Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HD constently being accessed, firefox and chrome crashing on launch


  • This topic is locked This topic is locked
22 replies to this topic

#1 Sugah313

Sugah313

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 14 May 2010 - 12:17 PM

Hello, thank you in advance for all your help. I tried to follow the instructions on preparation but the dds.src would not run it says it is not a recognized file type and the gmer file crashed my computer twice =(

Here are my symptoms:

- HD constantly being accessed especially when I first turn on the computer (I have search indexing turned off)

- When it is really slow and I look at the task manager explorer.exe is the one using allot of the cpu and memory.

- Both firefox and chrome no longer work and crash as soon as I launch them, (I have tried everything there reinstalling, starting in safe mode, nothing works.)

- When I launch internet explorer it keep telling me that my security settings are unsafe do I want to fix it? I click yes every time but it just does it again each time I start Internet explorer.

- Mcafee told me it found 2 trojans but it doesn’t tell me any details because its a piece of junk

-Maleware Bytes found 2 registry data entries FirewallDisableNotify and AntivirusDisableNotify

Please help! Thanks =)



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:15:09 PM, on 5/14/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\System32\TPHDEXLG.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\TpShocks.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Adobe Bridge CS4\Bridge.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100507181649.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AdobeBridge] "C:\Program Files\Adobe\Adobe Bridge CS4\Bridge.exe" -stealth
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Richard\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Palo Alto Software Update Manager 9.0.lnk = C:\Program Files\Common Files\Palo Alto Software\9.0\PAS9_Update.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: ServerPushBox - http://192.168.10.99:700/servp14.cab
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemyfios.verizon.net/sdcCommo...20Installer.cab
O16 - DPF: {038E2507-7A48-41E2-94AD-7F23D199AF4E} (ZenGems Control) - http://www.worldwinner.com/games/v54/zengems/zengems.cab
O16 - DPF: {1D082E71-DF20-4AAF-863B-596428C49874} (TPIR Control) - http://www.worldwinner.com/games/v50/tpir/tpir.cab
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file:///C:/Program%20Files/Autodesk/MDT6/AcDcToday.ocx
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} (WoF Control) - http://www.worldwinner.com/games/v57/wof/wof.cab
O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file:///C:/Program%20Files/Autodesk/MDT6/InstBanr.ocx
O16 - DPF: {BAC761D3-DFFD-4DB4-A01D-173346E090A7} (CPlayFirstzenerchiControl Object) - http://clubgames.pogo.com/online2/pogo/zen...eb.1.0.0.10.cab
O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} (DinerDash Control) - http://www.worldwinner.com/games/v50/dinerdash/dinerdash.cab
O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred) - file:///C:/Program%20Files/Autodesk/MDT6/InstFred.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://googleonline.webex.com/client/T27LB/nbr/ieatgpc.cab
O16 - DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} (WWSpades Control) - http://www.worldwinner.com/games/v53/wwspades/wwspades.cab
O16 - DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} (CPlayFirstWeddingDashControl Object) - http://pogoclub.oberon-media.com/online2/p...sh.1.0.0.47.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file:///C:/Program%20Files/Autodesk/MDT6/AcPreview.ocx
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c9f4648817514a) (gupdate1c9f4648817514a) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: McAfee Personal Firewall (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - Unknown owner - C:\Program Files\McAfee\MSK\MskSrver.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 13683 bytes


BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:48 PM

Posted 15 May 2010 - 10:30 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
We need to create an OTL Report
  1. Please download OTL from one of the following mirrors:
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Click the "Scan All Users" checkbox.
  5. In the custom scan box paste the following:
    CODE
    msconfig
    safebootminimal
    activex
    drivers32
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    mv61xx.sys
    nvraid.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90
  6. Push the button.
  7. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt<--Will be minimized
In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
We need to create an OTL Report
  1. Please download OTL from one of the following mirrors:
  2. Save it to your desktop.
  3. Double click on the icon on your desktop.
  4. Click the "Scan All Users" checkbox.
  5. In the custom scan box paste the following:
    CODE
    msconfig
    safebootminimal
    activex
    drivers32
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    mv61xx.sys
    nvraid.sys
    /md5stop
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90
  6. Push the button.
  7. Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt<--Will be minimized
In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 Sugah313

Sugah313
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 15 May 2010 - 01:25 PM

OTL logfile created on: 5/15/2010 1:45:31 PM - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Richard\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 70.00% Memory free
5.00 Gb Paging File | 3.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 93.16 Gb Total Space | 18.48 Gb Free Space | 19.84% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: AVIATOR
Current User Name: Richard
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/05/15 13:42:39 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Richard\Desktop\OTL.exe
PRC - [2010/04/14 12:29:58 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2010/04/14 12:29:58 | 000,170,144 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2010/04/14 12:29:58 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
PRC - [2010/04/01 23:05:04 | 001,180,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/03/02 16:48:02 | 000,126,976 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\WINDOWS\system32\Crypserv.exe
PRC - [2009/01/23 10:46:14 | 000,203,280 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2008/11/15 13:29:12 | 000,313,856 | ---- | M] (tzuk) -- C:\Program Files\Sandboxie\SbieCtrl.exe
PRC - [2008/11/15 13:29:10 | 000,052,736 | ---- | M] (tzuk) -- C:\Program Files\Sandboxie\SbieSvc.exe
PRC - [2008/10/21 13:09:59 | 000,050,472 | ---- | M] (AOL LLC) -- C:\Program Files\AIM6\aim6.exe
PRC - [2008/08/28 20:34:14 | 013,145,448 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Adobe\Adobe Bridge CS4\Bridge.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/19 16:00:38 | 000,794,624 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2007/11/19 15:40:08 | 001,183,744 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2007/11/19 15:35:46 | 000,483,328 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2007/09/28 17:29:00 | 000,037,424 | ---- | M] (Lenovo.) -- C:\WINDOWS\system32\TPHDEXLG.exe
PRC - [2007/09/28 14:28:40 | 000,181,544 | ---- | M] (Lenovo.) -- C:\WINDOWS\system32\TpShocks.exe
PRC - [2007/08/10 19:30:40 | 000,110,592 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2007/05/31 20:02:06 | 000,036,400 | ---- | M] (Lenovo) -- C:\WINDOWS\system32\ibmpmsvc.exe
PRC - [2007/05/11 04:06:38 | 000,341,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
PRC - [2007/04/27 03:33:00 | 000,243,248 | ---- | M] (Lenovo Group Ltd.) -- C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE
PRC - [2007/04/09 17:23:56 | 001,015,808 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe
PRC - [2007/04/03 20:55:08 | 000,839,680 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMax4.exe
PRC - [2007/03/23 13:40:36 | 000,274,432 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2007/03/14 14:30:52 | 002,756,608 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2007/02/27 23:21:10 | 000,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2007/02/26 00:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/12/04 19:00:10 | 000,069,632 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe
PRC - [2006/01/24 02:14:10 | 000,069,632 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe


========== Modules (SafeList) ==========

MOD - [2010/05/15 13:42:39 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Richard\Desktop\OTL.exe
MOD - [2009/01/23 10:46:18 | 000,013,840 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2008/04/13 20:11:55 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2008/04/13 20:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2007/09/28 09:06:00 | 001,478,656 | ---- | M] () -- C:\WINDOWS\system32\nview.dll
MOD - [2007/09/28 09:06:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll
MOD - [2007/08/10 19:30:34 | 000,065,536 | ---- | M] (Synaptics, Inc.) -- C:\WINDOWS\system32\SynTPFcs.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (MSK80Service)
SRV - File not found [Disabled | Stopped] -- -- (MBackMonitor)
SRV - File not found [Auto | Running] -- -- (Crypkey License)
SRV - File not found [Disabled | Stopped] -- -- (Ast Service)
SRV - File not found [Disabled | Stopped] -- -- (Apple Mobile Device)
SRV - [2010/04/28 17:37:45 | 000,069,632 | ---- | M] (Macromedia) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe -- (Macromedia Licensing Service)
SRV - [2010/04/14 12:29:58 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2010/04/14 12:29:58 | 000,170,144 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2010/04/14 12:29:58 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2010/03/10 11:16:56 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2009/12/14 21:08:40 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2009/01/23 10:46:14 | 000,203,280 | ---- | M] () [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/01/04 15:53:59 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/11/15 13:29:10 | 000,052,736 | ---- | M] (tzuk) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2007/11/19 16:00:38 | 000,794,624 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel®
SRV - [2007/11/19 15:40:08 | 001,183,744 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor) Intel®
SRV - [2007/11/19 15:35:46 | 000,483,328 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel®
SRV - [2007/09/28 17:29:00 | 000,037,424 | ---- | M] (Lenovo.) [Auto | Running] -- C:\WINDOWS\system32\TPHDEXLG.exe -- (TPHDEXLGSVC)
SRV - [2007/05/31 20:02:06 | 000,036,400 | ---- | M] (Lenovo) [Auto | Running] -- C:\WINDOWS\system32\ibmpmsvc.exe -- (IBMPMSVC)
SRV - [2007/02/26 00:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV - [2010/04/14 12:29:58 | 000,385,536 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/04/14 12:29:58 | 000,312,616 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2010/04/14 12:29:58 | 000,152,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/04/14 12:29:58 | 000,095,568 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2010/04/14 12:29:58 | 000,088,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2010/04/14 12:29:58 | 000,088,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2010/04/14 12:29:58 | 000,083,496 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2010/04/14 12:29:58 | 000,082,952 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2010/04/14 12:29:58 | 000,055,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/04/14 12:29:58 | 000,051,688 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2009/04/14 12:28:08 | 000,020,486 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\ckldrv.sys -- (NetworkX)
DRV - [2009/03/10 14:57:01 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/03/10 14:56:52 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/02/09 06:20:33 | 000,550,272 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\Y6LJ1OP.sys -- (Y6LJ1OP)
DRV - [2008/11/15 13:29:10 | 000,102,912 | ---- | M] (tzuk) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2008/06/26 09:15:34 | 003,630,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel®
DRV - [2008/04/13 12:36:05 | 000,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008/02/05 15:06:20 | 000,097,216 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2007/11/27 00:37:00 | 002,236,544 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel®
DRV - [2007/11/20 17:39:56 | 000,012,288 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/10/12 17:30:46 | 000,252,048 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\e1e5132.sys -- (e1express) Intel®
DRV - [2007/09/28 17:29:00 | 000,103,472 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\Apsx86.sys -- (Shockprf)
DRV - [2007/09/28 17:28:00 | 000,019,504 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ApsHM86.sys -- (TPDIGIMN)
DRV - [2007/09/28 09:06:00 | 006,852,480 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2007/09/21 02:19:00 | 000,004,442 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS -- (TPPWRIF)
DRV - [2007/08/14 16:25:52 | 000,047,376 | ---- | M] (UPEK Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tcusb.sys -- (TcUsb)
DRV - [2007/08/10 19:25:28 | 000,177,664 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/08/07 15:48:33 | 000,025,160 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2007/05/31 20:01:30 | 000,021,424 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV - [2007/04/13 14:08:26 | 000,306,176 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV - [2007/03/30 20:19:08 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (tosrfusb)
DRV - [2007/03/01 19:53:12 | 000,073,728 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2007/02/22 22:56:24 | 000,113,920 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2007/02/12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\iaStor.sys -- (iaStor)
DRV - [2007/01/22 13:43:26 | 000,053,376 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2006/12/22 12:56:00 | 000,988,800 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/12/22 12:56:00 | 000,209,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/12/22 12:55:00 | 000,730,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006/11/20 20:55:16 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006/10/10 22:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2005/08/01 19:45:00 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2005/07/11 21:58:00 | 000,003,712 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2005/05/17 11:20:06 | 000,015,872 | ---- | M] (Atmel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\atmeltpm.sys -- (atmeltpm)
DRV - [2005/01/06 16:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/09/29 02:02:00 | 000,016,752 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctpdusb2.sys -- (Jukebox)
DRV - [2004/03/23 22:12:34 | 000,017,280 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\nsndis5.sys -- (NSNDIS5)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



IE - HKU\S-1-5-21-725345543-507921405-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-725345543-507921405-682003330-1003\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
IE - HKU\S-1-5-21-725345543-507921405-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-725345543-507921405-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/05/12 16:48:18 | 000,000,000 | ---D | M]

[2010/05/12 17:56:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\Mozilla\Extensions
[2010/05/07 17:13:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Richard\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2010/04/14 12:29:58 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Mozilla Firefox\components\Scriptff.dll

O1 HOSTS File: ([2009/01/04 15:55:28 | 000,000,768 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100507181649.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKU\S-1-5-21-725345543-507921405-682003330-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BLOG] C:\Program Files\ThinkPad\Utilities\BATLOGEX.DLL ()
O4 - HKLM..\Run: [EZEJMNAP] C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE (Lenovo Group Ltd.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] File not found
O4 - HKLM..\Run: [PWRMGRTR] C:\Program Files\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TpShocks] File not found
O4 - HKU\S-1-5-21-725345543-507921405-682003330-1003..\Run: [AdobeBridge] C:\Program Files\Adobe\Adobe Bridge CS4\Bridge.exe (Adobe Systems, Inc.)
O4 - HKU\S-1-5-21-725345543-507921405-682003330-1003..\Run: [Aim6] C:\Program Files\AIM6\aim6.exe (AOL LLC)
O4 - HKU\S-1-5-21-725345543-507921405-682003330-1003..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (tzuk)
O4 - HKU\S-1-5-21-725345543-507921405-682003330-1003..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Palo Alto Software Update Manager 9.0.lnk = C:\Program Files\Common Files\Palo Alto Software\9.0\PAS9_Update.exe (Palo Alto Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-725345543-507921405-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-725345543-507921405-682003330-1003\..Trusted Domains: //@install.mar@/ ([]msni in My Computer)
O15 - HKU\S-1-5-21-725345543-507921405-682003330-1003\..Trusted Domains: //@mail.mar@/ ([]msni in Local intranet)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} https://activatemyfios.verizon.net/sdcCommo...20Installer.cab (Support.com Configuration Class)
O16 - DPF: {038E2507-7A48-41E2-94AD-7F23D199AF4E} http://www.worldwinner.com/games/v54/zengems/zengems.cab (ZenGems Control)
O16 - DPF: {1D082E71-DF20-4AAF-863B-596428C49874} http://www.worldwinner.com/games/v50/tpir/tpir.cab (TPIR Control)
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} file:///C:/Program%20Files/Autodesk/MDT6/AcDcToday.ocx (AcDcToday Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.0...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinner.com/games/shared/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} http://www.worldwinner.com/games/v57/wof/wof.cab (WoF Control)
O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} file:///C:/Program%20Files/Autodesk/MDT6/InstBanr.ocx (NOXLATE-BANR)
O16 - DPF: {BAC761D3-DFFD-4DB4-A01D-173346E090A7} http://clubgames.pogo.com/online2/pogo/zen...eb.1.0.0.10.cab (CPlayFirstzenerchiControl Object)
O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} http://www.worldwinner.com/games/v50/dinerdash/dinerdash.cab (DinerDash Control)
O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} file:///C:/Program%20Files/Autodesk/MDT6/InstFred.ocx (InstaFred)
O16 - DPF: {CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl...indows-i586.cab (Java Plug-in 1.4.2_18)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://googleonline.webex.com/client/T27LB/nbr/ieatgpc.cab (GpcContainer Class)
O16 - DPF: {E70E3E64-2793-4AEF-8CC8-F1606BE563B0} http://www.worldwinner.com/games/v53/wwspades/wwspades.cab (WWSpades Control)
O16 - DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} http://pogoclub.oberon-media.com/online2/p...sh.1.0.0.47.cab (CPlayFirstWeddingDashControl Object)
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file:///C:/Program%20Files/Autodesk/MDT6/AcPreview.ocx (AcPreview Control)
O16 - DPF: ServerPushBox http://192.168.10.99:700/servp14.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.242.0.12
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - File not found
O20 - HKLM Winlogon: UIHost - (logonui.exe) - File not found
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - File not found
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - File not found
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - File not found
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - File not found
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - File not found
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - File not found
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - File not found
O24 - Desktop WallPaper: C:\Documents and Settings\Richard\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Richard\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - File not found
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (schannel.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/01/07 17:50:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{3fe0e834-eafd-11dd-a623-001de009e96d}\Shell\AutoRun\command - "" = E:\setupSNK.exe -- File not found
O33 - MountPoints2\{fe626274-457e-11de-a634-001e371e10cb}\Shell - "" = AutoRun
O33 - MountPoints2\{fe626274-457e-11de-a634-001e371e10cb}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fe626274-457e-11de-a634-001e371e10cb}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootMin: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: Y6LJ1OP - C:\WINDOWS\system32\drivers\Y6LJ1OP.sys ()
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {41E4FB1D-75ED-5230-399C-02EDEB8E9BE3} - IE7 Uninstall Stub
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9F208D06-45A6-60AA-FD0B-6E45766C075C} - Browser Customizations
ActiveX: {AF0CCE14-B728-44BE-DF11-5C7A7CE36627} - Vector Graphics Rendering (VML)
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: aux - wdmaud.drv File not found
Drivers32: midi - wdmaud.drv File not found
Drivers32: midi1 - wdmaud.drv File not found
Drivers32: midi2 - wdmaud.drv File not found
Drivers32: midi3 - wdmaud.drv File not found
Drivers32: midimapper - midimap.dll File not found
Drivers32: mixer - wdmaud.drv File not found
Drivers32: mixer1 - wdmaud.drv File not found
Drivers32: mixer2 - wdmaud.drv File not found
Drivers32: mixer3 - wdmaud.drv File not found
Drivers32: msacm.ac3acm - ac3acm.acm File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.imaadpcm - imaadp32.acm File not found
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - lameACM.acm File not found
Drivers32: msacm.msadpcm - msadp32.acm File not found
Drivers32: msacm.msaudio1 - msaud32.acm File not found
Drivers32: msacm.msg711 - msg711.acm File not found
Drivers32: msacm.msg723 - msg723.acm File not found
Drivers32: msacm.msgsm610 - msgsm32.acm File not found
Drivers32: msacm.sl_anet - sl_anet.acm File not found
Drivers32: msacm.trspch - tssoft32.acm File not found
Drivers32: vidc.cvid - iccvid.dll File not found
Drivers32: VIDC.DIVX - divx.dll File not found
Drivers32: VIDC.FFDS - ff_vfw.dll File not found
Drivers32: vidc.I420 - msh263.drv File not found
Drivers32: vidc.iv31 - ir32_32.dll File not found
Drivers32: vidc.iv32 - ir32_32.dll File not found
Drivers32: vidc.iv41 - ir41_32.ax File not found
Drivers32: vidc.iv50 - ir50_32.dll File not found
Drivers32: vidc.iyuv - iyuv_32.dll File not found
Drivers32: vidc.M261 - msh261.drv File not found
Drivers32: vidc.M263 - msh263.drv File not found
Drivers32: vidc.mrle - msrle32.dll File not found
Drivers32: vidc.msvc - msvidc32.dll File not found
Drivers32: vidc.uyvy - msyuv.dll File not found
Drivers32: VIDC.XVID - xvidvfw.dll File not found
Drivers32: vidc.yuy2 - msyuv.dll File not found
Drivers32: VIDC.YV12 - yv12vfw.dll File not found
Drivers32: vidc.yvu9 - tsbyuv.dll File not found
Drivers32: vidc.yvyu - msyuv.dll File not found
Drivers32: wave - wdmaud.drv File not found
Drivers32: wave1 - wdmaud.drv File not found
Drivers32: wave2 - wdmaud.drv File not found
Drivers32: wave3 - wdmaud.drv File not found
Drivers32: wavemapper - msacm32.drv File not found

