Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer Programs keep crashing


  • This topic is locked This topic is locked
11 replies to this topic

#1 Requiem7

Requiem7

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 14 August 2010 - 02:50 PM

Hi,
For some reason all my computer programs keep crashing. Just after upgrading my ram from 512mb to 2GB. When I restarted my computer my Norton Antivirus 2010 was telling that one my online games-Star Trek Online.exe I play was threat and that it was going to uninstall it. I've been playing this game for months and never had this problem. Once I told Norton to ignore this I attemped to play the game and the game crashed I restrated my computer and tried to play the game again was able to log on but the game fozen and then crashed. I tried another online game-City of Heroes I play was able to log on for a little bit and play and the game crashed, tried it a few times but with the same result. I open my outlook and it fozen and crashed tried a few more programs and they kept crashing. Then at another point my whole computer screen went blue and my computer shutdown and restarted. I ran antivirus scan and it crashed and I got an error message telling me that there was something wrong with my norton scan. It said that my virus that my virus defentions were not up to date. I was able to fix this and did a scan and found some malaware and took care of it also I ran malwarebytes but it crashed as well and wasn't able to complete its scan.I'm able to connect to the net but not for long till internet explorer crashes or freeze up. Can someone please help me? Do I need to just wipe the drive clean and reinstall windows?


DDS (Ver_10-03-17.01) - NTFSx86
Run by Phillip at 7:52:34.14 on Sat 08/14/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2558.1646 [GMT -4:00]

AV: Norton AntiVirus *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Phillip\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.alienware.com
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton antivirus\engine\17.7.0.12\IPSBHO.DLL
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SkyTel] SkyTel.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [NWEReboot]
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [Carbonite Backup] c:\program files\carbonite\carbonite backup\CarboniteUI.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1279942477296
Notify: WB - c:\program files\alienguise\fastload.dll
AppInit_DLLs: wbsys.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\phillip\applic~1\mozilla\firefox\profiles\kbwet8rt.default\
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_17.6.0.32\ipsffplgn\components\IPSFFPl.dll
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nav\1107000.00c\symds.sys [2010-7-24 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nav\1107000.00c\symefa.sys [2010-7-24 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_17.6.0.32\definitions\bashdefs\20100719.001\BHDrvx86.sys [2010-8-5 692272]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nav\1107000.00c\cchpx86.sys [2010-7-24 501888]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nav\1107000.00c\ironx86.sys [2010-7-24 116784]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 NAV;Norton AntiVirus;c:\program files\norton antivirus\engine\17.7.0.12\ccsvchst.exe [2010-7-24 126392]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-8-12 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_17.6.0.32\definitions\ipsdefs\20100813.004\IDSXpx86.sys [2010-8-14 331640]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_17.6.0.32\definitions\virusdefs\20100813.009\NAVENG.SYS [2010-8-13 85424]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_17.6.0.32\definitions\virusdefs\20100813.009\NAVEX15.SYS [2010-8-13 1362608]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2010-8-2 58600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

=============== Created Last 30 ================

2010-08-14 11:46:23 0 ----a-w- c:\documents and settings\phillip\defogger_reenable
2010-08-13 00:07:39 0 d-----w- c:\docume~1\phillip\applic~1\Tific
2010-08-11 21:02:06 0 d-----w- c:\docume~1\phillip\applic~1\Funambol
2010-08-11 21:01:57 0 d-----w- c:\program files\Funambol
2010-08-06 23:31:11 1089593 -c----w- c:\windows\system32\dllcache\ntprint.cat
2010-08-06 13:22:06 0 d-----w- c:\windows\system32\XPSViewer
2010-08-06 13:20:57 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-08-06 13:20:57 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-08-06 13:20:57 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-08-06 13:20:57 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-08-06 13:20:57 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-08-06 13:20:57 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-08-06 13:20:57 117760 ------w- c:\windows\system32\prntvpt.dll
2010-08-06 13:20:57 0 d-----w- C:\9e0a2a7f5ad286e126854939ccc9a5
2010-08-05 01:21:52 0 d-sh--w- c:\documents and settings\phillip\IECompatCache
2010-08-04 21:27:10 57252 ---ha-w- c:\windows\system32\mlfcache.dat
2010-08-03 01:54:31 0 d-----w- c:\program files\Carbonite
2010-08-03 01:54:31 0 d-----w- c:\docume~1\alluse~1\applic~1\Carbonite
2010-08-03 01:32:42 58600 ----a-w- c:\windows\system32\drivers\nvhda32.sys
2010-08-03 01:32:42 219752 ----a-w- c:\windows\system32\nvcohda.dll
2010-08-03 01:32:42 19456 ----a-w- c:\windows\system32\nvhdap32.dll
2010-08-03 01:29:44 0 d-----w- c:\windows\DEA314C409294250BC9298E4C105F28D.TMP
2010-08-03 01:11:00 0 d-----w- c:\program files\common files\Wise Installation Wizard
2010-08-01 14:30:22 0 d-----w- c:\program files\CohBeta
2010-07-31 21:59:17 0 d-----w- c:\program files\KaraFun
2010-07-31 21:59:17 0 d-----w- c:\docume~1\alluse~1\applic~1\Recisio
2010-07-31 18:54:33 0 d-----w- c:\program files\common files\eSellerate
2010-07-31 18:54:33 0 d-----w- c:\docume~1\phillip\applic~1\kJams Plugins
2010-07-31 18:54:32 0 d-----w- c:\docume~1\phillip\applic~1\Preferences
2010-07-31 18:54:32 0 d-----w- c:\docume~1\phillip\applic~1\kJams Logs
2010-07-31 18:47:38 0 d-----w- c:\program files\kJamsLiteWin
2010-07-31 17:38:54 0 d-----w- c:\docume~1\phillip\applic~1\Windows Desktop Search
2010-07-31 17:38:15 0 d-----w- c:\windows\system32\GroupPolicy
2010-07-31 17:38:15 0 d-----w- c:\program files\Windows Desktop Search
2010-07-31 17:37:25 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll
2010-07-31 17:37:25 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll
2010-07-31 17:37:25 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll
2010-07-31 13:14:27 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-07-31 13:14:27 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-07-31 13:14:26 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-07-31 13:14:26 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-07-31 13:14:25 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-07-31 13:14:25 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-07-31 13:14:25 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-07-31 13:14:24 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2010-07-31 13:14:23 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-07-31 13:14:23 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-07-31 13:14:21 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-07-31 13:14:16 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2010-07-31 13:12:49 0 d--h--w- c:\windows\msdownld.tmp
2010-07-28 21:46:30 4984 ----a-w- c:\windows\system32\drivers\nvphy.bin
2010-07-27 05:16:47 0 d-----w- C:\Restored from Carbonite
2010-07-26 22:23:54 0 d-----w- c:\documents and settings\phillip\Downloads
2010-07-26 22:23:35 0 d-----w- c:\documents and settings\phillip\Carbonite Restored OLD User Settings
2010-07-26 22:23:18 0 d-----w- c:\documents and settings\all users\Symantec Temporary Files
2010-07-26 22:08:52 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-07-26 22:08:52 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-07-26 22:08:52 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-07-26 22:08:51 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-07-25 22:39:21 0 d-----w- c:\program files\Windows Media Connect 2
2010-07-25 22:38:20 0 d-----w- c:\windows\system32\LogFiles
2010-07-25 21:24:17 0 d-----w- c:\program files\Nero
2010-07-25 21:12:06 0 d-----w- c:\program files\common files\DivX Shared
2010-07-25 21:10:06 0 d-----w- c:\program files\DivX
2010-07-25 21:09:47 0 d-----w- c:\docume~1\alluse~1\applic~1\DivX
2010-07-24 22:46:02 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2010-07-24 22:46:02 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2010-07-24 22:46:01 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2010-07-24 22:46:01 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-07-24 22:46:01 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2010-07-24 22:46:01 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2010-07-24 22:46:00 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2010-07-24 22:46:00 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2010-07-24 22:46:00 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-07-24 22:46:00 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2010-07-24 22:40:27 0 d-----w- c:\windows\Logs
2010-07-24 22:40:04 0 d-----w- c:\program files\Cryptic Studios
2010-07-24 22:06:55 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2010-07-24 22:06:55 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2010-07-24 22:06:26 0 d-----w- c:\program files\iPod
2010-07-24 22:06:22 0 d-----w- c:\program files\iTunes
2010-07-24 22:06:22 0 d-----w- c:\docume~1\alluse~1\applic~1\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-07-24 22:05:10 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-07-24 22:05:10 3062048 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-07-24 22:04:53 0 d-----w- c:\program files\Bonjour
2010-07-24 21:57:41 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2010-07-24 21:46:40 0 d-----w- c:\program files\common files\xing shared
2010-07-24 21:46:14 0 d-----w- c:\program files\common files\Real
2010-07-24 18:56:07 0 d-----w- c:\program files\City of Heroes
2010-07-24 18:42:48 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-07-24 18:42:48 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2010-07-24 18:40:53 3255 ----a-w- c:\windows\system32\wbem\Outlook_01cb2b5fbee65166.mof
2010-07-24 18:30:46 0 d-----w- c:\program files\common files\Doblon
2010-07-24 18:30:38 0 d-----w- c:\program files\Doblon
2010-07-24 18:10:19 0 d-----w- c:\program files\GrabIt
2010-07-24 17:04:19 0 d-----w- c:\windows\SHELLNEW
2010-07-24 16:49:27 0 d-----w- c:\docume~1\phillip\applic~1\GrabIt
2010-07-24 15:24:33 0 d-----w- C:\spoolerlogs
2010-07-24 15:16:02 0 d-----w- c:\program files\Brownie
2010-07-24 15:15:12 180224 ----a-w- c:\windows\system32\PDRVINST.DLL
2010-07-24 15:15:11 81920 ------w- c:\windows\system32\BrWebIns.dll
2010-07-24 15:15:11 65536 ------w- c:\windows\system32\BRWEBUP.EXE
2010-07-24 15:15:08 0 d-----w- c:\program files\Brother
2010-07-24 15:14:46 304128 ----a-w- c:\windows\IsUninst.exe
2010-07-24 15:14:41 0 d-----w- c:\documents and settings\phillip\WINDOWS
2010-07-24 15:13:47 50 ----a-r- c:\windows\system32\am_5040.dat
2010-07-24 15:10:49 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2010-07-24 15:10:49 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2010-07-24 14:58:09 0 d-----w- c:\program files\uTorrent
2010-07-24 14:57:09 0 d-----w- c:\docume~1\phillip\applic~1\uTorrent
2010-07-24 14:46:09 0 d-----w- c:\docume~1\phillip\applic~1\Malwarebytes
2010-07-24 14:46:04 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-24 14:46:03 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-24 14:46:03 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-24 14:46:03 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-07-24 14:08:29 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-07-24 14:08:29 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-07-24 14:08:29 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-07-24 14:08:29 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-07-24 14:08:29 0 d-----w- c:\program files\Symantec
2010-07-24 14:08:29 0 d-----w- c:\program files\common files\Symantec Shared
2010-07-24 14:08:12 0 d-----w- c:\windows\system32\drivers\NAV
2010-07-24 14:08:09 0 d-----w- c:\program files\Norton AntiVirus
2010-07-24 13:59:54 0 d-----w- c:\program files\NortonInstaller
2010-07-24 13:59:54 0 d-----w- c:\docume~1\alluse~1\applic~1\NortonInstaller
2010-07-24 13:25:14 0 d-----w- c:\docume~1\alluse~1\applic~1\Norton
2010-07-24 06:20:31 0 d-s---w- c:\windows\system32\Microsoft
2010-07-24 05:39:07 0 d-----w- c:\docume~1\alluse~1\applic~1\NVIDIA Corporation
2010-07-24 05:36:22 0 d-sh--w- c:\documents and settings\all users\DRM
2010-07-24 05:36:08 0 d--h--w- c:\program files\WindowsUpdate
2010-07-24 05:35:32 0 d-----w- c:\program files\common files\MSSoap
2010-07-24 05:34:16 0 d-----w- c:\program files\Online Services
2010-07-24 05:33:54 0 d-----w- c:\program files\Windows Plus
2010-07-24 05:33:04 0 d-----w- c:\program files\Messenger
2010-07-24 05:33:01 0 d-----w- c:\program files\MSN Gaming Zone
2010-07-24 05:32:34 0 d-----w- c:\program files\Windows NT
2010-07-24 05:28:02 0 d-----w- c:\program files\SystemRequirementsLab
2010-07-24 05:20:20 0 d-----w- c:\program files\common files\Stardock
2010-07-24 05:20:20 0 d-----w- c:\program files\AlienGUIse
2010-07-24 05:15:28 0 d-----w- c:\program files\AVerMedia
2010-07-24 05:09:07 0 d-----w- c:\program files\NVIDIA Corporation
2010-07-23 22:24:31 0 d-----w- c:\program files\common files\ODBC
2010-07-23 22:24:29 0 d-----w- c:\program files\common files\SpeechEngines
2010-07-23 22:24:14 0 d-----r- c:\documents and settings\all users\Documents

==================== Find3M ====================

2010-07-24 21:46:21 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-07-24 21:46:21 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-07-24 05:34:21 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2010-07-07 17:46:46 604776 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-06-30 12:31:35 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:22:03 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-23 13:44:04 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27:11 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 07:41:45 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-09 23:01:10 133616 ------w- c:\windows\system32\pxafs.dll
2010-06-09 23:01:10 126448 ------w- c:\windows\system32\pxinsi64.exe
2010-06-09 23:01:10 123888 ------w- c:\windows\system32\pxcpyi64.exe
2010-05-18 20:35:16 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-05-18 20:35:16 75040 ----a-w- c:\windows\system32\jdns_sd.dll
2010-05-18 20:35:16 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-05-18 20:35:16 107808 ----a-w- c:\windows\system32\dns-sd.exe

============= FINISH: 7:52:50.65 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:01:01 AM

Posted 21 August 2010 - 01:39 PM

Welcome to the BleepingComputer Forums.

Since it has been a few days since you scanned your computer with HijackThis, we will need a new HijackThis log. If you have not already downloaded Random's System Information Tool (RSIT), please download Random's System Information Tool (RSIT) by random/random which includes a HijackThis log and save it to your desktop. If you have RSIT already on your computer, please run it again.
  1. Double click on RSIT.exe to run RSIT.
  2. Click Continue at the disclaimer screen.
  3. Please post the contents of log.txt.
Thank you for your patience.

Please see Preparation Guide for use before posting about your potential Malware problem.

If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped.

Please post your HijackThis log as a reply to this thread and not as an attachment. I am always leery of opening attachments so I always request that HijackThis logs are to be posted as a reply to the thread. I do not think that you are attaching anything scary but others may do so.

While we are working on your HijackThis log, please:
  1. Reply to this thread; do not start another!
  2. Do not make any changes on your computer during the cleaning process or download/add programs on your computer unless instructed to do so.
  3. Do not run any other tool until instructed to do so!
  4. Let me know if any of the links do not work or if any of the tools do not work.
  5. Tell me about problems or symptoms that occur during the fix.
  6. Do not run any other programs or open any other windows while doing a fix.
  7. Ask any questions that you have regarding the fix(es), the infection(s), the performance of your computer, etc.
Thanks.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.

#3 Requiem7

Requiem7
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 21 August 2010 - 02:31 PM

Here is the information you requested.


