then appear
  • Navigate to the log you want to send to me and click on the file to highlight it.
  • Then select Open
  • Another page shall appear, after it finish loading please select the big green button that says: START UPLOAD
  • Follow any prompts after that to finish the upload process
  • When the Upload is complete, under the Sharing URL: please copy and paste that link in your next reply so I can download and see it.
Tell me how it goes and post the sharing URL. What problems do you still have?

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#9 GeorgiaIceCream

GeorgiaIceCream
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:45 PM

Posted 11 February 2009 - 06:00 PM

Here is sharing URL for OTScanIT data: http://www.mediafire.com/?nmyjxhzj9qz

I think there's something in my BC profile that won't let me upload. I have seen this with other info that I tried to post.

PC still has all 3 problems.

Georgia Ice Cream

#10 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:45 PM

Posted 11 February 2009 - 06:08 PM

Hello.

Thanks for the log. I downloaded it but I can not anaylze the log at the moment. I need to leave now so I will check back tonight if I have time. The OTScanIT2 log was a very big file (3+ MB)

Thanks for being patient and I will get back to you ASAP.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#11 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:45 PM

Posted 11 February 2009 - 09:13 PM

Hello.

When you were scanning with OTScanIT2 what was the File Age at the top? The OTScanIT2 log was extremly long dating from today 2009-2-11 all the way to 1994-4-06.

That was crazy :thumbup2:

Let's just remove the leftovers and run a scan. We will deal specfically with the Windows update next post. To be honest I'm not exactly sure what's going on with your windows Update.

Peer-to-Peer Programs Warning

Your log shows that you are using so called peer-to-peer or file-sharing programs (in your case Lime Wire). These programs allow to share files between users as the name(s) suggest. In today's world cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: File-Sharing, otherwise known as Peer To Peer and Risks of File-Sharing Technology.

It is also important to note that sharing entertainment files and proprietary software infringes the copyright laws in many countries over the world and you are putting yourself at risk of being indicted through organizations watching over the rights of the authors of such files (i.e. the RIAA for music files, or the MPAA for movie files in the USA) or the authors of the files themselves.

Naturally there are also legal ways to use these services, such as downloading Linux distributions or office suites such as "Open Office."

It is your decision whether or not you wish to keep your program(s) but I suggest you remove it via add/remove. However, please refrain from using them until your computer has been declared clean.
Backup Registry with ERUNT

This tool will create a complete backup of your registry. A backup is created to ensure we have backup so encase anything goes wrong we can deal with it. Do not delete these backups until we are finished.
  • Please download erunt-setup.exe to your desktop.
  • Double click erunt-setup.exe. Follow the prompts and allow ERUNT to be installed with the settings at default. If you do not want a Desktop icon, feel free to uncheck that. When asked if you want to create an ERUNT entry in the startup folder, answer Yes. You can delete the installation file after use.
  • Erunt will open when the installation is finished. Check all items to be backed up in the default location and click OK.
You can find a complete guide to using the program here:
http://www.larshederer.homepage.t-online.de/erunt/erunt.txt


How to Restore from the ERUNT Backup
Only restore from the backups if instructed to, or you need to do so. You need it if after doing something, your computer will only boot in Safe Mode and you are unable to contact us (or anyone else) for help by other means, or if your computer will not boot into Windows at all.

To restore if you can boot, navigate to C:\WINDOWS\erdnt, choose the folder with the most recent date, and double click ERDNT.EXE. Check all boxes in the restoration options.

To restore from the Recovery Console using the Windows CD:
  • Turn on your machine with the disk in the drive.
  • Type in the number of the Windows installation you want to repair (usually 1), then press Enter.
  • Type in the Administrator password (leave blank if you are unsure what it is or if you do not have one) and press Enter.
  • Type without quotes "cd erdnt" followed by Enter.
  • Type without quotes "dir" followed by Enter. This will list out the available folders, whose names are the date on which the backup was taken in (M)M-DD-YYYY format. Try the most recent dates first.
  • Type without quotes "cd **name of the folder**" followed by Enter.
  • Type without quotes "batch erdnt.con" followed by Enter.
  • Type without quotes "exit" followed by Enter.
  • Remove your CD from the drive and reboot your computer into the restored registry. If you still cannot boot, try again with an earlier restore date.


Run Script with OTScanIT2

Note: You must be logged on to the system with an account that has Administrator privileges to run this program.

Download OTScanIt2.exe to your Desktop and double-click on it to extract the files if you lost your copy..
It will create a folder named OTScanIt2 on your desktop. Double click the OTScanIT2 folder than double click on OTScanIT2.exe to star the program.

Copy/Paste the information in the codebox below into the green pane where it says "Paste fix here" and then click the Run Fix button at the top.

[Driver Services - All]
YN -> (Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] -> 
YN -> (abp480n5) abp480n5 [Kernel | Disabled | Stopped] -> 
YN -> (adpu160m) adpu160m [Kernel | Disabled | Stopped] -> 
YN -> (Aha154x) Aha154x [Kernel | Disabled | Stopped] -> 
YN -> (aic78u2) aic78u2 [Kernel | Disabled | Stopped] -> 
YN -> (aic78xx) aic78xx [Kernel | Disabled | Stopped] -> 
YN -> (AliIde) AliIde [Kernel | Disabled | Stopped] -> 
YN -> (amsint) amsint [Kernel | Disabled | Stopped] -> 
YN -> (asc) asc [Kernel | Disabled | Stopped] -> 
YN -> (asc3350p) asc3350p [Kernel | Disabled | Stopped] -> 
YN -> (asc3550) asc3550 [Kernel | Disabled | Stopped] -> 
YN -> (Atdisk) Atdisk [Kernel | Disabled | Stopped] -> 
YN -> (Changer) Changer [Kernel | System | Stopped] -> 
YN -> (CmdIde) CmdIde [Kernel | Disabled | Stopped] -> 
YN -> (Cpqarray) Cpqarray [Kernel | Disabled | Stopped] -> 
YN -> (dac960nt) dac960nt [Kernel | Disabled | Stopped] -> 
YN -> (dpti2o) dpti2o [Kernel | Disabled | Stopped] -> 
YN -> (hpn) hpn [Kernel | Disabled | Stopped] -> 
YN -> (hpt3xx) hpt3xx [Kernel | Disabled | Stopped] -> 
YN -> (i2omgmt) i2omgmt [Kernel | System | Stopped] -> 
YN -> (ini910u) ini910u [Kernel | Disabled | Stopped] -> 
YN -> (lbrtfdc) lbrtfdc [Kernel | System | Stopped] -> 
YN -> (mraid35x) mraid35x [Kernel | Disabled | Stopped] -> 
YN -> (PCIDump) PCIDump [Kernel | System | Stopped] -> 
YN -> (PCIIde) PCIIde [Kernel | Disabled | Stopped] -> 
YN -> (PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] -> 
YN -> (PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] -> 
YN -> (PDRELI) PDRELI [Kernel | On_Demand | Stopped] -> 
YN -> (PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] -> 
YN -> (perc2) perc2 [Kernel | Disabled | Stopped] -> 
YN -> (perc2hib) perc2hib [Kernel | Disabled | Stopped] -> 
YN -> (ql1080) ql1080 [Kernel | Disabled | Stopped] -> 
YN -> (Ql10wnt) Ql10wnt [Kernel | Disabled | Stopped] -> 
YN -> (ql12160) ql12160 [Kernel | Disabled | Stopped] -> 
YN -> (ql1240) ql1240 [Kernel | Disabled | Stopped] -> 
YN -> (ql1280) ql1280 [Kernel | Disabled | Stopped] -> 
YN -> (Simbad) Simbad [Kernel | Disabled | Stopped] -> 
YN -> (Sparrow) Sparrow [Kernel | Disabled | Stopped] -> 
YN -> (symc810) symc810 [Kernel | Disabled | Stopped] -> 
YN -> (symc8xx) symc8xx [Kernel | Disabled | Stopped] -> 
YN -> (sym_hi) sym_hi [Kernel | Disabled | Stopped] -> 
YN -> (sym_u3) sym_u3 [Kernel | Disabled | Stopped] -> 
YN -> (TosIde) TosIde [Kernel | Disabled | Stopped] -> 
YN -> (ultra) ultra [Kernel | Disabled | Stopped] -> 
YN -> (ViaIde) ViaIde [Kernel | Disabled | Stopped] -> 
YN -> (WDICA) WDICA [Kernel | On_Demand | Stopped] -> 
[Registry - Safe List]
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
YN -> {7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
YN -> "{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
YN -> ShellBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
YN -> WebBrowser\\"{40D41A8B-D79B-43D7-99A7-9EE0F344C385}" [HKLM] -> [AIM Search]
YN -> WebBrowser\\"{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-1292428093-789336058-725345543-1003\] > -> HKEY_USERS\S-1-5-21-1292428093-789336058-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\
YN -> ShellBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
YN -> WebBrowser\\"{40D41A8B-D79B-43D7-99A7-9EE0F344C385}" [HKLM] -> [AIM Search]
YN -> WebBrowser\\"{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YN -> "" -> []
YN -> "C-Media Mixer" -> [Mixer.exe /startup]
< Run [HKEY_USERS\S-1-5-21-1292428093-789336058-725345543-1003\] > -> HKEY_USERS\S-1-5-21-1292428093-789336058-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YN -> "Aim6" -> []
< Visitor Startup Folder > -> C:\Documents and Settings\Visitor\Start Menu\Programs\Startup
YN -> %SystemDrive%\Documents and Settings\Visitor\Start Menu\Programs\Startup\Diskeeper 10 Professional Edition Registration.lnk -> 
YN -> %SystemDrive%\Documents and Settings\Visitor\Start Menu\Programs\Startup\TrayDay.lnk -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
YN -> NavLogon -> %SystemRoot%\system32\NavLogon.dll
[Empty Temp Folders]
[Reboot]


The fix should only take a very short time. When the fix is completed a message box will popup either telling you that it is finished, or that a reboot is needed to complete the fix. If the fix is complete, click the Ok button and Notepad will open with a log of actions taken during the fix. Post that log back here in your next reply.

If a reboot is required, click the "Yes" button to reboot the machine. After the reboot, OTScanIt2 will finish moving any files that could not be moved during the fix and NotePad will open with the final results at that time. Post that log back here in your next reply.

Download and Run Dial-a-Fix

This program fixes many common problems in Windows.
  • Please download Dial-A-Fix from one of the following mirrors:
  • Extract the zip file to your desktop.
  • Double click Dial-a-Fix.exe to start the program.
  • Press the green double checkmark box (Looks like this: Posted Image)
  • UNcheck "Empty Temp Folders", as well as "Adjust Time/Date" in the prep section. The prep section should then look like this:
    Posted Image
  • When the window looks like this, press the GO button in the bottom of the window.
    Posted Image
  • Exit/Close Dial-A-Fix
Download and Run ATFCleaner

Please download ATF Cleaner by Atribune. This program will clear out temporary files and settings. You will likely be logged out of the forum where you are recieving help.

This program is for XP and Windows 2000 only.
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main Select Files to Delete choose: Select All.
  • Click the Empty Selected button.
If you use Firefox browser also...
  • Click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browser also...
  • Click Opera at the top and choose: Select All
  • Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Run F-Secure Online Scan

Please run F-Secure Online Scanner.
This scan is for Internet Explorer only.
  • It is suggested that you disable security programs and close any other windows during the scan. While your security is disabled, please refrain from surfing on other sites. Refer to this page if you are unsure how.
  • Go to F-Secure Online Scanner
  • Follow the instructions here for installation.
  • Accept the License Agreement.
  • Once the ActiveX installs, click Full System Scan
  • Once the download completes, the scan will begin automatically. The scan will take some time to finish, so please be patient.
  • When the scan completes, click the Automatic cleaning (recommended) button.
  • Click the Show Report button and copy the entire report in your next reply.
  • Be sure to re-enable any security programs.
Re-Run Scan with OTScanIT2

Run a new OTScanIt2 scan with the following options.

Note: You must be logged on to the system with an account that has Administrator privileges to run this program.
  • Close ALL OTHER PROGRAMS that you have opened currently.
  • Open the OTScanIt2 folder and double-click on OTScanIt2.exe to start the program.
  • Just use the default settings. (Make sure File Age is set to 30 days and use WhiteList near the bottom)
  • Do not change any other settings.
  • Now click the Run Scan button on the toolbar.
  • Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it and close Notepad (save changes if necessary).
  • Close OTScanIt2 and locate the OTScanIt.txt file in the folder where OTScanIt2.exe is located (Should be in the OTScanIT2 folder)
  • Attach that file back here in your next reply.
Attach back with:
-OTScanIT Fix log
-New OTScanIT Scan log


Post back with:
-F-Secure scan log
-Does your problems still remain?


With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#12 GeorgiaIceCream

GeorgiaIceCream
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:45 PM

Posted 12 February 2009 - 02:26 PM

EB, I believe progress has been made. Where are we now?

1) I am able to access the Windows Update website using Internet Explorer now. While I did not attempt to download updates, I did "check" for updates and was able to find some. I was able to review the Update History. No updates have been applied to the system since 01/26/2009. Automatic Updates was working and I turned that off to trouble shoot. I'd like to turn updates back "ON".

2) The issue of Google searches returning questionable websites in searches appears to be resolved. I did searches on 4 sites that always produced the bad results and the results now look O.K. Mathematically, I know that four examples do not prove a theorem. I'll exercise Google a bit more when I get a chance.

3)The error opening the System Restore tab on Systems Properties is still there.

I had the post all done and it was too big. I will segment it and repost.


#13 GeorgiaIceCream

GeorgiaIceCream
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:45 PM

Posted 12 February 2009 - 02:57 PM

Posting first segment of results:

1) I passed on the peer-to-peer warnings.

2) Did Registry backup with ERUNT.

3) Did a Run Fix with OTScanIT2. Log below:

[Driver Services - All]
Service Abiosdsk stopped successfully!
Service abp480n5 stopped successfully!
Service adpu160m stopped successfully!
Service Aha154x stopped successfully!
Service aic78u2 stopped successfully!
Service aic78xx stopped successfully!
Service AliIde stopped successfully!
Service amsint stopped successfully!
Service asc stopped successfully!
Service asc3350p stopped successfully!
Service asc3550 stopped successfully!
Service Atdisk stopped successfully!
Service Changer stopped successfully!
Service CmdIde stopped successfully!
Service Cpqarray stopped successfully!
Service dac960nt stopped successfully!
Service dpti2o stopped successfully!
Service hpn stopped successfully!
Service hpt3xx stopped successfully!
Service i2omgmt stopped successfully!
Service ini910u stopped successfully!
Service lbrtfdc stopped successfully!
Service mraid35x stopped successfully!
Service PCIDump stopped successfully!
Service PCIIde stopped successfully!
Service PDCOMP stopped successfully!
Service PDFRAME stopped successfully!
Service PDRELI stopped successfully!
Service PDRFRAME stopped successfully!
Service perc2 stopped successfully!
Service perc2hib stopped successfully!
Service ql1080 stopped successfully!
Service Ql10wnt stopped successfully!
Service ql12160 stopped successfully!
Service ql1240 stopped successfully!
Service ql1280 stopped successfully!
Service Simbad stopped successfully!
Service Sparrow stopped successfully!
Service symc810 stopped successfully!
Service symc8xx stopped successfully!
Service sym_hi stopped successfully!
Service sym_u3 stopped successfully!
Service TosIde stopped successfully!
Service ultra stopped successfully!
Service ViaIde stopped successfully!
Service WDICA stopped successfully!
[Registry - Safe List]
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E853D72-626A-48EC-A868-BA8D5E23E045}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar\\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{40D41A8B-D79B-43D7-99A7-9EE0F344C385} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40D41A8B-D79B-43D7-99A7-9EE0F344C385}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}\ not found.
Registry value HKEY_USERS\S-1-5-21-1292428093-789336058-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}\ not found.
Registry value HKEY_USERS\S-1-5-21-1292428093-789336058-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{40D41A8B-D79B-43D7-99A7-9EE0F344C385} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40D41A8B-D79B-43D7-99A7-9EE0F344C385}\ not found.
Registry value HKEY_USERS\S-1-5-21-1292428093-789336058-725345543-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\C-Media Mixer deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1292428093-789336058-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Aim6 deleted successfully.
File move failed. C:\Documents and Settings\Visitor\Start Menu\Programs\Startup\Diskeeper 10 Professional Edition Registration.lnk scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Visitor\Start Menu\Programs\Startup\Diskeeper 10 Professional Edition Registration.lnk scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Visitor\Start Menu\Programs\Startup\TrayDay.lnk scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Visitor\Start Menu\Programs\Startup\TrayDay.lnk scheduled to be moved on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon\ deleted successfully.
[Empty Temp Folders]
File delete failed. C:\Documents and Settings\Donna\Local Settings\Temp\etilqs_usPW0B7bjffAFOj3Fkji scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Donna\Local Settings\Temp\Perflib_Perfdata_888.dat scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be deleted on reboot.
Local Service Temp folder emptied.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\JETD740.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_638.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_6cc.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_7b8.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_7d8.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Donna\Local Settings\Application Data\Mozilla\Firefox\Profiles\jl7ol55z.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Donna\Local Settings\Application Data\Mozilla\Firefox\Profiles\jl7ol55z.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Donna\Local Settings\Application Data\Mozilla\Firefox\Profiles\jl7ol55z.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Donna\Local Settings\Application Data\Mozilla\Firefox\Profiles\jl7ol55z.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Donna\Local Settings\Application Data\Mozilla\Firefox\Profiles\jl7ol55z.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
FireFox cache emptied.
RecycleBin -> emptied.
< End of fix log >
OTScanIt2 by OldTimer - Version 1.0.7.1 fix logfile created on 02122009_083845

Files moved on Reboot...
File move failed. C:\Documents and Settings\Visitor\Start Menu\Programs\Startup\Diskeeper 10 Professional Edition Registration.lnk scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Visitor\Start Menu\Programs\Startup\TrayDay.lnk scheduled to be moved on reboot.
File C:\Documents and Settings\Donna\Local Settings\Temp\etilqs_usPW0B7bjffAFOj3Fkji not found!
File C:\Documents and Settings\Donna\Local Settings\Temp\Perflib_Perfdata_888.dat not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat scheduled to be moved on reboot.
File C:\WINDOWS\temp\JETD740.tmp not found!
C:\WINDOWS\temp\Perflib_Perfdata_638.dat moved successfully.
File C:\WINDOWS\temp\Perflib_Perfdata_6cc.dat not found!
C:\WINDOWS\temp\Perflib_Perfdata_7b8.dat moved successfully.
C:\WINDOWS\temp\Perflib_Perfdata_7d8.dat moved successfully.
C:\Documents and Settings\Donna\Local Settings\Application Data\Mozilla\Firefox\Profiles\jl7ol55z.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Donna\Local Settings\Application Data\Mozilla\Firefox\Profiles\jl7ol55z.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Donna\Local Settings\Application Data\Mozilla\Firefox\Profiles\jl7ol55z.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Donna\Local Settings\Application Data\Mozilla\Firefox\Profiles\jl7ol55z.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Donna\Local Settings\Application Data\Mozilla\Firefox\Profiles\jl7ol55z.default\urlclassifier3.sqlite moved successfully.

Registry entries deleted on Reboot...

4) Ran Dial-A-Fix.

5) Ran ATF Cleaner.

More to follow.....

#14 GeorgiaIceCream

GeorgiaIceCream
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:45 PM

Posted 12 February 2009 - 03:03 PM

6) Ran F-Secure Online Scan. Results below:

Scanning Report

Thursday, February 12, 2009 09:34:41 - 11:14:20



Computer name: N-QW5QJYFE34S8J

Scanning type: Scan system for malware, rootkits

Target: C:\ F:\

Result: 3 malware found

Rootkit:W32/Agent (virus)



* System



Rootkit:W32/Agent.ITQ (virus)



* C:\WINDOWS\SYSTEM32\WDMAUD.SYS



TrackingCookie.Doubleclick (spyware)



* System



Statistics

Scanned:



* Files: 53302

* System: 4868

* Not scanned: 819



Actions:



* Disinfected: 0

* Renamed: 0

* Deleted: 0

* None: 3

* Submitted: 0



Files not scanned:



* p _x_ _$NTUNINSTALLQ315000$\SSDPAPI.DLL C:\WINDOWS\$NTUNINSTALLQ315000$\SSDPSRV.DLL

* C:\WINDOWS\$NTUNINSTALLQ315000$\UPNP.DLL

* C:\WINDOWS\$NTUNINSTALLQ315000$\SPUNINST\SPUNINST.EXE

* C:\WINDOWS\$NTUNINSTALLQ315000$\SPUNINST\SPUNINST.INF

* C:\WINDOWS\$NTUNINSTALLQ314862$\QMGR.DLL

* C:\WINDOWS\$NTUNINSTALLQ314862$\SPUNINST\SPUNINST.EXE

* C:\WINDOWS\$NTUNINSTALLQ314862$\SPUNINST\SPUNINST.INF

* C:\WINDOWS\$NTUNINSTALLQ311889$\TERMSRV.DLL

* C:\WINDOWS\$NTUNINSTALLQ311889$\SPUNINST\SPUNINST.EXE

* C:\WINDOWS\$NTUNINSTALLQ311889$\SPUNINST\SPUNINST.INF

* C:\WINDOWS\$NTUNINSTALLQ311542$\PCI.SYS

* C:\WINDOWS\$NTUNINSTALLQ311542$\SPUNINST\SPUNINST.EXE

* C:\WINDOWS\$NTUNINSTALLQ311542$\SPUNINST\SPUNINST.INF

* C:\WINDOWS\$NTUNINSTALLQ310437$\UPS.EXE

* C:\WINDOWS\$NTUNINSTALLQ310437$\SPUNINST\SPUNINST.EXE

* C:\WINDOWS\$NTUNINSTALLQ310437$\SPUNINST\SPUNINST.INF

* C:\WINDOWS\$NTUNINSTALLQ309521$\DXMASF.DLL

* C:\WINDOWS\$NTUNINSTALLQ309521$\HTTPOD51.DLL

* C:\WINDOWS\$NTUNINSTALLQ309521$\LSASRV.DLL

* C:\WINDOWS\$NTUNINSTALLQ309521$\MSDXM.OCX

* C:\WINDOWS\$NTUNINSTALLQ309521$\SFCFILES.DLL

* C:\WINDOWS\$NTUNINSTALLQ309521$\SSINC51.DLL

* C:\WINDOWS\$NTUNINSTALLQ309521$\SPUNINST\SPUNINST.EXE

* C:\WINDOWS\$NTUNINSTALLQ309521$\SPUNINST\SPUNINST.INF

* C:\WINDOWS\$NTUNINSTALLQ308210$\RDCHOST.DLL

* C:\WINDOWS\$NTUNINSTALLQ308210$\SESSMGR.EXE

* C:\WINDOWS\$NTUNINSTALLQ308210$\SPUNINST\SPUNINST.EXE

* C:\WINDOWS\$NTUNINSTALLQ308210$\SPUNINST\SPUNINST.INF

* C:\WINDOWS\$NTUNINSTALLQ307869$\GUITRN.DLL

* C:\WINDOWS\$NTUNINSTALLQ307869$\GUITRN_A.DLL

* C:\WINDOWS\$NTUNINSTALLQ307869$\MIGAPP.INF

* C:\WINDOWS\$NTUNINSTALLQ307869$\MIGWIZ.EXE

* C:\WINDOWS\$NTUNINSTALLQ307869$\MIGWIZ_A.EXE

* C:\WINDOWS\$NTUNINSTALLQ307869$\SCRIPT.DLL

* C:\WINDOWS\$NTUNINSTALLQ307869$\SCRIPT_A.DLL

* C:\WINDOWS\$NTUNINSTALLQ307869$\SYSMOD.DLL

* C:\WINDOWS\$NTUNINSTALLQ307869$\SYSMOD_A.DLL

* C:\WINDOWS\$NTUNINSTALLQ307869$\SPUNINST\SPUNINST.EXE

* C:\WINDOWS\$NTUNINSTALLQ307869$\SPUNINST\SPUNINST.INF

* C:\WINDOWS\$NTUNINSTALLKB833998$\SHELL32.DLL

* C:\WINDOWS\$NTUNINSTALLKB833998$\SXS.DLL

* C:\WINDOWS\$NTUNINSTALLKB828035$\MSGSVC.DLL

* C:\WINDOWS\$NTUNINSTALLKB828035$\WKSSVC.DLL

* C:\WINDOWS\$NTUNINSTALLKB828028$\MSASN1.DLL

* C:\WINDOWS\$NTUNINSTALLKB826942$\DHCPCSVC.DLL

* C:\WINDOWS\$NTUNINSTALLKB826942$\NDIS.SYS

* C:\WINDOWS\$NTUNINSTALLKB826942$\NDISUIO.SYS

* C:\WINDOWS\$NTUNINSTALLKB826942$\NETSHELL.DLL

* C:\WINDOWS\$NTUNINSTALLKB826942$\WZCDLG.DLL

* C:\WINDOWS\$NTUNINSTALLKB826942$\WZCSAPI.DLL

* C:\WINDOWS\$NTUNINSTALLKB826942$\WZCSVC.DLL

* C:\WINDOWS\$NTUNINSTALLKB826939$\CRYPTSVC.DLL

* C:\WINDOWS\$NTUNINSTALLKB826939$\OLE32.DLL

* C:\WINDOWS\$NTUNINSTALLKB826939$\RPCRT4.DLL

* C:\WINDOWS\$NTUNINSTALLKB826939$\RPCSS.DLL

* C:\WINDOWS\$NTUNINSTALLKB824141$\USER32.DLL

* C:\WINDOWS\$NTUNINSTALLKB824141$\WIN32K.SYS

* C:\RECYCLER\S-1-5-21-1292428093-789336058-725345543-1006\DC1.HTML

* C:\RECYCLER\S-1-5-21-1292428093-789336058-725345543-1006\DC5.INI

* C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCRST.DLL

* C:\DOCUMENTS AND SETTINGS\VISITOR\NTUSER.INI

* C:\DOCUMENTS AND SETTINGS\VISITOR\USERDATA\MRIVIVGH\OWINDOWSUPDATE[1].XML

* C:\DOCUMENTS AND SETTINGS\VISITOR\USERDATA\4RCR818B\OWINDOWSUPDATE[1].XML

* C:\DOCUMENC _ _J__



Options

Scanning engines:



* F-Secure USS: 3.0.0

* F-Secure Hydra: 3.6.8511, 2009-02-12

* F-Secure AVP: 7.0.171, 2009-02-12

* F-Secure Pegasus: 1.20.0, 1969-11-31

* F-Secure Blacklight: 0.0.0



Scanning options:



* Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ZIP XXX ANI AVB BAT CMD JOB LSP MAP MHT MIF PHP POT SWF WMF NWS TAR

* Use Advanced heuristics



Copyright © 1998-2007 Product support |Send virus sample to F-Secure

F-Secure assumes no responsibility for material created or published by third parties that F-Secure World Wide Web pages have a link to. Unless you have clearly stated otherwise, by submitting material to any of our servers, for example by E-mail or via our F-Secure's CGI E-mail, you agree that the material you make available may be published in the F-Secure World Wide Pages or hard-copy publications. You will reach F-Secure public web site by clicking on underlined links. While doing this, your access will be logged to our private access statistics with your domain name.This information will not be given to any third party. You agree not to take action against us in relation to material that you submit. Unless you have clearly stated otherwise, by submitting material you warrant that F-Secure may incorporate any concepts described in it in the F-Secure products/publications without liability.


More to follow.....

#15 GeorgiaIceCream

GeorgiaIceCream
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:45 PM

Posted 12 February 2009 - 03:12 PM

7) Re-ran OTScanIT2 scan. I made sure to specify 30 days. On the first scan, I did select "all" since I have no real idea of the point in time that this PC got sick. Log is below:

<BR>OTScanIt2 logfile created on: 2/12/2009 12:40:38 PM - Run 5<BR>OTScanIt2 by OldTimer - Version 1.0.7.1	 Folder = C:\Documents and Settings\Donna\Desktop\OTScanIt2<BR>Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation<BR>Internet Explorer (Version = 7.0.5730.13)<BR>Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy<BR> <BR>1.50 Gb Total Physical Memory | 0.97 Gb Available Physical Memory | 64.44% Memory free<BR>4.00 Gb Paging File | 3.90 Gb Available in Paging File | 97.41% Paging File free<BR>Paging file location(s): F:\pagefile.sys 3070 4095;<BR> <BR>%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files<BR>Drive C: | 74.53 Gb Total Space | 35.36 Gb Free Space | 47.45% Space Free | Partition Type: NTFS<BR>D: Drive not present or media not loaded<BR>E: Drive not present or media not loaded<BR>Drive F: | 76.68 Gb Total Space | 60.86 Gb Free Space | 79.36% Space Free | Partition Type: NTFS<BR>G: Drive not present or media not loaded<BR>Drive H: | 650.17 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS<BR>I: Drive not present or media not loaded<BR> <BR>Computer Name: N-QW5QJYFE34S8J<BR>Current User Name: Donna<BR>Logged in as Administrator.<BR> <BR>Current Boot Mode: Normal<BR>Scan Mode: Current user<BR>Whitelist: On<BR>File Age = 30 Days<BR> <BR>[Processes - Safe List]<BR>aluschedulersvc.exe -> %ProgramFiles%\Symantec\LiveUpdate\AluSchedulerSvc.exe -> [2006/09/02 18:36:33 | 00,198,336 | ---- | M] (Symantec Corporation)<BR>apcsystray.exe -> %ProgramFiles%\APC\APC PowerChute Personal Edition\apcsystray.exe -> [2005/12/12 15:03:54 | 00,417,855 | ---- | M] (American Power Conversion Corporation)<BR>applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.)<BR>asusprob.exe -> %ProgramFiles%\ASUS\Probe\AsusProb.exe -> [2001/12/17 20:22:00 | 00,617,984 | ---- | M] ()<BR>ccapp.exe -> %CommonProgramFiles%\Symantec Shared\ccApp.exe -> [2006/09/03 02:04:26 | 00,084,640 | ---- | M] (Symantec Corporation)<BR>ccsvchst.exe -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> [2006/09/03 02:04:08 | 00,105,632 | ---- | M] (Symantec Corporation)<BR>ccsvchst.exe -> %ProgramFiles%\Norton Internet Security\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe -> [2008/12/05 05:02:49 | 00,115,560 | R--- | M] (Symantec Corporation)<BR>ccsvchst.exe -> %ProgramFiles%\Norton Internet Security\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe -> [2008/12/05 05:02:49 | 00,115,560 | R--- | M] (Symantec Corporation)<BR>dkservice.exe -> %ProgramFiles%\Diskeeper Corporation\Diskeeper\DkService.exe -> [2006/06/07 12:46:24 | 00,942,080 | ---- | M] (Diskeeper Corporation)<BR>drgtodsc.exe -> %ProgramFiles%\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe -> [2004/11/17 09:21:56 | 01,691,648 | ---- | M] (Roxio)<BR>gearsec.exe -> %SystemRoot%\system32\gearsec.exe -> [2005/09/09 18:09:10 | 00,053,248 | ---- | M] (GEAR Software)<BR>ghosttray.exe -> %ProgramFiles%\Norton Ghost\Agent\GhostTray.exe -> [2005/09/09 18:09:24 | 01,537,648 | ---- | M] (Symantec Corporation)<BR>googleupdaterservice.exe -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2008/10/20 18:02:32 | 00,168,432 | ---- | M] (Google)<BR>hpgs2wnd.exe -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe -> [2002/04/17 09:42:56 | 00,069,632 | ---- | M] (Hewlett-Packard)<BR>hpgs2wnf.exe -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe -> [2002/04/17 09:49:16 | 00,077,824 | ---- | M] ()<BR>intuitupdateservice.exe -> %CommonProgramFiles%\Intuit\Update Service\IntuitUpdateService.exe -> [2008/10/10 05:45:26 | 00,013,088 | ---- | M] (Intuit Inc.)<BR>ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> [2009/01/06 13:06:24 | 00,536,872 | ---- | M] (Apple Inc.)<BR>ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> [2009/01/06 13:06:36 | 00,290,088 | ---- | M] (Apple Inc.)<BR>jqs.exe -> %ProgramFiles%\Java\jre6\bin\jqs.exe -> [2008/12/27 10:52:17 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.)<BR>jusched.exe -> %ProgramFiles%\Java\jre6\bin\jusched.exe -> [2008/12/27 10:52:17 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.)<BR>khalmnpr.exe -> %CommonProgramFiles%\Logishrd\KHAL2\KHALMNPR.exe -> [2008/05/02 02:40:56 | 00,076,304 | ---- | M] (Logitech, Inc.)<BR>logitechdesktopmessenger.exe -> %ProgramFiles%\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -> [2007/03/01 21:59:59 | 00,067,128 | ---- | M] (Logitech Inc.)<BR>lvcoms.exe -> %CommonProgramFiles%\Logitech\QCDriver\LVComS.exe -> [2001/09/24 08:39:28 | 00,098,304 | ---- | M] (Logitech Inc.)<BR>mainserv.exe -> %ProgramFiles%\APC\APC PowerChute Personal Edition\mainserv.exe -> [2005/12/12 15:02:24 | 00,176,193 | ---- | M] (American Power Conversion Corporation)<BR>mdm.exe -> %CommonProgramFiles%\Microsoft Shared\VS7DEBUG\MDM.EXE -> [2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation)<BR>mdnsresponder.exe -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> [2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.)<BR>msascui.exe -> %ProgramFiles%\Windows Defender\MSASCui.exe -> [2006/11/03 19:20:12 | 00,866,584 | ---- | M] (Microsoft Corporation)<BR>mscamsvc.exe -> %ProgramFiles%\Microsoft LifeCam\MSCamSvc.exe -> [2006/06/29 18:54:23 | 00,187,184 | ---- | M] (Microsoft Corporation)<BR>msmpeng.exe -> %ProgramFiles%\Windows Defender\MsMpEng.exe -> [2006/11/03 19:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation)<BR>msnmsgr.exe -> %ProgramFiles%\Windows Live\Messenger\msnmsgr.exe -> [2007/10/18 10:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation)<BR>mxoaldr.exe -> %SystemRoot%\MXOALDR.EXE -> [2006/03/30 10:18:38 | 00,094,208 | ---- | M] (Cypress Semiconductor)<BR>nvsvc32.exe -> %SystemRoot%\system32\nvsvc32.exe -> [2003/10/06 14:16:00 | 00,081,920 | ---- | M] (NVIDIA Corporation)<BR>onetouch.exe -> %ProgramFiles%\Maxtor\OneTouch\Utils\OneTouch.exe -> [2004/12/22 07:21:48 | 00,823,296 | ---- | M] (Maxtor Corporation)<BR>otscanit2.exe -> %UserProfile%\Desktop\OTScanIt2\OTScanIt2.exe -> [2009/01/26 12:13:22 | 00,485,376 | ---- | M] (OldTimer Tools)<BR>plextool.exe -> %ProgramFiles%\Plextor\PlexTool.exe -> [2005/04/27 08:46:52 | 05,730,304 | ---- | M] (Plextor SA/NV)<BR>reader_sl.exe -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> [2008/04/23 03:38:16 | 00,029,696 | ---- | M] (Adobe Systems Incorporated)<BR>realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> [2003/04/09 06:02:43 | 00,151,597 | ---- | M] (RealNetworks, Inc.)<BR>rnathchk.exe -> %CommonProgramFiles%\Real\Update_OB\rnathchk.exe -> [2003/04/09 06:02:43 | 00,057,389 | ---- | M] (RealNetworks, Inc.)<BR>setpoint.exe -> %ProgramFiles%\Logitech\SetPoint\SetPoint.exe -> [2008/05/02 02:44:08 | 00,805,392 | ---- | M] (Logitech, Inc.)<BR>sm1bg.exe -> %SystemRoot%\SM1bg.exe -> [2003/08/27 13:20:00 | 00,094,208 | R--- | M] (Cypress Semiconductor)<BR>symlcsvc.exe -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> [2007/11/04 08:25:22 | 01,252,232 | ---- | M] ()<BR>trayday.exe -> %ProgramFiles%\TrayDay\TrayDay.exe -> [2002/10/22 05:50:00 | 00,204,800 | ---- | M] (MJMSoft Design Limited)<BR>viewmgr.exe -> %ProgramFiles%\Viewpoint\Viewpoint Manager\ViewMgr.exe -> [2007/01/04 16:38:18 | 00,112,336 | ---- | M] (Viewpoint Corporation)<BR>viewpointservice.exe -> %ProgramFiles%\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation)<BR>vprosvc.exe -> %ProgramFiles%\Norton Ghost\Agent\VProSvc.exe -> [2005/09/09 18:09:28 | 02,066,024 | ---- | M] (Symantec Corporation)<BR>vvx3000.exe -> %SystemRoot%\vVX3000.exe -> [2006/06/29 18:55:44 | 00,707,376 | ---- | M] (Microsoft Corporation)<BR>wdfmgr.exe -> %SystemRoot%\system32\wdfmgr.exe -> [2005/01/28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation)<BR>winampa.exe -> %ProgramFiles%\Winamp\winampa.exe -> [2008/09/12 11:45:48 | 00,036,352 | ---- | M] ()<BR>wmiprvse.exe -> %SystemRoot%\system32\wbem\wmiprvse.exe -> [2008/04/13 19:12:40 | 00,218,112 | ---- | M] (Microsoft Corporation)<BR>wuauclt.exe -> %SystemRoot%\system32\wuauclt.exe -> [2008/10/16 14:09:44 | 00,051,224 | ---- | M] (Microsoft Corporation)<BR>wzqkpick.exe -> %ProgramFiles%\WinZip\WZQKPICK.EXE -> [2004/12/17 08:00:00 | 00,118,784 | ---- | M] (WinZip Computing, Inc.)<BR>ymsgr_tray.exe -> %ProgramFiles%\Yahoo!\Messenger\Ymsgr_tray.exe -> [2007/08/30 17:43:18 | 00,103,664 | ---- | M] (Yahoo! Inc.)<BR>zdwlan.exe -> %ProgramFiles%\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe -> [2005/08/16 14:13:14 | 00,475,136 | ---- | M] ()<BR> <BR>[Win32 Services - Safe List]<BR>(APC UPS Service) APC UPS Service [Win32_Own | Auto | Running] -> %ProgramFiles%\APC\APC PowerChute Personal Edition\mainserv.exe -> [2005/12/12 15:02:24 | 00,176,193 | ---- | M] (American Power Conversion Corporation)<BR>(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.)<BR>(aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2007/10/24 00:47:22 | 00,033,800 | ---- | M] (Microsoft Corporation)<BR>(Automatic LiveUpdate Scheduler) Automatic LiveUpdate Scheduler [Win32_Own | Auto | Running] -> %ProgramFiles%\Symantec\LiveUpdate\AluSchedulerSvc.exe -> [2006/09/02 18:36:33 | 00,198,336 | ---- | M] (Symantec Corporation)<BR>(Bonjour Service) Bonjour Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> [2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.)<BR>(ccEvtMgr) Symantec Event Manager [Win32_Shared | On_Demand | Stopped] -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> [2006/09/03 02:04:08 | 00,105,632 | ---- | M] (Symantec Corporation)<BR>(ccPwdSvc) Symantec Password Validation [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Symantec Shared\ccPwdSvc.exe -> [2004/12/13 14:30:08 | 00,079,472 | ---- | M] (Symantec Corporation)<BR>(ccSetMgr) Symantec Settings Manager [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> [2006/09/03 02:04:08 | 00,105,632 | ---- | M] (Symantec Corporation)<BR>(clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2007/10/24 00:47:40 | 00,070,144 | ---- | M] (Microsoft Corporation)<BR>(CLTNetCnService) Symantec Lic NetConnect service [Win32_Shared | Auto | Stopped] -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> [2006/09/03 02:04:08 | 00,105,632 | ---- | M] (Symantec Corporation)<BR>(Diskeeper) Diskeeper [Win32_Own | Auto | Running] -> %ProgramFiles%\Diskeeper Corporation\Diskeeper\DkService.exe -> [2006/06/07 12:46:24 | 00,942,080 | ---- | M] (Diskeeper Corporation)<BR>(GEARSecurity) GEARSecurity [Win32_Own | Auto | Running] -> %SystemRoot%\system32\gearsec.exe -> [2005/09/09 18:09:10 | 00,053,248 | ---- | M] (GEAR Software)<BR>(gusvc) Google Updater Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2008/10/20 18:02:32 | 00,168,432 | ---- | M] (Google)<BR>(helpsvc) Help and Support [Win32_Shared | Auto | Running] -> %SystemRoot%\PCHEALTH\HELPCTR\Binaries\pchsvc.dll -> [2008/04/13 19:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation)<BR>(IDriverT) InstallDriver Table Manager [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\InstallShield\Driver\11\Intel 32\IDriverT.exe -> [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation)<BR>(IntuitUpdateService) Intuit Update Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Intuit\Update Service\IntuitUpdateService.exe -> [2008/10/10 05:45:26 | 00,013,088 | ---- | M] (Intuit Inc.)<BR>(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> [2009/01/06 13:06:24 | 00,536,872 | ---- | M] (Apple Inc.)<BR>(JavaQuickStarterService) Java Quick Starter [Win32_Own | Auto | Running] -> %ProgramFiles%\Java\jre6\bin\jqs.exe -> [2008/12/27 10:52:17 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.)<BR>(LBTServ) Logitech Bluetooth Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Logitech\Bluetooth\LBTServ.exe -> [2008/05/02 02:42:06 | 00,121,360 | ---- | M] (Logitech, Inc.)<BR>(LiveUpdate) LiveUpdate [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Symantec\LiveUpdate\LuComServer_3_1.EXE -> [2006/09/02 18:36:33 | 02,528,960 | ---- | M] (Symantec Corporation)<BR>(LiveUpdate Notice Ex) LiveUpdate Notice Service Ex [Win32_Shared | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\ccSvcHst.exe -> [2006/09/03 02:04:08 | 00,105,632 | ---- | M] (Symantec Corporation)<BR>(LiveUpdate Notice Service) LiveUpdate Notice Service [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -> [2008/01/29 16:38:31 | 00,583,048 | ---- | M] (Symantec Corporation)<BR>(MDM) Machine Debug Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Microsoft Shared\VS7DEBUG\MDM.EXE -> [2003/06/19 22:25:00 | 00,322,120 | ---- | M] (Microsoft Corporation)<BR>(MSCamSvc) MSCamSvc [Win32_Own | Auto | Running] -> %ProgramFiles%\Microsoft LifeCam\MSCamSvc.exe -> [2006/06/29 18:54:23 | 00,187,184 | ---- | M] (Microsoft Corporation)<BR>(Norton Ghost) Norton Ghost [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton Ghost\Agent\VProSvc.exe -> [2005/09/09 18:09:28 | 02,066,024 | ---- | M] (Symantec Corporation)<BR>(Norton Internet Security) Norton Internet Security [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton Internet Security\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe -> [2008/12/05 05:02:49 | 00,115,560 | R--- | M] (Symantec Corporation)<BR>(NVSvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvsvc32.exe -> [2003/10/06 14:16:00 | 00,081,920 | ---- | M] (NVIDIA Corporation)<BR>(ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation)<BR>(Symantec Core LC) Symantec Core LC [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCPD-LC\symlcsvc.exe -> [2007/11/04 08:25:22 | 01,252,232 | ---- | M] ()<BR>(UMWdf) Windows User Mode Driver Framework [Win32_Own | Auto | Running] -> %SystemRoot%\system32\wdfmgr.exe -> [2005/01/28 13:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation)<BR>(usnjsvc) Messenger Sharing Folders USN Journal Reader service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Live\Messenger\usnsvc.exe -> [2007/10/18 10:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation)<BR>(Viewpoint Manager Service) Viewpoint Manager Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation)<BR>(WinDefend) Windows Defender [Win32_Own | Auto | Running] -> %ProgramFiles%\Windows Defender\MsMpEng.exe -> [2006/11/03 19:19:58 | 00,013,592 | ---- | M] (Microsoft Corporation)<BR>(WLSetupSvc) Windows Live Setup Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Live\installer\WLSetupSvc.exe -> [2007/10/25 14:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation)<BR> <BR>[Driver Services - Safe List]<BR>(61883) 61883 Unit Device [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\61883.sys -> [2008/04/13 13:46:20 | 00,048,128 | ---- | M] (Microsoft Corporation)<BR>(a347bus) a347bus [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\a347bus.sys -> [2004/04/30 08:37:02 | 00,160,640 | ---- | M] ( )<BR>(a347scsi) a347scsi [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\a347scsi.sys -> [2004/04/30 08:33:00 | 00,005,248 | ---- | M] ( )<BR>(AFS2K) AFS2K [Kernel | System | Running] -> %SystemRoot%\system32\drivers\AFS2K.SYS -> [2004/10/07 20:16:04 | 00,035,840 | ---- | M] (Oak Technology Inc.)<BR>(aslm75) aslm75 [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\ASLM75.SYS -> [1997/04/22 09:16:00 | 00,006,272 | ---- | M] ()<BR>(Aspi32) Aspi32 [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\ASPI32.SYS -> [2002/08/14 15:03:36 | 00,017,005 | ---- | M] (Adaptec)<BR>(ATIBTCAP) ATI TV Wonder Video Capture [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\atibtcap.sys -> [2002/11/04 23:00:00 | 00,058,240 | ---- | M] (ATI Technologies, Inc.)<BR>(ATIBTXBAR) ATI TV Wonder Video Crossbar [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\atibtxbr.sys -> [2002/11/04 23:00:00 | 00,006,912 | ---- | M] (ATI Technologies )<BR>(ATIVTUTW) ATI TV Wonder TV Tuner [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\ativtutw.sys -> [2002/11/04 23:00:00 | 00,017,664 | ---- | M] (ATI Technologies )<BR>(ATIVXSTW) ATI TV Wonder Audio Crossbar [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\ativxstw.sys -> [2002/11/04 23:00:00 | 00,028,416 | ---- | M] (ATI Technologies )<BR>(ATIXBAR) ATI TV Wonder WDM Audio Crossbar [Kernel | Auto | Stopped] -> %SystemRoot%\system32\drivers\ativxstw.sys -> [2002/11/04 23:00:00 | 00,028,416 | ---- | M] (ATI Technologies )<BR>(Ausbflt) Ausbflt [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ausbflt.sys -> [2003/03/21 08:58:00 | 00,006,354 | ---- | M] (Adaptec Inc.)<BR>(Avc) AVC Device [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\avc.sys -> [2008/04/13 13:46:20 | 00,038,912 | ---- | M] (Microsoft Corporation)<BR>(BHDrvx86) Symantec Heuristics Driver [Kernel | System | Running] -> %SystemRoot%\system32\drivers\NIS\1002000.007\BHDrvx86.sys -> [2008/12/05 05:03:01 | 00,255,536 | ---- | M] (Symantec Corporation)<BR>(BRGSp50) BRGSp50 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\BRGSp50.sys -> [2005/06/08 17:44:20 | 00,020,608 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA))<BR>(BT848) ATI TV Wonder BtCap, WDM Video Capture [Kernel | Auto | Stopped] -> %SystemRoot%\system32\drivers\BT848.sys -> [2001/04/24 12:53:58 | 00,208,720 | ---- | M] (Conexant Systems, Inc.)<BR>(BTTUNER) ATI TV Wonder TVTuner, WDM TvTuner [Kernel | Auto | Stopped] -> %SystemRoot%\system32\drivers\ativtutw.sys -> [2002/11/04 23:00:00 | 00,017,664 | ---- | M] (ATI Technologies )<BR>(BTXBAR) ATI TV Wonder WDM Video Crossbar [Kernel | Auto | Stopped] -> %SystemRoot%\system32\drivers\btxbar.sys -> [2001/04/24 12:54:10 | 00,010,512 | ---- | M] (Conexant Systems, Inc.)<BR>(ccHP) Symantec Hash Provider [Kernel | System | Running] -> %SystemRoot%\system32\drivers\NIS\1002000.007\cchpx86.sys -> [2008/11/20 10:26:11 | 00,362,544 | ---- | M] (Symantec Corporation)<BR>(Cdr4_xp) Cdr4_xp [Kernel | System | Running] -> %SystemRoot%\system32\drivers\cdr4_xp.sys -> [2004/12/06 15:19:22 | 00,044,288 | ---- | M] (Roxio)<BR>(Cdralw2k) Cdralw2k [Kernel | System | Running] -> %SystemRoot%\system32\drivers\cdralw2k.sys -> [2004/11/17 09:16:48 | 00,024,832 | ---- | M] (Roxio)<BR>(cdudf_XP) cdudf_XP [File_System | System | Running] -> %SystemRoot%\system32\drivers\Cdudf_xp.sys -> [2004/11/17 09:23:24 | 00,289,920 | ---- | M] (Roxio)<BR>(cmpci) C-Media PCI Audio Driver (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\cmaudio.sys -> [2002/11/18 14:51:40 | 00,377,358 | ---- | M] (C-Media Inc)<BR>(DVDVRRdr_xp) DVDVRRdr_xp [File_System | System | Running] -> %SystemRoot%\system32\drivers\DVDVRRdr_xp.sys -> [2004/11/17 09:14:02 | 00,141,184 | ---- | M] (Windows (R) 2000 DDK provider)<BR>(dvd_2K) dvd_2K [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\dvd_2k.sys -> [2004/11/17 09:22:46 | 00,023,936 | ---- | M] (Roxio)<BR>(eeCtrl) Symantec Eraser Control driver [Kernel | System | Running] -> %CommonProgramFiles%\Symantec Shared\EENGINE\eeCtrl.sys -> [2009/01/14 11:11:12 | 00,371,248 | ---- | M] (Symantec Corporation)<BR>(EL90XBC) 3Com 3C90X-BC Family PCI EtherLink Adapter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\el90Xbc5.SYS -> [2002/08/13 20:27:22 | 00,074,338 | ---- | M] (3Com Corporation)<BR>(EraserUtilRebootDrv) EraserUtilRebootDrv [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -> [2009/01/12 10:46:14 | 00,099,376 | ---- | M] (Symantec Corporation)<BR>(F-Secure Standalone Minifilter) F-Secure Standalone Minifilter [Kernel | On_Demand | Stopped] -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\fsgk.sys -> [2009/02/12 09:34:11 | 00,070,144 | ---- | M] ()<BR>(gameenum) Game Port Enumerator [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\gameenum.sys -> [2008/04/13 13:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation)<BR>(GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\GEARAspiWDM.sys -> [2008/04/17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.)<BR>(gmer) gmer [Kernel | System | Running] -> %SystemRoot%\system32\drivers\gmer.sys -> [2009/02/11 09:08:16 | 00,085,969 | ---- | M] (GMER)<BR>(HidBatt) HID UPS Battery Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\hidbatt.sys -> [2008/04/13 13:36:38 | 00,020,352 | ---- | M] (Microsoft Corporation)<BR>(IdeBusDr) IdeBusDr [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\IdeBusDr.sys -> [2002/10/15 00:00:00 | 00,013,891 | ---- | M] (Intel Corporation)<BR>(IdeChnDr) Intel(R) Ultra ATA Controller [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\IdeChnDr.sys -> [2002/10/15 00:00:00 | 00,101,431 | ---- | M] ()<BR>(IDSxpx86) IDSxpx86 [Kernel | System | Running] -> %AllUsersProfile%\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090206.001\IDSxpx86.sys -> [2009/01/29 16:50:18 | 00,276,344 | ---- | M] (Symantec Corporation)<BR>(itchfltr) iTouch Keyboard Filter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\itchfltr.sys -> [2002/11/15 01:15:00 | 00,012,640 | ---- | M] (Logitech, Inc.)<BR>(kbdhid) Keyboard HID Driver [Kernel | System | Stopped] -> %SystemRoot%\system32\drivers\kbdhid.sys -> [2008/04/13 13:39:48 | 00,014,592 | ---- | M] (Microsoft Corporation)<BR>(L8042Kbd) Logitech SetPoint Keyboard Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\L8042Kbd.sys -> [2008/02/29 03:12:48 | 00,020,240 | ---- | M] (Logitech, Inc.)<BR>(L8042mou) SetPoint PS/2 Mouse Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\L8042mou.Sys -> [2008/02/29 03:12:56 | 00,063,120 | ---- | M] (Logitech, Inc.)<BR>(l8042pr2) Logitech PS/2 Mouse Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\L8042Pr2.sys -> [2002/08/06 08:50:00 | 00,050,865 | ---- | M] (Logitech, Inc.)<BR>(LBeepKE) LBeepKE [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\LBeepKE.sys -> [2006/06/29 23:53:44 | 00,003,712 | ---- | M] (Logitech, Inc.)<BR>(LCcfltr) Logitech USB Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\LCCFLTR.SYS -> [2002/11/08 08:50:00 | 00,014,156 | ---- | M] (Logitech, Inc.)<BR>(LHidFlt2) Logitech HID/USB Mouse Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\LHIDFLT2.SYS -> [2002/08/06 08:50:00 | 00,023,857 | ---- | M] (Logitech, Inc.)<BR>(LHidUsb) Logitech USB Receiver device driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\Lhidusb.sys -> [2002/11/08 08:50:00 | 00,041,420 | ---- | M] (Logitech, Inc.)<BR>(LKbdFlt2) Logitech Keyboard Class Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\LKbdFlt2.sys -> [2002/08/06 08:50:00 | 00,006,033 | ---- | M] (Logitech, Inc.)<BR>(LMouFlt2) Logitech Mouse Class Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\LMouFlt2.sys -> [2002/08/06 08:50:00 | 00,070,385 | ---- | M] (Logitech, Inc.)<BR>(LMouKE) SetPoint Mouse Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\LMouKE.Sys -> [2008/02/29 03:13:36 | 00,079,120 | ---- | M] (Logitech, Inc.)<BR>(lusbaudio) Logitech USB Microphone [Kernel | System | Stopped] -> %SystemRoot%\system32\drivers\LVSound2.sys -> [2001/09/24 08:38:26 | 00,033,280 | ---- | M] (Logitech Inc.)