Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Network adapters have yellow caution sign -Router issue

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Network adapters have yellow caution sign -Router issue

Unread postby gabol » September 24th, 2009, 1:42 pm

Hi,

My problem is that I can not connect to my wireless network (router) with my laptop. I'm writing this post with my other laptop.
When I click on Network Adapters under System, I see a yellow caution sign next to all of them. I tried running some of my antispyware software and found some bugs, but it did not fix the problem.
Then I tried a system restore, but it would not let me click on any date or go back to last month or last year, it's blocked. (I'm guessing it's the virus/bug not letting me do a system restore). How do I restore my network adapters?

Thank you,
GML

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:49:25 PM, on 9/24/2007
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\IObit\IObit Security 360\IS360srv.exe
C:\Program Files\Kodak\printer\center\KodakSvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customi ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - ?p=ZRfox000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTSIns ... cat_uid=12
O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} (HidInputMonitorX Control) - file:///D:/components/hidinputmonitorx.ocx
O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} (A9Helper.A9) - file:///D:/components/A9.ocx
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 4388671796
O16 - DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} (WMVHDRatingCtrl Class) - file:///D:/components/wmvhdrating.ocx
O16 - DPF: {CCA0B877-CB5E-4ADC-AD30-457C379512DD} (Gif89 Lite Class) - http://192.168.0.35/xplugLite.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
O23 - Service: Kodak AiO Device Service (KodakSvc) - Eastman Kodak Company - C:\Program Files\Kodak\printer\center\KodakSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe

--
End of file - 7961 bytes
gabol
Regular Member
 
Posts: 48
Joined: July 21st, 2009, 11:08 am
Advertisement
Register to Remove

Re: Network adapters have yellow caution sign -Router issue

Unread postby MWR 3 day Mod » September 29th, 2009, 1:14 am

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.
MWR 3 day Mod
MRU Undergrad
MRU Undergrad
 
Posts: 2534
Joined: April 4th, 2008, 8:40 am

Re: Network adapters have yellow caution sign -Router issue

Unread postby Dakeyras » October 2nd, 2009, 4:55 am

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.

Hi gabol. :)

I'm Dakeyras and I am going to try to assist you with your problem. Please take note of the below:

  • I will start working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine!.
  • The process is not instant. Please continue to review my answers until I tell you your machine is clear. Absence of symptoms does not mean that everything is clear.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Refrain from running self fixes as this will hinder the malware removal process.
  • It may prove beneficial if you print of the following instructions or save them to notepad as I post them.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

Before we start:

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Next:

Do you have a USB type drive we can use to transfer tools/logs between the machine you require assistance with and the other laptop at your disposal you mentioned?

Can you please inform myself what operating system is in use on the other laptop?

Answer the above please and we can go from there OK. :thumbup:
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8732
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: Network adapters have yellow caution sign -Router issue

Unread postby gabol » October 2nd, 2009, 9:56 am

Hi Dakeyras,

My other machine has Windows XP and yes a do have a USB pen drive.

thank you,
GML
gabol
Regular Member
 
Posts: 48
Joined: July 21st, 2009, 11:08 am

Re: Network adapters have yellow caution sign -Router issue

Unread postby Dakeyras » October 2nd, 2009, 10:21 am

Hi. :)

It may prove beneficial if you print of the following instructions or save them to notepad.

We will be using the Non Infected computer you mentioned in your last post we have available for use and the USB Pen Drive.

Please boot-up/start(if not running) the aforementioned computer.

  • Please download Flash_Disinfector and save it to the desktop.
  • Do not use this yet! We will be shortly.

Next

  • Attach the USB Pen Drive
  • Double click on the desktop icon My Computer or if not present Start >> My Computer
  • Make a note of the drive letter assigned to your USB Thumb Drive. For example it may be as follows: USB (E:)
  • Now go to Start >> Run and type in the following exactly:
  • Format X: <--- substitute X with the previously noted USB Thumb Drive drive letter designation and make sure to include : (colon) also
  • Now click on OK
  • Now the C:\Windows\system32\format.com window will launch.
  • The wording will be something similar to the below:

Insert a new disk for drive X:
and press Enter when ready....


  • Ignore this part and just hit the Enter key
  • The format will now begin.
  • At the prompt Volume label (11 characters, ENTER for none)?
  • Either name your drive what you wish, say gabol for example or just hit the Enter key
  • Your USB Pen Drive is now formatted and if it was infected, it should now be clean.

If for any reason you could not carry out the above, please perform the following instead:

Remove your USB/FlashDrive safely from the Non Infected computer.

  • Double click on Flash_Disinfector click to run it.
  • You will be prompted to plug in your flash/usb drive. Plug it in.
  • Flash_Disinfector will start disinfecting your flash and hard drives. This takes a few seconds. Your desktop will disappear in the meantime.
  • When done, a message box will appear. Click OK. Your desktop should now appear. If it doesn't, press Ctrl + Shift + Esc to open Task Manager.
  • Click on File > New Task (Run...). Type in explorer.exe and press Enter. Your desktop should now appear.

Next:

Please download the following to your Flash/USB Drive:


Next:

Remove your USB/FlashDrive safely from the Non Infected computer.

Next:

Note: Keep your infected computer offline during all of the below. Any logs/reports requested will have to be saved to your USB Drive.

  • Make sure your infected computer is switched off and connect your USB Thumb Drive.
  • Now boot it up in to Normal Mode.

Next:

  • Navigate to your USB/Flash Drive
  • Click once on Fix Policies to highlight it
  • Now under File and Folder Tasks
  • Select Move this file
  • In the Move Items that appears select Desktop and click on the Move button

Now carry out the same above procedure so that the following also are on the Desktop of your Infected Computer:

  • gmer.exe <-- whatever it was randomly named during initial download.
  • RSIT.exe

Next:

  • Double-click on FixPolicies.exe.
  • Click the "Install" button on the bottom toolbar of the box that will open.
  • The program will create a new Folder called FixPolicies
  • Double-click to Open the new Folder, and then double-click the file within: Fix_Policies.cmd.
  • A black box should briefly appear and then close.
  • Leave FixPolicies on your desktop please until I otherwise advise, thank you.

Next:

  • Double click on the desktop RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open:
    • log.txt will be opened maximized.
    • info.txt will be opened minimized.
  • Please save the contents of both log.txt and info.txt to your USB/Flash Drive.

Next:

  • Double click the .exe file. If asked to allow gmer.sys driver to load, please consent
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO
    Image
    Click the image to enlarge it
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All (don't miss this one)
  • Then click the Scan button & wait for it to finish
  • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file
  • Now please save/transfer the log to your USB/Flash Drive.
**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Note: Do not run any programs while Gmer is running.

Power down switch of your infected computer, then remove your USB/Flash Drive.

Now please return to the Non Infected computer we have access to, power up if switched off then:

Flash_Disinfector

  • Double click to run it.
  • You will be prompted to plug in your Flash/USB Drive. Plug it in.
  • Flash_Disinfector will start disinfecting your flash and hard drives. This takes a few seconds. Your desktop will disappear in the meantime.
  • When done, a message box will appear. Click OK. Your desktop should now appear. If it doesn't, press Ctrl + Shift + Esc to open Task Manager.
  • Click on File > New Task (Run...). Type in explorer.exe and press Enter. Your desktop should now appear.

When completed the above, please post back the following in the order asked for:

  • How is you computer performing now, any further symptoms and or problems encountered?
  • GMER log.
  • Both RSIT logs
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8732
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: Network adapters have yellow caution sign -Router issue

Unread postby gabol » October 4th, 2009, 2:38 pm

info.txt logfile of random's system information tool 1.06 2007-10-04 14:12:39

======Uninstall list======

-->"C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MTP_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
-->C:\WINDOWS\system32\\MSIEXEC.EXE /I {09DA4F91-2A09-4232-AB8C-6BC740096DE3} REMOVE=UpdateMgrFeature
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {BE130CAB-F7AA-4660-96A2-6BCCE9743946}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{939F8208-C8CE-4AFF-B7BA-ACEB2E74A6CB}\Setup.exe"
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C029DB0E-C59F-417A-90F8-88FD5B2C4AE7}\setup.exe" -l0x9
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 9.04 beta-->"C:\Program Files\7-Zip\Uninstall.exe"
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}
Adobe Color Video Profiles CS CS4-->MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->C:\Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8\Setup.exe --uninstall=1
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Photoshop CS4-->MsiExec.exe /I{E4848436-0345-47E2-B648-8B522FCDA623}
Adobe Reader 8.1.5-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe"
aiofw-->MsiExec.exe /I{791E3D44-33D3-4446-82AD-5CD4B0169083}
aioocr-->MsiExec.exe /I{3BED0238-3A25-41AE-BC23-316914B5B048}
aioprnt-->MsiExec.exe /I{2A97D5B3-A989-47E1-B207-1CA9E3635655}
aioscnnr-->MsiExec.exe /I{C0251585-1BE8-4278-B3CB-964B6E01C59D}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
a-squared Free 4.5-->"C:\Program Files\a-squared Free\unins000.exe"
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Autodesk DWF Viewer-->C:\PROGRA~1\Autodesk\AUTODE~1\Setup.exe /remove
Autodesk Express Viewer-->C:\PROGRA~1\Autodesk\AUTODE~2\Setup.exe /remove
Canon SELPHY DS810-->C:\WINDOWS\system32\CNMCP7F.exe "-PRINTERNAMECanon SELPHY DS810" "-HELPERDLLC:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon SELPHY DS810 Installer\Inst2\cnmis.dll" "-RCDLLcnmi0409.dll"
Canon Utilities CP Printer Guide-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{C3EA3B88-1083-4227-BCB7-76C05CA200DF}
Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
Canon Utilities EOS Utility-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\EOS Utility\Uninst.ini"
Canon Utilities PhotoStitch-->"C:\Program Files\Common Files\Canon\UIW\1.2.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
center-->MsiExec.exe /I{79E41D91-BA1C-44B9-9358-48E598263ECF}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Citrix ICA Web Client-->C:\WINDOWS\system32\ctxsetup.exe /uninst C:\PROGRA~1\Citrix\icaweb32\uninst.inf
Compresor WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Conexant AC-97 Audio-->CIAunwdm.exe
Conexant Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_3082103C\HXFSETUP.EXE -U -Ihpm30825.inf
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
Corel Painter X-->C:\Program Files\Corel\Corel Painter X\MSILauncher {05D60953-9012-44DF-A1A6-9DD97AD6580A} C:\DOCUME~1\HECTOR~1\LOCALS~1\Temp\PainterX.log
Corel Painter X-->MsiExec.exe /I{05D60953-9012-44DF-A1A6-9DD97AD6580A}
Creative MediaSource 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x9 /remove
Disc2Phone-->MsiExec.exe /I{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}
DV Network Software-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{FE5A75B7-C470-48A3-9B04-95F1102B2A68} /l1033
Easy Internet Sign-up-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1033
ESET NOD32 Antivirus-->MsiExec.exe /I{0CD8B5F6-07F5-4966-AD48-290A948A5BC5}
ESPNMotion-->C:\PROGRA~1\ESPNMO~1\UNWISE.EXE /u C:\PROGRA~1\ESPNMO~1\INSTALL.LOG
ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore-->MsiExec.exe /I{42938595-0D83-404D-9F73-F8177FDD531A}
ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock-->MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC-->MsiExec.exe /I{073F22CE-9A5B-4A40-A604-C7270AC6BF34}
ESSTOOLS-->MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
essvatgt-->MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
fflink-->MsiExec.exe /I{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}
Free DWG Viewer 5.2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}\Setup.exe" -l0x9
GemMaster Mystic-->"C:\Program Files\GemMaster\uninstallgemmaster.exe"
Google Earth-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x9 -removeonly
Help_CTR-->MsiExec.exe /I{0996C331-6DCB-4E38-A3EC-0A77ABAE1361}
helptut-->MsiExec.exe /I{843081BD-351F-46FC-8A17-517A0D9117A3}
helpug-->MsiExec.exe /I{DC626A21-EDF1-40C7-8F2F-D2BA7535529F}
Herramienta de carga de Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Deskjet 3840 Series-->rundll32 hpzcon10.dll,VendorJettison HP Deskjet 3840 Series
HP Deskjet 3840-->msiexec /x{B1591C79-1C35-4E09-AA15-F7D6923AFB96}
HP Dual TV Tuner / Digital Video Recorder Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F575545A-51DE-4909-9095-738A83637826}\Setup.exe"
HP Extended Capabilities 5.3-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Help and Support-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.exe" -l0x9 -removeonly
HP Image Zone for Media Center PC-->MsiExec.exe /X{8D0C57BC-4942-4960-BB6D-142456D6F233}
HP Image Zone Plus 4.5.3-->C:\Program Files\HP\Digital Imaging\{D0420D64-8D33-4374-A2B2-9225C7925CA6}\setup\hpzscr01.exe -datfile hpdscr01.dat
HP Imaging Device Functions 5.3-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Tunes-->MsiExec.exe /X{C9DC1E02-D0D4-4642-BCF5-20B0E487B6CC}
HP Wireless Assistant 1.01 A2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\setup.exe" -l0x9 hpquninst
ImageMixer VCD2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F8C6BABF-0837-4EA0-AD6C-8E5A392A7538}\setup.exe" -l0xa UNINSTALL
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
IObit Security 360 RC-->"C:\Program Files\IObit\IObit Security 360\unins000.exe"
iTunes-->MsiExec.exe /I{553E56C3-7AA1-45FE-A2FC-2C43DC27F765}
J2SE Runtime Environment 5.0 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
kgcbaby-->MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344}
kgcbase-->MsiExec.exe /I{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}
kgchday-->MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E}
kgchlwn-->MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1}
kgcinvt-->MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B}
kgckids-->MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4}
kgcmove-->MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC}
kgcvday-->MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549}
KODAK All-in-One Printer Software-->C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140002_74c78\Setup.exe /APR-REMOVE
ksdip-->MsiExec.exe /I{73F1681F-ADE1-461F-9F18-B7640507D395}
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe
Macromedia Flash Player-->MsiExec.exe /X{0456ebd7-5f67-4ab6-852e-63781e3f389c}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MathPlayer-->C:\Program Files\Design Science\MathPlayer\Setup.exe -u
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Money 2005-->C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Picture It! Express 9-->C:\WINDOWS\system32\msiexec.exe /i {DBA8B9E1-C6FF-4624-9598-73D3B41A0900}
Microsoft Picture It! Library 9-->C:\WINDOWS\system32\msiexec.exe /i {9F7FC79B-3059-4264-9450-39EB368E3220}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
Moyea FLV Player version: 2.0.2.94-->"C:\Program Files\Moyea\FLV Player\unins000.exe"
Mozilla Firefox (3.5.2)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Encarta Plus Support Files-->MsiExec.exe /I{00000000-785F-478A-BAA2-87F1A136068C}
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee autoProducer 4.0 - SE-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{534AA552-E1F1-4965-B2AA-FBDEB0730D60}\setup.exe" -l0x9
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
netbrdg-->MsiExec.exe /I{4537EA4B-F603-4181-89FB-2953FC695AB1}
NOD32 v3.0.642 FiX1.2 by TemDono (31 days remaining forever up -->"C:\Program Files\ESET\ESET NOD32 Antivirus\unins000.exe"
OfotoXMI-->MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
oneworld Timetables-->C:\PROGRA~1\ONEWOR~1\Unwise32.exe /A C:\PROGRA~1\ONEWOR~1\install.log
OpenMG Secure Module 3.4.01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{26C849AB-1865-412D-B87D-B18BC5CB6C60}\setup.exe" -l0x9 UNINSTALL
Otto-->"C:\Program Files\EnglishOtto\uninstallotto.exe"
Paint.NET v3.36-->MsiExec.exe /X{43602F34-1AA3-44FB-AEB2-D08C2C73743F}
PCsync-->MsiExec.exe /X{DDBC8703-AA18-491F-97BE-98D4543A901B}
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Print Lab Series-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D87D6386-3C2D-4239-9780-3418FB7B0E94}\Setup.exe" -l0x9 anything
PrintKey2000-->C:\PROGRA~1\PRINTK~1\UNWISE.EXE C:\PROGRA~1\PRINTK~1\INSTALL.LOG
Quick Launch Buttons 5.10 A2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEB326EC-8F40-47B2-BA22-BB092565D66F}\setup.exe" -l0x9 -uninst
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
RawShooter essentials 2005-->C:\PROGRA~1\PIXMAN~1\RAWSHO~1.0\UNWISE.EXE C:\PROGRA~1\PIXMAN~1\RAWSHO~1.0\INSTALL.LOG
RealPlayer Basic-->C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SFR-->MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SHASTA-->MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
skin0001-->MsiExec.exe /I{5316DFC9-CE99-4458-9AB3-E8726EDE0210}
SKINXSDK-->MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
Smart Defrag 1.11-->"C:\Program Files\IObit\IObit SmartDefrag\unins000.exe"
Sonic Backup MyPC Special Edition for HP-->MsiExec.exe /I{BE130CAB-F7AA-4660-96A2-6BCCE9743946}
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sonic Update Manager-->MsiExec.exe /I{09DA4F91-2A09-4232-AB8C-6BC740096DE3}
Sony Ericsson PC Suite-->MsiExec.exe /I{668B2B3A-4241-409F-A4AE-79B5016A487E}
staticcr-->MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Instruments PCIxx21/x515 drivers.-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{612DC38A-B36A-4699-88EB-12C7394DE2FC} /l1033
tooltips-->MsiExec.exe /I{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}
Update for Windows Internet Explorer 8 (KB971930)-->"C:\WINDOWS\ie8updates\KB971930-IE8\spuninst\spuninst.exe"
Update Manager-->MsiExec.exe /I{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}
Vertus Fluid Mask 3 3.0.10-->"C:\Program Files\Vertus Fluid Mask 3\Uninstall.exe"
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VPRINTOL-->MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
WIDCOMM Bluetooth Software-->MsiExec.exe /X{3F4EC965-28EF-45C3-B063-04B25D4E9679}
Windows Easy Transfer-->"C:\WINDOWS\$NtUninstallWETCable$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{7232478E-E01E-4F7D-A8EE-ABDA4CB3578D}
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{D0F1DC40-37A4-4401-AC80-1FCCF01DEAF5}
Windows Live Messenger-->MsiExec.exe /X{BD1BBE79-BB25-460D-A2BD-D496A5E13786}
Windows Live Sign-in Assistant-->MsiExec.exe /I{9422C8EA-B0C6-4197-B8FC-DC797658CA00}
Windows Media Connect-->"C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WIRELESS-->MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Toolbar for Internet Explorer-->C:\PROGRA~1\Yahoo!\Common\unyt.exe
ZENcast Organizer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C029DB0E-C59F-417A-90F8-88FD5B2C4AE7}\setup.exe" -l0x9 /remove

======Hosts File======

127.0.0.1 activate.adobe.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com

======Security center information======

AV: ESET NOD32 Antivirus 3.0 (outdated)

======System event log======

Computer Name: HECTOR
Event Code: 7009
Message: Timeout (30000 milliseconds) waiting for the Eset Nod32 Boot service to connect.

Record Number: 60905
Source Name: Service Control Manager
Time Written: 20090613113805.000000-180
Event Type: error
User:

Computer Name: HECTOR
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 60879
Source Name: Tcpip
Time Written: 20090613112311.000000-180
Event Type: warning
User:

Computer Name: HECTOR
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 60876
Source Name: Tcpip
Time Written: 20090613100516.000000-180
Event Type: warning
User:

Computer Name: HECTOR
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 60870
Source Name: Tcpip
Time Written: 20090612234933.000000-180
Event Type: warning
User:

Computer Name: HECTOR
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 60864
Source Name: Tcpip
Time Written: 20090612231536.000000-180
Event Type: warning
User:

=====Application event log=====

Computer Name: HECTOR
Event Code: 1002
Message: Hanging application msiexec.exe, version 3.1.4000.1823, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Record Number: 7746
Source Name: Application Hang
Time Written: 20071210141725.000000-180
Event Type: error
User:

Computer Name: HECTOR
Event Code: 1000
Message: Faulting application firefox.exe, version 1.8.20070.6982, faulting module unknown, version 0.0.0.0, fault address 0x00000000.

Record Number: 7719
Source Name: Application Error
Time Written: 20071205130343.000000-180
Event Type: error
User:

Computer Name: HECTOR
Event Code: 1000
Message: Faulting application firefox.exe, version 1.8.20070.6982, faulting module unknown, version 0.0.0.0, fault address 0x00000000.

Record Number: 7704
Source Name: Application Error
Time Written: 20071204193739.000000-180
Event Type: error
User:

Computer Name: HECTOR
Event Code: 1517
Message: Windows saved user HECTOR\Hector Lamberti registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.


This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 7695
Source Name: Userenv
Time Written: 20071119222440.000000-180
Event Type: warning
User: NT AUTHORITY\SYSTEM

Computer Name: HECTOR
Event Code: 1517
Message: Windows saved user HECTOR\Hector Lamberti registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.


This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Record Number: 7684
Source Name: Userenv
Time Written: 20071119180652.000000-180
Event Type: warning
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\Common Files\Ulead Systems\DVD;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 1, GenuineIntel
"PROCESSOR_REVISION"=0401
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"KDS_LANGUAGE"=13
"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_02\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.5.0_02\lib\ext\QTJava.zip

-----------------EOF-----------------
GMER 1.0.15.15125 - http://www.gmer.net
Rootkit scan 2007-10-04 15:29:36
Windows 5.1.2600 Service Pack 3
Running: s0xnhx71.exe; Driver: C:\DOCUME~1\HECTOR~1\LOCALS~1\Temp\uftdipow.sys


---- System - GMER 1.0.15 ----

SSDT 86EA9810 ZwConnectPort

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)
AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip epfwtdir.sys
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 EABFiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Company)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 EABFiltr.sys (QLB PS/2 Keyboard filter driver/Hewlett-Packard Company)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdir.sys
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp epfwtdir.sys
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \FileSystem\Fastfat \Fat SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)
AttachedDevice \FileSystem\Fastfat \Fat eamon.sys (Amon monitor/ESET)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xC8 0x28 0x51 0xAF ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x6A 0x9C 0xD6 0x61 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0x25 0xDA 0xEC 0x7E ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x86 0x8C 0x21 0x01 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xB0 0x18 0xED 0xA7 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0x31 0x77 0xE1 0xBA ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x83 0x6C 0x56 0x8B ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0x51 0xFA 0x6E 0x91 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0x37 0xA4 0xAA 0xC3 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0xE3 0x0E 0x66 0xD5 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0x05 0x73 0x21 0xDD ...

---- EOF - GMER 1.0.15 ----
gabol
Regular Member
 
Posts: 48
Joined: July 21st, 2009, 11:08 am

Re: Network adapters have yellow caution sign -Router issue

Unread postby gabol » October 4th, 2009, 2:46 pm

Logfile of random's system information tool 1.06 (written by random/random)
Run by Hector Lamberti at 2007-10-04 14:12:14
Microsoft Windows XP Professional Service Pack 3
System drive C: has 42 GB (55%) free of 76 GB
Total RAM: 1022 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:12:31 PM, on 10/4/2007
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\IObit\IObit Security 360\IS360srv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kodak\printer\center\KodakSvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\IObit\IObit Security 360\IS360tray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IObit\IObit Security 360\is360.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Hector Lamberti\Desktop\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\Hector Lamberti.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customi ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [IObit Security 360] C:\Program Files\IObit\IObit Security 360\IS360tray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - ?p=ZRfox000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTSIns ... cat_uid=12
O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} (HidInputMonitorX Control) - file:///D:/components/hidinputmonitorx.ocx
O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} (A9Helper.A9) - file:///D:/components/A9.ocx
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 4388671796
O16 - DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} (WMVHDRatingCtrl Class) - file:///D:/components/wmvhdrating.ocx
O16 - DPF: {CCA0B877-CB5E-4ADC-AD30-457C379512DD} (Gif89 Lite Class) - http://192.168.0.35/xplugLite.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IS360service - IObit - C:\Program Files\IObit\IObit Security 360\IS360srv.exe
O23 - Service: Kodak AiO Device Service (KodakSvc) - Eastman Kodak Company - C:\Program Files\Kodak\printer\center\KodakSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe

--
End of file - 8754 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\At1.job
C:\WINDOWS\tasks\Easy Internet Sign-up.job
C:\WINDOWS\tasks\EasyShare Registration Task.job
C:\WINDOWS\tasks\SmartDefrag.job
C:\WINDOWS\tasks\WebReg Deskjet 3840.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
"IObit Security 360"=C:\Program Files\IObit\IObit Security 360\IS360tray.exe [2009-08-20 943888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-10-18 204288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch]
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-06-30 2329224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2005-03-09 339968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY]
C:\PROGRA~1\AVG\AVG8\avgtray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
C:\Program Files\Common Files\Symantec Shared\ccApp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cpqset]
C:\Program Files\HPQ\Default Settings\cpqset.exe [2004-10-22 229438]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe [2006-06-12 700416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eabconfg.cpl]
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe [2004-12-03 290816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2008-02-29 1443072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EKIJ5000StatusMonitor]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe [2007-11-13 1052672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-12 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [2004-03-04 172032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD08]
C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [2005-04-01 794624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
C:\Program Files\Microsoft IntelliPoint\point32.exe [2005-06-10 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Security 360]
C:\Program Files\IObit\IObit Security 360\IS360tray.exe [2009-08-20 943888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iRiver Updater]
\Updater.exe [2004-07-01 212992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2007-06-01 257088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher]
c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [2004-10-14 253952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection]
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe [2003-09-13 50688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\MSN Messenger\msnmsgr.exe /background []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar]
rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\MWSBAR.DLL,S []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDUDS700Tskbr]
C:\Program Files\Canon\Memory Card Utility\SELPHY DS700\PDUDS700Tskbr.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeekmoOE]
C:\Program Files\Seekmo\bin\10.0.406.0\OEAddOn.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeekmoSA]
C:\Program Files\Seekmo\bin\10.0.406.0\SeekmoSA.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe [2005-03-04 36975]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2007-09-17 1994480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe [2005-08-21 100056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-02-02 692316]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2005-02-02 102492]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\URLLSTCK.exe]
C:\Program Files\Norton Internet Security\UrlLstCk.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-10-18 204288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
C:\PROGRA~1\Yahoo!\MESSEN~1\ypager.exe [2005-12-08 3096576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2005-05-12 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Image Zone Fast Start.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqthb08.exe -s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE [2007-09-19 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Printkey2000.lnk]
C:\PROGRA~1\PRINTK~1\PRINTK~1.EXE [1999-09-30 869376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2007-09-17 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-03-08 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WRNotifier]
WRLogonNTF.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\svcWRSSSDK]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\zeijnqgo.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Driver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AVG Anti-Spyware Guard]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\svcWRSSSDK]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\zeijnqgo.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Yahoo!\Messenger\YPager.exe"="C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"C:\Program Files\Laplink\PCsync\SFTHost.exe"="C:\Program Files\Laplink\PCsync\SFTHost.exe:*:Enabled:PCsync Host Module"
"C:\Program Files\Laplink\PCsync\PCsync.exe"="C:\Program Files\Laplink\PCsync\PCsync.exe:*:Enabled:Laplink PCsync"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{92f6d0d5-9907-11db-aba5-00c09fbe7e53}]
shell\AutoRun\command - F:\Installer.exe


======List of files/folders created in the last 1 months======

2009-07-24 16:51:03 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\com.adobe.ExMan
2009-07-22 12:27:19 ----D---- C:\Program Files\Adobe Media Player
2009-07-22 12:23:55 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-07-22 00:25:14 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\Download Manager
2009-07-21 15:08:12 ----D---- C:\Program Files\a-squared Free
2009-07-19 00:23:40 ----D---- C:\WINDOWS\ie8updates
2009-07-19 00:17:55 ----HDC---- C:\WINDOWS\ie8
2009-07-18 23:50:32 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-07-18 23:50:26 ----D---- C:\Program Files\SUPERAntiSpyware
2009-07-18 23:50:26 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\SUPERAntiSpyware.com
2009-07-10 14:47:39 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\Canon
2009-07-05 10:20:19 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2009-07-01 17:04:56 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\Panasonic
2009-07-01 17:04:15 ----A---- C:\WINDOWS\system32\PICSDK.ini
2009-07-01 17:04:15 ----A---- C:\WINDOWS\system32\PICSDK.dll
2009-07-01 17:04:13 ----A---- C:\WINDOWS\system32\EpPicPrt.dll
2009-07-01 17:04:13 ----A---- C:\WINDOWS\system32\EPPicMgr.dll
2009-07-01 17:03:43 ----D---- C:\Program Files\Panasonic
2009-06-25 22:43:04 ----RA---- C:\WINDOWS\system32\hpvcr70.dll
2009-06-25 22:43:04 ----RA---- C:\WINDOWS\system32\hpvcp70.dll
2009-06-25 22:43:04 ----RA---- C:\WINDOWS\system32\hpvaut32.dll
2009-06-25 22:41:49 ----A---- C:\WINDOWS\hpbvspst.ini
2009-06-25 22:26:47 ----A---- C:\WINDOWS\hpdj3840.ini
2009-06-23 21:11:07 ----D---- C:\Program Files\Digital Photo Software
2009-06-22 21:56:35 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\EBookSys
2009-06-22 21:55:19 ----D---- C:\Program Files\Paint.NET
2009-06-22 21:49:20 ----D---- C:\Documents and Settings\All Users\Application Data\EBookSys
2009-06-18 19:00:25 ----D---- C:\Program Files\Common Files\Sonic
2009-06-18 18:59:37 ----AD---- C:\HP Personal Media Drive
2009-06-17 18:03:39 ----D---- C:\Program Files\ArcSoft
2009-06-17 18:03:36 ----D---- C:\Program Files\Common Files\ArcSoft
2009-06-17 14:14:14 ----D---- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2009-06-17 14:13:32 ----D---- C:\Program Files\Common Files\Sony Ericsson Shared
2009-06-17 14:13:17 ----D---- C:\Program Files\Sony Ericsson
2009-06-17 14:13:17 ----D---- C:\Documents and Settings\All Users\Application Data\Teleca
2009-06-17 10:24:19 ----A---- C:\WINDOWS\system32\CNMVS7F.DLL
2009-06-17 10:24:18 ----A---- C:\WINDOWS\system32\CNMLM7F.DLL
2009-06-17 10:24:12 ----RA---- C:\WINDOWS\system32\CNMCP7F.exe
2009-06-17 10:24:03 ----HD---- C:\Documents and Settings\All Users\Application Data\CanonBJ
2009-06-15 10:25:11 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\IObit
2009-06-15 10:25:10 ----D---- C:\Program Files\IObit
2009-06-12 22:59:56 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\AOL
2009-06-12 22:59:43 ----D---- C:\Documents and Settings\All Users\Application Data\Pure Networks
2009-06-12 22:59:28 ----A---- C:\WINDOWS\system32\aamd532.dll
2009-06-12 22:59:26 ----A---- C:\WINDOWS\system32\SimpleRegistry.dll
2009-06-12 22:59:25 ----A---- C:\WINDOWS\system32\vbar332.dll
2009-06-12 22:59:21 ----D---- C:\Program Files\Pure Networks
2009-06-12 22:59:19 ----D---- C:\WINDOWS\occache
2009-06-12 22:59:19 ----D---- C:\Program Files\Learn2.com
2009-06-12 22:59:19 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\You've Got Pictures Screensaver
2009-06-12 22:59:14 ----A---- C:\WINDOWS\system32\shdocvw.bak
2009-06-12 22:58:54 ----D---- C:\Program Files\Common Files\Nullsoft
2009-06-12 22:58:43 ----D---- C:\My Music
2009-06-12 22:58:36 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2009-06-12 22:58:34 ----A---- C:\WINDOWS\system32\pndx5032.dll
2009-06-12 22:58:34 ----A---- C:\WINDOWS\system32\pndx5016.dll
2009-06-12 22:58:33 ----D---- C:\Program Files\Real
2009-06-12 22:58:33 ----A---- C:\WINDOWS\system32\pncrt.dll
2009-06-12 22:58:32 ----D---- C:\Program Files\Common Files\Real
2009-06-12 22:57:34 ----A---- C:\WINDOWS\system32\roboex32.dll
2009-06-12 22:55:59 ----D---- C:\Documents and Settings\All Users\Application Data\AOL
2009-06-12 22:55:29 ----D---- C:\Program Files\Common Files\AOL
2009-06-11 18:49:40 ----D---- C:\Program Files\WIDCOMM
2009-06-11 18:36:32 ----D---- C:\Program Files\Windows Live SkyDrive
2009-06-11 18:35:38 ----D---- C:\Program Files\Windows Live
2009-06-11 18:23:35 ----D---- C:\Program Files\ESET
2009-06-11 18:23:35 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2009-06-11 18:22:57 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\WinRAR
2009-06-11 18:22:07 ----D---- C:\Program Files\WinRAR
2009-06-11 15:11:42 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\Pixmantec
2009-06-11 15:06:27 ----D---- C:\Program Files\Pixmantec
2009-06-09 20:51:53 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-06-09 20:51:53 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-06-09 11:17:34 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-06-07 13:23:37 ----D---- C:\WINDOWS\Prefetch
2009-06-07 13:06:10 ----D---- C:\WINDOWS\system32\scripting
2009-06-07 13:06:03 ----D---- C:\WINDOWS\l2schemas
2009-06-07 13:06:02 ----D---- C:\WINDOWS\system32\en
2009-06-07 13:06:02 ----D---- C:\WINDOWS\system32\bits
2009-06-07 13:00:05 ----D---- C:\WINDOWS\ServicePackFiles
2009-06-07 12:51:46 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-06-06 12:09:32 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\ZoomBrowser EX
2009-06-06 11:47:02 ----D---- C:\Program Files\Common Files\Canon
2009-06-04 11:15:09 ----A---- C:\WINDOWS\muveeapp.INI
2009-06-04 11:14:23 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\muvee Technologies
2009-06-03 19:45:36 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\Laplink
2009-06-03 19:41:43 ----D---- C:\Program Files\Laplink
2009-06-03 19:41:43 ----D---- C:\Program Files\Common Files\Laplink
2009-06-03 19:33:32 ----D---- C:\Program Files\Microsoft
2009-06-03 19:33:21 ----HDC---- C:\WINDOWS\$NtUninstallWETCable$
2009-05-25 12:20:09 ----D---- C:\CNYSELPHYCP
2009-05-09 01:14:52 ----A---- C:\WINDOWS\system32\wdfcoinstaller01005.dll
2009-04-17 09:12:24 ----N---- C:\WINDOWS\system32\xpsp4res.dll
2009-03-31 13:38:49 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\Malwarebytes
2009-03-31 13:38:34 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-03-31 13:38:33 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-03-15 22:12:16 ----D---- C:\Program Files\Lavasoft
2009-03-15 22:12:16 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-03-15 22:05:25 ----A---- C:\WINDOWS\wininit.ini
2009-03-15 21:35:18 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-03-08 14:22:30 ----N---- C:\WINDOWS\system32\msrating.dll.mui
2009-03-08 14:22:18 ----N---- C:\WINDOWS\system32\mshta.exe.mui
2009-03-08 14:21:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe.mui
2009-03-08 14:20:54 ----N---- C:\WINDOWS\system32\iedkcs32.dll.mui
2009-02-06 13:47:40 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\Sony Ericsson
2009-02-06 11:14:29 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\Uniblue
2009-01-13 23:45:47 ----HDC---- C:\WINDOWS\ie7
2009-01-07 18:20:18 ----A---- C:\WINDOWS\system32\msdbg2.dll
2008-12-02 22:37:20 ----A---- C:\WINDOWS\system32\sirenacm.dll
2008-10-27 12:53:41 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-10-27 12:53:37 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-10-27 12:53:35 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-10-27 12:53:35 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-10-27 12:53:15 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-10-27 12:53:15 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-10-27 12:52:51 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2008-10-27 12:52:49 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-10-27 12:52:48 ----N---- C:\WINDOWS\system32\slserv.exe
2008-10-27 12:52:47 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-10-27 12:52:47 ----N---- C:\WINDOWS\system32\slgen.dll
2008-10-27 12:52:47 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-10-27 12:52:47 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-10-27 12:52:47 ----N---- C:\WINDOWS\slrundll.exe
2008-10-27 12:52:43 ----N---- C:\WINDOWS\system32\setupn.exe
2008-10-27 12:52:39 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-10-27 12:52:38 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-10-27 12:52:36 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-10-27 12:52:35 ----N---- C:\WINDOWS\system32\qutil.dll
2008-10-27 12:52:34 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-10-27 12:52:33 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-10-27 12:52:33 ----N---- C:\WINDOWS\system32\qagent.dll
2008-10-27 12:52:32 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-10-27 12:52:29 ----N---- C:\WINDOWS\system32\onex.dll
2008-10-27 12:52:25 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-10-27 12:52:18 ----N---- C:\WINDOWS\system32\napstat.exe
2008-10-27 12:52:18 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-10-27 12:52:18 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-10-27 12:52:17 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-10-27 12:52:16 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-10-27 12:52:16 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-10-27 12:52:13 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-10-27 12:52:13 ----N---- C:\WINDOWS\system32\mssha.dll
2008-10-27 12:51:45 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-10-27 12:51:45 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-10-27 12:51:45 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-10-27 12:51:44 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-10-27 12:51:18 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-10-27 12:51:07 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-10-27 12:51:07 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-10-27 12:51:07 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-10-27 12:51:07 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-10-27 12:51:06 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-10-27 12:50:41 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-10-27 12:50:36 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-10-27 12:50:30 ----N---- C:\WINDOWS\system32\faxpatch.exe
2008-10-27 12:50:28 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-10-27 12:50:27 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-10-27 12:50:27 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-10-27 12:50:27 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-10-27 12:50:27 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-10-27 12:50:27 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-10-27 12:50:27 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-10-27 12:50:27 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-10-27 12:50:24 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-10-27 12:50:24 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-10-27 12:50:24 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-10-27 12:50:24 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-10-27 12:50:23 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-10-27 12:50:23 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-10-27 12:50:23 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-10-27 12:50:21 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-10-27 12:50:21 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-10-27 12:50:20 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-10-27 12:50:16 ----N---- C:\WINDOWS\system32\credssp.dll
2008-10-27 12:50:09 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-10-27 12:50:08 ----N---- C:\WINDOWS\system32\azroles.dll
2008-10-27 12:50:06 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-10-27 12:50:06 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-10-27 12:50:05 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-10-27 12:49:57 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-10-16 14:07:48 ----A---- C:\WINDOWS\system32\muweb.dll
2008-10-11 13:03:15 ----D---- C:\Program Files\CCleaner
2008-09-30 16:43:34 ----A---- C:\WINDOWS\system32\msxml4.dll
2008-08-23 22:20:07 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\Apple Computer
2008-08-16 11:34:23 ----D---- C:\Documents and Settings\All Users\Application Data\Trymedia
2008-08-16 11:34:18 ----D---- C:\Documents and Settings\All Users\Application Data\NeoEdge Networks
2008-08-13 10:08:05 ----D---- C:\ConverterOutput
2008-07-31 10:16:54 ----A---- C:\WINDOWS\system32\msjava.dll
2008-07-29 21:10:04 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2008-07-29 21:10:04 ----A---- C:\WINDOWS\system32\evr.dll
2008-07-29 21:10:04 ----A---- C:\WINDOWS\system32\dxva2.dll
2008-07-29 20:35:46 ----A---- C:\WINDOWS\system32\PresentationHost.exe
2008-07-29 19:59:58 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2008-07-29 19:59:58 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2008-07-29 19:59:58 ----A---- C:\WINDOWS\system32\PresentationHostProxy.dll
2008-07-29 19:59:58 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2008-07-29 19:24:50 ----A---- C:\WINDOWS\system32\infocardapi.dll
2008-07-29 19:24:50 ----A---- C:\WINDOWS\system32\icardres.dll
2008-07-29 19:24:50 ----A---- C:\WINDOWS\system32\icardagt.exe
2008-07-29 05:49:58 ----A---- C:\WINDOWS\system32\icardres.dll.mui
2008-07-25 11:16:58 ----A---- C:\WINDOWS\system32\mscories.dll
2008-07-25 11:16:58 ----A---- C:\WINDOWS\system32\mscorier.dll
2008-07-25 11:16:58 ----A---- C:\WINDOWS\system32\mscoree.dll
2008-07-25 11:16:46 ----A---- C:\WINDOWS\system32\dfshim.dll
2008-01-04 13:38:20 ----A---- C:\WINDOWS\system32\EKDeviceServices.dll
2008-01-04 13:33:44 ----A---- C:\WINDOWS\system32\EKIJ5000MON.dll
2008-01-04 13:09:03 ----D---- C:\Documents and Settings\All Users\Application Data\Eastman Kodak Company
2008-01-04 13:08:45 ----D---- C:\Documents and Settings\All Users\Application Data\kds_kodak
2008-01-04 13:08:24 ----D---- C:\WINDOWS\system32\kodak
2008-01-04 13:08:16 ----A---- C:\WINDOWS\system32\wiafbdrv.dll
2007-12-22 16:34:23 ----A---- C:\AdobeDebug.txt
2007-12-22 16:34:22 ----D---- C:\Documents and Settings\All Users\Application Data\espionServerData
2007-12-22 16:23:50 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
2007-12-18 16:25:58 ----A---- C:\WINDOWS\system32\ptpusb.dll
2007-12-18 16:25:57 ----A---- C:\WINDOWS\system32\ptpusd.dll
2007-12-18 16:25:50 ----D---- C:\Program Files\Common Files\Kodak
2007-12-18 16:24:05 ----D---- C:\Program Files\Kodak
2007-12-18 16:20:17 ----D---- C:\Documents and Settings\All Users\Application Data\Kodak
2007-12-13 12:59:12 ----A---- C:\WINDOWS\system32\wiaaut.dll
2007-12-11 12:33:08 ----D---- C:\Program Files\Audible
2007-12-11 12:29:43 ----N---- C:\WINDOWS\system32\CTSVCCTL.EXE
2007-12-11 12:29:43 ----N---- C:\WINDOWS\system32\CTSVCCDA.EXE
2007-12-11 12:29:18 ----D---- C:\Program Files\Common Files\Creative
2007-12-11 12:24:44 ----D---- C:\Documents and Settings\All Users\Application Data\Creative
2007-10-04 14:12:14 ----D---- C:\rsit
2007-09-24 13:33:24 ----D---- C:\WINDOWS\CSC
2007-09-20 22:29:23 ----A---- C:\usbfix.exe
2007-09-20 09:37:12 ----A---- C:\WINDOWS\log32.txt
2007-09-10 23:48:00 ----A---- C:\WINDOWS\tdlp32.ini
2007-09-10 13:00:36 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\Moyea
2007-09-10 12:57:03 ----D---- C:\Program Files\Moyea
2007-09-10 12:10:22 ----D---- C:\Program Files\Vertus Fluid Mask 3
2007-09-09 00:47:32 ----D---- C:\Documents and Settings\All Users\Application Data\VertusTech
gabol
Regular Member
 
Posts: 48
Joined: July 21st, 2009, 11:08 am

Re: Network adapters have yellow caution sign -Router issue

Unread postby gabol » October 4th, 2009, 2:48 pm

=====List of files/folders modified in the last 1 months======

2009-07-30 12:00:27 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-07-30 11:55:43 ----HD---- C:\WINDOWS\$hf_mig$
2009-07-27 19:02:04 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\Adobe
2009-07-23 08:59:08 ----D---- C:\WINDOWS\system32\Restore
2009-07-23 08:58:25 ----SHD---- C:\System Volume Information
2009-07-22 12:47:53 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-07-22 12:31:16 ----D---- C:\Program Files\Adobe
2009-07-22 12:29:10 ----D---- C:\Program Files\Common Files\Adobe
2009-07-21 16:56:50 ----D---- C:\Program Files\PopsMedia
2009-07-21 16:56:50 ----D---- C:\Program Files\MSN Messenger
2009-07-21 15:01:06 ----SD---- C:\Documents and Settings\Hector Lamberti\Application Data\Microsoft
2009-07-19 18:48:58 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-07-19 10:18:59 ----A---- C:\WINDOWS\system32\mshtml.dll
2009-07-19 00:35:05 ----D---- C:\WINDOWS\Debug
2009-07-19 00:25:45 ----D---- C:\WINDOWS\system32\en-US
2009-07-19 00:25:43 ----D---- C:\WINDOWS\Media
2009-07-19 00:25:42 ----D---- C:\WINDOWS\Help
2009-07-19 00:24:27 ----HD---- C:\WINDOWS\msdownld.tmp
2009-07-18 17:14:50 ----D---- C:\WINDOWS\system32\config
2009-07-17 23:53:48 ----D---- C:\Program Files\Canon
2009-07-15 22:24:02 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-07-11 20:04:06 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\ArcSoft
2009-07-07 12:10:56 ----A---- C:\WINDOWS\system32\MRT.exe
2009-07-05 10:17:20 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-07-03 14:09:28 ----A---- C:\WINDOWS\system32\wininet.dll
2009-07-03 14:09:27 ----A---- C:\WINDOWS\system32\urlmon.dll
2009-07-03 14:09:27 ----A---- C:\WINDOWS\system32\occache.dll
2009-07-03 14:09:25 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2009-07-03 14:09:25 ----A---- C:\WINDOWS\system32\msfeeds.dll
2009-07-03 14:09:24 ----A---- C:\WINDOWS\system32\jsproxy.dll
2009-07-03 14:09:24 ----A---- C:\WINDOWS\system32\iertutil.dll
2009-07-03 14:09:23 ----A---- C:\WINDOWS\system32\iepeers.dll
2009-07-03 14:09:21 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2009-07-03 08:01:06 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2009-06-28 16:35:30 ----A---- C:\WINDOWS\ODBCINST.INI
2009-06-25 22:42:51 ----D---- C:\Program Files\Hewlett-Packard
2009-06-25 22:42:50 ----D---- C:\Program Files\HP
2009-06-25 22:41:14 ----D---- C:\WINDOWS\system32\CatRoot
2009-06-21 14:59:12 ----D---- C:\Program Files\Yahoo!
2009-06-21 14:59:10 ----D---- C:\Program Files\xPlayer
2009-06-21 14:59:09 ----D---- C:\Program Files\Sonic
2009-06-21 14:59:07 ----D---- C:\Program Files\oneworldflights
2009-06-21 14:58:51 ----D---- C:\Program Files\ICOO Loader
2009-06-21 14:58:51 ----D---- C:\Program Files\HPQ
2009-06-21 14:57:52 ----D---- C:\Program Files\Ahead
2009-06-18 20:06:22 ----HD---- C:\Documents and Settings\All Users\Application Data\ArcSoft
2009-06-17 22:39:28 ----D---- C:\Program Files\Common Files\Designer
2009-06-17 14:14:23 ----D---- C:\Program Files\Common Files\Teleca Shared
2009-06-17 13:54:04 ----D---- C:\WINDOWS\Downloaded Installations
2009-06-17 10:24:49 ----D---- C:\WINDOWS\StartHtmico
2009-06-16 11:36:30 ----A---- C:\WINDOWS\system32\t2embed.dll
2009-06-16 11:36:30 ----A---- C:\WINDOWS\system32\fontsub.dll
2009-06-15 19:17:30 ----A---- C:\RTFxLog.txt
2009-06-15 11:49:04 ----D---- C:\Documents and Settings\All Users\Application Data\hpqwmi
2009-06-15 11:49:03 ----D---- C:\WINDOWS\security
2009-06-15 11:49:03 ----D---- C:\Program Files\PrintKey2000
2009-06-15 11:49:03 ----D---- C:\Program Files\DIGStream
2009-06-11 18:41:26 ----D---- C:\WINDOWS\system32\inetsrv
2009-06-11 18:37:20 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-06-11 15:05:23 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-06-11 15:05:22 ----D---- C:\Program Files\Common Files\InstallShield
2009-06-07 13:22:36 ----D---- C:\WINDOWS\system32\Setup
2009-06-07 13:22:36 ----D---- C:\WINDOWS\AppPatch
2009-06-07 13:22:36 ----D---- C:\Program Files\Movie Maker
2009-06-07 13:22:34 ----D---- C:\WINDOWS\system32\wbem
2009-06-07 13:15:01 ----D---- C:\Program Files\Messenger
2009-06-07 13:06:35 ----D---- C:\WINDOWS\network diagnostic
2009-06-07 13:06:35 ----D---- C:\WINDOWS\ime
2009-06-07 13:06:11 ----D---- C:\WINDOWS\system32\usmt
2009-06-07 13:06:02 ----D---- C:\WINDOWS\PeerNet
2009-06-07 12:59:47 ----D---- C:\WINDOWS\system32\npp
2009-06-07 12:59:47 ----D---- C:\WINDOWS\mui
2009-06-07 12:59:45 ----D---- C:\WINDOWS\msagent
2009-06-07 12:59:43 ----D---- C:\WINDOWS\srchasst
2009-06-07 12:59:42 ----D---- C:\Program Files\NetMeeting
2009-06-07 12:59:40 ----D---- C:\WINDOWS\system32\Com
2009-06-07 12:59:37 ----D---- C:\Program Files\Windows NT
2009-06-07 12:59:36 ----D---- C:\Program Files\Outlook Express
2009-06-07 12:59:32 ----D---- C:\Program Files\Common Files\System
2009-06-07 12:59:14 ----D---- C:\WINDOWS\system32\oobe
2009-06-07 12:59:11 ----D---- C:\WINDOWS\system
2009-06-07 12:51:42 ----D---- C:\WINDOWS\ehome
2009-06-07 11:05:29 ----D---- C:\WINDOWS\system32\1033
2009-06-07 11:05:29 ----D---- C:\Program Files\Common Files\Autodesk Shared
2009-06-07 11:04:33 ----D---- C:\Program Files\Common Files\Macrovision Shared
2009-06-03 16:09:37 ----A---- C:\WINDOWS\system32\quartz.dll
2009-05-24 11:14:27 ----D---- C:\Program Files\Common Files\Sonic Shared
2009-05-24 11:08:09 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\RipIt4Me
2009-05-07 12:32:35 ----A---- C:\WINDOWS\system32\localspl.dll
2009-04-29 01:55:56 ----N---- C:\WINDOWS\system32\extmgr.dll
2009-04-15 11:51:25 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2009-04-13 22:30:29 ----A---- C:\WINDOWS\NeroDigital.ini
2009-03-21 11:06:58 ----H---- C:\WINDOWS\system32\z65prav.dll
2009-03-21 11:06:58 ----A---- C:\WINDOWS\system32\kernel32.dll
2009-03-08 14:22:46 ----A---- C:\WINDOWS\system32\ieframe.dll.mui
2009-03-08 14:21:06 ----A---- C:\WINDOWS\system32\advpack.dll.mui
2009-03-08 04:34:48 ----A---- C:\WINDOWS\system32\WinFXDocObj.exe
2009-03-08 04:34:48 ----A---- C:\WINDOWS\system32\webcheck.dll
2009-03-08 04:34:30 ----A---- C:\WINDOWS\system32\licmgr10.dll
2009-03-08 04:34:28 ----A---- C:\WINDOWS\system32\url.dll
2009-03-08 04:34:18 ----A---- C:\WINDOWS\system32\msrating.dll
2009-03-08 04:33:40 ----A---- C:\WINDOWS\system32\corpol.dll
2009-03-08 04:33:16 ----A---- C:\WINDOWS\system32\jscript.dll
2009-03-08 04:33:08 ----A---- C:\WINDOWS\system32\ieaksie.dll
2009-03-08 04:33:06 ----A---- C:\WINDOWS\system32\vbscript.dll
2009-03-08 04:33:02 ----A---- C:\WINDOWS\system32\ieakeng.dll
2009-03-08 04:32:56 ----A---- C:\WINDOWS\system32\admparse.dll
2009-03-08 04:32:52 ----A---- C:\WINDOWS\system32\ieudinit.exe
2009-03-08 04:32:52 ----A---- C:\WINDOWS\system32\ieakui.dll
2009-03-08 04:32:50 ----A---- C:\WINDOWS\system32\iesetup.dll
2009-03-08 04:32:50 ----A---- C:\WINDOWS\system32\iernonce.dll
2009-03-08 04:32:48 ----A---- C:\WINDOWS\system32\advpack.dll
2009-03-08 04:32:46 ----A---- C:\WINDOWS\system32\inseng.dll
2009-03-08 04:32:04 ----A---- C:\WINDOWS\system32\mstime.dll
2009-03-08 04:31:54 ----A---- C:\WINDOWS\system32\msfeedssync.exe
2009-03-08 04:31:52 ----A---- C:\WINDOWS\system32\icardie.dll
2009-03-08 04:31:44 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2009-03-08 04:31:38 ----A---- C:\WINDOWS\system32\imgutil.dll
2009-03-08 04:31:38 ----A---- C:\WINDOWS\system32\dxtrans.dll
2009-03-08 04:31:36 ----A---- C:\WINDOWS\system32\pngfilt.dll
2009-03-08 04:31:26 ----A---- C:\WINDOWS\system32\mshtmled.dll
2009-03-08 04:31:18 ----A---- C:\WINDOWS\system32\mshtmler.dll
2009-03-08 04:31:02 ----A---- C:\WINDOWS\system32\mshta.exe
2009-03-08 04:22:46 ----A---- C:\WINDOWS\system32\ieui.dll
2009-03-08 04:22:38 ----A---- C:\WINDOWS\system32\msls31.dll
2009-03-08 04:11:12 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2009-03-06 11:22:18 ----A---- C:\WINDOWS\system32\pdh.dll
2009-02-09 09:10:49 ----A---- C:\WINDOWS\system32\lsasrv.dll
2009-02-09 09:10:48 ----A---- C:\WINDOWS\system32\rpcss.dll
2009-02-09 09:10:48 ----A---- C:\WINDOWS\system32\ntdll.dll
2009-02-09 09:10:48 ----A---- C:\WINDOWS\system32\advapi32.dll
2009-02-06 08:11:05 ----A---- C:\WINDOWS\system32\services.exe
2009-02-06 08:06:41 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2009-02-06 07:39:08 ----A---- C:\WINDOWS\system32\sc.exe
2009-02-06 07:32:56 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
2009-02-03 16:59:07 ----A---- C:\WINDOWS\system32\secur32.dll
2009-01-13 23:46:52 ----D---- C:\WINDOWS\WBEM
2009-01-07 18:21:04 ----A---- C:\WINDOWS\system32\xmllite.dll
2009-01-07 18:21:00 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-01-07 18:20:58 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-01-07 18:20:38 ----A---- C:\WINDOWS\system32\nlsdl.dll
2009-01-07 18:20:36 ----A---- C:\WINDOWS\system32\normaliz.dll
2009-01-07 18:20:36 ----A---- C:\WINDOWS\system32\idndl.dll
2008-12-28 21:08:10 ----D---- C:\WINDOWS\system32\IOSUBSYS
2008-12-16 09:30:34 ----A---- C:\WINDOWS\system32\winhttp.dll
2008-12-05 03:54:55 ----A---- C:\WINDOWS\system32\schannel.dll
2008-11-11 18:34:42 ----A---- C:\WINDOWS\system32\wmp.dll
2008-10-23 09:36:14 ----A---- C:\WINDOWS\system32\gdi32.dll
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-10-16 14:12:22 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-10-16 14:12:20 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-16 14:09:40 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-10-16 14:08:58 ----A---- C:\WINDOWS\system32\wups.dll
2008-10-16 14:07:44 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-10-16 14:07:14 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-10-15 13:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-11 14:36:36 ----D---- C:\WINDOWS\Minidump
2008-10-03 07:02:42 ----A---- C:\WINDOWS\system32\strmdll.dll
2008-09-04 14:15:04 ----A---- C:\WINDOWS\system32\msxml3.dll
2008-08-29 11:10:30 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\Mozilla
2008-08-13 10:08:32 ----A---- C:\Cucu_Video_log.txt
2008-07-07 17:26:58 ----A---- C:\WINDOWS\system32\es.dll
2008-07-06 09:06:10 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2008-07-06 09:06:10 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2008-07-06 09:06:10 ----N---- C:\WINDOWS\system32\prntvpt.dll
2008-07-05 20:42:31 ----D---- C:\WINDOWS\pss
2008-06-24 18:12:58 ----N---- C:\WINDOWS\system32\wmpeffects.dll
2008-06-24 13:43:16 ----A---- C:\WINDOWS\system32\mscms.dll
2008-06-20 14:46:57 ----A---- C:\WINDOWS\system32\mswsock.dll
2008-06-20 14:46:57 ----A---- C:\WINDOWS\system32\dnsapi.dll
2008-06-18 21:59:48 ----D---- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-06-18 21:59:44 ----D---- C:\Program Files\Grisoft
2008-06-18 05:03:14 ----A---- C:\WINDOWS\system32\WMVCore.dll
2008-06-18 05:03:08 ----A---- C:\WINDOWS\system32\WMNetmgr.dll
2008-06-18 01:09:22 ----A---- C:\WINDOWS\system32\logagent.exe
2008-06-17 16:02:19 ----A---- C:\WINDOWS\system32\shell32.dll
2008-06-12 11:23:32 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-06-12 11:23:32 ----A---- C:\WINDOWS\system32\mtxclu.dll
2008-06-12 11:23:32 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-06-12 11:23:32 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-06-12 11:23:32 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-06-12 11:23:32 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-05-09 07:53:40 ----A---- C:\WINDOWS\system32\wshext.dll
2008-05-09 07:53:40 ----A---- C:\WINDOWS\system32\scrrun.dll
2008-05-09 07:53:39 ----A---- C:\WINDOWS\system32\scrobj.dll
2008-05-08 08:24:44 ----A---- C:\WINDOWS\system32\wscript.exe
2008-05-07 06:07:23 ----A---- C:\WINDOWS\system32\cscript.exe
2008-04-14 05:42:38 ----A---- C:\WINDOWS\system32\spnpinst.exe
2008-04-14 05:42:06 ----A---- C:\WINDOWS\system32\setupapi.dll
2008-04-14 05:41:58 ----A---- C:\WINDOWS\system32\licdll.dll
2008-04-13 21:16:51 ----A---- C:\WINDOWS\system32\netsetup.exe
2008-04-13 21:13:22 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-04-13 21:13:22 ----A---- C:\WINDOWS\system32\rdpdd.dll
2008-04-13 21:13:21 ----A---- C:\WINDOWS\system32\tsddd.dll
2008-04-13 21:12:42 ----A---- C:\WINDOWS\system32\tree.com
2008-04-13 21:12:42 ----A---- C:\WINDOWS\system32\more.com
2008-04-13 21:12:42 ----A---- C:\WINDOWS\system32\format.com
2008-04-13 21:12:41 ----A---- C:\WINDOWS\system32\xcopy.exe
2008-04-13 21:12:41 ----A---- C:\WINDOWS\system32\wscntfy.exe
2008-04-13 21:12:41 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2008-04-13 21:12:40 ----A---- C:\WINDOWS\system32\wpabaln.exe
2008-04-13 21:12:40 ----A---- C:\WINDOWS\system32\winver.exe
2008-04-13 21:12:39 ----A---- C:\WINDOWS\winhlp32.exe
2008-04-13 21:12:39 ----A---- C:\WINDOWS\system32\winlogon.exe
2008-04-13 21:12:39 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2008-04-13 21:12:39 ----A---- C:\WINDOWS\system32\wextract.exe
2008-04-13 21:12:38 ----N---- C:\WINDOWS\system32\verclsid.exe
2008-04-13 21:12:38 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-04-13 21:12:38 ----A---- C:\WINDOWS\system32\vssvc.exe
2008-04-13 21:12:38 ----A---- C:\WINDOWS\system32\utilman.exe
2008-04-13 21:12:38 ----A---- C:\WINDOWS\system32\userinit.exe
2008-04-13 21:12:38 ----A---- C:\WINDOWS\system32\ups.exe
2008-04-13 21:12:38 ----A---- C:\WINDOWS\system32\upnpcont.exe
2008-04-13 21:12:38 ----A---- C:\WINDOWS\system32\tracert.exe
2008-04-13 21:12:38 ----A---- C:\WINDOWS\system32\tracerpt.exe
2008-04-13 21:12:38 ----A---- C:\WINDOWS\system32\tourstart.exe
2008-04-13 21:12:38 ----A---- C:\WINDOWS\system32\tlntsvr.exe
2008-04-13 21:12:37 ----A---- C:\WINDOWS\system32\tlntsess.exe
2008-04-13 21:12:37 ----A---- C:\WINDOWS\system32\tlntadmn.exe
2008-04-13 21:12:37 ----A---- C:\WINDOWS\system32\telnet.exe
2008-04-13 21:12:37 ----A---- C:\WINDOWS\system32\taskmgr.exe
2008-04-13 21:12:37 ----A---- C:\WINDOWS\system32\tasklist.exe
2008-04-13 21:12:37 ----A---- C:\WINDOWS\system32\taskkill.exe
2008-04-13 21:12:37 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2008-04-13 21:12:36 ----A---- C:\WINDOWS\system32\systeminfo.exe
2008-04-13 21:12:36 ----A---- C:\WINDOWS\system32\svchost.exe
2008-04-13 21:12:36 ----A---- C:\WINDOWS\system32\stimon.exe
2008-04-13 21:12:36 ----A---- C:\WINDOWS\system32\spoolsv.exe
2008-04-13 21:12:36 ----A---- C:\WINDOWS\system32\spider.exe
2008-04-13 21:12:36 ----A---- C:\WINDOWS\system32\sort.exe
2008-04-13 21:12:36 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-04-13 21:12:36 ----A---- C:\WINDOWS\system32\smss.exe
2008-04-13 21:12:35 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2008-04-13 21:12:35 ----A---- C:\WINDOWS\system32\smbinst.exe
2008-04-13 21:12:35 ----A---- C:\WINDOWS\system32\skeys.exe
2008-04-13 21:12:35 ----A---- C:\WINDOWS\system32\sigverif.exe
2008-04-13 21:12:35 ----A---- C:\WINDOWS\system32\shutdown.exe
2008-04-13 21:12:35 ----A---- C:\WINDOWS\system32\shrpubw.exe
2008-04-13 21:12:35 ----A---- C:\WINDOWS\system32\shmgrate.exe
2008-04-13 21:12:34 ----A---- C:\WINDOWS\system32\setup.exe
2008-04-13 21:12:34 ----A---- C:\WINDOWS\system32\sethc.exe
2008-04-13 21:12:34 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-04-13 21:12:34 ----A---- C:\WINDOWS\system32\secedit.exe
2008-04-13 21:12:34 ----A---- C:\WINDOWS\system32\sdbinst.exe
2008-04-13 21:12:34 ----A---- C:\WINDOWS\system32\schtasks.exe
2008-04-13 21:12:33 ----A---- C:\WINDOWS\system32\scardsvr.exe
2008-04-13 21:12:33 ----A---- C:\WINDOWS\system32\savedump.exe
2008-04-13 21:12:33 ----A---- C:\WINDOWS\system32\runonce.exe
2008-04-13 21:12:33 ----A---- C:\WINDOWS\system32\rundll32.exe
2008-04-13 21:12:33 ----A---- C:\WINDOWS\system32\rtcshare.exe
2008-04-13 21:12:33 ----A---- C:\WINDOWS\system32\rsnotify.exe
2008-04-13 21:12:33 ----A---- C:\WINDOWS\system32\rsh.exe
2008-04-13 21:12:33 ----A---- C:\WINDOWS\system32\rexec.exe
2008-04-13 21:12:32 ----A---- C:\WINDOWS\system32\regsvr32.exe
2008-04-13 21:12:32 ----A---- C:\WINDOWS\system32\reg.exe
2008-04-13 21:12:32 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-04-13 21:12:32 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-04-13 21:12:32 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-04-13 21:12:32 ----A---- C:\WINDOWS\system32\rcp.exe
2008-04-13 21:12:32 ----A---- C:\WINDOWS\system32\rcimlby.exe
2008-04-13 21:12:32 ----A---- C:\WINDOWS\system32\rasphone.exe
2008-04-13 21:12:32 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-04-13 21:12:32 ----A---- C:\WINDOWS\system32\proxycfg.exe
2008-04-13 21:12:32 ----A---- C:\WINDOWS\system32\proquota.exe
2008-04-13 21:12:32 ----A---- C:\WINDOWS\regedit.exe
2008-04-13 21:12:31 ----A---- C:\WINDOWS\system32\progman.exe
2008-04-13 21:12:31 ----A---- C:\WINDOWS\system32\powercfg.exe
2008-04-13 21:12:31 ----A---- C:\WINDOWS\system32\ping.exe
2008-04-13 21:12:31 ----A---- C:\WINDOWS\system32\perfmon.exe
2008-04-13 21:12:31 ----A---- C:\WINDOWS\system32\packager.exe
2008-04-13 21:12:31 ----A---- C:\WINDOWS\system32\osk.exe
2008-04-13 21:12:31 ----A---- C:\WINDOWS\system32\openfiles.exe
2008-04-13 21:12:30 ----A---- C:\WINDOWS\system32\odbcconf.exe
2008-04-13 21:12:30 ----A---- C:\WINDOWS\system32\odbcad32.exe
2008-04-13 21:12:30 ----A---- C:\WINDOWS\system32\ntvdm.exe
2008-04-13 21:12:30 ----A---- C:\WINDOWS\system32\ntbackup.exe
2008-04-13 21:12:29 ----A---- C:\WINDOWS\system32\nslookup.exe
2008-04-13 21:12:29 ----A---- C:\WINDOWS\system32\notepad.exe
2008-04-13 21:12:29 ----A---- C:\WINDOWS\system32\netstat.exe
2008-04-13 21:12:29 ----A---- C:\WINDOWS\system32\netsh.exe
2008-04-13 21:12:29 ----A---- C:\WINDOWS\system32\netdde.exe
2008-04-13 21:12:29 ----A---- C:\WINDOWS\system32\net1.exe
2008-04-13 21:12:29 ----A---- C:\WINDOWS\system32\net.exe
2008-04-13 21:12:29 ----A---- C:\WINDOWS\system32\nddeapir.exe
2008-04-13 21:12:29 ----A---- C:\WINDOWS\system32\narrator.exe
2008-04-13 21:12:29 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-04-13 21:12:29 ----A---- C:\WINDOWS\notepad.exe
2008-04-13 21:12:28 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-04-13 21:12:28 ----A---- C:\WINDOWS\system32\msiexec.exe
2008-04-13 21:12:27 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-04-13 21:12:27 ----A---- C:\WINDOWS\system32\mqtgsvc.exe
2008-04-13 21:12:27 ----A---- C:\WINDOWS\system32\mqsvc.exe
2008-04-13 21:12:27 ----A---- C:\WINDOWS\system32\mqbkup.exe
2008-04-13 21:12:27 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-04-13 21:12:26 ----A---- C:\WINDOWS\system32\mobsync.exe
2008-04-13 21:12:25 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-04-13 21:12:25 ----A---- C:\WINDOWS\system32\mmc.exe
2008-04-13 21:12:25 ----A---- C:\WINDOWS\system32\makecab.exe
2008-04-13 21:12:24 ----A---- C:\WINDOWS\system32\magnify.exe
2008-04-13 21:12:24 ----A---- C:\WINDOWS\system32\lsass.exe
2008-04-13 21:12:24 ----A---- C:\WINDOWS\system32\logonui.exe
2008-04-13 21:12:24 ----A---- C:\WINDOWS\system32\logman.exe
2008-04-13 21:12:24 ----A---- C:\WINDOWS\system32\locator.exe
2008-04-13 21:12:23 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-04-13 21:12:23 ----A---- C:\WINDOWS\system32\irftp.exe
2008-04-13 21:12:23 ----A---- C:\WINDOWS\system32\ipxroute.exe
2008-04-13 21:12:23 ----A---- C:\WINDOWS\system32\ipv6.exe
2008-04-13 21:12:22 ----A---- C:\WINDOWS\system32\ipconfig.exe
2008-04-13 21:12:22 ----A---- C:\WINDOWS\system32\imapi.exe
2008-04-13 21:12:22 ----A---- C:\WINDOWS\system32\iexpress.exe
2008-04-13 21:12:21 ----A---- C:\WINDOWS\system32\help.exe
2008-04-13 21:12:21 ----A---- C:\WINDOWS\system32\grpconv.exe
2008-04-13 21:12:21 ----A---- C:\WINDOWS\system32\gpresult.exe
2008-04-13 21:12:21 ----A---- C:\WINDOWS\system32\getmac.exe
2008-04-13 21:12:21 ----A---- C:\WINDOWS\hh.exe
2008-04-13 21:12:20 ----A---- C:\WINDOWS\system32\ftp.exe
2008-04-13 21:12:20 ----A---- C:\WINDOWS\system32\fsquirt.exe
2008-04-13 21:12:20 ----A---- C:\WINDOWS\system32\forcedos.exe
2008-04-13 21:12:20 ----A---- C:\WINDOWS\system32\fontview.exe
2008-04-13 21:12:20 ----A---- C:\WINDOWS\system32\fltmc.exe
2008-04-13 21:12:20 ----A---- C:\WINDOWS\system32\findstr.exe
2008-04-13 21:12:19 ----A---- C:\WINDOWS\system32\extrac32.exe
2008-04-13 21:12:19 ----A---- C:\WINDOWS\system32\eventtriggers.exe
2008-04-13 21:12:19 ----A---- C:\WINDOWS\system32\eventcreate.exe
2008-04-13 21:12:19 ----A---- C:\WINDOWS\system32\eudcedit.exe
2008-04-13 21:12:19 ----A---- C:\WINDOWS\explorer.exe
2008-04-13 21:12:18 ----A---- C:\WINDOWS\system32\dxdiag.exe
2008-04-13 21:12:18 ----A---- C:\WINDOWS\system32\dwwin.exe
2008-04-13 21:12:18 ----A---- C:\WINDOWS\system32\dvdupgrd.exe
2008-04-13 21:12:18 ----A---- C:\WINDOWS\system32\dumprep.exe
2008-04-13 21:12:18 ----A---- C:\WINDOWS\system32\driverquery.exe
2008-04-13 21:12:18 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2008-04-13 21:12:17 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2008-04-13 21:12:17 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2008-04-13 21:12:17 ----A---- C:\WINDOWS\system32\dmremote.exe
2008-04-13 21:12:17 ----A---- C:\WINDOWS\system32\dmadmin.exe
2008-04-13 21:12:17 ----A---- C:\WINDOWS\system32\dllhost.exe
2008-04-13 21:12:17 ----A---- C:\WINDOWS\system32\diskpart.exe
2008-04-13 21:12:17 ----A---- C:\WINDOWS\system32\diantz.exe
2008-04-13 21:12:16 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2008-04-13 21:12:16 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2008-04-13 21:12:16 ----A---- C:\WINDOWS\system32\defrag.exe
2008-04-13 21:12:16 ----A---- C:\WINDOWS\system32\ddeshare.exe
2008-04-13 21:12:16 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-04-13 21:12:16 ----A---- C:\WINDOWS\system32\ctfmon.exe
2008-04-13 21:12:15 ----A---- C:\WINDOWS\system32\csrss.exe
2008-04-13 21:12:15 ----A---- C:\WINDOWS\system32\conime.exe
2008-04-13 21:12:15 ----A---- C:\WINDOWS\system32\cmstp.exe
2008-04-13 21:12:15 ----A---- C:\WINDOWS\system32\cmmon32.exe
2008-04-13 21:12:14 ----A---- C:\WINDOWS\system32\cmdl32.exe
2008-04-13 21:12:14 ----A---- C:\WINDOWS\system32\cmd.exe
2008-04-13 21:12:14 ----A---- C:\WINDOWS\system32\clipsrv.exe
2008-04-13 21:12:14 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-04-13 21:12:14 ----A---- C:\WINDOWS\system32\cliconfg.exe
2008-04-13 21:12:14 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2008-04-13 21:12:14 ----A---- C:\WINDOWS\system32\cisvc.exe
2008-04-13 21:12:14 ----A---- C:\WINDOWS\system32\cipher.exe
2008-04-13 21:12:13 ----A---- C:\WINDOWS\system32\cacls.exe
2008-04-13 21:12:13 ----A---- C:\WINDOWS\system32\bootcfg.exe
2008-04-13 21:12:13 ----A---- C:\WINDOWS\system32\blastcln.exe
2008-04-13 21:12:13 ----A---- C:\WINDOWS\system32\autolfn.exe
2008-04-13 21:12:13 ----A---- C:\WINDOWS\system32\autofmt.exe
2008-04-13 21:12:12 ----A---- C:\WINDOWS\system32\autoconv.exe
2008-04-13 21:12:12 ----A---- C:\WINDOWS\system32\autochk.exe
2008-04-13 21:12:12 ----A---- C:\WINDOWS\system32\auditusr.exe
2008-04-13 21:12:12 ----A---- C:\WINDOWS\system32\attrib.exe
2008-04-13 21:12:12 ----A---- C:\WINDOWS\system32\atmadm.exe
2008-04-13 21:12:12 ----A---- C:\WINDOWS\system32\at.exe
2008-04-13 21:12:12 ----A---- C:\WINDOWS\system32\asr_pfu.exe
2008-04-13 21:12:12 ----A---- C:\WINDOWS\system32\asr_fmt.exe
2008-04-13 21:12:12 ----A---- C:\WINDOWS\system32\alg.exe
2008-04-13 21:12:12 ----A---- C:\WINDOWS\system32\ahui.exe
2008-04-13 21:12:12 ----A---- C:\WINDOWS\system32\actmovie.exe
2008-04-13 21:12:11 ----A---- C:\WINDOWS\system32\zipfldr.dll
2008-04-13 21:12:11 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-04-13 21:12:11 ----A---- C:\WINDOWS\system32\xmlprovi.dll
2008-04-13 21:12:11 ----A---- C:\WINDOWS\system32\xmlprov.dll
2008-04-13 21:12:11 ----A---- C:\WINDOWS\system32\xactsrv.dll
2008-04-13 21:12:11 ----A---- C:\WINDOWS\system32\wzcsvc.dll
2008-04-13 21:12:11 ----A---- C:\WINDOWS\system32\wzcsapi.dll
2008-04-13 21:12:11 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2008-04-13 21:12:11 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-04-13 21:12:11 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-04-13 21:12:10 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2008-04-13 21:12:10 ----A---- C:\WINDOWS\system32\wstdecod.dll
2008-04-13 21:12:10 ----A---- C:\WINDOWS\system32\wsock32.dll
2008-04-13 21:12:10 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2008-04-13 21:12:10 ----A---- C:\WINDOWS\system32\wshtcpip.dll
2008-04-13 21:12:10 ----A---- C:\WINDOWS\system32\wshrm.dll
2008-04-13 21:12:10 ----A---- C:\WINDOWS\system32\wshirda.dll
2008-04-13 21:12:10 ----A---- C:\WINDOWS\system32\wship6.dll
2008-04-13 21:12:10 ----A---- C:\WINDOWS\system32\wshcon.dll
2008-04-13 21:12:10 ----A---- C:\WINDOWS\system32\wshbth.dll
2008-04-13 21:12:10 ----A---- C:\WINDOWS\system32\wsecedit.dll
2008-04-13 21:12:10 ----A---- C:\WINDOWS\system32\wscsvc.dll
2008-04-13 21:12:10 ----A---- C:\WINDOWS\system32\ws2help.dll
2008-04-13 21:12:10 ----A---- C:\WINDOWS\system32\ws2_32.dll
2008-04-13 21:12:10 ----A---- C:\WINDOWS\system32\wow32.dll
2008-04-13 21:12:10 ----A---- C:\WINDOWS\system32\wmstream.dll
2008-04-13 21:12:09 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2008-04-13 21:12:09 ----A---- C:\WINDOWS\system32\wlnotify.dll
2008-04-13 21:12:09 ----A---- C:\WINDOWS\system32\wldap32.dll
2008-04-13 21:12:09 ----A---- C:\WINDOWS\system32\wkssvc.dll
2008-04-13 21:12:09 ----A---- C:\WINDOWS\system32\wintrust.dll
2008-04-13 21:12:09 ----A---- C:\WINDOWS\system32\winsta.dll
2008-04-13 21:12:09 ----A---- C:\WINDOWS\system32\winsrv.dll
2008-04-13 21:12:09 ----A---- C:\WINDOWS\system32\winshfhc.dll
2008-04-13 21:12:09 ----A---- C:\WINDOWS\system32\winscard.dll
2008-04-13 21:12:09 ----A---- C:\WINDOWS\system32\winrnr.dll
2008-04-13 21:12:09 ----A---- C:\WINDOWS\system32\winmm.dll
2008-04-13 21:12:09 ----A---- C:\WINDOWS\system32\winipsec.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\win32spl.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\wiavideo.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\wiashext.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\wiaservc.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\wiascr.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\wiadss.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\wiadefui.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\webvw.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\webclnt.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\wdigest.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\wavemsp.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\w3ssl.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\w32time.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\vssapi.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\version.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\verifier.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\vdmredir.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\vdmdbg.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\vbajet32.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\uxtheme.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\usp10.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\userenv.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\user32.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\usbui.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\usbmon.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\upnpui.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\upnphost.dll
2008-04-13 21:12:08 ----A---- C:\WINDOWS\system32\upnp.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\twain_32.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\untfs.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\uniplat.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\unimdmat.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\umandlg.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\ulib.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\udhisapi.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\txflog.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\twext.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\trkwks.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\tlntsvrp.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\themeui.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\termmgr.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\tcpmon.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\tcpmib.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\tapisrv.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\tapi32.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\tapi3.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\syssetup.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\syncui.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\synceng.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\sxs.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\strmfilt.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\storprop.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\stobject.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\sti_ci.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\sti.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\stclient.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\srvsvc.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-04-13 21:12:07 ----A---- C:\WINDOWS\system32\srclient.dll
2008-04-13 21:12:06 ----A---- C:\WINDOWS\system32\sqlunirl.dll
2008-04-13 21:12:06 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2008-04-13 21:12:06 ----A---- C:\WINDOWS\system32\spoolss.dll
2008-04-13 21:12:06 ----A---- C:\WINDOWS\system32\snmpsnap.dll
2008-04-13 21:12:06 ----A---- C:\WINDOWS\system32\snmpapi.dll
2008-04-13 21:12:06 ----A---- C:\WINDOWS\system32\smlogcfg.dll
2008-04-13 21:12:06 ----A---- C:\WINDOWS\system32\slbiop.dll
2008-04-13 21:12:06 ----A---- C:\WINDOWS\system32\slayerxp.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\sigtab.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\shsvcs.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\shscrap.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\shmedia.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\shlwapi.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\shimgvw.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\shimeng.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\shgina.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\shfolder.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\shdocvw.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\sfcfiles.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\sfc_os.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\sfc.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\sensapi.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\sens.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\sendmail.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\sendcmsg.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\security.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\seclogon.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\sdhcinst.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\sclgntfy.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\scesrv.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\scecli.dll
2008-04-13 21:12:05 ----A---- C:\WINDOWS\system32\sccsccp.dll
2008-04-13 21:12:04 ----A---- C:\WINDOWS\system32\scarddlg.dll
2008-04-13 21:12:04 ----A---- C:\WINDOWS\system32\sbeio.dll
2008-04-13 21:12:04 ----A---- C:\WINDOWS\system32\samsrv.dll
2008-04-13 21:12:04 ----A---- C:\WINDOWS\system32\samlib.dll
2008-04-13 21:12:04 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-04-13 21:12:04 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-04-13 21:12:04 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-04-13 21:12:04 ----A---- C:\WINDOWS\system32\rtutils.dll
2008-04-13 21:12:04 ----A---- C:\WINDOWS\system32\rtipxmib.dll
2008-04-13 21:12:04 ----A---- C:\WINDOWS\system32\rsvpsp.dll
2008-04-13 21:12:04 ----A---- C:\WINDOWS\system32\rsmps.dll
2008-04-13 21:12:04 ----A---- C:\WINDOWS\system32\rshx32.dll
2008-04-13 21:12:04 ----A---- C:\WINDOWS\system32\riched20.dll
2008-04-13 21:12:04 ----A---- C:\WINDOWS\system32\resutils.dll
2008-04-13 21:12:04 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-04-13 21:12:04 ----A---- C:\WINDOWS\system32\regwizc.dll
2008-04-13 21:12:04 ----A---- C:\WINDOWS\system32\regsvc.dll
2008-04-13 21:12:04 ----A---- C:\WINDOWS\system32\regapi.dll
2008-04-13 21:12:04 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\rcbdyctl.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\rastls.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\rastapi.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\rassapi.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\rasppp.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\rasmans.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\rasman.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\rasdlg.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\raschap.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\rasauto.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\rasapi32.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\rasadhlp.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\query.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\qedit.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\qdvd.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\qdv.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\qcap.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\pstorsvc.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\pstorec.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\psbase.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\psapi.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\profmap.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\printui.dll
2008-04-13 21:12:03 ----A---- C:\WINDOWS\system32\powrprof.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\polstore.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\pnrpnsp.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\pjlmon.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\pid.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\photowiz.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\perfproc.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\perfos.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\perfnet.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\perfdisk.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\perfctrs.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\pautoenr.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\p2psvc.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\p2pnetsh.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\p2pgraph.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\p2pgasvc.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\p2p.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\osuninst.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\opengl32.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\olepro32.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\oleprn.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\oledlg.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\olecnv32.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\olecli32.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\oleaut32.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\ole32.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\offfilt.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\odtext32.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\odpdx32.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\odfox32.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\odexl32.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\oddbse32.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\odbctrac.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\odbcjt32.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\odbccu32.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\odbccr32.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\odbccp32.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\odbcconf.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\odbcbcp.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\odbc32gt.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\odbc32.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\ocmanage.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\objsel.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\oakley.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\nwwks.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\nwprovau.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\nwapi32.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\ntvdmd.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\ntshrui.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\ntprint.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\ntmssvc.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\ntmsmgr.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\ntmsdba.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\ntmsapi.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\ntmarta.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\ntlanman.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\ntdsapi.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\npptools.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\nlhtml.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\newdev.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\netui1.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\netui0.dll
2008-04-13 21:12:02 ----A---- C:\WINDOWS\system32\netshell.dll
2008-04-13 21:12:01 ----A---- C:\WINDOWS\system32\netrap.dll
2008-04-13 21:12:01 ----A---- C:\WINDOWS\system32\netplwiz.dll
2008-04-13 21:12:01 ----A---- C:\WINDOWS\system32\netman.dll
2008-04-13 21:12:01 ----A---- C:\WINDOWS\system32\netlogon.dll
2008-04-13 21:12:01 ----A---- C:\WINDOWS\system32\netid.dll
2008-04-13 21:12:01 ----A---- C:\WINDOWS\system32\netcfgx.dll
2008-04-13 21:12:01 ----A---- C:\WINDOWS\system32\nddenb32.dll
2008-04-13 21:12:01 ----A---- C:\WINDOWS\system32\nddeapi.dll
2008-04-13 21:12:01 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2008-04-13 21:12:01 ----A---- C:\WINDOWS\system32\mydocs.dll
2008-04-13 21:12:01 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-04-13 21:12:01 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-04-13 21:12:01 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-04-13 21:12:01 ----A---- C:\WINDOWS\system32\msyuv.dll
2008-04-13 21:12:01 ----A---- C:\WINDOWS\system32\msxml2.dll
2008-04-13 21:12:01 ----A---- C:\WINDOWS\system32\msxml.dll
2008-04-13 21:12:01 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2008-04-13 21:12:01 ----A---- C:\WINDOWS\system32\msw3prt.dll
2008-04-13 21:12:01 ----A---- C:\WINDOWS\system32\msvfw32.dll
2008-04-13 21:12:01 ----A---- C:\WINDOWS\system32\msvcrt.dll
2008-04-13 21:12:01 ----A---- C:\WINDOWS\system32\msvcp60.dll
2008-04-13 21:12:01 ----A---- C:\WINDOWS\system32\msvcirt.dll
2008-04-13 21:12:00 ----A---- C:\WINDOWS\system32\msvbvm60.dll
2008-04-13 21:12:00 ----A---- C:\WINDOWS\system32\msv1_0.dll
2008-04-13 21:12:00 ----A---- C:\WINDOWS\system32\msutb.dll
2008-04-13 21:12:00 ----A---- C:\WINDOWS\system32\mstlsapi.dll
2008-04-13 21:12:00 ----A---- C:\WINDOWS\system32\mstask.dll
2008-04-13 21:12:00 ----A---- C:\WINDOWS\system32\mssap.dll
2008-04-13 21:12:00 ----A---- C:\WINDOWS\system32\msrle32.dll
2008-04-13 21:12:00 ----A---- C:\WINDOWS\system32\mspatcha.dll
2008-04-13 21:12:00 ----A---- C:\WINDOWS\system32\msorcl32.dll
2008-04-13 21:12:00 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-04-13 21:12:00 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-04-13 21:12:00 ----A---- C:\WINDOWS\system32\msnsspc.dll
2008-04-13 21:12:00 ----A---- C:\WINDOWS\system32\mslbui.dll
2008-04-13 21:12:00 ----A---- C:\WINDOWS\system32\msjint40.dll
2008-04-13 21:11:59 ----A---- C:\WINDOWS\system32\msisip.dll
2008-04-13 21:11:59 ----A---- C:\WINDOWS\system32\msimtf.dll
2008-04-13 21:11:59 ----A---- C:\WINDOWS\system32\msimg32.dll
2008-04-13 21:11:59 ----A---- C:\WINDOWS\system32\msihnd.dll
2008-04-13 21:11:59 ----A---- C:\WINDOWS\system32\msieftp.dll
2008-04-13 21:11:59 ----A---- C:\WINDOWS\system32\msidle.dll
2008-04-13 21:11:59 ----A---- C:\WINDOWS\system32\msident.dll
2008-04-13 21:11:59 ----A---- C:\WINDOWS\system32\msi.dll
2008-04-13 21:11:59 ----A---- C:\WINDOWS\system32\msgsvc.dll
2008-04-13 21:11:59 ----A---- C:\WINDOWS\system32\msgina.dll
2008-04-13 21:11:59 ----A---- C:\WINDOWS\system32\msftedit.dll
2008-04-13 21:11:59 ----A---- C:\WINDOWS\system32\msdmo.dll
2008-04-13 21:11:59 ----A---- C:\WINDOWS\system32\msdart.dll
2008-04-13 21:11:58 ----A---- C:\WINDOWS\system32\msdadiag.dll
2008-04-13 21:11:58 ----A---- C:\WINDOWS\system32\msctfp.dll
2008-04-13 21:11:58 ----A---- C:\WINDOWS\system32\msctf.dll
2008-04-13 21:11:58 ----A---- C:\WINDOWS\system32\mscpxl32.dll
2008-04-13 21:11:58 ----A---- C:\WINDOWS\system32\msconf.dll
2008-04-13 21:11:58 ----A---- C:\WINDOWS\system32\msasn1.dll
2008-04-13 21:11:58 ----A---- C:\WINDOWS\system32\msapsspc.dll
2008-04-13 21:11:58 ----A---- C:\WINDOWS\system32\msacm32.dll
2008-04-13 21:11:58 ----A---- C:\WINDOWS\system32\mqutil.dll
2008-04-13 21:11:58 ----A---- C:\WINDOWS\system32\mqupgrd.dll
2008-04-13 21:11:58 ----A---- C:\WINDOWS\system32\mqtrig.dll
2008-04-13 21:11:58 ----A---- C:\WINDOWS\system32\mqsnap.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\mqsec.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\mqrtdep.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\mqrt.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\mqqm.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\mqoa.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\mqlogmgr.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\mqise.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\mqdscli.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\mqad.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\mprdim.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\mprapi.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\mpr.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\modemui.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\mobsync.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\mmcshext.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\mmcbase.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\mlang.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\mimefilt.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\miglibnt.dll
2008-04-13 21:11:57 ----A---- C:\WINDOWS\system32\midimap.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\mfcsubs.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\mfc42.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\mfc40u.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\mf3216.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\mdminst.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\mciwave.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\mciseq.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\mciqtz32.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\mciavi32.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\mcastmib.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\lprhelp.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\lpk.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\localui.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\localsec.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\loadperf.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\lmrt.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\linkinfo.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\keymgr.dll
2008-04-13 21:11:56 ----A---- C:\WINDOWS\system32\kerberos.dll
2008-04-13 21:11:55 ----N---- C:\WINDOWS\system32\jgpl400.dll
2008-04-13 21:11:55 ----N---- C:\WINDOWS\system32\jgdw400.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\iyuv_32.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\ixsso.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\itss.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\itircl.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\isign32.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\irmon.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\ir50_qcx.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\ir50_qc.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\ir50_32.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\ir41_qcx.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\ir41_qc.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\ipxwan.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\ipv6mon.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\ipsmsnap.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\ipsecsnp.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\ippromon.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\ipmontr.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\iphlpapi.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\input.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\initpki.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\inetppui.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\inetpp.dll
2008-04-13 21:11:55 ----A---- C:\WINDOWS\system32\inetmib1.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\imm32.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\imeshare.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\imagehlp.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\ils.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\igmpagnt.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\ifmon.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\idq.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\icm32.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\iccvid.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\iasrad.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\htui.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\httpapi.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\hotplug.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\hnetwiz.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\hlink.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\hid.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\hhsetup.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\hccoin.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\h323msp.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\gptext.dll
2008-04-13 21:11:54 ----A---- C:\WINDOWS\system32\glu32.dll
2008-04-13 21:11:53 ----A---- C:\WINDOWS\system32\fwcfg.dll
2008-04-13 21:11:53 ----A---- C:\WINDOWS\system32\fontext.dll
2008-04-13 21:11:53 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-04-13 21:11:53 ----A---- C:\WINDOWS\system32\fldrclnr.dll
2008-04-13 21:11:53 ----A---- C:\WINDOWS\system32\filemgmt.dll
2008-04-13 21:11:53 ----A---- C:\WINDOWS\system32\feclient.dll
2008-04-13 21:11:53 ----A---- C:\WINDOWS\system32\fdeploy.dll
2008-04-13 21:11:53 ----A---- C:\WINDOWS\system32\fde.dll
2008-04-13 21:11:53 ----A---- C:\WINDOWS\system32\faultrep.dll
2008-04-13 21:11:53 ----A---- C:\WINDOWS\system32\exts.dll
2008-04-13 21:11:53 ----A---- C:\WINDOWS\system32\expsrv.dll
2008-04-13 21:11:53 ----A---- C:\WINDOWS\system32\eventlog.dll
2008-04-13 21:11:53 ----A---- C:\WINDOWS\system32\esent.dll
2008-04-13 21:11:53 ----A---- C:\WINDOWS\system32\ersvc.dll
2008-04-13 21:11:53 ----A---- C:\WINDOWS\system32\encapi.dll
2008-04-13 21:11:53 ----A---- C:\WINDOWS\system32\els.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\efsadu.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dxmasf.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dx8vb.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dx7vb.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\duser.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dswave.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dsuiext.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dssec.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dsquery.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dsprop.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dsound3d.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dsound.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dskquoui.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dskquota.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dsdmo.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\ds32gt.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\drprov.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dpvvox.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dpvoice.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dpvacm.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dpnet.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dpmodemx.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dplayx.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dpcdll.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\docprop2.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dmutil.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dmusic.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dmsynth.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dmstyle.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dmserver.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dmscript.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dmloader.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dmime.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dmdskmgr.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dmdlgs.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dmcompos.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dmband.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dispex.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\diskcopy.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dinput8.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dinput.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\digest.dll
2008-04-13 21:11:52 ----A---- C:\WINDOWS\system32\dhcpmon.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\dgnet.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\dfsshlex.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\dfrgui.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\devmgr.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\devenum.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\ddrawex.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\ddraw.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\dciman32.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\dbnmpntw.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\dbnetlib.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\dbghelp.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\davclnt.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\datime.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\dataclen.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\danim.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\d3dim700.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\d3d9.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\d3d8.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\csrsrv.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\cscui.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\cscdll.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\cryptui.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\cryptsvc.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\cryptnet.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\cryptext.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\cryptdll.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\cryptdlg.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\crypt32.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\credui.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\confmsp.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\comuid.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\comres.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\compstui.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\compatui.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\comdlg32.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\comctl32.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-04-13 21:11:51 ----A---- C:\WINDOWS\system32\colbact.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\cnbjmon.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\cmutil.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\cmsetacl.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\cmdial32.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\cmcfg32.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\clusapi.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\cliconfg.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\ciodm.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\cic.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\certmgr.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\certcli.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\cdosys.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\cdfview.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\capesnpn.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\camocx.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\cabview.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\cabinet.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\btpanui.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\bthserv.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\bthci.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\browsewm.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\browseui.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\browser.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\bidispl.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\batt.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\batmeter.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\basesrv.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\avifil32.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\authz.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\audiosrv.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\atmlib.dll
2008-04-13 21:11:50 ----A---- C:\WINDOWS\system32\atl.dll
2008-04-13 21:11:49 ----A---- C:\WINDOWS\system32\asycfilt.dll
2008-04-13 21:11:49 ----A---- C:\WINDOWS\system32\appmgr.dll
2008-04-13 21:11:49 ----A---- C:\WINDOWS\system32\appmgmts.dll
2008-04-13 21:11:49 ----A---- C:\WINDOWS\system32\apphelp.dll
2008-04-13 21:11:49 ----A---- C:\WINDOWS\system32\amstream.dll
2008-04-13 21:11:49 ----A---- C:\WINDOWS\system32\alrsvc.dll
2008-04-13 21:11:48 ----A---- C:\WINDOWS\system32\adsnw.dll
2008-04-13 21:11:48 ----A---- C:\WINDOWS\system32\adsnt.dll
2008-04-13 21:11:48 ----A---- C:\WINDOWS\system32\adsmsext.dll
2008-04-13 21:11:48 ----A---- C:\WINDOWS\system32\adsldpc.dll
2008-04-13 21:11:48 ----A---- C:\WINDOWS\system32\adsldp.dll
2008-04-13 21:11:48 ----A---- C:\WINDOWS\system32\actxprxy.dll
2008-04-13 21:11:48 ----A---- C:\WINDOWS\system32\activeds.dll
2008-04-13 21:11:48 ----A---- C:\WINDOWS\system32\aclui.dll
2008-04-13 21:11:48 ----A---- C:\WINDOWS\system32\6to4svc.dll
2008-04-13 21:11:15 ----A---- C:\WINDOWS\system32\wmi.dll
2008-04-13 21:11:11 ----A---- C:\WINDOWS\system32\winntbbu.dll
2008-04-13 21:11:09 ----A---- C:\WINDOWS\system32\pidgen.dll
2008-04-13 21:10:31 ----A---- C:\WINDOWS\system32\odbcji32.dll
2008-04-13 21:10:08 ----A---- C:\WINDOWS\system32\msdxmlc.dll
2008-04-13 21:10:06 ----A---- C:\WINDOWS\system32\msafd.dll
2008-04-13 21:09:55 ----A---- C:\WINDOWS\system32\kbdukx.dll
2008-04-13 21:09:55 ----A---- C:\WINDOWS\system32\kbdsmsno.dll
2008-04-13 21:09:55 ----A---- C:\WINDOWS\system32\kbdsmsfi.dll
2008-04-13 21:09:55 ----A---- C:\WINDOWS\system32\kbdno1.dll
2008-04-13 21:09:55 ----A---- C:\WINDOWS\system32\kbdnec.dll
2008-04-13 21:09:55 ----A---- C:\WINDOWS\system32\kbdmlt48.dll
2008-04-13 21:09:55 ----A---- C:\WINDOWS\system32\kbdmlt47.dll
2008-04-13 21:09:55 ----A---- C:\WINDOWS\system32\kbdmaori.dll
2008-04-13 21:09:55 ----A---- C:\WINDOWS\system32\kbdinmal.dll
2008-04-13 21:09:55 ----A---- C:\WINDOWS\system32\kbdinben.dll
2008-04-13 21:09:55 ----A---- C:\WINDOWS\system32\kbdinbe1.dll
2008-04-13 21:09:55 ----A---- C:\WINDOWS\system32\kbdfi1.dll
2008-04-13 21:09:40 ----A---- C:\WINDOWS\system32\icmp.dll
2008-04-13 21:09:35 ----A---- C:\WINDOWS\system32\gpedit.dll
2008-04-13 21:09:33 ----A---- C:\WINDOWS\system32\framebuf.dll
2008-04-13 21:09:20 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2008-04-13 21:09:19 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2008-04-13 21:09:05 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
2008-04-13 21:09:01 ----A---- C:\WINDOWS\system32\atmfd.dll
2008-04-13 15:43:31 ----A---- C:\WINDOWS\system32\spiisupd.exe
2008-04-13 15:31:35 ----A---- C:\WINDOWS\system32\kd1394.dll
2008-04-13 15:31:28 ----A---- C:\WINDOWS\system32\HAL.DLL
2008-04-13 15:30:46 ----A---- C:\WINDOWS\system32\msvcrt40.dll
2008-04-13 14:39:29 ----A---- C:\WINDOWS\system32\xpob2res.dll
2008-04-13 14:39:26 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2008-04-13 14:39:24 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2008-04-13 14:39:22 ----A---- C:\WINDOWS\system32\xpsp1res.dll
2008-04-13 14:37:57 ----A---- C:\WINDOWS\system32\rsaenh.dll
2008-04-13 14:37:57 ----A---- C:\WINDOWS\system32\dssenh.dll
2008-04-13 14:26:07 ----A---- C:\WINDOWS\system32\mscpx32r.dll
2008-04-13 14:26:05 ----A---- C:\WINDOWS\system32\odbcp32r.dll
2008-04-13 14:26:05 ----A---- C:\WINDOWS\system32\odbcint.dll
2008-04-13 14:24:14 ----A---- C:\WINDOWS\system32\msorc32r.dll
2008-04-13 14:21:32 ----A---- C:\WINDOWS\system32\qedwipes.dll
2008-04-13 14:09:30 ----A---- C:\WINDOWS\system32\dsprpres.dll
2008-04-13 14:03:24 ----A---- C:\WINDOWS\system32\browselc.dll
2008-04-13 14:03:19 ----A---- C:\WINDOWS\system32\shdoclc.dll
2008-04-13 13:48:53 ----A---- C:\WINDOWS\system32\winbrand.dll
2008-04-13 13:45:30 ----A---- C:\WINDOWS\system32\moricons.dll
2008-04-13 13:23:31 ----A---- C:\WINDOWS\system32\msprivs.dll
2008-04-13 13:22:12 ----A---- C:\WINDOWS\system32\inetres.dll
2008-04-13 12:39:43 ----A---- C:\WINDOWS\system32\msimsg.dll
2008-04-11 16:04:26 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-03-25 01:50:58 ----A---- C:\WINDOWS\system32\msxbde40.dll
2008-03-25 01:50:58 ----A---- C:\WINDOWS\system32\mswstr10.dll
2008-03-25 01:50:57 ----A---- C:\WINDOWS\system32\mswdat10.dll
2008-03-25 01:50:55 ----A---- C:\WINDOWS\system32\mstext40.dll
2008-03-25 01:50:52 ----A---- C:\WINDOWS\system32\msrepl40.dll
2008-03-25 01:50:49 ----A---- C:\WINDOWS\system32\msrd3x40.dll
2008-03-25 01:50:47 ----A---- C:\WINDOWS\system32\msrd2x40.dll
2008-03-25 01:50:45 ----A---- C:\WINDOWS\system32\mspbde40.dll
2008-03-25 01:50:44 ----A---- C:\WINDOWS\system32\msltus40.dll
2008-03-25 01:50:42 ----A---- C:\WINDOWS\system32\msjtes40.dll
2008-03-25 01:50:42 ----A---- C:\WINDOWS\system32\msjter40.dll
2008-03-25 01:50:40 ----A---- C:\WINDOWS\system32\msjetoledb40.dll
2008-03-25 01:50:34 ----A---- C:\WINDOWS\system32\msjet40.dll
2008-03-25 01:50:30 ----A---- C:\WINDOWS\system32\msexcl40.dll
2008-03-25 01:50:28 ----A---- C:\WINDOWS\system32\msexch40.dll
2008-03-20 18:06:36 ----N---- C:\WINDOWS\system32\LegitCheckControl.dll
2008-01-04 13:34:01 ----D---- C:\WINDOWS\twain_32
2007-12-27 22:32:41 ----A---- C:\WINDOWS\PhotoSnapViewer.INI
2007-12-27 22:13:00 ----D---- C:\Documents and Settings\All Users\Application Data\YAHOO
2007-12-24 20:49:45 ----D---- C:\WINDOWS\system32\Macromed
2007-12-24 20:34:36 ----D---- C:\Program Files\Creative
2007-12-22 16:15:49 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2007-12-22 13:21:15 ----D---- C:\Documents and Settings\Hector Lamberti\Application Data\Macromedia
2007-12-22 13:17:49 ----D---- C:\Documents and Settings\All Users\Application Data\Ulead Systems
2007-12-22 13:17:49 ----A---- C:\WINDOWS\Ulead32.ini
2007-12-19 01:43:40 ----D---- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2007-12-18 16:06:41 ----A---- C:\WINDOWS\pex.INI
2007-12-18 15:55:01 ----D---- C:\WINDOWS\system32\1025
2007-12-11 12:31:05 ----HD---- C:\Program Files\Creative Installation Information
2007-12-08 02:06:00 ----D---- C:\EPSONREG
2007-12-07 18:33:20 ----D---- C:\Program Files\ATI Technologies
2007-12-07 18:28:26 ----D---- C:\Temp
2007-10-27 19:40:30 ----A---- C:\WINDOWS\system32\wmasf.dll
2007-10-04 14:05:15 ----D---- C:\WINDOWS
2007-10-02 17:49:20 ----AD---- C:\WINDOWS\Temp
2007-09-30 00:08:56 ----RD---- C:\Program Files
2007-09-30 00:08:56 ----D---- C:\Program Files\Common Files
2007-09-29 23:35:25 ----D---- C:\Program Files\Mozilla Firefox
2007-09-27 22:24:33 ----D---- C:\WINDOWS\system32\CatRoot2
2007-09-27 01:35:17 ----A---- C:\WINDOWS\system32\prsgrc.dll
2007-09-25 13:28:23 ----D---- C:\WINDOWS\Registration
2007-09-25 12:58:41 ----N---- C:\WINDOWS\SchedLgU.Txt
2007-09-24 13:24:07 ----RASH---- C:\boot.ini
2007-09-24 13:24:07 ----A---- C:\WINDOWS\win.ini
2007-09-24 13:24:07 ----A---- C:\WINDOWS\system.ini
2007-09-22 15:47:26 ----D---- C:\WINDOWS\system32
2007-09-22 15:22:59 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2007-09-20 23:18:43 ----D---- C:\WINDOWS\system32\drivers
2007-09-20 10:54:30 ----HDC---- C:\WINDOWS\$NtUninstallWMCSetup$
2007-09-20 10:41:53 ----SHD---- C:\WINDOWS\Installer
2007-09-20 10:15:31 ----RSD---- C:\WINDOWS\Fonts
2007-09-20 09:37:18 ----HD---- C:\WINDOWS\inf
2007-09-20 09:36:42 ----SHD---- C:\RECYCLER
2007-09-10 23:47:08 ----HD---- C:\Program Files\InstallShield Installation Information
2007-09-10 14:11:00 ----RSHD---- C:\WINDOWS\system32\dllcache
2007-09-10 12:10:34 ----A---- C:\WINDOWS\system32\ssprs.dll
2007-09-10 12:10:34 ----A---- C:\WINDOWS\system32\gkhlecl.dll
2007-09-10 12:10:34 ----A---- C:\WINDOWS\system32\clauth2.dll
2007-09-10 12:10:34 ----A---- C:\WINDOWS\system32\clauth1.dll
2007-09-09 00:49:54 ----A---- C:\WINDOWS\system32\grcauth2.dll
2007-09-09 00:49:54 ----A---- C:\WINDOWS\system32\grcauth1.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2007-02-02 9336]
R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2007-02-02 9464]
R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2004-03-08 13567]
R1 eabfiltr;EABFiltr; \??\C:\WINDOWS\system32\drivers\EABFiltr.sys []
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-02-29 29704]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-02-29 33800]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2005-04-05 267192]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2009-06-12 8552]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-02-29 39944]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-03-08 988672]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2005-12-17 424320]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-06-07 329901]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-06-07 855018]
R3 CAMCAUD;Conexant AMC 3D Environmental Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2004-11-17 293120]
R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2004-11-17 280192]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 Eplpdx02;Eplpdx02; \??\C:\WINDOWS\system32\Drivers\EPLPDX02.SYS []
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-12-15 1038208]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2004-12-15 207232]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NuidFltr;NUID filter driver; C:\WINDOWS\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2005-06-10 21760]
R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-02-02 191456]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-03-16 159488]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-12-15 703232]
S1 cdrbsvsd;cdrbsvsd; C:\WINDOWS\system32\drivers\cdrbsvsd.sys []
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
S3 ACCSKMD;Canon Camera Storage Device; C:\WINDOWS\system32\DRIVERS\accskmd.sys [2004-02-25 32640]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
S3 AVC3310F;AVC-3310/AVC-3610 USB Loader; C:\WINDOWS\System32\Drivers\avcuwfl2.sys [2004-11-02 17536]
S3 AvcUWil2;Adaptec AVC-3210/3310/3610 USB Device; C:\WINDOWS\system32\DRIVERS\avcuwil2.sys [2004-11-02 1433920]
S3 BCM42RLY;BCM42RLY; \??\C:\WINDOWS\System32\BCM42RLY.SYS []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-06-07 30459]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-06-07 149028]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2006-06-07 47811]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-06-07 67384]
S3 CBTNDIS5;CBTNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\CBTNDIS5.SYS []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 eabusb;eabusb; \??\C:\WINDOWS\system32\drivers\eabusb.sys []
S3 HidIr;Microsoft Infrared HID Driver; C:\WINDOWS\system32\DRIVERS\hidir.sys [2008-04-13 19200]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-09-29 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-09-29 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-09-29 21744]
S3 IrBus;Infrared bus filter driver for eHome remote controls; C:\WINDOWS\system32\DRIVERS\IrBus.sys [2008-04-13 46592]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NETMDUSB;Net MD; C:\WINDOWS\System32\Drivers\NETMDUSB.sys [2002-08-08 38951]
S3 odysseyIM4;Odyssey Network Agent Miniport; C:\WINDOWS\system32\DRIVERS\odysseyIM4.sys [2004-09-25 173056]
S3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SE27bus;Sony Ericsson Device 039 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE27bus.sys [2006-04-28 61600]
S3 SE27mdfl;Sony Ericsson Device 039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE27mdfl.sys [2006-04-28 9360]
S3 SE27mdm;Sony Ericsson Device 039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE27mdm.sys [2006-04-28 97184]
S3 SE27mgmt;Sony Ericsson Device 039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE27mgmt.sys [2006-04-28 88688]
S3 SE27obex;Sony Ericsson Device 039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE27obex.sys [2006-04-28 86560]
S3 se27unic;Sony Ericsson Device 039 USB Ethernet Emulation SEMC39 (WDM); C:\WINDOWS\system32\DRIVERS\se27unic.sys [2006-04-28 90800]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SMCIRDA;SMC IrCC Miniport Device Driver; C:\WINDOWS\system32\DRIVERS\smcirda.sys [2001-08-17 35913]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2005-04-05 11512]
S3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2005-04-05 173208]
S3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2005-04-05 36984]
S3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2005-04-05 47192]
S3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2005-04-05 17976]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBVCD;Canon USB Video; C:\WINDOWS\system32\drivers\USBVCD.sys [2004-03-17 55168]
S3 VCIDRV;Canon USB Video Control; C:\WINDOWS\system32\drivers\VCIDrv.sys [2004-03-17 6528]
S3 W8335XP;NETGEAR WG511v2 54 Mbps Wireless PC Card for Windows XP (8335); C:\WINDOWS\system32\DRIVERS\WG511v2.sys []
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2007-09-02 980512]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-03-08 352256]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-06-07 266295]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-12 44032]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-02-29 472320]
R2 IS360service;IS360service; C:\Program Files\IObit\IObit Security 360\IS360srv.exe [2009-08-20 305936]
R2 KodakSvc;Kodak AiO Device Service; C:\Program Files\Kodak\printer\center\KodakSvc.exe [2007-12-13 18944]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2006-11-02 174656]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 ndkfoxzt;Microsoft USB 2.0 Enhanced Host Controller Miniport Controller; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S2 NOD32FiXTemDono;Eset Nod32 Boot; C:\WINDOWS\system32\regedt32.exe [2004-08-09 3584]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
S3 AresChatServer;Ares Chatroom server; C:\Program Files\Ares\chatServer.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2008-02-29 19200]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-07-22 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 hpqwmi;HP WMI Interface; C:\Program Files\HPQ\SHARED\HPQWMI.exe [2005-03-04 98304]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2007-06-01 501312]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 PACSPTISVR;PACSPTISVR; C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE [2004-01-30 65625]
S3 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [2005-04-05 206552]
S3 SPTISRV;Sony SPTI Service; C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe [2004-01-30 65622]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []

-----------------EOF-----------------
gabol
Regular Member
 
Posts: 48
Joined: July 21st, 2009, 11:08 am

Re: Network adapters have yellow caution sign -Router issue

Unread postby gabol » October 4th, 2009, 2:55 pm

Hi,

:cry: I'm Sorry about the order I sent the files to you. I just got too excited about sending the info I forgot your request. I'm still not able to connect to the internet and the network adapters are still in yellow.

Looking forward to your reply. Thanks
Gabol :bigsmurf:
gabol
Regular Member
 
Posts: 48
Joined: July 21st, 2009, 11:08 am

Re: Network adapters have yellow caution sign -Router issue

Unread postby Dakeyras » October 4th, 2009, 3:39 pm

Hi. :)

I'm Sorry about the order I sent the files to you. I just got too excited about sending the info I forgot your request. I'm still not able to connect to the internet and the network adapters are still in yellow.
Not a problem.

I have bad news I'm afraid :(

One or more of the identified infections is a Backdoor Trojan.

OK since we are dealing with the aforementioned infection(s) I would be providing your good self with a disservice if I did not make you aware of the ramifications below:

This allows hackers to remotely control your computer, steal critical system information and Download and Execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Although an attempt could be made to clean this machine, it could never be considered to be truly clean, secure, or trustworthy. We could not say definitively that unknown and unseen malware will have been removed, nor will your system be restored to its pre-infection state. We cannot remedy unknown changes the malware may likely have made in order to allow itself access, nor can we repair the damage it may possibly have caused to vital system files. Additionally, it is quite possible that changes made to the system by the malware may impact negatively on your computer during the removal process. In short, your system may never regain its former stability or its full functionality without a reformat. Therefore, your best and safest course of action is a reformat and reinstallation of the Windows operating system, and that is the course we strongly recommend.

Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

I can attempt to clean this machine but I can't guarantee that it will be at all secure afterwords.

Should you have any questions, please feel free to ask.

Please let myself know what you have decided to do in your next post.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8732
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: Network adapters have yellow caution sign -Router issue

Unread postby gabol » October 5th, 2009, 10:39 am

Hi, :cry:

I appreciate your help and time and your advice to reformat. I think i will reformat. But I'm curious about three things?
1) If I can not connect to the internet with the infected machine, how can they steel my information?
2) Can you tell me the name of the backdoor trojans?
3) Are the other machines connected to the router infected too?

Could you advise what is the best AntiVirus program i should change to and if the anti spyware programs I have are any good. And what other anti spyware and malware programs do you advice I should get?

And just to be clear, If I perform a system restore (that takes me back to factory settings) does that reformat the hard drive?

Looking foward to your reply,
Thanks,
Gabol
gabol
Regular Member
 
Posts: 48
Joined: July 21st, 2009, 11:08 am

Re: Network adapters have yellow caution sign -Router issue

Unread postby Dakeyras » October 5th, 2009, 11:03 am

Hi. :)

1) If I can not connect to the internet with the infected machine, how can they steel my information?
This in all likely hood occurred before the infections got so bad they rendered the actual network adapter in-operable. So with this in mind it is prudent to follow my advice.

2) Can you tell me the name of the backdoor trojans?
Most of them are randomly named but all stem from a Win32/Spy.Agent.QL infection which was used as the main infection vector to further compromise the machine.

3) Are the other machines connected to the router infected too?
I have no way to know this but it would be prudent to reset your router and apply a new admin password. Then update and run a scan with the security applications installed on the other machines.

Could you advise what is the best AntiVirus program i should change to and if the anti spyware programs I have are any good. And what other anti spyware and malware programs do you advice I should get?
By all means I shall do so below.

And just to be clear, If I perform a system restore (that takes me back to factory settings) does that reformat the hard drive?
If you mean via a on-board recovery partition then yes it would do so. This topic may be of assistance overall:-

How to Reformat and Reinstall your Operating System

Reformat and Reinstallation Advice:

  • Use an Anti Virus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.
    Here are some free Anti Virus programs which I recommend to use:
    • Antivir PersonalEditionClassic
      • Free anti-virus software for Windows.
      • Detects and removes more than 50,000 viruses. Free support.
    • avast! 4 Home Edition
        • Anti-virus program for Windows.
        • The home edition is freeware for noncommercial users.
    • Update your Anti Virus Software - It is imperative that you update your Anti virus software at least once a week (Even more if you wish). If you do not update your anti virus software then it will not be able to catch any of the new variants that may come out.
    • Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly.
      Here are some free Firewalls which I recommend to use:
      (Use only one, and disable your Windows Firewall)
    Note: Only ever have installed/use one Anti-Virus application and Software Firewall. Otherwise a system conflict will occur and this also lessens overall online protection!
  • Keep your system updated- Microsoft releases patches for Windows and other products regularly:
  • Make your Internet Explorer more secure - This can be done by following these simple instructions:
    • From within Internet Explorer click on the Tools menu and then click on Options.
    • Click once on the Security tab
    • Click once on the Internet icon so it becomes highlighted.
    • Click once on the Custom Level button.
      • Change the Download signed ActiveX controls to Prompt
      • Change the Download unsigned ActiveX controls to Disable
      • Change the Initialise and script ActiveX controls not marked as safe to Disable
      • Change the Installation of desktop items to Prompt
      • Change the Launching programs and files in an IFRAME to Prompt
      • Change the Navigate sub-frames across different domains to Prompt
      • When all these settings have been made, click on the OK button.
      • If it prompts you as to whether or not you want to save the settings, press the Yes button.
    • Next press the Apply button and then the OK to exit the Internet Properties page.
  • Malwarebytes' Anti-Malware - Download it from here
    The tutorial on how to use MBAM is located here
  • Install WinPatrol - Download it from here
    You can find information about how WinPatrol works here
  • Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.
    Download it from here
    The tutorial on how to use Spyware Blaster is located here
  • Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for your computer becoming infected again will reduce dramatically. Any questions feel free to ask OK!
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8732
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: Network adapters have yellow caution sign -Router issue

Unread postby gabol » October 6th, 2009, 7:56 am

Hi,

I have a few more questions, just so I understand how anti virus software and anti spyware software work.

1) I did notice that my anti virus software (NOD32) did detect the virus you mentioned and a pop up screen said it quarantined it. This was about a month ago. So, my questions is should I switch to Avira Antivir? Are you saying it's better than NOD32?

2) The anti spyware that you mentioned (Spyware Blaster, Win Patrol and Malware Anti) is that all I need to protect my computer? Besides an anti virus program.

Thanks and I think this is my last post.

Looking forward to your reply.
Gabol :bigsmurf:
gabol
Regular Member
 
Posts: 48
Joined: July 21st, 2009, 11:08 am

Re: Network adapters have yellow caution sign -Router issue

Unread postby Dakeyras » October 6th, 2009, 8:34 am

Hi. :)

1) I did notice that my anti virus software (NOD32) did detect the virus you mentioned and a pop up screen said it quarantined it. This was about a month ago. So, my questions is should I switch to Avira Antivir? Are you saying it's better than NOD32?
If you wish to reinstall ESET NOD32 that is fine and your prerogative, it is a good application. Plus may be a prudent move to do so until the subscription runs out and then either renew and or uninstall and download/install one of the freeware applications I recommended.

2) The anti spyware that you mentioned (Spyware Blaster, Win Patrol and Malware Anti) is that all I need to protect my computer? Besides an anti virus program.
Aye should be more than adequate providing those that do provide updates are applied(checked for) and the appropriate scans run a minimum of once per week.

Some further advice I do have about online safety:-

Avoid Peer to Peer software:

P2P may be a great way to get lots of seemingly freeware, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well. My advice avoid these types of software applications.

Be careful when opening attachments and downloading files:

  • Never open email attachments, not even if they are from someone you know. If you need to open them, scan them with your antivirus program before opening.
  • Never open emails from unknown senders.
  • Beware of emails that warn about viruses that are spreading, especially those from antivirus vendors. These email addresses can be easily spoofed. Check the antivirus vendor websites to be sure.
  • Be careful of what you download. Only download files from known sources. Also, avoid cracked programs. If you need a particular program that costs too much for you, try finding free alternatives on Sourceforge or Pricelessware.

Stop malicious scripts:

Windows by default allow scripts (which is VBScript and JavaScript) to run and some of these scripts are malicious. Use Noscript by Symantec or Script Defender by AnalogX to handle these

Finally a educational source:

To learn more about how to protect yourself while on the internet read this article by Tony Klein:

So how did I get infected in the first place?

Some consider this article outdated, personally I still think it bares relevance and the author is well respected in the Anti-Malware community and by myself also!

Any further questions, feel free to ask? If not stay safe!
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8732
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: Network adapters have yellow caution sign -Router issue

Unread postby gabol » October 8th, 2009, 3:17 pm

Hi again,

My PC Repair guy has cleaned my computer, he did not want to format. He believes in cleaning first, then if it does not then he'll format. Could you check my logs again to see if my notebook is now clean? By the way I'm posting this with the ex-infected and now clean laptop. :brilsmurf:
Thank you

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:10:07 PM, on 10/8/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kodak\printer\center\KodakSvc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customi ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - ?p=ZRfox000
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=laptop
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.viewpoint.com/MTSIns ... cat_uid=12
O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} (HidInputMonitorX Control) - file:///D:/components/hidinputmonitorx.ocx
O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} (A9Helper.A9) - file:///D:/components/A9.ocx
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 4388671796
O16 - DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} (WMVHDRatingCtrl Class) - file:///D:/components/wmvhdrating.ocx
O16 - DPF: {CCA0B877-CB5E-4ADC-AD30-457C379512DD} (Gif89 Lite Class) - http://192.168.0.35/xplugLite.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll c:\progra~1\google\google~2\goec62~1.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak AiO Device Service (KodakSvc) - Eastman Kodak Company - C:\Program Files\Kodak\printer\center\KodakSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe

--
End of file - 10399 bytes
gabol
Regular Member
 
Posts: 48
Joined: July 21st, 2009, 11:08 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 27 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware