Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

unofficial family "computer guy"

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

unofficial family "computer guy"

Unread postby mattrowe » May 6th, 2009, 6:58 pm

I'm sure many like me are involved with computers (i'm a web designer) and have been labeled "the family computer fix-it guy" and now tasked with saving a cousin's slow-running computer. I'm in over my head and have no idea how to remove some truely annoying malicious programs that have been innocently (ignorance is bliss) downloaded.

What I know so far:
The computer was crawling to the point where it would be hours before becoming responsive again. Another family member removed several programs before handing this off to me. I noticed the computer became very slow once I connected it to the internet and opened up ie. I eventually removed an ie search bar that was known to cause unresponsiveness and now it's running a bit better. I then took out the hard drive, connected it to another pc and ran AVG 8.5 (free version) which found a couple trojans and cleaned them up. When I put the hd back in the original computer and booted from it, an out-dated virus protection program detected MallTycoonSetup-DM[1].exe and was unable to remove it. So, I figured it was time for HijackThis and some help from people who know what they are doing since I'm not sure what all is on the computer at this point!

btw... I ran the "Analzye This" option from HJT before I read not to do that in a sticky in this forum.

I appreciate any and all help in the matter... Thanks!


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:45:14 PM, on 5/6/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16830)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\AOL\1198447098\ee\aolsoftware.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... bd=0071218
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: (Gaming)2 - {971F630E-AD68-4d6e-B0C3-1C627AAC80F1} - C:\Program Files\GamingSquared\Gaming2\G2IE_v1042.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1198447098\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe"
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... .0.1.0.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://games.myspace.com/Gameshell/Game ... meHost.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MrHealthy (MrHealthyService) - Symantec Corporation - C:\Program Files\Norton PC Checkup\executables\mrHealthy\MrHealthy.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security 14\PcCtlCom.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security 14\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security 14\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security 14\tmproxy.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11860 bytes
mattrowe
Active Member
 
Posts: 6
Joined: May 6th, 2009, 6:26 pm
Advertisement
Register to Remove

Re: unofficial family "computer guy"

Unread postby MWR 3 day Mod » May 10th, 2009, 5:02 am

Hi mattrowe

I am sorry to see your topic is over three days old and no one has been able to respond and help you.

Unfortunately all the anti-malware forums are overloaded with victims of malware and we are no exception.

If you still require assistance could you please post a link to your topic in our 72 hr bump room, and our staff will try to make an effort to assist you. Please do not reply to this topic.

If you haven't posted within three days in the 72 hour bump room, we will assume you have been able to get assistance in other ways and this topic will be closed.
MWR 3 day Mod
MRU Undergrad
MRU Undergrad
 
Posts: 2534
Joined: April 4th, 2008, 8:40 am

Re: unofficial family "computer guy"

Unread postby Katana » May 10th, 2009, 5:09 pm

Please note that all instructions given are customised for this computer only,
the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.


Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:
  1. Please Read All Instructions Carefully
  2. If you don't understand something, stop and ask! Don't keep going on.
  3. Please do not run any other tools or scans whilst I am helping you
  4. Failure to reply within 5 days will result in the topic being closed.
  5. Please continue to respond until I give you the "All Clear"
    (Just because you can't see a problem doesn't mean it isn't there)
If you can do those few things, everything should go smoothly Image

Please Note, your security programs may give warnings for some of the tools I will ask you to use.
Be assured, any links I give are safe

----------------------------------------------------------------------------------------


Download and Run RSIT
  • Please download Random's System Information Tool by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open:
    • log.txt will be opened maximized.
    • info.txt will be opened minimized.
  • Please post the contents of both log.txt and info.txt.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: unofficial family "computer guy"

Unread postby mattrowe » May 10th, 2009, 7:53 pm

Thank you for helping...

log.txt:
Logfile of random's system information tool 1.06 (written by random/random)
Run by PPNesdore at 2009-05-10 18:46:15
Microsoft® Windows Vista™ Home Basic
System drive C: has 188 GB (83%) free of 228 GB
Total RAM: 958 MB (17% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:46:37 PM, on 5/10/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16830)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Common Files\AOL\1198447098\ee\aolsoftware.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Norton PC Checkup\CHECKUP.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\agent.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\PPNesdore\Desktop\RSIT.exe
C:\Windows\system32\UI0Detect.exe
C:\Program Files\Trend Micro\HijackThis\PPNesdore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... bd=0071218
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: (Gaming)2 - {971F630E-AD68-4d6e-B0C3-1C627AAC80F1} - C:\Program Files\GamingSquared\Gaming2\G2IE_v1042.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1198447098\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe"
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... .0.1.0.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.nick.com/common/groove/gx/GrooveAX27.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://games.myspace.com/Gameshell/Game ... meHost.cab
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MrHealthy (MrHealthyService) - Symantec Corporation - C:\Program Files\Norton PC Checkup\executables\mrHealthy\MrHealthy.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security 14\PcCtlCom.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security 14\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security 14\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security 14\tmproxy.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12020 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - c:\Program Files\Java\jre1.6.0\bin\ssv.dll [2007-12-18 501384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar Launcher - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll [2007-10-10 1090912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{971F630E-AD68-4d6e-B0C3-1C627AAC80F1}]
(Gaming)2 - C:\Program Files\GamingSquared\Gaming2\G2IE_v1042.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-05-03 259696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-05-05 668656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll [2009-05-03 470512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Dell\BAE\BAE.dll [2006-11-09 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AIM Toolbar - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll [2007-10-10 1090912]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-05-03 259696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2009-05-03 1006264]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-11-07 111936]
"dscactivate"=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2007-11-15 16384]
"ECenter"=C:\Dell\E-Center\EULALauncher.exe [2007-05-25 17920]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-09 29744]
"HostManager"=C:\Program Files\Common Files\AOL\1198447098\ee\AOLSoftware.exe [2006-09-25 50736]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-10-03 81920]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"pccguide.exe"=C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe [2007-08-27 1807696]
"PDVDDXSrv"=C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2006-10-20 118784]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2006-11-05 221184]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2006-10-03 221184]
"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2007-11-15 202544]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-05-03 13535776]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-05-03 92704]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-17 4907008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Aim6"=C:\Program Files\AIM6\aim6.exe [2008-01-03 50528]
"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2007-11-15 202544]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-12-18 68856]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 3 months======

2009-05-10 18:46:15 ----D---- C:\rsit
2009-05-06 17:02:21 ----D---- C:\Windows\Sun
2009-05-06 16:01:38 ----D---- C:\Windows\PCHEALTH
2009-05-06 10:03:44 ----HD---- C:\$AVG8.VAULT$
2009-05-06 08:14:16 ----A---- C:\Windows\system32\msshsq.dll
2009-05-06 06:24:51 ----A---- C:\Windows\system32\es.dll
2009-05-04 17:40:53 ----D---- C:\ProgramData\NVIDIA
2009-05-03 23:58:31 ----A---- C:\Windows\system32\winipsec.dll
2009-05-03 23:58:31 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-05-03 23:58:30 ----A---- C:\Windows\system32\polstore.dll
2009-05-03 23:58:30 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-05-03 23:47:01 ----A---- C:\Windows\system32\riched32.dll
2009-05-03 23:47:01 ----A---- C:\Windows\system32\riched20.dll
2009-05-03 23:46:57 ----A---- C:\Windows\system32\rasser.dll
2009-05-03 23:46:57 ----A---- C:\Windows\system32\rasdiag.dll
2009-05-03 23:46:57 ----A---- C:\Windows\system32\rascfg.dll
2009-05-03 23:46:56 ----A---- C:\Windows\system32\rasmxs.dll
2009-05-03 23:46:56 ----A---- C:\Windows\system32\netcfgx.dll
2009-05-03 23:46:55 ----A---- C:\Windows\system32\msftedit.dll
2009-05-03 23:46:54 ----A---- C:\Windows\system32\ipnathlp.dll
2009-05-03 23:46:54 ----A---- C:\Windows\system32\icsunattend.exe
2009-05-03 23:46:52 ----A---- C:\Windows\system32\wshqos.dll
2009-05-03 23:46:52 ----A---- C:\Windows\system32\traffic.dll
2009-05-03 23:46:51 ----A---- C:\Windows\system32\pacerprf.dll
2009-05-03 23:46:51 ----A---- C:\Windows\system32\localspl.dll
2009-05-03 23:46:50 ----A---- C:\Windows\system32\dps.dll
2009-05-03 23:46:50 ----A---- C:\Windows\system32\cdd.dll
2009-05-03 23:30:29 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-05-03 23:30:29 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-05-03 23:30:28 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-05-03 23:19:07 ----A---- C:\Windows\system32\msoert2.dll
2009-05-03 23:19:07 ----A---- C:\Windows\system32\msoeacct.dll
2009-05-03 23:19:07 ----A---- C:\Windows\system32\ACCTRES.dll
2009-05-03 23:08:23 ----A---- C:\Windows\system32\wtsapi32.dll
2009-05-03 23:08:17 ----A---- C:\Windows\system32\sysmain.dll
2009-05-03 23:08:15 ----A---- C:\Windows\system32\wlanhlp.dll
2009-05-03 23:08:15 ----A---- C:\Windows\system32\wlanapi.dll
2009-05-03 23:08:14 ----A---- C:\Windows\system32\wlansvc.dll
2009-05-03 23:08:14 ----A---- C:\Windows\system32\wlansec.dll
2009-05-03 23:08:14 ----A---- C:\Windows\system32\wlanmsm.dll
2009-05-03 22:57:41 ----A---- C:\Windows\system32\WebClnt.dll
2009-05-03 22:47:19 ----A---- C:\Windows\system32\csrsrv.dll
2009-05-03 22:47:18 ----A---- C:\Windows\system32\winsrv.dll
2009-05-03 22:13:17 ----A---- C:\Windows\system32\winhttp.dll
2009-05-03 22:02:53 ----A---- C:\Windows\system32\gdi32.dll
2009-05-03 21:49:22 ----A---- C:\Windows\system32\xolehlp.dll
2009-05-03 21:49:22 ----A---- C:\Windows\system32\msdtcprx.dll
2009-05-03 21:38:58 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-05-03 21:38:53 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-05-03 21:38:53 ----A---- C:\Windows\system32\gameux.dll
2009-05-03 21:33:32 ----A---- C:\Windows\system32\wmpeffects.dll
2009-05-03 21:29:47 ----A---- C:\Windows\system32\msxml3r.dll
2009-05-03 21:29:47 ----A---- C:\Windows\system32\msxml3.dll
2009-05-03 21:26:08 ----A---- C:\Windows\system32\msscp.dll
2009-05-03 21:22:14 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-05-03 21:18:35 ----A---- C:\Windows\system32\FirewallAPI.dll
2009-05-03 21:18:34 ----A---- C:\Windows\system32\wfapigp.dll
2009-05-03 21:18:34 ----A---- C:\Windows\system32\MPSSVC.dll
2009-05-03 21:18:34 ----A---- C:\Windows\system32\icfupgd.dll
2009-05-03 21:18:33 ----A---- C:\Windows\system32\cmifw.dll
2009-05-03 21:18:32 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-05-03 21:14:58 ----A---- C:\Windows\system32\netapi32.dll
2009-05-03 21:11:16 ----A---- C:\Windows\system32\tzres.dll
2009-05-03 21:06:46 ----A---- C:\Windows\system32\wmploc.DLL
2009-05-03 21:06:45 ----A---- C:\Windows\system32\wmp.dll
2009-05-03 21:06:45 ----A---- C:\Windows\system32\spwmp.dll
2009-05-03 21:06:44 ----A---- C:\Windows\system32\dxmasf.dll
2009-05-03 21:02:23 ----A---- C:\Windows\system32\shell32.dll
2009-05-03 20:51:37 ----A---- C:\Windows\system32\DWWIN.EXE
2009-05-03 20:48:20 ----A---- C:\Windows\explorer.exe
2009-05-03 20:38:07 ----A---- C:\Windows\system32\netcfg.exe
2009-05-03 20:38:06 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-05-03 20:38:06 ----A---- C:\Windows\system32\netiougc.exe
2009-05-03 20:34:37 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2009-05-03 20:34:36 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2009-05-03 20:34:36 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2009-05-03 20:34:36 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2009-05-03 20:34:36 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2009-05-03 20:34:35 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2009-05-03 20:34:35 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2009-05-03 20:34:35 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2009-05-03 20:34:34 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2009-05-03 20:34:34 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2009-05-03 20:34:33 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2009-05-03 20:34:33 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2009-05-03 20:34:32 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2009-05-03 20:34:32 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2009-05-03 20:34:32 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2009-05-03 20:34:31 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2009-05-03 20:34:31 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2009-05-03 20:34:30 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2009-05-03 20:34:30 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2009-05-03 20:34:29 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-05-03 20:34:29 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-05-03 20:34:28 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2009-05-03 20:34:28 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2009-05-03 20:34:28 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2009-05-03 20:34:27 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2009-05-03 20:34:27 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2009-05-03 20:34:27 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2009-05-03 20:34:27 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2009-05-03 20:34:26 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2009-05-03 20:34:26 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2009-05-03 20:34:25 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2009-05-03 20:34:25 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2009-05-03 20:34:25 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2009-05-03 20:34:24 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2009-05-03 20:34:23 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2009-05-03 20:34:23 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2009-05-03 20:34:22 ----A---- C:\Windows\system32\NlsModels0011.dll
2009-05-03 20:34:22 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2009-05-03 20:34:22 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2009-05-03 20:34:21 ----A---- C:\Windows\system32\NlsData0046.dll
2009-05-03 20:34:21 ----A---- C:\Windows\system32\NlsData0045.dll
2009-05-03 20:34:19 ----A---- C:\Windows\system32\NlsData0049.dll
2009-05-03 20:34:19 ----A---- C:\Windows\system32\NlsData0047.dll
2009-05-03 20:34:18 ----A---- C:\Windows\system32\NlsData0039.dll
2009-05-03 20:34:17 ----A---- C:\Windows\system32\NlsData0020.dll
2009-05-03 20:34:16 ----A---- C:\Windows\system32\NlsData0022.dll
2009-05-03 20:34:16 ----A---- C:\Windows\system32\NlsData0021.dll
2009-05-03 20:34:15 ----A---- C:\Windows\system32\NlsData0026.dll
2009-05-03 20:34:15 ----A---- C:\Windows\system32\NlsData0024.dll
2009-05-03 20:34:14 ----A---- C:\Windows\system32\NlsData0027.dll
2009-05-03 20:34:13 ----A---- C:\Windows\system32\NlsData0011.dll
2009-05-03 20:34:13 ----A---- C:\Windows\system32\NlsData0010.dll
2009-05-03 20:34:12 ----A---- C:\Windows\system32\NlsData0018.dll
2009-05-03 20:34:12 ----A---- C:\Windows\system32\NlsData0013.dll
2009-05-03 20:34:11 ----A---- C:\Windows\system32\NlsData0019.dll
2009-05-03 20:34:11 ----A---- C:\Windows\system32\NlsData0000.dll
2009-05-03 20:34:10 ----A---- C:\Windows\system32\NlsData0001.dll
2009-05-03 20:34:09 ----A---- C:\Windows\system32\NlsData0003.dll
2009-05-03 20:34:09 ----A---- C:\Windows\system32\NlsData0002.dll
2009-05-03 20:34:08 ----A---- C:\Windows\system32\NlsData0009.dll
2009-05-03 20:34:08 ----A---- C:\Windows\system32\NlsData0007.dll
2009-05-03 20:34:07 ----A---- C:\Windows\system32\NlsData004b.dll
2009-05-03 20:34:07 ----A---- C:\Windows\system32\NlsData004a.dll
2009-05-03 20:34:05 ----A---- C:\Windows\system32\NlsData004c.dll
2009-05-03 20:34:04 ----A---- C:\Windows\system32\NlsData004e.dll
2009-05-03 20:34:03 ----A---- C:\Windows\system32\NlsData003e.dll
2009-05-03 20:34:03 ----A---- C:\Windows\system32\NlsData002a.dll
2009-05-03 20:34:02 ----A---- C:\Windows\system32\NlsData001a.dll
2009-05-03 20:34:01 ----A---- C:\Windows\system32\NlsData001d.dll
2009-05-03 20:34:01 ----A---- C:\Windows\system32\NlsData001b.dll
2009-05-03 20:34:00 ----A---- C:\Windows\system32\NlsData000c.dll
2009-05-03 20:34:00 ----A---- C:\Windows\system32\NlsData000a.dll
2009-05-03 20:33:59 ----A---- C:\Windows\system32\NlsData000f.dll
2009-05-03 20:33:59 ----A---- C:\Windows\system32\NlsData000d.dll
2009-05-03 20:33:58 ----A---- C:\Windows\system32\NlsData0416.dll
2009-05-03 20:33:58 ----A---- C:\Windows\system32\NlsData0414.dll
2009-05-03 20:33:57 ----A---- C:\Windows\system32\NlsData081a.dll
2009-05-03 20:33:57 ----A---- C:\Windows\system32\NlsData0816.dll
2009-05-03 20:33:57 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-05-03 20:33:56 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2009-05-03 20:33:55 ----A---- C:\Windows\system32\NlsData0c1a.dll
2009-05-03 20:24:05 ----A---- C:\Windows\system32\setupapi.dll
2009-05-03 20:22:54 ----A---- C:\Windows\system32\srdelayed.exe
2009-05-03 20:22:54 ----A---- C:\Windows\system32\srcore.dll
2009-05-03 20:22:54 ----A---- C:\Windows\system32\srclient.dll
2009-05-03 20:22:54 ----A---- C:\Windows\system32\rstrui.exe
2009-05-03 20:22:53 ----A---- C:\Windows\system32\wpd_ci.dll
2009-05-03 20:22:53 ----A---- C:\Windows\system32\kd1394.dll
2009-05-03 20:22:52 ----A---- C:\Windows\system32\winresume.exe
2009-05-03 20:22:52 ----A---- C:\Windows\system32\winload.exe
2009-05-03 20:22:51 ----A---- C:\Windows\system32\ci.dll
2009-05-03 20:22:50 ----A---- C:\Windows\system32\cfgmgr32.dll
2009-05-03 20:22:49 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-05-03 20:22:49 ----A---- C:\Windows\system32\drvinst.exe
2009-05-03 20:22:48 ----A---- C:\Windows\system32\oleaut32.dll
2009-05-03 20:22:48 ----A---- C:\Windows\system32\nshhttp.dll
2009-05-03 20:22:48 ----A---- C:\Windows\system32\kbd106n.dll
2009-05-03 20:22:48 ----A---- C:\Windows\system32\dpx.dll
2009-05-03 20:22:47 ----A---- C:\Windows\system32\unlodctr.exe
2009-05-03 20:22:47 ----A---- C:\Windows\system32\lodctr.exe
2009-05-03 20:22:47 ----A---- C:\Windows\system32\loadperf.dll
2009-05-03 20:22:46 ----A---- C:\Windows\system32\prflbmsg.dll
2009-05-03 20:22:45 ----A---- C:\Windows\system32\schedsvc.dll
2009-05-03 20:22:43 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-05-03 20:22:43 ----A---- C:\Windows\system32\dispci.dll
2009-05-03 20:22:43 ----A---- C:\Windows\system32\batt.dll
2009-05-03 20:16:47 ----A---- C:\Windows\system32\rpcss.dll
2009-05-03 20:16:47 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-05-03 20:16:47 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-05-03 20:16:46 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-05-03 20:16:45 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-05-03 20:16:41 ----A---- C:\Windows\system32\sdohlp.dll
2009-05-03 20:16:41 ----A---- C:\Windows\system32\iasrecst.dll
2009-05-03 20:16:41 ----A---- C:\Windows\system32\iasdatastore.dll
2009-05-03 20:16:41 ----A---- C:\Windows\system32\iasads.dll
2009-05-03 20:08:33 ----A---- C:\Windows\system32\WMASF.DLL
2009-05-03 20:08:33 ----A---- C:\Windows\system32\LAPRXY.DLL
2009-05-03 20:08:33 ----A---- C:\Windows\system32\asferror.dll
2009-05-03 20:05:59 ----A---- C:\Windows\system32\kernel32.dll
2009-05-03 20:05:58 ----A---- C:\Windows\system32\secur32.dll
2009-05-03 20:05:58 ----A---- C:\Windows\system32\lsass.exe
2009-05-03 20:05:58 ----A---- C:\Windows\system32\lsasrv.dll
2009-05-03 20:05:57 ----A---- C:\Windows\system32\apilogen.dll
2009-05-03 20:05:57 ----A---- C:\Windows\system32\amxread.dll
2009-05-03 20:03:04 ----A---- C:\Windows\system32\SLC.dll
2009-05-03 20:03:04 ----A---- C:\Windows\system32\mcbuilder.exe
2009-05-03 20:03:03 ----A---- C:\Windows\system32\slwmi.dll
2009-05-03 20:03:02 ----A---- C:\Windows\system32\SLUI.exe
2009-05-03 20:03:02 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-05-03 20:03:01 ----A---- C:\Windows\system32\SLUINotify.dll
2009-05-03 20:03:01 ----A---- C:\Windows\system32\SLLUA.exe
2009-05-03 20:03:00 ----A---- C:\Windows\system32\SLsvc.exe
2009-05-03 20:03:00 ----A---- C:\Windows\system32\slcinst.dll
2009-05-03 20:00:09 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-05-03 20:00:09 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-05-03 20:00:08 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-05-03 19:56:39 ----A---- C:\Windows\system32\ntprint.exe
2009-05-03 19:56:39 ----A---- C:\Windows\system32\ntprint.dll
2009-05-03 19:56:38 ----A---- C:\Windows\system32\dhcpcmonitor.dll
2009-05-03 19:56:37 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-05-03 19:56:37 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-05-03 19:56:37 ----A---- C:\Windows\system32\authui.dll
2009-05-03 19:56:35 ----A---- C:\Windows\system32\avicap32.dll
2009-05-03 19:56:34 ----A---- C:\Windows\system32\msvidc32.dll
2009-05-03 19:56:34 ----A---- C:\Windows\system32\msvfw32.dll
2009-05-03 19:56:34 ----A---- C:\Windows\system32\msrle32.dll
2009-05-03 19:56:34 ----A---- C:\Windows\system32\mciavi32.dll
2009-05-03 19:56:34 ----A---- C:\Windows\system32\avifil32.dll
2009-05-03 19:56:33 ----A---- C:\Windows\system32\sendmail.dll
2009-05-03 19:50:30 ----A---- C:\Windows\system32\win32spl.dll
2009-05-03 19:50:30 ----A---- C:\Windows\system32\printcom.dll
2009-05-03 19:45:53 ----A---- C:\Windows\system32\wshrm.dll
2009-05-03 19:40:53 ----A---- C:\Windows\system32\sbunattend.exe
2009-05-03 19:29:32 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-05-03 19:29:32 ----A---- C:\Windows\system32\dnscacheugc.exe
2009-05-03 19:29:32 ----A---- C:\Windows\system32\dnsapi.dll
2009-05-03 19:20:01 ----A---- C:\Windows\system32\schannel.dll
2009-05-03 18:48:28 ----A---- C:\Windows\system32\icardres.dll
2009-05-03 18:48:28 ----A---- C:\Windows\system32\icardagt.exe
2009-05-03 18:48:27 ----A---- C:\Windows\system32\infocardapi.dll
2009-05-03 18:48:08 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-05-03 18:47:58 ----A---- C:\Windows\system32\PresentationHost.exe
2009-05-03 18:47:57 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-05-03 18:47:57 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-05-03 18:21:01 ----A---- C:\Windows\system32\dfshim.dll
2009-05-03 18:20:59 ----A---- C:\Windows\system32\netfxperf.dll
2009-05-03 18:20:51 ----A---- C:\Windows\system32\mscoree.dll
2009-05-03 18:20:50 ----A---- C:\Windows\system32\mscorier.dll
2009-05-03 18:20:49 ----A---- C:\Windows\system32\mscories.dll
2009-05-03 17:59:54 ----A---- C:\Windows\system32\rrinstaller.exe
2009-05-03 17:59:54 ----A---- C:\Windows\system32\mfps.dll
2009-05-03 17:59:54 ----A---- C:\Windows\system32\mfpmp.exe
2009-05-03 17:59:54 ----A---- C:\Windows\system32\mferror.dll
2009-05-03 17:59:54 ----A---- C:\Windows\system32\mf.dll
2009-05-03 17:59:52 ----A---- C:\Windows\system32\logagent.exe
2009-05-03 17:59:51 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-05-03 17:59:50 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-05-03 17:58:34 ----A---- C:\Windows\system32\rpcrt4.dll
2009-05-03 17:57:53 ----A---- C:\Windows\system32\INETRES.dll
2009-05-03 17:57:53 ----A---- C:\Windows\system32\inetcomm.dll
2009-05-03 17:57:21 ----A---- C:\Windows\system32\connect.dll
2009-05-03 17:56:50 ----A---- C:\Windows\system32\wmi.dll
2009-05-03 17:56:49 ----A---- C:\Windows\system32\imagehlp.dll
2009-05-03 17:56:23 ----A---- C:\Windows\system32\quartz.dll
2009-05-03 17:55:28 ----A---- C:\Windows\system32\crypt32.dll
2009-05-03 17:54:51 ----A---- C:\Windows\system32\user32.dll
2009-05-03 17:54:28 ----A---- C:\Windows\system32\msxml6r.dll
2009-05-03 17:54:28 ----A---- C:\Windows\system32\msxml6.dll
2009-05-03 17:53:23 ----A---- C:\Windows\system32\iedkcs32.dll
2009-05-03 17:53:23 ----A---- C:\Windows\system32\advpack.dll
2009-05-03 17:53:22 ----A---- C:\Windows\system32\ieakui.dll
2009-05-03 17:53:22 ----A---- C:\Windows\system32\ieaksie.dll
2009-05-03 17:53:22 ----A---- C:\Windows\system32\admparse.dll
2009-05-03 17:53:20 ----A---- C:\Windows\system32\ieapfltr.dll
2009-05-03 17:53:18 ----A---- C:\Windows\system32\wininet.dll
2009-05-03 17:53:18 ----A---- C:\Windows\system32\jsproxy.dll
2009-05-03 17:53:16 ----A---- C:\Windows\system32\dxtrans.dll
2009-05-03 17:53:16 ----A---- C:\Windows\system32\dxtmsft.dll
2009-05-03 17:53:14 ----A---- C:\Windows\system32\msfeeds.dll
2009-05-03 17:53:13 ----A---- C:\Windows\system32\ieui.dll
2009-05-03 17:53:12 ----A---- C:\Windows\system32\ieframe.dll
2009-05-03 17:53:10 ----A---- C:\Windows\system32\mshtmler.dll
2009-05-03 17:53:10 ----A---- C:\Windows\system32\mshtmled.dll
2009-05-03 17:53:10 ----A---- C:\Windows\system32\ieencode.dll
2009-05-03 17:53:09 ----A---- C:\Windows\system32\mshtml.dll
2009-05-03 17:53:07 ----A---- C:\Windows\system32\mstime.dll
2009-05-03 17:53:07 ----A---- C:\Windows\system32\icardie.dll
2009-05-03 17:53:04 ----A---- C:\Windows\system32\ieUnatt.exe
2009-05-03 17:53:03 ----A---- C:\Windows\system32\urlmon.dll
2009-05-03 17:53:03 ----A---- C:\Windows\system32\occache.dll
2009-05-03 17:53:02 ----A---- C:\Windows\system32\pngfilt.dll
2009-05-03 17:53:02 ----A---- C:\Windows\system32\iertutil.dll
2009-05-03 17:53:02 ----A---- C:\Windows\system32\iernonce.dll
2009-05-03 17:53:02 ----A---- C:\Windows\system32\ie4uinit.exe
2009-05-03 17:53:01 ----A---- C:\Windows\system32\iesetup.dll
2009-05-03 17:50:51 ----A---- C:\Windows\system32\qmgr.dll
2009-05-03 17:29:16 ----D---- C:\Windows\Panther
2009-05-03 17:28:47 ----A---- C:\Windows\system32\nvcodins.dll
2009-05-03 17:28:46 ----A---- C:\Windows\system32\nvexpbar.dll
2009-05-03 17:28:46 ----A---- C:\Windows\system32\nvcpluir.dll
2009-05-03 17:28:46 ----A---- C:\Windows\system32\nvcplui.exe
2009-05-03 17:28:45 ----A---- C:\Windows\system32\nvuninst.exe
2009-05-03 17:28:44 ----A---- C:\Windows\system32\nvsvc.dll
2009-05-03 17:28:44 ----A---- C:\Windows\system32\nvmctray.dll
2009-05-03 17:28:43 ----A---- C:\Windows\system32\nvd3dum.dll
2009-05-03 17:28:43 ----A---- C:\Windows\system32\nvapi.dll
2009-05-03 17:28:35 ----A---- C:\Windows\system32\nvunrm.exe
2009-05-03 17:28:35 ----A---- C:\Windows\system32\nvconrm.dll
2009-05-03 17:28:35 ----A---- C:\Windows\system32\fdco1.dll
2009-05-03 17:28:27 ----A---- C:\Windows\system32\uci32113.dll
2009-05-03 17:28:27 ----A---- C:\Windows\system32\mdmxsdk.dll
2009-05-03 17:28:21 ----A---- C:\Windows\system32\SRSTSXT.dll
2009-05-03 17:28:21 ----A---- C:\Windows\system32\ctppld.dll
2009-05-03 17:28:06 ----D---- C:\Windows\Debug
2009-05-03 17:27:05 ----D---- C:\Windows\system32\OEM
2009-05-03 17:16:40 ----HD---- C:\$WINDOWS.~Q
2009-05-03 17:11:56 ----HD---- C:\$INPLACE.~TR
2009-05-03 16:50:29 ----A---- C:\Windows\system32\wups2.dll
2009-05-03 16:50:29 ----A---- C:\Windows\system32\wucltux.dll
2009-05-03 16:50:29 ----A---- C:\Windows\system32\wuaueng.dll
2009-05-03 16:50:29 ----A---- C:\Windows\system32\wuauclt.exe
2009-05-03 16:49:28 ----A---- C:\Windows\system32\wudriver.dll
2009-05-03 16:49:27 ----A---- C:\Windows\system32\wups.dll
2009-05-03 16:49:27 ----A---- C:\Windows\system32\wuapi.dll
2009-05-03 16:48:32 ----A---- C:\Windows\system32\wuwebv.dll
2009-05-03 16:48:32 ----A---- C:\Windows\system32\wuapp.exe
2009-05-03 14:39:51 ----SD---- C:\Users\PPNesdore\AppData\Roaming\Microsoft
2009-05-03 14:38:41 ----D---- C:\Program Files\CONEXANT
2009-05-03 14:38:26 ----D---- C:\Windows\system32\RTCOM
2009-05-03 14:30:44 ----D---- C:\Windows\Prefetch
2009-04-10 10:54:17 ----A---- C:\Windows\system32\MRT.INI

