Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Various errors spanning Msft, Google, and I believe lsass.


  • This topic is locked This topic is locked
23 replies to this topic

#1 dijidl

dijidl

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:44 AM

Posted 14 July 2010 - 04:39 AM

The problems That I know of:

Initially, my computer was having issues with the installation of SP3. The automatic updates would begin for it, but would either get stuck on 0% or try to install and then display an error message and not be allowed to complete. I'm sorry, I don't the exact error message; I decided to fore-go the installation of SP3, since my computer seemed to work fine without it. It was approximately 1 year ago, when I gave up on installing SP3, after having about the same amount of time with no success.

Then, about 2 months ago, I had got Comcast internet service installed; this is where the new issues began to appear. During the istallation of the Comcast Desktop by the technician, he told me that as costumer, I was eligible for the full version of McAfee security suite so I had him go ahead and install it. Shortly after the installation, roughly 3 weeks, the new issues began.

At first the problems seemed to be with the internet service; this ended up being the Green AV virus, which was blocking internet access; it appeared that this was the problem with McAfee, the internet, and Windows Security Center. I was able to use my smart-phone to fix the Green AV issue by downloading MBAM and installing via USB. Then using MBAM, I appeared to get rid of the infection and work with Comcast to repair the internet settings and re-establish the proper internet connection.

However, McAfee still wasn't able to go online and fix any remaining issues. I spoke with McAfee about the issues and they told me that they no longer cover Comcast customers; they couldn't even look up my information or Comcast account. I then called Comcast and they told me they are using Norton, for their customers' security. Needless to say I was very upset about this info, since they were now telling me that I had been without any protection, since they installed McAfee, and that they couldn't deal with virus issues.

So, I asked them how to switch to Norton; that way I could at least get some support for dealing with the issues that remained. However, when I try to go to the website and install, through Comcasts customer service site, it won't let me log in to the site to verify my customer status and begin the download. (On a side note, a few other sites have given me trouble when trying to log in from certain screens, since this problem began.)

I called Norton, to see if there was a work-around, but they said I have to contact Comcast, assuming it was a problem with their site; it isn't. So, Norton can't assist without an official version installed... Comcast verified it was not an issue with the website and they can't fix it, because the problem is on my PC... And, McAfee is uninstalled because it has been useless to Comcast customers since February, when they stopped supporting Comcast.

I then began searching out other virus protection programs and stumbled upon the Google/Bing redirect (which redirects me to random sites or pops open random windows) and the blocking of Msoft's update site. I did manage to get to AVG's website, however; I installed AVG 9.0 free version. (I was running AVG 7.5 free, before McAfee was installed; I decided to stay with AVG since it had done a good job of protecting my computer, till it was removed, and I couldn't install Norton without paying for it since my Comcast access is being blocked.

I currently have AVG and MBAM installed and running, but they aren't turning up anything, and I have auto updates running, but the same issue where it gets stuck at 0% when trying to update, remains. So, I tried safe mode and as I am trying to boot up in safe mode, I start getting new errors; either I get the normal safe mode screen, but search assistant doesn't have a window, a plain black safe mode screen, a black safe mode screen with and invalid action notice, or a black safe mode screen with an lsass error message. (It appears that these issues with safe mode are random... I never know what is going to happen or which error I will get.)

So, I am at a stand-still:

In preparation for this post, I ran both MBAM and AVG 9.0. Then I followed the 'before posting' advice, downloaded DDS and GMER, ran both and saved the logs, and tried to gather as much information as possible. (posted/attached)

I hope someone can help me troubleshoot and resolve this issue... I am virtually losing my mind, because my PC is heavily used for my work, school-work, art-work, and communications with long-distance friends and family. I don't have the means to buy another laptop or PC due to getting shafted by HP on my last laptop.

I hope this explanation is sufficient, I am good at following directions if I have them to follow... But, tackling this on my own is just out of my level of experience.

Thank you for any assistance you may be able to provide.


My DDS log:

DDS (Ver_10-03-17.01) - NTFSx86
Run by RENTWAY at 10:43:08.43 on Tue 07/13/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.638.164 [GMT -4:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

svchost.exe 4
svchost.exe 4
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
svchost.exe
svchost.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Lexmark Pro200-S500 Series\lxebmon.exe
C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe
C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe
C:\Program Files\QuickTime\QTTask.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\SupportSoft\bin\bcont.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxebserv.exe
C:\WINDOWS\system32\lxebcoms.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WMP54GSv1_1.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Common Files\Teleca Shared\logger.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\DbgOut.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\RENTWAY\My Documents\Downloads\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.myspace.com/
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.dell4me.com/mywaybiz
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyServer = http=127.0.0.1:5577
uInternet Settings,ProxyOverride = <local>
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar3.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\3.1.807.1746\swg.dll
BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - c:\program files\lexmark printable web\bho.dll
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.1125.0\msneshellx.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar3.dll
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.1125.0\msneshellx.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
TB: {E1BACF55-35E1-4E47-9247-2D48660E5545} - No File
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - No File
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - No File
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [Desktop Software] "c:\program files\common files\supportsoft\bin\bcont.exe" /ini "c:\program files\comcastui\desktop software\uinstaller.ini" /fromrun /starthidden
mRun: [SoundMAXPnP] c:\program files\analog devices\soundmax\SMax4PNP.exe
mRun: [IntelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [lxebmon.exe] "c:\program files\lexmark pro200-s500 series\lxebmon.exe"
mRun: [EzPrint] "c:\program files\lexmark pro200-s500 series\ezprint.exe"
mRun: [Lexmark Pro200-S500 Series Fax Server] "c:\program files\lexmark pro200-s500 series\fm3032.exe" /s
mRun: [Mobile Connectivity Suite] "c:\program files\htc\htc sync\application launcher\Application Launcher.exe" /startoptions
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10g_ActiveX.exe -update activex
StartupFolder: c:\docume~1\dijidl~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
IE: &Dictionary - http://files.db3nf.com/scripts/ie.htm
IE: &Encyclopedia - http://files.db3nf.com/scripts/ie-e.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223} - c:\program files\bonjour\ExplorerPlugin.dll
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} - hxxp://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
DPF: {2019DC25-D1C0-11D6-97B3-0008A124F542} - hxxp://www.streamplug.com/StreamPlug/beta/SP.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21}
DPF: {55027008-315F-4F45-BBC3-8BE119764741} - hxxp://www.slide.com/uploader/SlideImageUploader.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1174348311671
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - hxxp://download.yahoo.com/dl/installs/yab_af.cab
DPF: {BDEE1959-AB6B-4745-A29B-F492861102CC}
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} - hxxp://photos.yahoo.com/ocx/us/yexplorer1_9us.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} - hxxp://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?326
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg9\toolbar\IEToolbar.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: igfxcui - igfxdev.dll
Notify: RegCompact - RegCompact.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
STS: bestreak - No File
STS: {aed6f6a3-183c-488d-9f90-23db99f56e7f} - No File
LSA: Notification Packages = scecli scecli scecli scecli scecli

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\rentway\applic~1\mozilla\firefox\profiles\epjunh9d.default\
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\rentway\application data\move networks\plugins\npqmp071701000002.dll
FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll
FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-7-7 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-7-7 29584]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-7-7 243024]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2004-8-4 14336]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\avg\avg9\avgemc.exe [2010-7-7 921440]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-7 308136]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-12-10 54752]
R2 lxeb_device;lxeb_device;c:\windows\system32\lxebcoms.exe -service --> c:\windows\system32\lxebcoms.exe -service [?]
R2 lxebCATSCustConnectService;lxebCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxebserv.exe [2010-5-8 98984]
S2 COMServer;COMServer;"c:\windows\system32\msapps\comsrvr.exe" s --> c:\windows\system32\msapps\comsrvr.exe [?]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg9\toolbar\ToolbarBroker.exe [2010-7-7 430152]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2004-8-24 24576]
S3 McComponentHostService;McAfee Security Scan Component Host Service;"c:\program files\mcafee security scan\2.0.181\mcchsvc.exe" --> c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [?]
S3 naecd;naecd;\??\c:\docume~1\rentway\locals~1\temp\naecd.sys --> c:\docume~1\rentway\locals~1\temp\naecd.sys [?]
S3 SBRE;SBRE;\??\c:\windows\system32\drivers\sbredrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]

=============== Created Last 30 ================

2010-07-13 09:27:13 0 d-sh--w- c:\documents and settings\rentway\IETldCache
2010-07-13 09:12:38 0 dc-h--w- c:\windows\ie8
2010-07-08 06:03:11 8192 ----a-w- c:\windows\system32\SET1582.tmp
2010-07-08 06:03:11 7168 ----a-w- c:\windows\system32\SET1581.tmp
2010-07-08 06:03:05 199680 ----a-w- c:\windows\system32\SET1558.tmp
2010-07-08 06:03:00 177152 ----a-w- c:\windows\system32\SET1536.tmp
2010-07-08 06:02:51 354304 ----a-w- c:\windows\system32\SET1506.tmp
2010-07-08 06:02:50 80896 ----a-w- c:\windows\system32\SET1501.tmp
2010-07-08 06:02:50 6656 ----a-w- c:\windows\system32\SET14FE.tmp
2010-07-08 06:02:49 121856 ----a-w- c:\windows\system32\SET14FD.tmp
2010-07-07 19:53:29 247808 ----a-w- c:\windows\system32\wbem\SET8FD.tmp
2010-07-07 19:42:33 472064 ----a-w- c:\windows\system32\wbem\SET8FA.tmp
2010-07-07 19:22:23 16384 ----a-w- c:\windows\system32\wbem\SET8F7.tmp
2010-07-07 19:22:23 123904 ----a-w- c:\windows\system32\wbem\SET8F6.tmp
2010-07-07 19:22:21 47104 ----a-w- c:\windows\system32\wbem\SET8F5.tmp
2010-07-07 19:01:01 178176 ----a-w- c:\windows\system32\wbem\SET8EA.tmp
2010-07-07 18:19:11 214528 ----a-w- c:\windows\system32\wbem\SET8E5.tmp
2010-07-07 18:10:39 531456 ----a-w- c:\windows\system32\wbem\SET8E3.tmp
2010-07-07 18:10:38 273920 ----a-w- c:\windows\system32\wbem\SET8E1.tmp
2010-07-07 18:10:38 178176 ----a-w- c:\windows\system32\wbem\SET8E2.tmp
2010-07-07 18:01:38 18944 ----a-w- c:\windows\system32\wbem\SET8D7.tmp
2010-07-07 18:01:37 43520 ----a-w- c:\windows\system32\wbem\SET8D6.tmp
2010-07-07 17:14:59 144896 ----a-w- c:\windows\system32\wbem\SET8C9.tmp
2010-07-07 17:14:58 437248 ----a-w- c:\windows\system32\wbem\SET8C8.tmp
2010-07-07 17:14:58 218112 ----a-w- c:\windows\system32\wbem\SET8C7.tmp
2010-07-07 17:14:56 144896 ----a-w- c:\windows\system32\wbem\SET8C5.tmp
2010-07-07 17:14:55 95232 ----a-w- c:\windows\system32\wbem\SET8C4.tmp
2010-07-07 17:13:50 1033728 ----a-w- c:\windows\SET892.tmp
2010-07-07 17:11:07 193536 ----a-w- c:\windows\system32\SET86A.tmp
2010-07-07 17:10:49 98304 ----a-w- c:\windows\system32\SET868.tmp
2010-07-07 17:10:40 143360 ----a-w- c:\windows\system32\SET866.tmp
2010-07-07 17:10:04 44544 ----a-w- c:\windows\system32\SET862.tmp
2010-07-07 17:09:38 125952 ----a-w- c:\windows\system32\SET85F.tmp
2010-07-07 17:08:04 285696 ----a-w- c:\windows\system32\SET859.tmp
2010-07-07 17:07:52 42496 ----a-w- c:\windows\system32\SET856.tmp
2010-07-07 17:07:48 62464 ----a-w- c:\windows\system32\SET855.tmp
2010-07-07 17:07:25 52736 ----a-w- c:\windows\system32\SET851.tmp
2010-07-07 17:07:21 29184 ----a-w- c:\windows\system32\SET850.tmp
2010-07-07 17:06:50 63488 ----a-w- c:\windows\system32\SET84D.tmp
2010-07-07 17:06:47 77824 ----a-w- c:\windows\system32\SET84C.tmp
2010-07-07 17:06:41 1025024 ----a-w- c:\windows\system32\SET84B.tmp
2010-07-07 17:06:18 226304 ----a-w- c:\windows\system32\SET844.tmp
2010-07-07 17:06:09 625664 ----a-w- c:\windows\system32\SET842.tmp
2010-07-07 17:06:01 194560 ----a-w- c:\windows\system32\SET83F.tmp
2010-07-07 17:05:56 16896 ----a-w- c:\windows\system32\SET83C.tmp
2010-07-07 17:05:43 498688 ----a-w- c:\windows\system32\SET835.tmp
2010-07-07 17:05:32 58368 ----a-w- c:\windows\system32\SET82E.tmp
2010-07-07 17:05:18 47104 ----a-w- c:\windows\system32\SET826.tmp
2010-07-07 17:05:17 60416 ----a-w- c:\windows\system32\SET825.tmp
2010-07-07 17:05:05 792064 ----a-w- c:\windows\system32\SET820.tmp
2010-07-07 17:03:50 8704 ----a-w- c:\windows\system32\SET7FF.tmp
2010-07-07 17:03:36 279552 ----a-w- c:\windows\system32\SET7FC.tmp
2010-07-07 17:03:32 27136 ----a-w- c:\windows\system32\SET7FB.tmp
2010-07-07 17:01:58 147968 ----a-w- c:\windows\system32\SET7D6.tmp
2010-07-07 17:01:56 45568 ----a-w- c:\windows\system32\SET7D3.tmp
2010-07-07 17:01:30 14336 ----a-w- c:\windows\system32\SET7C1.tmp
2010-07-07 17:01:20 367616 ----a-w- c:\windows\system32\SET7BB.tmp
2010-07-07 17:01:14 138752 ----a-w- c:\windows\system32\SET7B6.tmp
2010-07-07 17:01:05 304128 ----a-w- c:\windows\system32\SET7B2.tmp
2010-07-07 17:00:51 23040 ----a-w- c:\windows\system32\SET7AA.tmp
2010-07-07 17:00:48 246272 ----a-w- c:\windows\system32\SET7A8.tmp
2010-07-07 17:00:42 1082368 ----a-w- c:\windows\system32\SET7A5.tmp
2010-07-07 17:00:40 56320 ----a-w- c:\windows\system32\SET7A3.tmp
2010-07-07 17:00:30 21504 ----a-w- c:\windows\system32\SET79B.tmp
2010-07-07 17:00:18 451584 ----a-w- c:\windows\system32\SET792.tmp
2010-07-07 17:00:03 562176 ----a-w- c:\windows\system32\SET787.tmp
2010-07-07 16:59:57 285184 ----a-w- c:\windows\system32\SET780.tmp
2010-07-07 16:59:52 265728 ----a-w- c:\windows\system32\SET77C.tmp
2010-07-07 16:59:44 20992 ----a-w- c:\windows\system32\SET776.tmp
2010-07-07 16:59:42 29696 ----a-w- c:\windows\system32\SET775.tmp
2010-07-07 16:59:41 21504 ----a-w- c:\windows\system32\SET774.tmp
2010-07-07 16:59:36 344064 ----a-w- c:\windows\system32\SET772.tmp
2010-07-07 16:59:23 11264 ----a-w- c:\windows\system32\SET76B.tmp
2010-07-07 16:59:16 254976 ----a-w- c:\windows\system32\SET768.tmp
2010-07-07 16:59:04 110080 ----a-w- c:\windows\system32\SET758.tmp
2010-07-07 16:59:00 75264 ----a-w- c:\windows\system32\SET754.tmp
2010-07-07 16:57:58 6656 ----a-w- c:\windows\system32\SET6B5.tmp
2010-07-07 16:56:53 337408 ----a-w- c:\windows\system32\SET67D.tmp
2010-07-07 16:56:48 622592 ----a-w- c:\windows\system32\SET67C.tmp
2010-07-07 16:56:41 407040 ----a-w- c:\windows\system32\SET679.tmp
2010-07-07 16:56:39 198144 ----a-w- c:\windows\system32\SET677.tmp
2010-07-07 16:56:36 11776 ----a-w- c:\windows\system32\SET675.tmp
2010-07-07 16:56:31 1703936 ----a-w- c:\windows\system32\SET671.tmp
2010-07-07 16:56:20 80896 ----a-w- c:\windows\system32\SET66E.tmp
2010-07-07 16:56:18 245760 ----a-w- c:\windows\system32\SET66D.tmp
2010-07-07 16:56:16 247808 ----a-w- c:\windows\system32\SET66C.tmp
2010-07-07 16:56:08 67072 ----a-w- c:\windows\system32\SET664.tmp
2010-07-07 16:56:07 44032 ----a-w- c:\windows\system32\SET662.tmp
2010-07-07 16:56:06 118784 ----a-w- c:\windows\system32\SET661.tmp
2010-07-07 16:56:00 143360 ----a-w- c:\windows\system32\SET65C.tmp
2010-07-07 16:54:58 26624 ----a-w- c:\windows\system32\SET62D.tmp
2010-07-07 16:54:55 25088 ----a-w- c:\windows\system32\SET62A.tmp
2010-07-07 16:54:48 15360 ----a-w- c:\windows\system32\SET623.tmp
2010-07-07 16:54:44 17408 ----a-w- c:\windows\system32\SET620.tmp
2010-07-07 16:54:42 27648 ----a-w- c:\windows\system32\SET61D.tmp
2010-07-07 16:54:38 23040 ----a-w- c:\windows\system32\SET617.tmp
2010-07-07 16:54:36 96768 ----a-w- c:\windows\system32\SET615.tmp
2010-07-07 16:54:33 34304 ----a-w- c:\windows\system32\SET613.tmp
2010-07-07 16:54:20 18944 ----a-w- c:\windows\system32\SET606.tmp
2010-07-07 16:54:11 7680 ----a-w- c:\windows\system32\SET5F9.tmp
2010-07-07 16:54:05 79872 ----a-w- c:\windows\system32\SET5F8.tmp
2010-07-07 16:54:03 186368 ----a-w- c:\windows\system32\SET5F6.tmp
2010-07-07 16:52:56 123392 ----a-w- c:\windows\system32\SET4A1.tmp
2010-07-07 16:51:59 19456 ----a-w- c:\windows\system32\SET38A.tmp
2010-07-07 16:51:58 22528 ----a-w- c:\windows\system32\SET383.tmp
2010-07-07 16:51:58 18432 ----a-w- c:\windows\system32\SET37B.tmp
2010-07-07 16:51:57 52736 ----a-w- c:\windows\system32\SET379.tmp
2010-07-07 16:51:56 483840 ----a-w- c:\windows\system32\SET376.tmp
2010-07-07 16:51:53 338432 ----a-w- c:\windows\system32\SET354.tmp
2010-07-07 16:46:53 19569 ----a-w- c:\windows\002963_.tmp
2010-07-07 16:41:58 30592 ------w- c:\windows\system32\drivers\rndismpx.sys
2010-07-07 16:40:59 41472 ----a-w- c:\windows\system32\dllcache\wmipsess.dll
2010-07-07 16:39:59 90624 ----a-w- c:\windows\system32\dllcache\kswdmcap.ax
2010-07-07 16:38:55 74752 ----a-w- c:\windows\system32\dllcache\storprop.dll
2010-07-07 15:56:50 0 d-----w- C:\5b9335765ae309bb90cca9d8
2010-07-07 13:20:47 0 d--h--w- C:\$AVG
2010-07-07 09:45:21 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-07 09:45:17 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-07 09:45:07 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-07-07 09:44:31 0 d-----w- c:\windows\system32\drivers\Avg
2010-07-07 09:44:24 0 d-----w- c:\docume~1\alluse~1\applic~1\AVG Security Toolbar
2010-07-07 09:39:57 0 d-----w- c:\program files\AVG
2010-07-07 09:39:22 0 d-----w- c:\docume~1\alluse~1\applic~1\avg9
2010-07-07 08:46:20 0 d-----w- c:\docume~1\alluse~1\applic~1\Norton
2010-07-07 03:37:28 0 d-----w- c:\docume~1\rentway\applic~1\Malwarebytes
2010-07-07 03:37:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-07 03:37:07 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-07-07 03:37:06 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-07 03:37:06 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-05 06:14:13 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-07-05 05:21:38 0 d-----w- c:\windows\system32\msapps