<BR>(LUsbFilt) Logitech SetPoint KMDF USB Filter [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\LUsbFilt.sys -> [2008/02/29 03:13:46 | 00,028,944 | ---- | M] (Logitech, Inc.)<BR>(LVBulk) LVBulk Service [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\LVBulk.sys -> [2001/09/24 08:39:18 | 00,010,261 | ---- | M] (Logitech Inc.)<BR>(LVVI500A) LVVI500A Service [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\lvvi500a.sys -> [2001/09/20 02:39:44 | 00,193,574 | ---- | M] (Tekom Technologies, Inc.)<BR>(mmc_2K) mmc_2K [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\mmc_2k.sys -> [2004/11/17 09:10:40 | 00,023,808 | ---- | M] (Roxio)<BR>(MSDV) Microsoft DV Camera and VCR [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\msdv.sys -> [2008/04/13 13:46:09 | 00,051,200 | ---- | M] (Microsoft Corporation)<BR>(MXOFX) USB Storage Adapter FX (MXO) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\MXOFX.SYS -> [2003/10/10 04:23:48 | 00,032,640 | ---- | M] (Cypress Semiconductor)<BR>(MXOPSWD) Maxtor OneTouch Security Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\mxopswd.sys -> [2004/10/07 10:21:22 | 00,015,360 | ---- | M] (Maxtor Corp.)<BR>(NAVENG) NAVENG [Kernel | On_Demand | Stopped] -> %AllUsersProfile%\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090211.048\naveng.sys -> [2009/01/14 11:11:12 | 00,089,104 | ---- | M] (Symantec Corporation)<BR>(NAVEX15) NAVEX15 [Kernel | On_Demand | Stopped] -> %AllUsersProfile%\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090211.048\navex15.sys -> [2009/01/14 11:11:12 | 00,876,112 | ---- | M] (Symantec Corporation)<BR>(Nbf) NetBEUI Protocol [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\NBF.SYS -> [2001/08/23 07:00:00 | 00,098,176 | ---- | M] (Microsoft Corporation)<BR>(nv) nv [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\nv4_mini.sys -> [2003/10/06 14:16:00 | 01,550,043 | ---- | M] (NVIDIA Corporation)<BR>(PCDCODEC) Specialized PCD WDM VBI Codec [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\atinpdxx.sys -> [2004/08/04 00:29:29 | 00,014,336 | ---- | M] (ATI Technologies Inc.)<BR>(PMEM) PMEM [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\PMEMNT.SYS -> [1999/03/08 06:15:00 | 00,007,168 | ---- | M] (Microsoft Corporation)<BR>(PSI) PSI [File_System | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\psi_mf.sys -> [2008/12/10 09:17:14 | 00,007,808 | ---- | M] (Secunia)<BR>(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> [2001/08/23 07:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)<BR>(pwd_2k) pwd_2k [Kernel | System | Running] -> %SystemRoot%\system32\drivers\Pwd_2k.sys -> [2004/11/17 09:07:30 | 00,117,632 | ---- | M] (Roxio)<BR>(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pxhelp20.sys -> [2004/12/20 13:37:14 | 00,020,016 | ---- | M] (Sonic Solutions)<BR>(SASDIFSV) SASDIFSV [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\sasdifsv.sys -> [2009/01/15 16:17:40 | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)<BR>(SASENUM) SASENUM [Kernel | On_Demand | Stopped] -> %ProgramFiles%\SUPERAntiSpyware\SASENUM.SYS -> [2009/01/15 16:17:42 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com)<BR>(SASKUTIL) SASKUTIL [Kernel | System | Running] -> %ProgramFiles%\SUPERAntiSpyware\SASKUTIL.SYS -> [2009/01/15 16:17:38 | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)<BR>(Secdrv) Secdrv [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\secdrv.sys -> [2007/11/13 05:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)<BR>(SONYPVU1) Sony USB Filter Driver (SONYPVU1) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SONYPVU1.SYS -> [2001/08/17 13:56:16 | 00,007,552 | ---- | M] (Sony Corporation)<BR>(SRTSP) Symantec Real Time Storage Protection [File_System | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\NIS\1002000.007\srtsp.sys -> [2008/12/05 05:03:01 | 00,306,736 | ---- | M] (Symantec Corporation)<BR>(SRTSPX) Symantec Real Time Storage Protection (PEL) [Kernel | System | Running] -> %SystemRoot%\system32\drivers\NIS\1002000.007\srtspx.sys -> [2008/12/05 05:03:01 | 00,043,696 | ---- | M] (Symantec Corporation)<BR>(SYMDNS) SYMDNS [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\NIS\1002000.007\symdns.sys -> [2008/12/05 05:03:01 | 00,012,976 | ---- | M] (Symantec Corporation)<BR>(SymEFA) Symantec Extended File Attributes [File_System | Boot | Running] -> %SystemRoot%\system32\drivers\NIS\1002000.007\SymEFA.sys -> [2008/12/05 05:03:01 | 00,309,296 | ---- | M] (Symantec Corporation)<BR>(SymEvent) SymEvent [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\SYMEVENT.SYS -> [2008/11/20 10:26:16 | 00,124,464 | ---- | M] (Symantec Corporation)<BR>(SYMFW) SYMFW [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\NIS\1002000.007\symfw.sys -> [2008/12/05 05:03:01 | 00,089,904 | ---- | M] (Symantec Corporation)<BR>(SYMIDS) SYMIDS [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\NIS\1002000.007\symids.sys -> [2008/12/05 05:03:01 | 00,034,608 | ---- | M] (Symantec Corporation)<BR>(SymIM) Symantec Network Security Intermediate Filter Service [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SymIM.sys -> [2008/12/05 05:02:50 | 00,036,272 | R--- | M] (Symantec Corporation)<BR>(SymIMMP) SymIMMP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\SymIM.sys -> [2008/12/05 05:02:50 | 00,036,272 | R--- | M] (Symantec Corporation)<BR>(symlcbrd) symlcbrd [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\symlcbrd.sys -> [2006/08/28 12:25:20 | 00,010,344 | ---- | M] (Symantec Corporation)<BR>(SYMNDIS) SYMNDIS [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\NIS\1002000.007\symndis.sys -> [2008/12/05 05:03:01 | 00,037,424 | ---- | M] (Symantec Corporation)<BR>(SYMREDRV) SYMREDRV [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\NIS\1002000.007\symredrv.sys -> [2008/12/05 05:03:01 | 00,024,624 | ---- | M] (Symantec Corporation)<BR>(SymSnap) SymSnap [File_System | Boot | Running] -> %SystemRoot%\system32\drivers\SymSnap.sys -> [2006/10/24 17:52:50 | 00,146,960 | R--- | M] (StorageCraft)<BR>(SYMTDI) SYMTDI [Kernel | System | Running] -> %SystemRoot%\system32\drivers\NIS\1002000.007\symtdi.sys -> [2008/12/05 05:03:01 | 00,198,192 | ---- | M] (Symantec Corporation)<BR>(TTDec) ATI WDM Teletext Decoder [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\atinttxx.sys -> [2002/02/21 11:16:44 | 00,021,152 | ---- | M] ()<BR>(UDFReadr) UDFReadr [File_System | System | Running] -> %SystemRoot%\system32\drivers\Udfreadr.sys -> [2004/11/17 09:10:52 | 00,200,832 | ---- | M] (Roxio)<BR>(UdfReadr_xp) UdfReadr_xp [File_System | System | Running] -> %SystemRoot%\system32\drivers\udfreadr_xp.sys -> [2004/05/16 13:17:30 | 00,206,464 | ---- | M] (Roxio)<BR>(USBAAPL) Apple Mobile USB Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbaapl.sys -> [2008/11/07 14:23:30 | 00,032,000 | ---- | M] (Apple, Inc.)<BR>(usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbaudio.sys -> [2008/04/13 13:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation)<BR>(V2IMount) V2IMount [Kernel | System | Running] -> %SystemRoot%\system32\drivers\V2iMount.sys -> [2005/09/09 18:09:20 | 00,056,192 | ---- | M] (Symantec Corporation)<BR>(VX3000) VX-3000 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\VX3000.sys -> [2006/06/29 18:55:56 | 01,966,256 | ---- | M] (Microsoft Corporation)<BR>(WBMSA) Winbond Memory Stick Storage (MS) Device Driver - A [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\wbmsa.sys -> [2001/08/22 12:14:36 | 00,024,214 | R--- | M] (Winbond Electronics Corp.)<BR>(Wdf01000) Wdf01000 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\wdf01000.sys -> [2006/11/02 07:22:54 | 00,492,000 | ---- | M] (Microsoft Corporation)<BR>(ZD1211BU(ZyDAS)) ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ZD1211BU.sys -> [2005/08/17 13:43:20 | 00,330,240 | ---- | M] (ZyDAS Technology Corporation)<BR>(ZDPSp50) ZDPSp50 NDIS Protocol Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ZDPSp50.sys -> [2004/10/25 12:40:58 | 00,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA))<BR> <BR>[Registry - Safe List]<BR>< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> <BR>HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> <A href="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome">http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome</A> -> <BR>HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> <A href="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch">http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch</A> -> <BR>HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" ->  -> <BR>HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> <BR>HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> c:\windows\system32\blank.htm -> <BR>HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> <A href="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch">http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch</A> -> <BR>HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> <BR>HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> <A href="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome">http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome</A> -> <BR>HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> <A href="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm">http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm</A> -> <BR>HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> <A href="http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchasst.htm">http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchasst.htm</A> -> <BR>< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> <BR>HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> <BR>HKEY_CURRENT_USER\: Main\\"Search Page" -> <A href="http://go.microsoft.com/fwlink/?LinkId=54896">http://go.microsoft.com/fwlink/?LinkId=54896</A> -> <BR>HKEY_CURRENT_USER\: Main\\"Start Page" -> about:blank -> <BR>HKEY_CURRENT_USER\: SearchURL\\"" -> <A href="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch">http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch</A> -> <BR>HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> <BR>HKEY_CURRENT_USER\: "ProxyOverride" -> *.local -> <BR>< FireFox Settings [Default Profile] > -> C:\Documents and Settings\Donna\Application Data\Mozilla\FireFox\Profiles\jl7ol55z.default\prefs.js -> <BR>browser.startup.homepage_override.mstone -> "rv:1.9.0.6" -><BR>extensions.enabledItems -> {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11 -><BR>extensions.enabledItems -> <A href="mailto:jqs@sun.com:1.0">jqs@sun.com:1.0</A> -><BR>extensions.enabledItems -> {8545daff-ad1e-493f-a37e-eed1ac79682b}:1.0 -><BR>extensions.enabledItems -> {7BA52691-1876-45ce-9EE6-54BCB3B04BBC}:3.0 -><BR>extensions.enabledItems -> {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546 -><BR>extensions.enabledItems -> {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.6 -><BR>< HOSTS File > (2 bytes and 1 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts -> <BR>< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> <BR>{02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar Helper] -> [2006/09/07 15:28:50 | 00,439,872 | ---- | M] (Yahoo! Inc.)<BR>{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/12/18 04:16:42 | 00,059,032 | ---- | M] (Adobe Systems Incorporated)<BR>{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> [2006/07/31 14:32:32 | 00,185,848 | ---- | M] (Yahoo! Inc.)<BR>{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton Internet Security\Engine\16.2.0.7\CoIEPlg.dll [Symantec NCO BHO] -> [2008/12/05 05:02:47 | 00,344,944 | R--- | M] (Symantec Corporation)<BR>{6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton Internet Security\Engine\16.2.0.7\IPSBHO.dll [Symantec Intrusion Prevention] -> [2008/11/20 10:26:01 | 00,107,896 | R--- | M] (Symantec Corporation)<BR>{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre6\bin\ssv.dll [SSVHelper Class] -> [2008/12/27 10:52:19 | 00,320,920 | ---- | M] (Sun Microsystems, Inc.)<BR>{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} [HKLM] -> %ProgramFiles%\AOL\AOL Toolbar 3.0\aoltb.dll [AOL Toolbar Launcher] -> [2005/11/17 09:19:22 | 00,585,728 | ---- | M] (America Online, Inc.)<BR>{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> %CommonProgramFiles%\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2007/09/20 09:30:18 | 00,328,752 | ---- | M] (Microsoft Corporation)<BR>{A7327C09-B521-4EDB-8509-7D2660C9EC98} [HKLM] -> %ProgramFiles%\Viewpoint\Viewpoint Toolbar\3.8.0\ViewBarBHO.dll [Viewpoint Toolbar BHO] -> [2007/11/28 18:51:55 | 00,032,867 | ---- | M] (Viewpoint Corporation)<BR>{b0cda128-b425-4eef-a174-61a11ac5dbf8} [HKLM] -> %ProgramFiles%\AIM Toolbar\aimtb.dll [AIM Toolbar Loader] -> [2008/10/07 14:09:18 | 01,275,176 | ---- | M] (AOL LLC.)<BR>{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> %ProgramFiles%\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2008/12/27 10:52:16 | 00,034,816 | ---- | M] (Sun Microsystems, Inc.)<BR>{E7E6F031-17CE-4C07-BC86-EABFE594F69C} [HKLM] -> %ProgramFiles%\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [JQSIEStartDetectorImpl Class] -> [2008/12/27 10:52:20 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.)<BR>< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> <BR>"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton Internet Security\Engine\16.2.0.7\CoIEPlg.dll [Norton Toolbar] -> [2008/12/05 05:02:47 | 00,344,944 | R--- | M] (Symantec Corporation)<BR>"{DE9C389F-3316-41A7-809B-AA305ED9D922}" [HKLM] -> %ProgramFiles%\AOL\AOL Toolbar 3.0\aoltb.dll [AOL Toolbar] -> [2005/11/17 09:19:22 | 00,585,728 | ---- | M] (America Online, Inc.)<BR>"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> [2006/09/07 15:28:50 | 00,439,872 | ---- | M] (Yahoo! Inc.)<BR>"{F8AD5AA5-D966-4667-9DAF-2561D68B2012}" [HKLM] -> %CommonProgramFiles%\Viewpoint\Toolbar Runtime\3.8.0\IEViewBar.dll [Viewpoint Toolbar] -> [2007/11/28 18:58:26 | 00,327,759 | ---- | M] (Viewpoint Corporation)<BR>< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> <BR>WebBrowser\\"{61539ECD-CC67-4437-A03C-9AACCBD14326}" [HKLM] -> %ProgramFiles%\AIM Toolbar\aimtb.dll [AIM Toolbar] -> [2008/10/07 14:09:18 | 01,275,176 | ---- | M] (AOL LLC.)<BR>WebBrowser\\"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton Internet Security\Engine\16.2.0.7\CoIEPlg.dll [Norton Toolbar] -> [2008/12/05 05:02:47 | 00,344,944 | R--- | M] (Symantec Corporation)<BR>WebBrowser\\"{DE9C389F-3316-41A7-809B-AA305ED9D922}" [HKLM] -> %ProgramFiles%\AOL\AOL Toolbar 3.0\aoltb.dll [AOL Toolbar] -> [2005/11/17 09:19:22 | 00,585,728 | ---- | M] (America Online, Inc.)<BR>WebBrowser\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> [2006/09/07 15:28:50 | 00,439,872 | ---- | M] (Yahoo! Inc.)<BR>< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> <BR>"AppleSyncNotifier" -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe] -> [2008/11/07 14:16:58 | 00,111,936 | ---- | M] (Apple Inc.)<BR>"ASUS Probe" -> %ProgramFiles%\ASUS\Probe\AsusProb.exe ["C:\Program Files\ASUS\Probe\AsusProb.exe"] -> [2001/12/17 20:22:00 | 00,617,984 | ---- | M] ()<BR>"ccApp" -> %CommonProgramFiles%\Symantec Shared\ccApp.exe ["C:\Program Files\Common Files\Symantec Shared\ccApp.exe"] -> [2006/09/03 02:04:26 | 00,084,640 | ---- | M] (Symantec Corporation)<BR>"DiskeeperSystray" -> %ProgramFiles%\Diskeeper Corporation\Diskeeper\DkIcon.exe ["C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"] -> [2006/06/07 12:35:14 | 00,319,488 | ---- | M] (Diskeeper Corporation)<BR>"EM_EXEC" -> %ProgramFiles%\Logitech\MouseWare\system\EM_EXEC.EXE [C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE] -> [2002/08/13 08:50:00 | 00,028,672 | ---- | M] (Logitech Inc.					)<BR>"HPDJ Taskbar Utility" -> %SystemRoot%\system32\spool\drivers\w32x86\3\hpztsb07.exe [C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe] -> [2002/11/05 13:34:37 | 00,188,416 | ---- | M] (HP)<BR>"IPHSend" -> %CommonProgramFiles%\AOL\IPHSend\IPHSend.exe ["C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe"] -> [2006/02/17 11:59:46 | 00,124,520 | ---- | M] (America Online, Inc.)<BR>"iTunesHelper" -> %ProgramFiles%\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> [2009/01/06 13:06:36 | 00,290,088 | ---- | M] (Apple Inc.)<BR>"Kernel and Hardware Abstraction Layer" -> %SystemRoot%\KHALMNPR.Exe [KHALMNPR.EXE] -> [2008/02/29 03:12:38 | 00,076,304 | ---- | M] (Logitech, Inc.)<BR>"LifeCam" -> %ProgramFiles%\Microsoft LifeCam\LifeExp.exe ["C:\Program Files\Microsoft LifeCam\LifeExp.exe"] -> [2006/06/29 18:54:45 | 00,269,104 | ---- | M] (Microsoft Corporation)<BR>"Logitech Hardware Abstraction Layer" -> %SystemRoot%\KHALMNPR.Exe [KHALMNPR.EXE] -> [2008/02/29 03:12:38 | 00,076,304 | ---- | M] (Logitech, Inc.)<BR>"LVCOMS" -> %CommonProgramFiles%\Logitech\QCDriver\LVComS.exe ["C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE"] -> [2001/09/24 08:39:28 | 00,098,304 | ---- | M] (Logitech Inc.)<BR>"MaxtorOneTouch" -> %ProgramFiles%\Maxtor\OneTouch\Utils\OneTouch.exe ["C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe"] -> [2004/12/22 07:21:48 | 00,823,296 | ---- | M] (Maxtor Corporation)<BR>"MXOBG" -> %SystemRoot%\MXOALDR.EXE [C:\WINDOWS\MXOALDR.EXE] -> [2006/03/30 10:18:38 | 00,094,208 | ---- | M] (Cypress Semiconductor)<BR>"Norton Ghost 10.0" -> %ProgramFiles%\Norton Ghost\Agent\GhostTray.exe ["C:\Program Files\Norton Ghost\Agent\GhostTray.exe"] -> [2005/09/09 18:09:24 | 01,537,648 | ---- | M] (Symantec Corporation)<BR>"NvCplDaemon" -> %SystemRoot%\system32\nvcpl.dll ["RUNDLL32.EXE" C:\WINDOWS\System32\NvCpl.dll,NvStartup] -> [2003/10/06 14:16:00 | 05,058,560 | ---- | M] (NVIDIA Corporation)<BR>"nwiz" -> %SystemRoot%\system32\nwiz.exe ["nwiz.exe" /install] -> [2003/10/06 14:16:00 | 00,741,376 | ---- | M] (NVIDIA Corporation)<BR>"QuickTime Task" -> %ProgramFiles%\QuickTime\QTTask.exe ["C:\Program Files\QuickTime\QTTask.exe" -atboottime] -> [2009/01/05 16:18:48 | 00,413,696 | ---- | M] (Apple Inc.)<BR>"RoxioDragToDisc" -> %ProgramFiles%\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe ["C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"] -> [2004/11/17 09:21:56 | 01,691,648 | ---- | M] (Roxio)<BR>"Share-to-Web Namespace Daemon" -> %ProgramFiles%\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe ["c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe"] -> [2002/04/17 09:42:56 | 00,069,632 | ---- | M] (Hewlett-Packard)<BR>"SM1BG" -> %SystemRoot%\SM1bg.exe [C:\WINDOWS\SM1BG.EXE] -> [2003/08/27 13:20:00 | 00,094,208 | R--- | M] (Cypress Semiconductor)<BR>"SunJavaUpdateSched" -> %ProgramFiles%\Java\jre6\bin\jusched.exe ["C:\Program Files\Java\jre6\bin\jusched.exe"] -> [2008/12/27 10:52:17 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.)<BR>"Symantec PIF AlertEng" -> %CommonProgramFiles%\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe ["C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"] -> [2008/01/29 16:38:31 | 00,583,048 | ---- | M] (Symantec Corporation)<BR>"TkBellExe" -> %CommonProgramFiles%\Real\Update_OB\realsched.exe ["C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot] -> [2003/04/09 06:02:43 | 00,151,597 | ---- | M] (RealNetworks, Inc.)<BR>"VX3000" -> %SystemRoot%\vVX3000.exe [C:\WINDOWS\vVX3000.exe] -> [2006/06/29 18:55:44 | 00,707,376 | ---- | M] (Microsoft Corporation)<BR>"WinampAgent" -> %ProgramFiles%\Winamp\winampa.exe ["C:\Program Files\Winamp\winampa.exe"] -> [2008/09/12 11:45:48 | 00,036,352 | ---- | M] ()<BR>"Windows Defender" -> %ProgramFiles%\Windows Defender\MSASCui.exe ["C:\Program Files\Windows Defender\MSASCui.exe" -hide] -> [2006/11/03 19:20:12 | 00,866,584 | ---- | M] (Microsoft Corporation)<BR>"zBrowser Launcher" -> %ProgramFiles%\Logitech\iTouch\iTouch.exe ["C:\Program Files\Logitech\iTouch\iTouch.exe"] -> [2002/11/23 01:15:00 | 00,631,362 | ---- | M] (Logitech Inc.)<BR>< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> <BR>"LDM" -> %ProgramFiles%\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe ["C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"] -> [2007/03/01 21:59:59 | 00,067,128 | ---- | M] (Logitech Inc.)<BR>"MsnMsgr" -> %ProgramFiles%\Windows Live\Messenger\msnmsgr.exe ["C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background] -> [2007/10/18 10:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation)<BR>"RealPlayer" -> %ProgramFiles%\Real\RealPlayer\realplay.exe ["C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot] -> [2006/06/01 18:56:35 | 01,003,520 | ---- | M] (RealNetworks, Inc.)<BR>"Yahoo! Pager" -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe ["C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet] -> [2007/08/30 17:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.)<BR>< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> <BR>%AllUsersProfile%\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk -> %ProgramFiles%\Adobe\Acrobat 7.0\Reader\reader_sl.exe -> [2008/04/23 03:38:16 | 00,029,696 | ---- | M] (Adobe Systems Incorporated)<BR>%AllUsersProfile%\Start Menu\Programs\Startup\APC UPS Status.lnk -> %ProgramFiles%\APC\APC PowerChute Personal Edition\Display.exe -> [2005/12/12 15:05:30 | 00,221,247 | ---- | M] (American Power Conversion Corporation)<BR>%AllUsersProfile%\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk -> %ProgramFiles%\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe -> [2007/03/01 21:59:59 | 00,067,128 | ---- | M] (Logitech Inc.)<BR>%AllUsersProfile%\Start Menu\Programs\Startup\Logitech SetPoint.lnk -> %ProgramFiles%\Logitech\SetPoint\SetPoint.exe -> [2008/05/02 02:44:08 | 00,805,392 | ---- | M] (Logitech, Inc.)<BR>%AllUsersProfile%\Start Menu\Programs\Startup\PlexTools Professional.lnk -> %ProgramFiles%\Plextor\PlexTool.exe -> [2005/04/27 08:46:52 | 05,730,304 | ---- | M] (Plextor SA/NV)<BR>%AllUsersProfile%\Start Menu\Programs\Startup\WinZip Quick Pick.lnk -> %ProgramFiles%\WinZip\WZQKPICK.EXE -> [2004/12/17 08:00:00 | 00,118,784 | ---- | M] (WinZip Computing, Inc.)