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008/01/07 17:50:33 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/05/15 13:42:39 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Richard\Desktop\OTL.exe
[2010/05/14 12:13:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Desktop\gmer
[2010/05/12 17:10:51 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framedyn.dll
[2010/05/12 17:04:11 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Documents and Settings\Richard\Desktop\spybotsd162.exe
[2010/05/12 16:41:07 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010/05/12 16:41:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2010/05/12 16:30:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Application Data\Malwarebytes
[2010/05/12 16:30:49 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/05/12 16:30:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/05/12 16:30:48 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/05/12 16:30:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/05/08 21:26:43 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/05/08 21:06:02 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2010/05/08 13:30:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Desktop\portfolio
[2010/05/08 12:46:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Application Data\FileZilla
[2010/05/06 23:03:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Application Data\Office Genuine Advantage
[2010/05/06 20:25:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
[2010/05/06 20:23:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/05/06 20:06:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2010/05/06 20:06:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2010/05/06 20:06:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2010/05/06 20:06:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2010/05/06 20:02:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2010/05/06 19:58:52 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2010/05/06 19:45:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-TW
[2010/05/06 19:45:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-HK
[2010/05/06 19:45:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\tr-TR
[2010/05/06 19:45:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\sv-SE
[2010/05/06 19:45:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\pt-BR
[2010/05/06 19:45:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\nl-NL
[2010/05/06 19:45:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\nb-NO
[2010/05/06 19:45:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ko-KR
[2010/05/06 19:45:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\it-IT
[2010/05/06 19:45:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\he-IL
[2010/05/06 19:45:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-FR
[2010/05/06 19:45:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\fi-FI
[2010/05/06 19:45:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\es-ES
[2010/05/06 19:45:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\el-GR
[2010/05/06 19:45:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-DE
[2010/05/06 19:45:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\da-DK
[2010/05/06 19:45:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ar-SA
[2010/05/06 19:44:41 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/05/06 18:56:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Desktop\FISHING
[2010/05/05 11:36:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\My Documents\drc
[2010/05/01 10:41:13 | 000,009,344 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeclnk.sys
[2010/05/01 10:40:17 | 000,082,952 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfetdi2k.sys
[2010/05/01 10:40:16 | 000,088,480 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfendisk.sys
[2010/05/01 10:40:15 | 000,385,536 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfehidk.sys
[2010/05/01 10:40:15 | 000,312,616 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfefirek.sys
[2010/05/01 10:40:15 | 000,083,496 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdet.sys
[2010/05/01 10:40:14 | 000,152,320 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2010/05/01 10:40:14 | 000,095,568 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeapfk.sys
[2010/05/01 10:40:14 | 000,051,688 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2010/05/01 10:40:13 | 000,055,456 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\cfwids.sys
[2010/04/29 21:45:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Local Settings\Application Data\MozSwing
[2010/04/29 14:09:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Application Data\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010/04/29 14:09:35 | 000,000,000 | ---D | C] -- C:\Program Files\TweetDeck
[2010/04/29 14:09:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010/04/28 17:33:33 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp70.dll
[2010/04/28 17:30:12 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70.dll
[2010/04/28 17:30:12 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr70.dll
[2010/04/28 17:30:12 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mfc70enu.dll
[2010/04/28 17:30:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macromedia Shared
[2010/04/28 16:31:18 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2010/04/28 16:31:05 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2010/04/27 09:49:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2010/04/27 09:24:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Temp
[2010/04/27 09:22:18 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/04/27 09:21:30 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/04/27 09:20:16 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/04/27 09:20:16 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/04/27 09:13:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Application Data\McAfee
[2010/04/27 08:28:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2010/04/27 08:06:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Local Settings\Application Data\Citrix
[2010/04/27 00:29:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Desktop\mediafarm
[2010/04/15 14:34:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Richard\Application Data\Skype
[2010/04/15 14:34:22 | 000,000,000 | ---D | C] -- C:\Program Files\Skype
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[15 C:\Documents and Settings\Richard\My Documents\*.tmp files -> C:\Documents and Settings\Richard\My Documents\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Richard\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Richard\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\Richard\Desktop\*.tmp files -> C:\Documents and Settings\Richard\Desktop\*.tmp -> ]
[1 C:\Documents and Settings\Richard\Application Data\*.tmp files -> C:\Documents and Settings\Richard\Application Data\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/05/15 13:47:14 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-507921405-682003330-1003UA.job
[2010/05/15 13:42:39 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Richard\Desktop\OTL.exe
[2010/05/15 13:21:10 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{8B2988E9-0493-4E6B-9BD6-34E7B7D50D04}.job
[2010/05/14 22:00:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/14 21:00:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/14 18:47:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-507921405-682003330-1003Core.job
[2010/05/14 18:08:21 | 005,505,024 | ---- | M] () -- C:\Documents and Settings\Richard\ntuser.dat
[2010/05/14 18:08:17 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/05/14 14:41:53 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job
[2010/05/14 14:18:53 | 000,000,053 | ---- | M] () -- C:\Documents and Settings\Richard\Desktop\google616de769e42b8155.html
[2010/05/14 13:00:48 | 000,000,341 | ---- | M] () -- C:\Documents and Settings\Richard\Desktop\My Documents.lnk
[2010/05/14 12:57:02 | 000,443,556 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/05/14 12:57:02 | 000,383,822 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/05/14 12:57:02 | 000,054,010 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/05/14 12:52:22 | 000,001,595 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee AntiVirus Plus.lnk
[2010/05/14 12:52:18 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\OGALogon.job
[2010/05/14 12:52:15 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/14 12:52:13 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/14 12:30:10 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/14 12:13:08 | 000,284,915 | ---- | M] () -- C:\Documents and Settings\Richard\Desktop\gmer.zip
[2010/05/14 12:07:03 | 000,525,824 | ---- | M] () -- C:\Documents and Settings\Richard\Desktop\dds.scr
[2010/05/14 12:06:11 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Richard\defogger_reenable
[2010/05/14 12:01:16 | 000,001,988 | ---- | M] () -- C:\Documents and Settings\Richard\Desktop\HiJackThis.lnk
[2010/05/13 13:03:05 | 000,056,832 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\Kristen1.doc
[2010/05/12 18:46:41 | 000,002,300 | ---- | M] () -- C:\Documents and Settings\Richard\Desktop\Google Chrome.lnk
[2010/05/12 18:15:38 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\Richard\ntuser.ini
[2010/05/12 17:05:14 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Richard\Desktop\Spybot - Search & Destroy.lnk
[2010/05/12 17:04:18 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Documents and Settings\Richard\Desktop\spybotsd162.exe
[2010/05/12 16:30:52 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/11 22:57:26 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Richard\My Documents\~$isten1.doc
[2010/05/11 19:42:42 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\bills (version 1).xls
[2010/05/11 12:21:25 | 000,054,784 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\Kristen.doc
[2010/05/10 10:55:27 | 000,091,784 | ---- | M] () -- C:\Documents and Settings\Richard\Application Data\GDIPFONTCACHEV1.DAT
[2010/05/10 10:23:41 | 000,307,200 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\krisresume_2010.doc
[2010/05/09 14:50:15 | 000,024,576 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\Case Studies.doc
[2010/05/09 12:11:50 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\coverletter.doc
[2010/05/08 11:24:24 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\cover lettera.doc
[2010/05/08 10:01:21 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/05/07 19:14:33 | 000,395,156 | ---- | M] () -- C:\Documents and Settings\Richard\.ranktracker.properties
[2010/05/07 19:13:56 | 001,823,848 | ---- | M] () -- C:\Documents and Settings\Richard\.websiteauditor.properties
[2010/05/07 16:50:39 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\cover letter.doc
[2010/05/06 20:26:45 | 000,091,784 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/05/06 20:25:29 | 002,204,832 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/05/06 20:20:54 | 002,254,627 | ---- | M] () -- C:\WINDOWS\iis6.BAK
[2010/05/06 20:02:17 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/05/06 10:38:41 | 000,279,040 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\keywords.doc
[2010/05/05 12:11:54 | 000,460,684 | ---- | M] () -- C:\Documents and Settings\Richard\.spyglass.properties
[2010/05/05 11:24:11 | 000,451,964 | ---- | M] () -- C:\Documents and Settings\Richard\.linkassistant.properties
[2010/05/04 18:23:43 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Richard\My Documents\~$istenresume_2010.doc
[2010/05/04 16:03:34 | 000,110,080 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\social mediaa.doc
[2010/05/04 11:03:31 | 000,025,088 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\tenthingstotweetabout.doc
[2010/05/04 10:11:40 | 000,109,056 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\social media.doc
[2010/05/03 22:53:38 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\email.doc
[2010/05/01 22:11:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/04/30 17:13:22 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Richard\Desktop\searches.doc
[2010/04/30 13:58:36 | 000,075,752 | ---- | M] () -- C:\Documents and Settings\Richard\Desktop\4_30_seo_invoice.pdf
[2010/04/29 21:41:49 | 000,001,931 | ---- | M] () -- C:\Documents and Settings\Richard\Desktop\LinkAssistant.lnk
[2010/04/29 21:41:36 | 000,001,960 | ---- | M] () -- C:\Documents and Settings\Richard\Desktop\WebSite Auditor.lnk
[2010/04/29 21:41:22 | 000,001,906 | ---- | M] () -- C:\Documents and Settings\Richard\Desktop\Rank Tracker.lnk
[2010/04/29 21:41:06 | 000,001,906 | ---- | M] () -- C:\Documents and Settings\Richard\Desktop\SEO SpyGlass.lnk
[2010/04/29 21:40:23 | 042,759,448 | ---- | M] () -- C:\Documents and Settings\Richard\Desktop\seospyglass3.14.5-jre.zip
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/29 14:09:36 | 000,000,640 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TweetDeck.lnk
[2010/04/29 10:35:32 | 000,057,344 | ---- | M] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/29 09:08:06 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Richard\My Documents\~$cial media.doc
[2010/04/28 18:07:20 | 000,022,016 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\Find Buy Here Pay Here Bad Credit Car Dealerships in Ohio.doc
[2010/04/27 09:20:50 | 000,001,143 | -HS- | M] () -- C:\WINDOWS\System32\admparsec.sys
[2010/04/27 08:47:56 | 000,037,888 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\leads.doc
[2010/04/26 18:27:35 | 000,000,446 | --S- | M] () -- C:\WINDOWS\System32\1455611324.dat
[2010/04/26 17:49:10 | 000,027,136 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\Link Building Ideas.doc
[2010/04/23 13:20:18 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\aboutme.doc
[2010/04/22 18:30:25 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\better script.doc
[2010/04/18 18:35:57 | 000,024,064 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\frontlineb.doc
[2010/04/18 11:15:51 | 000,020,480 | ---- | M] () -- C:\Documents and Settings\Richard\Desktop\buyherepayhere_ethics.doc
[2010/04/16 21:04:06 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\adwords.doc
[2010/04/16 14:49:25 | 000,780,800 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\bucks county landscapr.ppt
[2010/04/16 09:03:39 | 000,021,504 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\6 ways you can use text messaging to boost sales!.doc
[2010/04/15 17:58:29 | 063,559,019 | ---- | M] () -- C:\Documents and Settings\Richard\My Documents\cart78327.zip
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[15 C:\Documents and Settings\Richard\My Documents\*.tmp files -> C:\Documents and Settings\Richard\My Documents\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Richard\Local Settings\Application Data\*.tmp files -> C:\Documents and Settings\Richard\Local Settings\Application Data\*.tmp -> ]
[1 C:\Documents and Settings\Richard\Desktop\*.tmp files -> C:\Documents and Settings\Richard\Desktop\*.tmp -> ]
[1 C:\Documents and Settings\Richard\Application Data\*.tmp files -> C:\Documents and Settings\Richard\Application Data\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/05/14 18:08:17 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/05/14 14:18:53 | 000,000,053 | ---- | C] () -- C:\Documents and Settings\Richard\Desktop\google616de769e42b8155.html
[2010/05/14 13:00:48 | 000,000,341 | ---- | C] () -- C:\Documents and Settings\Richard\Desktop\My Documents.lnk
[2010/05/14 12:58:56 | 000,087,845 | ---- | C] () -- C:\Documents and Settings\Richard\Local Settings\Application Data\FASTWiz.log
[2010/05/14 12:13:08 | 000,284,915 | ---- | C] () -- C:\Documents and Settings\Richard\Desktop\gmer.zip
[2010/05/14 12:07:02 | 000,525,824 | ---- | C] () -- C:\Documents and Settings\Richard\Desktop\dds.scr
[2010/05/14 12:06:11 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Richard\defogger_reenable
[2010/05/14 11:59:54 | 000,001,988 | ---- | C] () -- C:\Documents and Settings\Richard\Desktop\HiJackThis.lnk
[2010/05/12 18:46:41 | 000,002,300 | ---- | C] () -- C:\Documents and Settings\Richard\Desktop\Google Chrome.lnk
[2010/05/12 18:42:58 | 000,000,986 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-507921405-682003330-1003UA.job
[2010/05/12 18:42:57 | 000,000,934 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-725345543-507921405-682003330-1003Core.job
[2010/05/12 17:05:14 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Richard\Desktop\Spybot - Search & Destroy.lnk
[2010/05/12 16:30:52 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/11 22:57:26 | 000,056,832 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\Kriste1.doc
[2010/05/11 22:57:26 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Richard\My Documents\~$iste1.doc
[2010/05/10 16:25:09 | 000,054,784 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\Kriste.doc
[2010/05/08 17:59:20 | 000,024,576 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\Case Studies.doc
[2010/05/08 17:10:00 | 000,001,595 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee AntiVirus Plus.lnk
[2010/05/08 12:27:07 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\coverletter.doc
[2010/05/08 11:24:24 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\cover lettera.doc
[2010/05/07 16:50:38 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\cover letter.doc
[2010/05/06 19:45:39 | 000,000,236 | ---- | C] () -- C:\WINDOWS\tasks\OGALogon.job
[2010/05/06 10:38:41 | 000,279,040 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\keywords.doc
[2010/05/06 00:23:12 | 000,000,426 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{8B2988E9-0493-4E6B-9BD6-34E7B7D50D04}.job
[2010/05/05 12:29:12 | 001,823,848 | ---- | C] () -- C:\Documents and Settings\Richard\.websiteauditor.properties
[2010/05/04 18:23:43 | 000,307,200 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\krisresume_2010.doc
[2010/05/04 18:23:43 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Richard\My Documents\~$isresume_2010.doc
[2010/05/04 16:03:33 | 000,110,080 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\social mediaa.doc
[2010/05/04 10:36:20 | 000,025,088 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\tenthingstotweetabout.doc
[2010/05/03 22:53:38 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\email.doc
[2010/05/01 11:25:47 | 000,451,964 | ---- | C] () -- C:\Documents and Settings\Richard\.linkassistant.properties
[2010/04/30 17:13:22 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Richard\Desktop\searches.doc
[2010/04/30 13:58:58 | 000,075,752 | ---- | C] () -- C:\Documents and Settings\Richard\Desktop\4_30_seo_invoice.pdf
[2010/04/29 23:15:45 | 000,395,156 | ---- | C] () -- C:\Documents and Settings\Richard\.ranktracker.properties
[2010/04/29 21:54:35 | 000,460,684 | ---- | C] () -- C:\Documents and Settings\Richard\.spyglass.properties
[2010/04/29 21:41:49 | 000,001,931 | ---- | C] () -- C:\Documents and Settings\Richard\Desktop\LinkAssistant.lnk
[2010/04/29 21:41:36 | 000,001,960 | ---- | C] () -- C:\Documents and Settings\Richard\Desktop\WebSite Auditor.lnk
[2010/04/29 21:41:22 | 000,001,906 | ---- | C] () -- C:\Documents and Settings\Richard\Desktop\Rank Tracker.lnk
[2010/04/29 21:41:06 | 000,001,906 | ---- | C] () -- C:\Documents and Settings\Richard\Desktop\SEO SpyGlass.lnk
[2010/04/29 21:40:20 | 042,759,448 | ---- | C] () -- C:\Documents and Settings\Richard\Desktop\seospyglass3.14.5-jre.zip
[2010/04/29 14:09:36 | 000,000,640 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TweetDeck.lnk
[2010/04/29 09:08:06 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Richard\My Documents\~$cial media.doc
[2010/04/28 18:07:19 | 000,022,016 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\Find Buy Here Pay Here Bad Credit Car Dealerships in Ohio.doc
[2010/04/28 12:23:47 | 000,109,056 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\social media.doc
[2010/04/27 09:20:40 | 000,001,143 | -HS- | C] () -- C:\WINDOWS\System32\admparsec.sys
[2010/04/26 17:32:33 | 000,000,446 | --S- | C] () -- C:\WINDOWS\System32\1455611324.dat
[2010/04/26 15:23:38 | 000,027,136 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\Link Building Ideas.doc
[2010/04/23 13:20:18 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\about.doc
[2010/04/23 13:20:05 | 000,037,888 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\leads.doc
[2010/04/22 18:30:25 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\better script.doc
[2010/04/18 18:07:39 | 000,024,064 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\frontlineb.doc
[2010/04/18 11:15:51 | 000,020,480 | ---- | C] () -- C:\Documents and Settings\Richard\Desktop\buyherepayhere.doc
[2010/04/16 14:49:25 | 000,780,800 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\bucks county landscapr.ppt
[2010/04/16 11:27:30 | 000,021,504 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\adwords.doc
[2010/04/15 17:58:25 | 063,559,019 | ---- | C] () -- C:\Documents and Settings\Richard\My Documents\cart78327.zip
[2009/09/13 07:59:33 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/07/18 07:37:24 | 000,000,047 | ---- | C] () -- C:\WINDOWS\Crypkey.ini
[2009/07/18 07:37:20 | 000,020,486 | ---- | C] () -- C:\WINDOWS\System32\Ckldrv.sys
[2009/07/18 07:37:20 | 000,018,432 | ---- | C] () -- C:\WINDOWS\Setup_ck.dll
[2009/07/16 21:19:36 | 000,000,019 | ---- | C] () -- C:\WINDOWS\rrver.ini
[2009/05/22 16:24:16 | 000,000,032 | ---- | C] () -- C:\WINDOWS\tdlp32.ini
[2009/01/04 15:31:17 | 000,002,068 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2008/12/31 22:22:21 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008/12/31 22:22:18 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/12/31 22:22:18 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/12/31 22:22:17 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/12/31 22:22:16 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2008/12/31 22:22:16 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008/09/18 21:37:15 | 000,000,097 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2008/06/18 20:38:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2008/06/13 13:54:42 | 000,000,175 | ---- | C] () -- C:\WINDOWS\npmapsvc.ini
[2008/02/24 04:38:48 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\PdeSrv2p.dll
[2008/01/19 15:02:33 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2008/01/19 14:55:45 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/01/08 19:31:00 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS
[2008/01/08 13:07:50 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/01/08 13:07:50 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/01/08 13:07:50 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/01/08 13:07:48 | 001,478,656 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/12/05 16:05:06 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005/07/23 00:30:20 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004/08/04 07:00:00 | 000,550,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\Y6LJ1OP.sys
[2003/06/24 15:43:48 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\SynTPCoI.dll
[2000/10/20 13:25:36 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\acdbres.dll