==================== Find3M ====================


============= FINISH: 10:45:37.03 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:01:44 PM

Posted 19 July 2010 - 07:14 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks thumbup2.gif
Posted Image
m0le is a proud member of UNITE

#3 dijidl

dijidl
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:44 AM

Posted 22 July 2010 - 10:00 AM

Hello m0le, sorry for the wait... and thank you for the reply.

I am still having the issues I posted about.

#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:01:44 PM

Posted 22 July 2010 - 06:49 PM

You certainly have some issues. wacko.gif


Please run Combofix

Please download ComboFix from one of these locations:* IMPORTANT !!! Save ComboFix.exe to your Desktop making sure you rename it comfix.exe
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Comfix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Posted Image
m0le is a proud member of UNITE

#5 dijidl

dijidl
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:44 AM

Posted 24 July 2010 - 04:54 PM

I've run ComboFix.exe as requested, following the directions carefully.

ComboFix did install the Windows Recovery Console and prompted me, as the directions said... It then began scanning and has been going for exactly 5 hours.

Is there a problem? It seems a great deal longer them the stated '10 minutes, or easily doubled for seriously infected computers.'
ph34r.gif


#6 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:01:44 PM

Posted 24 July 2010 - 04:57 PM

Five hours!!! That I have never heard before. wacko.gif

Please stop the program and run OTL, we'll try and remove some of the malware before going back to Combofix. This first run will just be a scan.
  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Posted Image
m0le is a proud member of UNITE

#7 dijidl

dijidl
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:44 AM

Posted 24 July 2010 - 07:10 PM

Sorry about the wait... Somewhere in the between setting up for ComboFix (Turning off virus protection and other unnecessary programs) my web-browsers option settings got changed. I set them back to normal and ran the scan, according to the directions, without a problem. thumbup.gif


Here are the logs.


OTL.Txt Log

OTL logfile created on: 7/24/2010 7:35:06 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\RENTWAY\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

638.00 Mb Total Physical Memory | 310.00 Mb Available Physical Memory | 49.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): C:\pagefile.sys 957 1157 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 33.70 Gb Total Space | 5.23 Gb Free Space | 15.53% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DIJIDLSbleep
Current User Name: RENTWAY
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\RENTWAY\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe ()
PRC - C:\Program Files\Lexmark Pro200-S500 Series\lxebmon.exe ()
PRC - C:\WINDOWS\SYSTEM32\lxebcoms.exe ( )
PRC - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\lxebserv.exe (Lexmark International, Inc.)
PRC - C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe (Teleca)
PRC - C:\Program Files\Common Files\Teleca Shared\Generic.exe (Teleca AB)
PRC - C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\dbgout.exe (Teleca Sweden AB)
PRC - C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe (Teleca Sweden AB)
PRC - C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe (TODO: <Company name>)
PRC - C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe (Teleca AB)
PRC - C:\Program Files\Common Files\Teleca Shared\logger.exe (Popwire AB)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe (Teleca Sweden AB)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)


========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\RENTWAY\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\SYSTEM32\msscript.ocx (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (WMP54GSSVC) -- C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe WMP54GSv1_1.exe File not found
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe File not found
SRV - (COMServer) -- C:\WINDOWS\System32\msapps\comsrvr.exe File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (avg9emc) -- C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\rswin_3725.dll ()
SRV - (AVG Security Toolbar Service) -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe ()
SRV - (lxeb_device) -- C:\WINDOWS\System32\lxebcoms.exe ( )
SRV - (lxebCATSCustConnectService) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxebserv.exe ()
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (SymIMMP) -- C:\WINDOWS\System32\DRIVERS\SymIM.sys File not found
DRV - (SymIM) -- C:\WINDOWS\System32\DRIVERS\SymIM.sys File not found
DRV - (SBRE) -- C:\WINDOWS\System32\drivers\SBREdrv.sys File not found
DRV - (naecd) -- C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\naecd.sys File not found
DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found
DRV - (catchme) -- C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\catchme.sys File not found
DRV - (AvgTdiX) -- C:\WINDOWS\SYSTEM32\DRIVERS\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgLdx86) -- C:\WINDOWS\SYSTEM32\DRIVERS\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\WINDOWS\SYSTEM32\DRIVERS\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (fssfltr) -- C:\WINDOWS\SYSTEM32\DRIVERS\fssfltr_tdi.sys (Microsoft Corporation)
DRV - (HTCAND32) -- C:\WINDOWS\SYSTEM32\DRIVERS\ANDROIDUSB.sys (HTC, Corporation)
DRV - (motmodem) -- C:\WINDOWS\SYSTEM32\DRIVERS\motmodem.sys (Motorola)
DRV - (ASPI32) -- C:\WINDOWS\System32\drivers\aspi32.sys (Adaptec)
DRV - (BCM42RLY) -- C:\WINDOWS\SYSTEM32\bcm42rly.sys (Broadcom Corporation)
DRV - (NPPTNT2) -- C:\WINDOWS\SYSTEM32\npptNT2.sys (INCA Internet Co., Ltd.)
DRV - (BCM43XX) -- C:\WINDOWS\SYSTEM32\DRIVERS\BCMWL5.SYS (Broadcom Corporation)
DRV - (CA561) -- C:\WINDOWS\SYSTEM32\DRIVERS\SPCA561.SYS (SP)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (nv) -- C:\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS (NVIDIA Corporation)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\WINDOWS\SYSTEM32\DRIVERS\usbaudio.sys (Microsoft Corporation)
DRV - (IntelC53) -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC53.sys (Intel Corporation)
DRV - (senfilt) -- C:\WINDOWS\SYSTEM32\DRIVERS\senfilt.sys (Sensaura)
DRV - (IntelC52) -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC52.sys (Intel Corporation)
DRV - (IntelC51) -- C:\WINDOWS\SYSTEM32\DRIVERS\IntelC51.sys (Intel Corporation)
DRV - (mohfilt) -- C:\WINDOWS\SYSTEM32\DRIVERS\mohfilt.sys (Intel Corporation)
DRV - (GTNDIS5) -- C:\WINDOWS\SYSTEM32\GTNDIS5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\SYSTEM32\DRIVERS\wanatw4.sys (America Online, Inc.)
DRV - (nvcap) nVidia WDM Video Capture (universal) -- C:\WINDOWS\SYSTEM32\DRIVERS\NVCAP.SYS (NVIDIA Corporation)
DRV - (NVXBAR) -- C:\WINDOWS\SYSTEM32\DRIVERS\NVXBAR.SYS (NVIDIA Corporation)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (MODEMCSA) -- C:\WINDOWS\SYSTEM32\DRIVERS\MODEMCSA.sys (Microsoft Corporation)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/mywaybiz
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.myspace.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,AutoSearch = http://ie.search.msn.com/{SUB_RFC1766}/src...autosearch.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\SYSTEM32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.845
FF - prefs.js..extensions.enabledItems: avg@igeared:4.504.019.002
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.1
FF - prefs.js..extensions.enabledItems: okim@okcupid.com:1.2.2
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.7
FF - prefs.js..extensions.enabledItems: bloodfire@example.com:3.6
FF - prefs.js..extensions.enabledItems: david@dkjensen.com:0.0.4

FF - HKLM\software\mozilla\Firefox\extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/10/01 03:03:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2008/12/08 16:01:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/07/21 10:11:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010/07/07 05:44:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/22 10:44:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/07/22 10:44:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b1\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 1\components [2010/07/24 06:49:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b1\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 1\plugins