<BR>%AllUsersProfile%\Start Menu\Programs\Startup\ZDWLan Utility.lnk -> %ProgramFiles%\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe -> [2005/08/16 14:13:14 | 00,475,136 | ---- | M] ()<BR>< Donna Startup Folder > -> C:\Documents and Settings\Donna\Start Menu\Programs\Startup -> <BR>%UserProfile%\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> %ProgramFiles%\ERUNT\AUTOBACK.EXE -> [2005/10/20 12:04:08 | 00,038,912 | ---- | M] ()<BR>%UserProfile%\Start Menu\Programs\Startup\TrayDay.lnk -> %ProgramFiles%\TrayDay\TrayDay.exe -> [2002/10/22 05:50:00 | 00,204,800 | ---- | M] (MJMSoft Design Limited)<BR>< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> <BR>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System<BR><A href='file://\\"dontdisplaylastusername'>\\"dontdisplaylastusername</A>" ->  [0] -> File not found<BR><A href='file://\\"legalnoticecaption'>\\"legalnoticecaption</A>" ->  [] -> File not found<BR><A href='file://\\"legalnoticetext'>\\"legalnoticetext</A>" ->  [] -> File not found<BR><A href='file://\\"shutdownwithoutlogon'>\\"shutdownwithoutlogon</A>" ->  [1] -> File not found<BR><A href='file://\\"undockwithoutlogon'>\\"undockwithoutlogon</A>" ->  [1] -> File not found<BR><A href='file://\\"DisableTaskMgr'>\\"DisableTaskMgr</A>" ->  [0] -> File not found<BR>< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> <BR>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer<BR><A href='file://\\"NoDriveTypeAutoRun'>\\"NoDriveTypeAutoRun</A>" ->  [255] -> File not found<BR><A href='file://\\"_NoDriveTypeAutoRun'>\\"_NoDriveTypeAutoRun</A>" ->  [145] -> File not found<BR>< CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> <BR>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System<BR><A href='file://\\"DisableTaskMgr'>\\"DisableTaskMgr</A>" ->  [0] -> File not found<BR>< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> <BR>{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Menu: Sun Java Console] -> File not found<BR>{3369AF0D-62E9-4bda-8103-B4C75499B578}:{DE9C389F-3316-41A7-809B-AA305ED9D922} [HKLM] -> %ProgramFiles%\AOL\AOL Toolbar 3.0\aoltb.dll [Button: AOL Toolbar] -> [2005/11/17 09:19:22 | 00,585,728 | ---- | M] (America Online, Inc.)<BR>{44226DFF-747E-4edc-B30C-78752E50CD0C}:{44226DFF-747E-4edc-B30C-78752E50CD0C} [HKLM] -> %ProgramFiles%\ATI Multimedia\TV\EXPLBAR.DLL [Button: ATI TV] -> [2001/01/15 12:07:54 | 00,131,072 | ---- | M] (ATI Technologies Inc.)<BR>{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}:{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} [HKLM] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Button: Yahoo! Services] -> [2006/07/31 14:32:32 | 00,185,848 | ---- | M] (Yahoo! Inc.)<BR>{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Button: Research] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)<BR>{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}:Exec [HKLM] -> %ProgramFiles%\AIM95\aim.exe [Button: AIM] -> [2006/08/01 14:35:36 | 00,067,112 | ---- | M] (America Online, Inc.)<BR>{e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)<BR>{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}:Exec [HKLM] -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe [Button: Yahoo! Messenger] -> [2007/08/30 17:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.)<BR>{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}:Exec [HKLM] -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe [Menu: Yahoo! Messenger] -> [2007/08/30 17:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.)<BR>{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/13 19:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)<BR>{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/13 19:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)<BR>< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> <BR>CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> %SystemRoot%\system32\msjava.dll [Web Browser Applet Control] -> [2003/02/28 17:26:26 | 00,947,472 | ---- | M] (Microsoft Corporation)<BR>CmdMapping\\"{3369AF0D-62E9-4bda-8103-B4C75499B578}" [HKLM] -> %ProgramFiles%\AOL\AOL Toolbar 3.0\aoltb.dll [AOL Toolbar] -> [2005/11/17 09:19:22 | 00,585,728 | ---- | M] (America Online, Inc.)<BR>CmdMapping\\"{44226DFF-747E-4edc-B30C-78752E50CD0C}" [HKLM] -> %ProgramFiles%\ATI Multimedia\TV\EXPLBAR.DLL [&ATI TV] -> [2001/01/15 12:07:54 | 00,131,072 | ---- | M] (ATI Technologies Inc.)<BR>CmdMapping\\"{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}" [HKLM] -> %ProgramFiles%\Yahoo!\Common\yiesrvc.dll [Yahoo! IE Services Button] -> [2006/07/31 14:32:32 | 00,185,848 | ---- | M] (Yahoo! Inc.)<BR>CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] -> %ProgramFiles%\Microsoft Office\OFFICE11\REFIEBAR.DLL [Research] -> [2007/04/19 14:10:18 | 00,063,840 | ---- | M] (Microsoft Corporation)<BR>CmdMapping\\"{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}" [HKLM] -> %ProgramFiles%\AIM95\aim.exe [AIM] -> [2006/08/01 14:35:36 | 00,067,112 | ---- | M] (America Online, Inc.)<BR>CmdMapping\\"{E5D12C4E-7B4F-11D3-B5C9-0050045C3C96}" [HKLM] -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe [Messenger Class] -> [2007/08/30 17:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.)<BR>CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 19:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)<BR>< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> <BR>PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> <BR>PluginsPage -> <A href="http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s">http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s</A> -> <BR>< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix<BR>"" -> http://<BR>< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> <BR>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> <BR>1 domain(s) and sub-domain(s) not assigned to a zone.<BR>< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> <BR>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> <BR>< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> <BR>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. -> <BR>< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> <BR>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> <BR>< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> <BR>{01113300-3E00-11D2-8470-0060089874ED} [HKLM] -> <A href="http://activation.rr.com/install/download/tgctlcm.cab">http://activation.rr.com/install/download/tgctlcm.cab</A> [Support.com Configuration Class] -> <BR>{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} [HKLM] -> <A href="http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab">http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab</A> [Office Genuine Advantage Validation Tool] -> <BR>{0742B9EF-8C83-41CA-BFBA-830A59E23533} [HKLM] -> <A href="https://support.microsoft.com/OAS/ActiveX/MSDcode.cab">https://support.microsoft.com/OAS/ActiveX/MSDcode.cab</A> [Microsoft Data Collection Control] -> <BR>{17492023-C23A-453E-A040-C7C580BBF700} [HKLM] -> <A href="http://go.microsoft.com/fwlink/?linkid=39204">http://go.microsoft.com/fwlink/?linkid=39204</A> [Windows Genuine Advantage Validation Tool] -> <BR>{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} [HKLM] -> C:\Program Files\Yahoo!\Common\yinsthelper.dll [YInstStarter Class] -> <BR>{3451DEDE-631F-421C-8127-FD793AFC6CC8} [HKLM] -> <A href="http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab">http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab</A> [ActiveDataInfo Class] -> <BR>{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} [HKLM] -> <A href="http://office.microsoft.com/officeupdate/content/opuc2.cab">http://office.microsoft.com/officeupdate/content/opuc2.cab</A> [Office Update Installation Engine] -> <BR>{44990200-3C9D-426D-81DF-AAB636FA4345} [HKLM] -> <A href="http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab">http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab</A> [Reg Error: Key does not exist or could not be opened.] -> <BR>{44990301-3C9D-426D-81DF-AAB636FA4345} [HKLM] -> <A href="http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab">http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab</A> [Reg Error: Key does not exist or could not be opened.] -> <BR>{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [HKLM] -> <A href="http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1143733008546">http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1143733008546</A> [MUWebControl Class] -> <BR>{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> <A href="http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab">http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab</A> [Java Plug-in 1.6.0_11] -> <BR>{8E0D4DE5-3180-4024-A327-4DFAD1796A8D} [HKLM] -> <A href="http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab">http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab</A> [MessengerStatsClient Class] -> <BR>{9F1C11AA-197B-4942-BA54-47A8489BB47F} [HKLM] -> <A href="http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37719.7399305556">http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37719.7399305556</A> [Reg Error: Key does not exist or could not be opened.] -> <BR>{BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} [HKLM] -> <A href="http://support.f-secure.com/ols/fscax.cab">http://support.f-secure.com/ols/fscax.cab</A> [F-Secure Online Scanner 3.3] -> <BR>{C7DB51B4-BCF7-4923-8874-7F1A0DC92277} [HKLM] -> <A href="http://office.microsoft.com/officeupdate/content/opuc4.cab">http://office.microsoft.com/officeupdate/content/opuc4.cab</A> [Office Update Installation Engine] -> <BR>{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} [HKLM] -> <A href="http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab">http://java.sun.com/products/plugin/autodl/jinstall-1_4_0_03-win.cab</A> [Java Plug-in 1.4.0_03] -> <BR>{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} [HKLM] -> <A href="http://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab">http://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab</A> [Java Plug-in 1.5.0_03] -> <BR>{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [HKLM] -> <A href="http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab">http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab</A> [Java Plug-in 1.6.0_11] -> <BR>{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> <A href="http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab">http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab</A> [Java Plug-in 1.6.0_11] -> <BR>{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> <A href="https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab">https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab</A> [Reg Error: Key does not exist or could not be opened.] -> <BR>Microsoft XML Parser for Java [HKLM] -> <A href="file://C:\WINDOWS\Java\classes\xmldso.cab">file://C:\WINDOWS\Java\classes\xmldso.cab</A> [Reg Error: Key does not exist or could not be opened.] -> <BR>< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> <BR>{0E22D88F-17EA-42E2-9D5D-C1244BB29835} ->	((ZD1211B)IEEE 802.11 b+g USB Adapter) -> <BR>{6D18AF92-C846-4BBB-8581-9F9E88F3364A} ->	() -> <BR>{7C6CCFCE-601E-4855-B67E-B8831366611A} ->	(1394 Net Adapter) -> <BR>{8B6805DB-B3B1-49C7-886B-37939635CB4C} ->	(3Com EtherLink 10/100 PCI For Complete PC Management NIC (3C905C-TX)) -> <BR>< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> <BR>!SASWinLogon -> %ProgramFiles%\SUPERAntiSpyware\SASWINLO.dll -> [2008/12/22 11:05:34 | 00,356,352 | ---- | M] (SUPERAntiSpyware.com)<BR>igfxcui ->  -> File not found<BR>LBTWlgn -> %CommonProgramFiles%\Logitech\Bluetooth\LBTWLgn.dll -> [2008/05/02 02:42:30 | 00,072,208 | ---- | M] (Logitech, Inc.)<BR>SSOExec ->  -> File not found<BR>< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> <BR>"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}" [HKLM] -> %ProgramFiles%\Windows Defender\MpShHook.dll [Microsoft AntiMalware ShellExecuteHook] -> [2006/11/03 19:20:00 | 00,083,224 | ---- | M] (Microsoft Corporation)<BR>"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" [HKLM] -> %ProgramFiles%\SUPERAntiSpyware\SASSEH.DLL [] -> [2008/05/13 09:13:36 | 00,077,824 | ---- | M] (SuperAdBlocker.com)<BR>< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> <BR>"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)<BR>"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 19:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)<BR>"C:\Program Files\AIM95\aim.exe" -> C:\Program Files\AIM95\aim.exe [C:\Program Files\AIM95\aim.exe:*:Enabled:AOL Instant Messenger] -> [2006/08/01 14:35:36 | 00,067,112 | ---- | M] (America Online, Inc.)<BR>"C:\Program Files\Common Files\AOL\1132838672\ee\AOLServiceHost.exe" -> C:\Program Files\Common Files\AOL\1132838672\ee\AOLServiceHost.exe [C:\Program Files\Common Files\AOL\1132838672\ee\AOLServiceHost.exe:*:Enabled:AOL Services] -> [2005/08/02 14:33:02 | 00,151,640 | ---- | M] (America Online, Inc.)<BR>"C:\Program Files\Common Files\AOL\Loader\aolload.exe" -> C:\Program Files\Common Files\AOL\Loader\aolload.exe [C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader] -> [2006/11/03 02:17:27 | 00,010,800 | ---- | M] (AOL LLC)<BR>"C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" -> C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger] -> [2007/03/01 21:59:59 | 00,067,128 | ---- | M] (Logitech Inc.)<BR>"C:\Program Files\Windows Live\Messenger\livecall.exe" -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> [2007/10/02 16:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation)<BR>"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2007/10/18 10:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation)<BR>< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> <BR>"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 13:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)<BR>"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 19:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)<BR>"C:\Program Files\AIM95\aim.exe" -> C:\Program Files\AIM95\aim.exe [C:\Program Files\AIM95\aim.exe:*:Enabled:AOL Instant Messenger] -> [2006/08/01 14:35:36 | 00,067,112 | ---- | M] (America Online, Inc.)<BR>"C:\Program Files\Common Files\AOL\1132838672\ee\aim6.exe" -> C:\Program Files\Common Files\AOL\1132838672\ee\aim6.exe [C:\Program Files\Common Files\AOL\1132838672\ee\aim6.exe:*:Enabled:AIM] -> [2005/12/20 10:53:37 | 00,050,792 | ---- | M] (America Online, Inc.)<BR>"C:\Program Files\Common Files\AOL\1132838672\ee\AOLServiceHost.exe" -> C:\Program Files\Common Files\AOL\1132838672\ee\AOLServiceHost.exe [C:\Program Files\Common Files\AOL\1132838672\ee\AOLServiceHost.exe:*:Enabled:AOL Services] -> [2005/08/02 14:33:02 | 00,151,640 | ---- | M] (America Online, Inc.)<BR>"C:\Program Files\Common Files\AOL\1132838672\ee\aolsoftware.exe" -> C:\Program Files\Common Files\AOL\1132838672\ee\aolsoftware.exe [C:\Program Files\Common Files\AOL\1132838672\ee\aolsoftware.exe:*:Enabled:AOL Services] -> [2006/04/20 12:10:13 | 00,050,792 | ---- | M] (America Online, Inc.)<BR>"C:\Program Files\Common Files\AOL\Loader\aolload.exe" -> C:\Program Files\Common Files\AOL\Loader\aolload.exe [C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader] -> [2006/11/03 02:17:27 | 00,010,800 | ---- | M] (AOL LLC)<BR>"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" -> C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe [C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server] -> [2008/10/10 05:45:26 | 00,013,088 | ---- | M] (Intuit Inc.)<BR>"C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" -> C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [C:\Program Files\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger] -> [2007/03/01 21:59:59 | 00,067,128 | ---- | M] (Logitech Inc.)<BR>"C:\Program Files\iTunes\iTunes.exe" -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> [2009/01/06 13:06:28 | 14,294,824 | ---- | M] (Apple Inc.)<BR>"C:\Program Files\LimeWire\LimeWire.exe" -> C:\Program Files\LimeWire\LimeWire.exe [C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire] -> [2008/09/18 13:50:21 | 00,147,456 | ---- | M] (Lime Wire, LLC)<BR>"C:\Program Files\Messenger\msmsgs.exe" -> C:\Program Files\Messenger\msmsgs.exe [C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger] -> [2008/04/13 19:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)<BR>"C:\Program Files\Microsoft LifeCam\LifeCam.exe" -> C:\Program Files\Microsoft LifeCam\LifeCam.exe [C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe] -> [2006/06/29 18:56:13 | 04,152,112 | ---- | M] (Microsoft Corporation)<BR>"C:\Program Files\Microsoft LifeCam\LifeExp.exe" -> C:\Program Files\Microsoft LifeCam\LifeExp.exe [C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe] -> [2006/06/29 18:54:45 | 00,269,104 | ---- | M] (Microsoft Corporation)<BR>"C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe" -> C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe [C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax] -> File not found<BR>"C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe" -> C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe [C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager] -> File not found<BR>"C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe" -> C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe [C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax] -> [2008/03/05 22:29:49 | 10,343,712 | ---- | M] (Intuit, Inc.)<BR>"C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe" -> C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe [C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager] -> [2007/10/22 18:56:52 | 03,597,600 | ---- | M] (Intuit, Inc.)<BR>"C:\Program Files\Windows Live\Messenger\livecall.exe" -> C:\Program Files\Windows Live\Messenger\livecall.exe [C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)] -> [2007/10/02 16:18:24 | 00,304,488 | ---- | M] (Microsoft Corporation)<BR>"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" -> C:\Program Files\Windows Live\Messenger\msnmsgr.exe [C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger] -> [2007/10/18 10:34:02 | 05,724,184 | ---- | M] (Microsoft Corporation)<BR>"C:\Program Files\Yahoo!\Messenger\YPager.exe" -> C:\Program Files\Yahoo!\Messenger\YPager.exe [C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger] -> File not found<BR>"C:\Program Files\Yahoo!\Messenger\YServer.exe" -> C:\Program Files\Yahoo!\Messenger\YServer.exe [C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server] -> [2007/08/30 17:43:18 | 00,091,376 | ---- | M] (Yahoo! Inc.)<BR>"C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\helpctr.exe" -> C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\helpctr.exe [C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\helpctr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice] -> [2008/04/13 19:12:21 | 00,769,024 | ---- | M] (Microsoft Corporation)<BR>< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> <BR>"AlternateShell" -> cmd.exe -> <BR>< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -><BR>"AutoRun" -> 1 -> <BR>"DisplayName" -> CD-ROM Driver -> <BR>"ImagePath" -> %SystemRoot%\system32\drivers\cdrom.sys [System32\DRIVERS\cdrom.sys] -> [2008/04/13 13:40:46 | 00,062,976 | ---- | M] (Microsoft Corporation)<BR>< Drives with AutoRun files > ->  -> <BR>C:\AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [2002/05/21 11:10:55 | 00,000,000 | ---- | M] ()<BR>H:\AutoRun [] -> H:\AutoRun.exe [ CDFS ] -> [2004/08/18 03:37:22 | 00,663,552 | R--- | M] ()<BR>H:\AutoRun.exe [] -> H:\AutoRun.exe [ CDFS ] -> [2004/08/18 03:37:22 | 00,663,552 | R--- | M] ()<BR>H:\AutoRunGUI.dll [] -> H:\AutoRunGUI.dll [ CDFS ] -> [2004/08/18 03:33:44 | 00,598,016 | R--- | M] ()<BR>H:\autorun.inf [AUTOEXEC.BAT | ] -> H:\autorun.inf [ CDFS ] -> [2004/08/18 03:54:43 | 00,000,083 | R--- | M] ()<BR>< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> <BR> <BR> <BR>[Files/Folders - Created Within 30 Days]<BR>3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> <BR>F-SecureReport.rtf -> %UserProfile%\Desktop\F-SecureReport.rtf -> [2009/02/12 11:18:22 | 00,006,647 | ---- | C] ()<BR>fsaua.data -> %SystemDrive%\fsaua.data -> [2009/02/12 09:09:42 | 00,000,000 | ---D | C]<BR>_OTScanIt -> %SystemDrive%\_OTScanIt -> [2009/02/12 08:38:45 | 00,000,000 | ---D | C]<BR>ERDNT -> %SystemRoot%\ERDNT -> [2009/02/12 08:29:42 | 00,000,000 | ---D | C]<BR>ERUNT AutoBackup.lnk -> %UserProfile%\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> [2009/02/12 08:28:18 | 00,000,776 | ---- | C] ()<BR>NTREGOPT.lnk -> %UserProfile%\Desktop\NTREGOPT.lnk -> [2009/02/12 08:27:47 | 00,000,620 | ---- | C] ()<BR>ERUNT.lnk -> %UserProfile%\Desktop\ERUNT.lnk -> [2009/02/12 08:27:47 | 00,000,601 | ---- | C] ()<BR>ERUNT -> %ProgramFiles%\ERUNT -> [2009/02/12 08:27:46 | 00,000,000 | ---D | C]<BR>erunt-setup.exe -> %UserProfile%\Desktop\erunt-setup.exe -> [2009/02/12 08:25:54 | 00,791,393 | ---- | C] (Lars Hederer												)<BR>gmer -> %SystemDrive%\gmer -> [2009/02/11 09:13:20 | 00,000,000 | ---D | C]<BR>gmer.ini -> %SystemRoot%\gmer.ini -> [2009/02/11 09:08:19 | 00,000,345 | ---- | C] ()<BR>gmer.dll -> %SystemRoot%\gmer.dll -> [2009/02/11 09:08:16 | 00,884,736 | ---- | C] ()<BR>gmer.sys -> %SystemRoot%\System32\drivers\gmer.sys -> [2009/02/11 09:08:16 | 00,085,969 | ---- | C] (GMER)<BR>gmer_uninstall.cmd -> %SystemRoot%\gmer_uninstall.cmd -> [2009/02/11 09:08:16 | 00,000,080 | ---- | C] ()<BR>gmer.exe -> %SystemRoot%\gmer.exe -> [2009/02/11 09:08:15 | 00,811,008 | ---- | C] ()<BR>system32.job -> %SystemRoot%\tasks\system32.job -> [2009/02/11 09:04:54 | 00,000,194 | ---- | C] ()<BR>OTScanIt2 -> %UserProfile%\Desktop\OTScanIt2 -> [2009/02/11 08:22:25 | 00,000,000 | ---D | C]<BR>OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2009/02/11 08:21:03 | 00,656,714 | ---- | C] ()<BR>Msft_Kernel_LUsbFilt_01005.Wdf -> %SystemRoot%\System32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf -> [2009/01/29 16:58:16 | 00,000,000 | -H-- | C] ()<BR>MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf -> %SystemRoot%\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf -> [2009/01/29 16:58:15 | 00,000,000 | -H-- | C] ()<BR>BogusWebsites.jpg -> %UserProfile%\Desktop\BogusWebsites.jpg -> [2009/01/27 15:21:50 | 00,079,158 | ---- | C] ()<BR>Yahoo! Messenger.lnk -> %AllUsersProfile%\Desktop\Yahoo! Messenger.lnk -> [2009/01/26 18:01:41 | 00,000,821 | ---- | C] ()<BR>Prefetch -> %SystemRoot%\Prefetch -> [2009/01/26 14:29:42 | 00,000,000 | ---D | C]<BR>$NtServicePackUninstall$ -> %SystemRoot%\$NtServicePackUninstall$ -> [2009/01/26 13:45:58 | 00,000,000 | -H-D | C]<BR>iTunes -> %ProgramFiles%\iTunes -> [2009/01/26 08:52:51 | 00,000,000 | ---D | C]<BR>{3276BE95_AF08_429F_A64F_CA64CB79BCF6} -> %AllUsersProfile%\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} -> [2009/01/26 08:52:51 | 00,000,000 | ---D | C]<BR>Bonjour -> %ProgramFiles%\Bonjour -> [2009/01/26 08:52:14 | 00,000,000 | ---D | C]<BR>Windows Installer Clean Up -> %ProgramFiles%\Windows Installer Clean Up -> [2009/01/26 08:33:30 | 00,000,000 | ---D | C]<BR>MSECACHE -> %ProgramFiles%\MSECACHE -> [2009/01/26 08:33:02 | 00,000,000 | ---D | C]<BR>Intuit -> %UserProfile%\Local Settings\Application Data\Intuit -> [2009/01/25 12:10:02 | 00,000,000 | ---D | C]<BR>AnswerWorks 5.0 -> %CommonProgramFiles%\AnswerWorks 5.0 -> [2009/01/25 12:06:42 | 00,000,000 | ---D | C]<BR>TurboTax 2008.lnk -> %AllUsersProfile%\Desktop\TurboTax 2008.lnk -> [2009/01/25 12:03:39 | 00,002,393 | ---- | C] ()<BR>SUPERAntiSpyware.com -> %AllUsersProfile%\Application Data\SUPERAntiSpyware.com -> [2009/01/23 18:01:28 | 00,000,000 | ---D | C]<BR>SUPERAntiSpyware Free Edition.lnk -> %AllUsersProfile%\Desktop\SUPERAntiSpyware Free Edition.lnk -> [2009/01/23 18:01:20 | 00,000,789 | ---- | C] ()<BR>SUPERAntiSpyware.com -> %AppData%\SUPERAntiSpyware.com -> [2009/01/23 18:01:17 | 00,000,000 | ---D | C]<BR>SUPERAntiSpyware -> %ProgramFiles%\SUPERAntiSpyware -> [2009/01/23 18:01:17 | 00,000,000 | ---D | C]<BR>Wise Installation Wizard -> %CommonProgramFiles%\Wise Installation Wizard -> [2009/01/23 18:00:20 | 00,000,000 | ---D | C]<BR>SUPERAntiSpyware.exe -> %UserProfile%\Desktop\SUPERAntiSpyware.exe -> [2009/01/23 17:54:01 | 05,966,368 | ---- | C] ()<BR>SysRestoreError.jpg -> %UserProfile%\Desktop\SysRestoreError.jpg -> [2009/01/23 17:04:08 | 00,046,140 | ---- | C] ()<BR>DoctorWeb -> %UserProfile%\DoctorWeb -> [2009/01/22 17:19:09 | 00,000,000 | ---D | C]<BR>launch.exe -> %UserProfile%\Desktop\launch.exe -> [2009/01/22 17:12:20 | 12,185,808 | ---- | C] (Doctor Web, Ltd.)