======List of files/folders modified in the last 3 months======

2009-05-10 18:45:47 ----D---- C:\Windows\System32
2009-05-10 18:45:47 ----D---- C:\Windows\inf
2009-05-10 18:45:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-05-10 18:45:30 ----D---- C:\Windows\Temp
2009-05-10 18:41:31 ----D---- C:\MDT
2009-05-06 17:10:10 ----RD---- C:\Program Files
2009-05-06 17:03:34 ----D---- C:\Program Files\Internet Explorer
2009-05-06 17:03:13 ----D---- C:\Windows\system32\drivers
2009-05-06 17:02:21 ----D---- C:\Windows
2009-05-06 16:44:37 ----D---- C:\Program Files\Trend Micro
2009-05-06 16:01:56 ----SHD---- C:\Windows\Installer
2009-05-06 16:01:52 ----D---- C:\ProgramData\Microsoft Help
2009-05-06 15:53:05 ----HD---- C:\ProgramData
2009-05-06 10:32:30 ----D---- C:\Windows\system32\WDI
2009-05-06 09:40:24 ----SHD---- C:\System Volume Information
2009-05-06 08:28:23 ----D---- C:\Windows\winsxs
2009-05-06 08:28:12 ----D---- C:\Windows\servicing
2009-05-06 08:17:14 ----D---- C:\Windows\system32\catroot
2009-05-05 13:15:26 ----D---- C:\Program Files\MyWebSearch
2009-05-04 03:37:50 ----D---- C:\Windows\Microsoft.NET
2009-05-04 03:37:44 ----RSD---- C:\Windows\assembly
2009-05-04 03:30:28 ----ASH---- C:\Program Files\desktop.ini
2009-05-04 03:30:11 ----D---- C:\Windows\rescache
2009-05-04 03:22:56 ----D---- C:\Windows\system32\LogFiles
2009-05-04 03:21:32 ----D---- C:\Windows\system32\ras
2009-05-04 03:21:32 ----D---- C:\Windows\system32\icsxml
2009-05-04 03:21:32 ----D---- C:\Windows\system32\en-US
2009-05-04 03:21:32 ----D---- C:\Program Files\Windows Calendar
2009-05-04 03:21:28 ----D---- C:\Windows\system32\wbem
2009-05-04 03:21:28 ----D---- C:\Program Files\Windows Mail
2009-05-04 03:21:28 ----D---- C:\Program Files\Common Files\System
2009-05-04 03:21:27 ----D---- C:\Program Files\Windows Defender
2009-05-04 03:21:26 ----D---- C:\Windows\AppPatch
2009-05-04 03:21:25 ----D---- C:\Windows\system32\migration
2009-05-04 03:21:25 ----D---- C:\Program Files\Windows Media Player
2009-05-04 03:21:20 ----D---- C:\Windows\system32\manifeststore
2009-05-04 03:21:19 ----D---- C:\Windows\system32\SLUI
2009-05-04 03:21:17 ----D---- C:\Program Files\Windows Sidebar
2009-05-04 03:21:15 ----D---- C:\Windows\system32\XPSViewer
2009-05-04 02:41:07 ----D---- C:\Program Files\ShoppingReport
2009-05-04 00:05:26 ----D---- C:\Windows\system32\catroot2
2009-05-03 18:50:32 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-05-03 18:28:21 ----D---- C:\ProgramData\Dell
2009-05-03 17:29:03 ----RAS---- C:\BOOTSECT.BAK
2009-05-03 17:29:01 ----SHD---- C:\Boot
2009-05-03 17:28:02 ----D---- C:\Windows\system32\config
2009-05-03 17:27:05 ----D---- C:\Windows\system32\oobe
2009-05-03 16:35:16 ----D---- C:\Windows\SoftwareDistribution
2009-05-03 16:27:05 ----D---- C:\Windows\system32\restore
2009-05-03 15:11:40 ----D---- C:\Windows\Registration
2009-05-03 15:10:14 ----D---- C:\Windows\system32\Tasks
2009-05-03 15:05:51 ----D---- C:\Windows\system32\Msdtc
2009-05-03 15:03:45 ----RD---- C:\Users
2009-05-03 15:02:22 ----D---- C:\Users\PPNesdore\AppData\Roaming\Yahoo!
2009-05-03 15:02:22 ----D---- C:\Users\PPNesdore\AppData\Roaming\Runaware
2009-05-03 15:02:22 ----D---- C:\Users\PPNesdore\AppData\Roaming\Roxio
2009-05-03 15:02:21 ----D---- C:\Users\PPNesdore\AppData\Roaming\MusicNet
2009-05-03 15:02:10 ----D---- C:\Users\PPNesdore\AppData\Roaming\Macromedia
2009-05-03 15:02:10 ----D---- C:\Users\PPNesdore\AppData\Roaming\LimeWire
2009-05-03 15:02:09 ----D---- C:\Users\PPNesdore\AppData\Roaming\Kutchka
2009-05-03 15:02:09 ----D---- C:\Users\PPNesdore\AppData\Roaming\Identities
2009-05-03 15:02:09 ----D---- C:\Users\PPNesdore\AppData\Roaming\ICAClient
2009-05-03 15:02:09 ----D---- C:\Users\PPNesdore\AppData\Roaming\HPAppData
2009-05-03 15:02:09 ----D---- C:\Users\PPNesdore\AppData\Roaming\HP
2009-05-03 15:02:09 ----D---- C:\Users\PPNesdore\AppData\Roaming\Google
2009-05-03 15:02:09 ----D---- C:\Users\PPNesdore\AppData\Roaming\CyberLink
2009-05-03 15:02:09 ----D---- C:\Users\PPNesdore\AppData\Roaming\Apple Computer
2009-05-03 15:01:58 ----D---- C:\Users\PPNesdore\AppData\Roaming\AOL
2009-05-03 15:01:58 ----D---- C:\Users\PPNesdore\AppData\Roaming\Adobe
2009-05-03 15:01:58 ----D---- C:\Users\PPNesdore\AppData\Roaming\acccore
2009-05-03 14:49:30 ----D---- C:\Windows\WindowsMobile
2009-05-03 14:49:19 ----D---- C:\Windows\twain_32
2009-05-03 14:49:18 ----D---- C:\Windows\system32\sysprep
2009-05-03 14:49:09 ----D---- C:\Windows\system32\NDF
2009-05-03 14:49:08 ----D---- C:\Windows\system32\Macromed
2009-05-03 14:49:07 ----DC---- C:\Windows\system32\DRVSTORE
2009-05-03 14:49:07 ----D---- C:\Windows\system32\DLA
2009-05-03 14:49:06 ----D---- C:\Windows\system32\Adobe
2009-05-03 14:49:02 ----D---- C:\Windows\SHELLNEW
2009-05-03 14:48:56 ----D---- C:\Windows\Logs
2009-05-03 14:48:56 ----D---- C:\Windows\java
2009-05-03 14:48:38 ----RSD---- C:\Windows\Fonts
2009-05-03 14:48:38 ----D---- C:\Windows\Help
2009-05-03 14:47:55 ----SD---- C:\Windows\Downloaded Program Files
2009-05-03 14:47:54 ----D---- C:\Windows\Downloaded Installations
2009-05-03 14:47:47 ----D---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-05-03 14:47:46 ----D---- C:\ProgramData\YAHOO
2009-05-03 14:47:46 ----D---- C:\ProgramData\WEBREG
2009-05-03 14:47:46 ----D---- C:\ProgramData\Trend Micro
2009-05-03 14:47:45 ----D---- C:\ProgramData\Symantec
2009-05-03 14:47:23 ----SD---- C:\ProgramData\Microsoft
2009-05-03 14:47:23 ----D---- C:\ProgramData\SupportSoft
2009-05-03 14:47:23 ----D---- C:\ProgramData\Sonic
2009-05-03 14:47:23 ----D---- C:\ProgramData\Roxio
2009-05-03 14:47:11 ----D---- C:\ProgramData\Macromedia
2009-05-03 14:47:11 ----D---- C:\ProgramData\InstallShield
2009-05-03 14:47:11 ----D---- C:\ProgramData\HP Product Assistant
2009-05-03 14:47:11 ----D---- C:\ProgramData\HP
2009-05-03 14:47:07 ----D---- C:\ProgramData\Hewlett-Packard
2009-05-03 14:47:07 ----D---- C:\ProgramData\Google
2009-05-03 14:47:00 ----D---- C:\ProgramData\CyberLink
2009-05-03 14:47:00 ----D---- C:\ProgramData\Apple Computer
2009-05-03 14:47:00 ----D---- C:\ProgramData\Apple
2009-05-03 14:46:56 ----D---- C:\ProgramData\AOL OCP
2009-05-03 14:46:56 ----D---- C:\ProgramData\AOL
2009-05-03 14:46:54 ----D---- C:\ProgramData\Adobe
2009-05-03 14:46:50 ----D---- C:\Program Files\Yahoo!
2009-05-03 14:46:49 ----D---- C:\Program Files\Viewpoint
2009-05-03 14:46:48 ----D---- C:\Program Files\Trymedia
2009-05-03 14:46:39 ----D---- C:\Program Files\Safari
2009-05-03 14:46:35 ----D---- C:\Program Files\Roxio
2009-05-03 14:46:25 ----D---- C:\Program Files\ReflexiveArcade
2009-05-03 14:46:24 ----D---- C:\Program Files\QuickTime
2009-05-03 14:46:16 ----D---- C:\Program Files\NVIDIA Corporation
2009-05-03 14:46:16 ----D---- C:\Program Files\Norton PC Checkup
2009-05-03 14:45:58 ----D---- C:\Program Files\Nick Arcade
2009-05-03 14:45:58 ----D---- C:\Program Files\NetWaiting
2009-05-03 14:45:55 ----D---- C:\Program Files\Modem Diagnostic Tool
2009-05-03 14:45:55 ----D---- C:\Program Files\Microsoft.NET
2009-05-03 14:45:55 ----D---- C:\Program Files\Microsoft Works
2009-05-03 14:45:48 ----D---- C:\Program Files\Microsoft Visual Studio
2009-05-03 14:45:48 ----D---- C:\Program Files\Microsoft Office
2009-05-03 14:45:19 ----D---- C:\Program Files\Maxis
2009-05-03 14:44:20 ----D---- C:\Program Files\Kutchka
2009-05-03 14:44:16 ----D---- C:\Program Files\Java
2009-05-03 14:44:16 ----D---- C:\Program Files\iTunes
2009-05-03 14:44:08 ----HD---- C:\Program Files\InstallShield Installation Information
2009-05-03 14:44:08 ----D---- C:\Program Files\iPod
2009-05-03 14:44:07 ----D---- C:\Program Files\HP
2009-05-03 14:43:51 ----D---- C:\Program Files\Google
2009-05-03 14:43:49 ----D---- C:\Program Files\GlobalStar Software
2009-05-03 14:43:49 ----D---- C:\Program Files\FunWebProducts
2009-05-03 14:43:49 ----D---- C:\Program Files\Free Offers from Freeze.com
2009-05-03 14:43:48 ----D---- C:\Program Files\Fish Tycoon
2009-05-03 14:43:48 ----D---- C:\Program Files\Fairy Godmother Tycoon
2009-05-03 14:43:46 ----D---- C:\Program Files\EarthLink Setup
2009-05-03 14:43:46 ----D---- C:\Program Files\Digital Line Detect
2009-05-03 14:43:40 ----D---- C:\Program Files\Dell Support Center
2009-05-03 14:43:18 ----D---- C:\Program Files\Dell DataSafe Online
2009-05-03 14:43:17 ----D---- C:\Program Files\Dell
2009-05-03 14:43:14 ----D---- C:\Program Files\CyberLink
2009-05-03 14:43:02 ----D---- C:\Program Files\Common Files\SureThing Shared
2009-05-03 14:43:02 ----D---- C:\Program Files\Common Files\supportsoft
2009-05-03 14:43:02 ----D---- C:\Program Files\Common Files\Sonic Shared
2009-05-03 14:43:02 ----D---- C:\Program Files\Common Files
2009-05-03 14:43:01 ----D---- C:\Program Files\Common Files\Roxio Shared
2009-05-03 14:42:45 ----D---- C:\Program Files\Common Files\Nullsoft
2009-05-03 14:42:44 ----D---- C:\Program Files\Common Files\microsoft shared
2009-05-03 14:42:38 ----D---- C:\Program Files\Common Files\Java
2009-05-03 14:42:38 ----D---- C:\Program Files\Common Files\InstallShield
2009-05-03 14:42:37 ----D---- C:\Program Files\Common Files\HP
2009-05-03 14:42:36 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2009-05-03 14:42:36 ----D---- C:\Program Files\Common Files\DESIGNER
2009-05-03 14:42:20 ----D---- C:\Program Files\Common Files\Apple
2009-05-03 14:42:20 ----D---- C:\Program Files\Common Files\aolshare
2009-05-03 14:42:19 ----D---- C:\Program Files\Common Files\AOL
2009-05-03 14:42:10 ----D---- C:\Program Files\Common Files\Adobe
2009-05-03 14:42:07 ----D---- C:\Program Files\Bonjour
2009-05-03 14:42:06 ----D---- C:\Program Files\Apple Software Update
2009-05-03 14:42:05 ----D---- C:\Program Files\AOL Install
2009-05-03 14:42:04 ----D---- C:\Program Files\AOL 9.0
2009-05-03 14:42:03 ----D---- C:\Program Files\AOL
2009-05-03 14:41:48 ----D---- C:\Program Files\AIM6
2009-05-03 14:41:44 ----D---- C:\Program Files\Adobe
2009-05-03 14:40:20 ----D---- C:\Windows\system32\CodeIntegrity
2009-05-03 14:34:58 ----D---- C:\Windows\tracing
2009-04-15 21:14:22 ----AD---- C:\ProgramData\TEMP
2009-04-06 07:57:26 ----A---- C:\Windows\system32\mrt.exe
2009-03-21 10:23:02 ----A---- C:\Windows\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 DLACDBHM;DLACDBHM; C:\Windows\System32\Drivers\DLACDBHM.SYS [2007-02-08 12856]
R1 DLARTL_M;DLARTL_M; C:\Windows\System32\Drivers\DLARTL_M.SYS [2007-02-08 28120]
R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys [2007-08-27 73288]
R2 DLABMFSM;DLABMFSM; C:\Windows\System32\DLA\DLABMFSM.SYS [2006-10-26 35096]
R2 DLABOIOM;DLABOIOM; C:\Windows\System32\DLA\DLABOIOM.SYS [2006-10-26 32472]
R2 DLADResM;DLADResM; C:\Windows\System32\DLA\DLADResM.SYS [2006-10-26 9400]
R2 DLAIFS_M;DLAIFS_M; C:\Windows\System32\DLA\DLAIFS_M.SYS [2006-10-26 104536]
R2 DLAOPIOM;DLAOPIOM; C:\Windows\System32\DLA\DLAOPIOM.SYS [2006-10-26 26296]
R2 DLAPoolM;DLAPoolM; C:\Windows\System32\DLA\DLAPoolM.SYS [2006-10-26 14520]
R2 DLAUDF_M;DLAUDF_M; C:\Windows\System32\DLA\DLAUDF_M.SYS [2006-10-26 97848]
R2 DLAUDFAM;DLAUDFAM; C:\Windows\System32\DLA\DLAUDFAM.SYS [2006-10-26 94648]
R2 DRVNDDM;DRVNDDM; C:\Windows\System32\Drivers\DRVNDDM.SYS [2007-02-09 51768]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 tmpreflt;tmpreflt; C:\Windows\system32\DRIVERS\tmpreflt.sys [2008-08-16 36368]
R2 tmxpflt;tmxpflt; C:\Windows\system32\drivers\TmXPFlt.sys [2008-08-16 205328]
R2 vsapint;vsapint; C:\Windows\system32\DRIVERS\vsapint.sys [2008-05-02 1169240]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 8192]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-10-18 986624]
R3 HSXHWBS2;HSXHWBS2; C:\Windows\system32\DRIVERS\HSXHWBS2.sys [2006-10-18 258048]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-24 2054872]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-10-29 1062048]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-05-03 7460320]
R3 rt61x86;Ralink RT61 Wireless Driver for Windows Vista; C:\Windows\system32\DRIVERS\netr61.sys [2008-11-26 333824]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-10-18 659968]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Windows\system32\AERTSrv.exe [2007-12-05 77824]
R2 AOL ACS;AOL Connectivity Service; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [2006-10-23 46640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 MrHealthyService;MrHealthy; C:\Program Files\Norton PC Checkup\executables\mrHealthy\MrHealthy.exe [2009-01-29 578920]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-05-03 118784]
R2 PcCtlCom;Trend Micro Central Control Component; C:\Program Files\Trend Micro\Internet Security 14\PcCtlCom.exe [2007-08-27 1471840]
R2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-11-05 159744]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 202544]
R2 Tmntsrv;Trend Micro Real-time Service; C:\Program Files\Trend Micro\Internet Security 14\Tmntsrv.exe [2007-08-27 345432]
R2 tmproxy;Trend Micro Proxy Service; C:\Program Files\Trend Micro\Internet Security 14\tmproxy.exe [2007-08-27 566872]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-04 386560]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
R3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-05 880640]
S2 TmPfw;Trend Micro Personal Firewall; C:\Program Files\Trend Micro\Internet Security 14\TmPfw.exe [2007-08-27 923216]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-09 29744]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-05 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]

-----------------EOF-----------------



info.txt:
info.txt logfile of random's system information tool 1.06 2009-05-10 18:46:46

======Uninstall list======

-->C:\Program Files\Yahoo!\Yahoo! Music Jukebox\oggcodecs\uninst.exe
-->MsiExec.exe /I{95D9B4D8-B091-4fab-80EA-313EB4B82FD6}
-->MsiExec.exe /I{EB997E90-5EB0-4eb5-90D0-90B1D2F0CA03}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}
Adobe Shockwave Player-->C:\Windows\System32\Adobe\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Adobe\SHOCKW~1\Install.log
AIM 6-->C:\Program Files\AIM6\uninst.exe
AIM Toolbar 5.0-->"C:\Program Files\AOL\AIM Toolbar 5.0\uninstall.exe"
AOL Install-->MsiExec.exe /I{2357B8BC-88C9-4A72-818C-050CC4EB0778}
AOL Uninstaller (Choose which Products to Remove)-->C:\Program Files\Common Files\AOL\uninstaller.exe
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Browser Address Error Redirector-->MsiExec.exe /I{62230596-37E5-4618-A329-0D21F529A86F}
Conexant D850 PCI V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSETUP.EXE -U -IDel200fz.inf
Dell DataSafe Online-->MsiExec.exe /I{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}
Dell Getting Started Guide-->MsiExec.exe /I{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}
Dell Support Center-->MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}
Digital Line Detect-->C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
EarthLink Setup Files-->MsiExec.exe /X{5E68BB65-4059-4FE5-AAC4-0CD1D79BBDE2}
Fairy Godmother Tycoon-->"C:\Program Files\Fairy Godmother Tycoon\ReflexiveArcade\unins000.exe"
Fish Tycoon-->"C:\Program Files\Fish Tycoon\Uninstall.exe"
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_BDA1448D3D255554.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Customer Participation Program 9.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 9.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 9.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Photosmart All-In-One Software 9.0-->C:\Program Files\HP\Digital Imaging\{B09BCBF6-87EE-4403-A336-3A9510856535}\setup\hpzscr01.exe -datfile hposcr15.dat
HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing-->MsiExec.exe /X{415CDA53-9100-476F-A7B2-476691E117C7}
HP Solution Center 9.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}
HPSSupply-->MsiExec.exe /X{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}
Internet Service Offers Launcher-->MsiExec.exe /I{CCFF1E13-77A2-4032-8B12-7566982A27DF}
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
KKopy-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{E2F43AFC-95FF-43A3-95C2-8F55D41CDEC0}
Mall Tycoon-->C:\PROGRA~1\GLOBAL~1\MALLTY~1\UNWISE.EXE C:\PROGRA~1\GLOBAL~1\MALLTY~1\INSTALL.LOG
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Professional 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROR /dll OSETUP.DLL
Microsoft Office Professional 2007-->MsiExec.exe /X{91120000-0014-0000-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Works-->MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
MobileMe Control Panel-->MsiExec.exe /I{924EB80F-C2BB-4B9F-8412-88BBA937393F}
Modem Diagnostic Tool-->MsiExec.exe /I{F63A3748-B93D-4360-9AD4-B064481A5C7B}
Monopoly - SpongeBob SquarePants Edition-->C:\PROGRA~1\NICKAR~1\MONOPO~1\UNWISE.EXE C:\PROGRA~1\NICKAR~1\MONOPO~1\INSTALL.LOG
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Music, Photos & Videos Launcher-->MsiExec.exe /I{D7769185-9A7C-48D4-8874-5388743A1DE2}
NetWaiting-->C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
Norton PC Checkup-->C:\Program Files\Norton PC Checkup\uninstall.exe
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
NVIDIANetworkDiagnostic-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{EFAD4066-CAF3-4B27-9669-12EED352C376}
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{281ECE39-F043-492B-8337-F2E546B5604A}\Setup.exe" -l0x9 -cluninstall
Product Documentation Launcher-->MsiExec.exe /I{89CEAE14-DD0F-448E-9554-15781EC9DB24}
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Roxio Creator Audio-->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator BDAV Plugin-->MsiExec.exe /I{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}
Roxio Creator Copy-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator DE-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Tools-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Drag-to-Disc-->MsiExec.exe /I{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}
Roxio Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD DE-->MsiExec.exe /I{D639085F-4B6E-4105-9F37-A0DBB023E2FB}
Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
RTC Client API v1.2-->MsiExec.exe /X{44CDBD1B-89FB-4E02-8319-2A4C550F664A}
Safari-->MsiExec.exe /I{582D2A53-F426-4C5E-A2E6-43C1AB36B907}
Sonic Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
TestDrive Client-->MsiExec.exe /X{36C9E08A-BE2B-40A0-83C5-576748F7B777}
The Sims Complete Collection-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F2527115-B8BF-4FDB-B5DA-5AADFB7C13E1}\Setup.exe" -l0x9 -l0009
Trend Micro PC-cillin Internet Security-->C:\PROGRA~1\TRENDM~1\INTERN~1\remove.exe
Trend Micro PC-cillin Internet Security-->MsiExec.exe /X{EA8C73AA-3D75-44C9-87A2-8E945FC5FEE6}
User's Guides-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe"
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u
Windows Mobile Device Center Driver Update-->MsiExec.exe /X{E7044E25-3038-4A76-9064-344AC038043E}
Windows Mobile Device Center-->MsiExec.exe /X{904CCF62-818D-4675-BC76-D37EB399F917}
Yahoo! Music Jukebox-->MsiExec.exe /X{EC3B8CA2-49B8-4D38-BE9C-ABD0F6029168}

======Security center information======

AV: PC-cillin Internet Security - Virus Protection (outdated)
FW: PC-cillin Internet Security - Firewall
AS: PC-cillin Internet Security - Spyware Protection (outdated)
AS: Windows Defender

======System event log======

Computer Name: PPNesdore-PC
Event Code: 4
Message: The print spooler failed to reopen an existing printer connection because it could not read the configuration information from the registry key S-1-5-18\Printers\Connections. The print spooler could not open the registry key. This can occur if the registry key is corrupt or missing, or if the registry recently became unavailable.
Record Number: 587313
Source Name: Microsoft-Windows-SpoolerWin32SPL
Time Written: 20090510234517.000000-000
Event Type: Warning
User:

Computer Name: PPNesdore-PC
Event Code: 4
Message: The print spooler failed to reopen an existing printer connection because it could not read the configuration information from the registry key S-1-5-18\Printers\Connections. The print spooler could not open the registry key. This can occur if the registry key is corrupt or missing, or if the registry recently became unavailable.
Record Number: 587314
Source Name: Microsoft-Windows-SpoolerWin32SPL
Time Written: 20090510234517.000000-000
Event Type: Warning
User:

Computer Name: PPNesdore-PC
Event Code: 3004
Message: Windows Defender Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. Windows Defender can't undo changes that you allow.
For more information please see the following:
Not Applicable
Scan ID: {31A775D3-91DC-42F4-8633-029F437A5D08}
User: PPNesdore-PC\PPNesdore
Name: Unknown
ID:
Severity ID:
Category ID:
Path Found: driver:PCD5SRVC{3F6A8B78-EC003E00-05040000}
Alert Type: Unclassified software
Detection Type:
Record Number: 587315
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20090510234539.000000-000
Event Type: Warning
User:

Computer Name: PPNesdore-PC
Event Code: 4
Message: The print spooler failed to reopen an existing printer connection because it could not read the configuration information from the registry key S-1-5-18\Printers\Connections. The print spooler could not open the registry key. This can occur if the registry key is corrupt or missing, or if the registry recently became unavailable.
Record Number: 587316
Source Name: Microsoft-Windows-SpoolerWin32SPL
Time Written: 20090510234602.000000-000
Event Type: Warning
User:

Computer Name: PPNesdore-PC
Event Code: 4
Message: The print spooler failed to reopen an existing printer connection because it could not read the configuration information from the registry key S-1-5-18\Printers\Connections. The print spooler could not open the registry key. This can occur if the registry key is corrupt or missing, or if the registry recently became unavailable.
Record Number: 587317
Source Name: Microsoft-Windows-SpoolerWin32SPL
Time Written: 20090510234602.000000-000
Event Type: Warning
User:

=====Application event log=====

Computer Name: PPNesdore-PC
Event Code: 20227
Message: CoID={81E0DF42-3DA4-4D51-A3CD-4BA292952507}: The user PPNesdore-PC\PPNesdore dialed a connection named Broadband Connection which has failed. The error code returned on failure is 815.
Record Number: 10409
Source Name: RasClient
Time Written: 20090504224216.000000-000
Event Type: Error
User:

Computer Name: PPNesdore-PC
Event Code: 1000
Message: Faulting application iexplore.exe, version 7.0.6000.16830, time stamp 0x49ac913e, faulting module tbhelper.dll, version 4.0.5.0, time stamp 0x482ca840, exception code 0xc0000005, fault offset 0x00032846, process id 0x12d8, application start time 0x01c9cd099d88cdb0.
Record Number: 10410
Source Name: Application Error
Time Written: 20090504224250.000000-000
Event Type: Error
User:

Computer Name: PPNesdore-PC
Event Code: 8194
Message: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005. This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {5be30052-1bd5-43ad-b465-afa31d212ec0}
Record Number: 10424
Source Name: VSS
Time Written: 20090505181210.000000-000
Event Type: Error
User:

Computer Name: PPNesdore-PC
Event Code: 1004
Message: Detection of product '{91120000-0014-0000-0000-0000000FF1CE}', feature 'ProductNonBootFiles', component '{82ECD641-A343-4D45-B2DD-34E0961B7622}' failed. The resource 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{62CEC9E0-3811-4C36-A94E-4F7565DCD23F}\Compatibility Flags' does not exist.
Record Number: 10653
Source Name: MsiInstaller
Time Written: 20090506210117.000000-000
Event Type: Warning
User: PPNesdore-PC\PPNesdore

Computer Name: PPNesdore-PC
Event Code: 1001
Message: Detection of product '{91120000-0014-0000-0000-0000000FF1CE}', feature 'ProductNonBootFiles' failed during request for component '{DD68FEE8-C369-11D1-A173-00A0C90AB50F}'
Record Number: 10654
Source Name: MsiInstaller
Time Written: 20090506210117.000000-000
Event Type: Warning
User: PPNesdore-PC\PPNesdore

=====Security event log=====

Computer Name: PPNesdore-PC
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: PPNESDORE-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x224
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 25143
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090510234050.041930-000
Event Type: Audit Success
User:

Computer Name: PPNesdore-PC
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 25144
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090510234050.041930-000
Event Type: Audit Success
User:

Computer Name: PPNesdore-PC
Event Code: 4648
Message: A logon was attempted using explicit credentials.

Subject:
Security ID: S-1-5-18
Account Name: PPNESDORE-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Account Whose Credentials Were Used:
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon GUID: {00000000-0000-0000-0000-000000000000}

Target Server:
Target Server Name: localhost
Additional Information: localhost

Process Information:
Process ID: 0x224
Process Name: C:\Windows\System32\services.exe

Network Information:
Network Address: -
Port: -

This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
Record Number: 25145
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090510234317.320530-000
Event Type: Audit Success
User:

Computer Name: PPNesdore-PC
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: PPNESDORE-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x224
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 25146
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090510234317.320530-000
Event Type: Audit Success
User:

Computer Name: PPNesdore-PC
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 25147
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090510234317.320530-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=6b01
"NUMBER_OF_PROCESSORS"=2
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\
"QTJAVA"=C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\

-----------------EOF-----------------
mattrowe
Active Member
 
Posts: 6
Joined: May 6th, 2009, 6:26 pm

Re: unofficial family "computer guy"

Unread postby Katana » May 11th, 2009, 6:00 am

Information

There is no obvious sign of infection, but there are a couple of curious items that I would like to investigate further

Was this machine upgraded to Vista recently ?
----------------------------------------------------------- -----------------------------------------------------------

Step 1

Fix With HJT

Please note:- Due to the restrictions on Vista, all tools should be started by Right-Click >>> Run As Administrator
Close all other windows and then start HiJack This
Click Do A System Scan Only
When it has finished scanning put a check next to the following lines IF still present
O2 - BHO: (Gaming)2 - {971F630E-AD68-4d6e-B0C3-1C627AAC80F1} - C:\Program Files\GamingSquared\Gaming2\G2IE_v1042.dll (file missing)
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

- Close ALL open windows (especially Internet Explorer!)-
Now click Fix checked
Click yes to any prompts
Close HijackThis


----------------------------------------------------------- -----------------------------------------------------------
Step 2


Download and Run ComboFix (by sUBs)
Please visit this webpage for instructions for downloading and running ComboFix:

Bleeping Computer ComboFix Tutorial

  • You must download it to and run it from your Desktop
  • Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
  • Double click combofix.exe & follow the prompts.
  • When finished, it will produce a log. Please save that log to post in your next reply
  • Re-enable all the programs that were disabled during the running of ComboFix..


A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.
This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper


----------------------------------------------------------- -----------------------------------------------------------
Step 3

Kaspersky Online Scanner .
Your Antivirus and/or Antispyware may give a warning during the scan. This is perfectly normal
NOTE:- This scan is best done from IE (Internet Explorer)

NOTE:- Vista users should start IE by Start(Vista Orb) >> Internet Explorer >> Right-Click Run As Admin
Go Here http://www.kaspersky.com/kos/eng/partne ... bscan.html

Read the Requirements and limitations before you click Accept.
Once the database has downloaded, click My Computer in the left pane
Now go and put the kettle on !
When the scan has completed, click Save Report As...
Enter a name for the file in the Filename: text box and then click the down arrow to the right of Save as type: and select text file (*.txt)
Click Save - by default the file will be saved to your Desktop, but you can change this if you wish.


**Note**

To optimize scanning time and produce a more sensible report for review:
  • Close any open programs.
  • Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.
Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.

----------------------------------------------------------- -----------------------------------------------------------
Step 4

Logs/Information to Post in Reply
Please post the following logs/Information in your reply
  • Combofix Log
  • Kaspersky Log
  • How are things running now, what are the current problems ?

----------------------------------------------------------- -----------------------------------------------------------

Additional Notes


Your Java and Adobe is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Please follow these steps to remove older version Java and Adobe components and update.

Updating Java:
  • Download the latest version of Java Runtime Environment (JRE) from HERE
  • Scroll down to where it says "Java SE Runtime Environment (JRE)".
  • Click the "Download" button to the right.
    • Platform = Windows
    • Language = Multi Language
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.

Update Adobe Acrobat Reader
Adobe Reader is a large program and uses unnecessary space.
If you prefer a smaller program you can get Foxit 3.0 from http://www.foxitsoftware.com/pdf/rd_intro.php << Recommended

  • Please go to this link Adobe Acrobat Reader Download Link
  • Cllick Download
  • On the right Untick Adobe Phototshop Album Starter Edition if you do not wish to include this in the installation.
  • Click the Continue button
  • Click Run, and click Run again
  • Next click the Install Now button and follow the on screen prompts

Now close all windows, including your browser.
Double click on the Java installation that you downloaded and follow the prompts.

Remove Programs
Now click Start---Control Panel. Double click Add or Remove Programs. If any of the following programs are listed there,
click on the program to highlight it, and click on remove.
  • Adobe Reader 8.1.0

    Java(TM) SE Runtime Environment 6

Now close the Control Panel.

Reboot your machine.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: unofficial family "computer guy"

Unread postby mattrowe » May 11th, 2009, 11:48 am

Vista was the original os when it was purchased as an xmas gift 1.5 yrs ago... and it looks like the anti-virus was just a 30-day trial which was never updated. It also looks like there were many mp3's from LimeWire that were the cause of some issues. Anything quarantined was from me a couple days before I originally posted on this forum. I am planning on installing AVG's free virus protection (unless you recommend anything else) as well as updating the Java/Adobe. I will mess around with the computer for a while and will post back if there are any issues/symptoms.

Once again, thank you so much for your help.

Here are the log files...

ComboFix:
ComboFix 09-05-10.06 - PPNesdore 05/11/2009 6:33.1 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1252.1.1033.18.958.322 [GMT -5:00]
Running from: c:\users\PPNesdore\Desktop\ComboFix.exe
AV: PC-cillin Internet Security - Virus Protection *On-access scanning disabled* (Outdated)
FW: PC-cillin Internet Security - Firewall *enabled*
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\FunWebProducts
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\program files\ShoppingReport
c:\windows\system32\AutoRun.inf

.
((((((((((((((((((((((((( Files Created from 2009-04-11 to 2009-05-11 )))))))))))))))))))))))))))))))
.

2009-05-10 23:46 . 2009-05-10 23:46 -------- d-----w C:\rsit
2009-05-06 22:03 . 2009-05-06 22:02 102664 ----a-w c:\windows\system32\drivers\tmcomm.sys
2009-05-06 22:02 . 2009-05-06 22:03 -------- d-----w c:\users\PPNesdore\.housecall6.6
2009-05-06 22:02 . 2009-05-06 22:02 -------- d-----w c:\windows\Sun
2009-05-06 21:01 . 2009-05-06 21:01 -------- d-----w c:\windows\PCHEALTH
2009-05-06 20:58 . 2009-05-06 20:58 -------- d-----r c:\windows\system32\config\systemprofile\Music
2009-05-06 15:03 . 2009-05-06 18:10 -------- d--h--w C:\$AVG8.VAULT$
2009-05-06 13:14 . 2009-05-06 13:14 229888 ----a-w c:\windows\system32\msshsq.dll
2009-05-06 11:24 . 2009-05-06 11:24 268800 ----a-w c:\windows\system32\es.dll
2009-05-04 22:40 . 2009-05-04 22:41 -------- d-----w c:\programdata\NVIDIA
2009-05-04 22:40 . 2009-05-04 22:41 -------- d-----w c:\users\All Users\NVIDIA
2009-05-04 04:58 . 2009-05-04 04:58 28672 ----a-w c:\windows\system32\FwRemoteSvr.dll
2009-05-04 04:58 . 2009-05-04 04:58 61440 ----a-w c:\windows\system32\winipsec.dll
2009-05-04 04:58 . 2009-05-04 04:58 361984 ----a-w c:\windows\system32\IPSECSVC.DLL
2009-05-04 04:58 . 2009-05-04 04:58 272896 ----a-w c:\windows\system32\polstore.dll
2009-05-04 04:47 . 2009-05-04 04:47 8192 ----a-w c:\windows\system32\riched32.dll
2009-05-04 04:30 . 2009-05-04 04:30 241152 ----a-w c:\windows\system32\PortableDeviceApi.dll
2009-05-04 04:30 . 2009-05-04 04:30 95232 ----a-w c:\windows\system32\PortableDeviceClassExtension.dll
2009-05-04 04:30 . 2009-05-04 04:30 160768 ----a-w c:\windows\system32\PortableDeviceTypes.dll
2009-05-04 04:19 . 2009-05-04 04:19 39424 ----a-w c:\windows\system32\ACCTRES.dll
2009-05-04 04:19 . 2009-05-04 04:19 205824 ----a-w c:\windows\system32\msoeacct.dll
2009-05-04 04:19 . 2009-05-04 04:19 87040 ----a-w c:\windows\system32\msoert2.dll
2009-05-04 04:08 . 2009-05-04 04:08 704000 ----a-w c:\windows\system32\PhotoScreensaver.scr
2009-05-04 04:08 . 2009-05-04 04:08 24064 ----a-w c:\windows\system32\wtsapi32.dll
2009-05-04 04:08 . 2009-05-04 04:08 258232 ----a-w c:\windows\system32\drivers\acpi.sys
2009-05-04 04:08 . 2009-05-04 04:08 542720 ----a-w c:\windows\system32\sysmain.dll
2009-05-04 04:08 . 2009-05-04 04:08 47104 ----a-w c:\windows\system32\wlanapi.dll
2009-05-04 04:08 . 2009-05-04 04:08 67584 ----a-w c:\windows\system32\wlanhlp.dll
2009-05-04 04:08 . 2009-05-04 04:08 290816 ----a-w c:\windows\system32\wlanmsm.dll
2009-05-04 04:08 . 2009-05-04 04:08 502784 ----a-w c:\windows\system32\wlansvc.dll
2009-05-04 04:08 . 2009-05-04 04:08 297984 ----a-w c:\windows\system32\wlansec.dll
2009-05-04 03:57 . 2009-05-04 03:57 110080 ----a-w c:\windows\system32\drivers\mrxdav.sys
2009-05-04 03:57 . 2009-05-04 03:57 194560 ----a-w c:\windows\system32\WebClnt.dll
2009-05-04 03:47 . 2009-05-04 03:47 49664 ----a-w c:\windows\system32\csrsrv.dll
2009-05-04 03:47 . 2009-05-04 03:47 376320 ----a-w c:\windows\system32\winsrv.dll
2009-05-04 03:13 . 2009-05-04 03:13 376832 ----a-w c:\windows\system32\winhttp.dll
2009-05-04 03:02 . 2009-05-04 03:02 297472 ----a-w c:\windows\system32\gdi32.dll
2009-05-04 02:56 . 2009-05-04 02:56 1060920 ----a-w c:\windows\system32\drivers\ntfs.sys
2009-05-04 02:56 . 2009-05-04 02:56 41984 ----a-w c:\windows\system32\drivers\monitor.sys
2009-05-04 02:53 . 2009-05-04 02:53 211456 ----a-w c:\windows\system32\drivers\mrxsmb10.sys
2009-05-04 02:49 . 2009-05-04 02:49 500736 ----a-w c:\windows\system32\msdtcprx.dll
2009-05-04 02:49 . 2009-05-04 02:49 30208 ----a-w c:\windows\system32\xolehlp.dll
2009-05-04 02:38 . 2009-05-04 02:38 28672 ----a-w c:\windows\system32\Apphlpdm.dll
2009-05-04 02:38 . 2009-05-04 02:38 4247552 ----a-w c:\windows\system32\GameUXLegacyGDFs.dll
2009-05-04 02:38 . 2009-05-04 02:38 1687040 ----a-w c:\windows\system32\gameux.dll
2009-05-04 02:33 . 2009-05-04 02:33 303616 ----a-w c:\windows\system32\wmpeffects.dll
2009-05-04 02:29 . 2009-05-04 02:29 1194496 ----a-w c:\windows\system32\msxml3.dll
2009-05-04 02:29 . 2009-05-04 02:29 2048 ----a-w c:\windows\system32\msxml3r.dll
2009-05-04 02:26 . 2009-05-04 02:26 414208 ----a-w c:\windows\system32\msscp.dll
2009-05-04 02:22 . 2009-05-04 02:22 356864 ----a-w c:\windows\system32\MediaMetadataHandler.dll
2009-05-04 02:18 . 2009-05-04 02:18 392192 ----a-w c:\windows\system32\FirewallAPI.dll
2009-05-04 02:18 . 2009-05-04 02:18 63488 ----a-w c:\windows\system32\drivers\mpsdrv.sys
2009-05-04 02:18 . 2009-05-04 02:18 396800 ----a-w c:\windows\system32\MPSSVC.dll
2009-05-04 02:18 . 2009-05-04 02:18 86016 ----a-w c:\windows\system32\icfupgd.dll
2009-05-04 02:18 . 2009-05-04 02:18 16896 ----a-w c:\windows\system32\wfapigp.dll
2009-05-04 02:18 . 2009-05-04 02:18 61952 ----a-w c:\windows\system32\cmifw.dll
2009-05-04 02:18 . 2009-05-04 02:18 23040 ----a-w c:\windows\system32\drivers\tunnel.sys
2009-05-04 02:18 . 2009-05-04 02:18 178688 ----a-w c:\windows\system32\iphlpsvc.dll
2009-05-04 02:18 . 2009-05-04 02:18 15360 ----a-w c:\windows\system32\drivers\TUNMP.SYS
2009-05-04 02:11 . 2009-05-04 02:11 2048 ----a-w c:\windows\system32\tzres.dll
2009-05-04 02:06 . 2009-05-04 02:06 8147968 ----a-w c:\windows\system32\wmploc.DLL
2009-05-04 02:06 . 2009-05-04 02:06 7680 ----a-w c:\windows\system32\spwmp.dll
2009-05-04 02:06 . 2009-05-04 02:06 4096 ----a-w c:\windows\system32\dxmasf.dll
2009-05-04 01:54 . 2009-05-04 01:54 21560 ----a-w c:\windows\system32\drivers\atapi.sys
2009-05-04 01:54 . 2009-05-04 01:54 45112 ----a-w c:\windows\system32\drivers\pciidex.sys
2009-05-04 01:54 . 2009-05-04 01:54 15928 ----a-w c:\windows\system32\drivers\pciide.sys
2009-05-04 01:54 . 2009-05-04 01:54 109624 ----a-w c:\windows\system32\drivers\ataport.sys
2009-05-04 01:54 . 2009-05-04 01:54 211000 ----a-w c:\windows\system32\drivers\volsnap.sys
2009-05-04 01:54 . 2009-05-04 01:54 154624 ----a-w c:\windows\system32\drivers\nwifi.sys
2009-05-04 01:51 . 2009-05-04 01:51 104448 ----a-w c:\windows\system32\DWWIN.EXE
2009-05-04 01:48 . 2009-05-04 01:48 2923520 ----a-w c:\windows\explorer.exe
2009-05-04 01:38 . 2009-05-04 01:38 24064 ----a-w c:\windows\system32\netcfg.exe
2009-05-04 01:38 . 2009-05-04 01:38 216632 ----a-w c:\windows\system32\drivers\netio.sys
2009-05-04 01:38 . 2009-05-04 01:38 167424 ----a-w c:\windows\system32\tcpipcfg.dll
2009-05-04 01:38 . 2009-05-04 01:38 22016 ----a-w c:\windows\system32\netiougc.exe
2009-05-04 01:38 . 2009-05-04 01:38 803328 ----a-w c:\windows\system32\drivers\tcpip.sys
2009-05-04 01:33 . 2009-05-04 01:33 2340864 ----a-w c:\windows\system32\NlsData000d.dll
2009-05-04 01:33 . 2009-05-04 01:33 1963520 ----a-w c:\windows\system32\NlsData000f.dll
2009-05-04 01:33 . 2009-05-04 01:33 4493312 ----a-w c:\windows\system32\NlsData0414.dll
2009-05-04 01:33 . 2009-05-04 01:33 4493312 ----a-w c:\windows\system32\NlsData0416.dll
2009-05-04 01:33 . 2009-05-04 01:33 797696 ----a-w c:\windows\system32\NaturalLanguage6.dll
2009-05-04 01:33 . 2009-05-04 01:33 4493312 ----a-w c:\windows\system32\NlsData0816.dll
2009-05-04 01:33 . 2009-05-04 01:33 1963520 ----a-w c:\windows\system32\NlsData081a.dll
2009-05-04 01:33 . 2009-05-04 01:33 6917120 ----a-w c:\windows\system32\NlsLexicons0c1a.dll
2009-05-04 01:33 . 2009-05-04 01:33 1963520 ----a-w c:\windows\system32\NlsData0c1a.dll
2009-05-04 01:24 . 2009-05-04 01:24 1585664 ----a-w c:\windows\system32\setupapi.dll
2009-05-04 01:16 . 2009-05-04 01:16 549888 ----a-w c:\windows\system32\rpcss.dll
2009-05-04 01:16 . 2009-05-04 01:16 3503584 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-05-04 01:16 . 2009-05-04 01:16 3469280 ----a-w c:\windows\system32\ntoskrnl.exe
2009-05-04 01:16 . 2009-05-04 01:16 24576 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-05-04 01:16 . 2009-05-04 01:16 654336 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-05-04 01:16 . 2009-05-04 01:16 53248 ----a-w c:\windows\system32\iasads.dll
2009-05-04 01:16 . 2009-05-04 01:16 37888 ----a-w c:\windows\system32\iasdatastore.dll
2009-05-04 01:16 . 2009-05-04 01:16 158720 ----a-w c:\windows\system32\sdohlp.dll
2009-05-04 01:16 . 2009-05-04 01:16 97280 ----a-w c:\windows\system32\iasrecst.dll
2009-05-04 01:08 . 2009-05-04 01:08 9728 ----a-w c:\windows\system32\LAPRXY.DLL
2009-05-04 01:08 . 2009-05-04 01:08 2048 ----a-w c:\windows\system32\asferror.dll
2009-05-04 01:08 . 2009-05-04 01:08 223232 ----a-w c:\windows\system32\WMASF.DLL
2009-05-04 01:05 . 2009-05-04 01:05 72704 ----a-w c:\windows\system32\secur32.dll
2009-05-04 01:05 . 2009-05-04 01:05 7680 ----a-w c:\windows\system32\lsass.exe
2009-05-04 01:05 . 2009-05-04 01:05 1233408 ----a-w c:\windows\system32\lsasrv.dll
2009-05-04 01:05 . 2009-05-04 01:05 25600 ----a-w c:\windows\system32\amxread.dll
2009-05-04 01:05 . 2009-05-04 01:05 14848 ----a-w c:\windows\system32\apilogen.dll
2009-05-04 01:03 . 2009-05-04 01:03 223232 ----a-w c:\windows\system32\SLC.dll
2009-05-04 01:03 . 2009-05-04 01:03 268288 ----a-w c:\windows\system32\mcbuilder.exe
2009-05-04 01:03 . 2009-05-04 01:03 33280 ----a-w c:\windows\system32\slwmi.dll
2009-05-04 01:03 . 2009-05-04 01:03 566784 ----a-w c:\windows\system32\SLCommDlg.dll
2009-05-04 01:03 . 2009-05-04 01:03 351232 ----a-w c:\windows\system32\SLUI.exe
2009-05-04 01:03 . 2009-05-04 01:03 186368 ----a-w c:\windows\system32\SLLUA.exe
2009-05-04 01:03 . 2009-05-04 01:03 57856 ----a-w c:\windows\system32\SLUINotify.dll
2009-05-04 01:03 . 2009-05-04 01:03 2605568 ----a-w c:\windows\system32\SLsvc.exe
2009-05-04 01:03 . 2009-05-04 01:03 39936 ----a-w c:\windows\system32\slcinst.dll
2009-05-04 01:00 . 2009-05-04 01:00 425472 ----a-w c:\windows\system32\PhotoMetadataHandler.dll
2009-05-04 01:00 . 2009-05-04 01:00 712192 ----a-w c:\windows\system32\WindowsCodecs.dll
2009-05-04 01:00 . 2009-05-04 01:00 347136 ----a-w c:\windows\system32\WindowsCodecsExt.dll
2009-05-04 00:50 . 2009-05-04 00:50 37376 ----a-w c:\windows\system32\printcom.dll
2009-05-04 00:50 . 2009-05-04 00:50 441856 ----a-w c:\windows\system32\win32spl.dll
2009-05-04 00:45 . 2009-05-04 00:45 113664 ----a-w c:\windows\system32\drivers\rmcast.sys
2009-05-04 00:45 . 2009-05-04 00:45 14848 ----a-w c:\windows\system32\wshrm.dll
2009-05-04 00:40 . 2009-05-04 00:40 11776 ----a-w c:\windows\system32\sbunattend.exe
2009-05-04 00:34 . 2009-05-04 00:34 290304 ----a-w c:\windows\system32\drivers\srv.sys
2009-05-04 00:29 . 2009-05-04 00:29 83968 ----a-w c:\windows\system32\dnsrslvr.dll
2009-05-04 00:29 . 2009-05-04 00:29 24576 ----a-w c:\windows\system32\dnscacheugc.exe
2009-05-04 00:26 . 2009-05-04 00:26 53760 ----a-w c:\windows\system32\drivers\hdaudbus.sys
2009-05-04 00:20 . 2009-05-04 00:20 269824 ----a-w c:\windows\system32\schannel.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-11 11:18 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infstrng.dat
2009-05-11 11:18 . 2006-11-02 10:25 51200 ----a-w c:\windows\inf\infpub.dat
2009-05-06 21:44 . 2007-12-18 12:30 -------- d-----w c:\program files\Trend Micro
2009-05-06 13:17 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infstor.dat
2009-05-04 08:30 . 2006-11-02 12:48 174 --sha-w c:\program files\desktop.ini
2009-05-04 08:21 . 2006-11-02 12:35 -------- d-----w c:\program files\Windows Calendar
2009-05-04 08:21 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-05-04 08:21 . 2006-11-02 12:35 -------- d-----w c:\program files\Windows Defender
2009-05-04 08:21 . 2006-11-02 12:35 -------- d-----w c:\program files\Windows Sidebar
2009-05-04 08:21 . 2006-11-02 10:25 665600 ----a-w c:\windows\inf\drvindex.dat
2009-05-04 01:34 . 2009-05-04 01:34 1793536 ----a-w c:\windows\system32\NlsLexicons0045.dll
2009-05-04 01:22 . 2009-05-04 01:22 40960 ----a-w c:\windows\system32\srclient.dll
2009-05-04 00:56 . 2009-05-04 00:56 61440 ----a-w c:\windows\system32\ntprint.exe
2009-05-04 00:56 . 2009-05-04 00:56 220160 ----a-w c:\windows\system32\ntprint.dll
2009-05-04 00:56 . 2009-05-04 00:56 10240 ----a-w c:\windows\system32\dhcpcmonitor.dll
2009-05-04 00:56 . 2009-05-04 00:56 1984512 ----a-w c:\windows\system32\authui.dll
2009-05-04 00:56 . 2009-05-04 00:56 120320 ----a-w c:\windows\system32\dhcpcsvc6.dll
2009-05-04 00:56 . 2009-05-04 00:56 65024 ----a-w c:\windows\system32\avicap32.dll
2009-05-04 00:56 . 2009-05-04 00:56 88576 ----a-w c:\windows\system32\avifil32.dll
2009-05-04 00:56 . 2009-05-04 00:56 82944 ----a-w c:\windows\system32\mciavi32.dll
2009-05-04 00:56 . 2009-05-04 00:56 31232 ----a-w c:\windows\system32\msvidc32.dll
2009-05-04 00:56 . 2009-05-04 00:56 12800 ----a-w c:\windows\system32\msrle32.dll
2009-05-04 00:56 . 2009-05-04 00:56 123904 ----a-w c:\windows\system32\msvfw32.dll
2009-05-04 00:56 . 2009-05-04 00:56 69632 ----a-w c:\windows\system32\sendmail.dll
2009-05-04 00:56 . 2009-05-04 00:56 8138240 ----a-w c:\windows\system32\ssBranded.scr
2009-05-03 23:50 . 2009-01-05 22:19 -------- d-----w c:\program files\Common Files\Symantec Shared
2009-05-03 22:53 . 2009-05-03 22:53 72704 ----a-w c:\windows\system32\admparse.dll
2009-05-03 22:53 . 2009-05-03 22:53 826368 ----a-w c:\windows\system32\wininet.dll
2009-05-03 22:53 . 2009-05-03 22:53 78336 ----a-w c:\windows\system32\ieencode.dll
2009-05-03 22:53 . 2009-05-03 22:53 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-05-03 22:53 . 2009-05-03 22:53 26624 ----a-w c:\windows\system32\ieUnatt.exe
2009-05-03 22:53 . 2009-05-03 22:53 56320 ----a-w c:\windows\system32\iesetup.dll
2009-05-03 19:46 . 2007-12-18 12:24 -------- d-----w c:\program files\Yahoo!
2009-05-03 19:46 . 2007-12-23 22:03 -------- d-----w c:\program files\Viewpoint
2009-05-03 19:46 . 2008-06-05 17:16 -------- d-----w c:\program files\Trymedia
2009-05-03 19:46 . 2008-12-07 16:14 -------- d-----w c:\program files\Safari
2009-05-03 19:46 . 2007-12-24 15:49 -------- d-----w c:\program files\Roxio
2009-05-03 19:46 . 2008-06-05 18:13 -------- d-----w c:\program files\ReflexiveArcade
2009-05-03 19:46 . 2008-12-07 16:23 -------- d-----w c:\program files\QuickTime
2009-05-03 19:46 . 2009-01-05 22:19 -------- d-----w c:\program files\Norton PC Checkup
2009-05-03 19:46 . 2007-12-18 12:17 -------- d-----w c:\program files\NVIDIA Corporation
2009-05-03 19:45 . 2008-01-04 02:12 -------- d-----w c:\program files\Nick Arcade
2009-05-03 19:45 . 2007-12-18 12:18 -------- d-----w c:\program files\NetWaiting
2009-05-03 19:45 . 2008-06-08 03:16 -------- d-----w c:\program files\Microsoft.NET
2009-05-03 19:45 . 2007-12-18 12:34 -------- d-----w c:\program files\Microsoft Works
2009-05-03 19:45 . 2007-12-18 12:16 -------- d-----w c:\program files\Modem Diagnostic Tool
2009-05-03 19:45 . 2007-12-25 16:44 -------- d-----w c:\program files\Maxis
2009-05-03 19:44 . 2008-06-08 02:24 -------- d-----w c:\program files\Kutchka
2009-05-03 19:44 . 2008-12-07 16:27 -------- d-----w c:\program files\iTunes
2009-05-03 19:44 . 2007-12-18 12:15 -------- d-----w c:\program files\Java
2009-05-03 19:44 . 2008-12-07 16:27 -------- d-----w c:\program files\iPod
2009-05-03 19:44 . 2007-12-18 12:16 -------- d--h--w c:\program files\InstallShield Installation Information
2009-05-03 19:44 . 2008-02-24 21:03 -------- d-----w c:\program files\HP
2009-05-03 19:42 . 2007-12-23 22:03 -------- d-----w c:\program files\Common Files\Nullsoft
2009-05-03 19:42 . 2007-12-18 12:16 -------- d-----w c:\program files\Common Files\InstallShield
2009-05-03 19:42 . 2007-12-18 12:15 -------- d-----w c:\program files\Common Files\Java
2009-05-03 19:42 . 2008-02-24 21:07 -------- d-----w c:\program files\Common Files\HP
2009-05-03 19:42 . 2008-02-24 21:06 -------- d-----w c:\program files\Common Files\Hewlett-Packard
2009-05-03 19:42 . 2008-01-04 19:23 -------- d-----w c:\program files\Common Files\Apple
2009-05-03 19:42 . 2007-12-23 22:02 -------- d-----w c:\program files\Common Files\aolshare
2009-05-03 19:42 . 2007-12-23 21:58 -------- d-----w c:\program files\Common Files\AOL
2009-05-03 19:42 . 2007-12-18 12:27 -------- d-----w c:\program files\Common Files\Adobe
2009-05-03 19:42 . 2008-12-07 16:25 -------- d-----w c:\program files\Bonjour
2009-05-03 19:42 . 2008-12-07 16:28 -------- d-----w c:\program files\Apple Software Update
2009-05-03 19:42 . 2007-12-18 12:35 -------- d-----w c:\program files\AOL Install
2009-05-03 19:42 . 2007-12-23 22:02 -------- d-----w c:\program files\AOL 9.0
2009-05-03 19:41 . 2008-02-12 20:08 -------- d-----w c:\program files\AIM6
2009-04-27 00:03 . 2007-12-18 12:14 12 ----a-w c:\windows\bthservsdp.dat
2007-02-21 19:49 . 2007-02-21 19:49 8192 --sha-w c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Aim6"="c:\program files\AIM6\aim6.exe" [2008-01-03 50528]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 202544]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-18 68856]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-11-07 111936]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2007-05-25 17920]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-08-09 29744]
"HostManager"="c:\program files\Common Files\AOL\1198447098\ee\AOLSoftware.exe" [2006-09-26 50736]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 49152]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"pccguide.exe"="c:\program files\Trend Micro\Internet Security 14\pccguide.exe" [2007-08-27 1807696]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 118784]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 221184]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 202544]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13535776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-03 92704]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-01-17 4907008]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-12-18 50688]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{0033E7E4-62EE-48EB-A55C-D7C979378C41}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{6EF45948-BA89-4A20-9BE4-782633E8D34F}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{38E32F26-38B7-42E8-8C19-290C9FFF5CEF}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{98E1EECD-7796-4A3A-9E48-9FC2DCF99B34}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{15AFE60D-63AE-49A9-A2FA-1CDE58E9550C}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{635D37BC-4813-4238-A0AC-4B43FB92BCB2}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{561DE972-9257-42AB-996A-5C0B592DF81D}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{528A8B54-3ECB-4A71-8DAD-A5B61DE86C59}"= TCP:c:\program files\Common Files\AOL\1198447098\ee\aolsoftware.exe:AOL Services
"{700EFC8C-2C02-4419-8F08-69CB83B4C872}"= UDP:c:\program files\Common Files\AOL\1198447098\ee\aolsoftware.exe:AOL Services
"{648E4080-4ECF-4DE5-BB68-B24DD46F7DF1}"= TCP:c:\program files\Common Files\AOL\System Information\sinf.exe:AOL System Information
"{3AD40940-6A17-4C9A-BD44-CD52E9E55724}"= UDP:c:\program files\Common Files\AOL\System Information\sinf.exe:AOL System Information
"{2E3261C9-DD00-4F1F-BC08-5EF82653A82B}"= TCP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{D602E0BF-B5CF-4C76-BAA8-C9AFD821B894}"= UDP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{8E0394CD-70CC-4471-8949-B1D5A3AEBC20}"= TCP:c:\program files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{90F96092-DBC8-4C84-A74E-915EBA7A5A48}"= UDP:c:\program files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{111B8520-A5EE-4E71-8F38-B16E9C13DBC9}"= TCP:c:\program files\AOL 9.0\waol.exe:AOL
"{8870B137-D558-4293-996E-4621F97C333B}"= UDP:c:\program files\AOL 9.0\waol.exe:AOL
"{916EE785-88F2-4FBB-9405-D63E647180F2}"= TCP:c:\program files\Common Files\AOL\ACS\AOLacsd.exe:AOL Connectivity Service
"{45D81B4D-CBE0-4CC2-B52F-208AF18247E9}"= UDP:c:\program files\Common Files\AOL\ACS\AOLacsd.exe:AOL Connectivity Service
"{892AF752-59DD-47F9-91EB-C41D982DC9E6}"= TCP:c:\program files\Common Files\AOL\ACS\AOLDial.exe:AOL Connectivity Service Dialer
"{626654D7-0B9B-4E68-A9BB-3655C65D4BA2}"= UDP:c:\program files\Common Files\AOL\ACS\AOLDial.exe:AOL Connectivity Service Dialer
"{C59906FE-830D-497E-AF97-904A5F271C64}"= TCP:c:\program files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe:Yahoo! Music Jukebox
"{77695702-BFF5-487D-B643-631788FAA35B}"= UDP:c:\program files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe:Yahoo! Music Jukebox

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R0 amacpi;Microsoft Away Mode System;c:\windows\System32\drivers\null.sys [11/2/2006 3:51 AM 4608]
R2 AERTFilters;Andrea RT Filters Service;c:\windows\System32\AERTSrv.exe [12/5/2007 6:17 AM 77824]
R2 MrHealthyService;MrHealthy;c:\program files\Norton PC Checkup\executables\mrHealthy\MrHealthy.exe -service --> c:\program files\Norton PC Checkup\executables\mrHealthy\MrHealthy.exe -service [?]
R2 tmpreflt;tmpreflt;c:\windows\System32\drivers\tmpreflt.sys [12/18/2007 7:30 AM 36368]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2/12/2008 3:09 PM 24652]
R3 rt61x86;Ralink RT61 Wireless Driver for Windows Vista;c:\windows\System32\drivers\netr61.sys [11/26/2008 1:51 PM 333824]
S2 Tmntsrv;Trend Micro Real-time Service;c:\program files\Trend Micro\Internet Security 14\Tmntsrv.exe [8/27/2007 4:22 AM 345432]
S2 TmPfw;Trend Micro Personal Firewall;c:\program files\Trend Micro\Internet Security 14\TmPfw.exe [8/27/2007 4:22 AM 923216]
S2 tmproxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security 14\tmproxy.exe [8/27/2007 4:22 AM 566872]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [12/18/2007 7:28 AM 29744]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
IE: &AOL Toolbar Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-11 06:35
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-05-11 6:37
ComboFix-quarantined-files.txt 2009-05-11 11:37