[2010/07/12 14:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\Mozilla\Extensions
[2010/07/12 14:22:26 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\RENTWAY\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010/07/23 14:29:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\Mozilla\Firefox\Profiles\epjunh9d.default\extensions
[2010/07/12 14:07:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\RENTWAY\Application Data\Mozilla\Firefox\Profiles\epjunh9d.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2010/07/12 14:07:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\RENTWAY\Application Data\Mozilla\Firefox\Profiles\epjunh9d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/12 14:07:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\Mozilla\Firefox\Profiles\epjunh9d.default\extensions\bloodfire@example.com
[2010/07/12 14:07:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\Mozilla\Firefox\Profiles\epjunh9d.default\extensions\david@dkjensen.com
[2010/07/12 14:07:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\Mozilla\Firefox\Profiles\epjunh9d.default\extensions\okim@okcupid.com
[2010/07/08 09:08:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\Mozilla\Firefox\Profiles\epjunh9d.default\extensions\david@dkjensen.com\chrome\mozapps\extensions
[2010/07/12 14:22:04 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/22 10:44:36 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/07/22 10:44:28 | 000,023,512 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010/07/22 10:44:28 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2010/07/22 10:44:31 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2010/06/26 03:01:57 | 000,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2010/06/26 03:01:57 | 000,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2010/07/08 08:56:02 | 000,001,345 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\avg_igeared.xml
[2010/06/26 03:01:57 | 000,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2010/06/26 03:01:57 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2010/06/26 03:01:57 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010/06/26 03:01:57 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2010/06/26 03:01:57 | 000,001,096 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll File not found
O2 - BHO: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll (Google Inc.)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Toolbar) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DVDLauncher] C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe (CyberLink Corp.)
O4 - HKLM..\Run: [EzPrint] C:\Program Files\Lexmark Pro200-S500 Series\ezprint.exe ()
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\SYSTEM32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\SYSTEM32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\SYSTEM32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe (Intel Corporation)
O4 - HKLM..\Run: [Lexmark Pro200-S500 Series Fax Server] C:\Program Files\Lexmark Pro200-S500 Series\fm3032.exe ()
O4 - HKLM..\Run: [lxebmon.exe] C:\Program Files\Lexmark Pro200-S500 Series\lxebmon.exe ()
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corp.)
O4 - HKLM..\Run: [Mobile Connectivity Suite] C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe (Teleca Sweden AB)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\SYSTEM32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Desktop Software] C:\Program Files\Common Files\SupportSoft\bin\bcont.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - Startup: C:\Documents and Settings\DIJIDLSBABY\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\SYSTEM32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\SYSTEM32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\SYSTEM32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} http://h20270.www2.hp.com/ediags/gmn/insta...staller_gmn.cab (VerifyGMN Class)
O16 - DPF: {2019DC25-D1C0-11D6-97B3-0008A124F542} http://www.streamplug.com/StreamPlug/beta/SP.cab (StreamPlug Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.4.1.cab (DLM Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} http://www.slide.com/uploader/SlideImageUploader.cab (Slide Image Uploader Control)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdat...b?1174348311671 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} http://download.yahoo.com/dl/installs/yab_af.cab (Reg Error: Key error.)
O16 - DPF: {BDEE1959-AB6B-4745-A29B-F492861102CC} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D18F962A-3722-4B59-B08D-28BB9EB2281E} http://photos.yahoo.com/ocx/us/yexplorer1_9us.cab (PhotosCtrl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?326 (QDiagHUpdateObj Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.74.166 68.87.68.166
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\SYSTEM32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SYSTEM32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\SYSTEM32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SYSTEM32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\SYSTEM32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\SYSTEM32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\RegCompact: DllName - RegCompact.dll - C:\WINDOWS\System32\RegCompact.dll (AMUST Software)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\SYSTEM32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\SYSTEM32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\SYSTEM32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {aed6f6a3-183c-488d-9f90-23db99f56e7f} - apathies - Reg Error: Key error. File not found
O22 - SharedTaskScheduler: bestreak - {874443fe-aa33-4ebf-a6ac-73208787e62d} - Reg Error: Key error. File not found
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\RENTWAY\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\RENTWAY\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 15:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/07/24 19:29:29 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\RENTWAY\Desktop\OTL.exe
[2010/07/24 19:23:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2010/07/24 18:40:58 | 000,000,000 | --SD | C] -- C:\comfix31525c
[2010/07/24 13:16:34 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/07/24 13:11:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Google
[2010/07/24 13:10:09 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/07/24 13:10:09 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/07/24 13:10:09 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/07/24 13:10:09 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/07/24 13:09:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/07/24 13:09:32 | 000,000,000 | --SD | C] -- C:\comfix
[2010/07/24 06:48:27 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox 4.0 Beta 1
[2010/07/23 17:25:57 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\RENTWAY\PrivacIE
[2010/07/21 10:53:41 | 000,123,888 | ---- | C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpyi64.exe
[2010/07/21 10:47:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010/07/17 10:15:30 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\RENTWAY\IECompatCache
[2010/07/14 13:59:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\RENTWAY\Desktop\download
[2010/07/14 13:58:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\RENTWAY\Desktop\Browser
[2010/07/14 13:49:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\RENTWAY\Desktop\MUSIC
[2010/07/14 13:49:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\RENTWAY\Desktop\OTHERS
[2010/07/13 05:51:18 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Documents and Settings\RENTWAY\Desktop\ATF-Cleaner.exe
[2010/07/13 05:27:13 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\RENTWAY\IETldCache
[2010/07/13 05:12:38 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010/07/13 04:41:20 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/07/13 03:34:34 | 331,805,736 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\RENTWAY\Desktop\WindowsXP-KB936929-SP3-x86-ENU.exe
[2010/07/13 03:21:14 | 123,225,432 | ---- | C] (SQUARE ENIX CO., LTD.) -- C:\Documents and Settings\RENTWAY\Desktop\ffxivsetup.exe
[2010/07/12 14:24:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
[2010/07/12 14:23:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\RENTWAY\Local Settings\Application Data\Deployment
[2010/07/12 14:18:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Google
[2010/07/08 16:18:31 | 007,411,096 | ---- | C] (Xceed Software Inc. 1-450-442-2626 info@xceedsoft.com www.xceedsoft.com) -- C:\Documents and Settings\RENTWAY\My Documents\R94481.EXE
[2010/07/08 10:09:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2010/07/08 08:56:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\RENTWAY\Local Settings\Application Data\AVG Security Toolbar
[2010/07/08 08:53:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\RENTWAY\Application Data\Mozilla
[2010/07/07 12:42:05 | 000,043,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\drivers\amdagp.sys
[2010/07/07 12:42:05 | 000,041,088 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sisagp.sys
[2010/07/07 12:42:01 | 002,897,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp2res.dll
[2010/07/07 12:42:01 | 002,897,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_004001_.tmp.dll
[2010/07/07 12:41:58 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2010/07/07 12:41:57 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\p2pgasvc.dll
[2010/07/07 12:41:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdukx.dll
[2010/07/07 12:41:56 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxb.dll
[2010/07/07 12:41:56 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logman.exe
[2010/07/07 12:41:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res2.dll
[2010/07/07 12:41:56 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprpres.dll
[2010/07/07 12:41:55 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\dllcache\nv4_disp.dll
[2010/07/07 12:41:55 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\p2psvc.dll
[2010/07/07 12:41:55 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscui.cpl
[2010/07/07 12:41:55 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltlib.dll
[2010/07/07 12:41:55 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscntfy.exe
[2010/07/07 12:41:55 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx2.dll
[2010/07/07 12:41:55 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsmsno.dll
[2010/07/07 12:41:54 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\p2pgraph.dll
[2010/07/07 12:41:54 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sbeio.dll
[2010/07/07 12:41:54 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshbth.dll
[2010/07/07 12:41:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfi1.dll
[2010/07/07 12:41:54 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx4.dll
[2010/07/07 12:41:54 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmlt47.dll
[2010/07/07 12:41:53 | 004,256,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2res.dll
[2010/07/07 12:41:53 | 000,263,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\http.sys
[2010/07/07 12:41:53 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ae.dll
[2010/07/07 12:41:53 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadiag.dll
[2010/07/07 12:41:53 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwcfg.dll
[2010/07/07 12:41:53 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpapi.dll
[2010/07/07 12:41:53 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smbinst.exe
[2010/07/07 12:41:53 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hccoin.dll
[2010/07/07 12:41:52 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssap.dll
[2010/07/07 12:41:52 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado27.tlb
[2010/07/07 12:41:52 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\proxycfg.exe
[2010/07/07 12:41:52 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2eres.dll
[2010/07/07 12:41:51 | 000,502,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2fxa.dll
[2010/07/07 12:41:51 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgr.dll
[2010/07/07 12:41:51 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_004002_.tmp.dll
[2010/07/07 12:41:51 | 000,128,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmgr.sys
[2010/07/07 12:41:51 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\p2pnetsh.dll
[2010/07/07 12:41:51 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spnpinst.exe
[2010/07/07 12:41:51 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmal.dll
[2010/07/07 12:41:51 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinbe1.dll
[2010/07/07 12:41:50 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fsquirt.exe
[2010/07/07 12:41:50 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqldb20.dll
[2010/07/07 12:41:50 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlse20.dll
[2010/07/07 12:41:50 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\btpanui.dll
[2010/07/07 12:41:50 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powercfg.exe
[2010/07/07 12:41:50 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fltmc.exe
[2010/07/07 12:41:50 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmsetacl.dll
[2010/07/07 12:41:49 | 000,462,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlqp20.dll
[2010/07/07 12:41:49 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhttp.dll
[2010/07/07 12:41:49 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra041b.dll
[2010/07/07 12:41:49 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsp1res.dll
[2010/07/07 12:41:49 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthserv.dll
[2010/07/07 12:41:49 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax
[2010/07/07 12:41:49 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winshfhc.dll
[2010/07/07 12:41:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsmsfi.dll
[2010/07/07 12:41:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bitsprx3.dll
[2010/07/07 12:41:48 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb041b.dll
[2010/07/07 12:41:48 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2010/07/07 12:41:48 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spra0424.dll
[2010/07/07 12:41:48 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msctfime.ime
[2010/07/07 12:41:48 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\p2p.dll
[2010/07/07 12:41:48 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\encapi.dll
[2010/07/07 12:41:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\auditusr.exe
[2010/07/07 12:41:48 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2ext.dll
[2010/07/07 12:41:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdno1.dll
[2010/07/07 12:41:48 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmlt48.dll
[2010/07/07 12:41:47 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sprb0424.dll
[2010/07/07 12:41:47 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpob2res.dll
[2010/07/07 12:41:47 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb041b.dll
[2010/07/07 12:41:47 | 000,402,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmm2filt.dll
[2010/07/07 12:41:47 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmfilt.dll
[2010/07/07 12:41:47 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blastcln.exe
[2010/07/07 12:41:47 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spgrmr.dll
[2010/07/07 12:41:46 | 000,408,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\obrb0424.dll
[2010/07/07 12:41:46 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hscupd.exe
[2010/07/07 12:41:46 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinben.dll
[2010/07/07 12:41:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmaori.dll
[2010/07/07 12:41:34 | 000,450,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010/07/07 12:41:34 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acspecfc.dll
[2010/07/07 12:41:34 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentctl.dll
[2010/07/07 12:41:34 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclua.dll
[2010/07/07 12:41:34 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acxtrnal.dll
[2010/07/07 12:41:34 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentdpv.dll
[2010/07/07 12:41:34 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentdp2.dll
[2010/07/07 12:41:34 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentanm.dll
[2010/07/07 12:41:33 | 000,256,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentsvr.exe
[2010/07/07 12:41:33 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentmpx.dll
[2010/07/07 12:41:33 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agentsr.dll
[2010/07/07 12:41:33 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0408.dll
[2010/07/07 12:41:33 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040c.dll
[2010/07/07 12:41:33 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0407.dll
[2010/07/07 12:41:33 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0410.dll
[2010/07/07 12:41:33 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040e.dll
[2010/07/07 12:41:33 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040b.dll
[2010/07/07 12:41:33 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0409.dll
[2010/07/07 12:41:33 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0406.dll
[2010/07/07 12:41:33 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0405.dll
[2010/07/07 12:41:33 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2010/07/07 12:41:32 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0413.dll
[2010/07/07 12:41:32 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0416.dll
[2010/07/07 12:41:32 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2010/07/07 12:41:32 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041f.dll
[2010/07/07 12:41:32 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt041d.dll
[2010/07/07 12:41:32 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0419.dll
[2010/07/07 12:41:32 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0415.dll
[2010/07/07 12:41:32 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0414.dll
[2010/07/07 12:41:32 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2010/07/07 12:41:32 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2010/07/07 12:41:31 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\callcont.dll
[2010/07/07 12:41:31 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agtintl.dll
[2010/07/07 12:41:31 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0816.dll
[2010/07/07 12:41:31 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0c0a.dll
[2010/07/07 12:41:31 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agtctl15.tlb
[2010/07/07 12:41:30 | 001,032,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conf.exe
[2010/07/07 12:41:30 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrepl.exe
[2010/07/07 12:41:30 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comrereg.exe
[2010/07/07 12:41:29 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dialer.exe
[2010/07/07 12:41:29 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\directdb.dll
[2010/07/07 12:41:29 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmrsl.dll
[2010/07/07 12:41:29 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcap32.dll
[2010/07/07 12:41:26 | 000,768,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpctr.exe
[2010/07/07 12:41:26 | 000,618,605 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4autl.dll
[2010/07/07 12:41:26 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323cc.dll
[2010/07/07 12:41:24 | 000,163,840 | ---- | C] (America Online) -- C:\WINDOWS\System32\dllcache\jgdw400.dll
[2010/07/07 12:41:24 | 000,027,648 | ---- | C] (Johnson-Grace Company) -- C:\WINDOWS\System32\dllcache\jgpl400.dll
[2010/07/07 12:41:24 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msader15.dll
[2010/07/07 12:41:23 | 000,536,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado15.dll
[2010/07/07 12:41:23 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscandui.dll
[2010/07/07 12:41:23 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadox.dll
[2010/07/07 12:41:23 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadomd.dll
[2010/07/07 12:41:23 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado26.tlb
[2010/07/07 12:41:23 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado25.tlb
[2010/07/07 12:41:23 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado21.tlb
[2010/07/07 12:41:23 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msado20.tlb
[2010/07/07 12:41:23 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadrh15.dll
[2010/07/07 12:41:23 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msador15.dll
[2010/07/07 12:41:22 | 003,166,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msgr3en.dll
[2010/07/07 12:41:22 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconfig.exe
[2010/07/07 12:41:22 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjro.dll
[2010/07/07 12:41:22 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msimn.exe
[2010/07/07 12:41:22 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mslwvtts.dll
[2010/07/07 12:41:16 | 002,479,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeres.dll
[2010/07/07 12:41:15 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst120.dll
[2010/07/07 12:41:15 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmas.dll
[2010/07/07 12:41:15 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nac.dll
[2010/07/07 12:41:15 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisnpp.dll
[2010/07/07 12:41:15 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mst123.dll
[2010/07/07 12:41:15 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmasnt.dll
[2010/07/07 12:41:14 | 002,136,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010/07/07 12:41:14 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmwb.dll
[2010/07/07 12:41:14 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmoldwb.dll
[2010/07/07 12:41:14 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmft.dll
[2010/07/07 12:41:14 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmchat.dll
[2010/07/07 12:41:14 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmcom.dll
[2010/07/07 12:41:14 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nppagent.exe
[2010/07/07 12:41:13 | 002,015,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010/07/07 12:41:13 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oeimport.dll
[2010/07/07 12:41:13 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pchshell.dll
[2010/07/07 12:41:13 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemig50.exe
[2010/07/07 12:41:13 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oemiglib.dll
[2010/07/07 12:41:11 | 000,741,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.dll
[2010/07/07 12:41:11 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapi.cpl
[2010/07/07 12:41:11 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rrcm.dll
[2010/07/07 12:41:10 | 000,725,566 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchui.dll
[2010/07/07 12:41:10 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkbd.dll
[2010/07/07 12:41:10 | 000,058,434 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srchctls.dll
[2010/07/07 12:41:09 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tourstrt.exe
[2010/07/07 12:41:09 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uploadm.exe
[2010/07/07 12:41:08 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2010/07/07 12:41:07 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32.dll
[2010/07/07 12:41:06 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab32res.dll
[2010/07/07 12:41:06 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabimp.dll
[2010/07/07 12:41:06 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wabmig.exe
[2010/07/07 12:41:03 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\krnlprov.dll
[2010/07/07 12:41:03 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntrprv.dll
[2010/07/07 12:41:03 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mofcomp.exe
[2010/07/07 12:41:02 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\provthrd.dll
[2010/07/07 12:41:02 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntevt.dll
[2010/07/07 12:41:02 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\viewprov.dll
[2010/07/07 12:41:02 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stdprov.dll
[2010/07/07 12:41:02 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrcons.exe
[2010/07/07 12:41:01 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemupgd.dll
[2010/07/07 12:41:01 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemcntl.dll
[2010/07/07 12:41:01 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.dll
[2010/07/07 12:41:01 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemtest.exe
[2010/07/07 12:41:01 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemperf.dll
[2010/07/07 12:41:00 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidcprv.dll
[2010/07/07 12:41:00 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipdskq.dll
[2010/07/07 12:41:00 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiaprpl.dll
[2010/07/07 12:41:00 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipjobj.dll
[2010/07/07 12:41:00 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipiprt.dll
[2010/07/07 12:41:00 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmicookr.dll
[2010/07/07 12:41:00 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiapres.dll
[2010/07/07 12:40:59 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipsess.dll
[2010/07/07 12:40:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaer.dll
[2010/07/07 12:40:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaenum.dll
[2010/07/07 12:40:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdadc.dll
[2010/07/07 12:40:56 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaora.dll
[2010/07/07 12:40:56 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaps.dll
[2010/07/07 12:40:56 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaosp.dll
[2010/07/07 12:40:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaorar.dll
[2010/07/07 12:40:55 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasql.dll
[2010/07/07 12:40:55 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatl3.dll
[2010/07/07 12:40:55 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatt.dll
[2010/07/07 12:40:55 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasqlr.dll
[2010/07/07 12:40:55 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdasc.dll
[2010/07/07 12:40:54 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlxmlx.dll
[2010/07/07 12:40:54 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledb32r.dll
[2010/07/07 12:40:54 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxactps.dll
[2010/07/07 12:40:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaurl.dll
[2010/07/07 12:40:46 | 001,033,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\explorer.exe
[2010/07/07 12:40:45 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winhlp32.exe
[2010/07/07 12:40:45 | 000,050,688 | ---- | C] (Twain Working Group) -- C:\WINDOWS\System32\dllcache\twain_32.dll
[2010/07/07 12:40:44 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobcomm.dll
[2010/07/07 12:40:44 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobdl.dll
[2010/07/07 12:40:43 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\guitrn.dll
[2010/07/07 12:40:43 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oobebaln.exe
[2010/07/07 12:40:43 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobshel.dll
[2010/07/07 12:40:43 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoobe.exe
[2010/07/07 12:40:43 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msobweb.dll
[2010/07/07 12:40:42 | 000,201,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migism.dll
[2010/07/07 12:40:42 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migload.exe
[2010/07/07 12:40:42 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\log.dll
[2010/07/07 12:40:40 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\script.dll
[2010/07/07 12:40:40 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysmod.dll
[2010/07/07 12:40:39 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclui.dll
[2010/07/07 12:40:39 | 000,100,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\6to4svc.dll
[2010/07/07 12:40:39 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2010/07/07 12:40:38 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsldp.dll
[2010/07/07 12:40:38 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\actmovie.exe
[2010/07/07 12:40:37 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsmsext.dll
[2010/07/07 12:40:36 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsnt.dll
[2010/07/07 12:40:36 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ahui.exe
[2010/07/07 12:40:35 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asctrls.ocx
[2010/07/07 12:40:35 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\at.exe
[2010/07/07 12:40:35 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atmadm.exe
[2010/07/07 12:40:34 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\autofmt.exe
[2010/07/07 12:40:34 | 000,030,208 | ---- | C] (Adobe Systems) -- C:\WINDOWS\System32\dllcache\atmlib.dll
[2010/07/07 12:40:34 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\autolfn.exe
[2010/07/07 12:40:34 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\attrib.exe
[2010/07/07 12:40:33 | 001,022,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browseui.dll
[2010/07/07 12:40:33 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2010/07/07 12:40:33 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\capesnpn.dll
[2010/07/07 12:40:33 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifil32.dll
[2010/07/07 12:40:33 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browsewm.dll
[2010/07/07 12:40:33 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\camocx.dll
[2010/07/07 12:40:33 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bidispl.dll
[2010/07/07 12:40:33 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\batt.dll
[2010/07/07 12:40:32 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdfview.dll
[2010/07/07 12:40:32 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\catsrvps.dll
[2010/07/07 12:40:31 | 000,457,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmgr.dll
[2010/07/07 12:40:31 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cic.dll
[2010/07/07 12:40:31 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ciodm.dll
[2010/07/07 12:40:31 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgbkend.dll
[2010/07/07 12:40:30 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2010/07/07 12:40:30 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmcfg32.dll
[2010/07/07 12:40:29 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmdial32.dll
[2010/07/07 12:40:29 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmprops.dll
[2010/07/07 12:40:29 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmstp.exe
[2010/07/07 12:40:29 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmdl32.exe
[2010/07/07 12:40:29 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmutil.dll
[2010/07/07 12:40:29 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmmon32.exe
[2010/07/07 12:40:28 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\colbact.dll
[2010/07/07 12:40:28 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comaddin.dll
[2010/07/07 12:40:27 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compstui.dll
[2010/07/07 12:40:25 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\confmsp.dll
[2010/07/07 12:40:25 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comsnap.dll
[2010/07/07 12:40:25 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cscript.exe
[2010/07/07 12:40:25 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cryptdlg.dll
[2010/07/07 12:40:25 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\conime.exe
[2010/07/07 12:40:24 | 001,054,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\danim.dll
[2010/07/07 12:40:24 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\daxctle.ocx
[2010/07/07 12:40:24 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\datime.dll
[2010/07/07 12:40:23 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dbnetlib.dll
[2010/07/07 12:40:23 | 000,082,432 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgfat.exe
[2010/07/07 12:40:23 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ddeshare.exe
[2010/07/07 12:40:23 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dcomcnfg.exe
[2010/07/07 12:40:22 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhcpmon.dll
[2010/07/07 12:40:22 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diskpart.exe
[2010/07/07 12:40:22 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dinput.dll
[2010/07/07 12:40:22 | 000,123,904 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgui.dll
[2010/07/07 12:40:22 | 000,111,104 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\dllcache\dgnet.dll
[2010/07/07 12:40:22 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\diantz.exe
[2010/07/07 12:40:22 | 000,038,912 | ---- | C] (Microsoft Corp. and Executive Software International, Inc.) -- C:\WINDOWS\System32\dllcache\dfrgsnap.dll
[2010/07/07 12:40:21 | 000,273,920 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmdlgs.dll
[2010/07/07 12:40:21 | 000,200,704 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmdskmgr.dll
[2010/07/07 12:40:21 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmime.dll
[2010/07/07 12:40:21 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmstyle.dll
[2010/07/07 12:40:21 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmscript.dll
[2010/07/07 12:40:21 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmcompos.dll
[2010/07/07 12:40:21 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmloader.dll
[2010/07/07 12:40:21 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmband.dll
[2010/07/07 12:40:21 | 000,015,872 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmremote.exe
[2010/07/07 12:40:20 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplayx.dll
[2010/07/07 12:40:20 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsapi.dll
[2010/07/07 12:40:20 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.dll
[2010/07/07 12:40:20 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmsynth.dll
[2010/07/07 12:40:20 | 000,052,224 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\System32\dllcache\dmutil.dll
[2010/07/07 12:40:20 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dnsrslvr.dll
[2010/07/07 12:40:20 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dplaysvr.exe
[2010/07/07 12:40:20 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpmodemx.dll
[2010/07/07 12:40:19 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll
[2010/07/07 12:40:19 | 000,212,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvoice.dll
[2010/07/07 12:40:19 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvvox.dll
[2010/07/07 12:40:19 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvsetup.exe
[2010/07/07 12:40:19 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnhpast.dll
[2010/07/07 12:40:19 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpvacm.dll
[2010/07/07 12:40:19 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnsvr.exe
[2010/07/07 12:40:19 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnlobby.dll
[2010/07/07 12:40:19 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnaddr.dll
[2010/07/07 12:40:18 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmo.dll
[2010/07/07 12:40:18 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsdmoprp.dll
[2010/07/07 12:40:18 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpwsockx.dll
[2010/07/07 12:40:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ds32gt.dll
[2010/07/07 12:40:17 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsound3d.dll
[2010/07/07 12:40:17 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprop.dll
[2010/07/07 12:40:17 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dswave.dll
[2010/07/07 12:40:17 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dumprep.exe
[2010/07/07 12:40:16 | 001,298,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dxdiag.exe
[2010/07/07 12:40:16 | 001,227,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx8vb.dll
[2010/07/07 12:40:16 | 000,619,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dx7vb.dll
[2010/07/07 12:40:16 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dvdupgrd.exe
[2010/07/07 12:40:15 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\es.dll
[2010/07/07 12:40:14 | 000,380,957 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\expsrv.dll
[2010/07/07 12:40:14 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\eudcedit.exe
[2010/07/07 12:40:14 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\extrac32.exe
[2010/07/07 12:40:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2010/07/07 12:40:13 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2010/07/07 12:40:13 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\findstr.exe
[2010/07/07 12:40:13 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontview.exe
[2010/07/07 12:40:13 | 000,009,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\framebuf.dll
[2010/07/07 12:40:13 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\forcedos.exe
[2010/07/07 12:40:12 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2010/07/07 12:40:12 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2010/07/07 12:40:12 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2010/07/07 12:40:12 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2010/07/07 12:40:12 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2010/07/07 12:40:12 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2010/07/07 12:40:12 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2010/07/07 12:40:12 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2010/07/07 12:40:12 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2010/07/07 12:40:11 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2010/07/07 12:40:11 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2010/07/07 12:40:11 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2010/07/07 12:40:11 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2010/07/07 12:40:11 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2010/07/07 12:40:11 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2010/07/07 12:40:10 | 000,614,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\h323msp.dll
[2010/07/07 12:40:10 | 000,546,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hhctrl.ocx
[2010/07/07 12:40:10 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gdi32.dll
[2010/07/07 12:40:10 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hdwwiz.cpl
[2010/07/07 12:40:10 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\glu32.dll
[2010/07/07 12:40:10 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\grpconv.exe
[2010/07/07 12:40:10 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\help.exe
[2010/07/07 12:40:10 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gpkrsrc.dll
[2010/07/07 12:40:09 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hlink.dll
[2010/07/07 12:40:09 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2010/07/07 12:40:08 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hotplug.dll
[2010/07/07 12:40:07 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\htui.dll
[2010/07/07 12:40:06 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iasrad.dll
[2010/07/07 12:40:05 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ifmon.dll
[2010/07/07 12:40:05 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\idq.dll
[2010/07/07 12:40:05 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iexpress.exe
[2010/07/07 12:40:05 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ils.dll
[2010/07/07 12:40:05 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdial.dll
[2010/07/07 12:40:05 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwphbk.dll
[2010/07/07 12:40:05 | 000,036,921 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imeshare.dll
[2010/07/07 12:40:05 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\igmpagnt.dll
[2010/07/07 12:40:04 | 000,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2010/07/07 12:40:04 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcfg.dll
[2010/07/07 12:40:04 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmib1.dll
[2010/07/07 12:40:04 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetppui.dll
[2010/07/07 12:40:03 | 000,349,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsecsnp.dll
[2010/07/07 12:40:03 | 000,330,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ippromon.dll
[2010/07/07 12:40:03 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprtrmgr.dll
[2010/07/07 12:40:03 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipmontr.dll
[2010/07/07 12:40:03 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\initpki.dll
[2010/07/07 12:40:03 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\intl.cpl
[2010/07/07 12:40:03 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\input.dll
[2010/07/07 12:40:03 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iphlpapi.dll
[2010/07/07 12:40:03 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipconfig.exe
[2010/07/07 12:40:02 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsmsnap.dll
[2010/07/07 12:40:02 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isign32.dll
[2010/07/07 12:40:02 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipv6mon.dll
[2010/07/07 12:40:02 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipv6.exe
[2010/07/07 12:40:02 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\isrdbg32.dll
[2010/07/07 12:40:02 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipxroute.exe
[2010/07/07 12:40:02 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipxwan.dll
[2010/07/07 12:40:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2010/07/07 12:40:01 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ixsso.dll
[2010/07/07 12:40:01 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iyuv_32.dll
[2010/07/07 12:40:00 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\joy.cpl
[2010/07/07 12:40:00 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec.dll
[2010/07/07 12:40:00 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2010/07/07 12:40:00 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2010/07/07 12:40:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2010/07/07 12:40:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2010/07/07 12:40:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2010/07/07 12:40:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106.dll
[2010/07/07 12:40:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2010/07/07 12:39:59 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kerberos.dll
[2010/07/07 12:39:59 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\keymgr.dll
[2010/07/07 12:39:59 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksproxy.ax
[2010/07/07 12:39:59 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2010/07/07 12:39:59 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2010/07/07 12:39:59 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2010/07/07 12:39:59 | 000,007,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kd1394.dll
[2010/07/07 12:39:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksuser.dll
[2010/07/07 12:39:58 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmrt.dll
[2010/07/07 12:39:57 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\localsec.dll
[2010/07/07 12:39:57 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\localui.dll
[2010/07/07 12:39:56 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprhelp.dll
[2010/07/07 12:39:55 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdminst.dll
[2010/07/07 12:39:55 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\makecab.exe
[2010/07/07 12:39:55 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciavi32.dll
[2010/07/07 12:39:55 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\magnify.exe
[2010/07/07 12:39:55 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mf3216.dll
[2010/07/07 12:39:55 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciwave.dll
[2010/07/07 12:39:55 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciseq.dll
[2010/07/07 12:39:55 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mcastmib.dll
[2010/07/07 12:39:54 | 000,927,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2010/07/07 12:39:53 | 000,815,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmc.exe
[2010/07/07 12:39:53 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmcbase.dll
[2010/07/07 12:39:53 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\miglibnt.dll
[2010/07/07 12:39:53 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mimefilt.dll
[2010/07/07 12:39:52 | 001,192,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmcndmgr.dll
[2010/07/07 12:39:52 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmfutil.dll
[2010/07/07 12:39:51 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mobsync.dll
[2010/07/07 12:39:51 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\modemui.dll
[2010/07/07 12:39:51 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mobsync.exe
[2010/07/07 12:39:51 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mnmdd.dll
[2010/07/07 12:39:49 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msctf.dll
[2010/07/07 12:39:49 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscms.dll
[2010/07/07 12:39:49 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msconf.dll
[2010/07/07 12:39:49 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msctfp.dll
[2010/07/07 12:39:49 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msasn1.dll
[2010/07/07 12:39:49 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscpxl32.dll
[2010/07/07 12:39:49 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mscpx32r.dll
[2010/07/07 12:39:49 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msafd.dll
[2010/07/07 12:39:48 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtctm.dll
[2010/07/07 12:39:48 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcprx.dll
[2010/07/07 12:39:48 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtcuiu.dll
[2010/07/07 12:39:48 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdart.dll
[2010/07/07 12:39:48 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtclog.dll
[2010/07/07 12:39:48 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdatsrc.tlb
[2010/07/07 12:39:45 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msident.dll
[2010/07/07 12:39:43 | 000,151,583 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msjint40.dll
[2010/07/07 12:39:43 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mslbui.dll
[2010/07/07 12:39:42 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoeacct.dll
[2010/07/07 12:39:42 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msorcl32.dll
[2010/07/07 12:39:42 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msorc32r.dll
[2010/07/07 12:39:40 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscript.ocx
[2010/07/07 12:39:40 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstinit.exe
[2010/07/07 12:39:39 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvcirt.dll
[2010/07/07 12:39:37 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswsock.dll
[2010/07/07 12:39:37 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswebdvd.dll
[2010/07/07 12:39:37 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msw3prt.dll
[2010/07/07 12:39:36 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml2.dll
[2010/07/07 12:39:36 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxclu.dll
[2010/07/07 12:39:36 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msyuv.dll
[2010/07/07 12:39:35 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\net1.exe
[2010/07/07 12:39:35 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxoci.dll
[2010/07/07 12:39:35 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\narrator.exe
[2010/07/07 12:39:35 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\net.exe
[2010/07/07 12:39:35 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxlegih.dll
[2010/07/07 12:39:35 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxdm.dll
[2010/07/07 12:39:35 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nddenb32.dll
[2010/07/07 12:39:35 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nddeapir.exe
[2010/07/07 12:39:35 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtxex.dll
[2010/07/07 12:39:34 | 000,332,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2010/07/07 12:39:34 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netid.dll
[2010/07/07 12:39:33 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netsetup.exe
[2010/07/07 12:39:33 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netsh.exe
[2010/07/07 12:39:32 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netstat.exe
[2010/07/07 12:39:31 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nlhtml.dll
[2010/07/07 12:39:31 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notepad.exe
[2010/07/07 12:39:31 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmmkcert.dll
[2010/07/07 12:39:30 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntmsmgr.dll
[2010/07/07 12:39:30 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntmsdba.dll
[2010/07/07 12:39:30 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npptools.dll
[2010/07/07 12:39:30 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntmsapi.dll
[2010/07/07 12:39:29 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oakley.dll
[2010/07/07 12:39:29 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntvdmd.dll
[2010/07/07 12:39:28 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\objsel.dll
[2010/07/07 12:39:28 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbc32gt.dll
[2010/07/07 12:39:27 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcconf.dll
[2010/07/07 12:39:27 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcconf.exe
[2010/07/07 12:39:27 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbccp32.cpl
[2010/07/07 12:39:27 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcad32.exe
[2010/07/07 12:39:26 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbccp32.dll
[2010/07/07 12:39:26 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbccu32.dll
[2010/07/07 12:39:26 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbccr32.dll
[2010/07/07 12:39:26 | 000,053,279 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcji32.dll
[2010/07/07 12:39:25 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcjt32.dll
[2010/07/07 12:39:25 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbctrac.dll
[2010/07/07 12:39:25 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\offfilt.dll
[2010/07/07 12:39:25 | 000,020,511 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odtext32.dll
[2010/07/07 12:39:25 | 000,020,511 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oddbse32.dll
[2010/07/07 12:39:25 | 000,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odpdx32.dll
[2010/07/07 12:39:25 | 000,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odfox32.dll
[2010/07/07 12:39:25 | 000,020,510 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odexl32.dll
[2010/07/07 12:39:25 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\odbcp32r.dll
[2010/07/07 12:39:23 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oledlg.dll
[2010/07/07 12:39:23 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleprn.dll
[2010/07/07 12:39:21 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\osk.exe
[2010/07/07 12:39:21 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pautoenr.dll
[2010/07/07 12:39:21 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\packager.exe
[2010/07/07 12:39:20 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pid.dll
[2010/07/07 12:39:20 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfproc.dll
[2010/07/07 12:39:20 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ping.exe
[2010/07/07 12:39:20 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfnet.dll
[2010/07/07 12:39:20 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfmon.exe
[2010/07/07 12:39:19 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\powercfg.cpl
[2010/07/07 12:39:19 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\polstore.dll
[2010/07/07 12:39:19 | 000,081,920 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\dllcache\proctexe.ocx
[2010/07/07 12:39:19 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\proquota.exe
[2010/07/07 12:39:19 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pstorec.dll
[2010/07/07 12:39:18 | 001,435,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.dll
[2010/07/07 12:39:18 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qprocess.exe
[2010/07/07 12:39:18 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qmgrprxy.dll
[2010/07/07 12:39:17 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasmans.dll
[2010/07/07 12:39:17 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdchost.dll
[2010/07/07 12:39:17 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rastls.dll
[2010/07/07 12:39:17 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rcbdyctl.dll
[2010/07/07 12:39:17 | 000,092,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpdd.dll
[2010/07/07 12:39:17 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpwsx.dll
[2010/07/07 12:39:17 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\raschap.dll
[2010/07/07 12:39:17 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdshost.exe
[2010/07/07 12:39:17 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasphone.exe
[2010/07/07 12:39:17 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\racpldlg.dll
[2010/07/07 12:39:17 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rcimlby.exe
[2010/07/07 12:39:17 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rcp.exe
[2010/07/07 12:39:17 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpsnd.dll
[2010/07/07 12:39:17 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rassapi.dll
[2010/07/07 12:39:17 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdsaddin.exe
[2010/07/07 12:39:17 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rasadhlp.dll
[2010/07/07 12:39:16 | 000,433,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\riched20.dll
[2010/07/07 12:39:16 | 000,397,824 | ---- | C] (Microsoft) -- C:\WINDOWS\System32\dllcache\regwizc.dll
[2010/07/07 12:39:16 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\remotesp.tsp
[2010/07/07 12:39:16 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regsvc.dll
[2010/07/07 12:39:16 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reg.exe
[2010/07/07 12:39:16 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rexec.exe
[2010/07/07 12:39:15 | 000,583,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2010/07/07 12:39:15 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rtcshare.exe
[2010/07/07 12:39:15 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rtipxmib.dll
[2010/07/07 12:39:15 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsmps.dll
[2010/07/07 12:39:15 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rsh.exe
[2010/07/07 12:39:14 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sccsccp.dll
[2010/07/07 12:39:14 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scarddlg.dll
[2010/07/07 12:39:14 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrslv.dll
[2010/07/07 12:39:14 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrcdlg.dll
[2010/07/07 12:39:14 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\safrdm.dll
[2010/07/07 12:39:14 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\runonce.exe
[2010/07/07 12:39:13 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrobj.dll
[2010/07/07 12:39:13 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sdbinst.exe
[2010/07/07 12:39:12 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\secur32.dll
[2010/07/07 12:39:11 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\servdeps.dll
[2010/07/07 12:39:11 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sendcmsg.dll
[2010/07/07 12:39:10 | 001,497,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2010/07/07 12:39:10 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sethc.exe
[2010/07/07 12:39:10 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup.exe
[2010/07/07 12:39:09 | 008,460,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2010/07/07 12:39:09 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shlwapi.dll
[2010/07/07 12:39:09 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shsvcs.dll
[2010/07/07 12:39:09 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shrpubw.exe
[2010/07/07 12:39:09 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sigverif.exe
[2010/07/07 12:39:09 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\skeys.exe
[2010/07/07 12:39:09 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shutdown.exe
[2010/07/07 12:39:09 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simpdata.tlb
[2010/07/07 12:39:09 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sigtab.dll
[2010/07/07 12:39:08 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smlogcfg.dll
[2010/07/07 12:39:08 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsnap.dll
[2010/07/07 12:39:08 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2010/07/07 12:39:08 | 000,098,304 | ---- | C] (Schlumberger Technology Corporation) -- C:\WINDOWS\System32\dllcache\slbiop.dll
[2010/07/07 12:39:08 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sort.exe
[2010/07/07 12:39:08 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpapi.dll
[2010/07/07 12:39:06 | 000,180,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sqlunirl.dll
[2010/07/07 12:39:04 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stclient.dll
[2010/07/07 12:38:55 | 000,713,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sxs.dll
[2010/07/07 12:38:55 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\storprop.dll
[2010/07/07 12:38:55 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stimon.exe
[2010/07/07 12:38:54 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\synceng.dll
[2010/07/07 12:38:53 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysmon.ocx
[2010/07/07 12:38:53 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2010/07/07 12:38:53 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysocmgr.exe
[2010/07/07 12:38:52 | 000,858,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapi3.dll
[2010/07/07 12:38:50 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskmgr.exe
[2010/07/07 12:38:50 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\telnet.exe
[2010/07/07 12:38:50 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpmib.dll
[2010/07/07 12:38:49 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\termmgr.dll
[2010/07/07 12:38:48 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\timedate.cpl
[2010/07/07 12:38:46 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscfgwmi.dll
[2010/07/07 12:38:46 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\udhisapi.dll
[2010/07/07 12:38:46 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tracert.exe
[2010/07/07 12:38:46 | 000,012,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsddd.dll
[2010/07/07 12:38:45 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\umandlg.dll
[2010/07/07 12:38:44 | 000,239,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\upnpui.dll
[2010/07/07 12:38:44 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\upnphost.dll
[2010/07/07 12:38:44 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unimdmat.dll
[2010/07/07 12:38:44 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\upnpcont.exe
[2010/07/07 12:38:43 | 000,577,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll
[2010/07/07 12:38:43 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbui.dll
[2010/07/07 12:38:42 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\utilman.exe
[2010/07/07 12:38:42 | 000,030,749 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbajet32.dll
[2010/07/07 12:38:42 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbisurf.ax
[2010/07/07 12:38:41 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vdmredir.dll
[2010/07/07 12:38:41 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\verifier.dll
[2010/07/07 12:38:40 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wavemsp.dll
[2010/07/07 12:38:40 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdigest.dll
[2010/07/07 12:38:40 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2010/07/07 12:38:40 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.drv
[2010/07/07 12:38:39 | 000,463,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiadefui.dll
[2010/07/07 12:38:39 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiaservc.dll
[2010/07/07 12:38:39 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiadss.dll
[2010/07/07 12:38:39 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wiavideo.dll
[2010/07/07 12:38:39 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wextract.exe
[2010/07/07 12:38:38 | 000,764,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winntbbu.dll
[2010/07/07 12:38:38 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsrv.dll
[2010/07/07 12:38:37 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winver.exe
[2010/07/07 12:38:36 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscript.exe
[2010/07/07 12:38:36 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshom.ocx
[2010/07/07 12:38:36 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wpnpinst.exe
[2010/07/07 12:38:36 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wpabaln.exe
[2010/07/07 12:38:36 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshcon.dll
[2010/07/07 12:38:36 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wship6.dll
[2010/07/07 12:38:36 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshrm.dll
[2010/07/07 12:38:35 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstdecod.dll
[2010/07/07 12:38:35 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wsnmp32.dll
[2010/07/07 12:38:34 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xactsrv.dll
[2010/07/07 12:38:34 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcf.dll
[2010/07/07 12:38:34 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcs.dll
[2010/07/07 12:38:34 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xcopy.exe
[2010/07/07 12:38:34 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcer.dll
[2010/07/07 12:38:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcor.dll
[2010/07/07 12:38:34 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadcfr.dll
[2010/07/07 12:38:33 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprst.dll
[2010/07/07 12:38:33 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds.dll
[2010/07/07 12:38:33 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdarem.dll
[2010/07/07 12:38:33 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdfmap.dll
[2010/07/07 12:38:33 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaddsr.dll
[2010/07/07 12:38:33 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaremr.dll
[2010/07/07 12:38:33 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdaprsr.dll
[2010/07/07 12:38:32 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003999_.tmp.dll
[2010/07/07 12:38:32 | 000,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\autoconv.exe
[2010/07/07 12:38:32 | 000,602,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\autoconv.exe
[2010/07/07 12:38:32 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cacls.exe
[2010/07/07 12:38:32 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cacls.exe
[2010/07/07 12:38:31 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2010/07/07 12:38:31 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003994_.tmp.dll
[2010/07/07 12:38:31 | 000,388,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmd.exe
[2010/07/07 12:38:30 | 000,986,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kernel32.dll
[2010/07/07 12:38:30 | 000,986,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003986_.tmp.dll
[2010/07/07 12:38:30 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003993_.tmp.dll
[2010/07/07 12:38:30 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003987_.tmp.dll
[2010/07/07 12:38:30 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\desk.cpl
[2010/07/07 12:38:30 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003991_.tmp.dll
[2010/07/07 12:38:30 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dhcpcsvc.dll
[2010/07/07 12:38:30 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003990_.tmp.dll
[2010/07/07 12:38:30 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ftp.exe
[2010/07/07 12:38:30 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftp.exe
[2010/07/07 12:38:30 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\csrsrv.dll
[2010/07/07 12:38:30 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003992_.tmp.dll
[2010/07/07 12:38:30 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\format.com
[2010/07/07 12:38:29 | 000,724,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lsasrv.dll
[2010/07/07 12:38:29 | 000,724,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2010/07/07 12:38:29 | 000,724,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003982_.tmp.dll
[2010/07/07 12:38:29 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\localspl.dll
[2010/07/07 12:38:29 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\localspl.dll
[2010/07/07 12:38:29 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003984_.tmp.dll
[2010/07/07 12:38:29 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msv1_0.dll
[2010/07/07 12:38:29 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003979_.tmp.dll
[2010/07/07 12:38:29 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nslookup.exe
[2010/07/07 12:38:29 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nslookup.exe
[2010/07/07 12:38:29 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mgmtapi.dll
[2010/07/07 12:38:29 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mgmtapi.dll
[2010/07/07 12:38:29 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003985_.tmp.dll
[2010/07/07 12:38:28 | 000,714,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003977_.tmp.dll
[2010/07/07 12:38:28 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll
[2010/07/07 12:38:28 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003972_.tmp.dll
[2010/07/07 12:38:28 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntvdm.exe
[2010/07/07 12:38:28 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasapi32.dll
[2010/07/07 12:38:28 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003968_.tmp.dll
[2010/07/07 12:38:28 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nwprovau.dll
[2010/07/07 12:38:28 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nwprovau.dll
[2010/07/07 12:38:28 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntprint.dll
[2010/07/07 12:38:28 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntprint.dll
[2010/07/07 12:38:28 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\perfctrs.dll
[2010/07/07 12:38:28 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\perfctrs.dll
[2010/07/07 12:38:28 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\olecnv32.dll
[2010/07/07 12:38:28 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003971_.tmp.dll
[2010/07/07 12:38:28 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntlsapi.dll
[2010/07/07 12:38:28 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003976_.tmp.dll
[2010/07/07 12:38:27 | 000,657,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasdlg.dll
[2010/07/07 12:38:27 | 000,657,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003966_.tmp.dll
[2010/07/07 12:38:27 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003962_.tmp.dll
[2010/07/07 12:38:27 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasman.dll
[2010/07/07 12:38:27 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003965_.tmp.dll
[2010/07/07 12:38:27 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rastapi.dll
[2010/07/07 12:38:27 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003964_.tmp.dll
[2010/07/07 12:38:26 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\samsrv.dll
[2010/07/07 12:38:26 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003961_.tmp.dll
[2010/07/07 12:38:26 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schannel.dll
[2010/07/07 12:38:26 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003958_.tmp.dll
[2010/07/07 12:38:26 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003957_.tmp.dll
[2010/07/07 12:38:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\savedump.exe
[2010/07/07 12:38:26 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\savedump.exe
[2010/07/07 12:38:25 | 000,984,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\syssetup.dll
[2010/07/07 12:38:25 | 000,983,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003955_.tmp.dll
[2010/07/07 12:38:25 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\untfs.dll
[2010/07/07 12:38:25 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\untfs.dll
[2010/07/07 12:38:25 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysdm.cpl
[2010/07/07 12:38:25 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ulib.dll
[2010/07/07 12:38:25 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ulib.dll
[2010/07/07 12:38:25 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003953_.tmp.dll
[2010/07/07 12:38:25 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003954_.tmp.dll
[2010/07/07 12:38:25 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tcpmonui.dll
[2010/07/07 12:38:25 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpmonui.dll
[2010/07/07 12:38:24 | 001,850,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2010/07/07 12:38:24 | 001,850,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2010/07/07 12:38:24 | 001,850,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003946_.tmp.dll
[2010/07/07 12:38:24 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winspool.drv
[2010/07/07 12:38:24 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003944_.tmp.dll
[2010/07/07 12:38:24 | 000,142,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aec.sys
[2010/07/07 12:38:24 | 000,138,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\afd.sys
[2010/07/07 12:38:24 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wkssvc.dll
[2010/07/07 12:38:24 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003943_.tmp.dll
[2010/07/07 12:38:24 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\win32spl.dll
[2010/07/07 12:38:24 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\_003945_.tmp.dll
[2010/07/07 12:38:24 | 000,095,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atapi.sys
[2010/07/07 12:38:24 | 000,055,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmlane.sys
[2010/07/07 12:38:24 | 000,036,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\amdk6.sys
[2010/07/07 12:38:23 | 000,071,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxg.sys
[2010/07/07 12:38:23 | 000,071,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\_003920_.tmp.dll
[2010/07/07 12:38:23 | 000,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2010/07/07 12:38:23 | 000,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmk.sys
[2010/07/07 12:38:23 | 000,052,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dmusic.sys
[2010/07/07 12:38:23 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\classpnp.sys
[2010/07/07 12:38:23 | 000,036,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidclass.sys
[2010/07/07 12:38:23 | 000,024,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidparse.sys
[2010/07/07 12:38:23 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2010/07/07 12:38:23 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\diskdump.sys
[2010/07/07 12:38:23 | 000,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2010/07/07 12:38:23 | 000,002,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmkaud.sys
[2010/07/07 12:38:22 | 000,453,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010/07/07 12:38:22 | 000,179,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxdav.sys
[2010/07/07 12:38:22 | 000,172,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kmixer.sys
[2010/07/07 12:38:22 | 000,140,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys
[2010/07/07 12:38:22 | 000,140,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ks.sys
[2010/07/07 12:38:22 | 000,092,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksecdd.sys
[2010/07/07 12:38:22 | 000,063,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mf.sys
[2010/07/07 12:38:22 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2010/07/07 12:38:21 | 000,085,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2010/07/07 12:38:21 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2010/07/07 12:38:21 | 000,007,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mskssrv.sys
[2010/07/07 12:38:21 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2010/07/07 12:38:21 | 000,005,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspclock.sys
[2010/07/07 12:38:21 | 000,004,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspqm.sys
[2010/07/07 12:38:20 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntfs.sys
[2010/07/07 12:38:20 | 000,088,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkipx.sys
[2010/07/07 12:38:20 | 000,068,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pci.sys
[2010/07/07 12:38:20 | 000,040,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nmnt.sys
[2010/07/07 12:38:20 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pciidex.sys
[2010/07/07 12:38:20 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pciidex.sys
[2010/07/07 12:38:19 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdbss.sys
[2010/07/07 12:38:19 | 000,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2010/07/07 12:38:19 | 000,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\portcls.sys
[2010/07/07 12:38:18 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rmcast.sys
[2010/07/07 12:38:18 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2010/07/07 12:38:18 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\scsiport.sys
[2010/07/07 12:38:18 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismp.sys
[2010/07/07 12:38:18 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sonydcam.sys
[2010/07/07 12:38:18 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2010/07/07 12:38:18 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\splitter.sys
[2010/07/07 12:38:17 | 000,333,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2010/07/07 12:38:16 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\swmidi.sys
[2010/07/07 12:38:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys
[2010/07/07 12:38:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\stream.sys
[2010/07/07 12:38:16 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2010/07/07 12:38:15 | 000,364,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\update.sys
[2010/07/07 12:38:15 | 000,360,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip.sys
[2010/07/07 12:38:15 | 000,225,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys
[2010/07/07 12:38:15 | 000,225,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip6.sys
[2010/07/07 12:38:15 | 000,060,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sysaudio.sys
[2010/07/07 12:38:15 | 000,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdi.sys
[2010/07/07 12:38:15 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tape.sys
[2010/07/07 12:38:15 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys
[2010/07/07 12:38:14 | 000,142,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbport.sys
[2010/07/07 12:38:14 | 000,142,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbport.sys
[2010/07/07 12:38:14 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wdmaud.sys
[2010/07/07 12:38:14 | 000,079,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\videoprt.sys
[2010/07/07 12:38:14 | 000,059,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbaudio.sys
[2010/07/07 12:38:14 | 000,059,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2010/07/07 12:38:14 | 000,057,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbhub.sys
[2010/07/07 12:38:14 | 000,031,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbccgp.sys
[2010/07/07 12:38:14 | 000,026,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbstor.sys
[2010/07/07 12:38:14 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2010/07/07 12:38:14 | 000,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd2.sys
[2010/07/07 12:38:14 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd.sys
[2010/07/07 12:38:14 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbuhci.sys
[2010/07/07 12:38:14 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2010/07/07 12:38:14 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbintel.sys
[2010/07/07 12:38:14 | 000,015,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys
[2010/07/07 12:38:13 | 002,180,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2010/07/07 12:38:13 | 002,180,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010/07/07 12:38:13 | 002,057,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
[2010/07/07 12:38:13 | 002,057,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2010/07/07 12:38:13 | 000,131,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\hal.dll
[2010/07/07 11:56:50 | 000,000,000 | ---D | C] -- C:\5b9335765ae309bb90cca9d8
[2010/07/07 09:20:47 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/07/07 05:45:21 | 000,012,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/07/07 05:45:17 | 000,243,024 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/07/07 05:45:07 | 000,216,400 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/07/07 05:45:03 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/07/07 05:44:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2010/07/07 05:44:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/07/07 05:39:57 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/07/07 05:39:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/07/07 04:46:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Norton
[2010/07/07 04:46:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\RENTWAY\Local Settings\Application Data\NPE
[2010/07/07 03:00:15 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/07/06 23:37:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\RENTWAY\Application Data\Malwarebytes
[2010/07/06 23:37:09 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/07/06 23:37:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/07/06 23:37:06 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/07/06 23:37:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/07/05 08:13:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
[2010/07/05 02:13:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Macromedia
[2010/07/05 02:13:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2010/07/05 01:58:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\RENTWAY\Local Settings\Application Data\wxduoxyui
[2010/07/05 01:21:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\msapps
[2010/05/08 18:05:50 | 000,438,272 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebcoin.dll
[2010/05/08 18:01:31 | 001,048,576 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebserv.dll
[2010/05/08 18:01:31 | 000,847,872 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebusb1.dll
[2010/05/08 18:01:31 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebinpa.dll
[2010/05/08 18:01:31 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\LXEBhcp.dll
[2010/05/08 18:01:31 | 000,344,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebiesc.dll
[2010/05/08 18:01:30 | 000,688,128 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebhbn3.dll
[2010/05/08 18:01:30 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebpmui.dll
[2010/05/08 18:01:30 | 000,577,536 | ---- | C] ( ) -- C:\WINDOWS\System32\lxeblmpm.dll
[2010/05/08 18:01:29 | 000,802,816 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebcomc.dll
[2010/05/08 18:01:29 | 000,372,736 | ---- | C] ( ) -- C:\WINDOWS\System32\lxebcomm.dll
[14 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
[1217 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/07/24 19:29:20 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\RENTWAY\Desktop\OTL.exe
[2010/07/24 19:21:13 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2010/07/24 19:18:45 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/07/24 19:18:41 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2010/07/24 19:18:39 | 669,044,736 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/24 19:17:42 | 008,126,464 | -H-- | M] () -- C:\Documents and Settings\RENTWAY\NTUSER.DAT
[2010/07/24 19:17:10 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\RENTWAY\NTUSER.INI
[2010/07/24 13:16:46 | 000,000,281 | RHS- | M] () -- C:\BOOT.INI
[2010/07/24 12:45:36 | 003,742,760 | R--- | M] () -- C:\Documents and Settings\RENTWAY\Desktop\comfix.exe
[2010/07/24 08:59:29 | 062,436,221 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/07/24 06:48:37 | 000,001,723 | ---- | M] () -- C:\Documents and Settings\RENTWAY\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox 4.0 Beta 1.lnk
[2010/07/24 06:48:37 | 000,001,705 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox 4.0 Beta 1.lnk
[2010/07/24 03:00:00 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\SpywareBot Scheduled Scan.job
[2010/07/24 01:20:00 | 000,000,570 | ---- | M] () -- C:\WINDOWS\tasks\RENTWAY scan and fix.job
[2010/07/24 01:00:00 | 000,000,560 | ---- | M] () -- C:\WINDOWS\tasks\RENTWAY backup.job
[2010/07/22 17:57:06 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/07/21 10:55:47 | 000,001,475 | ---- | M] () -- C:\Documents and Settings\RENTWAY\Desktop\DivX Movies.lnk
[2010/07/21 10:54:24 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Player.lnk
[2010/07/21 10:53:14 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Converter.lnk
[2010/07/13 23:37:32 | 000,049,510 | ---- | M] () -- C:\Documents and Settings\RENTWAY\Desktop\Luhn.pdf
[2010/07/13 23:10:21 | 000,018,393 | ---- | M] () -- C:\Documents and Settings\RENTWAY\My Documents\360pdf L.pdf
[2010/07/13 05:51:15 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Documents and Settings\RENTWAY\Desktop\ATF-Cleaner.exe
[2010/07/13 05:27:11 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\RENTWAY\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/07/13 03:41:20 | 331,805,736 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\RENTWAY\Desktop\WindowsXP-KB936929-SP3-x86-ENU.exe
[2010/07/13 03:23:34 | 123,225,432 | ---- | M] (SQUARE ENIX CO., LTD.) -- C:\Documents and Settings\RENTWAY\Desktop\ffxivsetup.exe
[2010/07/10 10:24:07 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/07/08 16:19:07 | 007,411,096 | ---- | M] (Xceed Software Inc. 1-450-442-2626 info@xceedsoft.com www.xceedsoft.com) -- C:\Documents and Settings\RENTWAY\My Documents\R94481.EXE
[2010/07/08 11:13:33 | 000,001,957 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Comcast Desktop Software.lnk
[2010/07/08 10:16:21 | 000,521,766 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/07/08 10:16:21 | 000,441,456 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2010/07/08 10:16:21 | 000,071,408 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2010/07/08 10:14:19 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010/07/08 10:14:18 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010/07/08 08:53:38 | 000,001,620 | ---- | M] () -- C:\Documents and Settings\RENTWAY\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/07/08 08:53:38 | 000,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/07/08 08:38:31 | 000,250,032 | RHS- | M] () -- C:\NTLDR
[2010/07/07 05:45:24 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2010/07/07 05:45:23 | 000,012,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/07/07 05:45:20 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/07/07 05:45:07 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/07/07 05:45:06 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/07/07 05:45:03 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/07/06 23:37:13 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/05 02:08:04 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[1217 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/07/24 13:16:45 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/07/24 13:16:36 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/07/24 13:10:09 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/07/24 13:10:09 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/07/24 13:10:09 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/07/24 13:10:09 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/07/24 13:10:09 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/07/24 12:45:34 | 003,742,760 | R--- | C] () -- C:\Documents and Settings\RENTWAY\Desktop\comfix.exe
[2010/07/24 06:48:37 | 000,001,723 | ---- | C] () -- C:\Documents and Settings\RENTWAY\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox 4.0 Beta 1.lnk
[2010/07/24 06:48:37 | 000,001,705 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox 4.0 Beta 1.lnk
[2010/07/21 10:55:47 | 000,001,475 | ---- | C] () -- C:\Documents and Settings\RENTWAY\Desktop\DivX Movies.lnk
[2010/07/21 10:54:24 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Player.lnk
[2010/07/21 10:53:14 | 000,000,817 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\DivX Plus Converter.lnk
[2010/07/13 23:37:32 | 000,049,510 | ---- | C] () -- C:\Documents and Settings\RENTWAY\Desktop\Luhn.pdf
[2010/07/13 23:10:21 | 000,018,393 | ---- | C] () -- C:\Documents and Settings\RENTWAY\My Documents\360pdf L.pdf
[2010/07/13 10:41:58 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\RENTWAY\Desktop\gmer.exe
[2010/07/13 06:43:55 | 669,044,736 | -HS- | C] () -- C:\hiberfil.sys
[2010/07/08 11:13:31 | 000,001,957 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Comcast Desktop Software.lnk
[2010/07/08 08:53:38 | 000,001,620 | ---- | C] () -- C:\Documents and Settings\RENTWAY\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/07/08 08:53:38 | 000,001,602 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2010/07/07 12:41:56 | 000,186,368 | ---- | C] () -- C:\WINDOWS\System32\dllcache\encdec.dll
[2010/07/07 12:41:55 | 000,118,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2data.ax
[2010/07/07 12:41:54 | 000,270,848 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sbe.dll
[2010/07/07 12:41:49 | 000,764,868 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apph_sp.sdb
[2010/07/07 12:41:35 | 000,079,996 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apps.chm
[2010/07/07 12:41:31 | 000,217,118 | ---- | C] () -- C:\WINDOWS\System32\dllcache\apphelp.sdb
[2010/07/07 12:41:22 | 000,376,320 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2010/07/07 12:41:22 | 000,198,736 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msimain.sdb
[2010/07/07 12:41:10 | 000,034,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sniffpol.dll
[2010/07/07 12:41:10 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sstub.dll
[2010/07/07 12:41:09 | 000,279,040 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tshoot.dll
[2010/07/07 12:40:51 | 000,383,140 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tahoma.ttf
[2010/07/07 12:40:35 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\dllcache\amstream.dll
[2010/07/07 12:40:28 | 000,252,928 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compatui.dll
[2010/07/07 12:39:55 | 000,035,328 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mciqtz32.dll
[2010/07/07 12:39:50 | 000,148,992 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mpg2splt.ax
[2010/07/07 12:39:27 | 000,004,310 | ---- | C] () -- C:\WINDOWS\System32\dllcache\odbcconf.rsp
[2010/07/07 12:39:19 | 000,562,176 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedit.dll
[2010/07/07 12:39:19 | 000,385,024 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdvd.dll
[2010/07/07 12:39:19 | 000,279,040 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qdv.dll
[2010/07/07 12:39:19 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qcap.dll
[2010/07/07 12:39:18 | 001,290,752 | ---- | C] () -- C:\WINDOWS\System32\dllcache\quartz.dll
[2010/07/07 12:39:18 | 000,733,696 | ---- | C] () -- C:\WINDOWS\System32\dllcache\qedwipes.dll
[2010/07/07 12:38:32 | 000,009,424 | ---- | C] () -- C:\WINDOWS\System32\dllcache\drvmain.sdb
[2010/07/07 05:45:24 | 000,001,507 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG Free 9.0.lnk
[2010/07/07 05:45:02 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/07/07 05:44:31 | 062,436,221 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/07/06 23:37:13 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/07/05 02:14:13 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/05/08 18:05:51 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxebvs.dll
[2010/05/08 18:05:42 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\lxebcui.dll
[2010/05/08 18:05:42 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\lxebcuir.dll
[2010/05/08 18:05:42 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\lxebgcfg.dll
[2010/05/08 18:03:45 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\LXEBPMON.DLL
[2010/05/08 18:03:45 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\LXEBFXPU.DLL
[2010/05/08 18:03:25 | 004,485,120 | ---- | C] () -- C:\WINDOWS\System32\LXEBoem.dll
[2010/05/08 18:01:44 | 000,000,044 | -H-- | C] () -- C:\WINDOWS\System32\lxebrwrd.ini
[2010/05/08 18:01:31 | 000,385,024 | ---- | C] () -- C:\WINDOWS\System32\LXEBinst.dll
[2010/05/08 18:01:30 | 000,323,584 | ---- | C] () -- C:\WINDOWS\System32\lxebins.dll
[2010/05/08 18:01:30 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\lxebinsb.dll
[2010/05/08 18:01:30 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\lxebcu.dll
[2010/05/08 18:01:30 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxebgrd.dll
[2010/05/08 18:01:30 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\lxebinsr.dll
[2010/05/08 18:01:30 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\lxebcub.dll
[2010/05/08 18:01:30 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\lxebjswr.dll
[2010/05/08 18:01:30 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\lxebcur.dll
[2010/05/08 17:58:06 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\LXEBsm.dll
[2010/05/08 17:58:06 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\LXEBsmr.dll
[2008/12/06 13:41:24 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\nvRegDev.dll
[2008/11/19 01:39:27 | 000,000,073 | ---- | C] () -- C:\WINDOWS\st_affiliate.ini
[2008/03/10 13:37:26 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2008/03/10 13:37:23 | 000,651,264 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2008/03/10 13:37:23 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2008/03/10 13:37:11 | 000,004,254 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2008/02/04 19:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/03/20 18:23:24 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/03/05 16:13:16 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/02/24 01:21:40 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\YCRWin32.dll
[2007/02/09 06:15:51 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2007/02/09 06:15:51 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2007/02/09 06:15:51 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2007/01/30 00:05:40 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2006/04/28 18:35:39 | 000,000,028 | ---- | C] () -- C:\WINDOWS\atid.ini
[2006/04/23 22:12:35 | 000,036,363 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2006/01/19 01:31:05 | 000,044,491 | ---- | C] () -- C:\WINDOWS\System32\MiiIniFile13.ini
[2006/01/19 01:30:57 | 000,285,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\Onsio.sys
[2006/01/19 01:30:57 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\drivers\Onsreged.sys
[2006/01/16 04:53:34 | 000,001,538 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2004/11/20 23:02:43 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/11/20 23:00:39 | 000,000,182 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2004/11/20 22:30:14 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2004/08/10 15:13:12 | 000,000,780 | ---- | C] () -- C:\WINDOWS\ORUN32.INI
[2004/08/04 07:00:00 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_003342_.tmp.dll
[2004/08/04 07:00:00 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_003310_.tmp.dll
[2004/08/04 07:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\FXSPERF.INI
[1980/01/01 02:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\e100bmsg.dll

========== LOP Check ==========

[2008/11/08 17:18:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy
[2010/07/23 18:23:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2008/11/19 03:05:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg7
[2010/07/07 05:39:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2008/12/06 12:00:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData
[2004/08/24 00:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HTC
[2010/05/08 18:03:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Pro200-S500 Series
[2010/05/25 15:41:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2004/08/24 00:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Teleca
[2008/11/16 06:23:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrackMania
[2007/03/04 14:50:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Transparent
[2007/03/20 17:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2004/08/24 03:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wayward Gamers
[2008/11/19 03:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2008/11/02 16:05:01 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
[2006/04/28 18:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\acccore
[2008/04/25 18:36:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\AVG7
[2007/04/17 14:16:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\BitTorrent
[2007/09/16 08:25:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\BitTorrent DNA
[2006/03/22 22:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\Canon
[2007/09/07 05:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\DNA
[2009/12/17 21:16:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\GetRightToGo
[2006/03/22 16:57:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\InterTrust
[2005/08/24 18:29:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\Leadertech
[2006/03/09 02:42:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\MSNInstaller
[2009/12/18 00:20:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\OpenOffice.org
[2005/12/31 23:14:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\Opera
[2004/08/24 00:01:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\Pro200-S500 Series
[2006/03/01 04:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\Registry Cleaner
[2006/01/25 21:42:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\StepMania CVS
[2004/08/24 00:44:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\Teleca
[2010/07/07 03:37:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\Vemu
[2007/06/25 22:02:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\Viewpoint
[2010/07/07 09:37:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\RENTWAY\Application Data\Wyrapa
[2010/07/24 01:00:00 | 000,000,560 | ---- | M] () -- C:\WINDOWS\Tasks\RENTWAY backup.job
[2010/07/24 01:20:00 | 000,000,570 | ---- | M] () -- C:\WINDOWS\Tasks\RENTWAY scan and fix.job
[2010/07/24 03:00:00 | 000,000,492 | ---- | M] () -- C:\WINDOWS\Tasks\SpywareBot Scheduled Scan.job

========== Purity Check ==========


< End of report >



Extras.Txt Log:

OTL Extras logfile created on: 7/24/2010 7:35:06 PM - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Documents and Settings\RENTWAY\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

638.00 Mb Total Physical Memory | 310.00 Mb Available Physical Memory | 49.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 74.00% Paging File free
Paging file location(s): C:\pagefile.sys 957 1157 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 33.70 Gb Total Space | 5.23 Gb Free Space | 15.53% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: DIJIDLSbleep
Current User Name: RENTWAY
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"1043:TCP" = 1043:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YPager.exe" = C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger -- File not found
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- File not found
"C:\Program Files\Common Files\AOL\1146264030\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1146264030\ee\aolsoftware.exe:*:Enabled:AOL Services -- File not found
"C:\Program Files\Common Files\AOL\1146264030\ee\aim6.exe" = C:\Program Files\Common Files\AOL\1146264030\ee\aim6.exe:*:Enabled:AIM -- File not found
"C:\Program Files\PlayOnline\SquareEnix\PlayOnlineViewer\pol.exe" = C:\Program Files\PlayOnline\SquareEnix\PlayOnlineViewer\pol.exe:*:Enabled:PlayOnline Viewer -- (SQUARE ENIX CO., LTD.)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\Program Files\Morpheus\Morpheus.exe" = C:\Program Files\Morpheus\Morpheus.exe:*:Enabled:M5Shell -- File not found
"C:\Program Files\eMule\emule.exe" = C:\Program Files\eMule\emule.exe:*:Enabled:eMule -- File not found
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- File not found
"C:\WINDOWS\system32\svchost.exe" = C:\WINDOWS\system32\svchost.exe:*:Enabled:Microsoft Update -- (Microsoft Corporation)
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\52exmodul32d.8.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\52exmodul32d.8.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\42exmodul32d.8.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\42exmodul32d.8.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\60exmodul32d.8.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\60exmodul32d.8.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\15exmodul32d.8.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\15exmodul32d.8.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\4exmodul32d.8.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\4exmodul32d.8.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\27exmodul32d.8.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\27exmodul32d.8.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\50exmodul32d.8.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\50exmodul32d.8.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\9exmodul32d.8.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\9exmodul32d.8.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\93exmodul32d.8.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\93exmodul32d.8.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\55exmodul32d.8.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\55exmodul32d.8.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\90exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\90exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\49exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\49exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\34exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\34exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\48exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\48exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\8exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\8exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\83exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\83exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\45exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\45exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\54exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\54exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\4exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\4exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\78exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\78exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\41exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\41exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\37exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\37exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\77exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\77exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\30exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\30exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\17exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\17exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\0exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\0exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\53exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\53exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\98exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\98exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\23exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\23exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\6exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\6exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\13exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\13exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\21exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\21exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\50exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\50exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\2exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\2exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\97exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\97exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\20exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\20exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\9exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\9exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\7exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\7exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\81exmodul32d.a.exe" = C:\DOCUME~1\RENTWAY\LOCALS~1\Temp\81exmodul32d.a.exe:*:Enabled:Microsoft Update -- File not found
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- File not found
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" = C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\PROGRA~1\Yahoo!\MESSEN~1\yserver.exe" = C:\PROGRA~1\Yahoo!\MESSEN~1\yserver.exe:*:Enabled:Yahoo! FT Server -- (Yahoo! Inc.)
"C:\Program Files\Common Files\AOL\acs\AOLDial.exe" = C:\Program Files\Common Files\AOL\acs\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer -- File not found
"C:\Program Files\Common Files\AOL\acs\AOLacsd.exe" = C:\Program Files\Common Files\AOL\acs\AOLacsd.exe:*:Enabled:AOL Connectivity Service -- File not found
"C:\Program Files\AOL 9.0\waol.exe" = C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe" = C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed -- File not found
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information -- File not found
"C:\Program Files\BitTorrent_DNA\dna.exe" = C:\Program Files\BitTorrent_DNA\dna.exe:*:Enabled:DNA -- File not found
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer -- (Microsoft Corporation)
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" = C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client -- File not found
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- File not found
"C:\Program Files\MySpace\IM\MySpaceIM.exe" = C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpaceIM -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\WINDOWS\SYSTEM32\lxebcoms.exe" = C:\WINDOWS\SYSTEM32\lxebcoms.exe:*:Enabled:Lexmark Communications System -- ( )
"C:\Program Files\Lexmark Pro200-S500 Series\lxebfax.exe" = C:\Program Files\Lexmark Pro200-S500 Series\lxebfax.exe:*:Enabled:Fax software -- ()
"C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe" = C:\Program Files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:*:Enabled:ABBYY FineReader -- File not found
"C:\Program Files\AVG\AVG9\avgemc.exe" = C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\WINDOWS\SYSTEM32\dpvsetup.exe" = C:\WINDOWS\SYSTEM32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\WINDOWS\SYSTEM32\rundll32.exe" = C:\WINDOWS\SYSTEM32\rundll32.exe:*:Enabled:Run a DLL as an App -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Toolbar
"{10812DE7-2E57-4740-B226-6B3BE34AF9D7}" = Lexmark Tools for Office
"{139E303E-1050-497F-98B1-9AE87B15C463}" = Windows Live Family Safety
"{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7}" = Intel® PROSet for Wired Connections
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18A5DFF2-8A95-49F3-873F-743CB5549F3D}" = Canon ScanGear Starter
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2205B8AE-490E-43F2-AB43-C13C2BEC86A7}" = DDS Thumbnail Viewer
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23F79416-CAD1-41BF-99A3-040F6C814AAA}" = NVIDIA Photoshop Plug-ins
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 17
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java™ 6 Update 16
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{33198339-567F-43C4-9CF8-B23E721F2714}" = HTC Sync
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3C0619B4-4A2C-4244-8077-488E420DF907}" = FINAL FANTASY XI: Chains of Promathia
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{47004155-7376-403E-89E9-4C9F44AAF0D0}" = PlayOnline Viewer and Tetra Master
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5B037ED7-0755-48D4-9554-808E5AF50F17}" = FINAL FANTASY XI: Wings of the Goddess
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{625BD732-ACDF-4552-BF22-98EBB413B6F3}" = McAfee Shredder
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{678F6475-D227-432A-94FF-806178A34520}" = FINAL FANTASY XI
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.3
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX
"{6FC76C41-8C1D-4B43-85E7-0BAA2002F1BE}" = FINAL FANTASY XI: Rise of the Zilart
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7A0EFAFB-AC4B-4B88-8C6B-6731BE88DB68}" = Modem Event Monitor
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{838BC0FB-4F8F-47B9-847F-06AE4CCE4181}" = Manual CanoScan LiDE 25
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Extreme Graphics 2 Driver
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98177940-C048-4831-A279-F3888B1E2C7F}" = InstallMgr
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A606C6FF-12E7-40BE-B777-D8F360FF00CD}" = FINAL FANTASY XI: Treasures of Aht Urhgan
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A8AC89BA-D8CB-4372-9743-1C54D23286B0}" = MSN Toolbar
"{AC76BA86-7AD7-1033-7B44-A71000000002}" = Adobe Reader 7.1.0
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{B023185F-F1EF-4F97-B0BD-AE6D802226D1}" = NVIDIA WDM Drivers
"{B7148D71-0A8F-4501-96B4-4E1CC67F874E}" = Microsoft Default Manager
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}" = Canon CanoScan Toolbox 4.9
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEF7211D-CE3A-44C4-B321-D84A2099AE94}" = Comcast Desktop Software (v1.2.0.9)
"{D0E604A0-5C90-4212-88B5-2AFCFF134FB5}" = MSN Toolbar
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark Printable Web
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E07B7A31-E160-466D-A003-3BB7B8989D52}" = Full Tilt Poker.Net
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{EAE4A00B-D290-4B65-8287-B82A80FC0619}" = Linksys Wireless-G PCI Network Adapter with SpeedBooster
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Akamai" = Akamai NetSession Interface
"AVG9Uninstall" = AVG Free 9.0
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"DivX Setup.divx.com" = DivX Setup
"doPDF 6 printer_is1" = doPDF 6.2 printer
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie8" = Windows Internet Explorer 8
"InstallShield_{3C0619B4-4A2C-4244-8077-488E420DF907}" = FINAL FANTASY XI: Chains of Promathia
"InstallShield_{47004155-7376-403E-89E9-4C9F44AAF0D0}" = PlayOnline Viewer and Tetra Master
"InstallShield_{5B037ED7-0755-48D4-9554-808E5AF50F17}" = FINAL FANTASY XI: Wings of the Goddess
"InstallShield_{678F6475-D227-432A-94FF-806178A34520}" = FINAL FANTASY XI
"InstallShield_{6FC76C41-8C1D-4B43-85E7-0BAA2002F1BE}" = FINAL FANTASY XI: Rise of the Zilart
"InstallShield_{A606C6FF-12E7-40BE-B777-D8F360FF00CD}" = FINAL FANTASY XI: Treasures of Aht Urhgan
"Lexmark Pro200-S500 Series" = Lexmark Pro200-S500 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mozilla Firefox (3.6.7)" = Mozilla Firefox (3.6.7)
"Mozilla Firefox (4.0b1)" = Mozilla Firefox (4.0b1)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"PROSet" = Intel® PRO Network Adapters and Drivers
"SmartUndelete_is1" = SmartUndelete
"ViewpointMediaPlayer" = Viewpoint Media Player
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/23/2010 10:27:49 PM | Computer Name = DIJIDLSbleep | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 7/23/2010 10:35:55 PM | Computer Name = DIJIDLSbleep | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module flash10g.ocx, version 10.1.52.14, fault address 0x0028c59d.

Error - 7/24/2010 2:41:02 AM | Computer Name = DIJIDLSbleep | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module flash10g.ocx, version 10.1.52.14, fault address 0x0028c59d.

Error - 7/24/2010 2:44:14 AM | Computer Name = DIJIDLSbleep | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18702, faulting
module flash10g.ocx, version 10.1.52.14, fault address 0x0028c59d.

Error - 7/24/2010 2:46:57 AM | Computer Name = DIJIDLSbleep | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 7/24/2010 8:50:01 AM | Computer Name = DIJIDLSbleep | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 7/24/2010 8:50:01 AM | Computer Name = DIJIDLSbleep | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 7/24/2010 8:50:07 AM | Computer Name = DIJIDLSbleep | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: The connection with the server was terminated abnormally

Error - 7/24/2010 8:50:08 AM | Computer Name = DIJIDLSbleep | Source = crypt32 | ID = 131083
Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: A required certificate is not within its validity period when verifying
against the current system clock or the timestamp in the signed file.

Error - 7/24/2010 8:50:08 AM | Computer Name = DIJIDLSbleep | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
with error: This network connection does not exist.

[ System Events ]
Error - 8/24/2004 6:18:53 AM | Computer Name = DIJIDLSbleep | Source = Service Control Manager | ID = 7000
Description = The nVidia WDM Video Capture (universal) service failed to start due
to the following error: %%1058

Error - 8/24/2004 6:18:53 AM | Computer Name = DIJIDLSbleep | Source = Service Control Manager | ID = 7000
Description = The nVidia WDM A/V Crossbar service failed to start due to the following
error: %%1058

Error - 8/24/2004 6:18:53 AM | Computer Name = DIJIDLSbleep | Source = Service Control Manager | ID = 7000
Description = The Upload Manager service failed to start due to the following error:
%%1079

Error - 7/23/2010 12:02:06 PM | Computer Name = DIJIDLSbleep | Source = DCOM | ID = 10010
Description = The server {B1DBD568-80B2-43FA-AE07-76FB23AA4650} did not register
with DCOM within the required timeout.

Error - 7/24/2010 12:18:59 PM | Computer Name = DIJIDLSbleep | Source = Dhcp | ID = 1000
Description = Your computer has lost the lease to its IP address 76.110.234.96 on
the Network Card with network address 00111181C3F8.

Error - 7/24/2010 7:20:14 PM | Computer Name = DIJIDLSbleep | Source = Service Control Manager | ID = 7000
Description = The adfs service failed to start due to the following error: %%2

Error - 7/24/2010 7:20:14 PM | Computer Name = DIJIDLSbleep | Source = Service Control Manager | ID = 7023
Description = The HID Input Service service terminated with the following error:
%%126

Error - 7/24/2010 7:20:15 PM | Computer Name = DIJIDLSbleep | Source = Service Control Manager | ID = 7000
Description = The nVidia WDM Video Capture (universal) service failed to start due
to the following error: %%1058

Error - 7/24/2010 7:20:15 PM | Computer Name = DIJIDLSbleep | Source = Service Control Manager | ID = 7000
Description = The nVidia WDM A/V Crossbar service failed to start due to the following
error: %%1058

Error - 7/24/2010 7:20:15 PM | Computer Name = DIJIDLSbleep | Source = Service Control Manager | ID = 7000
Description = The Upload Manager service failed to start due to the following error:
%%1079


< End of report >


On a side note:

ComboFix didn't seem to ever really begin its scan, after the initial installing of the Windows Restore Console. (Virtually nothing indicating it was working happened besides the clicking of yes, the creating of a restore point, and a message saying the scan began and it would take 10 minutes-ish to complete.) It was just a blue console window with those messages and a blinking cursor, for 6 straight hours... I then stopped it after I saw your reply on my cell phone.

Could the internet option settings being altered have impacted or affected ComboFix's progress. I only ask to see if I should be sure to recheck the internet options and make sure they are set properly, before attempting to run anything else.

Again... Thank you and sorry about the wait. bowdown.gif

Edited by dijidl, 24 July 2010 - 07:12 PM.


#8 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:01:44 PM

Posted 24 July 2010 - 07:26 PM

It was Combofix that reset your browser. It didn't get much further by the sound of it.

Okay, run OTL.

Under the Custom Scans/Fixes box at the bottom, paste in the following

CODE
:OTL
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5577
O22 - SharedTaskScheduler: {aed6f6a3-183c-488d-9f90-23db99f56e7f} - apathies - Reg Error: Key error. File not found
O22 - SharedTaskScheduler: bestreak - {874443fe-aa33-4ebf-a6ac-73208787e62d} - Reg Error: Key error. File not found
[2010/07/05 01:58:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\RENTWAY\Local Settings\Application Data\wxduoxyui
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"
:commands
[EmptyTemp]


Then click the Run Fix button at the top

Let the program run unhindered.

When done it will say "Fix Complete press ok to open the log"
Please post that log in your next reply. Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.


Please now run Combofix. Twenty minutes max, otherwise come back to me. smile.gif
Posted Image
m0le is a proud member of UNITE

#9 dijidl

dijidl
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:44 AM

Posted 24 July 2010 - 08:38 PM

Run Fix was completed and did, in fact, reboot. Upon Reboot, however, the notepad document popped up on its own. (I did double-check by looking up the notepad document in the manner you suggested... It was the most recent one.)



07242010_211813.log


All processes killed
========== OTL ==========
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\{aed6f6a3-183c-488d-9f90-23db99f56e7f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aed6f6a3-183c-488d-9f90-23db99f56e7f}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\bestreak deleted successfully.
C:\Documents and Settings\RENTWAY\Local Settings\Application Data\wxduoxyui folder moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command\\""|""%1" %*" /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users
->Flash cache emptied: 35 bytes

User: Application Data

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 41620 bytes

User: DIJIDLSBABY

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 418554 bytes
->Flash cache emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 13533229 bytes
->Flash cache emptied: 1990 bytes

User: RENTWAY
->Temp folder emptied: 1435095197 bytes
->Temporary Internet Files folder emptied: 32166512 bytes
->Java cache emptied: 57023726 bytes
->FireFox cache emptied: 83470144 bytes
->Flash cache emptied: 719651 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 5266485 bytes
%systemroot%\System32 .tmp files removed: 294223168 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 56808728 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 23940016 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 10772470 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,920.00 mb


OTL by OldTimer - Version 3.2.9.1 log created on 07242010_211813

Files\Folders moved on Reboot...
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_5b4.dat not found!

Registry entries deleted on Reboot...


I am going to run ComboFix, again.


#10 dijidl

dijidl
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:44 AM

Posted 24 July 2010 - 09:28 PM

ComboFix completed. It took a bit, but it seemed to make it through all right. I have to head out for work, but I will keep in touch via my phone.

If I have to do anything else, I will pick-up, when I get home... Thanks.


ComboFix 10-07-24.01 - RENTWAY 07/24/2010 21:48:27.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.638.223 [GMT -4:00]
Running from: c:\documents and settings\RENTWAY\Desktop\comfix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\RENTWAY\Recent\Other Plugins.url
c:\documents and settings\RENTWAY\Recent\Thumbs.db
C:\smp.bat
c:\windows\system32\_003299_.tmp.dll
c:\windows\system32\_003300_.tmp.dll
c:\windows\system32\_003301_.tmp.dll
c:\windows\system32\_003302_.tmp.dll
c:\windows\system32\_003307_.tmp.dll
c:\windows\system32\_003308_.tmp.dll
c:\windows\system32\_003309_.tmp.dll
c:\windows\system32\_003310_.tmp.dll
c:\windows\system32\_003311_.tmp.dll
c:\windows\system32\_003312_.tmp.dll
c:\windows\system32\_003313_.tmp.dll
c:\windows\system32\_003314_.tmp.dll
c:\windows\system32\_003315_.tmp.dll
c:\windows\system32\_003316_.tmp.dll
c:\windows\system32\_003317_.tmp.dll
c:\windows\system32\_003318_.tmp.dll
c:\windows\system32\_003319_.tmp.dll
c:\windows\system32\_003320_.tmp.dll
c:\windows\system32\_003321_.tmp.dll
c:\windows\system32\_003322_.tmp.dll
c:\windows\system32\_003323_.tmp.dll
c:\windows\system32\_003324_.tmp.dll
c:\windows\system32\_003325_.tmp.dll
c:\windows\system32\_003326_.tmp.dll
c:\windows\system32\_003328_.tmp.dll
c:\windows\system32\_003329_.tmp.dll
c:\windows\system32\_003331_.tmp.dll
c:\windows\system32\_003332_.tmp.dll
c:\windows\system32\_003333_.tmp.dll
c:\windows\system32\_003334_.tmp.dll
c:\windows\system32\_003335_.tmp.dll
c:\windows\system32\_003336_.tmp.dll
c:\windows\system32\_003338_.tmp.dll
c:\windows\system32\_003339_.tmp.dll
c:\windows\system32\_003340_.tmp.dll
c:\windows\system32\_003341_.tmp.dll
c:\windows\system32\_003342_.tmp.dll
c:\windows\system32\_003343_.tmp.dll
c:\windows\system32\_003344_.tmp.dll
c:\windows\system32\_003345_.tmp.dll
c:\windows\system32\_003348_.tmp.dll
c:\windows\system32\_003349_.tmp.dll
c:\windows\system32\_003350_.tmp.dll
c:\windows\system32\_003351_.tmp.dll
c:\windows\system32\_003352_.tmp.dll
c:\windows\system32\_003353_.tmp.dll
c:\windows\system32\_003354_.tmp.dll
c:\windows\system32\_003356_.tmp.dll
c:\windows\system32\_003357_.tmp.dll
c:\windows\system32\_003358_.tmp.dll
c:\windows\system32\_003359_.tmp.dll
c:\windows\system32\_003360_.tmp.dll
c:\windows\system32\_003361_.tmp.dll
c:\windows\system32\_003362_.tmp.dll
c:\windows\system32\_003363_.tmp.dll
c:\windows\system32\_003364_.tmp.dll
c:\windows\system32\_003365_.tmp.dll
c:\windows\system32\_003366_.tmp.dll
c:\windows\system32\_003367_.tmp.dll
c:\windows\system32\_003368_.tmp.dll
c:\windows\system32\_003369_.tmp.dll
c:\windows\system32\_003370_.tmp.dll
c:\windows\system32\_003371_.tmp.dll
c:\windows\system32\_003372_.tmp.dll
c:\windows\system32\_003373_.tmp.dll
c:\windows\system32\_003374_.tmp.dll
c:\windows\system32\_003375_.tmp.dll
c:\windows\system32\_003376_.tmp.dll
c:\windows\system32\_003377_.tmp.dll
c:\windows\system32\_003378_.tmp.dll
c:\windows\system32\_003379_.tmp.dll
c:\windows\system32\_003380_.tmp.dll
c:\windows\system32\_003381_.tmp.dll
c:\windows\system32\_003382_.tmp.dll
c:\windows\system32\_003383_.tmp.dll
c:\windows\system32\_003384_.tmp.dll
c:\windows\system32\_003385_.tmp.dll
c:\windows\system32\_003386_.tmp.dll
c:\windows\system32\_003387_.tmp.dll
c:\windows\system32\_003388_.tmp.dll
c:\windows\system32\_003389_.tmp.dll
c:\windows\system32\_003390_.tmp.dll
c:\windows\system32\_003391_.tmp.dll
c:\windows\system32\_003393_.tmp.dll
c:\windows\system32\_003394_.tmp.dll
c:\windows\system32\_003396_.tmp.dll
c:\windows\system32\_003398_.tmp.dll
c:\windows\system32\_003399_.tmp.dll
c:\windows\system32\_003403_.tmp.dll
c:\windows\system32\_003404_.tmp.dll
c:\windows\system32\_003405_.tmp.dll
c:\windows\system32\_003406_.tmp.dll
c:\windows\system32\_003407_.tmp.dll
c:\windows\system32\_003408_.tmp.dll
c:\windows\system32\_003409_.tmp.dll
c:\windows\system32\_003411_.tmp.dll
c:\windows\system32\_003412_.tmp.dll
c:\windows\system32\_003413_.tmp.dll
c:\windows\system32\_003414_.tmp.dll
c:\windows\system32\_003415_.tmp.dll
c:\windows\system32\_003416_.tmp.dll
c:\windows\system32\_003417_.tmp.dll
c:\windows\system32\_003418_.tmp.dll
c:\windows\system32\_003419_.tmp.dll
c:\windows\system32\_003420_.tmp.dll
c:\windows\system32\_003421_.tmp.dll
c:\windows\system32\_003424_.tmp.dll
c:\windows\system32\_003425_.tmp.dll
c:\windows\system32\_003426_.tmp.dll
c:\windows\system32\_003428_.tmp.dll
c:\windows\system32\_003429_.tmp.dll
c:\windows\system32\_003430_.tmp.dll
c:\windows\system32\_003431_.tmp.dll
c:\windows\system32\_003433_.tmp.dll
c:\windows\system32\_003434_.tmp.dll
c:\windows\system32\_003436_.tmp.dll
c:\windows\system32\_003437_.tmp.dll
c:\windows\system32\_003441_.tmp.dll
c:\windows\system32\_003442_.tmp.dll
c:\windows\system32\_003444_.tmp.dll
c:\windows\system32\_003447_.tmp.dll
c:\windows\system32\_003449_.tmp.dll
c:\windows\system32\_003450_.tmp.dll
c:\windows\system32\_003451_.tmp.dll
c:\windows\system32\_003452_.tmp.dll
c:\windows\system32\_003455_.tmp.dll
c:\windows\system32\_003456_.tmp.dll
c:\windows\system32\_003457_.tmp.dll
c:\windows\system32\_003458_.tmp.dll
c:\windows\system32\_003459_.tmp.dll
c:\windows\system32\_003464_.tmp.dll
c:\windows\system32\_003466_.tmp.dll
c:\windows\system32\_003943_.tmp.dll
c:\windows\system32\_003944_.tmp.dll
c:\windows\system32\_003945_.tmp.dll
c:\windows\system32\_003946_.tmp.dll
c:\windows\system32\_003953_.tmp.dll
c:\windows\system32\_003954_.tmp.dll
c:\windows\system32\_003955_.tmp.dll
c:\windows\system32\_003957_.tmp.dll
c:\windows\system32\_003958_.tmp.dll
c:\windows\system32\_003961_.tmp.dll
c:\windows\system32\_003962_.tmp.dll
c:\windows\system32\_003964_.tmp.dll
c:\windows\system32\_003965_.tmp.dll
c:\windows\system32\_003966_.tmp.dll
c:\windows\system32\_003968_.tmp.dll
c:\windows\system32\_003971_.tmp.dll
c:\windows\system32\_003972_.tmp.dll
c:\windows\system32\_003976_.tmp.dll
c:\windows\system32\_003977_.tmp.dll
c:\windows\system32\_003979_.tmp.dll
c:\windows\system32\_003982_.tmp.dll
c:\windows\system32\_003984_.tmp.dll
c:\windows\system32\_003985_.tmp.dll
c:\windows\system32\_003986_.tmp.dll
c:\windows\system32\_003987_.tmp.dll
c:\windows\system32\_003990_.tmp.dll
c:\windows\system32\_003991_.tmp.dll
c:\windows\system32\_003992_.tmp.dll
c:\windows\system32\_003993_.tmp.dll
c:\windows\system32\_003994_.tmp.dll
c:\windows\system32\_003999_.tmp.dll
c:\windows\system32\_004001_.tmp.dll
c:\windows\system32\_004002_.tmp.dll

.
MBR is infected with the Whistler Bootkit !!

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_WINDOWS_LOG


((((((((((((((((((((((((( Files Created from 2010-06-25 to 2010-07-25 )))))))))))))))))))))))))))))))
.

2010-07-21 14:47 . 2010-07-21 14:55 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
2010-07-07 09:44 . 2010-07-23 22:23 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2010-07-07 09:39 . 2010-07-07 09:39 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-07-07 08:46 . 2010-07-07 08:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-07-07 03:37 . 2010-07-07 03:37 -------- d-----w- c:\documents and settings\RENTWAY\Application Data\Malwarebytes
2010-07-07 03:37 . 2010-07-07 03:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-07-05 06:19 . 2010-07-05 06:19 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\AdobeUM

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-25 02:06 . 2010-05-24 10:05 -------- d-----w- c:\program files\Common Files\Akamai
2010-07-24 10:48 . 2010-07-24 10:48 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 1
2010-07-23 12:12 . 2007-12-13 06:29 -------- d-----w- c:\program files\Full Tilt Poker.Net
2010-07-21 14:55 . 2007-05-17 20:37 -------- d-----w- c:\program files\DivX
2010-07-21 14:54 . 2008-11-04 03:10 -------- d-----w- c:\documents and settings\RENTWAY\Application Data\DivX
2010-07-21 14:50 . 2009-07-09 08:38 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-07-12 17:54 . 2005-12-19 22:38 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-07 13:37 . 2004-08-24 04:31 -------- d-----w- c:\documents and settings\RENTWAY\Application Data\Wyrapa
2010-07-07 09:45 . 2010-07-07 09:45 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-07 09:45 . 2010-07-07 09:45 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-07 09:45 . 2010-07-07 09:45 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-07-07 09:45 . 2010-07-07 09:45 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-07-07 09:39 . 2010-07-07 09:39 -------- d-----w- c:\program files\AVG
2010-07-07 09:02 . 2006-01-01 03:22 -------- d-----w- c:\documents and settings\All Users\Application Data\yahoo!
2010-07-07 07:37 . 2004-08-24 04:31 -------- d-----w- c:\documents and settings\RENTWAY\Application Data\Vemu
.

------- Sigcheck -------

[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\qmgr.dll
[-] 2007-03-29 . CC431E6DEAAD867A583EE5E804EE4CF2 . 409600 . . [6.7.2600.3109] . . c:\windows\SYSTEM32\qmgr.dll
[-] 2007-03-29 . CC431E6DEAAD867A583EE5E804EE4CF2 . 409600 . . [6.7.2600.3109] . . c:\windows\SYSTEM32\bits\qmgr.dll
[-] 2007-03-29 . CC431E6DEAAD867A583EE5E804EE4CF2 . 409600 . . [6.7.2600.3109] . . c:\windows\SYSTEM32\DLLCACHE\qmgr.dll
[-] 2007-03-29 . 65E23953D337574E549B1EF34FE0B1DA . 409600 . . [6.7.2600.3109] . . c:\windows\$hf_mig$\KB923845\SP2QFE\qmgr.dll
[7] 2004-08-04 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\$NtUninstallKB923845$\qmgr.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2010-04-19 14:25 2117704 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-05 68856]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2006-12-01 4662776]
"Desktop Software"="c:\program files\Common Files\SupportSoft\bin\bcont.exe" [2009-04-24 1025320]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-06-30 1388544]
"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2004-08-24 57344]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-02-03 233304]
"lxebmon.exe"="c:\program files\Lexmark Pro200-S500 Series\lxebmon.exe" [2010-01-18 770728]
"EzPrint"="c:\program files\Lexmark Pro200-S500 Series\ezprint.exe" [2010-01-18 139944]
"Lexmark Pro200-S500 Series Fax Server"="c:\program files\Lexmark Pro200-S500 Series\fm3032.exe" [2010-01-18 316072]
"Mobile Connectivity Suite"="c:\program files\HTC\HTC Sync\Application Launcher\Application Launcher.exe" [2009-11-19 598016]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-07-07 2065760]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-06-03 1144104]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil10g_ActiveX.exe" [2010-05-25 223184]

c:\documents and settings\RENTWAY\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-3-6 110592]

c:\documents and settings\DIJIDLSBABY\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-07 09:45 12536 ----a-w- c:\windows\SYSTEM32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\RegCompact]
2006-04-10 23:42 138552 ----a-w- c:\windows\SYSTEM32\RegCompact.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\PlayOnline\\SquareEnix\\PlayOnlineViewer\\pol.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YAHOOM~1.EXE"=
"c:\\PROGRA~1\\Yahoo!\\MESSEN~1\\yserver.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\WINDOWS\\SYSTEM32\\lxebcoms.exe"=
"c:\\Program Files\\Lexmark Pro200-S500 Series\\lxebfax.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\WINDOWS\\SYSTEM32\\dpvsetup.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1039:TCP"= 1039:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\SYSTEM32\DRIVERS\avgldx86.sys [7/7/2010 5:45 AM 216400]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\SYSTEM32\DRIVERS\avgtdix.sys [7/7/2010 5:45 AM 243024]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [8/4/2004 7:00 AM 14336]
R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [7/7/2010 5:42 AM 921952]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [7/7/2010 5:42 AM 308136]
R2 lxeb_device;lxeb_device;c:\windows\system32\lxebcoms.exe -service --> c:\windows\system32\lxebcoms.exe -service [?]
R2 lxebCATSCustConnectService;lxebCATSCustConnectService;c:\windows\SYSTEM32\SPOOL\DRIVERS\W32X86\3\lxebserv.exe [5/8/2010 6:05 PM 98984]
S2 COMServer;COMServer;"c:\windows\system32\msapps\comsrvr.exe" s --> c:\windows\system32\msapps\comsrvr.exe [?]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [7/7/2010 5:44 AM 430152]
S3 HTCAND32;HTC Device Driver;c:\windows\SYSTEM32\DRIVERS\ANDROIDUSB.sys [8/24/2004 12:13 AM 24576]
S3 McComponentHostService;McAfee Security Scan Component Host Service;"c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe" --> c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [?]
S3 naecd;naecd;\??\c:\docume~1\RENTWAY\LOCALS~1\Temp\naecd.sys --> c:\docume~1\RENTWAY\LOCALS~1\Temp\naecd.sys [?]
S3 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - GTNDIS5

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder

2010-07-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.myspace.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE: &Dictionary - http://files.db3nf.com/scripts/ie.htm
IE: &Encyclopedia - http://files.db3nf.com/scripts/ie-e.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
DPF: {BDEE1959-AB6B-4745-A29B-F492861102CC}
FF - ProfilePath - c:\documents and settings\RENTWAY\Application Data\Mozilla\Firefox\Profiles\epjunh9d.default\
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\RENTWAY\Application Data\Move Networks\plugins\npqmp071701000002.dll
FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npnul32.dll
FF - plugin: c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - (no file)
WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
Notify-dimsntfy - (no file)
SafeBoot-015o895
AddRemove-doPDF 6 printer_is1 - c:\program files\Softland\doPDF 6\unins000.exe
AddRemove-mIRC - c:\program files\mIRC\mirc.exe
AddRemove-SmartUndelete_is1 - f:\smartundelete\unins000.exe
AddRemove-ViewpointMediaPlayer - c:\program files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-24 22:07
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,71,71,81,aa,c2,8e,ce,44,92,93,a7,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,f8,6f,98,7b,4e,7a,af,4b,81,4a,c2,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10g_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10g_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(668)
c:\windows\system32\RegCompact.dll

- - - - - - - > 'explorer.exe'(4776)
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVG\AVG9\avgchsvx.exe
c:\program files\AVG\AVG9\avgrsx.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\lxebcoms.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\AVG\AVG9\avgnsx.exe
c:\program files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe
c:\program files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WMP54GSv1_1.exe
c:\program files\AVG\AVG9\avgcsrvx.exe
c:\windows\system32\wscntfy.exe
c:\program files\Common Files\Teleca Shared\Generic.exe
c:\program files\Common Files\Teleca Shared\logger.exe
c:\program files\Common Files\Teleca Shared\CapabilityManager.exe
c:\program files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
c:\program files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
c:\program files\HTC\HTC Sync\Mobile Phone Monitor\DbgOut.exe
c:\program files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
c:\program files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
.
**************************************************************************
.
Completion time: 2010-07-24 22:23:25 - machine was rebooted
ComboFix-quarantined-files.txt 2010-07-25 02:23

Pre-Run: 7,512,539,136 bytes free
Post-Run: 7,282,294,784 bytes free

- - End Of File - - A249D47BC607FAB4C148CF39E2E1E0D0


#11 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:01:44 PM

Posted 25 July 2010 - 10:37 AM

Please download MBRCheck to your desktop.

http://ad13.geekstogo.com/MBRCheck.exe

1. Double click MBRCheck.exe to run it (Right click and run as Administrator for Vista).
2. It will open a black window, please do not fix anything (if it gives you an option).
3. Exit that window and it will produce a log (MBRCheck_date_time).
4. Please post that log when you reply.
Posted Image
m0le is a proud member of UNITE

#12 dijidl

dijidl
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:44 AM

Posted 25 July 2010 - 03:21 PM

Hello, again, m0le! icon_hello.gif

Here is the log you requested.



MBRCheck, version 1.1.1

© 2010, AD



\\.\C: --> \\.\PhysicalDrive0



Size Device Name MBR Status

--------------------------------------------

37 GB \\.\PhysicalDrive0 Known-bad MBR code detected (Whistler / Black Internet)!





Found non-standard or infected MBR.

Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Edited by dijidl, 25 July 2010 - 03:22 PM.


#13 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:01:44 PM

Posted 25 July 2010 - 06:08 PM

Okay, we're going to remove the rootkit in the MBR and then return to deal with Combofix's log

The MBR has been rewritten.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run MBRCheck.exe
  • Run MBRCheck.exe
  • Wait until you see the following line: Enter 'Y' and hit ENTER for more options, or 'N' to exit:
  • Please push the 'Y' key and then press Enter
  • When program ask you Enter your choice: enter 2and press the Enter key
  • Now the program will ask you "Enter the physical disk number to fix (0-99, -1 to cancel):"
  • Enter 0 and press the Enter key.
  • The program will show Available MBR codes:, followed by a list of operating systems. Please enter 1 for Windows XP, and then press Enter.
  • when asked Do you want to fix the MRB code? type in YES and press enter
  • Restart your PC.
After you restart the PC
  • Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)
  • It will show a Black screen with some data on it
  • a report called MBRcheck will be on your desktop
  • open this report
  • Right click on the screen and select > Select All
  • Press Control+C
  • now please copy that report to this thread

Posted Image
m0le is a proud member of UNITE

#14 dijidl

dijidl
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:09:44 AM

Posted 26 July 2010 - 11:16 AM

Here is the new MBR log you requested.



MBRCheck, version 1.1.1

© 2010, AD



\\.\C: --> \\.\PhysicalDrive0



Size Device Name MBR Status

--------------------------------------------

37 GB \\.\PhysicalDrive0 Known-bad MBR code detected (Whistler / Black Internet)!





Found non-standard or infected MBR.

Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Options:

[1] Dump the MBR of a physical disk to file.

[2] Restore the MBR of a physical disk with a standard boot code.

[3] Exit.



Enter your choice: Enter the physical disk number to fix (0-99, -1 to cancel): Available MBR codes:

[ 0] Default (Windows XP)

[ 1] Windows XP

[ 2] Windows Server 2003

[ 3] Windows Vista

[ 4] Windows 2008

[ 5] Windows 7

[-1] Cancel



Please select the MBR code to write to this drive:

Do you want to fix the MBR code? Type 'YES' and hit ENTER to continue: Successfully wrote new MBR code!

Please reboot your computer to complete the fix.





Done! Press ENTER to exit...



#15 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:01:44 PM

Posted 26 July 2010 - 01:43 PM

That's done that. Please rerun Combofix so we can remove the rest

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the box below into it:

QUOTE
File::
c:\docume~1\RENTWAY\LOCALS~1\Temp\naecd.sys

Folder::
c:\documents and settings\RENTWAY\Application Data\Wyrapa
c:\documents and settings\RENTWAY\Application Data\Vemu

RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

Driver::
naecd


Save this as CFScript.txt, in the same location as Comfix.exe (called ComboFix.exe in the below graphic)




Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users