<BR>xrxwiadr.dll -> %SystemRoot%\System32\dllcache\xrxwiadr.dll -> [2009/01/22 14:26:27 | 00,116,224 | ---- | C] (Xerox)<BR>xrxwbtmp.dll -> %SystemRoot%\System32\dllcache\xrxwbtmp.dll -> [2009/01/22 14:26:26 | 00,023,040 | ---- | C] (Xerox Corporation)<BR>xrxscnui.dll -> %SystemRoot%\System32\dllcache\xrxscnui.dll -> [2009/01/22 14:26:25 | 00,018,944 | ---- | C] ()<BR>xrxftplt.exe -> %SystemRoot%\System32\dllcache\xrxftplt.exe -> [2009/01/22 14:26:24 | 00,027,648 | ---- | C] ()<BR>xrxflnch.exe -> %SystemRoot%\System32\dllcache\xrxflnch.exe -> [2009/01/22 14:26:24 | 00,004,608 | ---- | C] (Microsoft Corporation)<BR>xlog.exe -> %SystemRoot%\System32\dllcache\xlog.exe -> [2009/01/22 14:25:49 | 00,099,865 | ---- | C] (Eicon Technology)<BR>xjis.nls -> %SystemRoot%\System32\dllcache\xjis.nls -> [2009/01/22 14:25:49 | 00,028,288 | ---- | C] ()<BR>xem336n5.sys -> %SystemRoot%\System32\dllcache\xem336n5.sys -> [2009/01/22 14:25:48 | 00,016,970 | ---- | C] (US Robotics MCD (Megahertz))<BR>wshirda.dll -> %SystemRoot%\System32\dllcache\wshirda.dll -> [2009/01/22 14:25:34 | 00,008,192 | ---- | C] (Microsoft Corporation)<BR>wmiacpi.sys -> %SystemRoot%\System32\dllcache\wmiacpi.sys -> [2009/01/22 14:25:06 | 00,008,832 | ---- | C] (Microsoft Corporation)<BR>wlluc48.sys -> %SystemRoot%\System32\dllcache\wlluc48.sys -> [2009/01/22 14:25:01 | 00,154,624 | ---- | C] (Lucent Technologies)<BR>wlandrv2.sys -> %SystemRoot%\System32\dllcache\wlandrv2.sys -> [2009/01/22 14:25:01 | 00,034,890 | ---- | C] (Raytheon Corp.)<BR>winacisa.sys -> %SystemRoot%\System32\dllcache\winacisa.sys -> [2009/01/22 14:24:50 | 00,771,581 | ---- | C] (Rockwell)<BR>wiafbdrv.dll -> %SystemRoot%\System32\dllcache\wiafbdrv.dll -> [2009/01/22 14:24:46 | 00,087,040 | ---- | C] (Microsoft Corporation)<BR>wiamsmud.dll -> %SystemRoot%\System32\dllcache\wiamsmud.dll -> [2009/01/22 14:24:46 | 00,053,760 | ---- | C] (Microsoft Corporation)<BR>wbfirdma.sys -> %SystemRoot%\System32\dllcache\wbfirdma.sys -> [2009/01/22 14:24:37 | 00,035,871 | ---- | C] (Winbond Electronics Corp.)<BR>wceusbsh.sys -> %SystemRoot%\System32\dllcache\wceusbsh.sys -> [2009/01/22 14:24:37 | 00,031,744 | ---- | C] (Microsoft Corporation)<BR>w940nd.sys -> %SystemRoot%\System32\dllcache\w940nd.sys -> [2009/01/22 14:24:19 | 00,016,925 | ---- | C] (Winbond Electronics Corporation)<BR>w840nd.sys -> %SystemRoot%\System32\dllcache\w840nd.sys -> [2009/01/22 14:24:18 | 00,019,528 | ---- | C] (Winbond Electronics Corporation)<BR>w926nd.sys -> %SystemRoot%\System32\dllcache\w926nd.sys -> [2009/01/22 14:24:18 | 00,019,016 | ---- | C] (Winbond Electronics Corporation)<BR>vvoice.sys -> %SystemRoot%\System32\dllcache\vvoice.sys -> [2009/01/22 14:24:13 | 00,064,605 | ---- | C] (PCtel, Inc.)<BR>vpctcom.sys -> %SystemRoot%\System32\dllcache\vpctcom.sys -> [2009/01/22 14:24:11 | 00,397,502 | ---- | C] (PCtel, Inc.)<BR>vmodem.sys -> %SystemRoot%\System32\dllcache\vmodem.sys -> [2009/01/22 14:24:09 | 00,604,253 | ---- | C] (PCTEL, INC.)<BR>vinwm.sys -> %SystemRoot%\System32\dllcache\vinwm.sys -> [2009/01/22 14:24:08 | 00,249,402 | ---- | C] (Xircom)<BR>viaide.sys -> %SystemRoot%\System32\dllcache\viaide.sys -> [2009/01/22 14:24:05 | 00,005,376 | ---- | C] (Microsoft Corporation)<BR>usrwdxjs.sys -> %SystemRoot%\System32\dllcache\usrwdxjs.sys -> [2009/01/22 14:24:00 | 00,687,999 | ---- | C] (U.S. Robotics Corporation)<BR>usrti.sys -> %SystemRoot%\System32\dllcache\usrti.sys -> [2009/01/22 14:23:58 | 00,765,884 | ---- | C] (U.S. Robotics, Inc.)<BR>usrpda.sys -> %SystemRoot%\System32\dllcache\usrpda.sys -> [2009/01/22 14:23:56 | 00,113,762 | ---- | C] (U.S. Robotics Corporation)<BR>usroslba.sys -> %SystemRoot%\System32\dllcache\usroslba.sys -> [2009/01/22 14:23:56 | 00,007,556 | ---- | C] (U.S. Robotics Corporation)<BR>usr1807a.sys -> %SystemRoot%\System32\dllcache\usr1807a.sys -> [2009/01/22 14:23:53 | 00,224,802 | ---- | C] (U.S. Robotics Corporation)<BR>usr1806v.sys -> %SystemRoot%\System32\dllcache\usr1806v.sys -> [2009/01/22 14:23:52 | 00,794,399 | ---- | C] (U.S. Robotics, Inc.)<BR>usr1806.sys -> %SystemRoot%\System32\dllcache\usr1806.sys -> [2009/01/22 14:23:52 | 00,793,598 | ---- | C] (U.S. Robotics, Inc.)<BR>usr1801.sys -> %SystemRoot%\System32\dllcache\usr1801.sys -> [2009/01/22 14:23:51 | 00,794,654 | ---- | C] (U.S. Robotics, Inc.)<BR>usbser.sys -> %SystemRoot%\System32\dllcache\usbser.sys -> [2009/01/22 14:23:47 | 00,026,112 | ---- | C] (Microsoft Corporation)<BR>usb101et.sys -> %SystemRoot%\System32\dllcache\usb101et.sys -> [2009/01/22 14:23:43 | 00,032,384 | ---- | C] (KLSI USA, Inc.)<BR>umaxud32.dll -> %SystemRoot%\System32\dllcache\umaxud32.dll -> [2009/01/22 14:23:38 | 00,094,720 | ---- | C] (Microsoft Corporation)<BR>umaxu40.dll -> %SystemRoot%\System32\dllcache\umaxu40.dll -> [2009/01/22 14:23:37 | 00,028,160 | ---- | C] (Microsoft Corporation)<BR>umaxu22.dll -> %SystemRoot%\System32\dllcache\umaxu22.dll -> [2009/01/22 14:23:37 | 00,026,624 | ---- | C] (Microsoft Corporation)<BR>umaxu12.dll -> %SystemRoot%\System32\dllcache\umaxu12.dll -> [2009/01/22 14:23:36 | 00,069,632 | ---- | C] (Microsoft Corporation)<BR>umaxscan.dll -> %SystemRoot%\System32\dllcache\umaxscan.dll -> [2009/01/22 14:23:35 | 00,050,688 | ---- | C] (UMAX DATA SYSTEMS INC.)<BR>umaxpcls.sys -> %SystemRoot%\System32\dllcache\umaxpcls.sys -> [2009/01/22 14:23:35 | 00,022,912 | ---- | C] (Microsoft Corporation)<BR>umaxp60.dll -> %SystemRoot%\System32\dllcache\umaxp60.dll -> [2009/01/22 14:23:34 | 00,050,176 | ---- | C] (Microsoft Corporation)<BR>umaxcam.dll -> %SystemRoot%\System32\dllcache\umaxcam.dll -> [2009/01/22 14:23:34 | 00,047,616 | ---- | C] (Microsoft Corporation)<BR>um54scan.dll -> %SystemRoot%\System32\dllcache\um54scan.dll -> [2009/01/22 14:23:33 | 00,211,968 | ---- | C] (UMAX Data Systems Inc.)<BR>um34scan.dll -> %SystemRoot%\System32\dllcache\um34scan.dll -> [2009/01/22 14:23:32 | 00,216,064 | ---- | C] (UMAX Data Systems Inc.)<BR>tridxpm.sys -> %SystemRoot%\System32\dllcache\tridxpm.sys -> [2009/01/22 14:23:23 | 00,166,784 | ---- | C] (Trident Microsystems Inc.)<BR>tridxp.dll -> %SystemRoot%\System32\dllcache\tridxp.dll -> [2009/01/22 14:23:22 | 00,525,568 | ---- | C] (Trident Microsystems Inc.)<BR>tridkb.dll -> %SystemRoot%\System32\dllcache\tridkb.dll -> [2009/01/22 14:23:21 | 00,440,576 | ---- | C] (Trident Microsystems Inc.)<BR>tridkbm.sys -> %SystemRoot%\System32\dllcache\tridkbm.sys -> [2009/01/22 14:23:21 | 00,159,232 | ---- | C] (Trident Microsystems Inc.)<BR>trid3d.dll -> %SystemRoot%\System32\dllcache\trid3d.dll -> [2009/01/22 14:23:20 | 00,315,520 | ---- | C] (Trident Microsystems Inc.)<BR>trid3dm.sys -> %SystemRoot%\System32\dllcache\trid3dm.sys -> [2009/01/22 14:23:20 | 00,222,336 | ---- | C] (Trident Microsystems Inc.)<BR>tosdvd03.sys -> %SystemRoot%\System32\dllcache\tosdvd03.sys -> [2009/01/22 14:23:13 | 00,230,912 | ---- | C] (Toshiba Corporation)<BR>toside.sys -> %SystemRoot%\System32\dllcache\toside.sys -> [2009/01/22 14:23:13 | 00,004,992 | ---- | C] (Microsoft Corporation)<BR>tosdvd02.sys -> %SystemRoot%\System32\dllcache\tosdvd02.sys -> [2009/01/22 14:23:12 | 00,241,664 | ---- | C] (Toshiba Corporation)<BR>tjisdn.sys -> %SystemRoot%\System32\dllcache\tjisdn.sys -> [2009/01/22 14:23:08 | 00,123,995 | ---- | C] (Tiger Jet Network)<BR>tgiulnt5.sys -> %SystemRoot%\System32\dllcache\tgiulnt5.sys -> [2009/01/22 14:23:03 | 00,138,528 | ---- | C] (Trident Microsystems Inc.)<BR>tgiul50.dll -> %SystemRoot%\System32\dllcache\tgiul50.dll -> [2009/01/22 14:23:03 | 00,081,408 | ---- | C] (Trident Microsystems Inc.)<BR>tffsport.sys -> %SystemRoot%\System32\dllcache\tffsport.sys -> [2009/01/22 14:23:01 | 00,149,376 | ---- | C] (M-Systems)<BR>tdk100b.sys -> %SystemRoot%\System32\dllcache\tdk100b.sys -> [2009/01/22 14:22:58 | 00,037,961 | ---- | C] (TDK Corporation)<BR>tdkcd31.sys -> %SystemRoot%\System32\dllcache\tdkcd31.sys -> [2009/01/22 14:22:58 | 00,017,129 | ---- | C] (TDK Corporation)<BR>tbatm155.sys -> %SystemRoot%\System32\dllcache\tbatm155.sys -> [2009/01/22 14:22:54 | 00,030,464 | ---- | C] (Toshiba Corporation)<BR>tandqic.sys -> %SystemRoot%\System32\dllcache\tandqic.sys -> [2009/01/22 14:22:50 | 00,007,040 | ---- | C] (Microsoft Corporation)<BR>t2r4disp.dll -> %SystemRoot%\System32\dllcache\t2r4disp.dll -> [2009/01/22 14:22:49 | 00,172,768 | ---- | C] (Number Nine Visual Technology)<BR>t2r4mini.sys -> %SystemRoot%\System32\dllcache\t2r4mini.sys -> [2009/01/22 14:22:49 | 00,036,640 | ---- | C] (Number Nine Visual Technology Corp.)<BR>sxports.dll -> %SystemRoot%\System32\dllcache\sxports.dll -> [2009/01/22 14:22:40 | 00,094,293 | ---- | C] (Perle Systems Ltd. )<BR>sx.sys -> %SystemRoot%\System32\dllcache\sx.sys -> [2009/01/22 14:22:39 | 00,103,936 | ---- | C] (Perle Systems Ltd. )<BR>swpidflt.dll -> %SystemRoot%\System32\dllcache\swpidflt.dll -> [2009/01/22 14:22:38 | 00,010,240 | ---- | C] (Microsoft Corporation)<BR>swusbflt.sys -> %SystemRoot%\System32\dllcache\swusbflt.sys -> [2009/01/22 14:22:38 | 00,003,968 | ---- | C] (Microsoft Corporation)<BR>swpdflt2.dll -> %SystemRoot%\System32\dllcache\swpdflt2.dll -> [2009/01/22 14:22:37 | 00,010,240 | ---- | C] (Microsoft Corporation)<BR>sw_wheel.dll -> %SystemRoot%\System32\dllcache\sw_wheel.dll -> [2009/01/22 14:22:36 | 00,053,760 | ---- | C] (Microsoft Corporation)<BR>sw_effct.dll -> %SystemRoot%\System32\dllcache\sw_effct.dll -> [2009/01/22 14:22:36 | 00,041,472 | ---- | C] (Microsoft Corporation)<BR>stlnprop.dll -> %SystemRoot%\System32\dllcache\stlnprop.dll -> [2009/01/22 14:22:33 | 00,155,648 | ---- | C] (Stallion Technologies)<BR>stlncoin.dll -> %SystemRoot%\System32\dllcache\stlncoin.dll -> [2009/01/22 14:22:32 | 00,053,248 | ---- | C] (Stallion Technologies)<BR>stlnata.sys -> %SystemRoot%\System32\dllcache\stlnata.sys -> [2009/01/22 14:22:31 | 00,285,760 | ---- | C] (Stallion Technologies)<BR>stcusb.sys -> %SystemRoot%\System32\dllcache\stcusb.sys -> [2009/01/22 14:22:29 | 00,016,896 | ---- | C] (SCM Microsystems, Inc.)<BR>srwlnd5.sys -> %SystemRoot%\System32\dllcache\srwlnd5.sys -> [2009/01/22 14:22:24 | 00,048,736 | ---- | C] (3Com)<BR>srusd.dll -> %SystemRoot%\System32\dllcache\srusd.dll -> [2009/01/22 14:22:23 | 00,099,328 | ---- | C] (Microsoft Corporation)<BR>spxupchk.dll -> %SystemRoot%\System32\dllcache\spxupchk.dll -> [2009/01/22 14:22:17 | 00,024,660 | ---- | C] (Perle Systems Ltd.)<BR>speed.sys -> %SystemRoot%\System32\dllcache\speed.sys -> [2009/01/22 14:22:13 | 00,061,824 | ---- | C] (Perle Systems Ltd.)<BR>spdports.dll -> %SystemRoot%\System32\dllcache\spdports.dll -> [2009/01/22 14:22:12 | 00,106,584 | ---- | C] (Perle Systems Ltd.)<BR>sparrow.sys -> %SystemRoot%\System32\dllcache\sparrow.sys -> [2009/01/22 14:22:11 | 00,019,072 | ---- | C] (Adaptec, Inc.)<BR>sonymc.sys -> %SystemRoot%\System32\dllcache\sonymc.sys -> [2009/01/22 14:22:08 | 00,009,600 | ---- | C] (Microsoft Corporation)<BR>sonyait.sys -> %SystemRoot%\System32\dllcache\sonyait.sys -> [2009/01/22 14:22:06 | 00,007,552 | ---- | C] (Microsoft Corporation)<BR>snyaitmc.sys -> %SystemRoot%\System32\dllcache\snyaitmc.sys -> [2009/01/22 14:22:04 | 00,007,040 | ---- | C] (Microsoft Corporation)<BR>smiminib.sys -> %SystemRoot%\System32\dllcache\smiminib.sys -> [2009/01/22 14:21:54 | 00,058,368 | ---- | C] (Silicon Motion Inc.)<BR>smidispb.dll -> %SystemRoot%\System32\dllcache\smidispb.dll -> [2009/01/22 14:21:53 | 00,147,200 | ---- | C] (Silicon Motion Inc.)<BR>smcpwr2n.sys -> %SystemRoot%\System32\dllcache\smcpwr2n.sys -> [2009/01/22 14:21:52 | 00,025,034 | ---- | C] (SMC Networks, Inc.)<BR>smcirda.sys -> %SystemRoot%\System32\dllcache\smcirda.sys -> [2009/01/22 14:21:51 | 00,035,913 | ---- | C] (SMC)<BR>smc8000n.sys -> %SystemRoot%\System32\dllcache\smc8000n.sys -> [2009/01/22 14:21:50 | 00,024,576 | ---- | C] (SMC Networks, Inc.)<BR>smbhc.sys -> %SystemRoot%\System32\dllcache\smbhc.sys -> [2009/01/22 14:21:49 | 00,006,784 | ---- | C] (Microsoft Corporation)<BR>smbclass.sys -> %SystemRoot%\System32\dllcache\smbclass.sys -> [2009/01/22 14:21:48 | 00,006,912 | ---- | C] (Microsoft Corporation)<BR>smbbatt.sys -> %SystemRoot%\System32\dllcache\smbbatt.sys -> [2009/01/22 14:21:46 | 00,016,000 | ---- | C] (Microsoft Corporation)<BR>smb3w.dll -> %SystemRoot%\System32\dllcache\smb3w.dll -> [2009/01/22 14:21:45 | 00,045,568 | ---- | C] (Microsoft Corporation)<BR>smb0w.dll -> %SystemRoot%\System32\dllcache\smb0w.dll -> [2009/01/22 14:21:45 | 00,033,792 | ---- | C] (Microsoft Corporation)<BR>sma0w.dll -> %SystemRoot%\System32\dllcache\sma0w.dll -> [2009/01/22 14:21:43 | 00,028,672 | ---- | C] (Microsoft Corporation)<BR>sm91w.dll -> %SystemRoot%\System32\dllcache\sm91w.dll -> [2009/01/22 14:21:41 | 00,028,160 | ---- | C] (Microsoft Corporation)<BR>skfpwin.sys -> %SystemRoot%\System32\dllcache\skfpwin.sys -> [2009/01/22 14:21:31 | 00,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.)<BR>sla30nd5.sys -> %SystemRoot%\System32\dllcache\sla30nd5.sys -> [2009/01/22 14:21:31 | 00,063,547 | ---- | C] (Symbol Technologies)<BR>sk98xwin.sys -> %SystemRoot%\System32\dllcache\sk98xwin.sys -> [2009/01/22 14:21:30 | 00,094,698 | ---- | C] (SysKonnect GmbH.)<BR>sisnic.sys -> %SystemRoot%\System32\dllcache\sisnic.sys -> [2009/01/22 14:21:27 | 00,032,768 | ---- | C] (SiS Corporation)<BR>sgsmusb.sys -> %SystemRoot%\System32\dllcache\sgsmusb.sys -> [2009/01/22 14:21:13 | 00,161,568 | ---- | C] (Micro Systemation)<BR>sgiulnt5.sys -> %SystemRoot%\System32\dllcache\sgiulnt5.sys -> [2009/01/22 14:21:12 | 00,098,080 | ---- | C] (Trident Microsystems Inc.)<BR>sgsmld.sys -> %SystemRoot%\System32\dllcache\sgsmld.sys -> [2009/01/22 14:21:12 | 00,018,400 | ---- | C] (Micro Systemation)<BR>sgiul50.dll -> %SystemRoot%\System32\dllcache\sgiul50.dll -> [2009/01/22 14:21:11 | 00,386,560 | ---- | C] (Trident Microsystems Inc.)<BR>sermouse.sys -> %SystemRoot%\System32\dllcache\sermouse.sys -> [2009/01/22 14:21:06 | 00,017,664 | ---- | C] (Microsoft Corporation)<BR>serscan.sys -> %SystemRoot%\System32\dllcache\serscan.sys -> [2009/01/22 14:21:06 | 00,006,784 | ---- | C] (Microsoft Corporation)<BR>seaddsmc.sys -> %SystemRoot%\System32\dllcache\seaddsmc.sys -> [2009/01/22 14:21:02 | 00,006,912 | ---- | C] (Microsoft Corporation)<BR>scsiprnt.sys -> %SystemRoot%\System32\dllcache\scsiprnt.sys -> [2009/01/22 14:20:59 | 00,011,648 | ---- | C] (Microsoft Corporation)<BR>scsiscan.sys -> %SystemRoot%\System32\dllcache\scsiscan.sys -> [2009/01/22 14:20:59 | 00,011,520 | ---- | C] (Microsoft Corporation)<BR>scr111.sys -> %SystemRoot%\System32\dllcache\scr111.sys -> [2009/01/22 14:20:56 | 00,017,280 | ---- | C] (SCM Microsystems)<BR>scmstcs.sys -> %SystemRoot%\System32\dllcache\scmstcs.sys -> [2009/01/22 14:20:56 | 00,016,640 | ---- | C] (Microsoft Corporation)<BR>sccmusbm.sys -> %SystemRoot%\System32\dllcache\sccmusbm.sys -> [2009/01/22 14:20:53 | 00,023,936 | ---- | C] (OMNIKEY AG)<BR>sccmn50m.sys -> %SystemRoot%\System32\dllcache\sccmn50m.sys -> [2009/01/22 14:20:53 | 00,023,936 | ---- | C] (OMNIKEY AG)<BR>sbp2port.sys -> %SystemRoot%\System32\dllcache\sbp2port.sys -> [2009/01/22 14:20:50 | 00,043,904 | ---- | C] (Microsoft Corporation)<BR>s3sav4m.sys -> %SystemRoot%\System32\dllcache\s3sav4m.sys -> [2009/01/22 14:20:45 | 00,077,824 | ---- | C] (S3 Incorporated)<BR>s3sav4.dll -> %SystemRoot%\System32\dllcache\s3sav4.dll -> [2009/01/22 14:20:44 | 00,198,400 | ---- | C] (S3 Incorporated)<BR>s3sav3dm.sys -> %SystemRoot%\System32\dllcache\s3sav3dm.sys -> [2009/01/22 14:20:44 | 00,061,504 | ---- | C] (S3 Incorporated)<BR>s3mvirge.dll -> %SystemRoot%\System32\dllcache\s3mvirge.dll -> [2009/01/22 14:20:43 | 00,210,496 | ---- | C] (S3 Incorporated)<BR>s3sav3d.dll -> %SystemRoot%\System32\dllcache\s3sav3d.dll -> [2009/01/22 14:20:43 | 00,179,264 | ---- | C] (S3 Incorporated)<BR>s3mtrio.dll -> %SystemRoot%\System32\dllcache\s3mtrio.dll -> [2009/01/22 14:20:42 | 00,062,496 | ---- | C] (S3 Incorporated)<BR>s3mt3d.dll -> %SystemRoot%\System32\dllcache\s3mt3d.dll -> [2009/01/22 14:20:41 | 00,182,272 | ---- | C] (S3 Incorporated)<BR>s3mt3d.sys -> %SystemRoot%\System32\dllcache\s3mt3d.sys -> [2009/01/22 14:20:41 | 00,041,216 | ---- | C] (S3 Incorporated)<BR>s3m.sys -> %SystemRoot%\System32\dllcache\s3m.sys -> [2009/01/22 14:20:40 | 00,166,720 | ---- | C] (S3 Incorporated)<BR>s3legacy.sys -> %SystemRoot%\System32\dllcache\s3legacy.sys -> [2009/01/22 14:20:39 | 00,065,664 | ---- | C] (Microsoft Corporation)<BR>rwia450.dll -> %SystemRoot%\System32\dllcache\rwia450.dll -> [2009/01/22 14:20:38 | 00,082,432 | ---- | C] (Ricoh Co., Ltd.)<BR>rwia430.dll -> %SystemRoot%\System32\dllcache\rwia430.dll -> [2009/01/22 14:20:37 | 00,079,872 | ---- | C] (Ricoh Co., Ltd.)<BR>rw450ext.dll -> %SystemRoot%\System32\dllcache\rw450ext.dll -> [2009/01/22 14:20:34 | 00,029,696 | ---- | C] (Ricoh Co., Ltd.)<BR>rw430ext.dll -> %SystemRoot%\System32\dllcache\rw430ext.dll -> [2009/01/22 14:20:33 | 00,027,648 | ---- | C] (Ricoh Co., Ltd.)<BR>rtl8139.sys -> %SystemRoot%\System32\dllcache\rtl8139.sys -> [2009/01/22 14:20:29 | 00,020,992 | ---- | C] (Realtek Semiconductor Corporation)<BR>rtl8029.sys -> %SystemRoot%\System32\dllcache\rtl8029.sys -> [2009/01/22 14:20:28 | 00,019,017 | ---- | C] (Realtek Semiconductor Corporation)<BR>rsmgrstr.dll -> %SystemRoot%\System32\dllcache\rsmgrstr.dll -> [2009/01/22 14:20:24 | 00,009,216 | ---- | C] (Brother Industries, Ltd.)<BR>rocket.sys -> %SystemRoot%\System32\dllcache\rocket.sys -> [2009/01/22 14:20:18 | 00,079,104 | ---- | C] (Comtrol Corporation)<BR>rlnet5.sys -> %SystemRoot%\System32\dllcache\rlnet5.sys -> [2009/01/22 14:20:17 | 00,037,563 | ---- | C] (RadioLAN)<BR>reslog32.dll -> %SystemRoot%\System32\dllcache\reslog32.dll -> [2009/01/22 14:20:15 | 00,086,097 | ---- | C] (Xircom)<BR>rasirda.sys -> %SystemRoot%\System32\dllcache\rasirda.sys -> [2009/01/22 14:20:01 | 00,019,584 | ---- | C] (Microsoft Corporation)<BR>r2mdkxga.sys -> %SystemRoot%\System32\dllcache\r2mdkxga.sys -> [2009/01/22 14:19:58 | 00,899,146 | ---- | C] (Xircom, Inc.)<BR>r2mdmkxx.sys -> %SystemRoot%\System32\dllcache\r2mdmkxx.sys -> [2009/01/22 14:19:58 | 00,714,762 | ---- | C] (Xircom, Inc.)<BR>qvusd.dll -> %SystemRoot%\System32\dllcache\qvusd.dll -> [2009/01/22 14:19:57 | 00,041,472 | ---- | C] (Microsoft Corporation)<BR>qv2kux.sys -> %SystemRoot%\System32\dllcache\qv2kux.sys -> [2009/01/22 14:19:56 | 00,003,328 | ---- | C] (Microsoft Corporation)<BR>ql1240.sys -> %SystemRoot%\System32\dllcache\ql1240.sys -> [2009/01/22 14:19:51 | 00,040,448 | ---- | C] (Microsoft Corporation)<BR>ql10wnt.sys -> %SystemRoot%\System32\dllcache\ql10wnt.sys -> [2009/01/22 14:19:49 | 00,033,152 | ---- | C] (Microsoft Corporation)<BR>qic157.sys -> %SystemRoot%\System32\dllcache\qic157.sys -> [2009/01/22 14:19:47 | 00,006,016 | ---- | C] (Microsoft Corporation)<BR>ptserlv.sys -> %SystemRoot%\System32\dllcache\ptserlv.sys -> [2009/01/22 14:19:44 | 00,130,942 | ---- | C] (PCTEL, INC.)<BR>ptserli.sys -> %SystemRoot%\System32\dllcache\ptserli.sys -> [2009/01/22 14:19:43 | 00,128,286 | ---- | C] (PCTEL, INC.)<BR>ptserlp.sys -> %SystemRoot%\System32\dllcache\ptserlp.sys -> [2009/01/22 14:19:43 | 00,112,574 | ---- | C] (PCTEL, INC.)<BR>ptpusd.dll -> %SystemRoot%\System32\dllcache\ptpusd.dll -> [2009/01/22 14:19:41 | 00,159,232 | ---- | C] (Microsoft Corporation)<BR>ptpusb.dll -> %SystemRoot%\System32\dllcache\ptpusb.dll -> [2009/01/22 14:19:41 | 00,005,632 | ---- | C] (Microsoft Corporation)<BR>psisload.dll -> %SystemRoot%\System32\dllcache\psisload.dll -> [2009/01/22 14:19:39 | 00,035,328 | ---- | C] (Microsoft Corporation)<BR>pscr.sys -> %SystemRoot%\System32\dllcache\pscr.sys -> [2009/01/22 14:19:38 | 00,016,128 | ---- | C] (SCM Microsystems, Inc.)<BR>prcp.nls -> %SystemRoot%\System32\dllcache\prcp.nls -> [2009/01/22 14:19:33 | 00,083,748 | ---- | C] ()<BR>prc.nls -> %SystemRoot%\System32\dllcache\prc.nls -> [2009/01/22 14:19:33 | 00,083,748 | ---- | C] ()<BR>ppa3.sys -> %SystemRoot%\System32\dllcache\ppa3.sys -> [2009/01/22 14:19:32 | 00,017,664 | ---- | C] (Microsoft Corporation)<BR>ppa.sys -> %SystemRoot%\System32\dllcache\ppa.sys -> [2009/01/22 14:19:31 | 00,017,792 | ---- | C] (Microsoft Corporation)<BR>powerfil.sys -> %SystemRoot%\System32\dllcache\powerfil.sys -> [2009/01/22 14:19:30 | 00,008,832 | ---- | C] (Microsoft Corporation)<BR>pnrmc.sys -> %SystemRoot%\System32\dllcache\pnrmc.sys -> [2009/01/22 14:19:27 | 00,007,168 | ---- | C] (Microsoft Corporation)<BR>phvfwext.dll -> %SystemRoot%\System32\dllcache\phvfwext.dll -> [2009/01/22 14:19:21 | 00,121,344 | ---- | C] (Microsoft Corporation)<BR>phildec.sys -> %SystemRoot%\System32\dllcache\phildec.sys -> [2009/01/22 14:19:19 | 00,092,416 | ---- | C] (Microsoft Corporation)<BR>philtune.sys -> %SystemRoot%\System32\dllcache\philtune.sys -> [2009/01/22 14:19:19 | 00,019,840 | ---- | C] (Microsoft Corporation)<BR>philcam2.sys -> %SystemRoot%\System32\dllcache\philcam2.sys -> [2009/01/22 14:19:18 | 00,173,696 | ---- | C] (Microsoft Corporation)<BR>philcam1.sys -> %SystemRoot%\System32\dllcache\philcam1.sys -> [2009/01/22 14:19:18 | 00,075,776 | ---- | C] (Microsoft Corporation)<BR>philcam1.dll -> %SystemRoot%\System32\dllcache\philcam1.dll -> [2009/01/22 14:19:17 | 00,016,384 | ---- | C] (Microsoft Corporation)<BR>phdsext.ax -> %SystemRoot%\System32\dllcache\phdsext.ax -> [2009/01/22 14:19:16 | 00,105,984 | ---- | C] (Microsoft Corporation)<BR>perm3dd.dll -> %SystemRoot%\System32\dllcache\perm3dd.dll -> [2009/01/22 14:19:14 | 00,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.)<BR>perm3.sys -> %SystemRoot%\System32\dllcache\perm3.sys -> [2009/01/22 14:19:13 | 00,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.)<BR>perm2dll.dll -> %SystemRoot%\System32\dllcache\perm2dll.dll -> [2009/01/22 14:19:12 | 00,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.)<BR>perm2.sys -> %SystemRoot%\System32\dllcache\perm2.sys -> [2009/01/22 14:19:11 | 00,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.)