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2004/08/04 07:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010/05/06 19:52:09 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2010/05/06 19:52:09 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2010/05/06 19:52:09 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sp3.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 07:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010/05/06 19:52:09 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010/05/06 19:52:09 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2010/05/06 19:52:09 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\sp3.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/03 18:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 07:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: IASTOR.SYS >
[2007/02/27 14:19:46 | 000,874,240 | ---- | M] (Intel Corporation) MD5=309C4D86D989FB1FCF64BD30DC81C51B -- C:\WINDOWS\NLDRV\001\iastor.sys
[2007/02/27 14:22:10 | 000,874,240 | ---- | M] (Intel Corporation) MD5=309C4D86D989FB1FCF64BD30DC81C51B -- C:\WINDOWS\NLDRV\002\iastor.sys
[2007/02/28 12:12:31 | 000,874,240 | ---- | M] (Intel Corporation) MD5=309C4D86D989FB1FCF64BD30DC81C51B -- C:\WINDOWS\NLDRV\003\iastor.sys
[2007/02/12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\DRIVERS\WIN\IMSM\iastor.sys
[2007/02/12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\WINDOWS\system32\drivers\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 14:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 14:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/04 07:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/04 07:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: VIAMRAID.SYS >
[2007/02/28 12:12:39 | 000,060,672 | ---- | M] (VIA Technologies inc,.ltd) MD5=44056E9FEE477F512EE58BCFEE949621 -- C:\WINDOWS\NLDRV\005\viamraid.sys

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2010/03/11 08:38:51 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2010/03/11 08:38:51 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009/02/09 06:20:33 | 000,550,272 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\Y6LJ1OP.sys

< %systemroot%\System32\config\*.sav >
[2008/01/08 01:39:32 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2008/01/08 01:39:32 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2008/01/08 01:39:32 | 000,909,312 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\drivers\*.sys /90 >
[2010/04/14 12:29:58 | 000,055,456 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\cfwids.sys
[2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
[2010/04/14 12:29:58 | 000,095,568 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfeapfk.sys
[2010/04/14 12:29:58 | 000,152,320 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfeavfk.sys
[2010/04/14 12:29:58 | 000,051,688 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfebopk.sys
[2010/04/14 12:29:58 | 000,009,344 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfeclnk.sys
[2010/04/14 12:29:58 | 000,312,616 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfefirek.sys
[2010/04/14 12:29:58 | 000,385,536 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfehidk.sys
[2010/04/14 12:29:58 | 000,088,480 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfendisk.sys
[2010/04/14 12:29:58 | 000,083,496 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mferkdet.sys
[2010/04/14 12:29:58 | 000,082,952 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\drivers\mfetdi2k.sys
[2010/02/24 09:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\mrxsmb.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D2F2F703
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:723BF4A6
@Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:96BE5F33
< End of report >




OTL Extras logfile created on: 5/15/2010 1:45:31 PM - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\Richard\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 70.00% Memory free
5.00 Gb Paging File | 3.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 93.16 Gb Total Space | 18.48 Gb Free Space | 19.84% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: AVIATOR
Current User Name: Richard
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.reg [@ = regfile] -- regedit.exe "%1"
.scr [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"9051:UDP" = 9051:UDP:LocalSubNet:Enabled:Verizon Tech Wizard
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Dassault Systemes\B08\intel_a\code\bin\CNEXT.exe" = C:\Program Files\Dassault Systemes\B08\intel_a\code\bin\CNEXT.exe:*:Enabled:ApplicationFrame -- File not found
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe" = C:\Program Files\McAfee\MBK\McAfeeDataBackup.exe:*:Enabled:McAfee Data Backup -- File not found
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe" = C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Documents and Settings\Richard\My Documents\IPInstaller.exe" = C:\Documents and Settings\Richard\My Documents\IPInstaller.exe:*:Enabled:IPInstaller -- ()
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent -- File not found
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" = C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}" = Macromedia Dreamweaver MX 2004
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1297C681-92D7-40EF-93BF-03F66EC5105C}" = ThinkPad EasyEject Utility
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{17CBC505-D1AE-459D-B445-3D2000A85842}" = ThinkPad UltraNav Utility
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1ECD6EC8-7BB2-4CD5-A384-BAA371BC4D21}" = Volo View Express
"{20585CDC-114E-4372-986A-0686B1A37A30}" = Business Plan Pro 2007
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java™ 6 Update 14
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth
"{2F353D44-73BB-4971-B31D-F7642E9E9531}" = Macromedia Flash MX 2004
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{46A84694-59EC-48F0-964C-7E76E9F8A2ED}" = ThinkVantage Active Protection System
"{493CCEF3-B98C-4979-92F4-F848C365A82B}" = Verizon FiOS Connection Wizard
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4F4ECD42-4F23-B2D8-317F-A6B480B14B76}" = TweetDeck
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{6149ADDB-974F-4574-84FA-B2DB19CF9D59}" = RocketReader Version 8.00
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{64C96428-3A75-4AAE-A538-C450EF68175F}" = Xara3D6
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7148F0A8-6813-11D6-A77B-00B0D0142180}" = Java 2 Runtime Environment, SE v1.4.2_18
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76BC2442-0002-47FA-9617-43BAD82BEF4C}" = Bonjour
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8DBB8D0C-0361-11D5-94D1-001083798176}" = VBA (3821b)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{939740B5-0064-4779-854A-8C1086181C05}" = Macromedia FreeHand MXa
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{996A2FAA-7514-4628-9D12-A8FC34A0016E}" = iTunes
"{A0E64EBA-8BF0-49FB-90C0-BB3D781A2016}" = ThinkPad Power Manager
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A7BF5269-3E74-11D5-B00F-00104B398D77}" = QuarkXPress 5.0
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.4
"{B19F9155-9337-4807-B5EF-ED471DDB2CCE}" = hph_software_req
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5C3B892-0849-476C-9F46-B12F84819D57}" = Apple Mobile Device Support
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D1AE6D4D-C37A-487d-83D8-C333125B2459}" = HP Photosmart and Deskjet 7.0 Software
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E583ED6F-BD99-4066-A420-C815BF692B69}" = Macromedia Fireworks MX 2004
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F94C1BE0-1B72-4077-9F84-51256BB3ABCB}" = AceReader Pro
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"2DA959FE3D6F0F5BC313481E72071D510DD786FB" = Windows Driver Package - Intel (w29n51) net (12/19/2007 9.0.4.39)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe PageMaker 7.0" = Adobe PageMaker 7.0
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"AIM_6" = AIM 6
"AnyDVD" = AnyDVD
"Ashampoo Burning Studio 7_is1" = Ashampoo Burning Studio 7.21
"B85443866E9FD9203DE836DBCC8A4F6220A821C3" = Windows Driver Package - Intel (NETw5x32) net (07/08/2008 12.0.0.82)
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588" = ThinkPad Modem
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Dell File Manager" = Dell DJ Explorer
"EyeCandy5Impact" = Alien Skin Eye Candy 5 Impact Demo
"EyeCandy5Nature" = Alien Skin Eye Candy 5 Nature Demo
"EyeCandy5Textures" = Alien Skin Eye Candy 5 Textures Demo
"FileZilla Client" = FileZilla Client 3.1.2
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.4.5 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MSC" = McAfee AntiVirus Plus
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"Network Stumbler" = Network Stumbler 0.4.0 (remove only)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Power Management Driver" = ThinkPad Power Management Driver
"ProInst" = Intel® PROSet/Wireless Software
"PROSet" = Intel® PRO Network Connections Drivers
"Sandboxie" = Sandboxie 3.32
"seopowersuite" = SEO SpyGlass
"Snap Art" = Alien Skin Snap Art Demo
"SynTPDeinstKey" = ThinkPad UltraNav Driver
"TeamViewer 4" = TeamViewer 4
"The Ultimate Troubleshooter" = The Ultimate Troubleshooter
"ThinkPad FullScreen Magnifier" = ThinkPad FullScreen Magnifier
"TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck
"Verizon Help and Support" = Verizon Help and Support Tool
"ViewpointMediaPlayer" = Viewpoint Media Player
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xenofex2Demo" = Alien Skin Xenofex 2 Demo
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-725345543-507921405-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/14/2010 11:59:56 AM | Computer Name = AVIATOR | Source = nview_info | ID = 11141121
Description =

Error - 5/14/2010 11:59:56 AM | Computer Name = AVIATOR | Source = nview_info | ID = 11141121
Description =

Error - 5/14/2010 11:59:56 AM | Computer Name = AVIATOR | Source = nview_info | ID = 11141121
Description =

Error - 5/14/2010 11:59:56 AM | Computer Name = AVIATOR | Source = nview_info | ID = 11141121
Description =

Error - 5/14/2010 11:59:56 AM | Computer Name = AVIATOR | Source = nview_info | ID = 11141121
Description =

Error - 5/14/2010 11:59:56 AM | Computer Name = AVIATOR | Source = nview_info | ID = 11141121
Description =

Error - 5/14/2010 11:59:56 AM | Computer Name = AVIATOR | Source = nview_info | ID = 11141121
Description =

Error - 5/14/2010 11:59:56 AM | Computer Name = AVIATOR | Source = nview_info | ID = 11141121
Description =

Error - 5/14/2010 11:59:56 AM | Computer Name = AVIATOR | Source = nview_info | ID = 11141121
Description =

Error - 5/14/2010 4:42:46 PM | Computer Name = AVIATOR | Source = nview_info | ID = 11141121
Description =

[ System Events ]
Error - 5/12/2010 4:58:02 PM | Computer Name = AVIATOR | Source = Service Control Manager | ID = 7000
Description = The McAfee Anti-Spam Service service failed to start due to the following
error: %%3

Error - 5/12/2010 6:18:18 PM | Computer Name = AVIATOR | Source = Service Control Manager | ID = 7000
Description = The adfs service failed to start due to the following error: %%2

Error - 5/12/2010 6:18:18 PM | Computer Name = AVIATOR | Source = Service Control Manager | ID = 7000
Description = The McAfee Anti-Spam Service service failed to start due to the following
error: %%3

Error - 5/14/2010 12:31:47 PM | Computer Name = AVIATOR | Source = Service Control Manager | ID = 7000
Description = The adfs service failed to start due to the following error: %%2

Error - 5/14/2010 12:31:47 PM | Computer Name = AVIATOR | Source = Service Control Manager | ID = 7000
Description = The McAfee Anti-Spam Service service failed to start due to the following
error: %%3

Error - 5/14/2010 12:31:47 PM | Computer Name = AVIATOR | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
iaStor

Error - 5/14/2010 12:53:07 PM | Computer Name = AVIATOR | Source = System Error | ID = 1003
Description = Error code 100000d1, parameter1 00000000, parameter2 0000001c, parameter3
00000001, parameter4 8599200c.

Error - 5/14/2010 12:53:49 PM | Computer Name = AVIATOR | Source = Service Control Manager | ID = 7000
Description = The adfs service failed to start due to the following error: %%2

Error - 5/14/2010 12:53:49 PM | Computer Name = AVIATOR | Source = Service Control Manager | ID = 7000
Description = The McAfee Anti-Spam Service service failed to start due to the following
error: %%3

Error - 5/15/2010 1:17:18 PM | Computer Name = AVIATOR | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 192.168.1.2 on
the Network Card with network address 001DE009E96D.


< End of report >



#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:48 PM

Posted 15 May 2010 - 06:38 PM

Hi,

please run a scan with gmer next:
Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.


  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 Sugah313

Sugah313
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 16 May 2010 - 01:42 PM

Ugh, so I have been at this for a day and a half now, everytime I try to scan It scans for a few hours then I get the blue screen of death and the computer restarts. It seems to be at different spots and different errors so im not sure why it is doing it. I have tried in safe mode with everything disabled. Is there anything else I can do or try? Or should I just keep tring the scan?

#6 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:48 PM

Posted 17 May 2010 - 08:59 AM

Hi,

please try running a scan without the option devices checked. Abort and let me know if it takes more than an hour.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#7 Sugah313

Sugah313
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 18 May 2010 - 08:31 AM

So I ran the scan last night when I went to bed with devices off like you said. It was still at it like 4 hours later but I just let it keep going. It finally finished this time and a system box came up that said "no system modifications detected". That was it... lol... there was no log or anything. Now what? heh

#8 Sugah313

Sugah313
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 18 May 2010 - 08:38 AM

this is the log from the initial quick scan that it does if that helps at all.

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-05-18 09:33:28
Windows 5.1.2600 Service Pack 3
Running: 2w7gp12e.exe; Driver: C:\DOCUME~1\Richard\LOCALS~1\Temp\fxrdrpow.sys


---- System - GMER 1.0.15 ----

Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwCreateKey [0xBA5F8DB0]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwDeleteKey [0xBA5F8DC4]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwDeleteValueKey [0xBA5F8DF0]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwMapViewOfSection [0xBA5F8E46]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenKey [0xBA5F8D9C]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenProcess [0xBA5F8D74]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwOpenThread [0xBA5F8D88]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwRenameKey [0xBA5F8DDA]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwSetSecurityObject [0xBA5F8E1C]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwSetValueKey [0xBA5F8E06]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwTerminateProcess [0xBA5F8E70]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0xBA5F8E5C]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) ZwYieldExecution [0xBA5F8E30]
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtMapViewOfSection
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtOpenProcess
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtOpenThread
Code mfehidk.sys (McAfee Link Driver/McAfee, Inc.) NtSetSecurityObject

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 876E2560

AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (McAfee Link Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Ip mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp mfetdi2k.sys (Anti-Virus Mini-Firewall Driver/McAfee, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 mouclass.sys (Mouse Class Driver/Microsoft Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

---- Threads - GMER 1.0.15 ----

Thread System [4:1824] 876E1A30
Thread System [4:1832] 876E1C00
Thread System [4:2340] 876E12F0

---- EOF - GMER 1.0.15 ----


#9 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:48 PM

Posted 18 May 2010 - 04:41 PM

Hi,

Please download mbr.exe and save it to your root directory, usually C:\ <- (Important!).
  • Go to Start > Run and type: cmd.exe
  • press Ok.
  • At the command prompt type: c:\mbr.exe -t >"C:\mbr.log"
    Note: There is a blanke between mbr.exe and -t.
  • press Enter.
  • A log file named mbr.log will be created and saved to the root of the system drive (usually C:\). The file will not open automatically, you need to go to C:\mbr.log yourself and open it.
  • Copy and paste the results of the mbr.log in your next reply.

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#10 Sugah313

Sugah313
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 19 May 2010 - 11:17 AM

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
kernel: MBR read successfully
user & kernel MBR OK


#11 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:48 PM

Posted 19 May 2010 - 12:54 PM

Hi,

please run a scan with ComboFix next:
Please download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop
  • Temporarily disable isable your AntiVirus and AntiSpyware applications. They may otherwise interfere with our tools
    Usually this can be done via a right click on the System Tray icon, check this tutorial for disabling the most common security programs: Link

  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply.

This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper


If you need help, see this link:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

regards myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#12 Sugah313

Sugah313
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 19 May 2010 - 04:10 PM

ComboFix 10-05-19.02 - Richard 05/19/2010 16:36:22.2.2 - x86 NETWORK
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2662 [GMT -4:00]
Running from: c:\documents and settings\Richard\Desktop\ComboFix.exe
AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Win
c:\win\1-INTELINF\infinst_autol.exe
c:\win\1-INTELINF\SWI.XML
c:\win\10-HDAMODEM\difxapi.dll
c:\win\10-HDAMODEM\HDAMODEM.TPI
c:\win\10-HDAMODEM\NW\_Setup.dll
c:\win\10-HDAMODEM\NW\custom.ini
c:\win\10-HDAMODEM\NW\data1.cab
c:\win\10-HDAMODEM\NW\data1.hdr
c:\win\10-HDAMODEM\NW\data2.cab
c:\win\10-HDAMODEM\NW\ISSetup.dll
c:\win\10-HDAMODEM\NW\language.dat
c:\win\10-HDAMODEM\NW\Language\ARB\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\ARB\licence.txt
c:\win\10-HDAMODEM\NW\Language\ARB\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\ARB\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\CHS\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\CHS\licence.txt
c:\win\10-HDAMODEM\NW\Language\CHS\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\CHS\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\CHT\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\CHT\licence.txt
c:\win\10-HDAMODEM\NW\Language\CHT\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\CHT\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\CSY\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\CSY\licence.txt
c:\win\10-HDAMODEM\NW\Language\CSY\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\CSY\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\DAN\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\DAN\licence.txt
c:\win\10-HDAMODEM\NW\Language\DAN\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\DAN\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\DEU\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\DEU\Licence.txt
c:\win\10-HDAMODEM\NW\Language\DEU\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\DEU\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\ELL\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\ELL\Licence.txt
c:\win\10-HDAMODEM\NW\Language\ELL\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\ELL\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\ENU\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\ENU\licence.txt
c:\win\10-HDAMODEM\NW\Language\ENU\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\ENU\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\ESP\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\ESP\Licence.txt
c:\win\10-HDAMODEM\NW\Language\ESP\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\ESP\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\FIN\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\FIN\licence.txt
c:\win\10-HDAMODEM\NW\Language\FIN\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\FIN\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\FRA\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\FRA\licence.txt
c:\win\10-HDAMODEM\NW\Language\FRA\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\FRA\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\HEB\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\HEB\licence.txt
c:\win\10-HDAMODEM\NW\Language\HEB\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\HEB\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\HUN\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\HUN\licence.txt
c:\win\10-HDAMODEM\NW\Language\HUN\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\HUN\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\ITA\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\ITA\licence.txt
c:\win\10-HDAMODEM\NW\Language\ITA\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\ITA\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\JPN\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\JPN\licence.txt
c:\win\10-HDAMODEM\NW\Language\JPN\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\JPN\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\KOR\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\KOR\licence.txt
c:\win\10-HDAMODEM\NW\Language\KOR\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\KOR\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\NLD\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\NLD\Licence.txt
c:\win\10-HDAMODEM\NW\Language\NLD\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\NLD\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\NOR\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\NOR\Licence.txt
c:\win\10-HDAMODEM\NW\Language\NOR\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\NOR\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\PLK\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\PLK\Licence.txt
c:\win\10-HDAMODEM\NW\Language\PLK\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\PLK\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\PTB\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\PTB\Licence.txt
c:\win\10-HDAMODEM\NW\Language\PTB\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\PTB\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\PTG\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\PTG\licence.txt
c:\win\10-HDAMODEM\NW\Language\PTG\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\PTG\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\RUS\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\RUS\licence.txt
c:\win\10-HDAMODEM\NW\Language\RUS\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\RUS\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\SKY\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\SKY\licence.txt
c:\win\10-HDAMODEM\NW\Language\SKY\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\SKY\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\SLV\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\SLV\Licence.txt
c:\win\10-HDAMODEM\NW\Language\SLV\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\SLV\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\SVE\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\SVE\Licence.txt
c:\win\10-HDAMODEM\NW\Language\SVE\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\SVE\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\THA\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\THA\licence.txt
c:\win\10-HDAMODEM\NW\Language\THA\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\THA\NetWait.chm
c:\win\10-HDAMODEM\NW\Language\TRK\Aboutn.dll
c:\win\10-HDAMODEM\NW\Language\TRK\licence.txt
c:\win\10-HDAMODEM\NW\Language\TRK\mohrc.dll
c:\win\10-HDAMODEM\NW\Language\TRK\NetWait.chm
c:\win\10-HDAMODEM\NW\layout.bin
c:\win\10-HDAMODEM\NW\Releases.txt
c:\win\10-HDAMODEM\NW\Setup.bmp
c:\win\10-HDAMODEM\NW\setup.exe
c:\win\10-HDAMODEM\NW\setup.ini
c:\win\10-HDAMODEM\NW\setup.inx
c:\win\10-HDAMODEM\NW\setup.iss
c:\win\10-HDAMODEM\OCP\_Setup.dll
c:\win\10-HDAMODEM\OCP\Custom.ini
c:\win\10-HDAMODEM\OCP\data1.cab
c:\win\10-HDAMODEM\OCP\data1.hdr
c:\win\10-HDAMODEM\OCP\data2.cab
c:\win\10-HDAMODEM\OCP\ikernel.ex_
c:\win\10-HDAMODEM\OCP\ISSetup.dll
c:\win\10-HDAMODEM\OCP\language.dat
c:\win\10-HDAMODEM\OCP\Language\Br\Aboutn.dll
c:\win\10-HDAMODEM\OCP\Language\Br\DLG.ini
c:\win\10-HDAMODEM\OCP\Language\Br\Licence.txt
c:\win\10-HDAMODEM\OCP\Language\CS\Aboutn.dll
c:\win\10-HDAMODEM\OCP\Language\CS\DLG.ini
c:\win\10-HDAMODEM\OCP\Language\CS\licence.txt
c:\win\10-HDAMODEM\OCP\Language\CT\Aboutn.dll
c:\win\10-HDAMODEM\OCP\Language\CT\DLG.ini
c:\win\10-HDAMODEM\OCP\Language\CT\licence.txt
c:\win\10-HDAMODEM\OCP\Language\DA\DLG.ini
c:\win\10-HDAMODEM\OCP\Language\DA\licence.txt
c:\win\10-HDAMODEM\OCP\Language\FI\DLG.ini
c:\win\10-HDAMODEM\OCP\Language\FI\licence.txt
c:\win\10-HDAMODEM\OCP\Language\FR\Aboutn.dll
c:\win\10-HDAMODEM\OCP\Language\FR\DLG.ini
c:\win\10-HDAMODEM\OCP\Language\FR\licence.txt
c:\win\10-HDAMODEM\OCP\Language\Gr\Aboutn.dll
c:\win\10-HDAMODEM\OCP\Language\Gr\DLG.ini
c:\win\10-HDAMODEM\OCP\Language\Gr\Licence.txt
c:\win\10-HDAMODEM\OCP\Language\It\Aboutn.dll
c:\win\10-HDAMODEM\OCP\Language\It\DLG.ini
c:\win\10-HDAMODEM\OCP\Language\It\licence.txt
c:\win\10-HDAMODEM\OCP\Language\JP\Aboutn.dll
c:\win\10-HDAMODEM\OCP\Language\JP\DLG.ini
c:\win\10-HDAMODEM\OCP\Language\JP\licence.txt
c:\win\10-HDAMODEM\OCP\Language\KO\Aboutn.dll
c:\win\10-HDAMODEM\OCP\Language\KO\DLG.ini
c:\win\10-HDAMODEM\OCP\Language\KO\licence.txt
c:\win\10-HDAMODEM\OCP\Language\NL\Aboutn.dll
c:\win\10-HDAMODEM\OCP\Language\NL\DLG.ini
c:\win\10-HDAMODEM\OCP\Language\NL\Licence.txt
c:\win\10-HDAMODEM\OCP\Language\NO\DLG.ini
c:\win\10-HDAMODEM\OCP\Language\NO\Licence.txt
c:\win\10-HDAMODEM\OCP\Language\PO\Aboutn.dll
c:\win\10-HDAMODEM\OCP\Language\PO\DLG.ini
c:\win\10-HDAMODEM\OCP\Language\PO\Licence.txt
c:\win\10-HDAMODEM\OCP\Language\PT\Aboutn.dll
c:\win\10-HDAMODEM\OCP\Language\PT\DLG.ini
c:\win\10-HDAMODEM\OCP\Language\PT\licence.txt
c:\win\10-HDAMODEM\OCP\Language\RU\Aboutn.dll
c:\win\10-HDAMODEM\OCP\Language\RU\DLG.ini
c:\win\10-HDAMODEM\OCP\Language\RU\licence.txt
c:\win\10-HDAMODEM\OCP\Language\SE\DLG.ini
c:\win\10-HDAMODEM\OCP\Language\SE\Licence.txt
c:\win\10-HDAMODEM\OCP\Language\SP\Aboutn.dll
c:\win\10-HDAMODEM\OCP\Language\SP\DLG.ini
c:\win\10-HDAMODEM\OCP\Language\SP\Licence.txt
c:\win\10-HDAMODEM\OCP\Language\TH\Aboutn.dll
c:\win\10-HDAMODEM\OCP\Language\TH\DLG.ini
c:\win\10-HDAMODEM\OCP\Language\TH\licence.txt
c:\win\10-HDAMODEM\OCP\Language\Us\Aboutn.dll
c:\win\10-HDAMODEM\OCP\Language\Us\DLG.ini
c:\win\10-HDAMODEM\OCP\Language\Us\licence.txt
c:\win\10-HDAMODEM\OCP\layout.bin
c:\win\10-HDAMODEM\OCP\Releases.txt
c:\win\10-HDAMODEM\OCP\setup.exe
c:\win\10-HDAMODEM\OCP\Setup.ini
c:\win\10-HDAMODEM\OCP\setup.inx
c:\win\10-HDAMODEM\OCP\setup.iss
c:\win\10-HDAMODEM\Setup.exe
c:\win\10-HDAMODEM\SWI.XML
c:\win\10-HDAMODEM\TPMDMADS.CAB
c:\win\10-HDAMODEM\UIU.INI
c:\win\10-HDAMODEM\UIU32m.exe
c:\win\10-HDAMODEM\UIUDLL.dll
c:\win\10-HDAMODEM\UIUSYS.SYS
c:\win\10-HDAMODEM\WIN2KXP\HSF_CNXT.sys
c:\win\10-HDAMODEM\WIN2KXP\HSF_DPV.sys
c:\win\10-HDAMODEM\WIN2KXP\HSFHWAZL.sys
c:\win\10-HDAMODEM\WIN2KXP\HSFProf.cty
c:\win\10-HDAMODEM\WIN2KXP\MdmXSdk.dll
c:\win\10-HDAMODEM\WIN2KXP\MDMXSDK.sys
c:\win\10-HDAMODEM\WIN2KXP\Setup.exe
c:\win\10-HDAMODEM\WIN2KXP\tkp0588k.cat
c:\win\10-HDAMODEM\WIN2KXP\Tkp0588k.inf
c:\win\10-HDAMODEM\WIN2KXP\UCI32M16.dll
c:\win\10-HDAMODEM\WIN2KXP\UIU32m.exe
c:\win\10-HDAMODEM\WIN2KXP\UIUDLL.dll
c:\win\10-HDAMODEM\WIN2KXP\UIUSYS.sys
c:\win\10-HDAMODEM\WINVISTA\difxapi.dll
c:\win\10-HDAMODEM\WINVISTA\HSFProf.cty
c:\win\10-HDAMODEM\WINVISTA\HSX_CNXT.sys
c:\win\10-HDAMODEM\WINVISTA\HSX_DPV.sys
c:\win\10-HDAMODEM\WINVISTA\HSXHWAZL.sys
c:\win\10-HDAMODEM\WINVISTA\MdmXSdk.dll
c:\win\10-HDAMODEM\WINVISTA\MDMXSDK.sys
c:\win\10-HDAMODEM\WINVISTA\Setup.exe
c:\win\10-HDAMODEM\WINVISTA\tkp0588z.cat
c:\win\10-HDAMODEM\WINVISTA\Tkp0588z.inf
c:\win\10-HDAMODEM\WINVISTA\UCI32M16.dll
c:\win\10-HDAMODEM\WINVISTA\UIU32m.exe
c:\win\10-HDAMODEM\WINVISTA\UIUDLL.dll
c:\win\10-HDAMODEM\WINVISTA\UIUSYS.sys
c:\win\10-HDAMODEM\WINVISTA\xaudio.exe
c:\win\10-HDAMODEM\WINVISTA\xaudio.sys
c:\win\10-HDAMODEM\WINVISTA64\CAX_CNXT.sys
c:\win\10-HDAMODEM\WINVISTA64\CAX_DPV.sys
c:\win\10-HDAMODEM\WINVISTA64\CAXHWAZL.sys
c:\win\10-HDAMODEM\WINVISTA64\difxapi.dll
c:\win\10-HDAMODEM\WINVISTA64\HSFProf.cty
c:\win\10-HDAMODEM\WINVISTA64\MdmXSdk.dll
c:\win\10-HDAMODEM\WINVISTA64\MDMXSDK.sys
c:\win\10-HDAMODEM\WINVISTA64\Setup64.exe
c:\win\10-HDAMODEM\WINVISTA64\tkp0588y.cat
c:\win\10-HDAMODEM\WINVISTA64\Tkp0588y.inf
c:\win\10-HDAMODEM\WINVISTA64\UCI64M16.dll
c:\win\10-HDAMODEM\WINVISTA64\UIU64m.exe
c:\win\10-HDAMODEM\WINVISTA64\UIUDLL64.dll
c:\win\10-HDAMODEM\WINVISTA64\UIUSYS64.sys
c:\win\10-HDAMODEM\WINVISTA64\XAudio64.exe
c:\win\10-HDAMODEM\WINVISTA64\XAudio64.sys
c:\win\11-WLANINT2\IBMTPI.XML
c:\win\11-WLANINT2\verfile.tic
c:\win\11-WLANINT2\WLANIN_D.TPI
c:\win\11-WLANINT2\WLANIN_U.TPI
c:\win\11-WLANINT2\WLANINT.TPI
c:\win\11-WLANINT2\WLANINT2.TPI
c:\win\11-WLANINT2\XP\Apps\x32\iProData\iconvrtr.exe
c:\win\11-WLANINT2\XP\Apps\x32\iProData\mCore.msi
c:\win\11-WLANINT2\XP\Apps\x32\iProData\mDriver.msi
c:\win\11-WLANINT2\XP\Apps\x32\iProData\mMHouse.msi
c:\win\11-WLANINT2\XP\Apps\x32\iProData\mPfMgr.msi
c:\win\11-WLANINT2\XP\Apps\x32\iProData\mProSafe.msi
c:\win\11-WLANINT2\XP\Apps\x32\iProData\msxml6.msi
c:\win\11-WLANINT2\XP\Apps\x32\iProData\mWlsSafe.msi
c:\win\11-WLANINT2\XP\Apps\x32\iProInst.bmp
c:\win\11-WLANINT2\XP\Apps\x32\iProInst.exe
c:\win\11-WLANINT2\XP\Apps\x32\iProInst.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\ARA\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\ARA\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\ARA\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\CHS\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\CHS\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\CHS\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\CHT\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\CHT\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\CHT\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\CSY\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\CSY\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\CSY\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\DAN\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\DAN\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\DAN\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\DEU\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\DEU\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\DEU\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\ELL\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\ELL\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\ELL\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\ENU\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\ENU\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\ESN\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\ESN\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\ESN\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\FIN\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\FIN\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\FIN\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\FRA\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\FRA\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\FRA\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\HEB\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\HEB\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\HEB\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\HUN\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\HUN\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\HUN\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\ITA\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\ITA\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\ITA\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\JPN\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\JPN\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\JPN\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\KOR\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\KOR\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\KOR\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\NLD\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\NLD\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\NLD\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\NOR\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\NOR\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\NOR\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\PLK\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\PLK\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\PLK\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\PTB\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\PTB\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\PTB\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\PTG\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\PTG\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\PTG\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\RUS\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\RUS\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\RUS\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\SVE\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\SVE\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\SVE\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\THA\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\THA\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\THA\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\TRK\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\TRK\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x32\iProLang\TRK\License.rtf
c:\win\11-WLANINT2\XP\Apps\x32\KILLAC.EXE
c:\win\11-WLANINT2\XP\Apps\x32\rProInst.bmp
c:\win\11-WLANINT2\XP\Apps\x64\iProData\iconvrtr.exe
c:\win\11-WLANINT2\XP\Apps\x64\iProData\mCore.msi
c:\win\11-WLANINT2\XP\Apps\x64\iProData\mDriver.msi
c:\win\11-WLANINT2\XP\Apps\x64\iProData\mMHouse.msi
c:\win\11-WLANINT2\XP\Apps\x64\iProData\mPfMgr.msi
c:\win\11-WLANINT2\XP\Apps\x64\iProData\mProSafe.msi
c:\win\11-WLANINT2\XP\Apps\x64\iProData\msxml6.msi
c:\win\11-WLANINT2\XP\Apps\x64\iProData\mWlsSafe.msi
c:\win\11-WLANINT2\XP\Apps\x64\iProInst.bmp
c:\win\11-WLANINT2\XP\Apps\x64\iProInst.exe
c:\win\11-WLANINT2\XP\Apps\x64\iProInst.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\ARA\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\ARA\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\ARA\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\CHS\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\CHS\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\CHS\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\CHT\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\CHT\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\CHT\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\CSY\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\CSY\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\CSY\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\DAN\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\DAN\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\DAN\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\DEU\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\DEU\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\DEU\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\ELL\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\ELL\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\ELL\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\ENU\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\ENU\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\ESN\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\ESN\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\ESN\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\FIN\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\FIN\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\FIN\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\FRA\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\FRA\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\FRA\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\HEB\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\HEB\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\HEB\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\HUN\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\HUN\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\HUN\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\ITA\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\ITA\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\ITA\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\JPN\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\JPN\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\JPN\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\KOR\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\KOR\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\KOR\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\NLD\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\NLD\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\NLD\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\NOR\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\NOR\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\NOR\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\PLK\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\PLK\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\PLK\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\PTB\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\PTB\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\PTB\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\PTG\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\PTG\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\PTG\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\RUS\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\RUS\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\RUS\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\SVE\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\SVE\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\SVE\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\THA\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\THA\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\THA\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\TRK\iProInst.dll
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\TRK\iProLang.ini
c:\win\11-WLANINT2\XP\Apps\x64\iProLang\TRK\License.rtf
c:\win\11-WLANINT2\XP\Apps\x64\rProInst.bmp
c:\win\11-WLANINT2\XP\Drivers\x32\DPInst32.EXE
c:\win\11-WLANINT2\XP\Drivers\x32\iProdifx.dll
c:\win\11-WLANINT2\XP\Drivers\x32\iProdifx.EXE
c:\win\11-WLANINT2\XP\Drivers\x32\NETw2c32.DLL
c:\win\11-WLANINT2\XP\Drivers\x32\NETw2r32.DLL
c:\win\11-WLANINT2\XP\Drivers\x32\NETw4c32.DLL
c:\win\11-WLANINT2\XP\Drivers\x32\NETw4k32.CAT
c:\win\11-WLANINT2\XP\Drivers\x32\NETw4k32.INF
c:\win\11-WLANINT2\XP\Drivers\x32\NETw4k32.sys
c:\win\11-WLANINT2\XP\Drivers\x32\NETw4r32.DLL
c:\win\11-WLANINT2\XP\Drivers\x32\NETw4x32.CAT
c:\win\11-WLANINT2\XP\Drivers\x32\NETw4x32.INF
c:\win\11-WLANINT2\XP\Drivers\x32\NETw4x32.sys
c:\win\11-WLANINT2\XP\Drivers\x32\w29n50.sys
c:\win\11-WLANINT2\XP\Drivers\x32\w29n51.cat
c:\win\11-WLANINT2\XP\Drivers\x32\w29n51.inf
c:\win\11-WLANINT2\XP\Drivers\x32\w29n51.sys
c:\win\11-WLANINT2\XP\Drivers\x64\DPInst64.exe
c:\win\11-WLANINT2\XP\Drivers\x64\iProDifx.dll
c:\win\11-WLANINT2\XP\Drivers\x64\iProDifX.exe
c:\win\11-WLANINT2\XP\Drivers\x64\NETw4c64.DLL
c:\win\11-WLANINT2\XP\Drivers\x64\NETw4r64.DLL
c:\win\11-WLANINT2\XP\Drivers\x64\NETw4x64.CAT
c:\win\11-WLANINT2\XP\Drivers\x64\NETw4x64.INF
c:\win\11-WLANINT2\XP\Drivers\x64\NETw4x64.sys
c:\win\12-EZEJECT\DATA1.CAB
c:\win\12-EZEJECT\DATA1.HDR
c:\win\12-EZEJECT\DATA2.CAB
c:\win\12-EZEJECT\DISKEZEJ
c:\win\12-EZEJECT\DISKEZEJ.ID
c:\win\12-EZEJECT\DISKEZEJ.VER
c:\win\12-EZEJECT\DK\EZAPPRES.DLL
c:\win\12-EZEJECT\DK\EZEJECT.CHM
c:\win\12-EZEJECT\DK\EZMAPRES.DLL
c:\win\12-EZEJECT\DK\EZTRYRES.DLL
c:\win\12-EZEJECT\EJECT.VER
c:\win\12-EZEJECT\EZEJAPP.EXE
c:\win\12-EZEJECT\EZEJECT.TPI
c:\win\12-EZEJECT\EZEJLP.DLL
c:\win\12-EZEJECT\EZEJMNAP.EXE
c:\win\12-EZEJECT\EZEJTRAY.EXE
c:\win\12-EZEJECT\FI\EZAPPRES.DLL
c:\win\12-EZEJECT\FI\EZEJECT.CHM
c:\win\12-EZEJECT\FI\EZMAPRES.DLL
c:\win\12-EZEJECT\FI\EZTRYRES.DLL
c:\win\12-EZEJECT\FR\EZAPPRES.DLL
c:\win\12-EZEJECT\FR\EZEJECT.CHM
c:\win\12-EZEJECT\FR\EZMAPRES.DLL
c:\win\12-EZEJECT\FR\EZTRYRES.DLL
c:\win\12-EZEJECT\GR\EZAPPRES.DLL
c:\win\12-EZEJECT\GR\EZEJECT.CHM
c:\win\12-EZEJECT\GR\EZMAPRES.DLL
c:\win\12-EZEJECT\GR\EZTRYRES.DLL
c:\win\12-EZEJECT\IKERNEL.EX_
c:\win\12-EZEJECT\IT\EZAPPRES.DLL
c:\win\12-EZEJECT\IT\EZEJECT.CHM
c:\win\12-EZEJECT\IT\EZMAPRES.DLL
c:\win\12-EZEJECT\IT\EZTRYRES.DLL
c:\win\12-EZEJECT\JP\EZAPPRES.DLL
c:\win\12-EZEJECT\JP\EZEJECT.CHM
c:\win\12-EZEJECT\JP\EZMAPRES.DLL
c:\win\12-EZEJECT\JP\EZTRYRES.DLL
c:\win\12-EZEJECT\KR\EZAPPRES.DLL
c:\win\12-EZEJECT\KR\EZEJECT.CHM
c:\win\12-EZEJECT\KR\EZMAPRES.DLL
c:\win\12-EZEJECT\KR\EZTRYRES.DLL
c:\win\12-EZEJECT\LAYOUT.BIN
c:\win\12-EZEJECT\NE\EZAPPRES.DLL
c:\win\12-EZEJECT\NE\EZEJECT.CHM
c:\win\12-EZEJECT\NE\EZMAPRES.DLL
c:\win\12-EZEJECT\NE\EZTRYRES.DLL
c:\win\12-EZEJECT\NO\EZAPPRES.DLL
c:\win\12-EZEJECT\NO\EZEJECT.CHM
c:\win\12-EZEJECT\NO\EZMAPRES.DLL
c:\win\12-EZEJECT\NO\EZTRYRES.DLL
c:\win\12-EZEJECT\SC\EZAPPRES.DLL
c:\win\12-EZEJECT\SC\EZEJECT.CHM
c:\win\12-EZEJECT\SC\EZMAPRES.DLL
c:\win\12-EZEJECT\SC\EZTRYRES.DLL
c:\win\12-EZEJECT\SETUP.EXE
c:\win\12-EZEJECT\SETUP.INI
c:\win\12-EZEJECT\SETUP.INX
c:\win\12-EZEJECT\SETUP.ISS
c:\win\12-EZEJECT\SP\EZAPPRES.DLL
c:\win\12-EZEJECT\SP\EZEJECT.CHM
c:\win\12-EZEJECT\SP\EZMAPRES.DLL
c:\win\12-EZEJECT\SP\EZTRYRES.DLL
c:\win\12-EZEJECT\SV\EZAPPRES.DLL
c:\win\12-EZEJECT\SV\EZEJECT.CHM
c:\win\12-EZEJECT\SV\EZMAPRES.DLL
c:\win\12-EZEJECT\SV\EZTRYRES.DLL
c:\win\12-EZEJECT\SWI.XML
c:\win\12-EZEJECT\TC\EZAPPRES.DLL
c:\win\12-EZEJECT\TC\EZEJECT.CHM
c:\win\12-EZEJECT\TC\EZMAPRES.DLL
c:\win\12-EZEJECT\TC\EZTRYRES.DLL
c:\win\12-EZEJECT\US\EZAPPRES.DLL
c:\win\12-EZEJECT\US\EZEJECT.CHM
c:\win\12-EZEJECT\US\EZMAPRES.DLL
c:\win\12-EZEJECT\US\EZTRYRES.DLL
c:\win\13-HOTKEY\install.log
c:\win\13-HOTKEY\Libif32.exe
c:\win\13-HOTKEY\LibifX64.exe
c:\win\13-HOTKEY\OSD\CPLEX\dk\tponscr.dll
c:\win\13-HOTKEY\OSD\CPLEX\dk\TPONSCR.HLP
c:\win\13-HOTKEY\OSD\CPLEX\fi\tponscr.dll
c:\win\13-HOTKEY\OSD\CPLEX\fi\TPONSCR.HLP
c:\win\13-HOTKEY\OSD\CPLEX\fr\tponscr.dll
c:\win\13-HOTKEY\OSD\CPLEX\fr\TPONSCR.HLP
c:\win\13-HOTKEY\OSD\CPLEX\gr\tponscr.dll
c:\win\13-HOTKEY\OSD\CPLEX\gr\TPONSCR.HLP
c:\win\13-HOTKEY\OSD\CPLEX\it\tponscr.dll
c:\win\13-HOTKEY\OSD\CPLEX\it\TPONSCR.HLP
c:\win\13-HOTKEY\OSD\CPLEX\jp\tponscr.dll
c:\win\13-HOTKEY\OSD\CPLEX\jp\TPONSCR.HLP
c:\win\13-HOTKEY\OSD\CPLEX\ne\tponscr.dll
c:\win\13-HOTKEY\OSD\CPLEX\ne\TPONSCR.HLP
c:\win\13-HOTKEY\OSD\CPLEX\no\tponscr.dll
c:\win\13-HOTKEY\OSD\CPLEX\no\TPONSCR.HLP
c:\win\13-HOTKEY\OSD\CPLEX\sp\tponscr.dll
c:\win\13-HOTKEY\OSD\CPLEX\sp\TPONSCR.HLP
c:\win\13-HOTKEY\OSD\CPLEX\sv\tponscr.dll
c:\win\13-HOTKEY\OSD\CPLEX\sv\TPONSCR.HLP
c:\win\13-HOTKEY\OSD\CPLEX\us\tponscr.dll
c:\win\13-HOTKEY\OSD\CPLEX\us\TPONSCR.HLP
c:\win\13-HOTKEY\OSD\F2\gdiplus.dll
c:\win\13-HOTKEY\OSD\F2\notifyf2.dll
c:\win\13-HOTKEY\OSD\F2\TPFNF2.exe
c:\win\13-HOTKEY\OSD\F2\TPFnF2.ini
c:\win\13-HOTKEY\OSD\F5\ABGWrap.dll
c:\win\13-HOTKEY\OSD\F5\ABWrap.dll
c:\win\13-HOTKEY\OSD\F5\ARWrap.dll
c:\win\13-HOTKEY\OSD\F5\ArWrap_2.dll
c:\win\13-HOTKEY\OSD\F5\ArWrapV2.dll
c:\win\13-HOTKEY\OSD\F5\BrcmWrap.dll
c:\win\13-HOTKEY\OSD\F5\dk\TpFnF5.dll
c:\win\13-HOTKEY\OSD\F5\fi\TpFnF5.dll
c:\win\13-HOTKEY\OSD\F5\FnF5svc.exe
c:\win\13-HOTKEY\OSD\F5\fr\TpFnF5.dll
c:\win\13-HOTKEY\OSD\F5\GlWrap.dll
c:\win\13-HOTKEY\OSD\F5\gr\TpFnF5.dll
c:\win\13-HOTKEY\OSD\F5\it\TpFnF5.dll
c:\win\13-HOTKEY\OSD\F5\jp\TpFnF5.dll
c:\win\13-HOTKEY\OSD\F5\KddiWrap.dll
c:\win\13-HOTKEY\OSD\F5\kr\TpFnF5.dll
c:\win\13-HOTKEY\OSD\F5\MSVCP60.DLL
c:\win\13-HOTKEY\OSD\F5\NativeWl.dll
c:\win\13-HOTKEY\OSD\F5\ne\TpFnF5.dll
c:\win\13-HOTKEY\OSD\F5\no\TpFnF5.dll
c:\win\13-HOTKEY\OSD\F5\pmev2_1.exe
c:\win\13-HOTKEY\OSD\F5\pmev2_1.ini
c:\win\13-HOTKEY\OSD\F5\sc\TpFnF5.dll
c:\win\13-HOTKEY\OSD\F5\sp\TpFnF5.dll
c:\win\13-HOTKEY\OSD\F5\sv\TpFnF5.dll
c:\win\13-HOTKEY\OSD\F5\SwiWrap.dll
c:\win\13-HOTKEY\OSD\F5\SwiWrapV.dll
c:\win\13-HOTKEY\OSD\F5\tc\TpFnF5.dll
c:\win\13-HOTKEY\OSD\F5\TpFnF5.dll
c:\win\13-HOTKEY\OSD\F5\TpFnF5.exe
c:\win\13-HOTKEY\OSD\F5\UB_ATCMD.dll
c:\win\13-HOTKEY\OSD\F5\us\TpFnF5.dll
c:\win\13-HOTKEY\OSD\F8\TPFNF8.exe
c:\win\13-HOTKEY\OSD\F8\TPFNF8.INI
c:\win\13-HOTKEY\OSD\F9\tpfnf9.exe
c:\win\13-HOTKEY\OSD\hkvolkey.dll
c:\win\13-HOTKEY\OSD\kcuif32.dll
c:\win\13-HOTKEY\OSD\kcuifX64.dll
c:\win\13-HOTKEY\OSD\MFC71U.DLL
c:\win\13-HOTKEY\OSD\msvcp71.dll
c:\win\13-HOTKEY\OSD\MSVCR71.DLL
c:\win\13-HOTKEY\OSD\regcat.exe
c:\win\13-HOTKEY\OSD\tphk_3k.inf
c:\win\13-HOTKEY\OSD\tphk_tp.inf
c:\win\13-HOTKEY\OSD\tphkdrv.cat
c:\win\13-HOTKEY\OSD\TPHKDRV.sys
c:\win\13-HOTKEY\OSD\tphklock.dll
c:\win\13-HOTKEY\OSD\tphksvc.exe
c:\win\13-HOTKEY\OSD\tplhmm.dll
c:\win\13-HOTKEY\OSD\tponscr.exe
c:\win\13-HOTKEY\OSD\tposdsvc.dll
c:\win\13-HOTKEY\OSD\tposdsvc.exe
c:\win\13-HOTKEY\OSD\virtfn_0.dll
c:\win\13-HOTKEY\OSD\virtfnrc.ini
c:\win\13-HOTKEY\OSD\VOLCTL\TpVolCtl.exe
c:\win\13-HOTKEY\OSD\VOLCTL\TpWAud32.dll
c:\win\13-HOTKEY\OSD\VOLCTL\TpWAud32.exe
c:\win\13-HOTKEY\OSD\VOLCTL\TpWAud64.dll
c:\win\13-HOTKEY\OSD\VOLCTL\TpWAud64.exe
c:\win\13-HOTKEY\SETUP.EXE
c:\win\13-HOTKEY\SWI.XML
c:\win\13-HOTKEY\SWI32.sys
c:\win\13-HOTKEY\SWIX64.sys
c:\win\13-HOTKEY\tpilibb.dll
c:\win\13-HOTKEY\TpiSetup.dat
c:\win\13-HOTKEY\TpiSetup.dll