Logfile of random's system information tool 1.08 (written by random/random)
Run by Phillip at 2010-08-21 15:29:01
Microsoft Windows XP Professional Service Pack 3
System drive C: has 151 GB (63%) free of 238 GB
Total RAM: 2558 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:29:19 PM, on 8/21/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Phillip\Desktop\RSIT.exe
C:\Program Files\trend micro\Phillip.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alienware.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\IPSBHO.DLL
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.alienware.com
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo...sreqlab_nvd.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1279942477296
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CarboniteService - Carbonite, Inc. (www.carbonite.com) - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

--
End of file - 7106 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-790525478-2147084891-725345543-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-790525478-2147084891-725345543-1003.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{24318EB0-DE71-4570-9221-E37B2E3669EE}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-07-24 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\IPSBHO.DLL [2010-05-13 79224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-09-12 16264192]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-05-18 49152]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-19 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-07-24 202256]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-18 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-07-21 141608]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-06-02 1144104]
"NWEReboot"= []
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"nwiz"=nwiz.exe /installquiet []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
"Carbonite Backup"=C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe [2010-06-28 900240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="wbsys.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\GrabIt\GrabIt.exe"="C:\Program Files\GrabIt\GrabIt.exe:*:Enabled:GrabIt"
"C:\Program Files\City of Heroes\cohupdater.exe"="C:\Program Files\City of Heroes\cohupdater.exe:*:Enabled:City of Heroes"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-08-21 15:23:58 ----D---- C:\rsit
2010-08-21 15:23:58 ----D---- C:\Program Files\trend micro
2010-08-13 06:30:55 ----ASH---- C:\hiberfil.sys
2010-08-12 21:03:19 ----D---- C:\WINDOWS\CSC
2010-08-12 20:07:39 ----D---- C:\Documents and Settings\Phillip\Application Data\Tific
2010-08-11 17:18:09 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-11 17:18:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-08-11 17:17:53 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-08-11 17:17:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-08-11 17:09:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-08-11 17:09:16 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-08-11 17:06:32 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-08-11 17:05:50 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-08-11 17:02:06 ----D---- C:\Documents and Settings\Phillip\Application Data\Funambol
2010-08-11 17:01:57 ----D---- C:\Program Files\Funambol
2010-08-06 19:58:14 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-08-06 09:22:06 ----D---- C:\WINDOWS\system32\XPSViewer
2010-08-06 09:21:46 ----D---- C:\Program Files\Reference Assemblies
2010-08-06 09:20:57 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-08-06 09:20:57 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-08-06 09:20:57 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-08-06 09:20:57 ----D---- C:\9e0a2a7f5ad286e126854939ccc9a5
2010-08-02 21:54:31 ----D---- C:\Program Files\Carbonite
2010-08-02 21:54:31 ----D---- C:\Documents and Settings\All Users\Application Data\Carbonite
2010-08-02 21:32:42 ----A---- C:\WINDOWS\system32\nvhdap32.dll
2010-08-02 21:32:42 ----A---- C:\WINDOWS\system32\nvcohda.dll
2010-08-02 21:32:42 ----A---- C:\WINDOWS\system32\drivers\nvhda32.sys
2010-08-02 21:29:44 ----D---- C:\WINDOWS\DEA314C409294250BC9298E4C105F28D.TMP
2010-08-02 21:13:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-08-02 21:11:00 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-08-01 10:30:22 ----D---- C:\Program Files\CohBeta
2010-07-31 17:59:17 ----D---- C:\Program Files\KaraFun
2010-07-31 17:59:17 ----D---- C:\Documents and Settings\All Users\Application Data\Recisio
2010-07-31 14:54:33 ----D---- C:\Program Files\Common Files\eSellerate
2010-07-31 14:54:33 ----D---- C:\Documents and Settings\Phillip\Application Data\kJams Plugins
2010-07-31 14:54:32 ----D---- C:\Documents and Settings\Phillip\Application Data\Preferences
2010-07-31 14:54:32 ----D---- C:\Documents and Settings\Phillip\Application Data\kJams Logs
2010-07-31 14:47:38 ----D---- C:\Program Files\kJamsLiteWin
2010-07-31 13:41:32 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2010-07-31 13:38:54 ----D---- C:\Documents and Settings\Phillip\Application Data\Windows Desktop Search
2010-07-31 13:38:15 ----D---- C:\WINDOWS\system32\GroupPolicy
2010-07-31 13:38:15 ----D---- C:\Program Files\Windows Desktop Search
2010-07-31 13:38:01 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2010-07-31 13:37:42 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2010-07-31 09:14:27 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2010-07-31 09:14:27 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2010-07-31 09:14:26 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2010-07-31 09:14:26 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2010-07-31 09:14:25 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2010-07-31 09:14:25 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2010-07-31 09:14:25 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2010-07-31 09:14:24 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2010-07-31 09:14:23 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2010-07-31 09:14:23 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2010-07-31 09:14:21 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2010-07-31 09:14:16 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2010-07-31 09:12:49 ----HD---- C:\WINDOWS\msdownld.tmp
2010-07-27 01:16:47 ----D---- C:\Restored from Carbonite
2010-07-26 18:08:52 ----A---- C:\WINDOWS\system32\ptpusb.dll
2010-07-26 18:08:52 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2010-07-26 18:08:51 ----A---- C:\WINDOWS\system32\ptpusd.dll
2010-07-26 16:56:30 ----D---- C:\WINDOWS\Minidump
2010-07-25 20:19:48 ----A---- C:\WINDOWS\ntbtlog.txt
2010-07-25 20:05:51 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2010-07-25 20:05:48 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-07-25 20:05:36 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2010-07-25 19:40:31 ----D---- C:\Documents and Settings\Phillip\Application Data\CyberLink
2010-07-25 19:03:45 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-07-25 18:39:49 ----D---- C:\Program Files\Microsoft Silverlight
2010-07-25 18:39:37 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-07-25 18:39:36 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2010-07-25 18:39:21 ----D---- C:\Program Files\Windows Media Connect 2
2010-07-25 18:39:13 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2010-07-25 18:38:37 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2010-07-25 18:38:20 ----D---- C:\WINDOWS\system32\LogFiles
2010-07-25 18:38:20 ----D---- C:\WINDOWS\system32\drivers\UMDF
2010-07-25 18:38:18 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2010-07-25 18:37:15 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$
2010-07-25 17:28:23 ----D---- C:\Program Files\Common Files\LightScribe
2010-07-25 17:26:42 ----D---- C:\Documents and Settings\Phillip\Application Data\Ahead
2010-07-25 17:24:17 ----D---- C:\Program Files\Nero
2010-07-25 17:24:17 ----D---- C:\Program Files\Common Files\Ahead
2010-07-25 17:12:53 ----D---- C:\Documents and Settings\Phillip\Application Data\DivX
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\vxblock.dll
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\pxwave.dll
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\pxsfs.dll
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\pxmas.dll
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\pxdrv.dll
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\pxafs.dll
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\px.dll
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\drivers\cdralw2k.sys
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2010-07-25 17:12:06 ----D---- C:\Program Files\Common Files\DivX Shared
2010-07-25 17:10:06 ----D---- C:\Program Files\DivX
2010-07-25 17:09:47 ----D---- C:\Documents and Settings\All Users\Application Data\DivX
2010-07-25 17:06:47 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2010-07-24 18:46:02 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2010-07-24 18:46:02 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2010-07-24 18:46:01 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2010-07-24 18:46:01 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2010-07-24 18:46:01 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2010-07-24 18:46:01 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2010-07-24 18:46:00 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-07-24 18:46:00 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2010-07-24 18:46:00 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2010-07-24 18:46:00 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2010-07-24 18:45:59 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2010-07-24 18:45:59 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2010-07-24 18:45:59 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2010-07-24 18:45:58 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2010-07-24 18:45:57 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2010-07-24 18:45:57 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2010-07-24 18:45:56 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2010-07-24 18:45:55 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2010-07-24 18:45:55 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2010-07-24 18:45:55 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2010-07-24 18:45:55 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2010-07-24 18:45:54 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-07-24 18:45:54 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-07-24 18:45:53 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-07-24 18:45:53 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-07-24 18:45:53 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-07-24 18:45:53 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-07-24 18:45:52 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-07-24 18:45:52 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-07-24 18:45:52 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-07-24 18:45:52 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-07-24 18:45:52 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-07-24 18:45:51 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-07-24 18:45:51 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-07-24 18:45:51 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-07-24 18:45:50 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-07-24 18:45:50 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-07-24 18:45:50 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-07-24 18:45:50 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-07-24 18:45:49 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-07-24 18:45:49 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-07-24 18:45:48 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-07-24 18:45:48 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-07-24 18:45:48 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-07-24 18:45:47 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-07-24 18:45:47 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-07-24 18:45:47 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-07-24 18:45:46 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-07-24 18:45:46 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-07-24 18:45:46 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-07-24 18:45:46 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-07-24 18:45:46 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-07-24 18:45:45 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-07-24 18:45:44 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2010-07-24 18:45:43 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-07-24 18:45:42 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-07-24 18:45:42 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-07-24 18:45:40 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-07-24 18:45:39 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-07-24 18:45:39 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-07-24 18:45:38 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-07-24 18:45:38 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-07-24 18:45:38 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-07-24 18:45:38 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-07-24 18:45:37 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-07-24 18:45:37 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-07-24 18:45:37 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-07-24 18:45:36 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-07-24 18:45:36 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-07-24 18:45:31 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-07-24 18:45:31 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-07-24 18:45:31 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2010-07-24 18:45:31 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-07-24 18:45:30 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-07-24 18:45:30 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2010-07-24 18:45:29 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-07-24 18:45:29 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-07-24 18:45:28 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-07-24 18:45:27 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-07-24 18:40:27 ----D---- C:\WINDOWS\Logs
2010-07-24 18:40:04 ----D---- C:\Program Files\Cryptic Studios
2010-07-24 18:07:15 ----D---- C:\Documents and Settings\Phillip\Application Data\Apple Computer
2010-07-24 18:06:55 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2010-07-24 18:06:55 ----A---- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
2010-07-24 18:06:26 ----D---- C:\Program Files\iPod
2010-07-24 18:06:22 ----D---- C:\Program Files\iTunes
2010-07-24 18:06:22 ----D---- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-07-24 18:05:28 ----D---- C:\Program Files\QuickTime
2010-07-24 18:05:27 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2010-07-24 18:05:16 ----D---- C:\Program Files\Apple Software Update
2010-07-24 18:05:10 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-07-24 18:05:10 ----A---- C:\WINDOWS\system32\usbaaplrc.dll
2010-07-24 18:05:10 ----A---- C:\WINDOWS\system32\drivers\usbaapl.sys
2010-07-24 18:04:53 ----D---- C:\Program Files\Bonjour
2010-07-24 18:04:43 ----D---- C:\Program Files\Common Files\Apple
2010-07-24 18:04:43 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2010-07-24 17:57:41 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2010-07-24 17:47:04 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2010-07-24 17:46:49 ----A---- C:\WINDOWS\system32\pndx5032.dll
2010-07-24 17:46:49 ----A---- C:\WINDOWS\system32\pndx5016.dll
2010-07-24 17:46:40 ----D---- C:\Program Files\Common Files\xing shared
2010-07-24 17:46:21 ----A---- C:\WINDOWS\system32\pncrt.dll
2010-07-24 17:46:17 ----D---- C:\Program Files\Real
2010-07-24 17:46:14 ----D---- C:\Program Files\Common Files\Real
2010-07-24 17:46:12 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2010-07-24 17:46:10 ----D---- C:\Documents and Settings\Phillip\Application Data\Real
2010-07-24 14:56:07 ----D---- C:\Program Files\City of Heroes
2010-07-24 14:42:48 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-07-24 14:42:48 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-07-24 14:30:46 ----D---- C:\Program Files\Common Files\Doblon
2010-07-24 14:30:38 ----D---- C:\Program Files\Doblon
2010-07-24 14:10:19 ----D---- C:\Program Files\GrabIt
2010-07-24 13:07:57 ----D---- C:\Program Files\Microsoft Works
2010-07-24 13:07:48 ----D---- C:\Program Files\MSBuild
2010-07-24 13:07:38 ----D---- C:\Program Files\Microsoft Visual Studio
2010-07-24 13:07:38 ----D---- C:\Program Files\Common Files\DESIGNER
2010-07-24 13:06:50 ----D---- C:\Program Files\Microsoft.NET
2010-07-24 13:04:19 ----D---- C:\WINDOWS\SHELLNEW
2010-07-24 13:03:54 ----D---- C:\Program Files\Microsoft Office
2010-07-24 13:03:54 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-07-24 13:03:32 ----RHD---- C:\MSOCache
2010-07-24 12:49:27 ----D---- C:\Documents and Settings\Phillip\Application Data\GrabIt
2010-07-24 12:08:49 ----D---- C:\Program Files\Common Files\Adobe
2010-07-24 11:49:11 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-07-24 11:44:59 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2010-07-24 11:44:31 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2010-07-24 11:43:10 ----D---- C:\Documents and Settings\Phillip\Application Data\Mozilla
2010-07-24 11:43:03 ----D---- C:\Program Files\Mozilla Firefox
2010-07-24 11:24:33 ----D---- C:\spoolerlogs
2010-07-24 11:16:06 ----A---- C:\WINDOWS\opt_5040.ini
2010-07-24 11:16:06 ----A---- C:\WINDOWS\brwmark.ini
2010-07-24 11:16:06 ----A---- C:\WINDOWS\BRVIDEO.INI
2010-07-24 11:16:06 ----A---- C:\WINDOWS\brpp2ka.ini
2010-07-24 11:16:06 ----A---- C:\WINDOWS\Brownie.ini
2010-07-24 11:16:06 ----A---- C:\WINDOWS\BROHL504.INI
2010-07-24 11:16:06 ----A---- C:\WINDOWS\brmx2001.ini
2010-07-24 11:16:06 ----A---- C:\WINDOWS\BRDIAG.INI
2010-07-24 11:16:03 ----A---- C:\WINDOWS\system32\BRVPDNTA.DLL
2010-07-24 11:16:03 ----A---- C:\WINDOWS\system32\BRVPD95A.DLL
2010-07-24 11:16:03 ----A---- C:\WINDOWS\system32\BRGSRC32.DLL
2010-07-24 11:16:03 ----A---- C:\WINDOWS\system32\BRGSRC16.DLL
2010-07-24 11:16:03 ----A---- C:\WINDOWS\system32\Brdiag2.exe
2010-07-24 11:16:02 ----D---- C:\Program Files\Brownie
2010-07-24 11:16:02 ----A---- C:\WINDOWS\system32\drivers\BRPAR.SYS
2010-07-24 11:16:02 ----A---- C:\WINDOWS\HL-5040.INI
2010-07-24 11:15:12 ----A---- C:\WINDOWS\system32\PDRVINST.DLL
2010-07-24 11:15:11 ----N---- C:\WINDOWS\system32\BRWEBUP.EXE
2010-07-24 11:15:11 ----N---- C:\WINDOWS\system32\BrWebIns.dll
2010-07-24 11:15:08 ----D---- C:\Program Files\Brother
2010-07-24 11:14:46 ----A---- C:\WINDOWS\IsUninst.exe
2010-07-24 11:10:49 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2010-07-24 10:58:09 ----D---- C:\Program Files\uTorrent
2010-07-24 10:57:09 ----D---- C:\Documents and Settings\Phillip\Application Data\uTorrent
2010-07-24 10:46:09 ----D---- C:\Documents and Settings\Phillip\Application Data\Malwarebytes
2010-07-24 10:46:04 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-07-24 10:46:03 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-07-24 10:46:03 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-07-24 10:46:03 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-07-24 10:08:29 ----D---- C:\Program Files\Symantec
2010-07-24 10:08:29 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-07-24 10:08:29 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2010-07-24 10:08:29 ----A---- C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2010-07-24 10:08:12 ----D---- C:\WINDOWS\system32\drivers\NAV
2010-07-24 10:08:09 ----D---- C:\Program Files\Windows Sidebar
2010-07-24 10:08:09 ----D---- C:\Program Files\Norton AntiVirus
2010-07-24 09:59:54 ----D---- C:\Program Files\NortonInstaller
2010-07-24 09:59:54 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2010-07-24 09:43:17 ----D---- C:\Documents and Settings\Phillip\Application Data\AdobeUM
2010-07-24 09:25:14 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2010-07-24 02:20:35 ----D---- C:\WINDOWS\SoftwareDistribution
2010-07-24 02:20:31 ----SD---- C:\WINDOWS\system32\Microsoft
2010-07-24 02:20:31 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-24 01:40:45 ----SHD---- C:\RECYCLER
2010-07-24 01:39:07 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2010-07-24 01:38:34 ----D---- C:\NVIDIA
2010-07-24 01:37:24 ----D---- C:\WINDOWS\system32\xircom
2010-07-24 01:37:24 ----D---- C:\Program Files\xerox
2010-07-24 01:37:24 ----D---- C:\Program Files\microsoft frontpage
2010-07-24 01:37:11 ----RASH---- C:\MSDOS.SYS
2010-07-24 01:37:11 ----RASH---- C:\IO.SYS
2010-07-24 01:37:11 ----A---- C:\WINDOWS\control.ini
2010-07-24 01:37:11 ----A---- C:\CONFIG.SYS
2010-07-24 01:37:11 ----A---- C:\AUTOEXEC.BAT
2010-07-24 01:37:04 ----A---- C:\WINDOWS\OEWABLog.txt
2010-07-24 01:37:03 ----A---- C:\WINDOWS\system32\mapi32.dll
2010-07-24 01:36:16 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-07-24 01:36:16 ----RD---- C:\WINDOWS\Offline Web Pages
2010-07-24 01:36:16 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-07-24 01:36:11 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-07-24 01:36:08 ----HD---- C:\Program Files\WindowsUpdate
2010-07-24 01:35:57 ----D---- C:\WINDOWS\system32\DirectX
2010-07-24 01:35:43 ----A---- C:\WINDOWS\system32\atrace.dll
2010-07-24 01:35:41 ----A---- C:\WINDOWS\system32\desktop.ini
2010-07-24 01:35:41 ----A---- C:\WINDOWS\desktop.ini
2010-07-24 01:35:36 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2010-07-24 01:35:35 ----A---- C:\WINDOWS\system32\acctres.dll
2010-07-24 01:35:34 ----D---- C:\Program Files\Common Files\Services
2010-07-24 01:35:32 ----SD---- C:\WINDOWS\Tasks
2010-07-24 01:35:32 ----D---- C:\Program Files\Common Files\MSSoap
2010-07-24 01:35:32 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2010-07-24 01:35:29 ----D---- C:\WINDOWS\system32\Macromed
2010-07-24 01:35:29 ----D---- C:\WINDOWS\srchasst
2010-07-24 01:35:27 ----A---- C:\WINDOWS\system32\wuweb.dll
2010-07-24 01:35:27 ----A---- C:\WINDOWS\system32\wups.dll
2010-07-24 01:35:27 ----A---- C:\WINDOWS\system32\wucltui.dll
2010-07-24 01:35:27 ----A---- C:\WINDOWS\system32\wuauserv.dll
2010-07-24 01:35:27 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2010-07-24 01:35:27 ----A---- C:\WINDOWS\system32\wuaueng.dll
2010-07-24 01:35:27 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2010-07-24 01:35:26 ----A---- C:\WINDOWS\system32\wuauclt.exe
2010-07-24 01:35:26 ----A---- C:\WINDOWS\system32\wuapi.dll
2010-07-24 01:35:26 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2010-07-24 01:35:26 ----A---- C:\WINDOWS\system32\qmgr.dll
2010-07-24 01:35:26 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2010-07-24 01:35:26 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2010-07-24 01:35:21 ----A---- C:\WINDOWS\system32\safrslv.dll
2010-07-24 01:35:21 ----A---- C:\WINDOWS\system32\safrdm.dll
2010-07-24 01:35:21 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2010-07-24 01:35:20 ----A---- C:\WINDOWS\system32\racpldlg.dll
2010-07-24 01:35:18 ----D---- C:\WINDOWS\system32\Restore
2010-07-24 01:35:18 ----A---- C:\WINDOWS\system32\srsvc.dll
2010-07-24 01:35:18 ----A---- C:\WINDOWS\system32\srrstr.dll
2010-07-24 01:35:18 ----A---- C:\WINDOWS\system32\fltmc.exe
2010-07-24 01:35:18 ----A---- C:\WINDOWS\system32\fltlib.dll
2010-07-24 01:35:18 ----A---- C:\WINDOWS\system32\drivers\fltmgr.sys
2010-07-24 01:35:17 ----A---- C:\WINDOWS\system32\srclient.dll
2010-07-24 01:35:17 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2010-07-24 01:35:17 ----A---- C:\WINDOWS\system32\msconf.dll
2010-07-24 01:35:17 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2010-07-24 01:35:17 ----A---- C:\WINDOWS\system32\mnmdd.dll
2010-07-24 01:35:17 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2010-07-24 01:35:17 ----A---- C:\WINDOWS\system32\ils.dll
2010-07-24 01:35:17 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2010-07-24 01:35:15 ----D---- C:\Program Files\NetMeeting
2010-07-24 01:35:15 ----A---- C:\WINDOWS\system32\msoert2.dll
2010-07-24 01:35:15 ----A---- C:\WINDOWS\system32\msoeacct.dll
2010-07-24 01:35:14 ----A---- C:\WINDOWS\system32\inetres.dll
2010-07-24 01:35:14 ----A---- C:\WINDOWS\system32\inetcomm.dll
2010-07-24 01:35:13 ----D---- C:\Program Files\Outlook Express
2010-07-24 01:35:13 ----A---- C:\WINDOWS\system32\schedsvc.dll
2010-07-24 01:35:12 ----A---- C:\WINDOWS\system32\mstinit.exe
2010-07-24 01:35:12 ----A---- C:\WINDOWS\system32\mstask.dll
2010-07-24 01:35:12 ----A---- C:\WINDOWS\system32\isign32.dll
2010-07-24 01:35:12 ----A---- C:\WINDOWS\system32\inetcfg.dll
2010-07-24 01:35:12 ----A---- C:\WINDOWS\system32\icwphbk.dll
2010-07-24 01:35:12 ----A---- C:\WINDOWS\system32\icwdial.dll
2010-07-24 01:35:08 ----D---- C:\Program Files\Common Files\System
2010-07-24 01:35:04 ----D---- C:\Program Files\Internet Explorer
2010-07-24 01:34:36 ----RSD---- C:\WINDOWS\assembly
2010-07-24 01:34:20 ----D---- C:\Program Files\ComPlus Applications
2010-07-24 01:34:20 ----A---- C:\WINDOWS\vbaddin.ini
2010-07-24 01:34:20 ----A---- C:\WINDOWS\vb.ini
2010-07-24 01:34:19 ----D---- C:\WINDOWS\Registration
2010-07-24 01:34:16 ----D---- C:\Program Files\Online Services
2010-07-24 01:34:07 ----D---- C:\WINDOWS\Microsoft.NET
2010-07-24 01:34:05 ----D---- C:\Program Files\Windows Media Player
2010-07-24 01:33:54 ----D---- C:\Program Files\Windows Plus
2010-07-24 01:33:50 ----N---- C:\WINDOWS\system32\drivers\PxHelp20.sys
2010-07-24 01:33:47 ----A---- C:\WINDOWS\system32\mhn.dll
2010-07-24 01:33:47 ----A---- C:\WINDOWS\system32\igdetect.dll
2010-07-24 01:33:47 ----A---- C:\WINDOWS\system32\drivers\mhndrv.sys
2010-07-24 01:33:45 ----D---- C:\Program Files\Movie Maker
2010-07-24 01:33:04 ----D---- C:\Program Files\Messenger
2010-07-24 01:33:01 ----D---- C:\Program Files\MSN Gaming Zone
2010-07-24 01:33:01 ----A---- C:\WINDOWS\system32\write.exe
2010-07-24 01:32:55 ----A---- C:\WINDOWS\system32\sndvol32.exe
2010-07-24 01:32:55 ----A---- C:\WINDOWS\system32\hticons.dll
2010-07-24 01:32:55 ----A---- C:\WINDOWS\system32\avwav.dll
2010-07-24 01:32:55 ----A---- C:\WINDOWS\system32\avmeter.dll
2010-07-24 01:32:54 ----A---- C:\WINDOWS\system32\winchat.exe
2010-07-24 01:32:54 ----A---- C:\WINDOWS\system32\avtapi.dll
2010-07-24 01:32:50 ----A---- C:\WINDOWS\system32\getuname.dll
2010-07-24 01:32:49 ----A---- C:\WINDOWS\system32\winmine.exe
2010-07-24 01:32:49 ----A---- C:\WINDOWS\system32\sol.exe
2010-07-24 01:32:49 ----A---- C:\WINDOWS\system32\mshearts.exe
2010-07-24 01:32:49 ----A---- C:\WINDOWS\system32\charmap.exe
2010-07-24 01:32:49 ----A---- C:\WINDOWS\system32\calc.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\tslabels.ini
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\tskill.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\tscon.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\shadow.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\rwinsta.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\reset.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\regini.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\qwinsta.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\qappsrv.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\msg.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\freecell.exe
2010-07-24 01:32:47 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2010-07-24 01:32:47 ----A---- C:\WINDOWS\system32\mtxex.dll
2010-07-24 01:32:47 ----A---- C:\WINDOWS\system32\mtxdm.dll
2010-07-24 01:32:47 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2010-07-24 01:32:47 ----A---- C:\WINDOWS\system32\logoff.exe
2010-07-24 01:32:47 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2010-07-24 01:32:47 ----A---- C:\WINDOWS\system32\cdmodem.dll
2010-07-24 01:32:46 ----A---- C:\WINDOWS\system32\stclient.dll
2010-07-24 01:32:46 ----A---- C:\WINDOWS\system32\comsnap.dll
2010-07-24 01:32:46 ----A---- C:\WINDOWS\system32\comrepl.dll
2010-07-24 01:32:46 ----A---- C:\WINDOWS\system32\comaddin.dll
2010-07-24 01:32:43 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2010-07-24 01:32:35 ----D---- C:\Program Files\MSN
2010-07-24 01:32:35 ----A---- C:\WINDOWS\system32\sndrec32.exe
2010-07-24 01:32:35 ----A---- C:\WINDOWS\system32\accwiz.exe
2010-07-24 01:32:34 ----D---- C:\Program Files\Windows NT
2010-07-24 01:32:34 ----A---- C:\WINDOWS\system32\mspaint.exe
2010-07-24 01:32:34 ----A---- C:\WINDOWS\system32\mplay32.exe
2010-07-24 01:32:34 ----A---- C:\WINDOWS\system32\hypertrm.dll
2010-07-24 01:32:34 ----A---- C:\WINDOWS\system32\clipbrd.exe
2010-07-24 01:32:33 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2010-07-24 01:32:33 ----A---- C:\WINDOWS\system32\spider.exe
2010-07-24 01:32:33 ----A---- C:\WINDOWS\system32\remotepg.dll
2010-07-24 01:32:33 ----A---- C:\WINDOWS\system32\rdshost.exe
2010-07-24 01:32:33 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2010-07-24 01:32:33 ----A---- C:\WINDOWS\system32\mstscax.dll
2010-07-24 01:32:33 ----A---- C:\WINDOWS\system32\mstsc.exe
2010-07-24 01:32:33 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2010-07-24 01:32:33 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2010-07-24 01:32:33 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2010-07-24 01:32:32 ----D---- C:\WINDOWS\system32\MsDtc
2010-07-24 01:32:32 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2010-07-24 01:32:32 ----A---- C:\WINDOWS\system32\termsrv.dll
2010-07-24 01:32:32 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-07-24 01:32:32 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2010-07-24 01:32:32 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2010-07-24 01:32:32 ----A---- C:\WINDOWS\system32\rdpclip.exe
2010-07-24 01:32:32 ----A---- C:\WINDOWS\system32\rdchost.dll
2010-07-24 01:32:32 ----A---- C:\WINDOWS\system32\qprocess.exe
2010-07-24 01:32:32 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2010-07-24 01:32:32 ----A---- C:\WINDOWS\system32\icaapi.dll
2010-07-24 01:32:32 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2010-07-24 01:32:31 ----A---- C:\WINDOWS\system32\xolehlp.dll
2010-07-24 01:32:31 ----A---- C:\WINDOWS\system32\mtxoci.dll
2010-07-24 01:32:31 ----A---- C:\WINDOWS\system32\msdtctm.dll
2010-07-24 01:32:31 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2010-07-24 01:32:31 ----A---- C:\WINDOWS\system32\msdtclog.dll
2010-07-24 01:32:31 ----A---- C:\WINDOWS\system32\msdtc.exe
2010-07-24 01:32:30 ----D---- C:\WINDOWS\system32\Com
2010-07-24 01:32:30 ----A---- C:\WINDOWS\system32\comuid.dll
2010-07-24 01:32:30 ----A---- C:\WINDOWS\system32\comsvcs.dll
2010-07-24 01:32:30 ----A---- C:\WINDOWS\system32\colbact.dll
2010-07-24 01:32:30 ----A---- C:\WINDOWS\system32\clbcatex.dll
2010-07-24 01:32:30 ----A---- C:\WINDOWS\system32\catsrvut.dll
2010-07-24 01:32:30 ----A---- C:\WINDOWS\system32\catsrvps.dll
2010-07-24 01:32:30 ----A---- C:\WINDOWS\system32\catsrv.dll
2010-07-24 01:32:29 ----A---- C:\WINDOWS\system32\clbcatq.dll
2010-07-24 01:32:25 ----A---- C:\WINDOWS\system32\servdeps.dll
2010-07-24 01:32:25 ----A---- C:\WINDOWS\system32\mmfutil.dll
2010-07-24 01:32:25 ----A---- C:\WINDOWS\system32\licwmi.dll
2010-07-24 01:32:25 ----A---- C:\WINDOWS\system32\cmprops.dll
2010-07-24 01:32:21 ----A---- C:\WINDOWS\system32\drivers\termdd.sys
2010-07-24 01:32:20 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2010-07-24 01:28:02 ----D---- C:\Program Files\SystemRequirementsLab
2010-07-24 01:25:45 ----D---- C:\Documents and Settings\Phillip\Application Data\Adobe
2010-07-24 01:24:39 ----D---- C:\Documents and Settings\Phillip\Application Data\Macromedia
2010-07-24 01:21:01 ----N---- C:\WINDOWS\system32\msxml3a.dll
2010-07-24 01:20:53 ----D---- C:\Program Files\CyberLink
2010-07-24 01:20:20 ----D---- C:\Program Files\Common Files\Stardock
2010-07-24 01:20:20 ----D---- C:\Program Files\AlienGUIse
2010-07-24 01:20:20 ----A---- C:\WINDOWS\wb.ini
2010-07-24 01:20:20 ----A---- C:\WINDOWS\system32\wbsys.dll
2010-07-24 01:15:28 ----D---- C:\Program Files\AVerMedia
2010-07-24 01:10:30 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-24 01:09:07 ----D---- C:\Program Files\NVIDIA Corporation
2010-07-24 01:08:18 ----A---- C:\WINDOWS\system32\CapabilityTable.exe
2010-07-24 01:08:07 ----N---- C:\WINDOWS\system32\nvuide.exe
2010-07-24 01:05:52 ----RA---- C:\WINDOWS\system32\fdco1ins.dll
2010-07-24 01:05:50 ----D---- C:\WINDOWS\NV3121792.TMP
2010-07-24 01:05:46 ----RA---- C:\WINDOWS\system32\nvusmb.exe
2010-07-24 01:05:11 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2010-07-24 01:05:02 ----D---- C:\Program Files\Common Files\InstallShield
2010-07-24 00:40:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-07-24 00:40:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-07-24 00:36:42 ----D---- C:\WINDOWS\system32\Lang
2010-07-24 00:35:27 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-07-24 00:35:20 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-07-24 00:35:02 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2010-07-24 00:35:02 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2010-07-24 00:35:01 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2010-07-24 00:35:00 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2010-07-24 00:35:00 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2010-07-24 00:34:59 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2010-07-24 00:34:59 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2010-07-24 00:34:58 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2010-07-24 00:34:58 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010-07-24 00:34:57 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2010-07-24 00:34:57 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010-07-24 00:34:33 ----RA---- C:\WINDOWS\RtlUpd.exe
2010-07-24 00:34:33 ----RA---- C:\WINDOWS\ALCMTR.EXE
2010-07-24 00:34:32 ----RA---- C:\WINDOWS\ALCWZRD.EXE
2010-07-24 00:34:32 ----D---- C:\WINDOWS\system32\RTCOM
2010-07-24 00:34:29 ----RA---- C:\WINDOWS\SOUNDMAN.EXE
2010-07-24 00:34:29 ----RA---- C:\WINDOWS\RTLCPL.EXE
2010-07-24 00:34:28 ----RA---- C:\WINDOWS\SkyTel.exe
2010-07-24 00:34:27 ----RA---- C:\WINDOWS\MicCal.exe
2010-07-24 00:34:23 ----RA---- C:\WINDOWS\RTHDCPL.EXE
2010-07-24 00:34:21 ----RA---- C:\WINDOWS\system32\drivers\RtkHDAud.sys
2010-07-24 00:34:20 ----A---- C:\WINDOWS\system32\ksuser.dll
2010-07-24 00:34:20 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2010-07-24 00:34:19 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2010-07-24 00:31:35 ----D---- C:\WINDOWS\Prefetch
2010-07-24 00:30:29 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-07-24 00:30:25 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-07-24 00:30:20 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-07-24 00:30:16 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-07-24 00:30:13 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-07-24 00:30:10 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-07-24 00:30:07 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-07-24 00:30:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-07-24 00:30:00 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-07-24 00:29:57 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-07-24 00:29:54 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-07-24 00:29:50 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-07-24 00:29:46 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-07-24 00:29:43 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-07-24 00:29:40 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-07-24 00:29:36 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-07-24 00:29:33 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-07-24 00:29:29 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-07-24 00:29:26 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-07-24 00:29:23 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-07-24 00:29:20 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-07-24 00:29:17 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-07-24 00:29:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-07-24 00:29:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-07-24 00:29:05 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-07-24 00:29:02 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-07-24 00:28:59 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-07-24 00:28:55 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-07-24 00:28:52 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-07-24 00:28:49 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-07-24 00:28:46 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-07-24 00:28:42 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-07-24 00:28:37 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-07-24 00:28:33 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-07-24 00:28:30 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-07-24 00:28:26 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-07-24 00:28:23 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-07-24 00:28:20 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-07-24 00:28:17 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-07-24 00:28:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-07-24 00:28:10 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-07-24 00:28:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-07-24 00:28:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-07-24 00:27:57 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-07-24 00:27:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2010-07-24 00:27:51 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-07-24 00:27:47 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-07-24 00:27:44 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-07-24 00:27:40 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-07-24 00:27:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-07-24 00:27:33 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-07-24 00:27:30 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-07-24 00:27:27 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-07-24 00:27:23 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-07-24 00:27:19 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-07-24 00:27:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-07-24 00:24:15 ----D---- C:\WINDOWS\system32\scripting
2010-07-24 00:24:15 ----D---- C:\WINDOWS\system32\en
2010-07-24 00:24:15 ----D---- C:\WINDOWS\system32\bits
2010-07-24 00:24:15 ----D---- C:\WINDOWS\l2schemas
2010-07-24 00:22:31 ----D---- C:\WINDOWS\network diagnostic
2010-07-24 00:20:52 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-07-24 00:18:46 ----N---- C:\WINDOWS\system32\wmphoto.dll
2010-07-24 00:18:45 ----N---- C:\WINDOWS\system32\wlanapi.dll
2010-07-24 00:18:44 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2010-07-24 00:18:44 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2010-07-24 00:18:43 ----N---- C:\WINDOWS\system32\verclsid.exe
2010-07-24 00:18:43 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2010-07-24 00:18:43 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2010-07-24 00:18:43 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2010-07-24 00:18:43 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2010-07-24 00:18:43 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2010-07-24 00:18:43 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2010-07-24 00:18:43 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2010-07-24 00:18:43 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2010-07-24 00:18:42 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2010-07-24 00:18:42 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2010-07-24 00:18:41 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2010-07-24 00:18:40 ----N---- C:\WINDOWS\system32\tspkg.dll
2010-07-24 00:18:40 ----N---- C:\WINDOWS\system32\tsgqec.dll
2010-07-24 00:18:40 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2010-07-24 00:18:36 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2010-07-24 00:18:35 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2010-07-24 00:18:35 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2010-07-24 00:18:35 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2010-07-24 00:18:34 ----N---- C:\WINDOWS\system32\slserv.exe
2010-07-24 00:18:34 ----N---- C:\WINDOWS\system32\slrundll.exe
2010-07-24 00:18:34 ----N---- C:\WINDOWS\system32\slgen.dll
2010-07-24 00:18:34 ----N---- C:\WINDOWS\system32\slextspk.dll
2010-07-24 00:18:34 ----N---- C:\WINDOWS\system32\slcoinst.dll
2010-07-24 00:18:34 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2010-07-24 00:18:34 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2010-07-24 00:18:34 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2010-07-24 00:18:34 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2010-07-24 00:18:34 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2010-07-24 00:18:34 ----N---- C:\WINDOWS\slrundll.exe
2010-07-24 00:18:33 ----N---- C:\WINDOWS\system32\setupn.exe
2010-07-24 00:18:33 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2010-07-24 00:18:32 ----N---- C:\WINDOWS\system32\s3gnb.dll
2010-07-24 00:18:32 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2010-07-24 00:18:31 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2010-07-24 00:18:31 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2010-07-24 00:18:31 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2010-07-24 00:18:30 ----N---- C:\WINDOWS\system32\rasqec.dll
2010-07-24 00:18:30 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2010-07-24 00:18:29 ----N---- C:\WINDOWS\system32\qutil.dll
2010-07-24 00:18:29 ----N---- C:\WINDOWS\system32\qcliprov.dll
2010-07-24 00:18:29 ----N---- C:\WINDOWS\system32\qagentrt.dll
2010-07-24 00:18:29 ----N---- C:\WINDOWS\system32\qagent.dll
2010-07-24 00:18:28 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2010-07-24 00:18:26 ----N---- C:\WINDOWS\system32\onex.dll
2010-07-24 00:18:25 ----A---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2010-07-24 00:18:24 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2010-07-24 00:18:24 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2010-07-24 00:18:21 ----N---- C:\WINDOWS\system32\napstat.exe
2010-07-24 00:18:21 ----N---- C:\WINDOWS\system32\napmontr.dll
2010-07-24 00:18:21 ----N---- C:\WINDOWS\system32\napipsec.dll
2010-07-24 00:18:20 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2010-07-24 00:18:20 ----N---- C:\WINDOWS\system32\msxml6r.dll
2010-07-24 00:18:20 ----N---- C:\WINDOWS\system32\msxml6.dll
2010-07-24 00:18:20 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2010-07-24 00:18:20 ----N---- C:\WINDOWS\system32\mssha.dll
2010-07-24 00:18:20 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2010-07-24 00:18:20 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2010-07-24 00:18:20 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2010-07-24 00:18:20 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2010-07-24 00:18:11 ----N---- C:\WINDOWS\system32\mmcperf.exe
2010-07-24 00:18:11 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2010-07-24 00:18:11 ----N---- C:\WINDOWS\system32\mmcex.dll
2010-07-24 00:18:11 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2010-07-24 00:18:10 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2010-07-24 00:18:10 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2010-07-24 00:18:05 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2010-07-24 00:18:05 ----N---- C:\WINDOWS\system32\kmsvc.dll
2010-07-24 00:18:05 ----N---- C:\WINDOWS\system32\kbdpash.dll
2010-07-24 00:18:05 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2010-07-24 00:18:05 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2010-07-24 00:18:05 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2010-07-24 00:18:01 ----N---- C:\WINDOWS\system32\smtpapi.dll
2010-07-24 00:18:01 ----N---- C:\WINDOWS\system32\rwnh.dll
2010-07-24 00:17:59 ----N---- C:\WINDOWS\system32\comsdupd.exe
2010-07-24 00:17:58 ----N---- C:\WINDOWS\system32\ieencode.dll
2010-07-24 00:17:57 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2010-07-24 00:17:57 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2010-07-24 00:17:57 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2010-07-24 00:17:57 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2010-07-24 00:17:57 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2010-07-24 00:17:57 ----N---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2010-07-24 00:17:57 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2010-07-24 00:17:56 ----N---- C:\WINDOWS\system32\faxpatch.exe
2010-07-24 00:17:56 ----A---- C:\WINDOWS\003012_.tmp
2010-07-24 00:17:55 ----N---- C:\WINDOWS\system32\eapsvc.dll
2010-07-24 00:17:55 ----N---- C:\WINDOWS\system32\eapqec.dll
2010-07-24 00:17:55 ----N---- C:\WINDOWS\system32\eappprxy.dll
2010-07-24 00:17:55 ----N---- C:\WINDOWS\system32\eapphost.dll
2010-07-24 00:17:55 ----N---- C:\WINDOWS\system32\eappgnui.dll
2010-07-24 00:17:55 ----N---- C:\WINDOWS\system32\eappcfg.dll
2010-07-24 00:17:55 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2010-07-24 00:17:55 ----N---- C:\WINDOWS\system32\eapolqec.dll
2010-07-24 00:17:54 ----N---- C:\WINDOWS\system32\dot3ui.dll
2010-07-24 00:17:54 ----N---- C:\WINDOWS\system32\dot3svc.dll
2010-07-24 00:17:54 ----N---- C:\WINDOWS\system32\dot3msm.dll
2010-07-24 00:17:54 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2010-07-24 00:17:54 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2010-07-24 00:17:54 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2010-07-24 00:17:54 ----N---- C:\WINDOWS\system32\dot3api.dll
2010-07-24 00:17:54 ----N---- C:\WINDOWS\system32\dimsroam.dll
2010-07-24 00:17:54 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2010-07-24 00:17:53 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2010-07-24 00:17:53 ----N---- C:\WINDOWS\system32\credssp.dll
2010-07-24 00:17:51 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2010-07-24 00:17:51 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2010-07-24 00:17:51 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2010-07-24 00:17:51 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2010-07-24 00:17:51 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2010-07-24 00:17:51 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2010-07-24 00:17:51 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2010-07-24 00:17:51 ----N---- C:\WINDOWS\system32\azroles.dll
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\ati3duag.dll
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2010-07-24 00:17:48 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2010-07-24 00:17:48 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2010-07-24 00:17:48 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2010-07-24 00:17:48 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2010-07-24 00:17:48 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2010-07-24 00:17:48 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2010-07-24 00:17:48 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2010-07-24 00:17:48 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2010-07-24 00:17:48 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2010-07-24 00:17:48 ----N---- C:\WINDOWS\system32\aaclient.dll
2010-07-24 00:11:38 ----D---- C:\WINDOWS\ie8updates
2010-07-24 00:11:25 ----D---- C:\WINDOWS\WBEM
2010-07-24 00:11:14 ----HDC---- C:\WINDOWS\ie8
2010-07-24 00:11:14 ----D---- C:\WINDOWS\system32\en-US
2010-07-24 00:10:05 ----HDC---- C:\WINDOWS\$NtUninstallKB908250$
2010-07-24 00:05:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593_0$
2010-07-24 00:04:59 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$
2010-07-24 00:04:53 ----HDC---- C:\WINDOWS\$NtUninstallKB979559_0$
2010-07-24 00:04:49 ----HDC---- C:\WINDOWS\$NtUninstallKB979904$
2010-07-24 00:04:42 ----HDC---- C:\WINDOWS\$NtUninstallKB975562_0$
2010-07-24 00:04:39 ----HDC---- C:\WINDOWS\$NtUninstallKB979482_0$
2010-07-24 00:04:35 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-07-24 00:04:32 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-07-24 00:04:30 ----HDC---- C:\WINDOWS\$NtUninstallKB980218_0$
2010-07-24 00:04:26 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-07-24 00:04:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978542_0$
2010-07-24 00:04:20 ----HDC---- C:\WINDOWS\$NtUninstallKB978601_0$
2010-07-24 00:04:13 ----HDC---- C:\WINDOWS\$NtUninstallKB979683_0$
2010-07-24 00:04:09 ----HDC---- C:\WINDOWS\$NtUninstallKB978338_0$
2010-07-24 00:04:05 ----HDC---- C:\WINDOWS\$NtUninstallKB979309_0$
2010-07-24 00:04:02 ----HDC---- C:\WINDOWS\$NtUninstallKB981350$
2010-07-24 00:03:58 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-07-24 00:03:55 ----HDC---- C:\WINDOWS\$NtUninstallKB980232_0$
2010-07-24 00:03:51 ----HDC---- C:\WINDOWS\$NtUninstallKB975561_0$
2010-07-24 00:03:47 ----HDC---- C:\WINDOWS\$NtUninstallKB978706_0$
2010-07-24 00:03:44 ----HDC---- C:\WINDOWS\$NtUninstallKB971468_0$
2010-07-24 00:03:40 ----HDC---- C:\WINDOWS\$NtUninstallKB977914_0$
2010-07-24 00:03:36 ----HDC---- C:\WINDOWS\$NtUninstallKB975560_0$
2010-07-24 00:03:32 ----HDC---- C:\WINDOWS\$NtUninstallKB978037_0$
2010-07-24 00:03:28 ----HDC---- C:\WINDOWS\$NtUninstallKB975713_0$
2010-07-24 00:03:25 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$
2010-07-24 00:03:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-07-24 00:03:17 ----HDC---- C:\WINDOWS\$NtUninstallKB955759_0$
2010-07-24 00:03:13 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$
2010-07-24 00:03:10 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$
2010-07-24 00:03:06 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-07-24 00:03:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$
2010-07-24 00:02:59 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$
2010-07-24 00:02:54 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2010-07-24 00:02:50 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$
2010-07-24 00:02:48 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-07-24 00:02:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$
2010-07-24 00:02:41 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$
2010-07-24 00:02:36 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$
2010-07-24 00:02:33 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-07-24 00:02:27 ----HDC---- C:\WINDOWS\$NtUninstallKB953295$
2010-07-24 00:02:20 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-07-24 00:02:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$
2010-07-24 00:02:12 ----HDC---- C:\WINDOWS\$NtUninstallKB973768$
2010-07-24 00:02:02 ----A---- C:\WINDOWS\system32\MRT.exe
2010-07-24 00:01:55 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
2010-07-23 23:57:17 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$
2010-07-23 23:57:11 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$
2010-07-23 23:57:06 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$
2010-07-23 23:56:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$
2010-07-23 23:56:46 ----D---- C:\WINDOWS\ServicePackFiles
2010-07-23 23:56:44 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2010-07-23 23:56:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$
2010-07-23 23:56:33 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2010-07-23 23:56:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2010-07-23 23:56:18 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$
2010-07-23 23:56:12 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$
2010-07-23 23:56:06 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$
2010-07-23 23:56:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$
2010-07-23 23:55:53 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$
2010-07-23 23:55:34 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$
2010-07-23 23:55:25 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2010-07-23 23:55:10 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$
2010-07-23 23:55:05 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$
2010-07-23 23:55:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2010-07-23 23:54:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2010-07-23 23:54:48 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2010-07-23 23:54:43 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2010-07-23 23:54:39 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2010-07-23 23:54:33 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2010-07-23 23:54:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2010-07-23 23:54:25 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2010-07-23 23:54:19 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2010-07-23 23:54:12 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2010-07-23 23:54:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2010-07-23 23:54:03 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2010-07-23 23:53:59 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-07-23 23:53:51 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-07-23 23:53:28 ----HDC---- C:\WINDOWS\$NtUninstallKB913800$
2010-07-23 23:46:41 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-07-23 23:43:20 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2010-07-23 23:42:15 ----N---- C:\WINDOWS\system32\xpsp4res.dll
2010-07-23 23:42:00 ----N---- C:\WINDOWS\kb913800.exe
2010-07-23 23:38:54 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2010-07-23 23:36:52 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-07-23 23:31:27 ----D---- C:\WINDOWS\RegisteredPackages
2010-07-23 23:30:57 ----HDC---- C:\WINDOWS\$NtUninstallKB900325$
2010-07-23 23:30:42 ----HDC---- C:\WINDOWS\$NtUninstallKB902841$
2010-07-23 23:30:26 ----HDC---- C:\WINDOWS\$NtUninstallKB899510$
2010-07-23 23:30:19 ----HDC---- C:\WINDOWS\$NtUninstallKB899337$
2010-07-23 23:30:13 ----HDC---- C:\WINDOWS\$NtUninstallKB895961$
2010-07-23 23:30:06 ----HDC---- C:\WINDOWS\$NtUninstallKB891593$
2010-07-23 23:29:55 ----HDC---- C:\WINDOWS\$NtUninstallKB903157$
2010-07-23 23:28:07 ----D---- C:\WINDOWS\system32\URTTemp
2010-07-23 23:25:23 ----D---- C:\WINDOWS\system32\PreInstall
2010-07-23 23:25:21 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-07-23 23:25:12 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2010-07-23 23:25:12 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2010-07-23 23:25:06 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2010-07-23 23:23:45 ----HD---- C:\WINDOWS\$hf_mig$
2010-07-23 23:23:36 ----D---- C:\Documents and Settings\Phillip\Application Data\Identities
2010-07-23 23:23:34 ----HD---- C:\Program Files\Uninstall Information
2010-07-23 23:23:20 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-07-23 23:23:20 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-07-23 23:23:14 ----D---- C:\Program Files\Adobe
2010-07-23 23:23:11 ----SD---- C:\Documents and Settings\Phillip\Application Data\Microsoft
2010-07-23 23:23:11 ----ASH---- C:\Documents and Settings\Phillip\Application Data\desktop.ini
2010-07-23 18:32:10 ----A---- C:\WINDOWS\system32\h323log.txt
2010-07-23 18:31:04 ----A---- C:\WINDOWS\system32\drivers\audstub.sys
2010-07-23 18:30:58 ----A---- C:\WINDOWS\system32\hidserv.dll
2010-07-23 18:30:32 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2010-07-23 18:30:22 ----A---- C:\WINDOWS\system32\drivers\enum1394.sys
2010-07-23 18:30:01 ----A---- C:\WINDOWS\system32\usbui.dll
2010-07-23 18:29:53 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-07-23 18:29:52 ----A---- C:\WINDOWS\system32\nvunrm.exe
2010-07-23 18:29:52 ----A---- C:\WINDOWS\system32\drivers\nvtcp.sys
2010-07-23 18:24:33 ----A---- C:\WINDOWS\imsins.BAK
2010-07-23 18:24:31 ----SHD---- C:\WINDOWS\Installer
2010-07-23 18:24:31 ----D---- C:\Program Files\Common Files\ODBC
2010-07-23 18:24:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-23 18:24:31 ----A---- C:\WINDOWS\ODBCINST.INI
2010-07-23 18:24:29 ----D---- C:\Program Files\Common Files\SpeechEngines
2010-07-23 18:24:28 ----RD---- C:\Program Files
2010-07-23 18:24:28 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-07-23 18:24:28 ----D---- C:\Program Files\Common Files
2010-07-23 18:24:27 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2010-07-23 18:24:27 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2010-07-23 18:24:27 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbdur.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbdru.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2010-07-23 18:24:24 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2010-07-23 18:24:24 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2010-07-23 18:24:24 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2010-07-23 18:24:24 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2010-07-23 18:24:24 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2010-07-23 18:24:24 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2010-07-23 18:24:24 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2010-07-23 18:24:23 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2010-07-23 18:24:23 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2010-07-23 18:24:23 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2010-07-23 18:24:23 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2010-07-23 18:24:23 ----RA---- C:\WINDOWS\system32\kbdest.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdro.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2010-07-23 18:24:20 ----A---- C:\WINDOWS\system32\irclass.dll
2010-07-23 18:24:20 ----A---- C:\WINDOWS\system32\dgsetup.dll
2010-07-23 18:24:20 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2010-07-23 18:24:19 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-07-23 18:24:19 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2010-07-23 18:24:18 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2010-07-23 18:24:18 ----A---- C:\WINDOWS\TASKMAN.EXE
2010-07-23 18:24:18 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2010-07-23 18:24:17 ----A---- C:\WINDOWS\system32\storprop.dll
2010-07-23 18:24:17 ----A---- C:\WINDOWS\system32\batt.dll
2010-07-23 18:24:17 ----A---- C:\WINDOWS\notepad.exe
2010-07-23 18:24:14 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2010-07-23 18:24:12 ----RA---- C:\WINDOWS\SET8.tmp
2010-07-23 18:24:10 ----RA---- C:\WINDOWS\SET4.tmp
2010-07-23 18:24:10 ----RA---- C:\WINDOWS\SET3.tmp
2010-07-23 18:24:06 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-23 18:24:06 ----D---- C:\WINDOWS\system32\CatRoot
2010-07-23 18:24:01 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-07-23 18:23:49 ----A---- C:\WINDOWS\setuplog.txt
2010-07-23 18:23:42 ----SHD---- C:\System Volume Information
2010-07-23 18:23:42 ----D---- C:\Documents and Settings
2010-07-23 18:22:53 ----SH---- C:\boot.ini
2010-07-23 18:21:41 ----D---- C:\ALIENWARE
2010-07-23 18:21:39 ----D---- C:\WINDOWS\OEMDRVRS
2010-07-23 18:16:59 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-23 18:16:59 ----RSD---- C:\WINDOWS\Fonts
2010-07-23 18:16:59 ----RD---- C:\WINDOWS\Web
2010-07-23 18:16:59 ----HD---- C:\WINDOWS\inf
2010-07-23 18:16:59 ----D---- C:\WINDOWS\WinSxS
2010-07-23 18:16:59 ----D---- C:\WINDOWS\twain_32
2010-07-23 18:16:59 ----D---- C:\WINDOWS\Temp
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\wins
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\wbem
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\usmt
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\spool
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\ShellExt
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\Setup
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\ras
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\oobe
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\npp
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\mui
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\inetsrv
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\IME
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\icsxml
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\ias
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\export
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\drivers\etc
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\drivers\disdn
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\drivers
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\dhcp
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\config
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\3com_dmi
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\3076
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\2052
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\1054
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\1042
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\1041
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\1037
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\1033
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\1031
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\1028
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\1025
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system
2010-07-23 18:16:59 ----D---- C:\WINDOWS\security
2010-07-23 18:16:59 ----D---- C:\WINDOWS\Resources
2010-07-23 18:16:59 ----D---- C:\WINDOWS\repair
2010-07-23 18:16:59 ----D---- C:\WINDOWS\Provisioning
2010-07-23 18:16:59 ----D---- C:\WINDOWS\PeerNet
2010-07-23 18:16:59 ----D---- C:\WINDOWS\pchealth
2010-07-23 18:16:59 ----D---- C:\WINDOWS\mui
2010-07-23 18:16:59 ----D---- C:\WINDOWS\msapps
2010-07-23 18:16:59 ----D---- C:\WINDOWS\msagent
2010-07-23 18:16:59 ----D---- C:\WINDOWS\Media
2010-07-23 18:16:59 ----D---- C:\WINDOWS\java
2010-07-23 18:16:59 ----D---- C:\WINDOWS\ime
2010-07-23 18:16:59 ----D---- C:\WINDOWS\Help
2010-07-23 18:16:59 ----D---- C:\WINDOWS\ehome
2010-07-23 18:16:59 ----D---- C:\WINDOWS\Driver Cache
2010-07-23 18:16:59 ----D---- C:\WINDOWS\Debug
2010-07-23 18:16:59 ----D---- C:\WINDOWS\Cursors
2010-07-23 18:16:59 ----D---- C:\WINDOWS\Connection Wizard
2010-07-23 18:16:59 ----D---- C:\WINDOWS\Config
2010-07-23 18:16:59 ----D---- C:\WINDOWS\AppPatch
2010-07-23 18:16:59 ----D---- C:\WINDOWS\addins
2010-07-23 18:16:59 ----D---- C:\WINDOWS
2010-07-23 18:16:59 ----ASH---- C:\pagefile.sys

======List of files/folders modified in the last 1 months======

2010-07-27 02:30:35 ----A---- C:\WINDOWS\system32\shell32.dll
2010-07-25 18:39:27 ----A---- C:\WINDOWS\win.ini
2010-07-24 17:46:21 ----A---- C:\WINDOWS\system32\msvcr71.dll
2010-07-24 17:46:21 ----A---- C:\WINDOWS\system32\msvcp71.dll
2010-07-24 01:36:52 ----ASH---- C:\WINDOWS\fonts\desktop.ini
2010-07-23 18:24:28 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-09-21 105344]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\drivers\nvatabus.sys [2006-09-21 105344]
R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-06-09 45648]
R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\NAV\1107000.00C\SYMDS.SYS [2010-02-03 328752]
R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\NAV\1107000.00C\SYMEFA.SYS [2010-04-21 173104]
R1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.6.0.32\Definitions\BASHDefs\20100810.004\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\NAV\1107000.00C\ccHPx86.sys [2010-02-25 501888]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NAV\1107000.00C\SRTSPX.SYS [2010-04-21 43696]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NAV\1107000.00C\Ironx86.SYS [2010-04-29 116784]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NAV\1107000.00C\SYMTDI.SYS [2010-05-06 361904]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.6.0.32\Definitions\IPSDefs\20100820.001\IDSxpx86.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-09-12 4381184]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2005-12-28 12160]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.6.0.32\Definitions\VirusDefs\20100821.004\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.6.0.32\Definitions\VirusDefs\20100821.004\NAVEX15.SYS []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-03 10232128]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-08-07 52736]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2010-01-28 58600]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-08-07 18944]
R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NAV\1107000.00C\SRTSP.SYS [2010-04-21 325680]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S2 BrPar;BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [2000-07-23 19537]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-04-19 41984]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2005-12-28 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 CarboniteService;CarboniteService; C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe [2010-06-28 2977936]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-06-20 49152]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 NAV;Norton AntiVirus; C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe [2010-02-25 126392]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2005-08-08 167936]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-07-21 540968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-07-04 208896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------


#4 Requiem7

Requiem7
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 22 August 2010 - 09:51 AM

Hi,
I have a question? Do I need to run the DDS and GMER programs again and post those logs as well?

#5 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:01:01 AM

Posted 22 August 2010 - 03:13 PM

Step 1

Often redirection is caused by a DNS and Hosts file hijack. Flush and restore both.

Clean Hosts File
    * Access folder C:\WINDOWS\SYSTEM32\DRIVERS\ETC in Explorer.
  1. Open file HOSTS in Notepad . Before making changes, do a Save As and save a backup of this file as HOSTS.BAK .
  2. Reopen the HOSTS file.
  3. Delete all entries in this file except for the following and any other entries you are sure have legitimate uses:

    127.0.0.1 localhost
  4. Save the file.
Note: If you use customized Hosts Files such as the mvps hosts file, you will need to download and install it again. Make sure you read the instructions on how to install the hosts file. There is a good tutorial HERE.

Step 2

Flush DNS:
  1. Open up a command prompt Start > Run > "cmd.exe" > OK.
  2. Type in the command ipconfig /flushdns.
Step 3

Prior to using this program, please back up your data:

There are several free Backup Programs. Please decide for yourself which one meets your needs. Use at your own risk. You can check out other BackUp Programs at the sites below:Step 4

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.4.0.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.
Please post a new HijackThis log.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.

#6 Requiem7

Requiem7
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 22 August 2010 - 03:47 PM

Hi,
No malicious objects were founded. But my as I'm typing ithis there seems to be a dely of the wordsappearing on the screen. I keep getting a hourglass.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Phillip at 2010-08-22 16:42:11
Microsoft Windows XP Professional Service Pack 3
System drive C: has 152 GB (64%) free of 238 GB
Total RAM: 2558 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:42:16 PM, on 8/22/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Phillip\Desktop\RSIT.exe
C:\Program Files\trend micro\Phillip.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alienware.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\IPSBHO.DLL
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.alienware.com
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo...sreqlab_nvd.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1279942477296
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CarboniteService - Carbonite, Inc. (www.carbonite.com) - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

--
End of file - 6925 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-790525478-2147084891-725345543-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-790525478-2147084891-725345543-1003.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{24318EB0-DE71-4570-9221-E37B2E3669EE}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-07-24 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\IPSBHO.DLL [2010-05-13 79224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-09-12 16264192]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-05-18 49152]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-19 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-07-24 202256]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-18 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-07-21 141608]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-06-02 1144104]
"NWEReboot"= []
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"nwiz"=nwiz.exe /installquiet []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
"Carbonite Backup"=C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe [2010-06-28 900240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="wbsys.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\AlienGUIse\fastload.dll [2001-12-20 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\GrabIt\GrabIt.exe"="C:\Program Files\GrabIt\GrabIt.exe:*:Enabled:GrabIt"
"C:\Program Files\City of Heroes\cohupdater.exe"="C:\Program Files\City of Heroes\cohupdater.exe:*:Enabled:City of Heroes"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-08-22 16:37:59 ----A---- C:\TDSSKiller.2.4.1.2_22.08.2010_16.37.59_log.txt
2010-08-21 15:23:58 ----D---- C:\rsit
2010-08-21 15:23:58 ----D---- C:\Program Files\trend micro
2010-08-13 06:30:55 ----ASH---- C:\hiberfil.sys
2010-08-12 21:03:19 ----D---- C:\WINDOWS\CSC
2010-08-12 20:07:39 ----D---- C:\Documents and Settings\Phillip\Application Data\Tific
2010-08-11 17:18:09 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-11 17:18:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-08-11 17:17:53 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-08-11 17:17:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-08-11 17:09:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-08-11 17:09:16 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-08-11 17:06:32 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-08-11 17:05:50 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-08-11 17:02:06 ----D---- C:\Documents and Settings\Phillip\Application Data\Funambol
2010-08-11 17:01:57 ----D---- C:\Program Files\Funambol
2010-08-06 19:58:14 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-08-06 09:22:06 ----D---- C:\WINDOWS\system32\XPSViewer
2010-08-06 09:21:46 ----D---- C:\Program Files\Reference Assemblies
2010-08-06 09:20:57 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-08-06 09:20:57 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-08-06 09:20:57 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-08-06 09:20:57 ----D---- C:\9e0a2a7f5ad286e126854939ccc9a5
2010-08-02 21:54:31 ----D---- C:\Program Files\Carbonite
2010-08-02 21:54:31 ----D---- C:\Documents and Settings\All Users\Application Data\Carbonite
2010-08-02 21:32:42 ----A---- C:\WINDOWS\system32\nvhdap32.dll
2010-08-02 21:32:42 ----A---- C:\WINDOWS\system32\nvcohda.dll
2010-08-02 21:32:42 ----A---- C:\WINDOWS\system32\drivers\nvhda32.sys
2010-08-02 21:29:44 ----D---- C:\WINDOWS\DEA314C409294250BC9298E4C105F28D.TMP
2010-08-02 21:13:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-08-02 21:11:00 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-08-01 10:30:22 ----D---- C:\Program Files\CohBeta
2010-07-31 17:59:17 ----D---- C:\Program Files\KaraFun
2010-07-31 17:59:17 ----D---- C:\Documents and Settings\All Users\Application Data\Recisio
2010-07-31 14:54:33 ----D---- C:\Program Files\Common Files\eSellerate
2010-07-31 14:54:33 ----D---- C:\Documents and Settings\Phillip\Application Data\kJams Plugins
2010-07-31 14:54:32 ----D---- C:\Documents and Settings\Phillip\Application Data\Preferences
2010-07-31 14:54:32 ----D---- C:\Documents and Settings\Phillip\Application Data\kJams Logs
2010-07-31 14:47:38 ----D---- C:\Program Files\kJamsLiteWin
2010-07-31 13:41:32 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2010-07-31 13:38:54 ----D---- C:\Documents and Settings\Phillip\Application Data\Windows Desktop Search
2010-07-31 13:38:15 ----D---- C:\WINDOWS\system32\GroupPolicy
2010-07-31 13:38:15 ----D---- C:\Program Files\Windows Desktop Search
2010-07-31 13:38:01 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2010-07-31 13:37:42 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2010-07-31 09:14:27 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2010-07-31 09:14:27 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2010-07-31 09:14:26 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2010-07-31 09:14:26 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2010-07-31 09:14:25 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2010-07-31 09:14:25 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2010-07-31 09:14:25 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2010-07-31 09:14:24 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2010-07-31 09:14:23 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2010-07-31 09:14:23 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2010-07-31 09:14:21 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2010-07-31 09:14:16 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2010-07-31 09:12:49 ----HD---- C:\WINDOWS\msdownld.tmp
2010-07-27 01:16:47 ----D---- C:\Restored from Carbonite
2010-07-26 18:08:52 ----A---- C:\WINDOWS\system32\ptpusb.dll
2010-07-26 18:08:52 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2010-07-26 18:08:51 ----A---- C:\WINDOWS\system32\ptpusd.dll
2010-07-26 16:56:30 ----D---- C:\WINDOWS\Minidump
2010-07-25 20:19:48 ----A---- C:\WINDOWS\ntbtlog.txt
2010-07-25 20:05:51 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2010-07-25 20:05:48 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-07-25 20:05:36 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2010-07-25 19:40:31 ----D---- C:\Documents and Settings\Phillip\Application Data\CyberLink
2010-07-25 19:03:45 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-07-25 18:39:49 ----D---- C:\Program Files\Microsoft Silverlight
2010-07-25 18:39:37 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-07-25 18:39:36 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2010-07-25 18:39:21 ----D---- C:\Program Files\Windows Media Connect 2
2010-07-25 18:39:13 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2010-07-25 18:38:37 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2010-07-25 18:38:20 ----D---- C:\WINDOWS\system32\LogFiles
2010-07-25 18:38:20 ----D---- C:\WINDOWS\system32\drivers\UMDF
2010-07-25 18:38:18 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2010-07-25 18:37:15 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$
2010-07-25 17:28:23 ----D---- C:\Program Files\Common Files\LightScribe
2010-07-25 17:26:42 ----D---- C:\Documents and Settings\Phillip\Application Data\Ahead
2010-07-25 17:24:17 ----D---- C:\Program Files\Nero
2010-07-25 17:24:17 ----D---- C:\Program Files\Common Files\Ahead
2010-07-25 17:12:53 ----D---- C:\Documents and Settings\Phillip\Application Data\DivX
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\vxblock.dll
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\pxwave.dll
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\pxsfs.dll
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\pxmas.dll
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\pxdrv.dll
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\pxafs.dll
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\px.dll
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\drivers\cdralw2k.sys
2010-07-25 17:12:29 ----N---- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2010-07-25 17:12:06 ----D---- C:\Program Files\Common Files\DivX Shared
2010-07-25 17:10:06 ----D---- C:\Program Files\DivX
2010-07-25 17:09:47 ----D---- C:\Documents and Settings\All Users\Application Data\DivX
2010-07-25 17:06:47 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2010-07-24 18:46:02 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2010-07-24 18:46:02 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2010-07-24 18:46:01 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2010-07-24 18:46:01 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2010-07-24 18:46:01 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2010-07-24 18:46:01 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2010-07-24 18:46:00 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-07-24 18:46:00 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2010-07-24 18:46:00 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2010-07-24 18:46:00 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2010-07-24 18:45:59 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2010-07-24 18:45:59 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2010-07-24 18:45:59 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2010-07-24 18:45:58 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2010-07-24 18:45:57 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2010-07-24 18:45:57 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2010-07-24 18:45:56 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2010-07-24 18:45:55 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2010-07-24 18:45:55 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2010-07-24 18:45:55 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2010-07-24 18:45:55 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2010-07-24 18:45:54 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-07-24 18:45:54 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-07-24 18:45:53 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-07-24 18:45:53 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-07-24 18:45:53 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-07-24 18:45:53 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-07-24 18:45:52 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-07-24 18:45:52 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-07-24 18:45:52 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-07-24 18:45:52 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-07-24 18:45:52 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-07-24 18:45:51 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-07-24 18:45:51 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-07-24 18:45:51 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-07-24 18:45:50 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-07-24 18:45:50 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-07-24 18:45:50 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-07-24 18:45:50 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-07-24 18:45:49 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-07-24 18:45:49 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-07-24 18:45:48 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-07-24 18:45:48 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-07-24 18:45:48 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-07-24 18:45:47 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-07-24 18:45:47 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-07-24 18:45:47 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-07-24 18:45:46 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-07-24 18:45:46 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-07-24 18:45:46 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-07-24 18:45:46 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-07-24 18:45:46 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-07-24 18:45:45 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-07-24 18:45:44 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2010-07-24 18:45:43 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-07-24 18:45:42 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-07-24 18:45:42 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-07-24 18:45:40 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-07-24 18:45:39 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-07-24 18:45:39 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-07-24 18:45:38 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-07-24 18:45:38 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-07-24 18:45:38 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-07-24 18:45:38 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-07-24 18:45:37 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-07-24 18:45:37 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-07-24 18:45:37 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-07-24 18:45:36 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-07-24 18:45:36 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-07-24 18:45:31 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-07-24 18:45:31 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-07-24 18:45:31 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2010-07-24 18:45:31 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-07-24 18:45:30 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-07-24 18:45:30 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2010-07-24 18:45:29 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-07-24 18:45:29 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-07-24 18:45:28 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-07-24 18:45:27 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-07-24 18:40:27 ----D---- C:\WINDOWS\Logs
2010-07-24 18:40:04 ----D---- C:\Program Files\Cryptic Studios
2010-07-24 18:07:15 ----D---- C:\Documents and Settings\Phillip\Application Data\Apple Computer
2010-07-24 18:06:55 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2010-07-24 18:06:55 ----A---- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
2010-07-24 18:06:26 ----D---- C:\Program Files\iPod
2010-07-24 18:06:22 ----D---- C:\Program Files\iTunes
2010-07-24 18:06:22 ----D---- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-07-24 18:05:28 ----D---- C:\Program Files\QuickTime
2010-07-24 18:05:27 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2010-07-24 18:05:16 ----D---- C:\Program Files\Apple Software Update
2010-07-24 18:05:10 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-07-24 18:05:10 ----A---- C:\WINDOWS\system32\usbaaplrc.dll
2010-07-24 18:05:10 ----A---- C:\WINDOWS\system32\drivers\usbaapl.sys
2010-07-24 18:04:53 ----D---- C:\Program Files\Bonjour
2010-07-24 18:04:43 ----D---- C:\Program Files\Common Files\Apple
2010-07-24 18:04:43 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2010-07-24 17:57:41 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2010-07-24 17:47:04 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2010-07-24 17:46:49 ----A---- C:\WINDOWS\system32\pndx5032.dll
2010-07-24 17:46:49 ----A---- C:\WINDOWS\system32\pndx5016.dll
2010-07-24 17:46:40 ----D---- C:\Program Files\Common Files\xing shared
2010-07-24 17:46:21 ----A---- C:\WINDOWS\system32\pncrt.dll
2010-07-24 17:46:17 ----D---- C:\Program Files\Real
2010-07-24 17:46:14 ----D---- C:\Program Files\Common Files\Real
2010-07-24 17:46:12 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2010-07-24 17:46:10 ----D---- C:\Documents and Settings\Phillip\Application Data\Real
2010-07-24 14:56:07 ----D---- C:\Program Files\City of Heroes
2010-07-24 14:42:48 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-07-24 14:42:48 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-07-24 14:30:46 ----D---- C:\Program Files\Common Files\Doblon
2010-07-24 14:30:38 ----D---- C:\Program Files\Doblon
2010-07-24 14:10:19 ----D---- C:\Program Files\GrabIt
2010-07-24 13:07:57 ----D---- C:\Program Files\Microsoft Works
2010-07-24 13:07:48 ----D---- C:\Program Files\MSBuild
2010-07-24 13:07:38 ----D---- C:\Program Files\Microsoft Visual Studio
2010-07-24 13:07:38 ----D---- C:\Program Files\Common Files\DESIGNER
2010-07-24 13:06:50 ----D---- C:\Program Files\Microsoft.NET
2010-07-24 13:04:19 ----D---- C:\WINDOWS\SHELLNEW
2010-07-24 13:03:54 ----D---- C:\Program Files\Microsoft Office
2010-07-24 13:03:54 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2010-07-24 13:03:32 ----RHD---- C:\MSOCache
2010-07-24 12:49:27 ----D---- C:\Documents and Settings\Phillip\Application Data\GrabIt
2010-07-24 12:08:49 ----D---- C:\Program Files\Common Files\Adobe
2010-07-24 11:49:11 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-07-24 11:44:59 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2010-07-24 11:44:31 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2010-07-24 11:43:10 ----D---- C:\Documents and Settings\Phillip\Application Data\Mozilla
2010-07-24 11:43:03 ----D---- C:\Program Files\Mozilla Firefox
2010-07-24 11:24:33 ----D---- C:\spoolerlogs
2010-07-24 11:16:06 ----A---- C:\WINDOWS\opt_5040.ini
2010-07-24 11:16:06 ----A---- C:\WINDOWS\brwmark.ini
2010-07-24 11:16:06 ----A---- C:\WINDOWS\BRVIDEO.INI
2010-07-24 11:16:06 ----A---- C:\WINDOWS\brpp2ka.ini
2010-07-24 11:16:06 ----A---- C:\WINDOWS\Brownie.ini
2010-07-24 11:16:06 ----A---- C:\WINDOWS\BROHL504.INI
2010-07-24 11:16:06 ----A---- C:\WINDOWS\brmx2001.ini
2010-07-24 11:16:06 ----A---- C:\WINDOWS\BRDIAG.INI
2010-07-24 11:16:03 ----A---- C:\WINDOWS\system32\BRVPDNTA.DLL
2010-07-24 11:16:03 ----A---- C:\WINDOWS\system32\BRVPD95A.DLL
2010-07-24 11:16:03 ----A---- C:\WINDOWS\system32\BRGSRC32.DLL
2010-07-24 11:16:03 ----A---- C:\WINDOWS\system32\BRGSRC16.DLL
2010-07-24 11:16:03 ----A---- C:\WINDOWS\system32\Brdiag2.exe
2010-07-24 11:16:02 ----D---- C:\Program Files\Brownie
2010-07-24 11:16:02 ----A---- C:\WINDOWS\system32\drivers\BRPAR.SYS
2010-07-24 11:16:02 ----A---- C:\WINDOWS\HL-5040.INI
2010-07-24 11:15:12 ----A---- C:\WINDOWS\system32\PDRVINST.DLL
2010-07-24 11:15:11 ----N---- C:\WINDOWS\system32\BRWEBUP.EXE
2010-07-24 11:15:11 ----N---- C:\WINDOWS\system32\BrWebIns.dll
2010-07-24 11:15:08 ----D---- C:\Program Files\Brother
2010-07-24 11:14:46 ----A---- C:\WINDOWS\IsUninst.exe
2010-07-24 11:10:49 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2010-07-24 10:58:09 ----D---- C:\Program Files\uTorrent
2010-07-24 10:57:09 ----D---- C:\Documents and Settings\Phillip\Application Data\uTorrent
2010-07-24 10:46:09 ----D---- C:\Documents and Settings\Phillip\Application Data\Malwarebytes
2010-07-24 10:46:04 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-07-24 10:46:03 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-07-24 10:46:03 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-07-24 10:46:03 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-07-24 10:08:29 ----D---- C:\Program Files\Symantec
2010-07-24 10:08:29 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-07-24 10:08:29 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2010-07-24 10:08:29 ----A---- C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2010-07-24 10:08:12 ----D---- C:\WINDOWS\system32\drivers\NAV
2010-07-24 10:08:09 ----D---- C:\Program Files\Windows Sidebar
2010-07-24 10:08:09 ----D---- C:\Program Files\Norton AntiVirus
2010-07-24 09:59:54 ----D---- C:\Program Files\NortonInstaller
2010-07-24 09:59:54 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2010-07-24 09:43:17 ----D---- C:\Documents and Settings\Phillip\Application Data\AdobeUM
2010-07-24 09:25:14 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2010-07-24 02:20:35 ----D---- C:\WINDOWS\SoftwareDistribution
2010-07-24 02:20:31 ----SD---- C:\WINDOWS\system32\Microsoft
2010-07-24 02:20:31 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-24 01:40:45 ----SHD---- C:\RECYCLER
2010-07-24 01:39:07 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2010-07-24 01:38:34 ----D---- C:\NVIDIA
2010-07-24 01:37:24 ----D---- C:\WINDOWS\system32\xircom
2010-07-24 01:37:24 ----D---- C:\Program Files\xerox
2010-07-24 01:37:24 ----D---- C:\Program Files\microsoft frontpage
2010-07-24 01:37:11 ----RASH---- C:\MSDOS.SYS
2010-07-24 01:37:11 ----RASH---- C:\IO.SYS
2010-07-24 01:37:11 ----A---- C:\WINDOWS\control.ini
2010-07-24 01:37:11 ----A---- C:\CONFIG.SYS
2010-07-24 01:37:11 ----A---- C:\AUTOEXEC.BAT
2010-07-24 01:37:04 ----A---- C:\WINDOWS\OEWABLog.txt
2010-07-24 01:37:03 ----A---- C:\WINDOWS\system32\mapi32.dll
2010-07-24 01:36:16 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-07-24 01:36:16 ----RD---- C:\WINDOWS\Offline Web Pages
2010-07-24 01:36:16 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-07-24 01:36:11 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-07-24 01:36:08 ----HD---- C:\Program Files\WindowsUpdate
2010-07-24 01:35:57 ----D---- C:\WINDOWS\system32\DirectX
2010-07-24 01:35:43 ----A---- C:\WINDOWS\system32\atrace.dll
2010-07-24 01:35:41 ----A---- C:\WINDOWS\system32\desktop.ini
2010-07-24 01:35:41 ----A---- C:\WINDOWS\desktop.ini
2010-07-24 01:35:36 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2010-07-24 01:35:35 ----A---- C:\WINDOWS\system32\acctres.dll
2010-07-24 01:35:34 ----D---- C:\Program Files\Common Files\Services
2010-07-24 01:35:32 ----SD---- C:\WINDOWS\Tasks
2010-07-24 01:35:32 ----D---- C:\Program Files\Common Files\MSSoap
2010-07-24 01:35:32 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2010-07-24 01:35:29 ----D---- C:\WINDOWS\system32\Macromed
2010-07-24 01:35:29 ----D---- C:\WINDOWS\srchasst
2010-07-24 01:35:27 ----A---- C:\WINDOWS\system32\wuweb.dll
2010-07-24 01:35:27 ----A---- C:\WINDOWS\system32\wups.dll
2010-07-24 01:35:27 ----A---- C:\WINDOWS\system32\wucltui.dll
2010-07-24 01:35:27 ----A---- C:\WINDOWS\system32\wuauserv.dll
2010-07-24 01:35:27 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2010-07-24 01:35:27 ----A---- C:\WINDOWS\system32\wuaueng.dll
2010-07-24 01:35:27 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2010-07-24 01:35:26 ----A---- C:\WINDOWS\system32\wuauclt.exe
2010-07-24 01:35:26 ----A---- C:\WINDOWS\system32\wuapi.dll
2010-07-24 01:35:26 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2010-07-24 01:35:26 ----A---- C:\WINDOWS\system32\qmgr.dll
2010-07-24 01:35:26 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2010-07-24 01:35:26 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2010-07-24 01:35:21 ----A---- C:\WINDOWS\system32\safrslv.dll
2010-07-24 01:35:21 ----A---- C:\WINDOWS\system32\safrdm.dll
2010-07-24 01:35:21 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2010-07-24 01:35:20 ----A---- C:\WINDOWS\system32\racpldlg.dll
2010-07-24 01:35:18 ----D---- C:\WINDOWS\system32\Restore
2010-07-24 01:35:18 ----A---- C:\WINDOWS\system32\srsvc.dll
2010-07-24 01:35:18 ----A---- C:\WINDOWS\system32\srrstr.dll
2010-07-24 01:35:18 ----A---- C:\WINDOWS\system32\fltmc.exe
2010-07-24 01:35:18 ----A---- C:\WINDOWS\system32\fltlib.dll
2010-07-24 01:35:18 ----A---- C:\WINDOWS\system32\drivers\fltmgr.sys
2010-07-24 01:35:17 ----A---- C:\WINDOWS\system32\srclient.dll
2010-07-24 01:35:17 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2010-07-24 01:35:17 ----A---- C:\WINDOWS\system32\msconf.dll
2010-07-24 01:35:17 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2010-07-24 01:35:17 ----A---- C:\WINDOWS\system32\mnmdd.dll
2010-07-24 01:35:17 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2010-07-24 01:35:17 ----A---- C:\WINDOWS\system32\ils.dll
2010-07-24 01:35:17 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2010-07-24 01:35:15 ----D---- C:\Program Files\NetMeeting
2010-07-24 01:35:15 ----A---- C:\WINDOWS\system32\msoert2.dll
2010-07-24 01:35:15 ----A---- C:\WINDOWS\system32\msoeacct.dll
2010-07-24 01:35:14 ----A---- C:\WINDOWS\system32\inetres.dll
2010-07-24 01:35:14 ----A---- C:\WINDOWS\system32\inetcomm.dll
2010-07-24 01:35:13 ----D---- C:\Program Files\Outlook Express
2010-07-24 01:35:13 ----A---- C:\WINDOWS\system32\schedsvc.dll
2010-07-24 01:35:12 ----A---- C:\WINDOWS\system32\mstinit.exe
2010-07-24 01:35:12 ----A---- C:\WINDOWS\system32\mstask.dll
2010-07-24 01:35:12 ----A---- C:\WINDOWS\system32\isign32.dll
2010-07-24 01:35:12 ----A---- C:\WINDOWS\system32\inetcfg.dll
2010-07-24 01:35:12 ----A---- C:\WINDOWS\system32\icwphbk.dll
2010-07-24 01:35:12 ----A---- C:\WINDOWS\system32\icwdial.dll
2010-07-24 01:35:08 ----D---- C:\Program Files\Common Files\System
2010-07-24 01:35:04 ----D---- C:\Program Files\Internet Explorer
2010-07-24 01:34:36 ----RSD---- C:\WINDOWS\assembly
2010-07-24 01:34:20 ----D---- C:\Program Files\ComPlus Applications
2010-07-24 01:34:20 ----A---- C:\WINDOWS\vbaddin.ini
2010-07-24 01:34:20 ----A---- C:\WINDOWS\vb.ini
2010-07-24 01:34:19 ----D---- C:\WINDOWS\Registration
2010-07-24 01:34:16 ----D---- C:\Program Files\Online Services
2010-07-24 01:34:07 ----D---- C:\WINDOWS\Microsoft.NET
2010-07-24 01:34:05 ----D---- C:\Program Files\Windows Media Player
2010-07-24 01:33:54 ----D---- C:\Program Files\Windows Plus
2010-07-24 01:33:50 ----N---- C:\WINDOWS\system32\drivers\PxHelp20.sys
2010-07-24 01:33:47 ----A---- C:\WINDOWS\system32\mhn.dll
2010-07-24 01:33:47 ----A---- C:\WINDOWS\system32\igdetect.dll
2010-07-24 01:33:47 ----A---- C:\WINDOWS\system32\drivers\mhndrv.sys
2010-07-24 01:33:45 ----D---- C:\Program Files\Movie Maker
2010-07-24 01:33:04 ----D---- C:\Program Files\Messenger
2010-07-24 01:33:01 ----D---- C:\Program Files\MSN Gaming Zone
2010-07-24 01:33:01 ----A---- C:\WINDOWS\system32\write.exe
2010-07-24 01:32:55 ----A---- C:\WINDOWS\system32\sndvol32.exe
2010-07-24 01:32:55 ----A---- C:\WINDOWS\system32\hticons.dll
2010-07-24 01:32:55 ----A---- C:\WINDOWS\system32\avwav.dll
2010-07-24 01:32:55 ----A---- C:\WINDOWS\system32\avmeter.dll
2010-07-24 01:32:54 ----A---- C:\WINDOWS\system32\winchat.exe
2010-07-24 01:32:54 ----A---- C:\WINDOWS\system32\avtapi.dll
2010-07-24 01:32:50 ----A---- C:\WINDOWS\system32\getuname.dll
2010-07-24 01:32:49 ----A---- C:\WINDOWS\system32\winmine.exe
2010-07-24 01:32:49 ----A---- C:\WINDOWS\system32\sol.exe
2010-07-24 01:32:49 ----A---- C:\WINDOWS\system32\mshearts.exe
2010-07-24 01:32:49 ----A---- C:\WINDOWS\system32\charmap.exe
2010-07-24 01:32:49 ----A---- C:\WINDOWS\system32\calc.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\tslabels.ini
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\tskill.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\tscon.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\shadow.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\rwinsta.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\reset.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\regini.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\qwinsta.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\qappsrv.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\msg.exe
2010-07-24 01:32:48 ----A---- C:\WINDOWS\system32\freecell.exe
2010-07-24 01:32:47 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2010-07-24 01:32:47 ----A---- C:\WINDOWS\system32\mtxex.dll
2010-07-24 01:32:47 ----A---- C:\WINDOWS\system32\mtxdm.dll
2010-07-24 01:32:47 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2010-07-24 01:32:47 ----A---- C:\WINDOWS\system32\logoff.exe
2010-07-24 01:32:47 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2010-07-24 01:32:47 ----A---- C:\WINDOWS\system32\cdmodem.dll
2010-07-24 01:32:46 ----A---- C:\WINDOWS\system32\stclient.dll
2010-07-24 01:32:46 ----A---- C:\WINDOWS\system32\comsnap.dll
2010-07-24 01:32:46 ----A---- C:\WINDOWS\system32\comrepl.dll
2010-07-24 01:32:46 ----A---- C:\WINDOWS\system32\comaddin.dll
2010-07-24 01:32:43 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2010-07-24 01:32:35 ----D---- C:\Program Files\MSN
2010-07-24 01:32:35 ----A---- C:\WINDOWS\system32\sndrec32.exe
2010-07-24 01:32:35 ----A---- C:\WINDOWS\system32\accwiz.exe
2010-07-24 01:32:34 ----D---- C:\Program Files\Windows NT
2010-07-24 01:32:34 ----A---- C:\WINDOWS\system32\mspaint.exe
2010-07-24 01:32:34 ----A---- C:\WINDOWS\system32\mplay32.exe
2010-07-24 01:32:34 ----A---- C:\WINDOWS\system32\hypertrm.dll
2010-07-24 01:32:34 ----A---- C:\WINDOWS\system32\clipbrd.exe
2010-07-24 01:32:33 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2010-07-24 01:32:33 ----A---- C:\WINDOWS\system32\spider.exe
2010-07-24 01:32:33 ----A---- C:\WINDOWS\system32\remotepg.dll
2010-07-24 01:32:33 ----A---- C:\WINDOWS\system32\rdshost.exe
2010-07-24 01:32:33 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2010-07-24 01:32:33 ----A---- C:\WINDOWS\system32\mstscax.dll
2010-07-24 01:32:33 ----A---- C:\WINDOWS\system32\mstsc.exe
2010-07-24 01:32:33 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2010-07-24 01:32:33 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2010-07-24 01:32:33 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2010-07-24 01:32:32 ----D---- C:\WINDOWS\system32\MsDtc
2010-07-24 01:32:32 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2010-07-24 01:32:32 ----A---- C:\WINDOWS\system32\termsrv.dll
2010-07-24 01:32:32 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-07-24 01:32:32 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2010-07-24 01:32:32 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2010-07-24 01:32:32 ----A---- C:\WINDOWS\system32\rdpclip.exe
2010-07-24 01:32:32 ----A---- C:\WINDOWS\system32\rdchost.dll
2010-07-24 01:32:32 ----A---- C:\WINDOWS\system32\qprocess.exe
2010-07-24 01:32:32 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2010-07-24 01:32:32 ----A---- C:\WINDOWS\system32\icaapi.dll
2010-07-24 01:32:32 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2010-07-24 01:32:31 ----A---- C:\WINDOWS\system32\xolehlp.dll
2010-07-24 01:32:31 ----A---- C:\WINDOWS\system32\mtxoci.dll
2010-07-24 01:32:31 ----A---- C:\WINDOWS\system32\msdtctm.dll
2010-07-24 01:32:31 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2010-07-24 01:32:31 ----A---- C:\WINDOWS\system32\msdtclog.dll
2010-07-24 01:32:31 ----A---- C:\WINDOWS\system32\msdtc.exe
2010-07-24 01:32:30 ----D---- C:\WINDOWS\system32\Com
2010-07-24 01:32:30 ----A---- C:\WINDOWS\system32\comuid.dll
2010-07-24 01:32:30 ----A---- C:\WINDOWS\system32\comsvcs.dll
2010-07-24 01:32:30 ----A---- C:\WINDOWS\system32\colbact.dll
2010-07-24 01:32:30 ----A---- C:\WINDOWS\system32\clbcatex.dll
2010-07-24 01:32:30 ----A---- C:\WINDOWS\system32\catsrvut.dll
2010-07-24 01:32:30 ----A---- C:\WINDOWS\system32\catsrvps.dll
2010-07-24 01:32:30 ----A---- C:\WINDOWS\system32\catsrv.dll
2010-07-24 01:32:29 ----A---- C:\WINDOWS\system32\clbcatq.dll
2010-07-24 01:32:25 ----A---- C:\WINDOWS\system32\servdeps.dll
2010-07-24 01:32:25 ----A---- C:\WINDOWS\system32\mmfutil.dll
2010-07-24 01:32:25 ----A---- C:\WINDOWS\system32\licwmi.dll
2010-07-24 01:32:25 ----A---- C:\WINDOWS\system32\cmprops.dll
2010-07-24 01:32:21 ----A---- C:\WINDOWS\system32\drivers\termdd.sys
2010-07-24 01:32:20 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2010-07-24 01:28:02 ----D---- C:\Program Files\SystemRequirementsLab
2010-07-24 01:25:45 ----D---- C:\Documents and Settings\Phillip\Application Data\Adobe
2010-07-24 01:24:39 ----D---- C:\Documents and Settings\Phillip\Application Data\Macromedia
2010-07-24 01:21:01 ----N---- C:\WINDOWS\system32\msxml3a.dll
2010-07-24 01:20:53 ----D---- C:\Program Files\CyberLink
2010-07-24 01:20:20 ----D---- C:\Program Files\Common Files\Stardock
2010-07-24 01:20:20 ----D---- C:\Program Files\AlienGUIse
2010-07-24 01:20:20 ----A---- C:\WINDOWS\wb.ini
2010-07-24 01:20:20 ----A---- C:\WINDOWS\system32\wbsys.dll
2010-07-24 01:15:28 ----D---- C:\Program Files\AVerMedia
2010-07-24 01:10:30 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-24 01:09:07 ----D---- C:\Program Files\NVIDIA Corporation
2010-07-24 01:08:18 ----A---- C:\WINDOWS\system32\CapabilityTable.exe
2010-07-24 01:08:07 ----N---- C:\WINDOWS\system32\nvuide.exe
2010-07-24 01:05:52 ----RA---- C:\WINDOWS\system32\fdco1ins.dll
2010-07-24 01:05:50 ----D---- C:\WINDOWS\NV3121792.TMP
2010-07-24 01:05:46 ----RA---- C:\WINDOWS\system32\nvusmb.exe
2010-07-24 01:05:11 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2010-07-24 01:05:02 ----D---- C:\Program Files\Common Files\InstallShield
2010-07-24 00:40:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-07-24 00:40:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-07-24 00:36:42 ----D---- C:\WINDOWS\system32\Lang
2010-07-24 00:35:27 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-07-24 00:35:20 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-07-24 00:35:02 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2010-07-24 00:35:02 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2010-07-24 00:35:01 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2010-07-24 00:35:00 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2010-07-24 00:35:00 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2010-07-24 00:34:59 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2010-07-24 00:34:59 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2010-07-24 00:34:58 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2010-07-24 00:34:58 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010-07-24 00:34:57 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2010-07-24 00:34:57 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010-07-24 00:34:33 ----RA---- C:\WINDOWS\RtlUpd.exe
2010-07-24 00:34:33 ----RA---- C:\WINDOWS\ALCMTR.EXE
2010-07-24 00:34:32 ----RA---- C:\WINDOWS\ALCWZRD.EXE
2010-07-24 00:34:32 ----D---- C:\WINDOWS\system32\RTCOM
2010-07-24 00:34:29 ----RA---- C:\WINDOWS\SOUNDMAN.EXE
2010-07-24 00:34:29 ----RA---- C:\WINDOWS\RTLCPL.EXE
2010-07-24 00:34:28 ----RA---- C:\WINDOWS\SkyTel.exe
2010-07-24 00:34:27 ----RA---- C:\WINDOWS\MicCal.exe
2010-07-24 00:34:23 ----RA---- C:\WINDOWS\RTHDCPL.EXE
2010-07-24 00:34:21 ----RA---- C:\WINDOWS\system32\drivers\RtkHDAud.sys
2010-07-24 00:34:20 ----A---- C:\WINDOWS\system32\ksuser.dll
2010-07-24 00:34:20 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2010-07-24 00:34:19 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2010-07-24 00:31:35 ----D---- C:\WINDOWS\Prefetch
2010-07-24 00:30:29 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-07-24 00:30:25 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-07-24 00:30:20 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-07-24 00:30:16 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-07-24 00:30:13 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-07-24 00:30:10 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-07-24 00:30:07 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-07-24 00:30:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-07-24 00:30:00 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-07-24 00:29:57 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-07-24 00:29:54 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-07-24 00:29:50 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-07-24 00:29:46 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-07-24 00:29:43 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-07-24 00:29:40 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-07-24 00:29:36 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-07-24 00:29:33 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-07-24 00:29:29 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-07-24 00:29:26 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-07-24 00:29:23 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-07-24 00:29:20 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-07-24 00:29:17 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-07-24 00:29:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-07-24 00:29:09 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-07-24 00:29:05 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-07-24 00:29:02 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-07-24 00:28:59 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-07-24 00:28:55 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-07-24 00:28:52 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-07-24 00:28:49 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-07-24 00:28:46 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-07-24 00:28:42 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-07-24 00:28:37 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-07-24 00:28:33 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-07-24 00:28:30 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-07-24 00:28:26 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-07-24 00:28:23 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-07-24 00:28:20 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-07-24 00:28:17 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-07-24 00:28:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-07-24 00:28:10 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-07-24 00:28:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-07-24 00:28:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-07-24 00:27:57 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-07-24 00:27:54 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2010-07-24 00:27:51 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-07-24 00:27:47 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-07-24 00:27:44 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-07-24 00:27:40 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-07-24 00:27:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-07-24 00:27:33 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-07-24 00:27:30 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-07-24 00:27:27 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-07-24 00:27:23 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-07-24 00:27:19 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-07-24 00:27:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-07-24 00:24:15 ----D---- C:\WINDOWS\system32\scripting
2010-07-24 00:24:15 ----D---- C:\WINDOWS\system32\en
2010-07-24 00:24:15 ----D---- C:\WINDOWS\system32\bits
2010-07-24 00:24:15 ----D---- C:\WINDOWS\l2schemas
2010-07-24 00:22:31 ----D---- C:\WINDOWS\network diagnostic
2010-07-24 00:20:52 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-07-24 00:18:46 ----N---- C:\WINDOWS\system32\wmphoto.dll
2010-07-24 00:18:45 ----N---- C:\WINDOWS\system32\wlanapi.dll
2010-07-24 00:18:44 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2010-07-24 00:18:44 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2010-07-24 00:18:43 ----N---- C:\WINDOWS\system32\verclsid.exe
2010-07-24 00:18:43 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2010-07-24 00:18:43 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2010-07-24 00:18:43 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2010-07-24 00:18:43 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2010-07-24 00:18:43 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2010-07-24 00:18:43 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2010-07-24 00:18:43 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2010-07-24 00:18:43 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2010-07-24 00:18:42 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2010-07-24 00:18:42 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2010-07-24 00:18:41 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2010-07-24 00:18:40 ----N---- C:\WINDOWS\system32\tspkg.dll
2010-07-24 00:18:40 ----N---- C:\WINDOWS\system32\tsgqec.dll
2010-07-24 00:18:40 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2010-07-24 00:18:36 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2010-07-24 00:18:35 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2010-07-24 00:18:35 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2010-07-24 00:18:35 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2010-07-24 00:18:34 ----N---- C:\WINDOWS\system32\slserv.exe
2010-07-24 00:18:34 ----N---- C:\WINDOWS\system32\slrundll.exe
2010-07-24 00:18:34 ----N---- C:\WINDOWS\system32\slgen.dll
2010-07-24 00:18:34 ----N---- C:\WINDOWS\system32\slextspk.dll
2010-07-24 00:18:34 ----N---- C:\WINDOWS\system32\slcoinst.dll
2010-07-24 00:18:34 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2010-07-24 00:18:34 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2010-07-24 00:18:34 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2010-07-24 00:18:34 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2010-07-24 00:18:34 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2010-07-24 00:18:34 ----N---- C:\WINDOWS\slrundll.exe
2010-07-24 00:18:33 ----N---- C:\WINDOWS\system32\setupn.exe
2010-07-24 00:18:33 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2010-07-24 00:18:32 ----N---- C:\WINDOWS\system32\s3gnb.dll
2010-07-24 00:18:32 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2010-07-24 00:18:31 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2010-07-24 00:18:31 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2010-07-24 00:18:31 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2010-07-24 00:18:30 ----N---- C:\WINDOWS\system32\rasqec.dll
2010-07-24 00:18:30 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2010-07-24 00:18:29 ----N---- C:\WINDOWS\system32\qutil.dll
2010-07-24 00:18:29 ----N---- C:\WINDOWS\system32\qcliprov.dll
2010-07-24 00:18:29 ----N---- C:\WINDOWS\system32\qagentrt.dll
2010-07-24 00:18:29 ----N---- C:\WINDOWS\system32\qagent.dll
2010-07-24 00:18:28 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2010-07-24 00:18:26 ----N---- C:\WINDOWS\system32\onex.dll
2010-07-24 00:18:25 ----A---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2010-07-24 00:18:24 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2010-07-24 00:18:24 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2010-07-24 00:18:21 ----N---- C:\WINDOWS\system32\napstat.exe
2010-07-24 00:18:21 ----N---- C:\WINDOWS\system32\napmontr.dll
2010-07-24 00:18:21 ----N---- C:\WINDOWS\system32\napipsec.dll
2010-07-24 00:18:20 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2010-07-24 00:18:20 ----N---- C:\WINDOWS\system32\msxml6r.dll
2010-07-24 00:18:20 ----N---- C:\WINDOWS\system32\msxml6.dll
2010-07-24 00:18:20 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2010-07-24 00:18:20 ----N---- C:\WINDOWS\system32\mssha.dll
2010-07-24 00:18:20 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2010-07-24 00:18:20 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2010-07-24 00:18:20 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2010-07-24 00:18:20 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2010-07-24 00:18:11 ----N---- C:\WINDOWS\system32\mmcperf.exe
2010-07-24 00:18:11 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2010-07-24 00:18:11 ----N---- C:\WINDOWS\system32\mmcex.dll
2010-07-24 00:18:11 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2010-07-24 00:18:10 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2010-07-24 00:18:10 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2010-07-24 00:18:05 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2010-07-24 00:18:05 ----N---- C:\WINDOWS\system32\kmsvc.dll
2010-07-24 00:18:05 ----N---- C:\WINDOWS\system32\kbdpash.dll
2010-07-24 00:18:05 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2010-07-24 00:18:05 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2010-07-24 00:18:05 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2010-07-24 00:18:01 ----N---- C:\WINDOWS\system32\smtpapi.dll
2010-07-24 00:18:01 ----N---- C:\WINDOWS\system32\rwnh.dll
2010-07-24 00:17:59 ----N---- C:\WINDOWS\system32\comsdupd.exe
2010-07-24 00:17:58 ----N---- C:\WINDOWS\system32\ieencode.dll
2010-07-24 00:17:57 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2010-07-24 00:17:57 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2010-07-24 00:17:57 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2010-07-24 00:17:57 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2010-07-24 00:17:57 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2010-07-24 00:17:57 ----N---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2010-07-24 00:17:57 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2010-07-24 00:17:56 ----N---- C:\WINDOWS\system32\faxpatch.exe
2010-07-24 00:17:56 ----A---- C:\WINDOWS\003012_.tmp
2010-07-24 00:17:55 ----N---- C:\WINDOWS\system32\eapsvc.dll
2010-07-24 00:17:55 ----N---- C:\WINDOWS\system32\eapqec.dll
2010-07-24 00:17:55 ----N---- C:\WINDOWS\system32\eappprxy.dll
2010-07-24 00:17:55 ----N---- C:\WINDOWS\system32\eapphost.dll
2010-07-24 00:17:55 ----N---- C:\WINDOWS\system32\eappgnui.dll
2010-07-24 00:17:55 ----N---- C:\WINDOWS\system32\eappcfg.dll
2010-07-24 00:17:55 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2010-07-24 00:17:55 ----N---- C:\WINDOWS\system32\eapolqec.dll
2010-07-24 00:17:54 ----N---- C:\WINDOWS\system32\dot3ui.dll
2010-07-24 00:17:54 ----N---- C:\WINDOWS\system32\dot3svc.dll
2010-07-24 00:17:54 ----N---- C:\WINDOWS\system32\dot3msm.dll
2010-07-24 00:17:54 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2010-07-24 00:17:54 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2010-07-24 00:17:54 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2010-07-24 00:17:54 ----N---- C:\WINDOWS\system32\dot3api.dll
2010-07-24 00:17:54 ----N---- C:\WINDOWS\system32\dimsroam.dll
2010-07-24 00:17:54 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2010-07-24 00:17:53 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2010-07-24 00:17:53 ----N---- C:\WINDOWS\system32\credssp.dll
2010-07-24 00:17:51 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2010-07-24 00:17:51 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2010-07-24 00:17:51 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2010-07-24 00:17:51 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2010-07-24 00:17:51 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2010-07-24 00:17:51 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2010-07-24 00:17:51 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2010-07-24 00:17:51 ----N---- C:\WINDOWS\system32\azroles.dll
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2010-07-24 00:17:50 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\ati3duag.dll
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2010-07-24 00:17:49 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2010-07-24 00:17:48 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2010-07-24 00:17:48 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2010-07-24 00:17:48 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2010-07-24 00:17:48 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2010-07-24 00:17:48 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2010-07-24 00:17:48 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2010-07-24 00:17:48 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2010-07-24 00:17:48 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2010-07-24 00:17:48 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2010-07-24 00:17:48 ----N---- C:\WINDOWS\system32\aaclient.dll
2010-07-24 00:11:38 ----D---- C:\WINDOWS\ie8updates
2010-07-24 00:11:25 ----D---- C:\WINDOWS\WBEM
2010-07-24 00:11:14 ----HDC---- C:\WINDOWS\ie8
2010-07-24 00:11:14 ----D---- C:\WINDOWS\system32\en-US
2010-07-24 00:10:05 ----HDC---- C:\WINDOWS\$NtUninstallKB908250$
2010-07-24 00:05:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593_0$
2010-07-24 00:04:59 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$
2010-07-24 00:04:53 ----HDC---- C:\WINDOWS\$NtUninstallKB979559_0$
2010-07-24 00:04:49 ----HDC---- C:\WINDOWS\$NtUninstallKB979904$
2010-07-24 00:04:42 ----HDC---- C:\WINDOWS\$NtUninstallKB975562_0$
2010-07-24 00:04:39 ----HDC---- C:\WINDOWS\$NtUninstallKB979482_0$
2010-07-24 00:04:35 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-07-24 00:04:32 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-07-24 00:04:30 ----HDC---- C:\WINDOWS\$NtUninstallKB980218_0$
2010-07-24 00:04:26 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-07-24 00:04:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978542_0$
2010-07-24 00:04:20 ----HDC---- C:\WINDOWS\$NtUninstallKB978601_0$
2010-07-24 00:04:13 ----HDC---- C:\WINDOWS\$NtUninstallKB979683_0$
2010-07-24 00:04:09 ----HDC---- C:\WINDOWS\$NtUninstallKB978338_0$
2010-07-24 00:04:05 ----HDC---- C:\WINDOWS\$NtUninstallKB979309_0$
2010-07-24 00:04:02 ----HDC---- C:\WINDOWS\$NtUninstallKB981350$
2010-07-24 00:03:58 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-07-24 00:03:55 ----HDC---- C:\WINDOWS\$NtUninstallKB980232_0$
2010-07-24 00:03:51 ----HDC---- C:\WINDOWS\$NtUninstallKB975561_0$
2010-07-24 00:03:47 ----HDC---- C:\WINDOWS\$NtUninstallKB978706_0$
2010-07-24 00:03:44 ----HDC---- C:\WINDOWS\$NtUninstallKB971468_0$
2010-07-24 00:03:40 ----HDC---- C:\WINDOWS\$NtUninstallKB977914_0$
2010-07-24 00:03:36 ----HDC---- C:\WINDOWS\$NtUninstallKB975560_0$
2010-07-24 00:03:32 ----HDC---- C:\WINDOWS\$NtUninstallKB978037_0$
2010-07-24 00:03:28 ----HDC---- C:\WINDOWS\$NtUninstallKB975713_0$
2010-07-24 00:03:25 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$
2010-07-24 00:03:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-07-24 00:03:17 ----HDC---- C:\WINDOWS\$NtUninstallKB955759_0$
2010-07-24 00:03:13 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$
2010-07-24 00:03:10 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$
2010-07-24 00:03:06 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-07-24 00:03:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$
2010-07-24 00:02:59 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$
2010-07-24 00:02:54 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2010-07-24 00:02:50 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$
2010-07-24 00:02:48 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-07-24 00:02:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$
2010-07-24 00:02:41 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$
2010-07-24 00:02:36 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$
2010-07-24 00:02:33 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-07-24 00:02:27 ----HDC---- C:\WINDOWS\$NtUninstallKB953295$
2010-07-24 00:02:20 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-07-24 00:02:16 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$
2010-07-24 00:02:12 ----HDC---- C:\WINDOWS\$NtUninstallKB973768$
2010-07-24 00:02:02 ----A---- C:\WINDOWS\system32\MRT.exe
2010-07-24 00:01:55 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
2010-07-23 23:57:17 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$
2010-07-23 23:57:11 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$
2010-07-23 23:57:06 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$
2010-07-23 23:56:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$
2010-07-23 23:56:46 ----D---- C:\WINDOWS\ServicePackFiles
2010-07-23 23:56:44 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2010-07-23 23:56:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$
2010-07-23 23:56:33 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2010-07-23 23:56:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2010-07-23 23:56:18 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$
2010-07-23 23:56:12 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$
2010-07-23 23:56:06 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$
2010-07-23 23:56:01 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$
2010-07-23 23:55:53 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$
2010-07-23 23:55:34 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$
2010-07-23 23:55:25 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2010-07-23 23:55:10 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$
2010-07-23 23:55:05 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$
2010-07-23 23:55:00 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2010-07-23 23:54:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2010-07-23 23:54:48 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2010-07-23 23:54:43 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2010-07-23 23:54:39 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2010-07-23 23:54:33 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2010-07-23 23:54:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2010-07-23 23:54:25 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2010-07-23 23:54:19 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2010-07-23 23:54:12 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2010-07-23 23:54:08 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2010-07-23 23:54:03 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2010-07-23 23:53:59 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-07-23 23:53:51 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-07-23 23:53:28 ----HDC---- C:\WINDOWS\$NtUninstallKB913800$
2010-07-23 23:46:41 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-07-23 23:43:20 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2010-07-23 23:42:15 ----N---- C:\WINDOWS\system32\xpsp4res.dll
2010-07-23 23:42:00 ----N---- C:\WINDOWS\kb913800.exe
2010-07-23 23:38:54 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2010-07-23 23:36:52 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-07-23 23:31:27 ----D---- C:\WINDOWS\RegisteredPackages
2010-07-23 23:30:57 ----HDC---- C:\WINDOWS\$NtUninstallKB900325$
2010-07-23 23:30:42 ----HDC---- C:\WINDOWS\$NtUninstallKB902841$
2010-07-23 23:30:26 ----HDC---- C:\WINDOWS\$NtUninstallKB899510$
2010-07-23 23:30:19 ----HDC---- C:\WINDOWS\$NtUninstallKB899337$
2010-07-23 23:30:13 ----HDC---- C:\WINDOWS\$NtUninstallKB895961$
2010-07-23 23:30:06 ----HDC---- C:\WINDOWS\$NtUninstallKB891593$
2010-07-23 23:29:55 ----HDC---- C:\WINDOWS\$NtUninstallKB903157$
2010-07-23 23:28:07 ----D---- C:\WINDOWS\system32\URTTemp
2010-07-23 23:25:23 ----D---- C:\WINDOWS\system32\PreInstall
2010-07-23 23:25:21 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-07-23 23:25:12 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2010-07-23 23:25:12 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2010-07-23 23:25:06 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2010-07-23 23:23:45 ----HD---- C:\WINDOWS\$hf_mig$
2010-07-23 23:23:36 ----D---- C:\Documents and Settings\Phillip\Application Data\Identities
2010-07-23 23:23:34 ----HD---- C:\Program Files\Uninstall Information
2010-07-23 23:23:20 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-07-23 23:23:20 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-07-23 23:23:14 ----D---- C:\Program Files\Adobe
2010-07-23 23:23:11 ----SD---- C:\Documents and Settings\Phillip\Application Data\Microsoft
2010-07-23 23:23:11 ----ASH---- C:\Documents and Settings\Phillip\Application Data\desktop.ini
2010-07-23 18:32:10 ----A---- C:\WINDOWS\system32\h323log.txt
2010-07-23 18:31:04 ----A---- C:\WINDOWS\system32\drivers\audstub.sys
2010-07-23 18:30:58 ----A---- C:\WINDOWS\system32\hidserv.dll
2010-07-23 18:30:32 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2010-07-23 18:30:22 ----A---- C:\WINDOWS\system32\drivers\enum1394.sys
2010-07-23 18:30:01 ----A---- C:\WINDOWS\system32\usbui.dll
2010-07-23 18:29:53 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-07-23 18:29:52 ----A---- C:\WINDOWS\system32\nvunrm.exe
2010-07-23 18:29:52 ----A---- C:\WINDOWS\system32\drivers\nvtcp.sys
2010-07-23 18:24:33 ----A---- C:\WINDOWS\imsins.BAK
2010-07-23 18:24:31 ----SHD---- C:\WINDOWS\Installer
2010-07-23 18:24:31 ----D---- C:\Program Files\Common Files\ODBC
2010-07-23 18:24:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-23 18:24:31 ----A---- C:\WINDOWS\ODBCINST.INI
2010-07-23 18:24:29 ----D---- C:\Program Files\Common Files\SpeechEngines
2010-07-23 18:24:28 ----RD---- C:\Program Files
2010-07-23 18:24:28 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-07-23 18:24:28 ----D---- C:\Program Files\Common Files
2010-07-23 18:24:27 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2010-07-23 18:24:27 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2010-07-23 18:24:27 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbdur.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbdru.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2010-07-23 18:24:25 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2010-07-23 18:24:24 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2010-07-23 18:24:24 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2010-07-23 18:24:24 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2010-07-23 18:24:24 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2010-07-23 18:24:24 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2010-07-23 18:24:24 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2010-07-23 18:24:24 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2010-07-23 18:24:23 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2010-07-23 18:24:23 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2010-07-23 18:24:23 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2010-07-23 18:24:23 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2010-07-23 18:24:23 ----RA---- C:\WINDOWS\system32\kbdest.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdro.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2010-07-23 18:24:21 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2010-07-23 18:24:20 ----A---- C:\WINDOWS\system32\irclass.dll
2010-07-23 18:24:20 ----A---- C:\WINDOWS\system32\dgsetup.dll
2010-07-23 18:24:20 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2010-07-23 18:24:19 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-07-23 18:24:19 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2010-07-23 18:24:18 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2010-07-23 18:24:18 ----A---- C:\WINDOWS\TASKMAN.EXE
2010-07-23 18:24:18 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2010-07-23 18:24:17 ----A---- C:\WINDOWS\system32\storprop.dll
2010-07-23 18:24:17 ----A---- C:\WINDOWS\system32\batt.dll
2010-07-23 18:24:17 ----A---- C:\WINDOWS\notepad.exe
2010-07-23 18:24:14 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2010-07-23 18:24:12 ----RA---- C:\WINDOWS\SET8.tmp
2010-07-23 18:24:10 ----RA---- C:\WINDOWS\SET4.tmp
2010-07-23 18:24:10 ----RA---- C:\WINDOWS\SET3.tmp
2010-07-23 18:24:06 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-23 18:24:06 ----D---- C:\WINDOWS\system32\CatRoot
2010-07-23 18:24:01 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-07-23 18:23:49 ----A---- C:\WINDOWS\setuplog.txt
2010-07-23 18:23:42 ----SHD---- C:\System Volume Information
2010-07-23 18:23:42 ----D---- C:\Documents and Settings
2010-07-23 18:22:53 ----SH---- C:\boot.ini
2010-07-23 18:21:41 ----D---- C:\ALIENWARE
2010-07-23 18:21:39 ----D---- C:\WINDOWS\OEMDRVRS
2010-07-23 18:16:59 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-23 18:16:59 ----RSD---- C:\WINDOWS\Fonts
2010-07-23 18:16:59 ----RD---- C:\WINDOWS\Web
2010-07-23 18:16:59 ----HD---- C:\WINDOWS\inf
2010-07-23 18:16:59 ----D---- C:\WINDOWS\WinSxS
2010-07-23 18:16:59 ----D---- C:\WINDOWS\twain_32
2010-07-23 18:16:59 ----D---- C:\WINDOWS\Temp
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\wins
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\wbem
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\usmt
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\spool
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\ShellExt
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\Setup
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\ras
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\oobe
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\npp
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\mui
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\inetsrv
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\IME
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\icsxml
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\ias
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\export
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\drivers\etc
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\drivers\disdn
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\drivers
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\dhcp
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\config
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\3com_dmi
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\3076
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\2052
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\1054
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\1042
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\1041
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\1037
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\1033
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\1031
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\1028
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32\1025
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system32
2010-07-23 18:16:59 ----D---- C:\WINDOWS\system
2010-07-23 18:16:59 ----D---- C:\WINDOWS\security
2010-07-23 18:16:59 ----D---- C:\WINDOWS\Resources
2010-07-23 18:16:59 ----D---- C:\WINDOWS\repair
2010-07-23 18:16:59 ----D---- C:\WINDOWS\Provisioning
2010-07-23 18:16:59 ----D---- C:\WINDOWS\PeerNet
2010-07-23 18:16:59 ----D---- C:\WINDOWS\pchealth
2010-07-23 18:16:59 ----D---- C:\WINDOWS\mui
2010-07-23 18:16:59 ----D---- C:\WINDOWS\msapps
2010-07-23 18:16:59 ----D---- C:\WINDOWS\msagent
2010-07-23 18:16:59 ----D---- C:\WINDOWS\Media
2010-07-23 18:16:59 ----D---- C:\WINDOWS\java
2010-07-23 18:16:59 ----D---- C:\WINDOWS\ime
2010-07-23 18:16:59 ----D---- C:\WINDOWS\Help
2010-07-23 18:16:59 ----D---- C:\WINDOWS\ehome
2010-07-23 18:16:59 ----D---- C:\WINDOWS\Driver Cache
2010-07-23 18:16:59 ----D---- C:\WINDOWS\Debug
2010-07-23 18:16:59 ----D---- C:\WINDOWS\Cursors
2010-07-23 18:16:59 ----D---- C:\WINDOWS\Connection Wizard
2010-07-23 18:16:59 ----D---- C:\WINDOWS\Config
2010-07-23 18:16:59 ----D---- C:\WINDOWS\AppPatch
2010-07-23 18:16:59 ----D---- C:\WINDOWS\addins
2010-07-23 18:16:59 ----D---- C:\WINDOWS
2010-07-23 18:16:59 ----ASH---- C:\pagefile.sys

======List of files/folders modified in the last 1 months======

2010-07-27 02:30:35 ----A---- C:\WINDOWS\system32\shell32.dll
2010-07-25 18:39:27 ----A---- C:\WINDOWS\win.ini
2010-07-24 17:46:21 ----A---- C:\WINDOWS\system32\msvcr71.dll
2010-07-24 17:46:21 ----A---- C:\WINDOWS\system32\msvcp71.dll
2010-07-24 01:36:52 ----ASH---- C:\WINDOWS\fonts\desktop.ini
2010-07-23 18:24:28 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-09-21 105344]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\drivers\nvatabus.sys [2006-09-21 105344]
R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-06-09 45648]
R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\NAV\1107000.00C\SYMDS.SYS [2010-02-03 328752]
R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\NAV\1107000.00C\SYMEFA.SYS [2010-04-21 173104]
R1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.6.0.32\Definitions\BASHDefs\20100810.004\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\NAV\1107000.00C\ccHPx86.sys [2010-02-25 501888]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NAV\1107000.00C\SRTSPX.SYS [2010-04-21 43696]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\NAV\1107000.00C\Ironx86.SYS [2010-04-29 116784]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NAV\1107000.00C\SYMTDI.SYS [2010-05-06 361904]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.6.0.32\Definitions\IPSDefs\20100820.001\IDSxpx86.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-09-12 4381184]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2005-12-28 12160]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.6.0.32\Definitions\VirusDefs\20100822.007\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.6.0.32\Definitions\VirusDefs\20100822.007\NAVEX15.SYS []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-03 10232128]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-08-07 52736]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2010-01-28 58600]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-08-07 18944]
R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NAV\1107000.00C\SRTSP.SYS [2010-04-21 325680]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S2 BrPar;BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [2000-07-23 19537]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-04-19 41984]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2005-12-28 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 CarboniteService;CarboniteService; C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe [2010-06-28 2977936]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-06-20 49152]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 NAV;Norton AntiVirus; C:\Program Files\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe [2010-02-25 126392]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2005-08-08 167936]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-07-21 540968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-07-04 208896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------


#7 Requiem7

Requiem7
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 23 August 2010 - 07:41 AM

Hi,

The slowness of my computer has seem to stop, I used outlook, itunes and internet explorer and they did not crash but when I try to use the two online games I play they crash. Do you think I use uninstall and reinstall both? I'm thinking maybe some of the files got damage. Please advise and thank you for all your help.

UPDATED: I may have spoken too soon, I was doing a restore of my iphone and itunes fozen on me.

Edited by Requiem7, 23 August 2010 - 05:05 PM.


#8 Requiem7

Requiem7
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 23 August 2010 - 07:58 PM

My system keeps crashing. I get the error message that my system has recovered from a serious error.

#9 Requiem7

Requiem7
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 25 August 2010 - 02:10 PM

Hi,
I think I figure out the problem. I had upgraded my RAM before my computer started crashing and running slow. I decided remove the new RAM and but the old RAM back and so for the computer is running good. I was able to log on to both my online games I play and I have not had any problems with any other programs or the computer crashing. I will let you know in a few days if everything is completely alright. Thanks.

#10 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:01:01 AM

Posted 28 August 2010 - 05:05 PM

I am glad you figured out the problem. Let me know how it goes.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.

#11 Requiem7

Requiem7
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:01:01 AM

Posted 29 August 2010 - 10:00 AM

Everything seems to be going fine except yesterday I got the blue screen of death. Everything else seems to be running fine. I made sure that I have all the updates. Don't understand why I got that.

#12 suebaby41

suebaby41

    W.A.M. (Women Against Malware)


  • Malware Response Team
  • 6,248 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:South Carolina, USA
  • Local time:01:01 AM

Posted 30 August 2010 - 04:55 PM




You may be interested in Freeware Replacements For Common Commercial Apps.

Tips To Protect Your Computer
  • Avoid clicking on links in instant messages.
  • Avoid opening email attachments.
  • Avoid visiting every poker site on the net.
  • Avoid downloading all that free cute junk.
  • Avoid using the peer-to-peer file sharing.
  • Avoid getting those handy toolbar doodads for your browsers.
  • Malware is out there just waiting to pounce on your system if you only pass by where they are lurking which may be at some seemingly innocent web site. Be careful because some of the malware are so vicious that no one can possibly save you once you let them in.
  • Remember that new malware emerges every week of the year. Take responsibility for protecting your system because you are its first and best defense.

Tools Downloaded To Clean Your Computer

I may have asked you to install some tools. Whether or not you need to keep these programs must be decided by you. If you choose to uninstall them, follow these directions:
  1. Click Start > Control Panel.
  2. In Control Panel, double-click Add or Remove Programs.
  3. In Add or Remove Programs, highlight the program, click Remove.
  4. Close the Add or Remove Programs and the Control Panel windows.
Optional Tools:
  1. ATF-Cleaner cleans all user temp folders, Java cache, (which seems to be harboring more and more malware), the cache, cookies, history, download history, visited links and saved passwords. Scan weekly if you have high Internet use.
  2. Trend Micro's HijackThis or random's System Information Tool (RSIT) may be uninstalled; however, if you should ever encounter another problem and seek help in this forum or others like it, you will need to download this application.
  3. SUPERAntiSpyware scans, detects, and removes spyware on your computer.
  4. Malwarebytes ' Anti-Malware scans, detects, and removes malware on your computer.
  5. a-squared Free scans, detects, and removes trojans, worms, spyware on your computer.
  6. Spybot S&D scans, detects, and removes malware on your computer.
If you have changed the default settings for files/folders, please restore the default settings for files/folders.
  1. Go to My Computer.
  2. Select the Tools menu and click Folder Options.
  3. Click the View tab.
  4. Under Advanced Settings, click the Restore Defaults button in the lower right corner.
  5. Click Apply and then the OK and close My Computer.
Please take the time to read the "Steps To Keep Your Computer Clean And Secure" below.

STEPS TO KEEP YOUR COMPUTER CLEAN AND SECURE:

Please follow these simple steps in order to keep your computer clean and secure:
  1. Disable and Enable System Restore. After cleaning, you will need to disable the System Restore function For Windows XP.
    Files placed in the System volume information folder are source files for the System Restore function that is available in Windows XP operating system. Files that were healed were moved in their original INFECTED state into this folder and it is necessary to DELETE them by following these steps:
    1. Close all open programs. Then right-click My Computer on the Windows' desktop
    2. Click on Properties.
    3. Click on the System Restore tab.
    4. Check Turn off System Restore on all drives.
    5. Restart the system.
    6. Enable System Restore by going through the first four steps again and uncheck the item mentioned in Step d.
    7. You can find instructions on how to disable and enable system restore in the Windows XP System Restore Guide.
  2. Make your Internet Explorer more secure: This can be done by following these simple instructions:
    1. From within Internet Explorer click on the Tools menu and then click on Options.
    2. Click once on the Security tab
    3. Click once on the Internet icon so it becomes highlighted.
    4. Click once on the Custom Level button.
      • Change the Download signed ActiveX controls to Prompt
      • Change the Download unsigned ActiveX controls to Disable
      • Change the Initialize and script ActiveX controls not marked as safe to Disable
      • Change the Installation of desktop items to Prompt
      • Change the Launching programs and files in an IFRAME to Prompt
      • Change the Navigate sub frames across different domains to Prompt
    5. When all these settings have been made, click on the OK button.
    6. If it asks you if you want to save the settings, press the Yes button.
    7. Click Apply > OK button and then the OK to exit the Internet Properties page.
  3. Use a Firewall: - I cannot stress how important it is that you use a Firewall on your computer.  Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly. For an article on Firewalls and a listing of some available ones see the link below:
    Computer Safety On line - Software Firewalls. For more information about firewalls, and why a two-way firewall is better than the Windows XP one-way firewall, please read Understanding and Using Firewalls.
  4. Use An Antivirus Software and Keep It Updated: - It is very important that your computer has an antivirus software running on your machine.  This alone can save you a lot of trouble with malware in the future.  It is imperative that you update your antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software, then it will not be able to catch any of the new variants that may come out. For an article on antivirus programs and a listing of some available ones see the link below:
    Computer Safety On line - Anti-Virus
  5. Visit Microsoft's Windows Update Site Frequently: It is important that you visit Microsoft Windows Update regularly. This will ensure your computer has the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
  6. You should scan your computer with Spybot S&D on a regular basis just as you would an anti- virus software. A tutorial on installing & using this product can be found here:
    Using Spybot - Search & Destroy to remove Spyware from Your Computer
  7. Update SpywareBlaster (at least weekly): SpywareBlaster will add a large list of programs and sites into your Internet Explorer and Firec settings that will protect you from running and downloading known malicious programs. An article on anti-malware products with links for this program and others can be found here:
    Computer Safety on line Anti Malware
  8. Use the hosts file: Every version of windows has a hosts file as part of them. In a very basic sense, they are used to locate web pages. We can customize a hosts file so that it blocks certain web pages. However, it can slow down certain computers. This is why using a hosts file is optional. Download mvps hosts file Make sure you read the instructions on how to install the hosts file. There is a good tutorial HERE If you decide to download the hosts file, the slowdown problems can usually be avoided by following these steps:
    1. Click the start button on the task bar at the bottom of your screen
    2. Click run
    3. In the dialog box, type services.msc
    4. hit enter, then locate dns client
    5. Highlight it, then doubleclick it.
    6. On the dropdown box, change the setting from automatic to manual.
    7. Click OK.
  9. Use an alternative instant messenger program:.Trillian and Miranda IM These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)
  10. Please read Tony Klein's excellent article: How I got Infected in the First Place
  11. Please read Understanding Spyware, Browser Hijackers, and Dialers
  12. Please read Simple and easy ways to keep your computer safe and secure on the Internet.
  13. If you are using Internet Explorer, please consider using an alternate browser: Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built in popup blocker (as an added benefit!) that I have ever seen.
    Another good browser is Opera . Opera 9 comes loaded with the tools to keep you productive and safe. Try it today, it's absolutely free. Some of the Opera features are: Customization, BitTorrent, Content blocker, Add your favorite search engines, Thumbnail preview of tabs, Widgets, Transfer manager, Tabbed browsing, Password manager, Sessions (You can save a collection of open tabs as a session, for later retrieval, or start with the pages you had open when Opera was last closed.), Keyboard Shortcuts, Cookie control, a multitude of languages, Validate code, Toggle graphics and style sheets, and Special features such as Full-screen mode, Kiosk mode.
  14. Update all these programs regularly: Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
  15. If your computer was infected by a website, a program, IM, MSN, or p2p, check this site because it is Time To Fight Back.
Follow these steps and your potential for being infected again will reduce dramatically.
Good luck!

This subject is now closed. If you need this topic reopened, please contact a member of the HJT Team and we will reopen it for you. Include the address of this thread in your request. If you should have a new issue, please start a new topic. This applies only to the original topic starter. Everyone else please begin a New Topic.
You don't stop laughing when you get old; you get old when you stop laughing.
A Member of U-N-I-T-E (Unified Network of Instructors and Trained Eliminators)
Malware Removal University Masters Graduate

Posted Image
Join The Fight Against Malware
No reply within 5 days will result in your topic being closed. If you need more time, please let me know by posting in this topic so that your topic will not be closed.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users