<BR>perc2hib.sys -> %SystemRoot%\System32\dllcache\perc2hib.sys -> [2009/01/22 14:19:09 | 00,005,504 | ---- | C] (Microsoft Corporation)<BR>perc2.sys -> %SystemRoot%\System32\dllcache\perc2.sys -> [2009/01/22 14:19:08 | 00,027,296 | ---- | C] (Microsoft Corporation)<BR>pcx500.sys -> %SystemRoot%\System32\dllcache\pcx500.sys -> [2009/01/22 14:19:06 | 00,169,984 | ---- | C] (Cisco Systems)<BR>pctspk.exe -> %SystemRoot%\System32\dllcache\pctspk.exe -> [2009/01/22 14:19:05 | 00,086,016 | ---- | C] (PCtel, Inc.)<BR>pcntpci5.sys -> %SystemRoot%\System32\dllcache\pcntpci5.sys -> [2009/01/22 14:19:05 | 00,035,328 | ---- | C] (AMD Inc.)<BR>pcntn5hl.sys -> %SystemRoot%\System32\dllcache\pcntn5hl.sys -> [2009/01/22 14:19:04 | 00,030,282 | ---- | C] (AMD Inc.)<BR>pcntn5m.sys -> %SystemRoot%\System32\dllcache\pcntn5m.sys -> [2009/01/22 14:19:04 | 00,029,769 | ---- | C] (AMD Inc.)<BR>pcmlm56.sys -> %SystemRoot%\System32\dllcache\pcmlm56.sys -> [2009/01/22 14:19:03 | 00,026,153 | ---- | C] (Linksys)<BR>pciide.sys -> %SystemRoot%\System32\dllcache\pciide.sys -> [2009/01/22 14:19:02 | 00,003,328 | ---- | C] (Microsoft Corporation)<BR>pca200e.sys -> %SystemRoot%\System32\dllcache\pca200e.sys -> [2009/01/22 14:19:00 | 00,029,502 | ---- | C] (Marconi Communications, Inc.)<BR>pc100nds.sys -> %SystemRoot%\System32\dllcache\pc100nds.sys -> [2009/01/22 14:18:59 | 00,030,495 | ---- | C] (Linksys)<BR>ovui2.dll -> %SystemRoot%\System32\dllcache\ovui2.dll -> [2009/01/22 14:18:51 | 00,044,544 | ---- | C] (Microsoft Corporation)<BR>ovui2rc.dll -> %SystemRoot%\System32\dllcache\ovui2rc.dll -> [2009/01/22 14:18:51 | 00,041,984 | ---- | C] (Microsoft Corporation)<BR>ovsound2.sys -> %SystemRoot%\System32\dllcache\ovsound2.sys -> [2009/01/22 14:18:50 | 00,025,216 | ---- | C] (Microsoft Corporation)<BR>ovcoms.exe -> %SystemRoot%\System32\dllcache\ovcoms.exe -> [2009/01/22 14:18:49 | 00,039,424 | ---- | C] (Microsoft Corporation)<BR>ovcomc.dll -> %SystemRoot%\System32\dllcache\ovcomc.dll -> [2009/01/22 14:18:49 | 00,020,480 | ---- | C] (Microsoft Corporation)<BR>ovcodek2.sys -> %SystemRoot%\System32\dllcache\ovcodek2.sys -> [2009/01/22 14:18:48 | 00,351,616 | ---- | C] (Microsoft Corporation)<BR>ovcodec2.dll -> %SystemRoot%\System32\dllcache\ovcodec2.dll -> [2009/01/22 14:18:48 | 00,116,736 | ---- | C] (Microsoft Corporation)<BR>ovce.sys -> %SystemRoot%\System32\dllcache\ovce.sys -> [2009/01/22 14:18:47 | 00,031,872 | ---- | C] (Microsoft Corporation)<BR>ovcd.sys -> %SystemRoot%\System32\dllcache\ovcd.sys -> [2009/01/22 14:18:47 | 00,028,032 | ---- | C] (Microsoft Corporation)<BR>ovcam2.sys -> %SystemRoot%\System32\dllcache\ovcam2.sys -> [2009/01/22 14:18:46 | 00,048,000 | ---- | C] (Microsoft Corporation)<BR>ovca.sys -> %SystemRoot%\System32\dllcache\ovca.sys -> [2009/01/22 14:18:46 | 00,025,088 | ---- | C] (Microsoft Corporation)<BR>otcsercb.sys -> %SystemRoot%\System32\dllcache\otcsercb.sys -> [2009/01/22 14:18:45 | 00,054,186 | ---- | C] (Ositech Communications, Inc.)<BR>otceth5.sys -> %SystemRoot%\System32\dllcache\otceth5.sys -> [2009/01/22 14:18:44 | 00,043,689 | ---- | C] (Ositech Communications, Inc.)<BR>otc06x5.sys -> %SystemRoot%\System32\dllcache\otc06x5.sys -> [2009/01/22 14:18:44 | 00,027,209 | ---- | C] (Ositech Communications, Inc.)<BR>opl3sax.sys -> %SystemRoot%\System32\dllcache\opl3sax.sys -> [2009/01/22 14:18:42 | 00,054,528 | ---- | C] (Yamaha Corp.)<BR>ntgrip.sys -> %SystemRoot%\System32\dllcache\ntgrip.sys -> [2009/01/22 14:18:19 | 00,051,552 | ---- | C] (Kensington Technology Group)<BR>ntapm.sys -> %SystemRoot%\System32\dllcache\ntapm.sys -> [2009/01/22 14:18:16 | 00,009,344 | ---- | C] (Microsoft Corporation)<BR>nsmmc.sys -> %SystemRoot%\System32\dllcache\nsmmc.sys -> [2009/01/22 14:18:15 | 00,007,552 | ---- | C] (Microsoft Corporation)<BR>nm6wdm.sys -> %SystemRoot%\System32\dllcache\nm6wdm.sys -> [2009/01/22 14:18:09 | 00,087,040 | ---- | C] (NeoMagic Corporation)<BR>nm5a2wdm.sys -> %SystemRoot%\System32\dllcache\nm5a2wdm.sys -> [2009/01/22 14:18:08 | 00,126,080 | ---- | C] (NeoMagic Corporation)<BR>ngrpci.sys -> %SystemRoot%\System32\dllcache\ngrpci.sys -> [2009/01/22 14:18:06 | 00,032,840 | ---- | C] (NETGEAR Corporation.)<BR>netwlan5.sys -> %SystemRoot%\System32\dllcache\netwlan5.sys -> [2009/01/22 14:18:04 | 00,132,695 | ---- | C] (802.11b)<BR>netflx3.sys -> %SystemRoot%\System32\dllcache\netflx3.sys -> [2009/01/22 14:17:59 | 00,065,278 | ---- | C] (Compaq Computer Corporation)<BR>neo20xx.sys -> %SystemRoot%\System32\dllcache\neo20xx.sys -> [2009/01/22 14:17:56 | 00,039,264 | ---- | C] (NeoMagic Corporation)<BR>neo20xx.dll -> %SystemRoot%\System32\dllcache\neo20xx.dll -> [2009/01/22 14:17:55 | 00,060,480 | ---- | C] (NeoMagic Corporation)<BR>ne2000.sys -> %SystemRoot%\System32\dllcache\ne2000.sys -> [2009/01/22 14:17:55 | 00,015,872 | ---- | C] (Microsoft Corporation)<BR>n9i3disp.dll -> %SystemRoot%\System32\dllcache\n9i3disp.dll -> [2009/01/22 14:17:50 | 00,091,488 | ---- | C] (Number Nine Visual Technology Corp.)<BR>n9i3d.sys -> %SystemRoot%\System32\dllcache\n9i3d.sys -> [2009/01/22 14:17:49 | 00,027,936 | ---- | C] (Number Nine Visual Technology Corp.)<BR>n9i128v2.dll -> %SystemRoot%\System32\dllcache\n9i128v2.dll -> [2009/01/22 14:17:48 | 00,059,104 | ---- | C] (Number Nine Visual Technology Corp.)<BR>n9i128v2.sys -> %SystemRoot%\System32\dllcache\n9i128v2.sys -> [2009/01/22 14:17:48 | 00,033,088 | ---- | C] (Number Nine Visual Technology Corp.)<BR>n9i128.dll -> %SystemRoot%\System32\dllcache\n9i128.dll -> [2009/01/22 14:17:47 | 00,035,392 | ---- | C] (Number Nine Visual Technology Corp.)<BR>n9i128.sys -> %SystemRoot%\System32\dllcache\n9i128.sys -> [2009/01/22 14:17:47 | 00,013,664 | ---- | C] (Number Nine Visual Technology Corp.)<BR>n100325.sys -> %SystemRoot%\System32\dllcache\n100325.sys -> [2009/01/22 14:17:46 | 00,128,000 | ---- | C] (Compaq Computer Corporation)<BR>n1000nt5.sys -> %SystemRoot%\System32\dllcache\n1000nt5.sys -> [2009/01/22 14:17:45 | 00,052,255 | ---- | C] (Compaq Computer Corporation)<BR>mxport.sys -> %SystemRoot%\System32\dllcache\mxport.sys -> [2009/01/22 14:17:44 | 00,075,520 | ---- | C] (Moxa Technologies Co., Ltd.)<BR>mxnic.sys -> %SystemRoot%\System32\dllcache\mxnic.sys -> [2009/01/22 14:17:43 | 00,019,968 | ---- | C] (Macronix International Co., Ltd.											   )<BR>mxport.dll -> %SystemRoot%\System32\dllcache\mxport.dll -> [2009/01/22 14:17:43 | 00,007,168 | ---- | C] (Moxa Technologies Co., Ltd)<BR>mxcard.sys -> %SystemRoot%\System32\dllcache\mxcard.sys -> [2009/01/22 14:17:42 | 00,021,888 | ---- | C] (Moxa Technologies Co., Ltd.)<BR>mxicfg.dll -> %SystemRoot%\System32\dllcache\mxicfg.dll -> [2009/01/22 14:17:42 | 00,019,968 | ---- | C] (Moxa Technologies Co., Ltd)<BR>mtxvideo.sys -> %SystemRoot%\System32\dllcache\mtxvideo.sys -> [2009/01/22 14:17:39 | 00,103,296 | ---- | C] (Matrox Graphics Inc)<BR>mstape.sys -> %SystemRoot%\System32\dllcache\mstape.sys -> [2009/01/22 14:17:25 | 00,049,024 | ---- | C] (Microsoft Corporation)<BR>msriffwv.sys -> %SystemRoot%\System32\dllcache\msriffwv.sys -> [2009/01/22 14:17:21 | 00,012,416 | ---- | C] (Microsoft Corporation)<BR>msmpu401.sys -> %SystemRoot%\System32\dllcache\msmpu401.sys -> [2009/01/22 14:17:13 | 00,002,944 | ---- | C] (Microsoft Corporation)<BR>msircomm.sys -> %SystemRoot%\System32\dllcache\msircomm.sys -> [2009/01/22 14:17:10 | 00,022,016 | ---- | C] (Microsoft Corporation)<BR>msgame.sys -> %SystemRoot%\System32\dllcache\msgame.sys -> [2009/01/22 14:16:59 | 00,035,200 | ---- | C] (Microsoft Corporation)<BR>msfsio.sys -> %SystemRoot%\System32\dllcache\msfsio.sys -> [2009/01/22 14:16:58 | 00,006,016 | ---- | C] (Microsoft Corporation)<BR>mraid35x.sys -> %SystemRoot%\System32\dllcache\mraid35x.sys -> [2009/01/22 14:16:47 | 00,017,280 | ---- | C] (American Megatrends Inc.)<BR>modemcsa.sys -> %SystemRoot%\System32\dllcache\modemcsa.sys -> [2009/01/22 14:16:33 | 00,016,128 | ---- | C] (Microsoft Corporation)<BR>miniqic.sys -> %SystemRoot%\System32\dllcache\miniqic.sys -> [2009/01/22 14:16:26 | 00,006,528 | ---- | C] (Microsoft Corporation)<BR>memgrp.dll -> %SystemRoot%\System32\dllcache\memgrp.dll -> [2009/01/22 14:16:18 | 00,047,616 | ---- | C] (Microsoft Corporation)<BR>memcard.sys -> %SystemRoot%\System32\dllcache\memcard.sys -> [2009/01/22 14:16:17 | 00,008,320 | ---- | C] (Microsoft Corporation)<BR>mdgndis5.sys -> %SystemRoot%\System32\dllcache\mdgndis5.sys -> [2009/01/22 14:16:14 | 00,164,586 | ---- | C] (Madge Networks Ltd)<BR>mammoth.sys -> %SystemRoot%\System32\dllcache\mammoth.sys -> [2009/01/22 14:16:10 | 00,007,424 | ---- | C] (Microsoft Corporation)<BR>m3092dc.dll -> %SystemRoot%\System32\dllcache\m3092dc.dll -> [2009/01/22 14:16:07 | 00,058,880 | ---- | C] (Microsoft Corporation)<BR>m3091dc.dll -> %SystemRoot%\System32\dllcache\m3091dc.dll -> [2009/01/22 14:16:07 | 00,058,368 | ---- | C] (Microsoft Corporation)<BR>ltsmt.sys -> %SystemRoot%\System32\dllcache\ltsmt.sys -> [2009/01/22 14:16:04 | 00,797,500 | ---- | C] (LT)<BR>ltsm.sys -> %SystemRoot%\System32\dllcache\ltsm.sys -> [2009/01/22 14:16:03 | 00,802,683 | ---- | C] (Lucent Technologies)<BR>ltotape.sys -> %SystemRoot%\System32\dllcache\ltotape.sys -> [2009/01/22 14:16:02 | 00,007,040 | ---- | C] (Microsoft Corporation)<BR>ltmdmntl.sys -> %SystemRoot%\System32\dllcache\ltmdmntl.sys -> [2009/01/22 14:16:01 | 00,576,746 | ---- | C] (LT)<BR>ltmdmntt.sys -> %SystemRoot%\System32\dllcache\ltmdmntt.sys -> [2009/01/22 14:16:01 | 00,420,992 | ---- | C] (LT)<BR>ltmdmnt.sys -> %SystemRoot%\System32\dllcache\ltmdmnt.sys -> [2009/01/22 14:16:00 | 00,606,684 | ---- | C] (LT)<BR>ltck000c.sys -> %SystemRoot%\System32\dllcache\ltck000c.sys -> [2009/01/22 14:15:59 | 00,727,786 | ---- | C] (Xircom, Inc.)<BR>loop.sys -> %SystemRoot%\System32\dllcache\loop.sys -> [2009/01/22 14:15:57 | 00,004,992 | ---- | C] (Microsoft Corporation)<BR>lne100tx.sys -> %SystemRoot%\System32\dllcache\lne100tx.sys -> [2009/01/22 14:15:52 | 00,070,730 | ---- | C] (Linksys Group, Inc.)<BR>lne100.sys -> %SystemRoot%\System32\dllcache\lne100.sys -> [2009/01/22 14:15:51 | 00,020,573 | ---- | C] (The Linksts Group )<BR>lmndis3.sys -> %SystemRoot%\System32\dllcache\lmndis3.sys -> [2009/01/22 14:15:50 | 00,025,065 | ---- | C] (D-Link)<BR>lit220p.sys -> %SystemRoot%\System32\dllcache\lit220p.sys -> [2009/01/22 14:15:49 | 00,015,744 | ---- | C] (Litronic Industries)<BR>lbrtfdc.sys -> %SystemRoot%\System32\dllcache\lbrtfdc.sys -> [2009/01/22 14:15:47 | 00,034,688 | ---- | C] (Toshiba Corp.)<BR>lanepic5.sys -> %SystemRoot%\System32\dllcache\lanepic5.sys -> [2009/01/22 14:15:46 | 00,026,442 | ---- | C] (SMSC)<BR>ktc111.sys -> %SystemRoot%\System32\dllcache\ktc111.sys -> [2009/01/22 14:15:45 | 00,019,016 | ---- | C] (Kingston Technology Company															 )<BR>ksc.nls -> %SystemRoot%\System32\dllcache\ksc.nls -> [2009/01/22 14:15:43 | 00,047,066 | ---- | C] ()<BR>kousd.dll -> %SystemRoot%\System32\dllcache\kousd.dll -> [2009/01/22 14:15:42 | 00,037,376 | ---- | C] (Microsoft Corporation)<BR>kdsusd.dll -> %SystemRoot%\System32\dllcache\kdsusd.dll -> [2009/01/22 14:15:37 | 00,253,952 | ---- | C] (Microsoft Corporation)<BR>kdsui.dll -> %SystemRoot%\System32\dllcache\kdsui.dll -> [2009/01/22 14:15:37 | 00,048,640 | ---- | C] (Microsoft Corporation)<BR>kbdjpn.dll -> %SystemRoot%\System32\dllcache\kbdjpn.dll -> [2009/01/22 14:15:23 | 00,008,704 | ---- | C] (Microsoft Corporation)<BR>kbdkor.dll -> %SystemRoot%\System32\dllcache\kbdkor.dll -> [2009/01/22 14:15:23 | 00,008,192 | ---- | C] (Microsoft Corporation)<BR>kbd106.dll -> %SystemRoot%\System32\dllcache\kbd106.dll -> [2009/01/22 14:15:05 | 00,006,144 | ---- | C] (Microsoft Corporation)<BR>kbd101c.dll -> %SystemRoot%\System32\dllcache\kbd101c.dll -> [2009/01/22 14:15:04 | 00,006,144 | ---- | C] (Microsoft Corporation)<BR>kbd103.dll -> %SystemRoot%\System32\dllcache\kbd103.dll -> [2009/01/22 14:15:04 | 00,005,632 | ---- | C] (Microsoft Corporation)<BR>kbd101b.dll -> %SystemRoot%\System32\dllcache\kbd101b.dll -> [2009/01/22 14:15:03 | 00,006,144 | ---- | C] (Microsoft Corporation)<BR>irsir.sys -> %SystemRoot%\System32\dllcache\irsir.sys -> [2009/01/22 14:14:56 | 00,018,688 | ---- | C] (Microsoft Corporation)<BR>irmon.dll -> %SystemRoot%\System32\dllcache\irmon.dll -> [2009/01/22 14:14:55 | 00,028,160 | ---- | C] (Microsoft Corporation)<BR>irmk7.sys -> %SystemRoot%\System32\dllcache\irmk7.sys -> [2009/01/22 14:14:54 | 00,023,552 | ---- | C] (MKNet Corporation)<BR>irftp.exe -> %SystemRoot%\System32\dllcache\irftp.exe -> [2009/01/22 14:14:53 | 00,151,552 | ---- | C] (Microsoft Corporation)<BR>irda.sys -> %SystemRoot%\System32\dllcache\irda.sys -> [2009/01/22 14:14:53 | 00,088,192 | ---- | C] (Microsoft Corporation)<BR>ip5515.sys -> %SystemRoot%\System32\dllcache\ip5515.sys -> [2009/01/22 14:14:45 | 00,045,632 | ---- | C] (Interphase (R) Corporation a Windows (R) 2000 DDK Driver Provider)<BR>io8ports.dll -> %SystemRoot%\System32\dllcache\io8ports.dll -> [2009/01/22 14:14:44 | 00,090,200 | ---- | C] (Perle Systems Ltd. )<BR>io8.sys -> %SystemRoot%\System32\dllcache\io8.sys -> [2009/01/22 14:14:43 | 00,038,784 | ---- | C] (Perle Systems Ltd. )<BR>inport.sys -> %SystemRoot%\System32\dllcache\inport.sys -> [2009/01/22 14:14:42 | 00,013,056 | ---- | C] (Microsoft Corporation)<BR>ini910u.sys -> %SystemRoot%\System32\dllcache\ini910u.sys -> [2009/01/22 14:14:41 | 00,016,000 | ---- | C] (Microsoft Corporation)<BR>iconf32.dll -> %SystemRoot%\System32\dllcache\iconf32.dll -> [2009/01/22 14:14:05 | 00,372,824 | ---- | C] (Xircom)<BR>icam5usb.sys -> %SystemRoot%\System32\dllcache\icam5usb.sys -> [2009/01/22 14:14:04 | 00,100,992 | ---- | C] (Microsoft Corporation)<BR>icam5com.dll -> %SystemRoot%\System32\dllcache\icam5com.dll -> [2009/01/22 14:14:03 | 00,045,056 | ---- | C] (Microsoft Corporation)<BR>icam5ext.dll -> %SystemRoot%\System32\dllcache\icam5ext.dll -> [2009/01/22 14:14:03 | 00,020,480 | ---- | C] (Microsoft Corporation)<BR>icam4usb.sys -> %SystemRoot%\System32\dllcache\icam4usb.sys -> [2009/01/22 14:14:02 | 00,154,496 | ---- | C] (Microsoft Corporation)<BR>icam4ext.dll -> %SystemRoot%\System32\dllcache\icam4ext.dll -> [2009/01/22 14:14:02 | 00,061,952 | ---- | C] (Microsoft Corporation)<BR>icam4com.dll -> %SystemRoot%\System32\dllcache\icam4com.dll -> [2009/01/22 14:14:01 | 00,091,136 | ---- | C] (Microsoft Corporation)<BR>icam3ext.dll -> %SystemRoot%\System32\dllcache\icam3ext.dll -> [2009/01/22 14:14:01 | 00,026,624 | ---- | C] (Microsoft Corporation)<BR>icam3.sys -> %SystemRoot%\System32\dllcache\icam3.sys -> [2009/01/22 14:14:00 | 00,141,056 | ---- | C] (Microsoft Corporation)<BR>ibmvcap.sys -> %SystemRoot%\System32\dllcache\ibmvcap.sys -> [2009/01/22 14:13:59 | 00,038,528 | ---- | C] (Microsoft Corporation)<BR>i2omp.sys -> %SystemRoot%\System32\dllcache\i2omp.sys -> [2009/01/22 14:13:50 | 00,018,560 | ---- | C] (Microsoft Corporation)<BR>i2omgmt.sys -> %SystemRoot%\System32\dllcache\i2omgmt.sys -> [2009/01/22 14:13:49 | 00,008,576 | ---- | C] (Microsoft Corporation)<BR>hr1w.dll -> %SystemRoot%\System32\dllcache\hr1w.dll -> [2009/01/22 14:13:17 | 00,019,456 | ---- | C] (Microsoft Corporation)<BR>hpsjmcro.dll -> %SystemRoot%\System32\dllcache\hpsjmcro.dll -> [2009/01/22 14:13:16 | 00,013,312 | ---- | C] (Microsoft Corporation)<BR>hpt4qic.sys -> %SystemRoot%\System32\dllcache\hpt4qic.sys -> [2009/01/22 14:13:16 | 00,005,760 | ---- | C] (Microsoft Corporation)<BR>hpojwia.dll -> %SystemRoot%\System32\dllcache\hpojwia.dll -> [2009/01/22 14:13:15 | 00,324,608 | ---- | C] (Microsoft Corporation)<BR>hpn.sys -> %SystemRoot%\System32\dllcache\hpn.sys -> [2009/01/22 14:13:15 | 00,025,952 | ---- | C] (Microsoft Corporation)<BR>hpgt53tk.dll -> %SystemRoot%\System32\dllcache\hpgt53tk.dll -> [2009/01/22 14:13:14 | 00,068,608 | ---- | C] (Avisioin)<BR>hpgtmcro.dll -> %SystemRoot%\System32\dllcache\hpgtmcro.dll -> [2009/01/22 14:13:14 | 00,032,768 | ---- | C] (Microsoft Corporation)<BR>hpgt53.dll -> %SystemRoot%\System32\dllcache\hpgt53.dll -> [2009/01/22 14:13:13 | 00,165,888 | ---- | C] ()<BR>hpgt42.dll -> %SystemRoot%\System32\dllcache\hpgt42.dll -> [2009/01/22 14:13:12 | 00,093,696 | ---- | C] ()<BR>hpgt42tk.dll -> %SystemRoot%\System32\dllcache\hpgt42tk.dll -> [2009/01/22 14:13:12 | 00,031,232 | ---- | C] (Microsoft Corporation)<BR>hpgt34tk.dll -> %SystemRoot%\System32\dllcache\hpgt34tk.dll -> [2009/01/22 14:13:11 | 00,126,976 | ---- | C] (Hewlett Packard)<BR>hpgt34.dll -> %SystemRoot%\System32\dllcache\hpgt34.dll -> [2009/01/22 14:13:11 | 00,101,376 | ---- | C] ()<BR>hpgt33.dll -> %SystemRoot%\System32\dllcache\hpgt33.dll -> [2009/01/22 14:13:10 | 00,089,088 | ---- | C] ()<BR>hpgt33tk.dll -> %SystemRoot%\System32\dllcache\hpgt33tk.dll -> [2009/01/22 14:13:10 | 00,048,128 | ---- | C] (Microsoft Corporation)<BR>hpgt21tk.dll -> %SystemRoot%\System32\dllcache\hpgt21tk.dll -> [2009/01/22 14:13:09 | 00,123,392 | ---- | C] (Microsoft Corporation)<BR>hpdigwia.dll -> %SystemRoot%\System32\dllcache\hpdigwia.dll -> [2009/01/22 14:13:08 | 00,119,296 | ---- | C] (Microsoft Corporation)<BR>hpgt21.dll -> %SystemRoot%\System32\dllcache\hpgt21.dll -> [2009/01/22 14:13:08 | 00,083,968 | ---- | C] ()<BR>hidswvd.sys -> %SystemRoot%\System32\dllcache\hidswvd.sys -> [2009/01/22 14:13:04 | 00,002,688 | ---- | C] (Microsoft Corporation)<BR>hidgame.sys -> %SystemRoot%\System32\dllcache\hidgame.sys -> [2009/01/22 14:13:03 | 00,008,576 | ---- | C] (Microsoft Corporation)<BR>grserial.sys -> %SystemRoot%\System32\dllcache\grserial.sys -> [2009/01/22 14:12:55 | 00,028,288 | ---- | C] (Gemplus)<BR>grclass.sys -> %SystemRoot%\System32\dllcache\grclass.sys -> [2009/01/22 14:12:54 | 00,082,304 | ---- | C] (Gemplus)<BR>gpr400.sys -> %SystemRoot%\System32\dllcache\gpr400.sys -> [2009/01/22 14:12:53 | 00,017,408 | ---- | C] (Gemplus)<BR>gckernel.sys -> %SystemRoot%\System32\dllcache\gckernel.sys -> [2009/01/22 14:12:48 | 00,059,136 | ---- | C] (Microsoft Corporation)<BR>fxusbase.sys -> %SystemRoot%\System32\dllcache\fxusbase.sys -> [2009/01/22 14:12:44 | 00,454,912 | ---- | C] (AVM GmbH)<BR>fusbbase.sys -> %SystemRoot%\System32\dllcache\fusbbase.sys -> [2009/01/22 14:12:33 | 00,455,296 | ---- | C] (AVM GmbH)<BR>fuusd.dll -> %SystemRoot%\System32\dllcache\fuusd.dll -> [2009/01/22 14:12:33 | 00,092,160 | ---- | C] (Microsoft Corporation)<BR>fus2base.sys -> %SystemRoot%\System32\dllcache\fus2base.sys -> [2009/01/22 14:12:32 | 00,455,680 | ---- | C] (AVM GmbH)<BR>fpnpbase.sys -> %SystemRoot%\System32\dllcache\fpnpbase.sys -> [2009/01/22 14:12:26 | 00,442,240 | ---- | C] (AVM GmbH)<BR>fpcibase.sys -> %SystemRoot%\System32\dllcache\fpcibase.sys -> [2009/01/22 14:12:25 | 00,444,416 | ---- | C] (AVM GmbH)<BR>fpcmbase.sys -> %SystemRoot%\System32\dllcache\fpcmbase.sys -> [2009/01/22 14:12:25 | 00,441,728 | ---- | C] (AVM GmbH)<BR>forehe.sys -> %SystemRoot%\System32\dllcache\forehe.sys -> [2009/01/22 14:12:23 | 00,034,173 | ---- | C] (Marconi Communications, Inc.)<BR>fnfilter.dll -> %SystemRoot%\System32\dllcache\fnfilter.dll -> [2009/01/22 14:12:22 | 00,071,680 | ---- | C] (Microsoft Corporation)<BR>fa410nd5.sys -> %SystemRoot%\System32\dllcache\fa410nd5.sys -> [2009/01/22 14:12:12 | 00,024,618 | ---- | C] (NETGEAR)<BR>f3ab18xj.sys -> %SystemRoot%\System32\dllcache\f3ab18xj.sys -> [2009/01/22 14:12:11 | 00,011,850 | ---- | C] (FUJITSU LIMITED)<BR>f3ab18xi.sys -> %SystemRoot%\System32\dllcache\f3ab18xi.sys -> [2009/01/22 14:12:10 | 00,012,362 | ---- | C] (FUJITSU LIMITED)<BR>exabyte2.sys -> %SystemRoot%\System32\dllcache\exabyte2.sys -> [2009/01/22 14:12:07 | 00,007,040 | ---- | C] (Microsoft Corporation)<BR>esunib.dll -> %SystemRoot%\System32\dllcache\esunib.dll -> [2009/01/22 14:12:02 | 00,045,568 | ---- | C] (SEIKO EPSON CORP.)<BR>esuni.dll -> %SystemRoot%\System32\dllcache\esuni.dll -> [2009/01/22 14:12:01 | 00,045,568 | ---- | C] (SEIKO EPSON CORP.)<BR>esuimg.dll -> %SystemRoot%\System32\dllcache\esuimg.dll -> [2009/01/22 14:12:00 | 00,034,816 | ---- | C] (SEIKO EPSON CORP.)<BR>esucm.dll -> %SystemRoot%\System32\dllcache\esucm.dll -> [2009/01/22 14:11:59 | 00,043,008 | ---- | C] (SEIKO EPSON CORP.)<BR>es1969.sys -> %SystemRoot%\System32\dllcache\es1969.sys -> [2009/01/22 14:11:53 | 00,072,192 | ---- | C] (ESS Technology Inc.)<BR>epstw2k.sys -> %SystemRoot%\System32\dllcache\epstw2k.sys -> [2009/01/22 14:11:48 | 00,114,944 | ---- | C] (Microsoft Corporation)<BR>epcfw2k.sys -> %SystemRoot%\System32\dllcache\epcfw2k.sys -> [2009/01/22 14:11:47 | 00,144,896 | ---- | C] (Microsoft Corporation)<BR>elmsmc.sys -> %SystemRoot%\System32\dllcache\elmsmc.sys -> [2009/01/22 14:11:43 | 00,007,296 | ---- | C] (Microsoft Corporation)<BR>dshowext.ax -> %SystemRoot%\System32\dllcache\dshowext.ax -> [2009/01/22 14:11:20 | 00,020,992 | ---- | C] (Microsoft Corporation)<BR>ds1wdm.sys -> %SystemRoot%\System32\dllcache\ds1wdm.sys -> [2009/01/22 14:11:19 | 00,334,208 | ---- | C] (Yamaha Corp.)<BR>dpti2o.sys -> %SystemRoot%\System32\dllcache\dpti2o.sys -> [2009/01/22 14:11:15 | 00,020,192 | ---- | C] (Microsoft Corporation)<BR>dp83820.sys -> %SystemRoot%\System32\dllcache\dp83820.sys -> [2009/01/22 14:11:11 | 00,028,062 | ---- | C] (National Semiconductor Coproration)<BR>dot4usb.sys -> %SystemRoot%\System32\dllcache\dot4usb.sys -> [2009/01/22 14:11:11 | 00,023,808 | ---- | C] (Microsoft Corporation)<BR>dot4scan.sys -> %SystemRoot%\System32\dllcache\dot4scan.sys -> [2009/01/22 14:11:10 | 00,008,704 | ---- | C] (Microsoft Corporation)<BR>dot4.sys -> %SystemRoot%\System32\dllcache\dot4.sys -> [2009/01/22 14:11:09 | 00,206,976 | ---- | C] (Microsoft Corporation)<BR>dot4prt.sys -> %SystemRoot%\System32\dllcache\dot4prt.sys -> [2009/01/22 14:11:09 | 00,012,928 | ---- | C] (Microsoft Corporation)<BR>dm9pci5.sys -> %SystemRoot%\System32\dllcache\dm9pci5.sys -> [2009/01/22 14:10:59 | 00,029,696 | ---- | C] (CNet Technology, Inc.													