Pre-Run: 197,227,520,000 bytes free
Post-Run: 197,270,200,320 bytes free

316 --- E O F --- 2009-05-10 23:51


Kaspersky:
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0 REPORT
Monday, May 11, 2009
Operating System: Microsoft Windows Vista Home Basic Edition, 32-bit (build 6000)
Kaspersky Online Scanner version: 7.0.26.13
Program database last update: Monday, May 11, 2009 14:24:45
Records in database: 2160583
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\

Scan statistics:
Files scanned: 147724
Threat name: 12
Infected objects: 59
Suspicious objects: 1
Duration of the scan: 02:40:49


File name / Threat name / Threats count
C:\Program Files\Norton PC Checkup\downloader.vbs Suspicious: Trojan-Downloader.JS.gen 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\1770.tmp Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\1952.tmp Infected: Trojan-Downloader.WMA.GetCodec.r 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\1A69.tmp Infected: Trojan-Downloader.WMA.GetCodec.r 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\2A2F.tmp Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\2DF1.tmp Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\4342.tmp Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\4678.tmp Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\5F95.tmp Infected: Trojan-Downloader.WMA.GetCodec.r 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\6D34.tmp Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\7543.tmp Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\7A95.tmp Infected: Trojan-Downloader.WMA.GetCodec.r 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\7A9C.tmp Infected: Trojan-Downloader.WMA.GetCodec.r 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\8320.tmp Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\8369.tmp Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\9D4A.tmp Infected: Trojan-Downloader.WMA.GetCodec.r 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\A7B9.tmp Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\A9.tmp Infected: Trojan-Downloader.WMA.GetCodec.r 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\AAAD.tmp Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\AB9F.tmp Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\ADC2.tmp Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\B29D.tmp Infected: Trojan-Downloader.WMA.GetCodec.r 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\B4D0.tmp Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\C875.tmp Infected: Trojan-Downloader.WMA.GetCodec.r 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\CC7D.tmp Infected: Trojan-Downloader.WMA.GetCodec.r 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\D9FF.tmp Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\DCAC.tmp Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\E7BF.tmp Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\E9DC.tmp Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Program Files\Trend Micro\Internet Security 14\Quarantine\F939.tmp Infected: Trojan-Downloader.WMA.GetCodec.r 1
C:\Users\PPNesdore\Documents\LimeWire\Incomplete\Preview-T-3545425-bounce for that pussy girl.mp3 Infected: Trojan-Downloader.WMA.GetCodec.r 1
C:\Users\PPNesdore\Documents\LimeWire\Incomplete\Preview-T-3545425-lollipop remix static major.mp3 Infected: Trojan-Downloader.WMA.GetCodec.r 1
C:\Users\PPNesdore\Documents\LimeWire\Incomplete\Preview-T-3545425-pop that pussy.mp3 Infected: Trojan-Downloader.WMA.GetCodec.r 1
C:\Users\PPNesdore\Documents\LimeWire\Incomplete\Preview-T-3545425-static major.mp3 Infected: Trojan-Downloader.WMA.GetCodec.r 1
C:\Users\PPNesdore\Documents\LimeWire\Incomplete\Preview-T-3545425-we do it for fun part 1 joker.mp3 Infected: Trojan-Downloader.WMA.GetCodec.r 1
C:\Users\PPNesdore\Documents\LimeWire\Incomplete\Preview-T-3545427-my good thang (high bitrate).mp3 Infected: Trojan-Downloader.WMA.GetCodec.u 1
C:\Users\PPNesdore\Documents\LimeWire\Incomplete\Preview-T-3615672-my life would suck without you.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Users\PPNesdore\Documents\LimeWire\Incomplete\Preview-T-5745425-lollipop remix static major [unreleased rare track].mp3 Infected: Trojan-Downloader.WMA.GetCodec.r 1
C:\Users\PPNesdore\Documents\LimeWire\Incomplete\Preview-T-5745425-pop that pussy [unreleased rare track].mp3 Infected: Trojan-Downloader.WMA.GetCodec.r 1
C:\Users\PPNesdore\Documents\LimeWire\Incomplete\T-1010769-talk coldplay x y.mp3 Infected: Trojan-Downloader.WMA.GetCodec.w 1
C:\Users\PPNesdore\Documents\LimeWire\Incomplete\T-3545427-my good thang (high bitrate).mp3 Infected: Trojan-Downloader.WMA.GetCodec.u 1
C:\Users\PPNesdore\Documents\LimeWire\Incomplete\T-3545427-only one cure - high quality.mp3 Infected: Trojan-Downloader.WMA.GetCodec.u 1
C:\Users\PPNesdore\Documents\LimeWire\Incomplete\T-3926616-pussy money weed remix (320k stereo).mp3 Infected: Trojan-Downloader.WMA.GetCodec.u 1
C:\Users\PPNesdore\Documents\LimeWire\Incomplete\T-5745425-pop that pussy [unreleased rare track].mp3 Infected: Trojan-Downloader.WMA.GetCodec.r 1
C:\Users\PPNesdore\Documents\LimeWire\Saved\aim tiga sexy girl has shaking orgasm during sex.mp3 Infected: Trojan-Downloader.WMA.Wimad.o 1
C:\Users\PPNesdore\Documents\LimeWire\Saved\Ciara Ft The Dream - Keep Dancing.mp3 Infected: Trojan-Downloader.WMA.GetCodec.z 1
C:\Users\PPNesdore\Documents\LimeWire\Saved\crank that spiderman sexy girl has shaking orgasm during sex.mp3 Infected: Trojan-Downloader.WMA.Wimad.o 1
C:\Users\PPNesdore\Documents\LimeWire\Saved\get buck in here explicit.wma Infected: Trojan-Downloader.WMA.Wimad.n 1
C:\Users\PPNesdore\Documents\LimeWire\Saved\lollipop remix static major - greatest hits.mp3 Infected: Trojan-Downloader.WMA.GetCodec.n 1
C:\Users\PPNesdore\Documents\LimeWire\Saved\lollipop remix static major [unreleased rare track].mp3 Infected: Trojan-Downloader.WMA.GetCodec.r 1
C:\Users\PPNesdore\Documents\LimeWire\Saved\lollipop remix static major.wma Infected: Trojan-Downloader.WMA.Wimad.n 1
C:\Users\PPNesdore\Documents\LimeWire\Saved\love reign oer me pearl jam.mp3 Infected: Trojan-Downloader.WMA.GetCodec.n 1
C:\Users\PPNesdore\Documents\LimeWire\Saved\my life would suck without you.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1
C:\Users\PPNesdore\Documents\LimeWire\Saved\patent pending heavens.mp3 Infected: Trojan-Downloader.WMA.GetCodec.y 1
C:\Users\PPNesdore\Documents\LimeWire\Saved\point 1 chevelle - greatest hits.wma Infected: Trojan-Downloader.WMA.Wimad.n 1
C:\Users\PPNesdore\Documents\LimeWire\Saved\pussy money weed remix 2009.mp3 Infected: Trojan-Downloader.WMA.GetCodec.aa 1
C:\Users\PPNesdore\Documents\LimeWire\Saved\remix pussy money weed - greatest hits.wma Infected: Trojan-Downloader.WMA.Wimad.n 1
C:\Users\PPNesdore\Documents\LimeWire\Saved\talk coldplay x y.mp3 Infected: Trojan-Downloader.WMA.GetCodec.w 1
C:\Users\PPNesdore\Documents\LimeWire\Saved\we do this for fun part 1 CD quality.mp3 Infected: Trojan-Downloader.WMA.GetCodec.f 1
C:\Users\PPNesdore\Documents\LimeWire\Saved\we do this for fun part 1.wma Infected: Trojan-Downloader.WMA.Wimad.n 1

The selected area was scanned.
mattrowe
Active Member
 
Posts: 6
Joined: May 6th, 2009, 6:26 pm

Re: unofficial family "computer guy"

Unread postby Katana » May 11th, 2009, 3:03 pm

I am planning on installing AVG's free virus protection (unless you recommend anything else)

Try one of the following instead

Free AV list ( Home users only)
Avira AntiVir
Avast



Custom CFScript
  • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:

    Code: Select all
    Folder::
    c:\program files\LimeWire
    C:\Users\PPNesdore\Documents\LimeWire
    Registry::
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{15AFE60D-63AE-49A9-A2FA-1CDE58E9550C}"=-
    "{635D37BC-4813-4238-A0AC-4B43FB92BCB2}"= -
    
    RegLock::
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    
    ADS::

  • Save this as CFScript.txt and place it on your desktop.


    Image


  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it will produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own. This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper






How are things running ?
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: unofficial family "computer guy"

Unread postby mattrowe » May 11th, 2009, 7:13 pm

It appears the computer has not froozen up and is running well overall. I am also trying to figure out what software doesn't need to load every time the computer boots up. It appears that this computer has had every optional extra install/plugin/etc installed so it takes a bit to start up but runs well afterwards.

ComboFix 09-05-11.01 - PPNesdore 05/11/2009 17:50.2 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1252.1.1033.18.958.300 [GMT -5:00]
Running from: c:\users\PPNesdore\Desktop\ComboFix.exe
Command switches used :: c:\users\PPNesdore\Desktop\CFScript.txt
AV: PC-cillin Internet Security - Virus Protection *On-access scanning disabled* (Outdated)
FW: PC-cillin Internet Security - Firewall *enabled*
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\PPNesdore\Documents\LimeWire
c:\users\PPNesdore\Documents\LimeWire\Saved\- Teasing To Please.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\(T-Pain ft. Ludacris - Chopped & Screwed.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\00-The Empire And Lil Wayne-The Drought Is Over 6 (The Reincarnation)-MF.jpg
c:\users\PPNesdore\Documents\LimeWire\Saved\009 - Keep Dancing - Ciara Ft. The Dream.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\01-Lil'_Wayne-How_You_Doing-MF-mp3.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\01 - Lil Wayne - Got Money (feat. T-Pain) (Clean).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\02 The World At Large.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\03-Lil Wayne-Gangsta Music-MF.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\03 Jumper.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\03. Gucci Mane - Hot Damn-MF(4).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\04-Lil Wayne-Dick Pleaser feat. Jae Millz-MF.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\04 Simple Man.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\06-tyga-aim.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\09-Lil Wayne-My Weezy feat. Shanell, Lil Twist & Tyga-MF.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\10 - Lil Wayne - Gossip.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\12 Slow Jamz.m4a
c:\users\PPNesdore\Documents\LimeWire\Saved\13-trey_songz-we_should_be.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\18-Lil Wayne-Oh Yeah (feat. Juelz Santana).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\20-Lil Wayne-Stuntin feat. Drake-MF.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\20-plies-year_of_the_lover_(ft._lloyd)-bbh.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\25 - LIL WAYNE - PLEASE DONT TELL ME ITS OVER.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\311 - Amber.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\3Oh!3- Dance With Me.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\3Oh3-Electroshock.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\3oh3 - Chokechain.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\3oh3 - Holla Til You Pass Out.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\3oh3 - HOTT.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\3oh3 - I'm Not Coming to Your Party.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\3oh3 - I'm Not Your Boyfriend Baby.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\3Oh3 - Photo Finish.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\50 Cent - Candy Shop.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\50 Cent - Part Time Lover (Dissin' Lil Wayne & Baby).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\50 Cent feat. G-Unit & Lil Wayne - I Like The Way She Do It Remix.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Ace Hood Ft. T-Pain, Rick Ross & Juelz Santana - Ride (Remix).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Akon - Gangster bop.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Akon ft Lil Wayne - Im So Paid (Dirty).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Akon ft Lil Wayne & Young Jeezy- I'm So Paid (Remix).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Akon ft. 50 Cent & Snoop Dogg - Get Buck In Here (Remix).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Akon_Ft_Ludacris_Diddy_Lil_Jon-Get_Buck_In_Here.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\All Time Low - Poppin' Champagne.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\All Time Low - Six Feet Under The Stars.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\All Time Low - Umbrella (Rihanna Cover).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\American Gangster Jay-Z Ft. Lil Wayne - Hello Brooklyn 2.0.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Asher Roth ft Jim Jones-I Love College (Remix) (Dirty).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\B5 ft Lil Wayne, Bow Wow - Hydrolics.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Band of Horses - Our Swords.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Bass Booty - DJ Smurf - Pop That Pussy, Shake That Ass.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Beastie Boys - Intergalactic.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Beastie Boys - Paul Revere.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Beyonce-- - If I Were A Boy.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Beyonce - Halo.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Biggie ft. Lil wayne, Juelz santana and Jim jones - im with whatever.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Blink 182 - I Miss You.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Block Party - Banquet.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\bobby valentino - Tell Me (Remix ft Lil Wayne).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Bobby Valentino - Turn The Page.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Bobby Valentino feat. Lil Wayne - Tell Me.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Bow Wow - You Can Get It all.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Bow Wow & Omarion - Hey Baby (Jump Off) .mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Bow Wow and Soulja Boy - Marco Polo.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Bow Wow feat. JD - Roc The Mic.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Bow Wow Feat. Johnta Austin-You Can Get It All.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Bow Wow Ft. T-Pain - She's My (Prod. By T-Pain).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Bow Wow, Ciara - Like You.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Brad Paisley - Then.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Britney Spears - Womanizer .mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Bubba Sparxxx - Ms. New Booty (ft. Ying Yang Twins And Mr. ColliPark).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\C-Ride Feat. Pleasure Of Pretty Ricky - Walk Different.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Cam'Ron - Killa Season - Suck It Or Not f. Lil Wayne.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Camron ft. Lil Wayne - Suck It Or Not (Remix).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Cassidy ft. R Kelly - Hotel.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Cassie - Me & You remix dj dyla - 2005-2006 new r&b www.djdyla.com hip-hop rnb ragga danechal reggaeton www.djdyla.coml.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Cassie ft. Lil' Wayne - Official Girl (Remix).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Chevelle - Comfortable Liar.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Chevelle - Point #1.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Chevelle - Saferwaters.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Chevelle - Send the Pain Below.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Chris Brown - Kiss Kiss feat. T-Pain remix DJ Felli Fel ft Akon, Diddy, Ludacris & Lil' Jon - Get Buck In Here.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Chris Brown Feat. Keri Hilson - Superhuman _Prod. By Oak_ _ 2oo8 _ _ www.MzHipHop.com _.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Chris Brown ft. Neyo - So Glad.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Chuck Wicks - All I Ever Wanted.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Ciara Feat. The-Dream - Keep Dancing.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\CIARA FEAT. THE DREAM - KEEP DANCING.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Ciara ft Lil Wayne-Promise remix.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Ciara ft. 50 Cent- Cant Leave Him Alone.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Ciara_-_Lover's_Thing_(feat._The-Dream)_-_HotNewHipHop.com.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Ciara_Feat._The_Dream_-_Keep_Dancing.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Clay Akins - Mary Did You Know.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Coldplay- Violet Hill .mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Coldplay - 03 - Lost!.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Coldplay - Talk.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Coldplay - Violet Hill.MP3
c:\users\PPNesdore\Documents\LimeWire\Saved\Coldplay - X and Y - 05 - Talk.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Collective Soul - Heavy (1999).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Collective Soul - The World I Know.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Colorado Sunrise.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Common Ft. Pharrell - Universal Mind Control (Dirty).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Counting Crows - Mr. Jones.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Crime Mob- Knuck If U Buck.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Danity Kane Ft. Lil Wayne - Phase.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\David Banner - Run Girl (clean).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\David Banner - Run Girl.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\David Banner Ft Lil Wayne - Shawty Say.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Deftones - Simple Man.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Disturbed - Down With The Sickness.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\DJ Drama Ft. Akon, Snoop Dogg, & T.I. - Daydreaming Remix.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\DJ Felli Fel - Get Buck In Here (Dirty).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\DJ Felli Fel ft Akon, Diddy, Ludacris & Lil' Jon - Get Buck In Here.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\DJV - Juke-A-Licious (Booty Mix).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Dr Dre & Snoop Doggy Dog - The Next Episode.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Drake ft. Lil Wayne - Ransom.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Drowning Pool - Bodies.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Eddie Vedder- Hide your Love Away.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Eminem - Crack a Bottle (Dirty).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Eminem - Hailie's Song.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Eminem Feat Dr. Dre & 50 Cent - Crack A Bottle.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Eminem Ft. Dr. Dre & 50 Cent - Crack A Bottle (Remix) - HotNewHipHop.com.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Enrique Iglesias Ft Lil Wayne - Push.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Fantashia Ft Lil Weezy - When I See You Remix.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Flo Rida ft. T-Pain - Get Low.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Foo Fighters - Everlong.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Forever The Sickest Kids - Believe Me I'm Lying.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Gabriel Antonio ft. T-pain - I Love The Way.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Gary Jules - Pills.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Gavin Degraw - Follow Through.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\get buck in here explicit.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Gorlliaz- Feel Good Inc..mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Gucci Mane-PhotoShoot.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Gucci Mane - Go Head.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Gucci Mane Ft. Ludacris Lil Kim - Freaky Girl Remix___DIRTY_.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Guccie Mane- Is You Rolling.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Guccimane - freaky gurl.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Head Automatica - Beating Hearts Baby.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Heavens - Patent Pending(2).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Hit The Lights - Bodybag.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Hit The Lights - Drop the Girl.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Hit The Lights - Head Over Heels.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Hit the Lights - Hey Jealousy.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Hit The Lights - On And On.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Hit The Lights - Sincerely Yours.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Hit The Lights - Stay Out .mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Hit the Lights - Three Oh Nine.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Hollywood Undead - My Black Dahlia.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Hot Rod Ft. Tila Tequila & B. Dozier - I Like To .mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Huey - Pop Lock & Drop It Remix feat[1]. Bow Wow and T-Pain NO MASTERED .mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Ice Cube - put your ass into it.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Incubus - Warning.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\J. Holiday - Crazy Love.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\J. Holiday - Fallin.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\J. Holiday Ft. Plies - Bed Remix.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\J.Holiday - Don't Wanna Lose U.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Jamie Foxx - Blame It (On The Alcohol) ft. T-Pain.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Jamie Foxx Feat T.I. - Just Like Me.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Jamie Foxx feat. T-Pain, Busta Rhymes & Lil Wayne - Blame It (On The Alcohol) (Remix).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Jamie Foxx ft Lil Wayne - Number One.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Jamie Foxx ft T.I. - Just Like Me.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Jay-Z - American Gangster- 08 - I Know.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Jesse McCartney- How Do You Sleep (Remix) (feat. Ludacris).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Jesse McCartney - It's Over.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\JHoliday - Break Up 2 Make Up.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\JIM JONES - POP CHAMPAIGNE.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Jim Jones ft Juelz Santana- Pop Champaigne.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\John Legend - Ordinary People.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\John Legend ft. Andre 3000 - Green Light.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Jon Young - Dont Wanna Fight.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Juelz Santana Feat. Lil Wayne - Rewind.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Juelz Santana Ft. Young Jeezy & Lil Wayne - Make It Work For Ya.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Jupiter Rising - Electropop.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Juvenile - Rodeo.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Kanye West ft Lil Wayne - See You In My Nightmares.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Keep Dancing Dream Ciara.wma
c:\users\PPNesdore\Documents\LimeWire\Saved\Keep_Dancing_Dream_Ciara.wma
c:\users\PPNesdore\Documents\LimeWire\Saved\Kelly Clarkson - My Life Would Suck Without You(1).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Kelly Clarkson - My Life Would Suck Without You.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Keri Hilson ft. Lil Wayne - Turning Me Off.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Keri_Hilson-_Return_The_Favor__Ft._Timbaland_.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\kings of leon - fans.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Kings Of Leon - Sex is On Fire.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Kings of Leon - Use Somebody(1).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Kottonmouth Kings-Don't Make Me Beg.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Kottonmouth Kings - Bump.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lady GaGa - Disco Stick.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lady Gaga - Just Dance(Ft Akon).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil' John & Pitt Bull - Lollipop.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil' Wayne- Lollipop ft. Static Major (dirty).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil' Wayne - 1-03 - Lalalala - Weezyaveli Weezy F. Baby Part 3 {Disc 1}.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil' Wayne - Knuck If You Buck (Freestyle).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil' Wayne - nO hOmO.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil' Wayne - Problem Solver ( Gillie Da Kid Diss).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil' Wayne - Tha Carter III - 06 - Phone Home.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil' Wayne - The sky is the limit.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil' Wayne - weezy baby baby baby freestyle(1).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil' Wayne - weezy baby baby baby freestyle.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil' Wayne - Weezy F Baby.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil' Wayne ft. Ashanti - Weezy Baby Baby Baby.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil' Wayne ft. Manny Fresh - Bring It Back.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil' Wayne ft. Trina - Prostitute Flange (remix).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Boosie and Lil Webbie - Wipe Me Down (Remix).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Boosie ft Young Joc - Zoom.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil John and the Eastside boyz- Get Low.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne- Pussy, Money, Weed.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne- Shorty Bounce (New)Dirty.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne-Crank That Weezy Wee.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne-Dedication 3-22-Put On For The Game.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne-Hot Revolver.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne-In My White Tee (Remix).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne-Me and My Drank.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - 15 - Please Say The Baby - The Carter 2.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - 15 - Please Say The Baby - The Carter 4.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Always Strapped.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Apologize Remix.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Ask Them Hoes.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Cutty Buddy ft. Mike Jones, T-Pain, Twista.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Da Drought 3 - Hard Body.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Da Drought 3 - Swizzy - Remix.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Da Drought 3 - Weezy's Ambitions As A Ridah.MP4
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Da Drought Is Over part 4 - Pop That Pussy Ft. Cassidy.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Dedication 3 - She's a Ryder.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Dedication Gangsta Grillz 2 - Cannon (Remix).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Dedication Pt.2 - 12 - Getting Some Head Remix Featuring Shawna, Rick Ross, and Pimp C.mp3.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Drought Is Over Part.4 - Ask Them Hoes.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Drought is Over Pt 4 - - Ask Them Hoes.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - A Nigga Thoughts.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Hey Lil Mama (Remix).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - I'm Me (2008).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - I Feel Like Dying.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Lil Weezyana - 09 - Lets Go Hoe.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Lollipop ft. Static Major.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Lollipop Remix ft.Young Jeezy, T.I, Soulja Boy, Chris Brown, and Static Major.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Prom Queen.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Pussy Money Weed Remix.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Pussy Monster.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Ride With The Mack.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Say Yeah Remix.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Squad Up - 02 - We Ready NEW!!! lil boosie.mp3.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Tha Carter 2 - 07 - Best Rapper Alive.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Tha Carter 3 - 07 - Mr. Postman.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Tha Carter 3 - 15 - Please Say The Baby.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Tha Carter III - 3 Peat.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Tha Carter III -Mrs. Officer.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - The American Dream ft. Mike Tyson.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - The Carter 3 - Droppin Knowledge 2.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - The Carter3 - Lil Wayne - Summer with Weezy.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - The Drought Is Over 4 - Do My Thang Ft. Juelz.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Vans Freestlye.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Weezyaveli - Ask Dem Hoes (NEW SHIT 2008.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Weezyaveli - I'm A Beast.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Weezyaveli - Lighting Up My (La La La).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Weezyaveli - Love Me Or Hate Me.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne - Whatever You Like remix.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne & Birdman - Stunting Like My Daddy.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne & Brisco - The Weezy Effect - Pill Poppin (Remix).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne & Young Money - Knuck If You Buck Freestyle.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne and pastor troy - We Ready NEW!!! .mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne feat Birdman - 'S' On My Chest.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne Feat Tyga & Gata - Stacks On Deck.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne feat. Drake - I Want This Forever.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne ft Kanye West - Lollipop Remix.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne ft Cassidy-a millie.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne ft. Drake - Ransom.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne ft. Foxx - Wipe Me Down Remix.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne ft. Rick Ross - Pill Poppin Animal.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne ft. Trina - Me and You.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil Wayne Ft. Tyga - California Love.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\lil wayne_ army background.jpg
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil_Wayne - Fireman.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil’ Wayne - Pussy Monster (Prod. By David Banner)..(Trackfiends.net).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lil’ Wayne & Keyshia Cole - I Love You 2k8 - HotNewHipHop.com.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Little Lower Now.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lloyd - 13 - Sweet Dreams.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lloyd - Street Love - 06 - Incredible.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lloyd - Year Of The Lover.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lloyd - Year of The Lovers.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lloyd Banks - Karma.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lloyd feat Lil Wayne - I Want You.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lloyd feat. Lil Wayne - Girls All Around World.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Lloyd_ft_The_Dream_-_I_Need_Love.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Llyod Ft. Plies - Year Of The Lover (Remix).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Ludacris - Pussy Poppin (ft. Shawnna Lil' Fate).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Ludacris - Pussy Poppin (ft. Shawnna_Lil' Fate).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Ludacris - Pussy Poppin.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\ludacris ft t-pain-one more drink-clean.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Maino ft. TPain- All the above.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Mario ft. Lil Wayne - Crying Out For Me (Remix).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Mayday Parade - Three Cheers For Five Years (acoustic).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Mayday Parade - Three Cheers For Five Years.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Metro Station - Goodnight & Goodbye.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Metro Station - kelsey .mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\MGMT- Electric Feel.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\MGMT - Kids.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\MGMT - Time To Pretend.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Mickey Avalon - My Dick.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Mika - Lollipop.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Mike Jones - Next to You.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Mike Jones - Turning Heads.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Mike Jones ft[1]. Hurricane Chris - Drop and Gimme 50 (dirty).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Miley Cyrus - The Climb (Studio version).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Miley Cyrus - The Climb.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Miley Cyrus - The_Climb.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Modest Mouse - Gravity Rides Everything.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Movado & Sizzla - Gangster for Life - (Anger Management Riddim) (Reja Mix)(1).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\NeYo - Mirror.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Neyo - Together.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Neyo ft. Jamie Foxx & Fabolous - She Got Her Own Miss Independent Remix.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Omarion - O.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Omarion - Touch.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Paramore - Misery Business.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Paramore - That's What You Get.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pastor Troy - Pop That Pussy.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pearl Jam - Love Reign O'er Me.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pearl Jam - Once.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pills.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pills.wma
c:\users\PPNesdore\Documents\LimeWire\Saved\Pink - Sober.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pitbull - 02 - I Know You Want Me.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pitbull - Bojangles ( Bring It Back ).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pitbull - Fuego.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pitbull - She's Hot (Remix).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pitbull Feat Lloyd - Secret Admirer.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pitbull Ft Lil John - The Anthem.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pitbull Ft. Lil Jon - Krazy.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Play Radio Play! - Even Fairy Tale Characters Would Be Jealous.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pleasure P- I Did You Wrong.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pleasure P - cute version.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pleasure P. Ft. Lil Wayne - Rock Bottom.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pleasure_P_-_Boyfriend_Number_2.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Plies - Put It On Ya feat. Chris J _Dirty_.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty Ricky-Personal Trainer.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty Ricky-Wet Dreams.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty Ricky - Age Ain't Nothing But A Number.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty Ricky - Call Me.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty Ricky - Can't Live Without You.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty Ricky - Chevy.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty ricky - cuddle up feat. butta crèame.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty Ricky - Cuddle Up.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty Ricky - Get You Right.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty Ricky - Get you wet .mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty Ricky - Get you wet ft. Plies.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty Ricky - Grill Em'.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty Ricky - Grind On Me.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty Ricky - Juicy.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty Ricky - Late Night Special - 09 - Leave It All Up To You(1).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty Ricky - Lay Your Body Down .MP3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty Ricky - lay your body down.MP3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty Ricky - Love Like Honey.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty Ricky - Take U On A Ride.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty Ricky - Your Body.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty Ricky feat Sean Paul- Push It Baby (remix).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty Ricky ft. Pit Bull - Everybody Get Up.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pretty Willie - My Good Thang.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Public Enemy - He Got Game.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pussy Cat Dolls - I Hate This Part.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pussycat Dolls - I Hate This Part Right Here.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Pussycat Dolls - I Hate This Part.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Queens of the Stone Age - Go With The Flow(1).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Radio Head - Just (You Do It To Yourself).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Radiohead - In Rainbows - 01 15 Steps.MP3
c:\users\PPNesdore\Documents\LimeWire\Saved\Raje Ft. Lil Wayne And Tyga- Loser Remix www.hiphopearly.com.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Red Hot Chili Peppers - Scar Tissue.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Red hot chilie peppers - Snow ((Hey Oh)).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Red Hot Chilli Peppers - Under the Bridge.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\REM - Whats The Frequency Kenneth.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Rick Ross Ft. Nelly & Avery Storm - Here I Am.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Rihanna-Disturbia.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Rihanna - Rehab.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Ron Browz Ft Jim Jones & Juelz Santana - Pop Champagne (Remix) - HotNewHipHop.com.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\run girl.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Rusted Root - Send Me On My Way.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Ryan Leslie feat. Cassie & Fabolous - Addiction (Remix).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Shawnna - Getting Some Head Remix.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Shawnna - I Was Getting Some Head Remix - ft. Lil Wayne,_Rick_Ross,_Pimp C, Too_Short,_Pharrell,_Busta_Rhymes_and Ludacris.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Shawty Lo ft. Ludacris, Young Jeezy, Plies, Lil Wayne - Dey Know (Remix).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Shawty_Lo_Ft._Lil_Wayne_And_Trey_Songz-_What_They_Need_www.hiphopearly.com.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\she got that slim loves crazy.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\slim of 112 ft. yung joc - so fly.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Slim(112)- She Got That.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Snow Patrol - Shut Your Eyes.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Soldier Boy- Crank that Spiderman.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Soulja Boy - Turn My Swag On.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Soulja Boy - Kiss Me Through The Phone.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Soulja Boy - She Got A Donk.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Soulja Boy feat. Lil Wayne Jim Jones Maino Young Jeezy & Jadakiss - Turn My Swag On (Official Remix)(1).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Soulja Boy ft. Sammie - Kiss Me Thru The Phone.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Soulja_Boy_VS_T_Pain_&_Flo_Rida_-_Soulja_Girls_Get_Low_(DFEKT_Remix).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Souljaboy- Bootymeat.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Stack Bundles - I Smell Pussy.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Step Up 2 Soundtrack - Enrique Iglesias ft. Lil Wayne - Push.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Stereophonics - Dakota.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Swiss Beats - Its Me Bitches Remix (Lil Wayne , Jadakiss , R Kelly)- (3-18-07).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\T-Pain f.Pit Bull - I'm Sprung Remix.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\T-Pain Ft Chris Brown - Freeze.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\T-Pain ft. Styles P. - I'm So High.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\T.I feat. Kanye West, Jay-Z & Lil Wayne - Swagger Like Us(1).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\T.I ft Justin Timberlake - Dead and Gone.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\T.I. - No Matter What.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\T.I. - Papertrail - 11 - What Up, Whats Haapnin.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\T.I. ft Rihanna - Live Your Life.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Talking Heads - Once In A Lifetime.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Taylor Swift - Breathe.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Taylor Swift - I'd Lie.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Taylor Swift - Invisible.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Taylor Swift - Love Story.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Taylor Swift - You're Not Sorry(1).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Taylor Swift - You're Not Sorry.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Taylor Swift - Your Face.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Teasing to Please
c:\users\PPNesdore\Documents\LimeWire\Saved\Tha Joker - We Do It For Fun.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Tha Joker ft. Lil Wayne - Boo Ya.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Academy Is... - Slow Down.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The All American Rejects - Gives You Hell.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Bravery- No Brakes.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Bravery - Believe.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Bravery - Time Won't Let Me Go.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The cool kids - I'm Mikey.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Cure - The Only One.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Dream - Playing In Her Hair.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Dream feat. Lil' Jon - Let Me See That Booty.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Dream Ft Kanye West-Walking On The Moon.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Dream ft. Lil Wayne - Falsetto R.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Dream Ft. Mariah Carey - My Love.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Fray - She Is.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Fray - Together.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Fray - Trust Me.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Killers - Jenny Was a Friend of Mine.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Killers - Shadowplay.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Killers - Smile Like You Mean It(1).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Kooks - Naive.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Lonely Island - Jizz In My Pants.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Maine - Count 'em one, two, three.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Maine - Daisy.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Maine - Girls Do What They Want.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Maine - I Wanna Love You.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Maine - Into Your Arms.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Maine - Kiss and Sell.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Pack - Booty Bounce Bopper.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Pack - Vans.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Pixies - Where Is My Mind.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Police - Don't Stand So Close To Me.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\the strokes - Is This it.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The Veronicas- 4ever.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The White Tie Affair - Candle 'Sick And Tired'.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\The_Game_-_Where_You_At__Remix__Ft._Ray_J___Lil__Wayne_-_TheHipHopDaily.com.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Third Eye Blind - How's It Gonna Be.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Third Eye Blind - Jumper.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\This Providence - My Beautiful Rescue.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Three Doors Down - It's Not My Time.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\TI - Im Serious - Pussy Popper.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Tila Tequila-Paralyze.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Tila Tequila - ya Man.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Tila Tequila - Get High.wma
c:\users\PPNesdore\Documents\LimeWire\Saved\Tila Tequila - I Love U.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Tila Tequila - Playgirl Central.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Trey Songs- Missing You.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Trey Songz - Candy (2009) [www.RnB4U.in].mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Trey Songz - In The Middle.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Trey Songz - Trey Day - 13 - We Should Be.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Trey Songz - Trey Day - feat T.I. - Uh Huh.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Trey Songz - Wonder Woman.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Trey Songz Ft. J.Holiday (Remix) - Bed.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Trey Songz ft.Lil Wayne Can't Help But Wait Remix.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Twista Ft Trey Songz - Girl tonight.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\U2 sometimes you can't make it on your own.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Wale ft Lil Wayne - Nike Boots (Remix).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\We Are Scientists - Its A Hit.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\We The Kings - Secret Valentine.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Webbie - I Miss You Remix ft. Lil Wayne, Plies, & T-Pain.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Westlife - I Don't Wanna Fight No More.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Whats A Goon To A Goblin.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Wiz Khalifa - Make It Hot.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Ying Yang Twins & Lil Jon - Salt Shaker.mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Young Jeezy Feat. Lil Weezy- Ya Dig (Remix).mp3
c:\users\PPNesdore\Documents\LimeWire\Saved\Young Jezzy The Recession_My President.mp3