c:\win\13-HOTKEY\ZOOM\TpScrEx.exe
c:\win\13-HOTKEY\ZOOM\TpScrEx.inf
c:\win\14-p961b_fprx32_562ww.exe
c:\win\2-DISPLAY\Advanced.tv_
c:\win\2-DISPLAY\CAD.tv_
c:\win\2-DISPLAY\data1.cab
c:\win\2-DISPLAY\data1.hdr
c:\win\2-DISPLAY\data2.cab
c:\win\2-DISPLAY\DCC.tv_
c:\win\2-DISPLAY\default.tv_
c:\win\2-DISPLAY\engine32.cab
c:\win\2-DISPLAY\Finance.tv_
c:\win\2-DISPLAY\keystone.ex_
c:\win\2-DISPLAY\layout.bin
c:\win\2-DISPLAY\modes.txt
c:\win\2-DISPLAY\nv3d.chm
c:\win\2-DISPLAY\nv3dARA.chm
c:\win\2-DISPLAY\nv3dCHS.chm
c:\win\2-DISPLAY\nv3dCHT.chm
c:\win\2-DISPLAY\nv3dCSY.chm
c:\win\2-DISPLAY\nv3dDAN.chm
c:\win\2-DISPLAY\nv3dDEU.chm
c:\win\2-DISPLAY\nv3dELL.chm
c:\win\2-DISPLAY\nv3dENG.chm
c:\win\2-DISPLAY\nv3dESM.chm
c:\win\2-DISPLAY\nv3dESN.chm
c:\win\2-DISPLAY\nv3dFIN.chm
c:\win\2-DISPLAY\nv3dFRA.chm
c:\win\2-DISPLAY\nv3dHEB.chm
c:\win\2-DISPLAY\nv3dHUN.chm
c:\win\2-DISPLAY\nv3dITA.chm
c:\win\2-DISPLAY\nv3dJPN.chm
c:\win\2-DISPLAY\nv3dKOR.chm
c:\win\2-DISPLAY\nv3dNLD.chm
c:\win\2-DISPLAY\nv3dNOR.chm
c:\win\2-DISPLAY\nv3dPLK.chm
c:\win\2-DISPLAY\nv3dPTB.chm
c:\win\2-DISPLAY\nv3dPTG.chm
c:\win\2-DISPLAY\nv3dRUS.chm
c:\win\2-DISPLAY\nv3dSKY.chm
c:\win\2-DISPLAY\nv3dSLV.chm
c:\win\2-DISPLAY\nv3dSVE.chm
c:\win\2-DISPLAY\nv3dTHA.chm
c:\win\2-DISPLAY\nv3dTRK.chm
c:\win\2-DISPLAY\nv4_disp.dl_
c:\win\2-DISPLAY\nv4_mini.sy_
c:\win\2-DISPLAY\nvapi.dl_
c:\win\2-DISPLAY\nvappbar.ex_
c:\win\2-DISPLAY\NvApps.xm_
c:\win\2-DISPLAY\nvcod.dl_
c:\win\2-DISPLAY\NVCPAR.HL_
c:\win\2-DISPLAY\NVCPCS.HL_
c:\win\2-DISPLAY\NVCPDA.HL_
c:\win\2-DISPLAY\NVCPDE.HL_
c:\win\2-DISPLAY\NVCPEL.HL_
c:\win\2-DISPLAY\NVCPENG.HL_
c:\win\2-DISPLAY\NVCPES.HL_
c:\win\2-DISPLAY\NVCPESM.HL_
c:\win\2-DISPLAY\NVCPFI.HL_
c:\win\2-DISPLAY\NVCPFR.HL_
c:\win\2-DISPLAY\NVCPHE.HL_
c:\win\2-DISPLAY\NVCPHU.HL_
c:\win\2-DISPLAY\NVCPIT.HL_
c:\win\2-DISPLAY\NVCPJA.HL_
c:\win\2-DISPLAY\NVCPKO.HL_
c:\win\2-DISPLAY\nvcpl.chm
c:\win\2-DISPLAY\nvcpl.cp_
c:\win\2-DISPLAY\NvCpl.dl_
c:\win\2-DISPLAY\NVCPL.HL_
c:\win\2-DISPLAY\nvcplara.chm
c:\win\2-DISPLAY\nvcplchs.chm
c:\win\2-DISPLAY\nvcplcht.chm
c:\win\2-DISPLAY\nvcplcsy.chm
c:\win\2-DISPLAY\nvcpldan.chm
c:\win\2-DISPLAY\nvcpldeu.chm
c:\win\2-DISPLAY\nvcplell.chm
c:\win\2-DISPLAY\nvcpleng.chm
c:\win\2-DISPLAY\nvcplesm.chm
c:\win\2-DISPLAY\nvcplesn.chm
c:\win\2-DISPLAY\nvcplfin.chm
c:\win\2-DISPLAY\nvcplfra.chm
c:\win\2-DISPLAY\nvcplheb.chm
c:\win\2-DISPLAY\nvcplhun.chm
c:\win\2-DISPLAY\nvcplita.chm
c:\win\2-DISPLAY\nvcpljpn.chm
c:\win\2-DISPLAY\nvcplkor.chm
c:\win\2-DISPLAY\nvcplnld.chm
c:\win\2-DISPLAY\nvcplnor.chm
c:\win\2-DISPLAY\nvcplplk.chm
c:\win\2-DISPLAY\nvcplptb.chm
c:\win\2-DISPLAY\nvcplptg.chm
c:\win\2-DISPLAY\nvcplrus.chm
c:\win\2-DISPLAY\nvcplsky.chm
c:\win\2-DISPLAY\nvcplslv.chm
c:\win\2-DISPLAY\nvcplsve.chm
c:\win\2-DISPLAY\nvcpltha.chm
c:\win\2-DISPLAY\nvcpltrk.chm
c:\win\2-DISPLAY\nvcplui.ex_
c:\win\2-DISPLAY\nvcpluir.dl_
c:\win\2-DISPLAY\NVCPNL.HL_
c:\win\2-DISPLAY\NVCPNO.HL_
c:\win\2-DISPLAY\NVCPPL.HL_
c:\win\2-DISPLAY\NVCPPT.HL_
c:\win\2-DISPLAY\NVCPPTB.HL_
c:\win\2-DISPLAY\NVCPRU.HL_
c:\win\2-DISPLAY\NVCPSK.HL_
c:\win\2-DISPLAY\NVCPSL.HL_
c:\win\2-DISPLAY\NVCPSV.HL_
c:\win\2-DISPLAY\NVCPTH.HL_
c:\win\2-DISPLAY\NVCPTR.HL_
c:\win\2-DISPLAY\NVCPZHC.HL_
c:\win\2-DISPLAY\NVCPZHT.HL_
c:\win\2-DISPLAY\NVDisp.nvu
c:\win\2-DISPLAY\nvDispS.dl_
c:\win\2-DISPLAY\nvDispSR.dl_
c:\win\2-DISPLAY\nvdsp.chm
c:\win\2-DISPLAY\nvdspARA.chm
c:\win\2-DISPLAY\nvdspCHS.chm
c:\win\2-DISPLAY\nvdspCHT.chm
c:\win\2-DISPLAY\nvdspCSY.chm
c:\win\2-DISPLAY\nvdspDAN.chm
c:\win\2-DISPLAY\nvdspDEU.chm
c:\win\2-DISPLAY\nvdspELL.chm
c:\win\2-DISPLAY\nvdspENG.chm
c:\win\2-DISPLAY\nvdspESM.chm
c:\win\2-DISPLAY\nvdspESN.chm
c:\win\2-DISPLAY\nvdspFIN.chm
c:\win\2-DISPLAY\nvdspFRA.chm
c:\win\2-DISPLAY\nvdspHEB.chm
c:\win\2-DISPLAY\nvdspHUN.chm
c:\win\2-DISPLAY\nvdspITA.chm
c:\win\2-DISPLAY\nvdspJPN.chm
c:\win\2-DISPLAY\nvdspKOR.chm
c:\win\2-DISPLAY\nvdspNLD.chm
c:\win\2-DISPLAY\nvdspNOR.chm
c:\win\2-DISPLAY\nvdspPLK.chm
c:\win\2-DISPLAY\nvdspPTB.chm
c:\win\2-DISPLAY\nvdspPTG.chm
c:\win\2-DISPLAY\nvdspRUS.chm
c:\win\2-DISPLAY\nvdspsch.ex_
c:\win\2-DISPLAY\nvdspSKY.chm
c:\win\2-DISPLAY\nvdspSLV.chm
c:\win\2-DISPLAY\nvdspSVE.chm
c:\win\2-DISPLAY\nvdspTHA.chm
c:\win\2-DISPLAY\nvdspTRK.chm
c:\win\2-DISPLAY\nvexpbar.dl_
c:\win\2-DISPLAY\nvGameS.dl_
c:\win\2-DISPLAY\nvGameSR.dl_
c:\win\2-DISPLAY\nview.dl_
c:\win\2-DISPLAY\nvlt.cat
c:\win\2-DISPLAY\NVLT.inf
c:\win\2-DISPLAY\nvMccsS.dl_
c:\win\2-DISPLAY\nvMccsSR.dl_
c:\win\2-DISPLAY\NvMCTray.dl_
c:\win\2-DISPLAY\nvmob.chm
c:\win\2-DISPLAY\nvmobARA.chm
c:\win\2-DISPLAY\nvmobCHS.chm
c:\win\2-DISPLAY\nvmobCHT.chm
c:\win\2-DISPLAY\nvmobCSY.chm
c:\win\2-DISPLAY\nvmobDAN.chm
c:\win\2-DISPLAY\nvmobDEU.chm
c:\win\2-DISPLAY\nvmobELL.chm
c:\win\2-DISPLAY\nvmobENG.chm
c:\win\2-DISPLAY\nvmobESM.chm
c:\win\2-DISPLAY\nvmobESN.chm
c:\win\2-DISPLAY\nvmobFIN.chm
c:\win\2-DISPLAY\nvmobFRA.chm
c:\win\2-DISPLAY\nvmobHEB.chm
c:\win\2-DISPLAY\nvmobHUN.chm
c:\win\2-DISPLAY\nvmobITA.chm
c:\win\2-DISPLAY\nvmobJPN.chm
c:\win\2-DISPLAY\nvmobKOR.chm
c:\win\2-DISPLAY\nvMoblS.dl_
c:\win\2-DISPLAY\nvMoblSR.dl_
c:\win\2-DISPLAY\nvmobNLD.chm
c:\win\2-DISPLAY\nvmobNOR.chm
c:\win\2-DISPLAY\nvmobPLK.chm
c:\win\2-DISPLAY\nvmobPTB.chm
c:\win\2-DISPLAY\nvmobPTG.chm
c:\win\2-DISPLAY\nvmobRUS.chm
c:\win\2-DISPLAY\nvmobSKY.chm
c:\win\2-DISPLAY\nvmobSLV.chm
c:\win\2-DISPLAY\nvmobSVE.chm
c:\win\2-DISPLAY\nvmobTHA.chm
c:\win\2-DISPLAY\nvmobTRK.chm
c:\win\2-DISPLAY\nvoglnt.dl_
c:\win\2-DISPLAY\NVRSAR.dl_
c:\win\2-DISPLAY\NVRSCS.dl_
c:\win\2-DISPLAY\NVRSDA.dl_
c:\win\2-DISPLAY\NVRSDE.dl_
c:\win\2-DISPLAY\NVRSEL.dl_
c:\win\2-DISPLAY\NVRSENG.dl_
c:\win\2-DISPLAY\NVRSES.dl_
c:\win\2-DISPLAY\NVRSESM.dl_
c:\win\2-DISPLAY\NVRSFI.dl_
c:\win\2-DISPLAY\NVRSFR.dl_
c:\win\2-DISPLAY\NVRSHE.dl_
c:\win\2-DISPLAY\NVRSHU.dl_
c:\win\2-DISPLAY\NVRSIT.dl_
c:\win\2-DISPLAY\NVRSJA.dl_
c:\win\2-DISPLAY\NVRSKO.dl_
c:\win\2-DISPLAY\NVRSNL.dl_
c:\win\2-DISPLAY\NVRSNO.dl_
c:\win\2-DISPLAY\NVRSPL.dl_
c:\win\2-DISPLAY\NVRSPT.dl_
c:\win\2-DISPLAY\NVRSPTB.dl_
c:\win\2-DISPLAY\NVRSRU.dl_
c:\win\2-DISPLAY\NVRSSK.dl_
c:\win\2-DISPLAY\NVRSSL.dl_
c:\win\2-DISPLAY\NVRSSV.dl_
c:\win\2-DISPLAY\NVRSTH.dl_
c:\win\2-DISPLAY\NVRSTR.dl_
c:\win\2-DISPLAY\NVRSZHC.dl_
c:\win\2-DISPLAY\NVRSZHT.dl_
c:\win\2-DISPLAY\nvshell.dl_
c:\win\2-DISPLAY\nvsvc32.ex_
c:\win\2-DISPLAY\nvtuicpl.cp_
c:\win\2-DISPLAY\nvudisp.exe
c:\win\2-DISPLAY\nvuninst.ba_
c:\win\2-DISPLAY\nvViTvS.dl_
c:\win\2-DISPLAY\nvViTvSR.dl_
c:\win\2-DISPLAY\nvwcpar.hl_
c:\win\2-DISPLAY\nvwcpcs.hl_
c:\win\2-DISPLAY\nvwcpda.hl_
c:\win\2-DISPLAY\nvwcpde.hl_
c:\win\2-DISPLAY\nvwcpel.hl_
c:\win\2-DISPLAY\nvwcpeng.hl_
c:\win\2-DISPLAY\nvwcpes.hl_
c:\win\2-DISPLAY\nvwcpesm.hl_
c:\win\2-DISPLAY\nvwcpfi.hl_
c:\win\2-DISPLAY\nvwcpfr.hl_
c:\win\2-DISPLAY\nvwcphe.hl_
c:\win\2-DISPLAY\nvwcphu.hl_
c:\win\2-DISPLAY\nvwcpit.hl_
c:\win\2-DISPLAY\nvwcpja.hl_
c:\win\2-DISPLAY\nvwcpko.hl_
c:\win\2-DISPLAY\nvwcplen.hl_
c:\win\2-DISPLAY\nvwcpnl.hl_
c:\win\2-DISPLAY\nvwcpno.hl_
c:\win\2-DISPLAY\nvwcppl.hl_
c:\win\2-DISPLAY\nvwcppt.hl_
c:\win\2-DISPLAY\nvwcpptb.hl_
c:\win\2-DISPLAY\nvwcpru.hl_
c:\win\2-DISPLAY\nvwcpsk.hl_
c:\win\2-DISPLAY\nvwcpsl.hl_
c:\win\2-DISPLAY\nvwcpsv.hl_
c:\win\2-DISPLAY\nvwcpth.hl_
c:\win\2-DISPLAY\nvwcptr.hl_
c:\win\2-DISPLAY\nvwcpzhc.hl_
c:\win\2-DISPLAY\nvwcpzht.hl_
c:\win\2-DISPLAY\nvwddi.dl_
c:\win\2-DISPLAY\nvwdmcpl.dl_
c:\win\2-DISPLAY\nvwimg.dl_
c:\win\2-DISPLAY\nvwrsar.dl_
c:\win\2-DISPLAY\nvwrscs.dl_
c:\win\2-DISPLAY\nvwrsda.dl_
c:\win\2-DISPLAY\nvwrsde.dl_
c:\win\2-DISPLAY\nvwrsel.dl_
c:\win\2-DISPLAY\nvwrseng.dl_
c:\win\2-DISPLAY\nvwrses.dl_
c:\win\2-DISPLAY\nvwrsesm.dl_
c:\win\2-DISPLAY\nvwrsfi.dl_
c:\win\2-DISPLAY\nvwrsfr.dl_
c:\win\2-DISPLAY\nvwrshe.dl_
c:\win\2-DISPLAY\nvwrshu.dl_
c:\win\2-DISPLAY\nvwrsit.dl_
c:\win\2-DISPLAY\nvwrsja.dl_
c:\win\2-DISPLAY\nvwrsko.dl_
c:\win\2-DISPLAY\nvwrsnl.dl_
c:\win\2-DISPLAY\nvwrsno.dl_
c:\win\2-DISPLAY\nvwrspl.dl_
c:\win\2-DISPLAY\nvwrspt.dl_
c:\win\2-DISPLAY\nvwrsptb.dl_
c:\win\2-DISPLAY\nvwrsru.dl_
c:\win\2-DISPLAY\nvwrssk.dl_
c:\win\2-DISPLAY\nvwrssl.dl_
c:\win\2-DISPLAY\nvwrssv.dl_
c:\win\2-DISPLAY\nvwrsth.dl_
c:\win\2-DISPLAY\nvwrstr.dl_
c:\win\2-DISPLAY\nvwrszhc.dl_
c:\win\2-DISPLAY\nvwrszht.dl_
c:\win\2-DISPLAY\NvwsApps.xm_
c:\win\2-DISPLAY\nvwss.dl_
c:\win\2-DISPLAY\nvwssr.dl_
c:\win\2-DISPLAY\nwiz.ex_
c:\win\2-DISPLAY\OEMDSPIF.dl_
c:\win\2-DISPLAY\setup.bmp
c:\win\2-DISPLAY\setup.exe
c:\win\2-DISPLAY\setup.ibt
c:\win\2-DISPLAY\setup.ini
c:\win\2-DISPLAY\setup.inx
c:\win\2-DISPLAY\setup.iss
c:\win\2-DISPLAY\setup.skin
c:\win\2-DISPLAY\SWI.XML
c:\win\2-DISPLAY\video.tpi
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\1028.mst
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\1030.mst
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\1031.mst
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\1033.mst
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\1034.mst
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\1035.mst
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\1036.mst
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\1040.mst
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\1041.mst
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\1042.mst
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\1043.mst
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\1044.mst
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\1046.mst
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\1053.mst
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\2052.mst
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\ANS.cab
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\CDM.cab
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\custom.ini
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\DMIX.cab
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\DRIVERS\ANSM2KXP.INF
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\DRIVERS\ANSP2KXP.INF
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\DRIVERS\ians2kxp.cat
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\DRIVERS\iansmsg.dll
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\DRIVERS\iansw2k.sys
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\DRIVERS\ianswxp.sys
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\DRIVERS\Ncs2Setp.dll
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\DRIVERS\NicCo.dll
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\DRIVERS\NicInst.dll
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\DRIVERS\PRONtObj.dll
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\DxSetup.EXE
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\DxSetup.ini
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\LR_DMIX.cab
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\OemVer.reg
c:\win\3-ETHERNET\APPS\PROSETDX\Win32\PROSETDX.msi
c:\win\3-ETHERNET\APPS\SETUP\PUSH\pushcopy.bat
c:\win\3-ETHERNET\APPS\SETUP\PUSH\WIN2K\INSTALL.BAT
c:\win\3-ETHERNET\APPS\SETUP\PUSH\WIN2K\pushw2k.txt
c:\win\3-ETHERNET\APPS\SETUP\PUSH\WIN2K\unattend.txt
c:\win\3-ETHERNET\APPS\SETUP\PUSH\WS03XP32\INSTALL.BAT
c:\win\3-ETHERNET\APPS\SETUP\PUSH\WS03XP32\PUSHWS3.TXT
c:\win\3-ETHERNET\APPS\SETUP\PUSH\WS03XP32\PUSHXP.TXT
c:\win\3-ETHERNET\APPS\SETUP\PUSH\WS03XP32\UNATTEND.TXT
c:\win\3-ETHERNET\APPS\SETUP\SETUPBD\Win32\NetInst.dll
c:\win\3-ETHERNET\APPS\SETUP\SETUPBD\Win32\SetBDRes.dll
c:\win\3-ETHERNET\APPS\SETUP\SETUPBD\Win32\SetupBD.din
c:\win\3-ETHERNET\APPS\SETUP\SETUPBD\Win32\SetupBD.exe
c:\win\3-ETHERNET\APPS\SETUP\SETUPBD\Win32\Setupbd.ini
c:\win\3-ETHERNET\PRO1000\Win32\e1000325.cat
c:\win\3-ETHERNET\PRO1000\Win32\e1000325.din
c:\win\3-ETHERNET\PRO1000\Win32\e1000325.inf
c:\win\3-ETHERNET\PRO1000\Win32\E1000325.sys
c:\win\3-ETHERNET\PRO1000\Win32\e1000msg.dll
c:\win\3-ETHERNET\PRO1000\Win32\e1000nt5.din
c:\win\3-ETHERNET\PRO1000\Win32\E1000NT5.SYS
c:\win\3-ETHERNET\PRO1000\Win32\e1e5032.din
c:\win\3-ETHERNET\PRO1000\Win32\E1e5032.SYS
c:\win\3-ETHERNET\PRO1000\Win32\e1e5132.cat
c:\win\3-ETHERNET\PRO1000\Win32\e1e5132.din
c:\win\3-ETHERNET\PRO1000\Win32\e1e5132.inf
c:\win\3-ETHERNET\PRO1000\Win32\e1e5132.sys
c:\win\3-ETHERNET\PRO1000\Win32\e1e6032.cat
c:\win\3-ETHERNET\PRO1000\Win32\e1e6032.din
c:\win\3-ETHERNET\PRO1000\Win32\e1e6032.inf
c:\win\3-ETHERNET\PRO1000\Win32\e1e6032.sys
c:\win\3-ETHERNET\PRO1000\Win32\e1g6032.cat
c:\win\3-ETHERNET\PRO1000\Win32\e1g6032.din
c:\win\3-ETHERNET\PRO1000\Win32\e1g6032.inf
c:\win\3-ETHERNET\PRO1000\Win32\E1G60I32.sys
c:\win\3-ETHERNET\PRO1000\Win32\NicCo.dll
c:\win\3-ETHERNET\PRO1000\Win32\NicEtCo.dll
c:\win\3-ETHERNET\PRO1000\Win32\NicEtCoE.dll
c:\win\3-ETHERNET\PRO1000\Win32\NicInst.dll
c:\win\3-ETHERNET\PRO1000\Win32\NicInstE.dll
c:\win\3-ETHERNET\PRO1000\Win32\PROUnstl.exe
c:\win\3-ETHERNET\PRO1000\Win32\RIS_INF\e1000325.zip
c:\win\3-ETHERNET\PRO1000\Win32\RIS_INF\e1000nt5.zip
c:\win\3-ETHERNET\PRO1000\Win32\RIS_INF\e1e5032.zip
c:\win\3-ETHERNET\PRO1000\Win32\RIS_INF\e1e5132.zip
c:\win\3-ETHERNET\PRO1000\Win32\RIS_INF\readme.txt
c:\win\3-ETHERNET\PRO1000\Win32\v1e5132.cat
c:\win\3-ETHERNET\SWI.XML
c:\win\3-ETHERNET\verfile.tic
c:\win\4-IBMPM\data1.cab
c:\win\4-IBMPM\data1.hdr
c:\win\4-IBMPM\data2.cab
c:\win\4-IBMPM\DISKKU.VER
c:\win\4-IBMPM\ibmpmdrv.cat
c:\win\4-IBMPM\IBMPMDRV.INF
c:\win\4-IBMPM\ikernel.ex_
c:\win\4-IBMPM\InsHlp64.exe
c:\win\4-IBMPM\InsHlp86.exe
c:\win\4-IBMPM\layout.bin
c:\win\4-IBMPM\Setup.exe
c:\win\4-IBMPM\Setup.ini
c:\win\4-IBMPM\setup.inx
c:\win\4-IBMPM\setup.iss
c:\win\4-IBMPM\SWI.XML
c:\win\4-IBMPM\x64\ibmpmdrv.sys
c:\win\4-IBMPM\x64\ibmpmsvc.exe
c:\win\4-IBMPM\x64\TpInsPM.dll
c:\win\4-IBMPM\x86\ibmpmdrv.sys
c:\win\4-IBMPM\x86\ibmpmsvc.exe
c:\win\4-IBMPM\x86\TpInsPM.dll
c:\win\5-PWRMGR\BATLOGDL.DLL
c:\win\5-PWRMGR\BATLOGEX.DLL
c:\win\5-PWRMGR\DATA1.CAB
c:\win\5-PWRMGR\DATA1.HDR
c:\win\5-PWRMGR\DATA2.CAB
c:\win\5-PWRMGR\DISKPWM
c:\win\5-PWRMGR\DISKPWM.ID
c:\win\5-PWRMGR\DISKPWM.VER
c:\win\5-PWRMGR\DK\PWMPSDF.INI
c:\win\5-PWRMGR\DK\PWRMGR.CHM
c:\win\5-PWRMGR\DK\PWRMGRRD.DLL
c:\win\5-PWRMGR\DK\PWRMGRRO.DLL
c:\win\5-PWRMGR\DK\PWRMGRRP.DLL
c:\win\5-PWRMGR\DK\PWRMGRRT.DLL
c:\win\5-PWRMGR\FI\PWMPSDF.INI
c:\win\5-PWRMGR\FI\PWRMGR.CHM
c:\win\5-PWRMGR\FI\PWRMGRRD.DLL
c:\win\5-PWRMGR\FI\PWRMGRRO.DLL
c:\win\5-PWRMGR\FI\PWRMGRRP.DLL
c:\win\5-PWRMGR\FI\PWRMGRRT.DLL
c:\win\5-PWRMGR\FR\PWMPSDF.INI
c:\win\5-PWRMGR\FR\PWRMGR.CHM
c:\win\5-PWRMGR\FR\PWRMGRRD.DLL
c:\win\5-PWRMGR\FR\PWRMGRRO.DLL
c:\win\5-PWRMGR\FR\PWRMGRRP.DLL
c:\win\5-PWRMGR\FR\PWRMGRRT.DLL
c:\win\5-PWRMGR\GR\PWMPSDF.INI
c:\win\5-PWRMGR\GR\PWRMGR.CHM
c:\win\5-PWRMGR\GR\PWRMGRRD.DLL
c:\win\5-PWRMGR\GR\PWRMGRRO.DLL
c:\win\5-PWRMGR\GR\PWRMGRRP.DLL
c:\win\5-PWRMGR\GR\PWRMGRRT.DLL
c:\win\5-PWRMGR\IKERNEL.EX_
c:\win\5-PWRMGR\IT\PWMPSDF.INI
c:\win\5-PWRMGR\IT\PWRMGR.CHM
c:\win\5-PWRMGR\IT\PWRMGRRD.DLL
c:\win\5-PWRMGR\IT\PWRMGRRO.DLL
c:\win\5-PWRMGR\IT\PWRMGRRP.DLL
c:\win\5-PWRMGR\IT\PWRMGRRT.DLL
c:\win\5-PWRMGR\JP\PWMPSDF.INI
c:\win\5-PWRMGR\JP\PWRMGR.CHM
c:\win\5-PWRMGR\JP\PWRMGRRD.DLL
c:\win\5-PWRMGR\JP\PWRMGRRO.DLL
c:\win\5-PWRMGR\JP\PWRMGRRP.DLL
c:\win\5-PWRMGR\JP\PWRMGRRT.DLL
c:\win\5-PWRMGR\KR\PWMPSDF.INI
c:\win\5-PWRMGR\KR\PWRMGR.CHM
c:\win\5-PWRMGR\KR\PWRMGRRD.DLL
c:\win\5-PWRMGR\KR\PWRMGRRO.DLL
c:\win\5-PWRMGR\KR\PWRMGRRP.DLL
c:\win\5-PWRMGR\KR\PWRMGRRT.DLL
c:\win\5-PWRMGR\LAYOUT.BIN
c:\win\5-PWRMGR\NE\PWMPSDF.INI
c:\win\5-PWRMGR\NE\PWRMGR.CHM
c:\win\5-PWRMGR\NE\PWRMGRRD.DLL
c:\win\5-PWRMGR\NE\PWRMGRRO.DLL
c:\win\5-PWRMGR\NE\PWRMGRRP.DLL
c:\win\5-PWRMGR\NE\PWRMGRRT.DLL
c:\win\5-PWRMGR\NO\PWMPSDF.INI
c:\win\5-PWRMGR\NO\PWRMGR.CHM
c:\win\5-PWRMGR\NO\PWRMGRRD.DLL
c:\win\5-PWRMGR\NO\PWRMGRRO.DLL
c:\win\5-PWRMGR\NO\PWRMGRRP.DLL
c:\win\5-PWRMGR\NO\PWRMGRRT.DLL
c:\win\5-PWRMGR\PWMBHDF.INI
c:\win\5-PWRMGR\PWMBTHLP.EXE
c:\win\5-PWRMGR\PWMIDTSK.EXE
c:\win\5-PWRMGR\PWMOSD.EXE
c:\win\5-PWRMGR\PWRMGR.OCX
c:\win\5-PWRMGR\PWRMGR.TPI
c:\win\5-PWRMGR\PWRMGR.VER
c:\win\5-PWRMGR\PWRMGRIF.DLL
c:\win\5-PWRMGR\PWRMGRTR.DLL
c:\win\5-PWRMGR\SC\PWMPSDF.INI
c:\win\5-PWRMGR\SC\PWRMGR.CHM
c:\win\5-PWRMGR\SC\PWRMGRRD.DLL
c:\win\5-PWRMGR\SC\PWRMGRRO.DLL
c:\win\5-PWRMGR\SC\PWRMGRRP.DLL
c:\win\5-PWRMGR\SC\PWRMGRRT.DLL
c:\win\5-PWRMGR\SETUP.EXE
c:\win\5-PWRMGR\SETUP.INI
c:\win\5-PWRMGR\SETUP.INX
c:\win\5-PWRMGR\SETUP.ISS
c:\win\5-PWRMGR\SP\PWMPSDF.INI
c:\win\5-PWRMGR\SP\PWRMGR.CHM
c:\win\5-PWRMGR\SP\PWRMGRRD.DLL
c:\win\5-PWRMGR\SP\PWRMGRRO.DLL
c:\win\5-PWRMGR\SP\PWRMGRRP.DLL
c:\win\5-PWRMGR\SP\PWRMGRRT.DLL
c:\win\5-PWRMGR\SV\PWMPSDF.INI
c:\win\5-PWRMGR\SV\PWRMGR.CHM
c:\win\5-PWRMGR\SV\PWRMGRRD.DLL
c:\win\5-PWRMGR\SV\PWRMGRRO.DLL
c:\win\5-PWRMGR\SV\PWRMGRRP.DLL
c:\win\5-PWRMGR\SV\PWRMGRRT.DLL
c:\win\5-PWRMGR\SWI.XML
c:\win\5-PWRMGR\TC\PWMPSDF.INI
c:\win\5-PWRMGR\TC\PWRMGR.CHM
c:\win\5-PWRMGR\TC\PWRMGRRD.DLL
c:\win\5-PWRMGR\TC\PWRMGRRO.DLL
c:\win\5-PWRMGR\TC\PWRMGRRP.DLL
c:\win\5-PWRMGR\TC\PWRMGRRT.DLL
c:\win\5-PWRMGR\TPBTLOW.WAV
c:\win\5-PWRMGR\TPBTVLOW.WAV
c:\win\5-PWRMGR\TPPWOPEX.DLL
c:\win\5-PWRMGR\TPPWRIF.SYS
c:\win\5-PWRMGR\US\PWMPSDF.INI
c:\win\5-PWRMGR\US\PWRMGR.CHM
c:\win\5-PWRMGR\US\PWRMGRRD.DLL
c:\win\5-PWRMGR\US\PWRMGRRO.DLL
c:\win\5-PWRMGR\US\PWRMGRRP.DLL
c:\win\5-PWRMGR\US\PWRMGRRT.DLL
c:\win\6-manualpush-TPM\ATMELTPM.CAT
c:\win\6-manualpush-TPM\ATMELTPM.INF
c:\win\6-manualpush-TPM\ATMELTPM.SYS
c:\win\6-manualpush-TPM\IBMTPI.XML
c:\win\6-manualpush-TPM\INSTALLE.EXE
c:\win\6-manualpush-TPM\SWI.XML
c:\win\6-manualpush-TPM\TPMDDL.DLL
c:\win\7-HPROTECT\Setup.exe
c:\win\7-HPROTECT\SWI.XML
c:\win\8-kb888111xp2en.exe
c:\win\9-Audio\ADIDRM.DLL
c:\win\9-Audio\AEENABLE.EXE
c:\win\9-Audio\AUDIO.TPI
c:\win\9-Audio\CPAPP.ICO
c:\win\9-Audio\DATA.TAG
c:\win\9-Audio\DATA1.CAB
c:\win\9-Audio\DATA1.HDR
c:\win\9-Audio\DATA2.CAB
c:\win\9-Audio\DEVSETUP.EXE
c:\win\9-Audio\ENGINE32.CAB
c:\win\9-Audio\LAYOUT.BIN
c:\win\9-Audio\LICENSE.TXT
c:\win\9-Audio\PLATFORM.CFG
c:\win\9-Audio\README.TXT
c:\win\9-Audio\SETUP.EXE
c:\win\9-Audio\SETUP.IBT
c:\win\9-Audio\SETUP.INI
c:\win\9-Audio\SETUP.INX
c:\win\9-Audio\SETUP.ISS
c:\win\9-Audio\SM_COMN\HELP\ARABIC\CPSIMP.CHM
c:\win\9-Audio\SM_COMN\HELP\ARABIC\DIGAUDMB.CHM
c:\win\9-Audio\SM_COMN\HELP\ARABIC\DTS.CHM
c:\win\9-Audio\SM_COMN\HELP\ARABIC\EQ.CHM
c:\win\9-Audio\SM_COMN\HELP\ARABIC\MICRO.CHM
c:\win\9-Audio\SM_COMN\HELP\ARABIC\PNP.CHM
c:\win\9-Audio\SM_COMN\HELP\ARABIC\POWER.CHM
c:\win\9-Audio\SM_COMN\HELP\ARABIC\SENSA.CHM
c:\win\9-Audio\SM_COMN\HELP\ARABIC\SMAX.CHM
c:\win\9-Audio\SM_COMN\HELP\ARABIC\SMAX4HLP.CHM
c:\win\9-Audio\SM_COMN\HELP\ARABIC\SPDIF.CHM
c:\win\9-Audio\SM_COMN\HELP\BRAZIL\CPSIMP.CHM
c:\win\9-Audio\SM_COMN\HELP\BRAZIL\DIGAUDMB.CHM
c:\win\9-Audio\SM_COMN\HELP\BRAZIL\DTS.CHM
c:\win\9-Audio\SM_COMN\HELP\BRAZIL\EQ.CHM
c:\win\9-Audio\SM_COMN\HELP\BRAZIL\MICRO.CHM
c:\win\9-Audio\SM_COMN\HELP\BRAZIL\PNP.CHM
c:\win\9-Audio\SM_COMN\HELP\BRAZIL\POWER.CHM
c:\win\9-Audio\SM_COMN\HELP\BRAZIL\SENSA.CHM
c:\win\9-Audio\SM_COMN\HELP\BRAZIL\SMAX.CHM
c:\win\9-Audio\SM_COMN\HELP\BRAZIL\SMAX4HLP.CHM
c:\win\9-Audio\SM_COMN\HELP\BRAZIL\SPDIF.CHM
c:\win\9-Audio\SM_COMN\HELP\DANISH\CPSIMP.CHM
c:\win\9-Audio\SM_COMN\HELP\DANISH\DIGAUDMB.CHM
c:\win\9-Audio\SM_COMN\HELP\DANISH\DTS.CHM
c:\win\9-Audio\SM_COMN\HELP\DANISH\EQ.CHM
c:\win\9-Audio\SM_COMN\HELP\DANISH\MICRO.CHM
c:\win\9-Audio\SM_COMN\HELP\DANISH\PNP.CHM
c:\win\9-Audio\SM_COMN\HELP\DANISH\POWER.CHM
c:\win\9-Audio\SM_COMN\HELP\DANISH\SENSA.CHM
c:\win\9-Audio\SM_COMN\HELP\DANISH\SMAX.CHM
c:\win\9-Audio\SM_COMN\HELP\DANISH\SMAX4HLP.CHM
c:\win\9-Audio\SM_COMN\HELP\DANISH\SPDIF.CHM
c:\win\9-Audio\SM_COMN\HELP\DUTCH\CPSIMP.CHM
c:\win\9-Audio\SM_COMN\HELP\DUTCH\DIGAUDMB.CHM
c:\win\9-Audio\SM_COMN\HELP\DUTCH\DTS.CHM
c:\win\9-Audio\SM_COMN\HELP\DUTCH\EQ.CHM
c:\win\9-Audio\SM_COMN\HELP\DUTCH\MICRO.CHM
c:\win\9-Audio\SM_COMN\HELP\DUTCH\PNP.CHM
c:\win\9-Audio\SM_COMN\HELP\DUTCH\POWER.CHM
c:\win\9-Audio\SM_COMN\HELP\DUTCH\SENSA.CHM
c:\win\9-Audio\SM_COMN\HELP\DUTCH\SMAX.CHM
c:\win\9-Audio\SM_COMN\HELP\DUTCH\SMAX4HLP.CHM
c:\win\9-Audio\SM_COMN\HELP\DUTCH\SPDIF.CHM
c:\win\9-Audio\SM_COMN\HELP\ENGLISH\CPSIMP.CHM
c:\win\9-Audio\SM_COMN\HELP\ENGLISH\DIGAUDMB.CHM
c:\win\9-Audio\SM_COMN\HELP\ENGLISH\DTS.CHM
c:\win\9-Audio\SM_COMN\HELP\ENGLISH\EQ.CHM
c:\win\9-Audio\SM_COMN\HELP\ENGLISH\MICRO.CHM
c:\win\9-Audio\SM_COMN\HELP\ENGLISH\PNP.CHM
c:\win\9-Audio\SM_COMN\HELP\ENGLISH\POWER.CHM
c:\win\9-Audio\SM_COMN\HELP\ENGLISH\SENSA.CHM
c:\win\9-Audio\SM_COMN\HELP\ENGLISH\SMAX.CHM
c:\win\9-Audio\SM_COMN\HELP\ENGLISH\SMAX4HLP.CHM
c:\win\9-Audio\SM_COMN\HELP\ENGLISH\SPDIF.CHM
c:\win\9-Audio\SM_COMN\HELP\FINNISH\CPSIMP.CHM
c:\win\9-Audio\SM_COMN\HELP\FINNISH\DIGAUDMB.CHM
c:\win\9-Audio\SM_COMN\HELP\FINNISH\DTS.CHM
c:\win\9-Audio\SM_COMN\HELP\FINNISH\EQ.CHM
c:\win\9-Audio\SM_COMN\HELP\FINNISH\MICRO.CHM
c:\win\9-Audio\SM_COMN\HELP\FINNISH\PNP.CHM
c:\win\9-Audio\SM_COMN\HELP\FINNISH\POWER.CHM
c:\win\9-Audio\SM_COMN\HELP\FINNISH\SENSA.CHM
c:\win\9-Audio\SM_COMN\HELP\FINNISH\SMAX.CHM
c:\win\9-Audio\SM_COMN\HELP\FINNISH\SMAX4HLP.CHM
c:\win\9-Audio\SM_COMN\HELP\FINNISH\SPDIF.CHM
c:\win\9-Audio\SM_COMN\HELP\FRENCH\CPSIMP.CHM
c:\win\9-Audio\SM_COMN\HELP\FRENCH\DIGAUDMB.CHM
c:\win\9-Audio\SM_COMN\HELP\FRENCH\DTS.CHM
c:\win\9-Audio\SM_COMN\HELP\FRENCH\EQ.CHM
c:\win\9-Audio\SM_COMN\HELP\FRENCH\MICRO.CHM
c:\win\9-Audio\SM_COMN\HELP\FRENCH\PNP.CHM
c:\win\9-Audio\SM_COMN\HELP\FRENCH\POWER.CHM
c:\win\9-Audio\SM_COMN\HELP\FRENCH\SENSA.CHM
c:\win\9-Audio\SM_COMN\HELP\FRENCH\SMAX.CHM
c:\win\9-Audio\SM_COMN\HELP\FRENCH\SMAX4HLP.CHM
c:\win\9-Audio\SM_COMN\HELP\FRENCH\SPDIF.CHM
c:\win\9-Audio\SM_COMN\HELP\GERMAN\CPSIMP.CHM
c:\win\9-Audio\SM_COMN\HELP\GERMAN\DIGAUDMB.CHM
c:\win\9-Audio\SM_COMN\HELP\GERMAN\DTS.CHM
c:\win\9-Audio\SM_COMN\HELP\GERMAN\EQ.CHM
c:\win\9-Audio\SM_COMN\HELP\GERMAN\MICRO.CHM
c:\win\9-Audio\SM_COMN\HELP\GERMAN\PNP.CHM
c:\win\9-Audio\SM_COMN\HELP\GERMAN\POWER.CHM
c:\win\9-Audio\SM_COMN\HELP\GERMAN\SENSA.CHM
c:\win\9-Audio\SM_COMN\HELP\GERMAN\SMAX.CHM
c:\win\9-Audio\SM_COMN\HELP\GERMAN\SMAX4HLP.CHM
c:\win\9-Audio\SM_COMN\HELP\GERMAN\SPDIF.CHM
c:\win\9-Audio\SM_COMN\HELP\HEBREW\CPSIMP.CHM
c:\win\9-Audio\SM_COMN\HELP\HEBREW\DIGAUDMB.CHM
c:\win\9-Audio\SM_COMN\HELP\HEBREW\DTS.CHM
c:\win\9-Audio\SM_COMN\HELP\HEBREW\EQ.CHM
c:\win\9-Audio\SM_COMN\HELP\HEBREW\MICRO.CHM
c:\win\9-Audio\SM_COMN\HELP\HEBREW\PNP.CHM
c:\win\9-Audio\SM_COMN\HELP\HEBREW\POWER.CHM
c:\win\9-Audio\SM_COMN\HELP\HEBREW\SENSA.CHM
c:\win\9-Audio\SM_COMN\HELP\HEBREW\SMAX.CHM
c:\win\9-Audio\SM_COMN\HELP\HEBREW\SMAX4HLP.CHM
c:\win\9-Audio\SM_COMN\HELP\HEBREW\SPDIF.CHM
c:\win\9-Audio\SM_COMN\HELP\ITALIAN\CPSIMP.CHM
c:\win\9-Audio\SM_COMN\HELP\ITALIAN\DIGAUDMB.CHM
c:\win\9-Audio\SM_COMN\HELP\ITALIAN\DTS.CHM
c:\win\9-Audio\SM_COMN\HELP\ITALIAN\EQ.CHM
c:\win\9-Audio\SM_COMN\HELP\ITALIAN\MICRO.CHM
c:\win\9-Audio\SM_COMN\HELP\ITALIAN\PNP.CHM
c:\win\9-Audio\SM_COMN\HELP\ITALIAN\POWER.CHM
c:\win\9-Audio\SM_COMN\HELP\ITALIAN\SENSA.CHM
c:\win\9-Audio\SM_COMN\HELP\ITALIAN\SMAX.CHM
c:\win\9-Audio\SM_COMN\HELP\ITALIAN\SMAX4HLP.CHM
c:\win\9-Audio\SM_COMN\HELP\ITALIAN\SPDIF.CHM
c:\win\9-Audio\SM_COMN\HELP\JAPANESE\CPSIMP.CHM
c:\win\9-Audio\SM_COMN\HELP\JAPANESE\DIGAUDMB.CHM
c:\win\9-Audio\SM_COMN\HELP\JAPANESE\DTS.CHM
c:\win\9-Audio\SM_COMN\HELP\JAPANESE\EQ.CHM
c:\win\9-Audio\SM_COMN\HELP\JAPANESE\MICRO.CHM
c:\win\9-Audio\SM_COMN\HELP\JAPANESE\PNP.CHM
c:\win\9-Audio\SM_COMN\HELP\JAPANESE\POWER.CHM
c:\win\9-Audio\SM_COMN\HELP\JAPANESE\SENSA.CHM
c:\win\9-Audio\SM_COMN\HELP\JAPANESE\SMAX.CHM
c:\win\9-Audio\SM_COMN\HELP\JAPANESE\SMAX4HLP.CHM
c:\win\9-Audio\SM_COMN\HELP\JAPANESE\SPDIF.CHM
c:\win\9-Audio\SM_COMN\HELP\KOREAN\CPSIMP.CHM
c:\win\9-Audio\SM_COMN\HELP\KOREAN\DIGAUDMB.CHM
c:\win\9-Audio\SM_COMN\HELP\KOREAN\DTS.CHM
c:\win\9-Audio\SM_COMN\HELP\KOREAN\EQ.CHM
c:\win\9-Audio\SM_COMN\HELP\KOREAN\MICRO.CHM
c:\win\9-Audio\SM_COMN\HELP\KOREAN\PNP.CHM
c:\win\9-Audio\SM_COMN\HELP\KOREAN\POWER.CHM
c:\win\9-Audio\SM_COMN\HELP\KOREAN\SENSA.CHM
c:\win\9-Audio\SM_COMN\HELP\KOREAN\SMAX.CHM
c:\win\9-Audio\SM_COMN\HELP\KOREAN\SMAX4HLP.CHM
c:\win\9-Audio\SM_COMN\HELP\KOREAN\SPDIF.CHM
c:\win\9-Audio\SM_COMN\HELP\NORWEG\CPSIMP.CHM
c:\win\9-Audio\SM_COMN\HELP\NORWEG\DIGAUDMB.CHM
c:\win\9-Audio\SM_COMN\HELP\NORWEG\DTS.CHM
c:\win\9-Audio\SM_COMN\HELP\NORWEG\EQ.CHM
c:\win\9-Audio\SM_COMN\HELP\NORWEG\MICRO.CHM
c:\win\9-Audio\SM_COMN\HELP\NORWEG\PNP.CHM
c:\win\9-Audio\SM_COMN\HELP\NORWEG\POWER.CHM
c:\win\9-Audio\SM_COMN\HELP\NORWEG\SENSA.CHM
c:\win\9-Audio\SM_COMN\HELP\NORWEG\SMAX.CHM
c:\win\9-Audio\SM_COMN\HELP\NORWEG\SMAX4HLP.CHM
c:\win\9-Audio\SM_COMN\HELP\NORWEG\SPDIF.CHM
c:\win\9-Audio\SM_COMN\HELP\POLISH\CPSIMP.CHM
c:\win\9-Audio\SM_COMN\HELP\POLISH\DIGAUDMB.CHM
c:\win\9-Audio\SM_COMN\HELP\POLISH\DTS.CHM
c:\win\9-Audio\SM_COMN\HELP\POLISH\EQ.CHM
c:\win\9-Audio\SM_COMN\HELP\POLISH\MICRO.CHM
c:\win\9-Audio\SM_COMN\HELP\POLISH\PNP.CHM
c:\win\9-Audio\SM_COMN\HELP\POLISH\POWER.CHM
c:\win\9-Audio\SM_COMN\HELP\POLISH\SENSA.CHM
c:\win\9-Audio\SM_COMN\HELP\POLISH\SMAX.CHM
c:\win\9-Audio\SM_COMN\HELP\POLISH\SMAX4HLP.CHM
c:\win\9-Audio\SM_COMN\HELP\POLISH\SPDIF.CHM
c:\win\9-Audio\SM_COMN\HELP\RUSSIAN\CPSIMP.CHM
c:\win\9-Audio\SM_COMN\HELP\RUSSIAN\DIGAUDMB.CHM
c:\win\9-Audio\SM_COMN\HELP\RUSSIAN\DTS.CHM
c:\win\9-Audio\SM_COMN\HELP\RUSSIAN\EQ.CHM
c:\win\9-Audio\SM_COMN\HELP\RUSSIAN\MICRO.CHM
c:\win\9-Audio\SM_COMN\HELP\RUSSIAN\PNP.CHM
c:\win\9-Audio\SM_COMN\HELP\RUSSIAN\POWER.CHM
c:\win\9-Audio\SM_COMN\HELP\RUSSIAN\SENSA.CHM
c:\win\9-Audio\SM_COMN\HELP\RUSSIAN\SMAX.CHM
c:\win\9-Audio\SM_COMN\HELP\RUSSIAN\SMAX4HLP.CHM
c:\win\9-Audio\SM_COMN\HELP\RUSSIAN\SPDIF.CHM
c:\win\9-Audio\SM_COMN\HELP\SIMPCHIN\CPSIMP.CHM
c:\win\9-Audio\SM_COMN\HELP\SIMPCHIN\DIGAUDMB.CHM
c:\win\9-Audio\SM_COMN\HELP\SIMPCHIN\DTS.CHM
c:\win\9-Audio\SM_COMN\HELP\SIMPCHIN\EQ.CHM
c:\win\9-Audio\SM_COMN\HELP\SIMPCHIN\MICRO.CHM
c:\win\9-Audio\SM_COMN\HELP\SIMPCHIN\PNP.CHM
c:\win\9-Audio\SM_COMN\HELP\SIMPCHIN\POWER.CHM
c:\win\9-Audio\SM_COMN\HELP\SIMPCHIN\SENSA.CHM
c:\win\9-Audio\SM_COMN\HELP\SIMPCHIN\SMAX.CHM
c:\win\9-Audio\SM_COMN\HELP\SIMPCHIN\SMAX4HLP.CHM
c:\win\9-Audio\SM_COMN\HELP\SIMPCHIN\SPDIF.CHM
c:\win\9-Audio\SM_COMN\HELP\SMHELP.EXE
c:\win\9-Audio\SM_COMN\HELP\SPANISH\CPSIMP.CHM
c:\win\9-Audio\SM_COMN\HELP\SPANISH\DIGAUDMB.CHM
c:\win\9-Audio\SM_COMN\HELP\SPANISH\DTS.CHM
c:\win\9-Audio\SM_COMN\HELP\SPANISH\EQ.CHM
c:\win\9-Audio\SM_COMN\HELP\SPANISH\MICRO.CHM
c:\win\9-Audio\SM_COMN\HELP\SPANISH\PNP.CHM
c:\win\9-Audio\SM_COMN\HELP\SPANISH\POWER.CHM
c:\win\9-Audio\SM_COMN\HELP\SPANISH\SENSA.CHM
c:\win\9-Audio\SM_COMN\HELP\SPANISH\SMAX.CHM
c:\win\9-Audio\SM_COMN\HELP\SPANISH\SMAX4HLP.CHM
c:\win\9-Audio\SM_COMN\HELP\SPANISH\SPDIF.CHM
c:\win\9-Audio\SM_COMN\HELP\SWEDISH\CPSIMP.CHM
c:\win\9-Audio\SM_COMN\HELP\SWEDISH\DIGAUDMB.CHM
c:\win\9-Audio\SM_COMN\HELP\SWEDISH\DTS.CHM
c:\win\9-Audio\SM_COMN\HELP\SWEDISH\EQ.CHM
c:\win\9-Audio\SM_COMN\HELP\SWEDISH\MICRO.CHM
c:\win\9-Audio\SM_COMN\HELP\SWEDISH\PNP.CHM
c:\win\9-Audio\SM_COMN\HELP\SWEDISH\POWER.CHM
c:\win\9-Audio\SM_COMN\HELP\SWEDISH\SENSA.CHM
c:\win\9-Audio\SM_COMN\HELP\SWEDISH\SMAX.CHM
c:\win\9-Audio\SM_COMN\HELP\SWEDISH\SMAX4HLP.CHM
c:\win\9-Audio\SM_COMN\HELP\SWEDISH\SPDIF.CHM
c:\win\9-Audio\SM_COMN\HELP\THAI\CPSIMP.CHM
c:\win\9-Audio\SM_COMN\HELP\THAI\DIGAUDMB.CHM
c:\win\9-Audio\SM_COMN\HELP\THAI\DTS.CHM
c:\win\9-Audio\SM_COMN\HELP\THAI\EQ.CHM
c:\win\9-Audio\SM_COMN\HELP\THAI\MICRO.CHM
c:\win\9-Audio\SM_COMN\HELP\THAI\PNP.CHM
c:\win\9-Audio\SM_COMN\HELP\THAI\POWER.CHM
c:\win\9-Audio\SM_COMN\HELP\THAI\SENSA.CHM
c:\win\9-Audio\SM_COMN\HELP\THAI\SMAX.CHM
c:\win\9-Audio\SM_COMN\HELP\THAI\SMAX4HLP.CHM
c:\win\9-Audio\SM_COMN\HELP\THAI\SPDIF.CHM
c:\win\9-Audio\SM_COMN\HELP\TRADCHIN\CPSIMP.CHM
c:\win\9-Audio\SM_COMN\HELP\TRADCHIN\DIGAUDMB.CHM
c:\win\9-Audio\SM_COMN\HELP\TRADCHIN\DTS.CHM
c:\win\9-Audio\SM_COMN\HELP\TRADCHIN\EQ.CHM
c:\win\9-Audio\SM_COMN\HELP\TRADCHIN\MICRO.CHM
c:\win\9-Audio\SM_COMN\HELP\TRADCHIN\PNP.CHM
c:\win\9-Audio\SM_COMN\HELP\TRADCHIN\POWER.CHM
c:\win\9-Audio\SM_COMN\HELP\TRADCHIN\SENSA.CHM
c:\win\9-Audio\SM_COMN\HELP\TRADCHIN\SMAX.CHM
c:\win\9-Audio\SM_COMN\HELP\TRADCHIN\SMAX4HLP.CHM
c:\win\9-Audio\SM_COMN\HELP\TRADCHIN\SPDIF.CHM
c:\win\9-Audio\SM_COMN\SYS\PLACER.TXT
c:\win\9-Audio\SM_MICRO\SYS\MICTAB.DLL
c:\win\9-Audio\SM_MICRO\WIZARDS\SMWIZARD.EXE
c:\win\9-Audio\SM_PANEL\SYS\LICENSE.TXT
c:\win\9-Audio\SM_PANEL\SYS\SMAX4.CPL
c:\win\9-Audio\SM_PANEL\SYS\SMAX4.EXE
c:\win\9-Audio\SM_PANEL\SYS\SMMEDIA.DLL
c:\win\9-Audio\SM_PANEL\SYS\WDMIOCTL.DLL
c:\win\9-Audio\SM_POWER\SYS\PWRMAN.DLL
c:\win\9-Audio\SMAX3CP.ICO
c:\win\9-Audio\SMAXWDM\W2K_XP\ADIHDAUD.INF
c:\win\9-Audio\SMAXWDM\W2K_XP\ADIHDAUD.SYS
c:\win\9-Audio\SMAXWDM\W2K_XP\AEAUDIO.SYS
c:\win\9-Audio\SMAXWDM\W2K_XP\POSTPROC.DLL
c:\win\9-Audio\SMAXWDM\W2K_XP\SMAX4PNP.EXE
c:\win\9-Audio\SMAXWDM\W2K_XP\SMWDMIF.DLL
c:\win\9-Audio\SMAXWDM\W2K_XP\SMX.CAT
c:\win\9-Audio\SWI.XML
c:\win\9-Audio\SYS\CLEANUP.EXE
c:\win\9-Audio\SYS\DSNDUP.EXE
c:\win\9-Audio\WIN256_3.BMP
c:\windows\system32\1455611324.dat
c:\windows\system32\drivers\Y6LJ1OP.sys

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_Y6LJ1OP


((((((((((((((((((((((((( Files Created from 2010-04-19 to 2010-05-19 )))))))))))))))))))))))))))))))
.

2010-05-19 16:14 . 2010-05-19 16:14 77312 ----a-w- C:\mbr.exe
2010-05-12 21:10 . 2008-04-14 00:11 185344 -c--a-w- c:\windows\system32\dllcache\framedyn.dll
2010-05-12 20:41 . 2010-05-12 22:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-05-12 20:41 . 2010-05-12 21:14 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-05-12 20:30 . 2010-05-12 20:30 -------- d-----w- c:\documents and settings\Richard\Application Data\Malwarebytes
2010-05-12 20:30 . 2010-05-12 20:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-05-12 20:30 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-12 20:30 . 2010-05-12 20:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-12 20:30 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-09 01:26 . 2010-05-09 01:26 -------- d-----w- c:\program files\Trend Micro
2010-05-09 01:06 . 2010-05-14 16:56 -------- d-----w- c:\windows\system32\NtmsData
2010-05-08 16:46 . 2010-05-19 18:34 -------- d-----w- c:\documents and settings\Richard\Application Data\FileZilla
2010-05-07 03:03 . 2010-05-07 03:03 -------- d-----w- c:\documents and settings\Richard\Application Data\Office Genuine Advantage
2010-05-07 00:25 . 2010-05-07 00:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2010-05-07 00:06 . 2010-05-07 00:06 -------- d-----w- c:\windows\system32\scripting
2010-05-07 00:06 . 2010-05-07 00:06 -------- d-----w- c:\windows\system32\en
2010-05-07 00:06 . 2010-05-07 00:06 -------- d-----w- c:\windows\l2schemas
2010-05-07 00:06 . 2010-05-07 00:06 -------- d-----w- c:\windows\system32\bits
2010-05-01 14:41 . 2010-04-27 21:16 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2010-05-01 14:40 . 2010-04-27 21:16 82952 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys
2010-05-01 14:40 . 2010-04-27 21:16 88480 ----a-w- c:\windows\system32\drivers\mfendisk.sys
2010-05-01 14:40 . 2010-04-27 21:16 83496 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2010-05-01 14:40 . 2010-04-27 21:16 385880 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2010-05-01 14:40 . 2010-04-27 21:16 312616 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2010-05-01 14:40 . 2010-04-27 21:16 95568 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2010-05-01 14:40 . 2010-04-27 21:16 51688 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2010-05-01 14:40 . 2010-04-27 21:16 152320 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2010-05-01 14:40 . 2010-04-27 21:16 55456 ----a-w- c:\windows\system32\drivers\cfwids.sys
2010-04-30 01:45 . 2010-04-30 01:45 -------- d-----w- c:\documents and settings\Richard\Local Settings\Application Data\MozSwing
2010-04-29 18:09 . 2010-04-29 18:09 -------- d-----w- c:\documents and settings\Richard\Application Data\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
2010-04-29 18:09 . 2010-04-29 18:09 -------- d-----w- c:\program files\TweetDeck
2010-04-29 18:09 . 2010-04-29 18:09 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-04-28 21:33 . 2003-12-04 15:19 487424 ----a-w- c:\windows\system32\msvcp70.dll
2010-04-28 21:30 . 2002-01-05 08:48 974848 ------w- c:\windows\system32\mfc70.dll
2010-04-28 21:30 . 2002-01-05 08:10 57344 ------w- c:\windows\system32\mfc70enu.dll
2010-04-28 21:30 . 2002-01-05 07:37 344064 ------w- c:\windows\system32\msvcr70.dll
2010-04-28 21:30 . 2010-04-28 21:30 -------- d-----w- c:\program files\Common Files\Macromedia Shared
2010-04-28 20:31 . 2010-05-02 04:54 -------- d-----w- c:\program files\McAfee.com
2010-04-28 20:31 . 2010-05-18 03:55 -------- d-----w- c:\program files\McAfee
2010-04-28 19:37 . 2010-04-28 19:37 -------- d-----w- c:\windows\system32\wbem\Repository
2010-04-27 13:49 . 2010-05-01 15:31 -------- d-----w- c:\program files\Common Files\McAfee
2010-04-27 13:24 . 2010-04-28 19:39 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Temp
2010-04-27 13:22 . 2010-04-27 13:22 -------- d-----w- c:\program files\Bonjour
2010-04-27 13:21 . 2010-04-27 13:21 -------- d-----w- c:\program files\QuickTime
2010-04-27 13:20 . 2010-04-27 13:20 1143 --sha-w- c:\windows\system32\admparsec.sys
2010-04-27 13:20 . 2010-04-27 13:21 -------- d-----w- c:\program files\iTunes
2010-04-27 13:20 . 2010-04-27 13:20 -------- d-----w- c:\program files\iPod
2010-04-27 13:13 . 2010-04-27 13:13 -------- d-----w- c:\documents and settings\Richard\Application Data\McAfee
2010-04-27 12:28 . 2010-04-27 12:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Citrix
2010-04-27 12:06 . 2010-04-27 12:06 -------- d-----w- c:\documents and settings\Richard\Local Settings\Application Data\Citrix

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-17 16:02 . 2008-10-10 22:39 -------- d-----w- c:\documents and settings\LocalService\Application Data\SACore
2010-05-14 16:01 . 2010-05-14 16:01 388096 ----a-r- c:\documents and settings\Richard\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-05-14 14:57 . 2008-11-05 01:56 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-05-12 22:09 . 2009-06-24 00:38 -------- d-----w- c:\program files\Google
2010-05-12 20:23 . 2009-11-14 17:09 -------- d-----w- c:\documents and settings\Richard\Application Data\Move Networks
2010-05-07 00:26 . 2008-01-11 13:52 91784 ----a-w- c:\documents and settings\Richard\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-05-07 00:09 . 2008-01-07 21:50 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-05-05 01:21 . 2008-09-12 02:06 -------- d-----w- c:\documents and settings\Richard\Application Data\FileZilla1
2010-04-30 01:42 . 2010-04-09 00:26 -------- d-----w- c:\program files\SEO PowerSuite
2010-04-29 18:08 . 2010-04-29 18:09 38784 ----a-w- c:\documents and settings\Richard\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-04-29 18:08 . 2010-04-29 18:09 38784 ----a-w- c:\documents and settings\Default User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-04-28 21:33 . 2010-04-12 20:18 -------- d-----w- c:\program files\Common Files\Macromedia
2010-04-28 21:33 . 2010-04-12 20:17 -------- d-----w- c:\program files\Macromedia
2010-04-28 20:36 . 2008-02-14 21:26 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2010-04-27 13:22 . 2010-04-04 14:17 -------- d-----w- c:\program files\Bonjour(2)
2010-04-27 13:21 . 2010-04-04 14:20 -------- d-----w- c:\program files\QuickTime(2)
2010-04-27 13:20 . 2010-04-04 14:25 -------- d-----w- c:\program files\iPod(2)
2010-04-27 13:20 . 2010-04-04 14:25 -------- d-----w- c:\program files\iTunes(2)
2010-04-27 13:20 . 2010-03-20 01:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-04-27 13:20 . 2010-03-20 00:58 -------- d-----w- c:\program files\Common Files\Apple
2010-04-27 13:16 . 2010-04-15 18:34 -------- d-----w- c:\documents and settings\Richard\Application Data\Skype
2010-04-27 13:16 . 2010-04-15 18:34 -------- d-----w- c:\program files\Skype
2010-04-12 20:25 . 2008-01-08 23:27 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-05 12:06 . 2009-12-04 19:50 -------- d-----w- c:\documents and settings\Richard\Application Data\Apple Computer
2010-04-04 14:26 . 2010-04-04 14:25 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-03-11 12:38 . 2004-08-04 11:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-03-11 12:38 . 2004-08-04 11:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:38 . 2004-08-04 11:00 17408 ------w- c:\windows\system32\corpol.dll
2010-03-09 11:09 . 2004-08-04 11:00 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-03-05 12:53 . 2009-11-15 02:08 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-02-24 13:11 . 2004-08-04 11:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2008-03-01 04:41 . 2008-03-01 04:38 24 --sh--w- c:\windows\S1EC09ADB.tmp
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"="c:\program files\Adobe\Adobe Bridge CS4\Bridge.exe" [2008-08-29 13145448]
"Aim6"="c:\program files\AIM6\aim6.exe" [2008-10-21 50472]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2008-11-15 313856]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Google Update"="c:\documents and settings\Richard\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-03-19 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-28 8491008]
"nwiz"="nwiz.exe" [2007-09-28 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-28 81920]
"PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2007-09-21 200704]
"BLOG"="c:\progra~1\ThinkPad\UTILIT~1\BatLogEx.DLL" [2007-09-21 208896]
"TpShocks"="TpShocks.exe" [2007-09-28 181544]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-04-09 1015808]
"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2007-04-27 243248]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2007-08-10 110592]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-08-10 512000]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-04-02 1180976]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-11-11 417792]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-3-14 2756608]
Palo Alto Software Update Manager 9.0.lnk - c:\program files\Common Files\Palo Alto Software\9.0\PAS9_Update.exe [2006-9-5 122880]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Documents and Settings\\Richard\\My Documents\\IPInstaller.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Common Files\\McAfee\\McSvcHost\\McSvHost.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [9/28/2007 5:28 PM 19504]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [5/1/2010 10:40 AM 82952]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [4/28/2010 4:33 PM 203280]
R2 McMPFSvc;McAfee Personal Firewall;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [5/1/2010 10:39 AM 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [5/1/2010 10:39 AM 271480]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\mfefire.exe [5/1/2010 10:41 AM 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [5/1/2010 10:40 AM 141792]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [12/7/2008 9:39 PM 24652]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [5/1/2010 10:40 AM 55456]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [5/1/2010 10:40 AM 312616]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [5/1/2010 10:40 AM 88480]
S2 gupdate1c9f4648817514a;Google Update Service (gupdate1c9f4648817514a);c:\program files\Google\Update\GoogleUpdate.exe [6/23/2009 8:41 PM 133104]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [5/1/2010 10:40 AM 88480]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [5/1/2010 10:40 AM 83496]
S4 Ast Service;Ast Service;c:\windows\system32\\AstSrv.exe --> c:\windows\system32\\AstSrv.exe [?]

--- Other Services/Drivers In Memory ---

*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder

2010-05-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2010-05-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-24 00:41]

2010-05-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-24 00:41]

2010-05-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-507921405-682003330-1003Core.job
- c:\documents and settings\Richard\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-05-12 00:55]

2010-05-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-507921405-682003330-1003UA.job
- c:\documents and settings\Richard\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-05-12 00:55]

2010-05-19 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 19:07]

2010-05-19 c:\windows\Tasks\PMTask.job
- c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2008-01-08 06:19]

2010-05-19 c:\windows\Tasks\User_Feed_Synchronization-{8B2988E9-0493-4E6B-9BD6-34E7B7D50D04}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 23:36]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
DPF: ServerPushBox - hxxp://192.168.10.99:700/servp14.cab
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-NetBIOS
SafeBoot-Y6LJ1OP



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-19 16:51
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(740)
c:\windows\system32\netprovcredman.dll

- - - - - - - > 'explorer.exe'(3756)
c:\windows\system32\WININET.dll
c:\windows\system32\nview.dll
c:\program files\McAfee\SiteAdvisor\saHook.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\nvwddi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\crypserv.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Sandboxie\SbieSvc.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\windows\System32\TPHDEXLG.exe
c:\program files\Common Files\McAfee\SystemCore\mcshield.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\TpShocks.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
.
**************************************************************************
.
Completion time: 2010-05-19 16:58:12 - machine was rebooted
ComboFix-quarantined-files.txt 2010-05-19 20:58

Pre-Run: 20,616,884,224 bytes free
Post-Run: 26,708,606,976 bytes free

- - End Of File - - 2986AF576A65C95014831341E22F67C5


#13 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:48 PM

Posted 19 May 2010 - 05:10 PM

Hi,

why did you run ComboFix in safe mode? Are you familiar with this folder: C:\Win?

Please make sure that you can view all hidden files. Instructions on how to do this can be found here:

How to see hidden files in Windows

Please click this link-->Jotti

When the jotti page has finished loading, click the browse button and navigate to the file listed below in bold, then click Submit.

C:\WINDOWS\System32\admparsec.sys

Please post back the results of the scan in your next post.

If Jotti is busy, try the same at Virustotal: http://www.virustotal.com/

regards myrti

Edited by myrti, 19 May 2010 - 05:11 PM.

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#14 Sugah313

Sugah313
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 19 May 2010 - 06:34 PM

I ran it in safe mode because the program locked up twice on me while running in regular mode. =\

I have no idea what that win folder was, it was not something that I installed I dont believe.

I turned on the visibility like you said, however the file you are requesting me to scan does not exsist in my C:\WINDOWS\System32\ folder. The closest thing i have is admparse.dll

#15 Sugah313

Sugah313
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:07:48 AM

Posted 19 May 2010 - 06:51 PM

Nevermind I found it, I had to hit the display the contents of system folders check box. The scan on both said found nothing

QUOTE
File admparsec.sys received on 2010.05.19 23:56:27 (UTC)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED

Result: 0/41 (0%)

Edited by Sugah313, 19 May 2010 - 06:59 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users