)<BR>dlh5xnd5.sys -> %SystemRoot%\System32\dllcache\dlh5xnd5.sys -> [2009/01/22 14:10:58 | 00,026,698 | ---- | C] (D-Link Corporation)<BR>dlttape.sys -> %SystemRoot%\System32\dllcache\dlttape.sys -> [2009/01/22 14:10:58 | 00,008,320 | ---- | C] (Microsoft Corporation)<BR>diwan.sys -> %SystemRoot%\System32\dllcache\diwan.sys -> [2009/01/22 14:10:57 | 00,952,007 | ---- | C] (Eicon Technology)<BR>divaprop.dll -> %SystemRoot%\System32\dllcache\divaprop.dll -> [2009/01/22 14:10:56 | 00,037,962 | ---- | C] ()<BR>divasu.dll -> %SystemRoot%\System32\dllcache\divasu.dll -> [2009/01/22 14:10:56 | 00,029,768 | ---- | C] ()<BR>ditrace.exe -> %SystemRoot%\System32\dllcache\ditrace.exe -> [2009/01/22 14:10:55 | 00,236,060 | ---- | C] (Eicon Technology)<BR>divaci.dll -> %SystemRoot%\System32\dllcache\divaci.dll -> [2009/01/22 14:10:55 | 00,006,216 | ---- | C] ()<BR>disrvsu.dll -> %SystemRoot%\System32\dllcache\disrvsu.dll -> [2009/01/22 14:10:54 | 00,038,985 | ---- | C] (Eicon Technology)<BR>disrvpp.dll -> %SystemRoot%\System32\dllcache\disrvpp.dll -> [2009/01/22 14:10:53 | 00,031,305 | ---- | C] (Eicon Technology)<BR>disrvci.dll -> %SystemRoot%\System32\dllcache\disrvci.dll -> [2009/01/22 14:10:53 | 00,006,729 | ---- | C] (Eicon Technology)<BR>dimaint.sys -> %SystemRoot%\System32\dllcache\dimaint.sys -> [2009/01/22 14:10:50 | 00,091,305 | ---- | C] (Eicon Technology)<BR>dfe650d.sys -> %SystemRoot%\System32\dllcache\dfe650d.sys -> [2009/01/22 14:10:35 | 00,024,649 | ---- | C] (D-Link)<BR>dfe650.sys -> %SystemRoot%\System32\dllcache\dfe650.sys -> [2009/01/22 14:10:34 | 00,024,648 | ---- | C] (D-Link)<BR>defpa.sys -> %SystemRoot%\System32\dllcache\defpa.sys -> [2009/01/22 14:10:31 | 00,020,928 | ---- | C] (Digital Networks, LLC)<BR>ddsmc.sys -> %SystemRoot%\System32\dllcache\ddsmc.sys -> [2009/01/22 14:10:30 | 00,007,424 | ---- | C] (Microsoft Corporation)<BR>dc260usd.dll -> %SystemRoot%\System32\dllcache\dc260usd.dll -> [2009/01/22 14:10:28 | 00,110,592 | ---- | C] (Microsoft Corporation)<BR>dc240usd.dll -> %SystemRoot%\System32\dllcache\dc240usd.dll -> [2009/01/22 14:10:28 | 00,086,016 | ---- | C] (Microsoft Corporation)<BR>dc210usd.dll -> %SystemRoot%\System32\dllcache\dc210usd.dll -> [2009/01/22 14:10:27 | 00,080,896 | ---- | C] (Microsoft Corporation)<BR>dc210_32.dll -> %SystemRoot%\System32\dllcache\dc210_32.dll -> [2009/01/22 14:10:26 | 00,025,600 | ---- | C] (Microsoft Corporation)<BR>dac960nt.sys -> %SystemRoot%\System32\dllcache\dac960nt.sys -> [2009/01/22 14:10:22 | 00,014,720 | ---- | C] (Microsoft Corporation)<BR>cyzport.sys -> %SystemRoot%\System32\dllcache\cyzport.sys -> [2009/01/22 14:10:17 | 00,049,792 | ---- | C] (Microsoft Corporation)<BR>cyzports.dll -> %SystemRoot%\System32\dllcache\cyzports.dll -> [2009/01/22 14:10:17 | 00,027,648 | ---- | C] (Microsoft Corporation)<BR>cyyports.dll -> %SystemRoot%\System32\dllcache\cyyports.dll -> [2009/01/22 14:10:16 | 00,027,648 | ---- | C] (Microsoft Corporation)<BR>cyzcoins.dll -> %SystemRoot%\System32\dllcache\cyzcoins.dll -> [2009/01/22 14:10:16 | 00,027,136 | ---- | C] (Microsoft Corporation)<BR>cyyport.sys -> %SystemRoot%\System32\dllcache\cyyport.sys -> [2009/01/22 14:10:15 | 00,050,176 | ---- | C] (Microsoft Corporation)<BR>cyycoins.dll -> %SystemRoot%\System32\dllcache\cyycoins.dll -> [2009/01/22 14:10:14 | 00,028,672 | ---- | C] (Microsoft Corporation)<BR>cyclom-y.sys -> %SystemRoot%\System32\dllcache\cyclom-y.sys -> [2009/01/22 14:10:14 | 00,014,848 | ---- | C] (Microsoft Corporation)<BR>cyclad-z.sys -> %SystemRoot%\System32\dllcache\cyclad-z.sys -> [2009/01/22 14:10:13 | 00,017,152 | ---- | C] (Microsoft Corporation)<BR>cwcwdm.sys -> %SystemRoot%\System32\dllcache\cwcwdm.sys -> [2009/01/22 14:10:12 | 00,093,952 | ---- | C] (Crystal Semiconductor Corp.)<BR>cwrwdm.sys -> %SystemRoot%\System32\dllcache\cwrwdm.sys -> [2009/01/22 14:10:12 | 00,048,640 | ---- | C] (Crystal Semiconductor Corp.)<BR>cwcspud.sys -> %SystemRoot%\System32\dllcache\cwcspud.sys -> [2009/01/22 14:10:11 | 00,111,872 | ---- | C] (Crystal Semiconductor Corp.)<BR>cwbwdm.sys -> %SystemRoot%\System32\dllcache\cwbwdm.sys -> [2009/01/22 14:10:10 | 00,072,832 | ---- | C] (Crystal Semiconductor Corp.)<BR>cwcosnt5.sys -> %SystemRoot%\System32\dllcache\cwcosnt5.sys -> [2009/01/22 14:10:10 | 00,003,584 | ---- | C] (Crystal Semiconductor Corp.)<BR>cwbmidi.sys -> %SystemRoot%\System32\dllcache\cwbmidi.sys -> [2009/01/22 14:10:09 | 00,003,072 | ---- | C] (Crystal Semiconductor Corp.)<BR>cwbase.sys -> %SystemRoot%\System32\dllcache\cwbase.sys -> [2009/01/22 14:10:08 | 00,003,072 | ---- | C] (Crystal Semiconductor Corp.)<BR>ctmasetp.dll -> %SystemRoot%\System32\dllcache\ctmasetp.dll -> [2009/01/22 14:10:06 | 00,249,856 | ---- | C] (Comtrol® Corporation)<BR>csamsp.dll -> %SystemRoot%\System32\dllcache\csamsp.dll -> [2009/01/22 14:10:02 | 00,175,104 | ---- | C] (Microsoft Corporation)<BR>cpscan.dll -> %SystemRoot%\System32\dllcache\cpscan.dll -> [2009/01/22 14:10:00 | 00,216,064 | ---- | C] (COMPAQ Inc.)<BR>cpqtrnd5.sys -> %SystemRoot%\System32\dllcache\cpqtrnd5.sys -> [2009/01/22 14:09:59 | 00,060,970 | ---- | C] (Compaq Computer Corp.)<BR>cpqndis5.sys -> %SystemRoot%\System32\dllcache\cpqndis5.sys -> [2009/01/22 14:09:58 | 00,021,533 | ---- | C] (Compaq Computer Corporation)<BR>cpqarray.sys -> %SystemRoot%\System32\dllcache\cpqarray.sys -> [2009/01/22 14:09:57 | 00,014,976 | ---- | C] (Microsoft Corporation)<BR>cnusd.dll -> %SystemRoot%\System32\dllcache\cnusd.dll -> [2009/01/22 14:09:45 | 00,044,032 | ---- | C] (Microsoft Corporation)<BR>cmbp0wdm.sys -> %SystemRoot%\System32\dllcache\cmbp0wdm.sys -> [2009/01/22 14:09:40 | 00,020,736 | ---- | C] (OMNIKEY AG)<BR>cmbatt.sys -> %SystemRoot%\System32\dllcache\cmbatt.sys -> [2009/01/22 14:09:39 | 00,013,952 | ---- | C] (Microsoft Corporation)<BR>cl546xm.sys -> %SystemRoot%\System32\dllcache\cl546xm.sys -> [2009/01/22 14:09:37 | 00,248,064 | ---- | C] (Microsoft Corporation)<BR>cl546x.dll -> %SystemRoot%\System32\dllcache\cl546x.dll -> [2009/01/22 14:09:36 | 00,170,880 | ---- | C] (Microsoft Corporation)<BR>cl5465.dll -> %SystemRoot%\System32\dllcache\cl5465.dll -> [2009/01/22 14:09:36 | 00,111,232 | ---- | C] (Microsoft Corporation)<BR>cirrus.sys -> %SystemRoot%\System32\dllcache\cirrus.sys -> [2009/01/22 14:09:35 | 00,045,696 | ---- | C] (Microsoft Corporation)<BR>cirrus.dll -> %SystemRoot%\System32\dllcache\cirrus.dll -> [2009/01/22 14:09:34 | 00,091,264 | ---- | C] (Microsoft Corporation)<BR>cinemclc.sys -> %SystemRoot%\System32\dllcache\cinemclc.sys -> [2009/01/22 14:09:31 | 00,272,640 | ---- | C] (RAVISENT Technologies Inc.)<BR>cicap.sys -> %SystemRoot%\System32\dllcache\cicap.sys -> [2009/01/22 14:09:30 | 00,980,034 | ---- | C] (Xircom)<BR>changer.sys -> %SystemRoot%\System32\dllcache\changer.sys -> [2009/01/22 14:09:22 | 00,008,192 | ---- | C] (Microsoft Corporation)<BR>cem56n5.sys -> %SystemRoot%\System32\dllcache\cem56n5.sys -> [2009/01/22 14:09:18 | 00,049,182 | ---- | C] (Xircom, Inc.)<BR>cem33n5.sys -> %SystemRoot%\System32\dllcache\cem33n5.sys -> [2009/01/22 14:09:17 | 00,022,044 | ---- | C] (Xircom, Inc.)<BR>cem28n5.sys -> %SystemRoot%\System32\dllcache\cem28n5.sys -> [2009/01/22 14:09:17 | 00,022,044 | ---- | C] (Xircom, Inc.)<BR>ce3n5.sys -> %SystemRoot%\System32\dllcache\ce3n5.sys -> [2009/01/22 14:09:16 | 00,027,164 | ---- | C] (Xircom, Inc.)<BR>ce2n5.sys -> %SystemRoot%\System32\dllcache\ce2n5.sys -> [2009/01/22 14:09:15 | 00,021,530 | ---- | C] (Xircom, Inc.)<BR>cd20xrnt.sys -> %SystemRoot%\System32\dllcache\cd20xrnt.sys -> [2009/01/22 14:09:13 | 00,007,680 | ---- | C] (Microsoft Corporation)<BR>cbmdmkxx.sys -> %SystemRoot%\System32\dllcache\cbmdmkxx.sys -> [2009/01/22 14:09:12 | 00,714,698 | ---- | C] (Xircom, Inc.)<BR>cben5.sys -> %SystemRoot%\System32\dllcache\cben5.sys -> [2009/01/22 14:09:11 | 00,046,108 | ---- | C] (Xircom, Inc.)<BR>cb325.sys -> %SystemRoot%\System32\dllcache\cb325.sys -> [2009/01/22 14:09:10 | 00,039,680 | ---- | C] (Silicom Ltd.)<BR>cb102.sys -> %SystemRoot%\System32\dllcache\cb102.sys -> [2009/01/22 14:09:09 | 00,037,916 | ---- | C] (Fast Ethernet Controller Provider)<BR>diapi2.sys -> %SystemRoot%\System32\dllcache\diapi2.sys -> [2009/01/22 14:09:07 | 00,164,923 | ---- | C] (Eicon Technology)<BR>diapi2NT.dll -> %SystemRoot%\System32\dllcache\diapi2NT.dll -> [2009/01/22 14:09:07 | 00,032,256 | ---- | C] (Eicon Technology Corporation)<BR>camext30.dll -> %SystemRoot%\System32\dllcache\camext30.dll -> [2009/01/22 14:09:05 | 00,121,856 | ---- | C] (Microsoft Corporation)<BR>camext30.ax -> %SystemRoot%\System32\dllcache\camext30.ax -> [2009/01/22 14:09:04 | 00,116,736 | ---- | C] (Microsoft Corporation)<BR>camext20.ax -> %SystemRoot%\System32\dllcache\camext20.ax -> [2009/01/22 14:09:03 | 00,244,224 | ---- | C] (Microsoft Corporation)<BR>camext20.dll -> %SystemRoot%\System32\dllcache\camext20.dll -> [2009/01/22 14:09:03 | 00,236,032 | ---- | C] (Microsoft Corporation)<BR>camexo20.dll -> %SystemRoot%\System32\dllcache\camexo20.dll -> [2009/01/22 14:09:02 | 00,074,240 | ---- | C] (Microsoft Corporation)<BR>camdrv30.sys -> %SystemRoot%\System32\dllcache\camdrv30.sys -> [2009/01/22 14:09:01 | 00,171,264 | ---- | C] (Microsoft Corporation)<BR>camexo20.ax -> %SystemRoot%\System32\dllcache\camexo20.ax -> [2009/01/22 14:09:01 | 00,073,216 | ---- | C] (Microsoft Corporation)<BR>camdrv21.sys -> %SystemRoot%\System32\dllcache\camdrv21.sys -> [2009/01/22 14:09:00 | 00,223,232 | ---- | C] (Microsoft Corporation)<BR>camdro21.sys -> %SystemRoot%\System32\dllcache\camdro21.sys -> [2009/01/22 14:08:59 | 00,314,752 | ---- | C] (Microsoft Corporation)<BR>c_870.nls -> %SystemRoot%\System32\dllcache\c_870.nls -> [2009/01/22 14:08:55 | 00,066,082 | ---- | C] ()<BR>c_864.nls -> %SystemRoot%\System32\dllcache\c_864.nls -> [2009/01/22 14:08:54 | 00,066,594 | ---- | C] ()<BR>c_862.nls -> %SystemRoot%\System32\dllcache\c_862.nls -> [2009/01/22 14:08:53 | 00,066,594 | ---- | C] ()<BR>c_858.nls -> %SystemRoot%\System32\dllcache\c_858.nls -> [2009/01/22 14:08:53 | 00,066,594 | ---- | C] ()<BR>c_720.nls -> %SystemRoot%\System32\dllcache\c_720.nls -> [2009/01/22 14:08:51 | 00,066,594 | ---- | C] ()<BR>c_708.nls -> %SystemRoot%\System32\dllcache\c_708.nls -> [2009/01/22 14:08:51 | 00,066,082 | ---- | C] ()<BR>c_28596.nls -> %SystemRoot%\System32\dllcache\c_28596.nls -> [2009/01/22 14:08:50 | 00,066,082 | ---- | C] ()<BR>c_21027.nls -> %SystemRoot%\System32\dllcache\c_21027.nls -> [2009/01/22 14:08:48 | 00,066,082 | ---- | C] ()<BR>c_21025.nls -> %SystemRoot%\System32\dllcache\c_21025.nls -> [2009/01/22 14:08:48 | 00,066,082 | ---- | C] ()<BR>c_20949.nls -> %SystemRoot%\System32\dllcache\c_20949.nls -> [2009/01/22 14:08:47 | 00,177,698 | ---- | C] ()<BR>c_20936.nls -> %SystemRoot%\System32\dllcache\c_20936.nls -> [2009/01/22 14:08:47 | 00,173,602 | ---- | C] ()<BR>c_20932.nls -> %SystemRoot%\System32\dllcache\c_20932.nls -> [2009/01/22 14:08:46 | 00,180,770 | ---- | C] ()<BR>c_20924.nls -> %SystemRoot%\System32\dllcache\c_20924.nls -> [2009/01/22 14:08:46 | 00,066,082 | ---- | C] ()<BR>c_20880.nls -> %SystemRoot%\System32\dllcache\c_20880.nls -> [2009/01/22 14:08:45 | 00,066,082 | ---- | C] ()<BR>c_20871.nls -> %SystemRoot%\System32\dllcache\c_20871.nls -> [2009/01/22 14:08:44 | 00,066,082 | ---- | C] ()<BR>c_20838.nls -> %SystemRoot%\System32\dllcache\c_20838.nls -> [2009/01/22 14:08:44 | 00,066,082 | ---- | C] ()<BR>c_20833.nls -> %SystemRoot%\System32\dllcache\c_20833.nls -> [2009/01/22 14:08:43 | 00,066,082 | ---- | C] ()<BR>c_20424.nls -> %SystemRoot%\System32\dllcache\c_20424.nls -> [2009/01/22 14:08:43 | 00,066,082 | ---- | C] ()<BR>c_20423.nls -> %SystemRoot%\System32\dllcache\c_20423.nls -> [2009/01/22 14:08:42 | 00,066,082 | ---- | C] ()<BR>c_20420.nls -> %SystemRoot%\System32\dllcache\c_20420.nls -> [2009/01/22 14:08:41 | 00,066,082 | ---- | C] ()<BR>c_20297.nls -> %SystemRoot%\System32\dllcache\c_20297.nls -> [2009/01/22 14:08:41 | 00,066,082 | ---- | C] ()<BR>c_20290.nls -> %SystemRoot%\System32\dllcache\c_20290.nls -> [2009/01/22 14:08:40 | 00,066,082 | ---- | C] ()<BR>c_20285.nls -> %SystemRoot%\System32\dllcache\c_20285.nls -> [2009/01/22 14:08:40 | 00,066,082 | ---- | C] ()<BR>c_20284.nls -> %SystemRoot%\System32\dllcache\c_20284.nls -> [2009/01/22 14:08:39 | 00,066,082 | ---- | C] ()<BR>c_20280.nls -> %SystemRoot%\System32\dllcache\c_20280.nls -> [2009/01/22 14:08:39 | 00,066,082 | ---- | C] ()<BR>c_20278.nls -> %SystemRoot%\System32\dllcache\c_20278.nls -> [2009/01/22 14:08:38 | 00,066,082 | ---- | C] ()<BR>c_20277.nls -> %SystemRoot%\System32\dllcache\c_20277.nls -> [2009/01/22 14:08:38 | 00,066,082 | ---- | C] ()<BR>c_20273.nls -> %SystemRoot%\System32\dllcache\c_20273.nls -> [2009/01/22 14:08:37 | 00,066,082 | ---- | C] ()<BR>c_20269.nls -> %SystemRoot%\System32\dllcache\c_20269.nls -> [2009/01/22 14:08:36 | 00,066,082 | ---- | C] ()<BR>c_20108.nls -> %SystemRoot%\System32\dllcache\c_20108.nls -> [2009/01/22 14:08:36 | 00,066,082 | ---- | C] ()<BR>c_20107.nls -> %SystemRoot%\System32\dllcache\c_20107.nls -> [2009/01/22 14:08:35 | 00,066,082 | ---- | C] ()<BR>c_20106.nls -> %SystemRoot%\System32\dllcache\c_20106.nls -> [2009/01/22 14:08:34 | 00,066,082 | ---- | C] ()<BR>c_20105.nls -> %SystemRoot%\System32\dllcache\c_20105.nls -> [2009/01/22 14:08:34 | 00,066,082 | ---- | C] ()<BR>c_20005.nls -> %SystemRoot%\System32\dllcache\c_20005.nls -> [2009/01/22 14:08:33 | 00,187,938 | ---- | C] ()<BR>c_20004.nls -> %SystemRoot%\System32\dllcache\c_20004.nls -> [2009/01/22 14:08:33 | 00,180,258 | ---- | C] ()<BR>c_20003.nls -> %SystemRoot%\System32\dllcache\c_20003.nls -> [2009/01/22 14:08:32 | 00,185,378 | ---- | C] ()<BR>c_20002.nls -> %SystemRoot%\System32\dllcache\c_20002.nls -> [2009/01/22 14:08:32 | 00,173,602 | ---- | C] ()<BR>c_20001.nls -> %SystemRoot%\System32\dllcache\c_20001.nls -> [2009/01/22 14:08:31 | 00,186,402 | ---- | C] ()<BR>c_1361.nls -> %SystemRoot%\System32\dllcache\c_1361.nls -> [2009/01/22 14:08:30 | 00,189,986 | ---- | C] ()<BR>c_20000.nls -> %SystemRoot%\System32\dllcache\c_20000.nls -> [2009/01/22 14:08:30 | 00,180,258 | ---- | C] ()<BR>c_1149.nls -> %SystemRoot%\System32\dllcache\c_1149.nls -> [2009/01/22 14:08:28 | 00,066,082 | ---- | C] ()<BR>c_1148.nls -> %SystemRoot%\System32\dllcache\c_1148.nls -> [2009/01/22 14:08:28 | 00,066,082 | ---- | C] ()<BR>c_1147.nls -> %SystemRoot%\System32\dllcache\c_1147.nls -> [2009/01/22 14:08:27 | 00,066,082 | ---- | C] ()<BR>c_1146.nls -> %SystemRoot%\System32\dllcache\c_1146.nls -> [2009/01/22 14:08:27 | 00,066,082 | ---- | C] ()<BR>c_1145.nls -> %SystemRoot%\System32\dllcache\c_1145.nls -> [2009/01/22 14:08:26 | 00,066,082 | ---- | C] ()<BR>c_1144.nls -> %SystemRoot%\System32\dllcache\c_1144.nls -> [2009/01/22 14:08:25 | 00,066,082 | ---- | C] ()<BR>c_1143.nls -> %SystemRoot%\System32\dllcache\c_1143.nls -> [2009/01/22 14:08:25 | 00,066,082 | ---- | C] ()<BR>c_1142.nls -> %SystemRoot%\System32\dllcache\c_1142.nls -> [2009/01/22 14:08:24 | 00,066,082 | ---- | C] ()<BR>c_1141.nls -> %SystemRoot%\System32\dllcache\c_1141.nls -> [2009/01/22 14:08:24 | 00,066,082 | ---- | C] ()<BR>c_1140.nls -> %SystemRoot%\System32\dllcache\c_1140.nls -> [2009/01/22 14:08:23 | 00,066,082 | ---- | C] ()<BR>c_1047.nls -> %SystemRoot%\System32\dllcache\c_1047.nls -> [2009/01/22 14:08:22 | 00,066,082 | ---- | C] ()<BR>c_10008.nls -> %SystemRoot%\System32\dllcache\c_10008.nls -> [2009/01/22 14:08:21 | 00,173,602 | ---- | C] ()<BR>c_10021.nls -> %SystemRoot%\System32\dllcache\c_10021.nls -> [2009/01/22 14:08:21 | 00,066,082 | ---- | C] ()<BR>c_10005.nls -> %SystemRoot%\System32\dllcache\c_10005.nls -> [2009/01/22 14:08:20 | 00,066,082 | ---- | C] ()<BR>c_10003.nls -> %SystemRoot%\System32\dllcache\c_10003.nls -> [2009/01/22 14:08:19 | 00,177,698 | ---- | C] ()<BR>c_10004.nls -> %SystemRoot%\System32\dllcache\c_10004.nls -> [2009/01/22 14:08:19 | 00,066,082 | ---- | C] ()<BR>c_10002.nls -> %SystemRoot%\System32\dllcache\c_10002.nls -> [2009/01/22 14:08:18 | 00,195,618 | ---- | C] ()<BR>c_10001.nls -> %SystemRoot%\System32\dllcache\c_10001.nls -> [2009/01/22 14:08:18 | 00,162,850 | ---- | C] ()<BR>bulltlp3.sys -> %SystemRoot%\System32\dllcache\bulltlp3.sys -> [2009/01/22 14:08:16 | 00,013,824 | ---- | C] (Microsoft Corporation)<BR>brzwlan.sys -> %SystemRoot%\System32\dllcache\brzwlan.sys -> [2009/01/22 14:08:13 | 00,031,529 | ---- | C] (BreezeCOM)<BR>brusbscn.sys -> %SystemRoot%\System32\dllcache\brusbscn.sys -> [2009/01/22 14:08:12 | 00,010,368 | ---- | C] (Brother Industries Ltd.)<BR>brserwdm.sys -> %SystemRoot%\System32\dllcache\brserwdm.sys -> [2009/01/22 14:08:11 | 00,060,416 | ---- | C] (Brother Industries Ltd.)<BR>brusbmdm.sys -> %SystemRoot%\System32\dllcache\brusbmdm.sys -> [2009/01/22 14:08:11 | 00,011,008 | ---- | C] (Brother Industries Ltd.)<BR>brserif.dll -> %SystemRoot%\System32\dllcache\brserif.dll -> [2009/01/22 14:08:10 | 00,009,728 | ---- | C] (Brother Industries, Ltd.)<BR>brscnrsm.dll -> %SystemRoot%\System32\dllcache\brscnrsm.dll -> [2009/01/22 14:08:09 | 00,005,120 | ---- | C] (Brother Industries,Ltd.)<BR>brparwdm.sys -> %SystemRoot%\System32\dllcache\brparwdm.sys -> [2009/01/22 14:08:08 | 00,039,552 | ---- | C] (Brother Industries Ltd.)<BR>brparimg.sys -> %SystemRoot%\System32\dllcache\brparimg.sys -> [2009/01/22 14:08:07 | 00,003,168 | ---- | C] (Brother Industries Ltd.)<BR>brmfusb.dll -> %SystemRoot%\System32\dllcache\brmfusb.dll -> [2009/01/22 14:08:05 | 00,041,472 | ---- | C] (Brother Industries, Ltd.)<BR>brmfrsmg.exe -> %SystemRoot%\System32\dllcache\brmfrsmg.exe -> [2009/01/22 14:08:04 | 00,032,256 | ---- | C] (Brother Industries, Ltd.)<BR>brmflpt.dll -> %SystemRoot%\System32\dllcache\brmflpt.dll -> [2009/01/22 14:08:03 | 00,029,696 | ---- | C] (Brother Industries, Ltd.)<BR>brmfcwia.dll -> %SystemRoot%\System32\dllcache\brmfcwia.dll -> [2009/01/22 14:08:02 | 00,081,408 | ---- | C] (Microsoft Corporation)<BR>brmfbidi.dll -> %SystemRoot%\System32\dllcache\brmfbidi.dll -> [2009/01/22 14:08:01 | 00,015,360 | ---- | C] (Brother Industries, Ltd.)<BR>brfiltlo.sys -> %SystemRoot%\System32\dllcache\brfiltlo.sys -> [2009/01/22 14:08:00 | 00,012,160 | ---- | C] (Brother Industries, Ltd.)<BR>brfiltup.sys -> %SystemRoot%\System32\dllcache\brfiltup.sys -> [2009/01/22 14:08:00 | 00,003,968 | ---- | C] (Brother Industries, Ltd.)<BR>brfilt.sys -> %SystemRoot%\System32\dllcache\brfilt.sys -> [2009/01/22 14:07:59 | 00,002,944 | ---- | C] (Brother Industries Ltd.)<BR>brevif.dll -> %SystemRoot%\System32\dllcache\brevif.dll -> [2009/01/22 14:07:58 | 00,012,800 | ---- | C] (Brother Industries, Ltd.)<BR>brcoinst.dll -> %SystemRoot%\System32\dllcache\brcoinst.dll -> [2009/01/22 14:07:57 | 00,009,728 | ---- | C] (Brother Industries Ltd.)<BR>bopomofo.nls -> %SystemRoot%\System32\dllcache\bopomofo.nls -> [2009/01/22 14:07:56 | 00,082,172 | ---- | C] ()<BR>brbidiif.dll -> %SystemRoot%\System32\dllcache\brbidiif.dll -> [2009/01/22 14:07:56 | 00,019,456 | ---- | C] (Brother Industries, Ltd.)<BR>binlsvc.dll -> %SystemRoot%\System32\dllcache\binlsvc.dll -> [2009/01/22 14:07:53 | 00,102,400 | ---- | C] (Microsoft Corporation)<BR>big5.nls -> %SystemRoot%\System32\dllcache\big5.nls -> [2009/01/22 14:07:53 | 00,066,728 | ---- | C] ()<BR>bcmdm.sys -> %SystemRoot%\System32\dllcache\bcmdm.sys -> [2009/01/22 14:07:51 | 00,871,388 | ---- | C] (BCM)<BR>banshee.sys -> %SystemRoot%\System32\dllcache\banshee.sys -> [2009/01/22 14:07:47 | 00,036,128 | ---- | C] (3Dfx Interactive, Inc.)<BR>banshee.dll -> %SystemRoot%\System32\dllcache\banshee.dll -> [2009/01/22 14:07:46 | 00,342,336 | ---- | C] (3Dfx Interactive, Inc.)<BR>b1cbase.sys -> %SystemRoot%\System32\dllcache\b1cbase.sys -> [2009/01/22 14:07:45 | 00,089,952 | ---- | C] (AVM GmbH)<BR>aztw2320.sys -> %SystemRoot%\System32\dllcache\aztw2320.sys -> [2009/01/22 14:07:44 | 00,036,992 | ---- | C] (Aztech Systems Ltd)<BR>avmwan.sys -> %SystemRoot%\System32\dllcache\avmwan.sys -> [2009/01/22 14:07:43 | 00,037,568 | ---- | C] (AVM GmbH)<BR>avmenum.dll -> %SystemRoot%\System32\dllcache\avmenum.dll -> [2009/01/22 14:07:42 | 00,144,384 | ---- | C] (AVM GmbH)<BR>avmcoxp.dll -> %SystemRoot%\System32\dllcache\avmcoxp.dll -> [2009/01/22 14:07:41 | 00,087,552 | ---- | C] (AVM GmbH)<BR>avcaudio.sys -> %SystemRoot%\System32\dllcache\avcaudio.sys -> [2009/01/22 14:07:39 | 00,036,096 | ---- | C] (Microsoft Corporation)<BR>avcstrm.sys -> %SystemRoot%\System32\dllcache\avcstrm.sys -> [2009/01/22 14:07:39 | 00,013,696 | ---- | C] (Microsoft Corporation)<BR>atixbar.sys -> %SystemRoot%\System32\dllcache\atixbar.sys -> [2009/01/22 14:07:32 | 00,023,552 | ---- | C] ()<BR>ativxbar.sys -> %SystemRoot%\System32\dllcache\ativxbar.sys -> [2009/01/22 14:07:31 | 00,026,624 | ---- | C] ()<BR>ativttxx.sys -> %SystemRoot%\System32\dllcache\ativttxx.sys -> [2009/01/22 14:07:30 | 00,019,456 | ---- | C] ()<BR>ativmdcd.sys -> %SystemRoot%\System32\dllcache\ativmdcd.sys -> [2009/01/22 14:07:29 | 00,009,472 | ---- | C] ()<BR>atitvsnd.sys -> %SystemRoot%\System32\dllcache\atitvsnd.sys -> [2009/01/22 14:07:28 | 00,017,152 | ---- | C] ()<BR>atitunep.sys -> %SystemRoot%\System32\dllcache\atitunep.sys -> [2009/01/22 14:07:28 | 00,017,152 | ---- | C] ()<BR>atirtsnd.sys -> %SystemRoot%\System32\dllcache\atirtsnd.sys -> [2009/01/22 14:07:27 | 00,026,880 | ---- | C] ()<BR>atirtcap.sys -> %SystemRoot%\System32\dllcache\atirtcap.sys -> [2009/01/22 14:07:26 | 00,049,920 | ---- | C] ()<BR>atipcxxx.sys -> %SystemRoot%\System32\dllcache\atipcxxx.sys -> [2009/01/22 14:07:25 | 00,010,240 | ---- | C] ()<BR>atievxx.exe -> %SystemRoot%\System32\dllcache\atievxx.exe -> [2009/01/22 14:07:20 | 00,037,376 | ---- | C] (Microsoft Corporation)<BR>atibt829.sys -> %SystemRoot%\System32\dllcache\atibt829.sys -> [2009/01/22 14:07:17 | 00,046,464 | ---- | C] ()<BR>ati.sys -> %SystemRoot%\System32\dllcache\ati.sys -> [2009/01/22 14:07:13 | 00,077,568 | ---- | C] (ATI Technologies, Inc.)<BR>ati.dll -> %SystemRoot%\System32\dllcache\ati.dll -> [2009/01/22 14:07:12 | 00,096,128 | ---- | C] (Microsoft Corporation)<BR>aspndis3.sys -> %SystemRoot%\System32\dllcache\aspndis3.sys -> [2009/01/22 14:07:08 | 00,097,354 | ---- | C] (Bay Networks, Inc.)<BR>asc3350p.sys -> %SystemRoot%\System32\dllcache\asc3350p.sys -> [2009/01/22 14:07:06 | 00,022,400 | ---- | C] (Microsoft Corporation)<BR>apmbatt.sys -> %SystemRoot%\System32\dllcache\apmbatt.sys -> [2009/01/22 14:07:02 | 00,006,272 | ---- | C] (Microsoft Corporation)<BR>amsint.sys -> %SystemRoot%\System32\dllcache\amsint.sys -> [2009/01/22 14:07:00 | 00,012,032 | ---- | C] (Microsoft Corporation)<BR>amb8002.sys -> %SystemRoot%\System32\dllcache\amb8002.sys -> [2009/01/22 14:06:59 | 00,016,969 | ---- | C] (AmbiCom, Inc.)<BR>aic78xx.sys -> %SystemRoot%\System32\dllcache\aic78xx.sys -> [2009/01/22 14:06:55 | 00,056,960 | ---- | C] (Microsoft Corporation)<BR>aic78u2.sys -> %SystemRoot%\System32\dllcache\aic78u2.sys -> [2009/01/22 14:06:54 | 00,055,168 | ---- | C] (Microsoft Corporation)<BR>aha154x.sys -> %SystemRoot%\System32\dllcache\aha154x.sys -> [2009/01/22 14:06:54 | 00,012,800 | ---- | C] (Microsoft Corporation)<BR>agcgauge.ax -> %SystemRoot%\System32\dllcache\agcgauge.ax -> [2009/01/22 14:06:46 | 00,024,576 | ---- | C] (Microsoft Corporation)<BR>adpu160m.sys -> %SystemRoot%\System32\dllcache\adpu160m.sys -> [2009/01/22 14:06:40 | 00,101,888 | ---- | C] (Microsoft Corporation)<BR>adptsf50.sys -> %SystemRoot%\System32\dllcache\adptsf50.sys -> [2009/01/22 14:06:40 | 00,046,112 | ---- | C] (Adaptec, Inc )<BR>admjoy.sys -> %SystemRoot%\System32\dllcache\admjoy.sys -> [2009/01/22 14:06:38 | 00,010,880 | ---- | C] (Aureal, Inc.)<BR>adm8830.sys -> %SystemRoot%\System32\dllcache\adm8830.sys -> [2009/01/22 14:06:36 | 00,747,392 | ---- | C] (Aureal, Inc.)<BR>adm8820.sys -> %SystemRoot%\System32\dllcache\adm8820.sys -> [2009/01/22 14:06:36 | 00,553,984 | ---- | C] (Aureal, Inc.)<BR>adm8810.sys -> %SystemRoot%\System32\dllcache\adm8810.sys -> [2009/01/22 14:06:35 | 00,584,448 | ---- | C] (Aureal, Inc.)<BR>adm8511.sys -> %SystemRoot%\System32\dllcache\adm8511.sys -> [2009/01/22 14:06:34 | 00,020,160 | ---- | C] (ADMtek Incorporated)<BR>adicvls.sys -> %SystemRoot%\System32\dllcache\adicvls.sys -> [2009/01/22 14:06:34 | 00,007,424 | ---- | C] (Microsoft Corporation)<BR>acerscad.dll -> %SystemRoot%\System32\dllcache\acerscad.dll -> [2009/01/22 14:06:31 | 00,061,440 | ---- | C] (Color Flatbed Scanner)<BR>ac97sis.sys -> %SystemRoot%\System32\dllcache\ac97sis.sys -> [2009/01/22 14:06:29 | 00,297,728 | ---- | C] (Silicon Integrated Systems Corp.)<BR>abp480n5.sys -> %SystemRoot%\System32\dllcache\abp480n5.sys -> [2009/01/22 14:06:27 | 00,023,552 | ---- | C] (Microsoft Corporation)<BR>a3dapi.dll -> %SystemRoot%\System32\dllcache\a3dapi.dll -> [2009/01/22 14:06:26 | 00,462,848 | ---- | C] (Aureal Inc.)<BR>8514a.dll -> %SystemRoot%\System32\dllcache\8514a.dll -> [2009/01/22 14:06:25 | 00,038,400 | ---- | C] (Microsoft Corporation)<BR>4mmdat.sys -> %SystemRoot%\System32\dllcache\4mmdat.sys -> [2009/01/22 14:06:24 | 00,012,288 | ---- | C] (Microsoft Corporation)<BR>3dfxvs.dll -> %SystemRoot%\System32\dllcache\3dfxvs.dll -> [2009/01/22 14:06:23 | 00,689,216 | ---- | C] (3dfx Interactive, Inc.)<BR>3dfxvsm.sys -> %SystemRoot%\System32\dllcache\3dfxvsm.sys -> [2009/01/22 14:06:23 | 00,148,352 | ---- | C] (3dfx Interactive, Inc.)<BR>3cwmcru.sys -> %SystemRoot%\System32\dllcache\3cwmcru.sys -> [2009/01/22 14:06:22 | 00,762,780 | ---- | C] (3Com, Inc.)<BR>1394vdbg.sys -> %SystemRoot%\System32\dllcache\1394vdbg.sys -> [2009/01/22 14:06:21 | 00,011,264 | ---- | C] (Microsoft Corporation)<BR>s3legacy.dll -> %SystemRoot%\System32\dllcache\s3legacy.dll -> [2009/01/22 14:05:43 | 00,066,048 | ---- | C] (Microsoft Corporation)<BR>MalwareResults.jpg -> %UserProfile%\Desktop\MalwareResults.jpg -> [2009/01/21 21:13:58 | 00,037,858 | ---- | C] ()<BR>mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2009/01/21 16:07:36 | 00,015,504 | ---- | C] (Malwarebytes Corporation)<BR>Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/01/21 16:07:36 | 00,000,705 | ---- | C] ()<BR>mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2009/01/21 16:07:33 | 00,038,496 | ---- | C] (Malwarebytes Corporation)<BR>Malwarebytes' Anti-Malware -> %ProgramFiles%\Malwarebytes' Anti-Malware -> [2009/01/21 16:07:31 | 00,000,000 | ---D | C]<BR>Mozilla Firefox.lnk -> %AllUsersProfile%\Desktop\Mozilla Firefox.lnk -> [2009/01/21 15:44:19 | 00,001,611 | ---- | C] ()<BR>msfeeds.dll -> %SystemRoot%\System32\dllcache\msfeeds.dll -> [2009/01/21 15:07:48 | 00,459,264 | ---- | C] (Microsoft Corporation)<BR>msfeedsbs.dll -> %SystemRoot%\System32\dllcache\msfeedsbs.dll -> [2009/01/21 15:07:48 | 00,052,224 | ---- | C] (Microsoft Corporation)<BR>iertutil.dll -> %SystemRoot%\System32\dllcache\iertutil.dll -> [2009/01/21 15:07:47 | 00,267,776 | ---- | C] (Microsoft Corporation)<BR>icardie.dll -> %SystemRoot%\System32\dllcache\icardie.dll -> [2009/01/21 15:07:46 | 00,063,488 | ---- | C] (Microsoft Corporation)<BR>ieudinit.exe -> %SystemRoot%\System32\dllcache\ieudinit.exe -> [2009/01/21 15:07:46 | 00,013,824 | ---- | C] (Microsoft Corporation)<BR>ieapfltr.dll -> %SystemRoot%\System32\dllcache\ieapfltr.dll -> [2009/01/21 15:07:45 | 00,383,488 | ---- | C] (Microsoft Corporation)<BR>ieapfltr.dat -> %SystemRoot%\System32\dllcache\ieapfltr.dat -> [2009/01/21 15:07:44 | 02,455,488 | ---- | C] (Microsoft Corporation)<BR>ieframe.dll.mui -> %SystemRoot%\System32\dllcache\ieframe.dll.mui -> [2009/01/21 15:07:43 | 00,991,232 | ---- | C] (Microsoft Corporation)<BR>ieframe.dll -> %SystemRoot%\System32\dllcache\ieframe.dll -> [2009/01/21 15:07:41 | 06,066,176 | ---- | C] (Microsoft Corporation)<BR>windows-kb890830-v2.6.exe -> %UserProfile%\Desktop\windows-kb890830-v2.6.exe -> [2009/01/21 10:09:12 | 09,237,440 | ---- | C] (Microsoft Corporation)<BR>LogiShrd -> %AllUsersProfile%\Application Data\LogiShrd -> [2009/01/20 07:45:02 | 00,000,000 | ---D | C]<BR>Logishrd -> %CommonProgramFiles%\Logishrd -> [2009/01/20 07:25:28 | 00,000,000 | ---D | C]<BR>PrivacIE -> %UserProfile%\PrivacIE -> [2009/01/18 10:00:45 | 00,000,000 | -HSD | C]<BR>ieencode.dll -> %SystemRoot%\System32\ieencode.dll -> [2009/01/18 09:47:47 | 00,081,920 | ---- | C] (Microsoft Corporation)<BR>fix.reg -> %SystemDrive%\fix.reg -> [2009/01/16 10:44:27 | 00,003,948 | ---- | C] ()<BR>GroupPolicy -> %SystemRoot%\System32\GroupPolicy -> [2009/01/15 19:26:27 | 00,000,000 | -H-D | C]<BR>IE 7.0 Error.JPG -> %UserProfile%\Desktop\IE 7.0 Error.JPG -> [2009/01/14 14:53:08 | 00,085,597 | ---- | C] ()<BR>Microsoft Windows Update.mht -> %UserProfile%\Desktop\Microsoft Windows Update.mht -> [2009/01/14 14:45:42 | 00,042,323 | ---- | C] ()<BR>PollManager -> %SystemDrive%\PollManager -> [2009/01/14 09:51:12 | 00,000,000 | ---D | C]<BR> <BR>[Files/Folders - Modified Within 30 Days]<BR>3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> <BR>3 C:\Documents and Settings\Donna\Local Settings\Temp\*.tmp files -> C:\Documents and Settings\Donna\Local Settings\Temp\*.tmp -> <BR>2 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> <BR>Perflib_Perfdata_c70.dat -> %UserProfile%\Local Settings\Temp\Perflib_Perfdata_c70.dat -> [2009/02/12 12:37:19 | 00,016,384 | ---- | M] ()<BR>wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2009/02/12 12:36:46 | 00,012,704 | ---- | M] ()<BR>MP Scheduled Scan.job -> %SystemRoot%\tasks\MP Scheduled Scan.job -> [2009/02/12 12:35:56 | 00,000,330 | -H-- | M] ()<BR>Perflib_Perfdata_748.dat -> %SystemRoot%\Temp\Perflib_Perfdata_748.dat -> [2009/02/12 12:33:45 | 00,016,384 | ---- | M] ()<BR>Perflib_Perfdata_714.dat -> %SystemRoot%\Temp\Perflib_Perfdata_714.dat -> [2009/02/12 12:33:13 | 00,016,384 | ---- | M] ()<BR>Perflib_Perfdata_67c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_67c.dat -> [2009/02/12 12:33:06 | 00,016,384 | ---- | M] ()<BR>Perflib_Perfdata_5c8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5c8.dat -> [2009/02/12 12:33:04 | 00,016,384 | ---- | M] ()<BR>SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2009/02/12 12:32:53 | 00,000,006 | -H-- | M] ()<BR>bootstat.dat -> %SystemRoot%\bootstat.dat -> [2009/02/12 12:32:26 | 00,002,048 | --S- | M] ()<BR>perf.dat -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\perf.dat -> [2009/02/12 11:19:54 | 00,000,128 | ---- | M] ()<BR>F-SecureReport.rtf -> %UserProfile%\Desktop\F-SecureReport.rtf -> [2009/02/12 11:18:22 | 00,006,647 | ---- | M] ()<BR>fssm32.exe -> %UserProfile%\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fssm32.exe -> [2009/02/12 09:34:23 | 00,519,816 | ---- | M] (F-Secure Corp.)<BR>fssm32.exe -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\fssm32.exe -> [2009/02/12 09:34:23 | 00,519,816 | ---- | M] (F-Secure Corp.)<BR>fm4av.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fm4av.dll -> [2009/02/12 09:34:23 | 00,482,448 | ---- | M] ()<BR>fm4av.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\fm4av.dll -> [2009/02/12 09:34:23 | 00,482,448 | ---- | M] ()<BR>fsgk32.exe -> %UserProfile%\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fsgk32.exe -> [2009/02/12 09:34:23 | 00,440,448 | ---- | M] (F-Secure Corp.)<BR>fsgk32.exe -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\fsgk32.exe -> [2009/02/12 09:34:23 | 00,440,448 | ---- | M] (F-Secure Corp.)<BR>AVPFPI0.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\updates\fsav_beta\AVPFPI0.dll -> [2009/02/12 09:34:23 | 00,154,304 | ---- | M] (Kaspersky Lab)<BR>AVPFPI0.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\AVPFPI0.dll -> [2009/02/12 09:34:23 | 00,154,304 | ---- | M] (Kaspersky Lab)<BR>fsepx32.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fsepx32.dll -> [2009/02/12 09:34:23 | 00,150,144 | ---- | M] (F-Secure Corporation)<BR>fsepx32.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\fsepx32.dll -> [2009/02/12 09:34:23 | 00,150,144 | ---- | M] (F-Secure Corporation)<BR>fpinor.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fpinor.dll -> [2009/02/12 09:34:23 | 00,120,456 | ---- | M] (F-Secure Corporation)<BR>fpinor.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\fpinor.dll -> [2009/02/12 09:34:23 | 00,120,456 | ---- | M] (F-Secure Corporation)<BR>fsuss.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fsuss.dll -> [2009/02/12 09:34:23 | 00,113,288 | ---- | M] (F-Secure Corporation)<BR>fsuss.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\fsuss.dll -> [2009/02/12 09:34:23 | 00,113,288 | ---- | M] (F-Secure Corporation)<BR>fsgkiapi.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fsgkiapi.dll -> [2009/02/12 09:34:23 | 00,100,456 | ---- | M] (F-Secure Corp.)<BR>fsgkiapi.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\fsgkiapi.dll -> [2009/02/12 09:34:23 | 00,100,456 | ---- | M] (F-Secure Corp.)<BR>avpproxy.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\updates\fsav_beta\avpproxy.dll -> [2009/02/12 09:34:23 | 00,084,672 | ---- | M] (F-Secure Corporation)<BR>avpproxy.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\avpproxy.dll -> [2009/02/12 09:34:23 | 00,084,672 | ---- | M] (F-Secure Corporation)<BR>fsbl.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\updates\fsav_beta\fsbl.dll -> [2009/02/12 09:34:23 | 00,068,224 | ---- | M] (F-Secure Corporation)<BR>fsbl.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\fsbl.dll -> [2009/02/12 09:34:23 | 00,068,224 | ---- | M] (F-Secure Corporation)<BR>fsusscr.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\updates\mlcwin\fsusscr.dll -> [2009/02/12 09:34:20 | 00,928,392 | ---- | M] (F-Secure Corporation)<BR>fsusscr.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\fsusscr.dll -> [2009/02/12 09:34:20 | 00,928,392 | ---- | M] (F-Secure Corporation)<BR>fsmart.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\updates\mlcwin\fsmart.dll -> [2009/02/12 09:34:20 | 00,147,456 | ---- | M] (F-Secure Corporation)<BR>fsmart.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\fsmart.dll -> [2009/02/12 09:34:20 | 00,147,456 | ---- | M] (F-Secure Corporation)<BR>fsedb.dat -> %UserProfile%\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsedb.dat -> [2009/02/12 09:34:17 | 02,242,162 | ---- | M] ()<BR>fsedb.dat -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\fsedb.dat -> [2009/02/12 09:34:17 | 02,242,162 | ---- | M] ()<BR>fsecr32.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsecr32.dll -> [2009/02/12 09:34:17 | 01,079,944 | ---- | M] (F-Secure Corporation)<BR>fsecr32.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\fsecr32.dll -> [2009/02/12 09:34:17 | 01,079,944 | ---- | M] (F-Secure Corporation)<BR>fsupdllb.dat -> %UserProfile%\Local Settings\Temp\OnlineScanner\updates\hydrawin\fsupdllb.dat -> [2009/02/12 09:34:17 | 00,422,594 | ---- | M] ()<BR>fsupdllb.dat -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\fsupdllb.dat -> [2009/02/12 09:34:17 | 00,422,594 | ---- | M] ()<BR>fsblu.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\updates\ols_bl\fsblu.dll -> [2009/02/12 09:34:12 | 00,731,784 | ---- | M] (F-Secure Corporation)<BR>fsbld.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\fsbld.dll -> [2009/02/12 09:34:12 | 00,731,784 | ---- | M] (F-Secure Corporation)<BR>fssubmit.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\updates\ols_33_bin\fssubmit.dll -> [2009/02/12 09:34:11 | 00,651,264 | ---- | M] (F-Secure Corporation)<BR>fssubmit.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\fssubmit.dll -> [2009/02/12 09:34:11 | 00,651,264 | ---- | M] (F-Secure Corporation)<BR>Nse_w32.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\updates\ols_30_pegdb\Nse_w32.dll -> [2009/02/12 09:34:08 | 00,588,856 | ---- | M] (Norman ASA)<BR>Nse_w32.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\Nse_w32.dll -> [2009/02/12 09:34:08 | 00,588,856 | ---- | M] (Norman ASA)<BR>sai.dat -> %UserProfile%\Local Settings\Temp\OnlineScanner\updates\avmisc\sai.dat -> [2009/02/12 09:34:03 | 00,001,348 | ---- | M] ()<BR>sai.dat -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\sai.dat -> [2009/02/12 09:34:03 | 00,001,348 | ---- | M] ()<BR>ext.dat -> %UserProfile%\Local Settings\Temp\OnlineScanner\updates\avmisc\ext.dat -> [2009/02/12 09:34:03 | 00,000,449 | ---- | M] ()<BR>ext.dat -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\ext.dat -> [2009/02/12 09:34:03 | 00,000,449 | ---- | M] ()<BR>sae.dat -> %UserProfile%\Local Settings\Temp\OnlineScanner\updates\avmisc\sae.dat -> [2009/02/12 09:34:03 | 00,000,243 | ---- | M] ()<BR>sae.dat -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\sae.dat -> [2009/02/12 09:34:03 | 00,000,243 | ---- | M] ()<BR>Perflib_Perfdata_e90.dat -> %UserProfile%\Local Settings\Temp\Perflib_Perfdata_e90.dat -> [2009/02/12 09:27:34 | 00,016,384 | ---- | M] ()<BR>Perflib_Perfdata_d0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_d0.dat -> [2009/02/12 09:23:33 | 00,016,384 | ---- | M] ()<BR>Perflib_Perfdata_7b4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_7b4.dat -> [2009/02/12 09:22:31 | 00,016,384 | ---- | M] ()<BR>Perflib_Perfdata_6bc.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6bc.dat -> [2009/02/12 09:22:25 | 00,016,384 | ---- | M] ()<BR>Perflib_Perfdata_5b4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5b4.dat -> [2009/02/12 09:22:23 | 00,016,384 | ---- | M] ()<BR>system32.job -> %SystemRoot%\tasks\system32.job -> [2009/02/12 09:00:00 | 00,000,194 | ---- | M] ()<BR>nscompat.tlb -> %SystemRoot%\System32\nscompat.tlb -> [2009/02/12 08:58:14 | 00,023,392 | ---- | M] ()<BR>amcompat.tlb -> %SystemRoot%\System32\amcompat.tlb -> [2009/02/12 08:58:14 | 00,016,832 | ---- | M] ()<BR>ntuser.dat -> %UserProfile%\ntuser.dat -> [2009/02/12 08:43:20 | 05,767,168 | ---- | M] ()<BR>ntuser.ini -> %UserProfile%\ntuser.ini -> [2009/02/12 08:43:16 | 00,000,278 | -HS- | M] ()<BR>sqmdata09.sqm -> %SystemDrive%\sqmdata09.sqm -> [2009/02/12 08:42:56 | 00,000,268 | -H-- | M] ()<BR>sqmnoopt09.sqm -> %SystemDrive%\sqmnoopt09.sqm -> [2009/02/12 08:42:56 | 00,000,244 | -H-- | M] ()<BR>ERUNT AutoBackup.lnk -> %UserProfile%\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk -> [2009/02/12 08:28:18 | 00,000,776 | ---- | M] ()<BR>NTREGOPT.lnk -> %UserProfile%\Desktop\NTREGOPT.lnk -> [2009/02/12 08:27:47 | 00,000,620 | ---- | M] ()<BR>ERUNT.lnk -> %UserProfile%\Desktop\ERUNT.lnk -> [2009/02/12 08:27:47 | 00,000,601 | ---- | M] ()<BR>erunt-setup.exe -> %UserProfile%\Desktop\erunt-setup.exe -> [2009/02/12 08:25:57 | 00,791,393 | ---- | M] (Lars Hederer												)<BR>sqmdata08.sqm -> %SystemDrive%\sqmdata08.sqm -> [2009/02/11 20:57:37 | 00,000,268 | -H-- | M] ()<BR>sqmnoopt08.sqm -> %SystemDrive%\sqmnoopt08.sqm -> [2009/02/11 20:57:37 | 00,000,244 | -H-- | M] ()<BR>gmer.ini -> %SystemRoot%\gmer.ini -> [2009/02/11 09:26:09 | 00,000,345 | ---- | M] ()<BR>sqmdata07.sqm -> %SystemDrive%\sqmdata07.sqm -> [2009/02/11 09:16:37 | 00,000,268 | -H-- | M] ()<BR>sqmnoopt07.sqm -> %SystemDrive%\sqmnoopt07.sqm -> [2009/02/11 09:16:37 | 00,000,244 | -H-- | M] ()<BR>gmer.dll -> %SystemRoot%\gmer.dll -> [2009/02/11 09:08:16 | 00,884,736 | ---- | M] ()<BR>gmer.sys -> %SystemRoot%\System32\drivers\gmer.sys -> [2009/02/11 09:08:16 | 00,085,969 | ---- | M] (GMER)<BR>gmer_uninstall.cmd -> %SystemRoot%\gmer_uninstall.cmd -> [2009/02/11 09:08:16 | 00,000,080 | ---- | M] ()<BR>OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe -> [2009/02/11 08:21:08 | 00,656,714 | ---- | M] ()<BR>sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm -> [2009/02/09 20:11:21 | 00,000,268 | -H-- | M] ()<BR>sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm -> [2009/02/09 20:11:21 | 00,000,244 | -H-- | M] ()<BR>sqmdata05.sqm -> %SystemDrive%\sqmdata05.sqm -> [2009/02/08 21:25:24 | 00,000,268 | -H-- | M] ()<BR>sqmnoopt05.sqm -> %SystemDrive%\sqmnoopt05.sqm -> [2009/02/08 21:25:23 | 00,000,244 | -H-- | M] ()<BR>VSNAP.IDX -> %SystemDrive%\VSNAP.IDX -> [2009/02/01 17:31:16 | 00,004,096 | -HS- | M] ()<BR>sqmdata04.sqm -> %SystemDrive%\sqmdata04.sqm -> [2009/02/01 17:30:46 | 00,000,268 | -H-- | M] ()<BR>sqmnoopt04.sqm -> %SystemDrive%\sqmnoopt04.sqm -> [2009/02/01 17:30:46 | 00,000,244 | -H-- | M] ()<BR>TurboTax 2008.lnk -> %AllUsersProfile%\Desktop\TurboTax 2008.lnk -> [2009/02/01 10:19:15 | 00,002,393 | ---- | M] ()<BR>sqmdata03.sqm -> %SystemDrive%\sqmdata03.sqm -> [2009/01/31 19:16:57 | 00,000,268 | -H-- | M] ()<BR>sqmnoopt03.sqm -> %SystemDrive%\sqmnoopt03.sqm -> [2009/01/31 19:16:56 | 00,000,244 | -H-- | M] ()<BR>sqmdata02.sqm -> %SystemDrive%\sqmdata02.sqm -> [2009/01/29 21:40:41 | 00,000,268 | -H-- | M] ()<BR>sqmnoopt02.sqm -> %SystemDrive%\sqmnoopt02.sqm -> [2009/01/29 21:40:41 | 00,000,244 | -H-- | M] ()<BR>sqmdata01.sqm -> %SystemDrive%\sqmdata01.sqm -> [2009/01/29 19:21:30 | 00,000,268 | -H-- | M] ()<BR>sqmnoopt01.sqm -> %SystemDrive%\sqmnoopt01.sqm -> [2009/01/29 19:21:29 | 00,000,244 | -H-- | M] ()<BR>Msft_Kernel_LUsbFilt_01005.Wdf -> %SystemRoot%\System32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf -> [2009/01/29 16:58:16 | 00,000,000 | -H-- | M] ()<BR>MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf -> %SystemRoot%\System32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf -> [2009/01/29 16:58:15 | 00,000,000 | -H-- | M] ()<BR>sqmdata00.sqm -> %SystemDrive%\sqmdata00.sqm -> [2009/01/28 19:58:45 | 00,000,268 | -H-- | M] ()<BR>sqmnoopt00.sqm -> %SystemDrive%\sqmnoopt00.sqm -> [2009/01/28 19:58:45 | 00,000,244 | -H-- | M] ()<BR>sqmdata19.sqm -> %SystemDrive%\sqmdata19.sqm -> [2009/01/27 21:30:54 | 00,000,268 | -H-- | M] ()<BR>sqmnoopt19.sqm -> %SystemDrive%\sqmnoopt19.sqm -> [2009/01/27 21:30:54 | 00,000,244 | -H-- | M] ()<BR>BogusWebsites.jpg -> %UserProfile%\Desktop\BogusWebsites.jpg -> [2009/01/27 15:21:50 | 00,079,158 | ---- | M] ()<BR>qmgr0.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2009/01/27 12:18:55 | 00,004,232 | ---- | M] ()<BR>qmgr1.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2009/01/27 12:18:54 | 00,006,065 | ---- | M] ()<BR>opa11.dat -> %AllUsersProfile%\Application Data\Microsoft\OFFICE\DATA\opa11.dat -> [2009/01/27 11:21:15 | 00,011,096 | ---- | M] ()<BR>sqmdata18.sqm -> %SystemDrive%\sqmdata18.sqm -> [2009/01/26 20:47:00 | 00,000,268 | -H-- | M] ()<BR>sqmnoopt18.sqm -> %SystemDrive%\sqmnoopt18.sqm -> [2009/01/26 20:47:00 | 00,000,244 | -H-- | M] ()<BR>sqmdata17.sqm -> %SystemDrive%\sqmdata17.sqm -> [2009/01/26 18:28:46 | 00,000,268 | -H-- | M] ()<BR>sqmnoopt17.sqm -> %SystemDrive%\sqmnoopt17.sqm -> [2009/01/26 18:28:46 | 00,000,244 | -H-- | M] ()<BR>imsins.BAK -> %SystemRoot%\imsins.BAK -> [2009/01/26 18:28:29 | 00,001,374 | ---- | M] ()<BR>Windows Live Messenger .lnk -> %AllUsersProfile%\Desktop\Windows Live Messenger .lnk -> [2009/01/26 18:18:53 | 00,001,836 | ---- | M] ()<BR>sqmdata16.sqm -> %SystemDrive%\sqmdata16.sqm -> [2009/01/26 18:07:49 | 00,000,268 | -H-- | M] ()<BR>sqmnoopt16.sqm -> %SystemDrive%\sqmnoopt16.sqm -> [2009/01/26 18:07:49 | 00,000,244 | -H-- | M] ()<BR>Yahoo! Messenger.lnk -> %AllUsersProfile%\Desktop\Yahoo! Messenger.lnk -> [2009/01/26 18:01:41 | 00,000,821 | ---- | M] ()<BR>perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [2009/01/26 14:32:45 | 00,402,946 | ---- | M] ()<BR>perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [2009/01/26 14:32:45 | 00,062,140 | ---- | M] ()<BR>PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2009/01/26 14:32:44 | 00,472,998 | ---- | M] ()<BR>WMSysPr9.prx -> %SystemRoot%\WMSysPr9.prx -> [2009/01/26 14:31:28 | 00,316,640 | ---- | M] ()<BR>FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2009/01/26 14:28:43 | 00,376,856 | ---- | M] ()<BR>sqmdata15.sqm -> %SystemDrive%\sqmdata15.sqm -> [2009/01/26 14:27:01 | 00,000,268 | -H-- | M] ()<BR>sqmnoopt15.sqm -> %SystemDrive%\sqmnoopt15.sqm -> [2009/01/26 14:27:01 | 00,000,244 | -H-- | M] ()<BR>ntldr -> %SystemDrive%\ntldr -> [2009/01/26 13:53:48 | 00,250,048 | ---- | M] ()<BR>sqmdata14.sqm -> %SystemDrive%\sqmdata14.sqm -> [2009/01/26 13:11:25 | 00,000,268 | -H-- | M] ()<BR>sqmnoopt14.sqm -> %SystemDrive%\sqmnoopt14.sqm -> [2009/01/26 13:11:25 | 00,000,244 | -H-- | M] ()<BR>sqmdata13.sqm -> %SystemDrive%\sqmdata13.sqm -> [2009/01/26 12:35:15 | 00,000,268 | -H-- | M] ()<BR>sqmnoopt13.sqm -> %SystemDrive%\sqmnoopt13.sqm -> [2009/01/26 12:35:15 | 00,000,244 | -H-- | M] ()<BR>sqmdata12.sqm -> %SystemDrive%\sqmdata12.sqm -> [2009/01/26 11:58:03 | 00,000,268 | -H-- | M] ()<BR>sqmnoopt12.sqm -> %SystemDrive%\sqmnoopt12.sqm -> [2009/01/26 11:58:03 | 00,000,244 | -H-- | M] ()<BR>sqmdata11.sqm -> %SystemDrive%\sqmdata11.sqm -> [2009/01/26 08:36:34 | 00,000,268 | -H-- | M] ()<BR>sqmnoopt11.sqm -> %SystemDrive%\sqmnoopt11.sqm -> [2009/01/26 08:36:33 | 00,000,244 | -H-- | M] ()<BR>sqmdata10.sqm -> %SystemDrive%\sqmdata10.sqm -> [2009/01/26 08:05:06 | 00,000,268 | -H-- | M] ()<BR>sqmnoopt10.sqm -> %SystemDrive%\sqmnoopt10.sqm -> [2009/01/26 08:05:06 | 00,000,244 | -H-- | M] ()<BR>SUPERAntiSpyware Free Edition.lnk -> %AllUsersProfile%\Desktop\SUPERAntiSpyware Free Edition.lnk -> [2009/01/23 18:01:20 | 00,000,789 | ---- | M] ()<BR>SUPERAntiSpyware.exe -> %UserProfile%\Desktop\SUPERAntiSpyware.exe -> [2009/01/23 17:54:31 | 05,966,368 | ---- | M] ()<BR>SysRestoreError.jpg -> %UserProfile%\Desktop\SysRestoreError.jpg -> [2009/01/23 17:04:08 | 00,046,140 | ---- | M] ()<BR>launch.exe -> %UserProfile%\Desktop\launch.exe -> [2009/01/22 17:12:36 | 12,185,808 | ---- | M] (Doctor Web, Ltd.)<BR>MalwareResults.jpg -> %UserProfile%\Desktop\MalwareResults.jpg -> [2009/01/21 21:13:58 | 00,037,858 | ---- | M] ()<BR>Malwarebytes' Anti-Malware.lnk -> %AllUsersProfile%\Desktop\Malwarebytes' Anti-Malware.lnk -> [2009/01/21 16:07:36 | 00,000,705 | ---- | M] ()<BR>Mozilla Firefox.lnk -> %AllUsersProfile%\Desktop\Mozilla Firefox.lnk -> [2009/01/21 15:44:19 | 00,001,611 | ---- | M] ()<BR>windows-kb890830-v2.6.exe -> %UserProfile%\Desktop\windows-kb890830-v2.6.exe -> [2009/01/21 10:09:17 | 09,237,440 | ---- | M] (Microsoft Corporation)<BR>Logitech Mouse and Keyboard Settings.lnk -> %AllUsersProfile%\Desktop\Logitech Mouse and Keyboard Settings.lnk -> [2009/01/20 07:26:20 | 00,001,690 | ---- | M] ()<BR>Logitech SetPoint.lnk -> %AllUsersProfile%\Start Menu\Programs\Startup\Logitech SetPoint.lnk -> [2009/01/20 07:26:18 | 00,001,696 | ---- | M] ()<BR>GDIPFONTCACHEV1.DAT -> %UserProfile%\Local Settings\Application Data\GDIPFONTCACHEV1.DAT -> [2009/01/20 07:20:02 | 00,118,080 | ---- | M] ()<BR>desktop.ini -> F:\Documents and Settings\Donna\My Documents\desktop.ini -> [2009/01/18 09:56:16 | 00,000,076 | -HS- | M] ()<BR>fix.reg -> %SystemDrive%\fix.reg -> [2009/01/16 10:45:29 | 00,003,948 | ---- | M] ()<BR>mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2009/01/14 16:11:32 | 00,038,496 | ---- | M] (Malwarebytes Corporation)<BR>mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2009/01/14 16:11:28 | 00,015,504 | ---- | M] (Malwarebytes Corporation)<BR>IE 7.0 Error.JPG -> %UserProfile%\Desktop\IE 7.0 Error.JPG -> [2009/01/14 14:53:08 | 00,085,597 | ---- | M] ()<BR>Microsoft Windows Update.mht -> %UserProfile%\Desktop\Microsoft Windows Update.mht -> [2009/01/14 14:47:55 | 00,042,323 | ---- | M] ()<BR>daas_s.dll -> %UserProfile%\Local Settings\Temp\OnlineScanner\Anti-Virus\daas_s.dll -> [2008/02/27 15:59:28 | 00,495,616 | ---- | M] (F-Secure Corporation)<BR>hhcolreg.dat -> %AllUsersProfile%\Application Data\Microsoft\HTML Help\hhcolreg.dat -> [2006/08/13 11:56:07 | 00,015,067 | ---- | M] ()<BR>< End of report ><BR>

This end-of-reports. All segments posted.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users