.
((((((((((((((((((((((((( Files Created from 2009-04-11 to 2009-05-11 )))))))))))))))))))))))))))))))
.

2009-05-11 19:00 . 2009-05-11 19:00 -------- d-----w c:\program files\AVG
2009-05-11 18:27 . 2009-05-11 18:27 -------- d-----w c:\programdata\acccore
2009-05-11 18:27 . 2009-05-11 18:27 -------- d-----w c:\users\All Users\acccore
2009-05-11 18:26 . 2009-05-11 18:26 -------- d-----w c:\programdata\AOL Downloads
2009-05-11 18:26 . 2009-05-11 18:26 -------- d-----w c:\users\All Users\AOL Downloads
2009-05-11 17:19 . 2009-05-11 17:19 -------- d-----w c:\program files\Common Files\Adobe AIR
2009-05-11 17:18 . 2009-05-11 17:19 -------- d-----w c:\program files\Common Files\Adobe
2009-05-11 17:13 . 2009-05-11 18:06 -------- d-----w c:\programdata\NOS
2009-05-11 17:13 . 2009-05-11 18:06 -------- d-----w c:\users\All Users\NOS
2009-05-11 17:13 . 2009-05-11 18:06 -------- d-----w c:\program files\NOS
2009-05-11 17:11 . 2009-05-11 17:11 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-11 17:03 . 2009-05-11 17:10 -------- d-----w c:\users\PPNesdore\.SunDownloadManager
2009-05-10 23:46 . 2009-05-10 23:46 -------- d-----w C:\rsit
2009-05-06 22:03 . 2009-05-06 22:02 102664 ----a-w c:\windows\system32\drivers\tmcomm.sys
2009-05-06 22:02 . 2009-05-06 22:03 -------- d-----w c:\users\PPNesdore\.housecall6.6
2009-05-06 22:02 . 2009-05-06 22:02 -------- d-----w c:\windows\Sun
2009-05-06 21:01 . 2009-05-06 21:01 -------- d-----w c:\windows\PCHEALTH
2009-05-06 20:58 . 2009-05-06 20:58 -------- d-----r c:\windows\system32\config\systemprofile\Music
2009-05-06 13:14 . 2009-05-06 13:14 229888 ----a-w c:\windows\system32\msshsq.dll
2009-05-06 11:24 . 2009-05-06 11:24 268800 ----a-w c:\windows\system32\es.dll
2009-05-04 22:40 . 2009-05-04 22:41 -------- d-----w c:\programdata\NVIDIA
2009-05-04 22:40 . 2009-05-04 22:41 -------- d-----w c:\users\All Users\NVIDIA
2009-05-04 04:58 . 2009-05-04 04:58 28672 ----a-w c:\windows\system32\FwRemoteSvr.dll
2009-05-04 04:58 . 2009-05-04 04:58 61440 ----a-w c:\windows\system32\winipsec.dll
2009-05-04 04:58 . 2009-05-04 04:58 361984 ----a-w c:\windows\system32\IPSECSVC.DLL
2009-05-04 04:58 . 2009-05-04 04:58 272896 ----a-w c:\windows\system32\polstore.dll
2009-05-04 04:47 . 2009-05-04 04:47 8192 ----a-w c:\windows\system32\riched32.dll
2009-05-04 04:30 . 2009-05-04 04:30 241152 ----a-w c:\windows\system32\PortableDeviceApi.dll
2009-05-04 04:30 . 2009-05-04 04:30 95232 ----a-w c:\windows\system32\PortableDeviceClassExtension.dll
2009-05-04 04:30 . 2009-05-04 04:30 160768 ----a-w c:\windows\system32\PortableDeviceTypes.dll
2009-05-04 04:19 . 2009-05-04 04:19 39424 ----a-w c:\windows\system32\ACCTRES.dll
2009-05-04 04:19 . 2009-05-04 04:19 205824 ----a-w c:\windows\system32\msoeacct.dll
2009-05-04 04:19 . 2009-05-04 04:19 87040 ----a-w c:\windows\system32\msoert2.dll
2009-05-04 04:08 . 2009-05-04 04:08 704000 ----a-w c:\windows\system32\PhotoScreensaver.scr
2009-05-04 04:08 . 2009-05-04 04:08 24064 ----a-w c:\windows\system32\wtsapi32.dll
2009-05-04 04:08 . 2009-05-04 04:08 258232 ----a-w c:\windows\system32\drivers\acpi.sys
2009-05-04 04:08 . 2009-05-04 04:08 542720 ----a-w c:\windows\system32\sysmain.dll
2009-05-04 04:08 . 2009-05-04 04:08 47104 ----a-w c:\windows\system32\wlanapi.dll
2009-05-04 04:08 . 2009-05-04 04:08 67584 ----a-w c:\windows\system32\wlanhlp.dll
2009-05-04 04:08 . 2009-05-04 04:08 290816 ----a-w c:\windows\system32\wlanmsm.dll
2009-05-04 04:08 . 2009-05-04 04:08 502784 ----a-w c:\windows\system32\wlansvc.dll
2009-05-04 04:08 . 2009-05-04 04:08 297984 ----a-w c:\windows\system32\wlansec.dll
2009-05-04 03:57 . 2009-05-04 03:57 110080 ----a-w c:\windows\system32\drivers\mrxdav.sys
2009-05-04 03:57 . 2009-05-04 03:57 194560 ----a-w c:\windows\system32\WebClnt.dll
2009-05-04 03:47 . 2009-05-04 03:47 49664 ----a-w c:\windows\system32\csrsrv.dll
2009-05-04 03:47 . 2009-05-04 03:47 376320 ----a-w c:\windows\system32\winsrv.dll
2009-05-04 03:13 . 2009-05-04 03:13 376832 ----a-w c:\windows\system32\winhttp.dll
2009-05-04 03:02 . 2009-05-04 03:02 297472 ----a-w c:\windows\system32\gdi32.dll
2009-05-04 02:56 . 2009-05-04 02:56 1060920 ----a-w c:\windows\system32\drivers\ntfs.sys
2009-05-04 02:56 . 2009-05-04 02:56 41984 ----a-w c:\windows\system32\drivers\monitor.sys
2009-05-04 02:53 . 2009-05-04 02:53 211456 ----a-w c:\windows\system32\drivers\mrxsmb10.sys
2009-05-04 02:49 . 2009-05-04 02:49 500736 ----a-w c:\windows\system32\msdtcprx.dll
2009-05-04 02:49 . 2009-05-04 02:49 30208 ----a-w c:\windows\system32\xolehlp.dll
2009-05-04 02:38 . 2009-05-04 02:38 28672 ----a-w c:\windows\system32\Apphlpdm.dll
2009-05-04 02:38 . 2009-05-04 02:38 4247552 ----a-w c:\windows\system32\GameUXLegacyGDFs.dll
2009-05-04 02:38 . 2009-05-04 02:38 1687040 ----a-w c:\windows\system32\gameux.dll
2009-05-04 02:33 . 2009-05-04 02:33 303616 ----a-w c:\windows\system32\wmpeffects.dll
2009-05-04 02:29 . 2009-05-04 02:29 1194496 ----a-w c:\windows\system32\msxml3.dll
2009-05-04 02:29 . 2009-05-04 02:29 2048 ----a-w c:\windows\system32\msxml3r.dll
2009-05-04 02:26 . 2009-05-04 02:26 414208 ----a-w c:\windows\system32\msscp.dll
2009-05-04 02:22 . 2009-05-04 02:22 356864 ----a-w c:\windows\system32\MediaMetadataHandler.dll
2009-05-04 02:18 . 2009-05-04 02:18 392192 ----a-w c:\windows\system32\FirewallAPI.dll
2009-05-04 02:18 . 2009-05-04 02:18 63488 ----a-w c:\windows\system32\drivers\mpsdrv.sys
2009-05-04 02:18 . 2009-05-04 02:18 396800 ----a-w c:\windows\system32\MPSSVC.dll
2009-05-04 02:18 . 2009-05-04 02:18 86016 ----a-w c:\windows\system32\icfupgd.dll
2009-05-04 02:18 . 2009-05-04 02:18 16896 ----a-w c:\windows\system32\wfapigp.dll
2009-05-04 02:18 . 2009-05-04 02:18 61952 ----a-w c:\windows\system32\cmifw.dll
2009-05-04 02:18 . 2009-05-04 02:18 23040 ----a-w c:\windows\system32\drivers\tunnel.sys
2009-05-04 02:18 . 2009-05-04 02:18 178688 ----a-w c:\windows\system32\iphlpsvc.dll
2009-05-04 02:18 . 2009-05-04 02:18 15360 ----a-w c:\windows\system32\drivers\TUNMP.SYS
2009-05-04 02:11 . 2009-05-04 02:11 2048 ----a-w c:\windows\system32\tzres.dll
2009-05-04 02:06 . 2009-05-04 02:06 8147968 ----a-w c:\windows\system32\wmploc.DLL
2009-05-04 02:06 . 2009-05-04 02:06 7680 ----a-w c:\windows\system32\spwmp.dll
2009-05-04 02:06 . 2009-05-04 02:06 4096 ----a-w c:\windows\system32\dxmasf.dll
2009-05-04 01:54 . 2009-05-04 01:54 21560 ----a-w c:\windows\system32\drivers\atapi.sys
2009-05-04 01:54 . 2009-05-04 01:54 45112 ----a-w c:\windows\system32\drivers\pciidex.sys
2009-05-04 01:54 . 2009-05-04 01:54 15928 ----a-w c:\windows\system32\drivers\pciide.sys
2009-05-04 01:54 . 2009-05-04 01:54 109624 ----a-w c:\windows\system32\drivers\ataport.sys
2009-05-04 01:54 . 2009-05-04 01:54 211000 ----a-w c:\windows\system32\drivers\volsnap.sys
2009-05-04 01:54 . 2009-05-04 01:54 154624 ----a-w c:\windows\system32\drivers\nwifi.sys
2009-05-04 01:51 . 2009-05-04 01:51 104448 ----a-w c:\windows\system32\DWWIN.EXE
2009-05-04 01:48 . 2009-05-04 01:48 2923520 ----a-w c:\windows\explorer.exe
2009-05-04 01:38 . 2009-05-04 01:38 24064 ----a-w c:\windows\system32\netcfg.exe
2009-05-04 01:38 . 2009-05-04 01:38 216632 ----a-w c:\windows\system32\drivers\netio.sys
2009-05-04 01:38 . 2009-05-04 01:38 167424 ----a-w c:\windows\system32\tcpipcfg.dll
2009-05-04 01:38 . 2009-05-04 01:38 22016 ----a-w c:\windows\system32\netiougc.exe
2009-05-04 01:38 . 2009-05-04 01:38 803328 ----a-w c:\windows\system32\drivers\tcpip.sys
2009-05-04 01:33 . 2009-05-04 01:33 2340864 ----a-w c:\windows\system32\NlsData000d.dll
2009-05-04 01:33 . 2009-05-04 01:33 1963520 ----a-w c:\windows\system32\NlsData000f.dll
2009-05-04 01:33 . 2009-05-04 01:33 4493312 ----a-w c:\windows\system32\NlsData0414.dll
2009-05-04 01:33 . 2009-05-04 01:33 4493312 ----a-w c:\windows\system32\NlsData0416.dll
2009-05-04 01:33 . 2009-05-04 01:33 797696 ----a-w c:\windows\system32\NaturalLanguage6.dll
2009-05-04 01:33 . 2009-05-04 01:33 4493312 ----a-w c:\windows\system32\NlsData0816.dll
2009-05-04 01:33 . 2009-05-04 01:33 1963520 ----a-w c:\windows\system32\NlsData081a.dll
2009-05-04 01:33 . 2009-05-04 01:33 6917120 ----a-w c:\windows\system32\NlsLexicons0c1a.dll
2009-05-04 01:33 . 2009-05-04 01:33 1963520 ----a-w c:\windows\system32\NlsData0c1a.dll
2009-05-04 01:24 . 2009-05-04 01:24 1585664 ----a-w c:\windows\system32\setupapi.dll
2009-05-04 01:16 . 2009-05-04 01:16 549888 ----a-w c:\windows\system32\rpcss.dll
2009-05-04 01:16 . 2009-05-04 01:16 3503584 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-05-04 01:16 . 2009-05-04 01:16 3469280 ----a-w c:\windows\system32\ntoskrnl.exe
2009-05-04 01:16 . 2009-05-04 01:16 24576 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-05-04 01:16 . 2009-05-04 01:16 654336 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-05-04 01:16 . 2009-05-04 01:16 53248 ----a-w c:\windows\system32\iasads.dll
2009-05-04 01:16 . 2009-05-04 01:16 37888 ----a-w c:\windows\system32\iasdatastore.dll
2009-05-04 01:16 . 2009-05-04 01:16 158720 ----a-w c:\windows\system32\sdohlp.dll
2009-05-04 01:16 . 2009-05-04 01:16 97280 ----a-w c:\windows\system32\iasrecst.dll
2009-05-04 01:08 . 2009-05-04 01:08 9728 ----a-w c:\windows\system32\LAPRXY.DLL
2009-05-04 01:08 . 2009-05-04 01:08 2048 ----a-w c:\windows\system32\asferror.dll
2009-05-04 01:08 . 2009-05-04 01:08 223232 ----a-w c:\windows\system32\WMASF.DLL
2009-05-04 01:05 . 2009-05-04 01:05 72704 ----a-w c:\windows\system32\secur32.dll
2009-05-04 01:05 . 2009-05-04 01:05 7680 ----a-w c:\windows\system32\lsass.exe
2009-05-04 01:05 . 2009-05-04 01:05 1233408 ----a-w c:\windows\system32\lsasrv.dll
2009-05-04 01:05 . 2009-05-04 01:05 25600 ----a-w c:\windows\system32\amxread.dll
2009-05-04 01:05 . 2009-05-04 01:05 14848 ----a-w c:\windows\system32\apilogen.dll
2009-05-04 01:03 . 2009-05-04 01:03 223232 ----a-w c:\windows\system32\SLC.dll
2009-05-04 01:03 . 2009-05-04 01:03 268288 ----a-w c:\windows\system32\mcbuilder.exe
2009-05-04 01:03 . 2009-05-04 01:03 33280 ----a-w c:\windows\system32\slwmi.dll
2009-05-04 01:03 . 2009-05-04 01:03 566784 ----a-w c:\windows\system32\SLCommDlg.dll
2009-05-04 01:03 . 2009-05-04 01:03 351232 ----a-w c:\windows\system32\SLUI.exe
2009-05-04 01:03 . 2009-05-04 01:03 186368 ----a-w c:\windows\system32\SLLUA.exe
2009-05-04 01:03 . 2009-05-04 01:03 57856 ----a-w c:\windows\system32\SLUINotify.dll
2009-05-04 01:03 . 2009-05-04 01:03 2605568 ----a-w c:\windows\system32\SLsvc.exe
2009-05-04 01:03 . 2009-05-04 01:03 39936 ----a-w c:\windows\system32\slcinst.dll
2009-05-04 01:00 . 2009-05-04 01:00 425472 ----a-w c:\windows\system32\PhotoMetadataHandler.dll
2009-05-04 01:00 . 2009-05-04 01:00 712192 ----a-w c:\windows\system32\WindowsCodecs.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-11 18:34 . 2008-02-24 21:03 -------- d-----w c:\program files\HP
2009-05-11 18:27 . 2008-02-12 20:08 -------- d-----w c:\program files\AIM6
2009-05-11 17:11 . 2007-12-18 12:15 -------- d-----w c:\program files\Java
2009-05-11 16:57 . 2007-12-23 21:58 -------- d-----w c:\program files\Common Files\AOL
2009-05-11 16:34 . 2007-12-18 12:30 -------- d-----w c:\program files\Trend Micro
2009-05-11 16:34 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infstrng.dat
2009-05-11 16:34 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infstor.dat
2009-05-11 16:34 . 2006-11-02 10:25 51200 ----a-w c:\windows\inf\infpub.dat
2009-05-04 08:30 . 2006-11-02 12:48 174 --sha-w c:\program files\desktop.ini
2009-05-04 08:21 . 2006-11-02 12:35 -------- d-----w c:\program files\Windows Calendar
2009-05-04 08:21 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-05-04 08:21 . 2006-11-02 12:35 -------- d-----w c:\program files\Windows Defender
2009-05-04 08:21 . 2006-11-02 12:35 -------- d-----w c:\program files\Windows Sidebar
2009-05-04 08:21 . 2006-11-02 10:25 665600 ----a-w c:\windows\inf\drvindex.dat
2009-05-04 01:34 . 2009-05-04 01:34 1793536 ----a-w c:\windows\system32\NlsLexicons0045.dll
2009-05-04 01:22 . 2009-05-04 01:22 40960 ----a-w c:\windows\system32\srclient.dll
2009-05-04 00:56 . 2009-05-04 00:56 61440 ----a-w c:\windows\system32\ntprint.exe
2009-05-04 00:56 . 2009-05-04 00:56 220160 ----a-w c:\windows\system32\ntprint.dll
2009-05-04 00:56 . 2009-05-04 00:56 10240 ----a-w c:\windows\system32\dhcpcmonitor.dll
2009-05-04 00:56 . 2009-05-04 00:56 1984512 ----a-w c:\windows\system32\authui.dll
2009-05-04 00:56 . 2009-05-04 00:56 120320 ----a-w c:\windows\system32\dhcpcsvc6.dll
2009-05-04 00:56 . 2009-05-04 00:56 65024 ----a-w c:\windows\system32\avicap32.dll
2009-05-04 00:56 . 2009-05-04 00:56 88576 ----a-w c:\windows\system32\avifil32.dll
2009-05-04 00:56 . 2009-05-04 00:56 82944 ----a-w c:\windows\system32\mciavi32.dll
2009-05-04 00:56 . 2009-05-04 00:56 31232 ----a-w c:\windows\system32\msvidc32.dll
2009-05-04 00:56 . 2009-05-04 00:56 12800 ----a-w c:\windows\system32\msrle32.dll
2009-05-04 00:56 . 2009-05-04 00:56 123904 ----a-w c:\windows\system32\msvfw32.dll
2009-05-04 00:56 . 2009-05-04 00:56 69632 ----a-w c:\windows\system32\sendmail.dll
2009-05-04 00:56 . 2009-05-04 00:56 8138240 ----a-w c:\windows\system32\ssBranded.scr
2009-05-03 23:50 . 2009-01-05 22:19 -------- d-----w c:\program files\Common Files\Symantec Shared
2009-05-03 19:46 . 2007-12-18 12:24 -------- d-----w c:\program files\Yahoo!
2009-05-03 19:46 . 2007-12-23 22:03 -------- d-----w c:\program files\Viewpoint
2009-05-03 19:46 . 2008-06-05 17:16 -------- d-----w c:\program files\Trymedia
2009-05-03 19:46 . 2008-12-07 16:14 -------- d-----w c:\program files\Safari
2009-05-03 19:46 . 2007-12-24 15:49 -------- d-----w c:\program files\Roxio
2009-05-03 19:46 . 2008-06-05 18:13 -------- d-----w c:\program files\ReflexiveArcade
2009-05-03 19:46 . 2008-12-07 16:23 -------- d-----w c:\program files\QuickTime
2009-05-03 19:46 . 2007-12-18 12:17 -------- d-----w c:\program files\NVIDIA Corporation
2009-05-03 19:45 . 2008-01-04 02:12 -------- d-----w c:\program files\Nick Arcade
2009-05-03 19:45 . 2007-12-18 12:18 -------- d-----w c:\program files\NetWaiting
2009-05-03 19:45 . 2008-06-08 03:16 -------- d-----w c:\program files\Microsoft.NET
2009-05-03 19:45 . 2007-12-18 12:34 -------- d-----w c:\program files\Microsoft Works
2009-05-03 19:45 . 2007-12-18 12:16 -------- d-----w c:\program files\Modem Diagnostic Tool
2009-05-03 19:45 . 2007-12-25 16:44 -------- d-----w c:\program files\Maxis
2009-05-03 19:44 . 2008-06-08 02:24 -------- d-----w c:\program files\Kutchka
2009-05-03 19:44 . 2008-12-07 16:27 -------- d-----w c:\program files\iTunes
2009-05-03 19:44 . 2008-12-07 16:27 -------- d-----w c:\program files\iPod
2009-05-03 19:44 . 2007-12-18 12:16 -------- d--h--w c:\program files\InstallShield Installation Information
2009-05-03 19:42 . 2007-12-23 22:03 -------- d-----w c:\program files\Common Files\Nullsoft
2009-05-03 19:42 . 2007-12-18 12:16 -------- d-----w c:\program files\Common Files\InstallShield
2009-05-03 19:42 . 2008-02-24 21:07 -------- d-----w c:\program files\Common Files\HP
2009-05-03 19:42 . 2008-02-24 21:06 -------- d-----w c:\program files\Common Files\Hewlett-Packard
2009-05-03 19:42 . 2008-01-04 19:23 -------- d-----w c:\program files\Common Files\Apple
2009-05-03 19:42 . 2007-12-23 22:02 -------- d-----w c:\program files\Common Files\aolshare
2009-05-03 19:42 . 2008-12-07 16:25 -------- d-----w c:\program files\Bonjour
2009-05-03 19:42 . 2008-12-07 16:28 -------- d-----w c:\program files\Apple Software Update
2009-05-03 19:42 . 2007-12-23 22:02 -------- d-----w c:\program files\AOL 9.0
2009-04-27 00:03 . 2007-12-18 12:14 12 ----a-w c:\windows\bthservsdp.dat
2009-03-08 11:34 . 2009-05-11 18:13 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 11:34 . 2009-05-11 18:13 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 11:33 . 2009-05-11 18:13 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 11:33 . 2009-05-11 18:13 109056 ----a-w c:\windows\system32\iesysprep.dll
2009-03-08 11:33 . 2009-05-11 18:13 109568 ----a-w c:\windows\system32\PDMSetup.exe
2009-03-08 11:33 . 2009-05-11 18:13 132608 ----a-w c:\windows\system32\ieUnatt.exe
2009-03-08 11:33 . 2009-05-11 18:13 107520 ----a-w c:\windows\system32\RegisterIEPKEYs.exe
2009-03-08 11:33 . 2009-05-11 18:13 107008 ----a-w c:\windows\system32\SetIEInstalledDate.exe
2009-03-08 11:33 . 2009-05-11 18:13 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 11:32 . 2009-05-11 18:13 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 11:32 . 2009-05-11 18:13 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 11:32 . 2009-05-11 18:13 66560 ----a-w c:\windows\system32\wextract.exe
2009-03-08 11:32 . 2009-05-11 18:13 169472 ----a-w c:\windows\system32\iexpress.exe
2009-03-08 11:31 . 2009-05-11 18:13 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 11:31 . 2009-05-11 18:13 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 11:31 . 2009-05-11 18:13 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 11:22 . 2009-05-11 18:13 156160 ----a-w c:\windows\system32\msls31.dll
2007-02-21 19:49 . 2007-02-21 19:49 8192 --sha-w c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((( SnapShot@2009-05-11_11.36.00 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-05-11 18:59 . 2009-05-11 18:59 65536 c:\windows\winsxs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_7b33aa7d218504d2\vcomp.dll
+ 2009-05-11 18:59 . 2009-05-11 18:59 49152 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80KOR.dll
+ 2009-05-11 18:59 . 2009-05-11 18:59 49152 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80JPN.dll
+ 2009-05-11 18:59 . 2009-05-11 18:59 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80ITA.dll
+ 2009-05-11 18:59 . 2009-05-11 18:59 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80FRA.dll
+ 2009-05-11 18:59 . 2009-05-11 18:59 61440 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80ESP.dll
+ 2009-05-11 18:59 . 2009-05-11 18:59 57344 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80ENU.dll
+ 2009-05-11 18:59 . 2009-05-11 18:59 65536 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80DEU.dll
+ 2009-05-11 18:59 . 2009-05-11 18:59 45056 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80CHT.dll
+ 2009-05-11 18:59 . 2009-05-11 18:59 40960 c:\windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131\mfc80CHS.dll
+ 2009-05-11 18:59 . 2009-05-11 18:59 57856 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\mfcm80u.dll
+ 2009-05-11 18:59 . 2009-05-11 18:59 69632 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\mfcm80.dll
+ 2009-05-11 18:59 . 2009-05-11 18:59 96256 c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.dll
+ 2009-05-11 18:13 . 2009-03-08 11:32 94720 c:\windows\winsxs\x86_microsoft-windows-ie-setup_31bf3856ad364e35_8.0.6001.18702_none_7c2a7e005d93bd9b\inseng.dll
+ 2009-05-11 18:13 . 2009-03-08 11:32 71680 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18702_none_a8bbd77e7444b9cb\iesetup.dll
+ 2009-05-11 18:13 . 2009-03-08 11:32 55808 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18702_none_a8bbd77e7444b9cb\iernonce.dll
+ 2009-05-11 18:13 . 2009-03-08 11:31 59904 c:\windows\winsxs\x86_microsoft-windows-ie-infocard_31bf3856ad364e35_8.0.6001.18702_none_3d86a1c07a097782\icardie.dll
+ 2009-05-11 18:13 . 2009-03-08 11:31 34816 c:\windows\winsxs\x86_microsoft-windows-ie-imagesupport_31bf3856ad364e35_8.0.6001.18702_none_20dfeb2e08d9ec0a\imgutil.dll
+ 2009-05-11 18:13 . 2009-03-08 11:32 66560 c:\windows\winsxs\x86_microsoft-windows-ie-iexpress_31bf3856ad364e35_8.0.6001.18702_none_4766ff3b547d623d\wextract.exe
+ 2009-05-11 18:13 . 2009-03-08 11:31 48128 c:\windows\winsxs\x86_microsoft-windows-ie-htmleditingsupport_31bf3856ad364e35_8.0.6001.18702_none_d658a8dacff20c9e\mshtmler.dll
+ 2009-05-11 18:13 . 2009-03-08 11:31 66560 c:\windows\winsxs\x86_microsoft-windows-ie-htmlediting_31bf3856ad364e35_8.0.6001.18702_none_2b140bc159303551\mshtmled.dll
+ 2009-05-11 18:13 . 2009-03-08 11:31 45568 c:\windows\winsxs\x86_microsoft-windows-ie-htmlapplication_31bf3856ad364e35_8.0.6001.18702_none_3c45119b1f28ff3d\mshta.exe
+ 2009-05-11 18:13 . 2009-03-08 11:31 13312 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.18702_none_df391163f08d7422\msfeedssync.exe
+ 2009-05-11 18:13 . 2009-03-08 11:31 55296 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.6001.18702_none_df391163f08d7422\msfeedsbs.dll
+ 2009-05-11 18:13 . 2009-03-08 11:34 43008 c:\windows\winsxs\x86_microsoft-windows-ie-controls_31bf3856ad364e35_8.0.6001.18702_none_accc7a4465be292a\licmgr10.dll
+ 2009-05-11 18:13 . 2009-03-08 11:32 72704 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_8.0.6001.18702_none_911d44271c9159e9\admparse.dll
+ 2009-05-11 18:13 . 2009-03-08 11:33 64512 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\WininetPlugin.dll
+ 2009-05-11 18:13 . 2009-03-08 11:33 25600 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\jsproxy.dll
+ 2009-05-11 18:13 . 2009-03-08 11:33 18944 c:\windows\winsxs\x86_microsoft-windows-i..tivexpolicyprovider_31bf3856ad364e35_8.0.6001.18702_none_6f561c09617d9439\corpol.dll
+ 2009-05-11 18:13 . 2009-03-08 11:31 46592 c:\windows\winsxs\x86_microsoft-windows-i..ablenetworkgraphics_31bf3856ad364e35_8.0.6001.18702_none_d0b191832934e44c\pngfilt.dll
+ 2009-05-05 18:21 . 2009-05-11 22:29 30182 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:02 . 2009-05-11 22:29 44926 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-05-11 18:13 . 2009-03-08 11:31 46592 c:\windows\System32\pngfilt.dll
+ 2009-05-11 18:13 . 2009-03-08 11:31 66560 c:\windows\System32\mshtmled.dll
+ 2009-05-11 18:13 . 2009-03-08 11:31 13312 c:\windows\System32\msfeedssync.exe
+ 2009-05-11 18:13 . 2009-03-08 11:31 55296 c:\windows\System32\msfeedsbs.dll
- 2009-05-03 22:53 . 2009-05-03 22:53 64512 c:\windows\System32\migration\WininetPlugin.dll
+ 2009-05-11 18:13 . 2009-03-08 11:33 64512 c:\windows\System32\migration\WininetPlugin.dll
+ 2009-05-11 18:13 . 2009-03-08 11:33 25600 c:\windows\System32\jsproxy.dll
+ 2009-05-11 18:13 . 2009-03-08 11:32 94720 c:\windows\System32\inseng.dll
+ 2009-05-11 18:13 . 2009-03-08 11:32 55808 c:\windows\System32\iernonce.dll
+ 2009-05-11 18:13 . 2009-03-08 11:31 59904 c:\windows\System32\icardie.dll
+ 2009-05-03 19:39 . 2009-05-11 22:25 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-05-03 19:39 . 2009-05-11 11:14 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-05-03 19:39 . 2009-05-11 22:25 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-05-03 19:39 . 2009-05-11 11:14 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-05-03 19:39 . 2009-05-11 11:14 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-05-03 19:39 . 2009-05-11 22:25 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-02-12 20:08 . 2009-05-11 18:27 38428 c:\windows\Downloaded Program Files\unagiuninst.exe
- 2008-02-12 20:08 . 2008-02-12 20:08 38428 c:\windows\Downloaded Program Files\unagiuninst.exe
+ 2009-05-11 18:13 . 2009-03-08 11:35 2048 c:\windows\winsxs\x86_microsoft-windows-ie-iecompat_31bf3856ad364e35_8.0.6001.18702_none_83daaad046b59436\iecompat.dll
+ 2009-05-05 18:18 . 2009-05-11 22:29 4392 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-624512069-2281437407-429298814-1000_UserData.bin
- 2009-05-11 11:13 . 2009-05-11 11:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-05-11 22:24 . 2009-05-11 22:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-05-11 11:13 . 2009-05-11 11:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-05-11 22:24 . 2009-05-11 22:24 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-05-11 18:13 . 2009-03-08 11:33 420352 c:\windows\winsxs\x86_microsoft-windows-scripting-vbscript_31bf3856ad364e35_8.0.6001.18702_none_2b4525a943b273a6\vbscript.dll
+ 2009-05-11 18:13 . 2009-03-08 11:33 726528 c:\windows\winsxs\x86_microsoft-windows-scripting-jscript_31bf3856ad364e35_8.0.6001.18702_none_65cb0af10cefc76a\jscript.dll
+ 2009-05-11 18:13 . 2009-03-08 11:22 156160 c:\windows\winsxs\x86_microsoft-windows-msls31_31bf3856ad364e35_8.0.6001.18702_none_aeeaf610b83f2e48\msls31.dll
+ 2009-05-11 18:13 . 2009-03-08 11:35 121344 c:\windows\winsxs\x86_microsoft-windows-js-debuggeride_31bf3856ad364e35_8.0.6001.18702_none_1de359b6148047cc\jsdebuggeride.dll
+ 2009-05-11 18:13 . 2009-03-08 11:33 256000 c:\windows\winsxs\x86_microsoft-windows-ieinstal_31bf3856ad364e35_8.0.6001.18702_none_cb86fb78a76dcdde\ieinstal.exe
+ 2009-05-11 18:13 . 2009-03-08 11:22 164352 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.18702_none_478d8ef9c3ea79a6\ieui.dll
+ 2009-05-11 18:13 . 2009-03-08 11:34 105984 c:\windows\winsxs\x86_microsoft-windows-ie-winsockautodialstub_31bf3856ad364e35_8.0.6001.18702_none_d315f3a07395d0ed\url.dll
+ 2009-05-11 18:13 . 2009-03-08 11:34 208384 c:\windows\winsxs\x86_microsoft-windows-ie-winfxdocobj_31bf3856ad364e35_8.0.6001.18702_none_d4a239fe30224f93\WinFXDocObj.exe
+ 2009-05-11 18:13 . 2009-03-08 11:33 759296 c:\windows\winsxs\x86_microsoft-windows-ie-vgx_31bf3856ad364e35_8.0.6001.18702_none_d02233c4fe8667df\VGX.dll
+ 2009-05-11 18:13 . 2009-03-08 11:33 109056 c:\windows\winsxs\x86_microsoft-windows-ie-sysprep_31bf3856ad364e35_8.0.6001.18702_none_fe7d3c2acfc7f690\iesysprep.dll
+ 2009-05-11 18:13 . 2009-03-08 11:32 173056 c:\windows\winsxs\x86_microsoft-windows-ie-setup-support_31bf3856ad364e35_8.0.6001.18702_none_a8bbd77e7444b9cb\ie4uinit.exe
+ 2009-05-11 18:13 . 2009-03-08 21:09 140128 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.18702_none_2a8eccb3a24fa0a0\sqmapi.dll
+ 2009-05-11 18:13 . 2009-03-08 11:34 193536 c:\windows\winsxs\x86_microsoft-windows-ie-ratings_31bf3856ad364e35_8.0.6001.18702_none_aa7d60ae7286ab24\msrating.dll
+ 2009-05-11 18:13 . 2009-03-08 11:33 109568 c:\windows\winsxs\x86_microsoft-windows-ie-pdm_31bf3856ad364e35_8.0.6001.18702_none_d0610d06fe575a49\PDMSetup.exe
+ 2009-05-11 18:13 . 2009-01-08 01:20 355832 c:\windows\winsxs\x86_microsoft-windows-ie-pdm_31bf3856ad364e35_8.0.6001.18702_none_d0610d06fe575a49\pdm.dll
+ 2009-05-11 18:13 . 2009-01-08 01:20 265720 c:\windows\winsxs\x86_microsoft-windows-ie-pdm_31bf3856ad364e35_8.0.6001.18702_none_d0610d06fe575a49\msdbg2.dll
+ 2009-05-11 18:13 . 2009-03-08 11:34 236544 c:\windows\winsxs\x86_microsoft-windows-ie-offlinefavorites_31bf3856ad364e35_8.0.6001.18702_none_44170552678500f2\webcheck.dll
+ 2009-05-11 18:13 . 2009-03-08 11:34 109568 c:\windows\winsxs\x86_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_8.0.6001.18702_none_1a118a8629ee860e\occache.dll
+ 2009-05-11 18:13 . 2009-03-08 11:35 233984 c:\windows\winsxs\x86_microsoft-windows-ie-jsprofilerui_31bf3856ad364e35_8.0.6001.18702_none_d5ea1c01e3fe67ea\jsprofilerui.dll
+ 2009-05-11 18:13 . 2009-03-08 11:35 118272 c:\windows\winsxs\x86_microsoft-windows-ie-jsprofilercore_31bf3856ad364e35_8.0.6001.18702_none_ed92bec9472aab53\JSProfilerCore.dll
+ 2009-05-11 18:13 . 2009-03-08 11:35 521216 c:\windows\winsxs\x86_microsoft-windows-ie-jscriptdebugui_31bf3856ad364e35_8.0.6001.18702_none_9d577137e370ad2c\jsdbgui.dll
+ 2009-05-11 18:13 . 2009-03-08 21:09 638816 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_124d22632fc9f126\iexplore.exe
+ 2009-05-11 18:13 . 2009-03-08 11:33 132608 c:\windows\winsxs\x86_microsoft-windows-ie-internetexplorer_31bf3856ad364e35_8.0.6001.18702_none_124d22632fc9f126\ieUnatt.exe
+ 2009-05-11 18:13 . 2009-03-08 11:35 144384 c:\windows\winsxs\x86_microsoft-windows-ie-impexp-extexport_31bf3856ad364e35_8.0.6001.18702_none_10e8e2fad95106ab\ExtExport.exe
+ 2009-05-11 18:13 . 2009-03-08 11:32 169472 c:\windows\winsxs\x86_microsoft-windows-ie-iexpress_31bf3856ad364e35_8.0.6001.18702_none_4766ff3b547d623d\iexpress.exe
+ 2009-05-11 18:13 . 2009-03-08 11:33 196096 c:\windows\winsxs\x86_microsoft-windows-ie-ieshims_31bf3856ad364e35_8.0.6001.18702_none_2a78524fb0047330\IEShims.dll
+ 2009-05-11 18:13 . 2009-03-08 11:33 246784 c:\windows\winsxs\x86_microsoft-windows-ie-ieproxy_31bf3856ad364e35_8.0.6001.18702_none_731a06b9605c0cc2\ieproxy.dll
+ 2009-05-11 18:13 . 2009-03-08 11:34 115712 c:\windows\winsxs\x86_microsoft-windows-ie-ielowutil_31bf3856ad364e35_8.0.6001.18702_none_e9612e8087062a88\ielowutil.exe
+ 2009-05-11 18:14 . 2009-04-25 12:39 102400 c:\windows\winsxs\x86_microsoft-windows-ie-iecompat_31bf3856ad364e35_8.0.6001.22867_none_842869855fff5a59\iecompat.dll
+ 2009-05-11 18:14 . 2009-04-25 03:31 102400 c:\windows\winsxs\x86_microsoft-windows-ie-iecompat_31bf3856ad364e35_8.0.6001.18777_none_8393fcce46e9d680\iecompat.dll
+ 2009-05-11 18:13 . 2009-03-08 11:33 125952 c:\windows\winsxs\x86_microsoft-windows-ie-iecleanup_31bf3856ad364e35_8.0.6001.18702_none_a0d17792aa595b3e\iecleanup.exe
+ 2009-05-11 18:13 . 2009-03-08 11:33 103936 c:\windows\winsxs\x86_microsoft-windows-ie-gc-setdepnx_31bf3856ad364e35_8.0.6001.18702_none_9396116207a33bbc\SetDepNx.exe
+ 2009-05-11 18:13 . 2009-03-08 11:33 107520 c:\windows\winsxs\x86_microsoft-windows-ie-gc-registeriepkeys_31bf3856ad364e35_8.0.6001.18702_none_0ad3f877399acafc\RegisterIEPKEYs.exe
+ 2009-05-11 18:13 . 2009-03-08 11:32 594432 c:\windows\winsxs\x86_microsoft-windows-ie-feeds-platform_31bf3856ad364e35_8.0.6001.18702_none_42d1aca65041d4fb\msfeeds.dll
+ 2009-05-11 18:13 . 2009-03-08 11:31 216064 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_8.0.6001.18702_none_7ab17169976f82c4\dxtrans.dll
+ 2009-05-11 18:13 . 2009-03-08 11:31 348160 c:\windows\winsxs\x86_microsoft-windows-ie-directxtransforms_31bf3856ad364e35_8.0.6001.18702_none_7ab17169976f82c4\dxtmsft.dll
+ 2009-05-11 18:13 . 2009-03-08 11:35 742912 c:\windows\winsxs\x86_microsoft-windows-ie-devtools_31bf3856ad364e35_8.0.6001.18702_none_1e902f2a55a1ce84\iedvtool.dll
+ 2009-05-11 18:13 . 2009-03-08 11:31 183808 c:\windows\winsxs\x86_microsoft-windows-ie-behaviors_31bf3856ad364e35_8.0.6001.18702_none_1faea70907d94aa5\iepeers.dll
+ 2009-05-11 18:13 . 2009-03-08 11:11 445952 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_8.0.6001.18702_none_de7d38b18189fc96\ieapfltr.dll
+ 2009-05-11 18:13 . 2009-03-08 11:32 163840 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_8.0.6001.18702_none_911d44271c9159e9\ieakui.dll
+ 2009-05-11 18:13 . 2009-03-08 11:33 229376 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitmostfiles_31bf3856ad364e35_8.0.6001.18702_none_911d44271c9159e9\ieaksie.dll
+ 2009-05-11 18:13 . 2009-03-08 11:33 125952 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitengine_31bf3856ad364e35_8.0.6001.18702_none_87015889ddff063f\ieakeng.dll
+ 2009-05-11 18:13 . 2009-03-08 21:09 391536 c:\windows\winsxs\x86_microsoft-windows-ie-adminkitbranding_31bf3856ad364e35_8.0.6001.18702_none_573b8ed36d48a30a\iedkcs32.dll
+ 2009-05-11 18:13 . 2009-03-08 11:34 914944 c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.6001.18702_none_e4d415d7b79e8243\wininet.dll
+ 2009-05-11 18:13 . 2009-03-08 11:32 611840 c:\windows\winsxs\x86_microsoft-windows-i..mlrenderingadvanced_31bf3856ad364e35_8.0.6001.18702_none_c3b0c8fe923e1b1f\mstime.dll
+ 2009-05-11 18:13 . 2009-03-08 11:33 107008 c:\windows\winsxs\x86_microsoft-windows-i..-setieinstalleddate_31bf3856ad364e35_8.0.6001.18702_none_eb622404d6d4cb81\SetIEInstalledDate.exe
+ 2009-05-11 18:13 . 2009-03-08 11:32 128512 c:\windows\winsxs\x86_microsoft-windows-advpack_31bf3856ad364e35_8.0.6001.18702_none_8eb687d4089bfe4d\advpack.dll
+ 2009-05-11 18:13 . 2009-03-08 11:34 208384 c:\windows\System32\WinFXDocObj.exe
+ 2009-05-11 18:13 . 2009-03-08 11:34 236544 c:\windows\System32\webcheck.dll
- 2006-11-02 08:50 . 2006-11-02 09:46 105984 c:\windows\System32\url.dll
+ 2009-05-11 18:13 . 2009-03-08 11:34 105984 c:\windows\System32\url.dll
- 2006-11-02 10:33 . 2009-05-11 11:20 618410 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2009-05-11 22:31 618410 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2009-05-11 22:31 103818 c:\windows\System32\perfc009.dat
- 2006-11-02 10:33 . 2009-05-11 11:20 103818 c:\windows\System32\perfc009.dat
+ 2009-05-11 18:13 . 2009-03-08 11:34 109568 c:\windows\System32\occache.dll
+ 2009-05-11 18:13 . 2009-03-08 11:32 611840 c:\windows\System32\mstime.dll
+ 2009-05-11 18:13 . 2009-03-08 11:34 193536 c:\windows\System32\msrating.dll
+ 2009-05-11 18:13 . 2009-03-08 11:32 594432 c:\windows\System32\msfeeds.dll
+ 2009-05-11 18:13 . 2009-03-08 11:33 726528 c:\windows\System32\jscript.dll
+ 2009-05-11 17:11 . 2009-05-11 17:11 148888 c:\windows\System32\javaws.exe
+ 2009-05-11 17:11 . 2009-05-11 17:11 144792 c:\windows\System32\javaw.exe
+ 2009-05-11 17:11 . 2009-05-11 17:11 144792 c:\windows\System32\java.exe
+ 2009-05-11 18:13 . 2009-03-08 11:22 164352 c:\windows\System32\ieui.dll
+ 2009-05-11 18:13 . 2009-03-08 11:31 183808 c:\windows\System32\iepeers.dll
+ 2009-05-11 18:13 . 2009-03-08 21:09 391536 c:\windows\System32\iedkcs32.dll
+ 2009-05-11 18:13 . 2009-03-08 11:11 445952 c:\windows\System32\ieapfltr.dll
+ 2009-05-11 18:13 . 2009-03-08 11:32 163840 c:\windows\System32\ieakui.dll
+ 2009-05-11 18:13 . 2009-03-08 11:33 229376 c:\windows\System32\ieaksie.dll
+ 2009-05-11 18:13 . 2009-03-08 11:33 125952 c:\windows\System32\ieakeng.dll
+ 2009-05-11 18:13 . 2009-03-08 11:32 173056 c:\windows\System32\ie4uinit.exe
+ 2009-05-11 18:13 . 2009-03-08 11:31 216064 c:\windows\System32\dxtrans.dll
+ 2009-05-11 18:13 . 2009-03-08 11:31 348160 c:\windows\System32\dxtmsft.dll
+ 2009-05-11 18:17 . 2009-05-11 18:17 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-05-11 18:13 . 2009-03-08 11:32 128512 c:\windows\System32\advpack.dll
+ 2009-05-11 18:59 . 2009-05-11 18:59 1093120 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\mfc80u.dll
+ 2009-05-11 18:59 . 2009-05-11 18:59 1101824 c:\windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\mfc80.dll
+ 2009-05-11 18:13 . 2009-03-08 11:32 1985024 c:\windows\winsxs\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_8.0.6001.18702_none_2a8eccb3a24fa0a0\iertutil.dll
+ 2009-05-11 18:13 . 2009-03-08 11:41 5937152 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.18702_none_f62e34f637f4eb79\mshtml.dll
+ 2009-05-11 18:13 . 2009-02-07 04:07 3698584 c:\windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_8.0.6001.18702_none_de7d38b18189fc96\ieapfltr.dat
+ 2009-05-11 18:13 . 2009-03-08 11:34 1206784 c:\windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_8.0.6001.18702_none_97ce3a35ec955bb0\urlmon.dll
+ 2009-05-11 18:13 . 2009-03-08 11:34 1206784 c:\windows\System32\urlmon.dll
+ 2006-11-02 10:22 . 2009-05-11 21:44 6029312 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
- 2006-11-02 10:22 . 2009-05-11 00:07 6029312 c:\windows\System32\SMI\Store\Machine\SCHEMA.DAT
+ 2009-05-11 18:13 . 2009-03-08 11:41 5937152 c:\windows\System32\mshtml.dll
+ 2009-05-11 18:13 . 2009-03-08 11:32 1985024 c:\windows\System32\iertutil.dll
+ 2009-05-11 18:13 . 2009-02-07 04:07 3698584 c:\windows\System32\ieapfltr.dat
+ 2009-05-11 18:13 . 2009-03-08 11:39 11063808 c:\windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_8.0.6001.18702_none_478d8ef9c3ea79a6\ieframe.dll
+ 2009-05-11 18:13 . 2009-03-08 11:39 11063808 c:\windows\System32\ieframe.dll
+ 2009-05-06 13:28 . 2009-05-11 22:35 148403600 c:\windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Aim6"="c:\program files\AIM6\aim6.exe" [2008-10-31 50480]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 202544]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-18 68856]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-11-07 111936]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 16384]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2007-05-25 17920]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-08-09 29744]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 49152]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2006-10-20 118784]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-11-04 413696]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 221184]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 202544]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13535776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-03 92704]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-11 148888]
"HostManager"="c:\program files\Common Files\AOL\1198447098\ee\AOLSoftware.exe" [2006-09-26 50736]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-01-17 4907008]

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{0033E7E4-62EE-48EB-A55C-D7C979378C41}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{6EF45948-BA89-4A20-9BE4-782633E8D34F}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{38E32F26-38B7-42E8-8C19-290C9FFF5CEF}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{98E1EECD-7796-4A3A-9E48-9FC2DCF99B34}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{561DE972-9257-42AB-996A-5C0B592DF81D}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{528A8B54-3ECB-4A71-8DAD-A5B61DE86C59}"= TCP:c:\program files\Common Files\AOL\1198447098\ee\aolsoftware.exe:AOL Services
"{700EFC8C-2C02-4419-8F08-69CB83B4C872}"= UDP:c:\program files\Common Files\AOL\1198447098\ee\aolsoftware.exe:AOL Services
"{648E4080-4ECF-4DE5-BB68-B24DD46F7DF1}"= TCP:c:\program files\Common Files\AOL\System Information\sinf.exe:AOL System Information
"{3AD40940-6A17-4C9A-BD44-CD52E9E55724}"= UDP:c:\program files\Common Files\AOL\System Information\sinf.exe:AOL System Information
"{2E3261C9-DD00-4F1F-BC08-5EF82653A82B}"= TCP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{D602E0BF-B5CF-4C76-BAA8-C9AFD821B894}"= UDP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{8E0394CD-70CC-4471-8949-B1D5A3AEBC20}"= TCP:c:\program files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{90F96092-DBC8-4C84-A74E-915EBA7A5A48}"= UDP:c:\program files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{111B8520-A5EE-4E71-8F38-B16E9C13DBC9}"= TCP:c:\program files\AOL 9.0\waol.exe:AOL
"{8870B137-D558-4293-996E-4621F97C333B}"= UDP:c:\program files\AOL 9.0\waol.exe:AOL
"{916EE785-88F2-4FBB-9405-D63E647180F2}"= TCP:c:\program files\Common Files\AOL\ACS\AOLacsd.exe:AOL Connectivity Service
"{45D81B4D-CBE0-4CC2-B52F-208AF18247E9}"= UDP:c:\program files\Common Files\AOL\ACS\AOLacsd.exe:AOL Connectivity Service
"{892AF752-59DD-47F9-91EB-C41D982DC9E6}"= TCP:c:\program files\Common Files\AOL\ACS\AOLDial.exe:AOL Connectivity Service Dialer
"{626654D7-0B9B-4E68-A9BB-3655C65D4BA2}"= UDP:c:\program files\Common Files\AOL\ACS\AOLDial.exe:AOL Connectivity Service Dialer
"{C59906FE-830D-497E-AF97-904A5F271C64}"= TCP:c:\program files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe:Yahoo! Music Jukebox
"{77695702-BFF5-487D-B643-631788FAA35B}"= UDP:c:\program files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe:Yahoo! Music Jukebox
"{AA8907A7-400A-48C0-B4D5-047CAC520921}"= UDP:c:\program files\AIM6\aim6.exe:AIM
"{02AD6EA5-FE06-4BF2-BA0D-F540BD95E079}"= TCP:c:\program files\AIM6\aim6.exe:AIM

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R0 amacpi;Microsoft Away Mode System;c:\windows\System32\drivers\null.sys [11/2/2006 3:51 AM 4608]
R2 AERTFilters;Andrea RT Filters Service;c:\windows\System32\AERTSrv.exe [12/5/2007 6:17 AM 77824]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2/12/2008 3:09 PM 24652]
R3 rt61x86;Ralink RT61 Wireless Driver for Windows Vista;c:\windows\System32\drivers\netr61.sys [11/26/2008 1:51 PM 333824]
S2 TmPfw;Trend Micro Personal Firewall;c:\program files\Trend Micro\Internet Security 14\TmPfw.exe --> c:\program files\Trend Micro\Internet Security 14\TmPfw.exe [?]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [12/18/2007 7:28 AM 29744]

--- Other Services/Drivers In Memory ---

*Deregistered* - tmtdi

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-11 17:54
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-05-11 17:56
ComboFix-quarantined-files.txt 2009-05-11 22:56
ComboFix2.txt 2009-05-11 11:37

Pre-Run: 181,442,404,352 bytes free
Post-Run: 180,971,917,312 bytes free

938 --- E O F --- 2009-05-11 18:14
mattrowe
Active Member
 
Posts: 6
Joined: May 6th, 2009, 6:26 pm

Re: unofficial family "computer guy"

Unread postby Katana » May 12th, 2009, 6:30 am

mattrowe wrote:I am also trying to figure out what software doesn't need to load every time the computer boots up.

For the boot load items please try the following ...

Fix With HJT

Please note:- Due to the restrictions on Vista, all tools should be started by Right-Click >>> Run As Administrator
Close all other windows and then start HiJack This
Click Do A System Scan Only
When it has finished scanning put a check next to the following lines IF still present
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

- Close ALL open windows (especially Internet Explorer!)-
Now click Fix checked
Click yes to any prompts
Close HijackThis


Download Winpatrol It is an excellent startup manager and then some !!

Install Winpatrol, and when running click on the Startup Programs tab
The following items can safely be disabled.

[Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
[dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
[ECenter] C:\Dell\E-Center\EULALauncher.exe
[Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
[HostManager] C:\Program Files\Common Files\AOL\1198447098\ee\AOLSoftware.exe
[HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
[ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
[iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
[PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
[QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
[RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
[Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
[ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
[DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
[NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
[NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
[RtHDVCpl] RtHDVCpl.exe
[Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
[DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
[swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe


Just click on each item and then click Disable
(if the program is running, Winpatrol will ask if you wish to stop it)

Reboot your computer and see if that has helped the boot time.


----------------------------------------------------------- -----------------------------------------------------------

Congratulations your logs look clean :)

Let's see if I can help you keep it that way

First lets tidy up

Please delete RSIT.exe and C:\RSIT (entire folder)
You can also delete any logs we have produced, and empty your Recycle bin.


Uninstall Combofix
  • This will clear your System Volume Information restore points and remove all the infected files that were quarantined
  • Click START, type RUN into the search box, then click Enter
  • Now type Combofix /u in the runbox and click OK. Note the space between the X and the /U, it needs to be there.
    • Image

----------------------------------------------------------- -----------------------------------------------------------

The following is some info to help you stay safe and clean.


You may already have some of the following programs, but I include the full list for the benefit of all the other people who will be reading this thread in the future.
( Vista users must ensure that any programs are Vista compatible BEFORE installing )

Online Scanners
I would recommend a scan at one or more of the following sites at least once a month.

http://www.pandasecurity.com/activescan
http://www.kaspersky.com/kos/eng/partne ... bscan.html

!!! Make sure that all your programs are updated !!!
Secunia Software Inspector does all the work for you, .... see HERE for details

AntiSpyware
    AntiSpyware is not the same thing as Antivirus.
    Different AntiSpyware programs detect different things, so in this case it is recommended that you have more than one.
    You should only have one running all the time, the other/s should be used "on demand" on a regular basis.
    Most of the programs in this list have a free (for Home Users ) and paid versions,
    it is worth paying for one and having "realtime" protection, unless you intend to do a manual scan often.
  • Spybot - Search & Destroy <<< A must have program
    • It includes host protection and registry protection
    • A hosts file is a bit like a phone book, it points to the actual numeric address (i.e. the IP address) from the human friendly name of a website. This feature can be used to block malicious websites
  • MalwareBytes Anti-malware <<< A New and effective program
  • a-squared Free <<< A good "realtime" or "on demand" scanner
  • superantispyware <<< A good "realtime" or "on demand" scanner

Prevention
    These programs don't detect malware, they help stop it getting on your machine in the first place.
    Each does a different job, so you can have more than one
  • Winpatrol
    • An excellent startup manager and then some !!
    • Notifies you if programs are added to startup
    • Allows delayed startup
    • A must have addition
  • SpywareBlaster 4.0
    • SpywareBlaster sets killbits in the registry to prevent known malicious activex controls from installing themselves on your computer.
  • SpywareGuard 2.2
    • SpywareGuard provides real-time protection against spyware.
    • Not required if you have other "realtime" antispyware or Winpatrol
  • ZonedOut
    • Formerly known as IE-SPYAD, adds a long list of sites and domains associated with known advertisers and marketers to the Restricted sites zone of Internet Explorer.
  • MVPS HOSTS
    • This little program packs a powerful punch as it blocks ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers.
    • For information on how to download and install, please read this tutorial by WinHelp2002.
    • Not required if you are using other host file protections

Internet Browsers
    Microsoft has worked hard to make IE.7 a more secure browser, unfortunately whilst it is still the leading browser of choice it will always be under attack from the bad guys.
    Using a different web browser can help stop malware getting on your machine.
    • Make your Internet Explorer more secure - This can be done by following these simple instructions:
      1. From within Internet Explorer click on the Tools menu and then click on Options.
      2. Click once on the Security tab
      3. Click once on the Internet icon so it becomes highlighted.
      4. Click once on the Custom Level button.
        • Change the Download signed ActiveX controls to Prompt
        • Change the Download unsigned ActiveX controls to Disable
        • Change the Initialise and script ActiveX controls not marked as safe to Disable
        • Change the Installation of desktop items to Prompt
        • Change the Launching programs and files in an IFRAME to Prompt
        • Change the Navigate sub-frames across different domains to Prompt
        • When all these settings have been made, click on the OK button.
        • If it prompts you as to whether or not you want to save the settings, press the Yes button.
      5. Next press the Apply button and then the OK to exit the Internet Properties page.
    If you are still using IE6 then either update, or get one of the following.
    • FireFox
      • With many addons available that make customization easy this is a very popular choice
      • NoScript and AdBlockPlus addons are essential
    • Opera
      • Another popular alternative
    • Netscape
      • Another popular alternative
      • Also has Addons available

Cleaning Temporary Internet Files and Tracking Cookies
    Temporary Internet Files are mainly the files that are downloaded when you open a web page.
    Unfortunately, if the site you visit is of a dubious nature or has been hacked, they can also be an entry point for malware.
    It is a good idea to empty the Temporary Internet Files folder on a regular basis.

    Tracking Cookies are files that websites use to monitor which sites you visit and how often.
    A lot of Antispyware scanners pick up these tracking cookies and flag them as unwanted.
    CAUTION :- If you delete all your cookies you will lose any autologin information for sites that you visit, and will need your passwords

    Both of these can be cleaned manually, but a quicker option is to use a program
  • ATF Cleaner
    • Free and very simple to use
  • CCleaner
    • Free and very flexible, you can chose which cookies to keep

Also PLEASE read this article.....So How Did I Get Infected In The First Place

The last and most important thing I can tell you is UPDATE.
If you don't update your security programs (Antivirus, Antispyware even Windows) then you are at risk.
Malware changes on a day to day basis. You should update every week at the very least.

If you follow this advice then (with a bit of luck) you will never have to hear from me again :D


If you could post back one more time to let me know everything is OK, then I can have this thread archived.

Happy surfing K'
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: unofficial family "computer guy"

Unread postby mattrowe » May 12th, 2009, 11:02 am

Great, everything is working smoothly. I took all the recommendations and set up the computer as well as possible, hopefully my niece can continue keeping her computer safe. Thank you for all of your efforts, they are greatly appreciated! :)
mattrowe
Active Member
 
Posts: 6
Joined: May 6th, 2009, 6:26 pm

Re: unofficial family "computer guy"

Unread postby NonSuch » May 18th, 2009, 4:47 am

As this issue appears to be resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27304
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 89 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware