ComboFix 08-01-23.1C - ******* 2008-01-29 7:08:56.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.282 [GMT 0:00]
Running from: C:\Documents and Settings\******\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\*******\Desktop\CFScript.txt
* Created a new restore point
FILE
C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\system32\drivers\sffdiskk.sys
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\system32\drivers\sffdiskk.sys
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_MS_COMMON_SERVICE
-------\LEGACY_NSNDIS5
-------\LEGACY_SFFDISKK
-------\MS Common Service
-------\NSNDIS5
-------\sffdiskk
((((((((((((((((((((((((( Files Created from 2007-12-28 to 2008-01-29 )))))))))))))))))))))))))))))))
.
2008-01-28 18:11 . 2008-01-28 18:11 21,344 --a------ C:\bar.emf
2008-01-28 11:44 . 2004-08-03 23:00 260,272 --a------ C:\cmldr
2008-01-28 11:44 . 2007-01-01 14:01 211 --a------ C:\Boot.bak
2008-01-27 21:42 . 2008-01-27 21:42 <DIR> dr-h----- C:\MSOCache
2008-01-27 18:38 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe
2008-01-27 11:46 . 2008-01-27 11:47 <DIR> d-------- C:\Program Files\CCleaner
2008-01-27 11:43 . 2008-01-27 19:27 <DIR> d-------- C:\HJT
2008-01-26 19:44 . 2008-01-26 19:44 <DIR> d-------- C:\Program Files\Enigma Software Group
2008-01-25 21:43 . 2008-01-27 18:30 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
2008-01-24 18:52 . 2008-01-24 18:52 0 --a------ C:\WINDOWS\nsreg.dat
2008-01-24 07:44 . 2008-01-24 17:22 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-01-24 07:44 . 2005-09-23 07:29 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2008-01-24 07:44 . 2007-10-04 17:10 79,688 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2008-01-24 07:44 . 2007-10-04 17:10 62,280 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2008-01-24 07:44 . 2007-10-04 17:10 41,288 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2008-01-24 07:44 . 2007-10-04 17:11 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2008-01-21 19:27 . 2008-01-21 19:27 <DIR> d-------- C:\Program Files\SonicWallES
2008-01-20 17:33 . 2008-01-20 17:33 306,432 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-01-20 17:32 . 2008-01-26 15:55 <DIR> d-------- C:\Program Files\TuneUp Utilities 2008
2008-01-20 14:51 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-01-20 14:48 . 2008-01-20 14:48 <DIR> d-------- C:\Program Files\Common Files\Java
2008-01-18 18:11 . 2008-01-18 18:11 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-18 18:10 . 2008-01-18 18:11 <DIR> d-------- C:\Program Files\iTunes
2008-01-18 18:07 . 2008-01-18 18:08 <DIR> d-------- C:\Program Files\QuickTime
2008-01-13 14:23 . 2008-01-13 14:23 <DIR> d-------- C:\Program Files\MyPublisher
2008-01-13 11:30 . 2008-01-13 14:25 <DIR> d-------- C:\Program Files\albumfactory Designer
2008-01-10 15:27 . 2008-01-10 15:27 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
2008-01-10 15:27 . 2008-01-10 15:27 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
2008-01-09 18:05 . 2008-01-09 18:05 <DIR> d-------- C:\T305
2008-01-09 18:05 . 2008-01-09 18:05 159 --a------ C:\WINDOWS\LAUNCHER.INI
2008-01-07 19:47 . 2008-01-07 19:47 <DIR> d-------- C:\Program Files\PC Wizard 2008
2008-01-07 19:47 . 2007-09-15 15:11 27,136 --a------ C:\WINDOWS\system32\PCWizard.cpl
2008-01-03 19:02 . 2008-01-05 13:20 20 --a------ C:\WINDOWS\popcinfot.dat
2008-01-03 19:02 . 2008-01-03 19:02 0 --a------ C:\WINDOWS\popcreg.dat
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-29 07:21 --------- d-----w C:\Program Files\PeerGuardian2
2008-01-29 07:20 17,350,176 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-01-29 07:17 5,283,840 ----a-w C:\WINDOWS\Internet Logs\xDB14.tmp
2008-01-29 07:17 28,672 ----a-w C:\WINDOWS\Internet Logs\xDB13.tmp
2008-01-29 07:17 239,636 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-01-29 07:03 707,072 ----a-w C:\WINDOWS\Internet Logs\xDB12.tmp
2008-01-27 21:46 --------- d-----w C:\Program Files\Microsoft Works
2008-01-27 18:47 88,576 ----a-w C:\WINDOWS\Internet Logs\xDB10.tmp
2008-01-27 18:47 5,256,704 ----a-w C:\WINDOWS\Internet Logs\xDB11.tmp
2008-01-27 11:41 --------- d-----w C:\Program Files\AnMing
2008-01-27 11:03 34,549,408 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip
2008-01-26 23:23 582,656 ----a-w C:\WINDOWS\Internet Logs\xDBF.tmp
2008-01-25 22:13 1,448,448 ----a-w C:\WINDOWS\Internet Logs\xDBE.tmp
2008-01-24 07:39 --------- d-----w C:\Program Files\Google
2008-01-20 21:43 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-01-20 21:16 78,848 ----a-w C:\WINDOWS\Internet Logs\xDBD.tmp
2008-01-20 20:49 --------- d-----w C:\Program Files\Tesco Photobook Creator
2008-01-20 20:49 --------- d-----w C:\Program Files\QuickPar
2008-01-20 20:43 5,129,728 ----a-w C:\WINDOWS\Internet Logs\xDBC.tmp
2008-01-20 20:43 1,385,984 ----a-w C:\WINDOWS\Internet Logs\xDBB.tmp
2008-01-20 17:41 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-01-20 14:51 --------- d-----w C:\Program Files\Java
2008-01-20 14:50 --------- d-----w C:\Program Files\MathType
2008-01-19 22:18 1,369,088 ----a-w C:\WINDOWS\Internet Logs\xDBA.tmp
2008-01-18 18:11 --------- d-----w C:\Program Files\iPod
2008-01-13 23:00 441,344 ----a-w C:\WINDOWS\Internet Logs\xDB9.tmp
2008-01-12 18:52 397,312 ----a-w C:\WINDOWS\Internet Logs\xDB8.tmp
2008-01-12 09:46 --------- d-----w C:\Program Files\Program Shortcuts
2008-01-10 21:00 --------- d-----w C:\Program Files\T529
2008-01-10 19:31 360,448 ----a-w C:\WINDOWS\Internet Logs\xDB2E.tmp
2008-01-09 17:59 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-09 17:59 --------- d-----w C:\Program Files\FirstClass
2008-01-09 15:32 316,416 ----a-w C:\WINDOWS\Internet Logs\xDB4C.tmp
2008-01-08 22:06 5,036,544 ----a-w C:\WINDOWS\Internet Logs\xDB7.tmp
2008-01-08 22:06 1,806,848 ----a-w C:\WINDOWS\Internet Logs\xDB6.tmp
2007-12-31 19:38 634,368 ----a-w C:\WINDOWS\Internet Logs\xDB5.tmp
2007-12-29 22:16 789,504 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp
2007-12-23 21:08 33,824 ----a-w C:\WINDOWS\system32\drivers\oreans32.sys
2007-12-22 22:48 260,608 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp
2007-12-22 16:57 --------- d-----w C:\Program Files\MSN Messenger
2007-12-22 16:57 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-20 10:41 29,440 ----a-w C:\WINDOWS\system32\uxtuneup.dll
2007-12-18 22:02 801,792 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
2007-12-16 22:43 3,051,520 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
2007-12-15 13:33 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2007-12-15 13:33 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-12-02 12:54 --------- d-----w C:\Program Files\VirginBroadband
2007-11-24 14:30 512 ----a-w C:\ScanSectorLog.dat
2007-11-14 16:05 75,248 ----a-w C:\WINDOWS\zllsputility.exe
2007-11-14 16:05 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll
2007-11-07 09:26 721,920 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-10-29 22:35 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2007-09-25 13:39 94,323 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_09_24_22_33_46_small.dmp.zip
2007-08-18 15:47 96,708 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_08_18_16_33_22_small.dmp.zip
2007-07-29 08:58 85,749 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_07_28_21_43_38_small.dmp.zip
2007-07-02 15:52 20,801,871 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_07_01_22_35_31_full.dmp.zip
2007-07-01 10:21 83,867 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_06_30_22_33_13_small.dmp.zip
2007-05-27 09:58 82,052 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_05_26_20_48_47_small.dmp.zip
2007-05-20 09:19 85,492 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_05_19_22_42_47_small.dmp.zip
2007-05-06 09:48 85,931 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_05_05_21_56_18_small.dmp.zip
2007-04-29 08:38 84,596 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_04_28_22_59_11_small.dmp.zip
2007-04-23 06:20 83,415 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_04_22_21_54_20_small.dmp.zip
.
((((((((((((((((((((((((((((( snapshot@2008-01-27_18.53.20.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-27 21:46:51 4,608 ----a-w C:\WINDOWS\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\extensibility.dll
+ 2008-01-27 21:46:49 8,007,680 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
+ 2008-01-27 21:46:21 80,696 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Access.Dao\12.0.0.0__71e9bce111e9429c\Microsoft.Office.interop.access.dao.dll
+ 2008-01-27 21:46:37 20,280 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Visio.SaveAsWeb\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Visio.SaveAsWeb.dll
+ 2008-01-27 21:46:37 871,216 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Visio\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Visio.dll
+ 2008-01-27 21:46:42 80,688 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.VisOcx\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.VisOcx.dll
+ 2008-01-27 21:46:48 13,312 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.stdformat.dll
+ 2008-01-27 21:46:32 371,496 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop.Forms\11.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.Forms.dll
+ 2008-01-27 21:46:32 64,288 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Vbe.Interop.dll
+ 2008-01-27 21:46:32 416,544 ----a-w C:\WINDOWS\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL
+ 2008-01-27 21:46:47 12,632 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Visio.SaveAsWeb\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Visio.SaveAsWeb.dll
+ 2008-01-27 21:46:47 12,096 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.Visio\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.Visio.dll
+ 2008-01-27 21:46:47 12,104 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Office.Interop.VisOcx\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Office.Interop.VisOcx.dll
+ 2008-01-27 21:46:43 12,080 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.Microsoft.Vbe.Interop\12.0.0.0__71e9bce111e9429c\Policy.11.0.Microsoft.Vbe.Interop.dll
+ 2008-01-27 21:46:43 11,544 ----a-w C:\WINDOWS\assembly\GAC\Policy.11.0.office\12.0.0.0__71e9bce111e9429c\Policy.11.0.Office.dll
- 2008-01-27 18:39:11 1,425,408 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000001\NTUSER.DAT
+ 2008-01-29 07:08:04 1,425,408 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000001\NTUSER.DAT
- 2008-01-27 18:39:11 12,288 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000002\UsrClass.dat
+ 2008-01-29 07:08:04 12,288 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000002\UsrClass.dat
- 2008-01-27 18:39:11 1,425,408 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000003\NTUSER.DAT
+ 2008-01-29 07:08:04 1,425,408 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000003\NTUSER.DAT
- 2008-01-27 18:39:11 12,288 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000004\UsrClass.dat
+ 2008-01-29 07:08:04 12,288 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000004\UsrClass.dat
- 2008-01-27 18:39:12 20,119,552 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000005\NTUSER.DAT
+ 2008-01-29 07:08:05 20,131,840 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000005\NTUSER.DAT
- 2008-01-27 18:39:12 212,992 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000006\UsrClass.dat
+ 2008-01-29 07:08:05 212,992 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\
00000006\UsrClass.dat
+ 2000-08-31 08:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
+ 2006-10-26 19:49:48 1,011,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109010090400000000000F01FEC\12.0.4518\MSDAIPP.DLL
+ 2006-10-26 19:49:46 970,528 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109010090400000000000F01FEC\12.0.4518\MSONSEXT.DLL
+ 2006-10-27 15:00:12 1,751,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ACECORE.DLL
+ 2006-10-27 15:00:10 576,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ACEDAO.DLL
+ 2006-10-27 15:00:06 47,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ACEERR.DLL
+ 2006-10-27 15:00:08 191,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ACEES.DLL
+ 2006-10-26 20:13:34 338,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ACEEXCH.DLL
+ 2006-10-26 20:13:44 629,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ACEEXCL.DLL
+ 2006-10-26 20:13:28 207,736 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ACELTS.DLL
+ 2006-10-26 20:13:32 279,352 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ACEODBC.DLL
+ 2006-10-26 20:13:08 15,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ACEODDBS.DLL
+ 2006-10-26 20:13:08 15,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ACEODEXL.DLL
+ 2006-10-26 20:13:08 15,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ACEODPDX.DLL
+ 2006-10-26 20:13:12 15,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ACEODTXT.DLL
+ 2006-10-27 15:00:06 387,960 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ACEOLEDB.DLL
+ 2006-10-26 20:13:38 392,048 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ACEPDE.DLL
+ 2006-10-26 20:13:30 260,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ACER2X.DLL
+ 2006-10-26 20:13:32 289,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ACER3X.DLL
+ 2006-10-26 20:13:20 56,120 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ACERCLR.DLL
+ 2006-10-26 20:13:38 551,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ACEREP.DLL
+ 2006-10-26 20:13:30 224,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ACETXT.DLL
+ 2006-10-27 15:40:34 208,760 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ACEWSS.DLL
+ 2006-10-26 20:13:34 371,568 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ACEXBE.DLL
+ 2006-10-26 22:59:58 913,720 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\AEC.DLL
+ 2006-10-26 22:59:48 591,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\BSTORM.DLL
+ 2006-10-27 15:41:04 399,640 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\CDLMSO.DLL
+ 2006-10-26 19:59:24 205,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\CLVIEW.EXE
+ 2006-10-26 22:59:52 703,288 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\DBENGR.DLL
+ 2006-10-27 15:09:46 986,928 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\DRILLDWN.DLL
+ 2006-10-26 19:48:14 439,568 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\DWDCW20.DLL
+ 2006-10-26 22:58:24 144,664 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\DWGCNV.DLL
+ 2006-10-26 23:00:12 1,929,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\DWGDP.DLL
+ 2006-10-26 19:48:14 434,528 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\DWTRIG20.EXE
+ 2006-10-26 23:00:06 1,179,424 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\FACILITY.DLL
+ 2006-10-26 19:21:24 1,682,232 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\FPSRVUTL.DLL
+ 2006-10-27 15:09:36 983,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\FPWEC.DLL
+ 2006-10-26 23:00:02 969,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\GANTT.DLL
+ 2006-10-26 22:59:16 325,928 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\HVAC.DLL
+ 2006-10-26 20:12:52 173,328 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\IEAWSDC.DLL
+ 2006-10-26 19:55:10 828,704 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\MEDCAT.DLL
+ 2006-10-26 13:58:14 117,552 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\MSCONV97.DLL
+ 2006-10-27 15:26:40 16,870,712 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\MSO.DLL
+ 2006-10-27 14:59:06 161,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\MSOCF.DLL
+ 2006-10-26 19:48:12 14,664 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\MSOCFU.DLL
+ 2006-10-26 20:12:58 428,816 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\MSODCW.DLL
+ 2006-10-26 21:13:36 26,936 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\MSOEURO.DLL
+ 2006-10-26 20:00:08 6,635,320 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\MSORES.DLL
+ 2006-10-26 13:56:36 436,520 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\MSORUN.DLL
+ 2006-10-26 13:56:40 505,136 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\MSSOAP30.DLL
+ 2006-10-26 19:55:12 832,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\MSTORDB.EXE
+ 2006-10-26 19:55:06 538,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\MSTORES.DLL
+ 2006-10-26 20:12:30 65,824 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\NAME.DLL
+ 2006-10-27 15:14:34 14,151,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\OART.DLL
+ 2006-10-26 20:06:54 232,816 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ODEPLOY.EXE
+ 2006-10-26 20:14:06 7,033,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\OFFOWC.DLL
+ 2006-10-27 15:18:36 1,658,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\OGL.DLL
+ 2006-10-26 20:00:08 274,744 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\OIS.EXE
+ 2006-10-26 20:00:12 998,208 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\OISAPP.DLL
+ 2006-10-26 20:00:10 285,008 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\OISGRAPH.DLL
+ 2006-10-26 23:00:08 1,241,928 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ORGCHART.DLL
+ 2006-10-26 22:59:36 464,704 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\ORGCHWIZ.DLL
+ 2006-10-26 20:07:04 6,536,992 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\OSETUP.DLL
+ 2006-07-26 18:53:56 459,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\OUTLFLTR.DLL
+ 2006-10-26 22:59:46 570,664 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\PE.DLL
+ 2006-10-26 21:30:44 482,088 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\PORTCONN.DLL
+ 2006-10-26 21:13:38 38,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\REFEDIT.DLL
+ 2006-10-26 20:13:00 503,624 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\SELFCERT.EXE
+ 2006-10-26 20:06:58 439,600 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\SETUP.EXE
+ 2006-10-26 23:00:12 1,837,344 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\SG.DLL
+ 2006-10-27 14:57:08 2,330,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\STSLIST.DLL
+ 2006-10-26 23:00:02 966,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\TIMESOLN.DLL
+ 2006-10-26 23:00:10 1,492,264 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\UML.DLL
+ 2006-10-26 22:58:38 6,180,664 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\VISBRGR.DLL
+ 2006-10-26 22:58:36 2,222,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\VISFILT.DLL
+ 2006-10-27 15:09:44 386,848 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\VISGRF.DLL
+ 2006-10-27 15:09:42 183,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\VISIO.EXE
+ 2006-10-27 15:09:48 11,644,720 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\VISLIB.DLL
+ 2006-10-26 22:59:52 727,872 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\VISWEB.DLL
+ 2006-10-26 22:59:30 421,688 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\
00002109150000000000000000F01FEC\12.0.4518\XFUNC.DLL
+ 2008-01-28 08:27:51 20,240 ----a-r C:\WINDOWS\Installer\{90120000-0051-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-01-28 08:27:51 217,864 ----a-r C:\WINDOWS\Installer\{90120000-0051-0000-0000-0000000FF1CE}\misc.exe
+ 2008-01-28 08:27:51 18,704 ----a-r C:\WINDOWS\Installer\{90120000-0051-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-01-28 08:27:51 35,088 ----a-r C:\WINDOWS\Installer\{90120000-0051-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-01-28 08:27:51 327,952 ----a-r C:\WINDOWS\Installer\{90120000-0051-0000-0000-0000000FF1CE}\visicon.exe
+ 2008-01-28 08:28:41 217,864 ----a-r C:\WINDOWS\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
- 2006-09-26 12:09:04 84,096 ----a-w C:\WINDOWS\system32\drivers\Rtnicxp.sys
+ 2007-11-20 11:09:22 104,320 ----a-w C:\WINDOWS\system32\drivers\Rtnicxp.sys
- 2007-06-06 09:53:34 1,195,888 ----a-w C:\WINDOWS\system32\FM20.DLL
+ 2007-08-23 01:03:38 1,195,888 ----a-w C:\WINDOWS\system32\FM20.DLL
- 2007-03-22 18:17:04 35,440 ----a-w C:\WINDOWS\system32\FM20ENU.DLL
+ 2006-10-26 14:10:06 33,088 ----a-w C:\WINDOWS\system32\FM20ENU.DLL
- 2007-09-21 15:35:31 243,128 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-01-28 07:21:02 265,416 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2002-08-21 05:10:16 204,800 ----a-w C:\WINDOWS\system32\INKED.DLL
+ 2006-10-26 13:45:04 207,360 ----a-w C:\WINDOWS\system32\INKED.DLL
- 2007-04-24 10:32:06 1,485,696 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll
+ 2007-10-11 14:12:48 1,468,968 ----a-w C:\WINDOWS\system32\LegitCheckControl.dll
+ 2006-09-26 12:09:04 84,096 ----a-w C:\WINDOWS\system32\ReinstallBackups\
0018\DriverFiles\Rtnicxp.sys
- 2002-08-21 05:13:12 189,952 ----a-w C:\WINDOWS\system32\WISPTIS.EXE
+ 2006-10-26 13:45:04 293,376 ----a-w C:\WINDOWS\system32\WISPTIS.EXE
- 2008-01-27 18:48:53 163,436 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\bases\sfdb.dat
+ 2008-01-29 07:20:42 198,020 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\bases\sfdb.dat
- 2008-01-27 18:49:46 82,042 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\
0fdf6651ec58af7738a5f192a16308f3.dll
+ 2008-01-29 07:20:18 82,042 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\
0fdf6651ec58af7738a5f192a16308f3.dll
- 2008-01-27 18:49:38 32,870 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\1c4c331123ae5269fbd179de68e18722.dll
+ 2008-01-29 07:20:12 32,870 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\1c4c331123ae5269fbd179de68e18722.dll
- 2008-01-27 18:49:31 41,080 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\33dea2ee1515e1c0eedfcd55d2d0540f.dll
+ 2008-01-29 07:20:04 41,080 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\33dea2ee1515e1c0eedfcd55d2d0540f.dll
- 2008-01-27 18:49:28 41,060 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\37dbb36b1afb4153f311e1937d13beb9.dll
+ 2008-01-29 07:19:56 41,060 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\37dbb36b1afb4153f311e1937d13beb9.dll
- 2008-01-27 18:49:30 90,213 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\3dab63509796d9defe82e7c8f292cdc2.dll
+ 2008-01-29 07:19:58 90,213 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\3dab63509796d9defe82e7c8f292cdc2.dll
- 2008-01-27 18:49:29 24,681 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\426234b03a6207e763a72e588f8ed8de.dll
+ 2008-01-29 07:19:58 24,681 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\426234b03a6207e763a72e588f8ed8de.dll
- 2008-01-27 18:49:28 20,576 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\463172d63e5c347ebd2a2c9f3e30a769.dll
+ 2008-01-29 07:19:56 20,576 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\463172d63e5c347ebd2a2c9f3e30a769.dll
- 2008-01-27 18:49:42 20,594 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\480ac5427cb6705921c199c825f6feda.dll
+ 2008-01-29 07:20:17 20,594 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\480ac5427cb6705921c199c825f6feda.dll
- 2008-01-27 18:50:27 28,779 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\4e2f70cf514e42eb8319b6c42723ed06.dll
+ 2008-01-29 07:20:49 28,779 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\4e2f70cf514e42eb8319b6c42723ed06.dll
- 2008-01-27 18:49:47 41,057 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\563d7ead40b59c49009856a0b10f2014.dll
+ 2008-01-29 07:20:20 41,057 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\563d7ead40b59c49009856a0b10f2014.dll
- 2008-01-27 18:50:11 36,965 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\5665e9d91ffd5329b4b069811edd98e1.dll
+ 2008-01-29 07:20:37 36,965 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\5665e9d91ffd5329b4b069811edd98e1.dll
- 2008-01-27 18:49:25 802,902 ----a-w C:\WINDOWS\Temp\pdk-SYSTEM\5f4010392d26de2972604a5df777f946\perl58.dll
+ 2008-01-29 07:19:51 802,902 ----a-w C:\WINDOWS\Temp\pdk-SYSTEM\5f4010392d26de2972604a5df777f946\perl58.dll
- 2008-01-27 18:49:30 32,871 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\619eb23c53abde1a9d9d6b8d81ccd746.dll
+ 2008-01-29 07:20:00 32,871 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\619eb23c53abde1a9d9d6b8d81ccd746.dll
- 2008-01-27 18:49:40 110,697 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\6b58dab08175faa9470d9b8f08345f77.dll
+ 2008-01-29 07:20:14 110,697 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\6b58dab08175faa9470d9b8f08345f77.dll
- 2008-01-27 18:49:34 819,261 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\7718c08cc46695fc3fef36d1131eac8d.dll
+ 2008-01-29 07:20:08 819,261 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\7718c08cc46695fc3fef36d1131eac8d.dll
- 2008-01-27 18:49:39 24,687 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\804a82b53759189a7786eee16508a628.dll
+ 2008-01-29 07:20:13 24,687 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\804a82b53759189a7786eee16508a628.dll
- 2008-01-27 18:49:48 28,794 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\8715287e64467664fda73ee36a680ad6.dll
+ 2008-01-29 07:20:20 28,794 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\8715287e64467664fda73ee36a680ad6.dll
- 2008-01-27 18:49:45 65,642 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\8d9ba91df5b696882e70aa59f4766acb.dll
+ 2008-01-29 07:20:18 65,642 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\8d9ba91df5b696882e70aa59f4766acb.dll
- 2008-01-27 18:49:31 24,670 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\93e8018418e0dd3aeabcea5210c424d9.dll
+ 2008-01-29 07:20:05 24,670 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\93e8018418e0dd3aeabcea5210c424d9.dll
- 2008-01-27 18:49:46 41,082 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\95e9a2327e375c6b6f41bca6adf49352.dll
+ 2008-01-29 07:20:19 41,082 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\95e9a2327e375c6b6f41bca6adf49352.dll
- 2008-01-27 18:49:41 20,590 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\9e11e8cf40c66b8d30f95ce783f2ac0b.dll
+ 2008-01-29 07:20:15 20,590 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\9e11e8cf40c66b8d30f95ce783f2ac0b.dll
- 2008-01-27 18:49:30 1,040,497 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\a507fccf2be25b878761a66bf411c201.dll
+ 2008-01-29 07:20:00 1,040,497 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\a507fccf2be25b878761a66bf411c201.dll
- 2008-01-27 18:49:31 143,483 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\abaa64637ebb3715a020574efc3032f8.dll
+ 2008-01-29 07:20:04 143,483 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\abaa64637ebb3715a020574efc3032f8.dll
- 2008-01-27 18:49:42 32,879 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\ad76515ff4d1de346e3888790190a3c0.dll
+ 2008-01-29 07:20:17 32,879 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\ad76515ff4d1de346e3888790190a3c0.dll
- 2008-01-27 18:49:47 24,680 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\b2a041897a5d2e9486f60c2f6017af23.dll
+ 2008-01-29 07:20:20 24,680 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\b2a041897a5d2e9486f60c2f6017af23.dll
- 2008-01-27 18:49:44 28,794 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\b44b56de153a5879c1b84993c5cdadfa.dll
+ 2008-01-29 07:20:17 28,794 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\b44b56de153a5879c1b84993c5cdadfa.dll
- 2008-01-27 18:49:29 24,706 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\baf7b671cd22e344218d4404c5715954.dll
+ 2008-01-29 07:19:57 24,706 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\baf7b671cd22e344218d4404c5715954.dll
- 2008-01-27 18:49:33 94,300 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\bbd2dcfa51103025d57caa776bc1047b.dll
+ 2008-01-29 07:20:07 94,300 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\bbd2dcfa51103025d57caa776bc1047b.dll
- 2008-01-27 18:49:43 24,696 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\bd9a153164799d8be71e6a02e5c8cc4b.dll
+ 2008-01-29 07:20:17 24,696 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\bd9a153164799d8be71e6a02e5c8cc4b.dll
- 2008-01-27 18:49:40 24,679 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\c0bb48510a66e6fdcb5936be6801222d.dll
+ 2008-01-29 07:20:15 24,679 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\c0bb48510a66e6fdcb5936be6801222d.dll
- 2008-01-27 18:49:47 24,683 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\c537490a8d5597db7ef38c63a14dd378.dll
+ 2008-01-29 07:20:19 24,683 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\c537490a8d5597db7ef38c63a14dd378.dll
- 2008-01-27 18:49:32 131,149 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\c92f1c7d4396f53f4c5d352e2bd8c9a9.dll
+ 2008-01-29 07:20:07 131,149 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\c92f1c7d4396f53f4c5d352e2bd8c9a9.dll
- 2008-01-27 18:49:32 28,790 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\cd36294c81a9e8872c0bc2638facfd15.dll
+ 2008-01-29 07:20:06 28,790 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\cd36294c81a9e8872c0bc2638facfd15.dll
- 2008-01-27 18:49:40 94,320 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\cd6be9554293967a36ad1075b097a79b.dll
+ 2008-01-29 07:20:14 94,320 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\cd6be9554293967a36ad1075b097a79b.dll
- 2008-01-27 18:49:32 86,138 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\df3d88a56622b79eb806b7ec6d5febc2.dll
+ 2008-01-29 07:20:05 86,138 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\df3d88a56622b79eb806b7ec6d5febc2.dll
- 2008-01-27 18:49:39 36,966 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\e247dd11d21a2bfdb97ad0cdd295b32d.dll
+ 2008-01-29 07:20:13 36,966 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\e247dd11d21a2bfdb97ad0cdd295b32d.dll
- 2008-01-27 18:49:43 32,888 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\e51718032942dd5fb4b1590be1ec8d83.dll
+ 2008-01-29 07:20:17 32,888 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\e51718032942dd5fb4b1590be1ec8d83.dll
- 2008-01-27 18:49:33 24,676 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\ea8f9cce13d067ab0d898ca399b403ed.dll
+ 2008-01-29 07:20:08 24,676 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\ea8f9cce13d067ab0d898ca399b403ed.dll
- 2008-01-27 18:49:37 20,567 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\fa142febd5dc53f93f911452e1a99387.dll
+ 2008-01-29 07:20:11 20,567 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\fa142febd5dc53f93f911452e1a99387.dll
- 2008-01-27 18:49:28 82,020 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\fb2e449d6244301907de33f5adebdb35.dll
+ 2008-01-29 07:19:57 82,020 ----a-r C:\WINDOWS\Temp\pdk-SYSTEM\fb2e449d6244301907de33f5adebdb35.dll
+ 2008-01-29 07:19:11 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_404.dat
+ 2007-08-23 00:18:08 96,256 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2007-08-23 00:18:08 1,101,824 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2007-08-23 00:18:08 1,093,120 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2007-08-23 00:18:08 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2007-08-23 00:18:08 57,856 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2007-08-23 00:18:08 40,960 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2007-08-23 00:18:08 45,056 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2007-08-23 00:18:08 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2007-08-23 00:18:08 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2007-08-23 00:18:08 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2007-08-23 00:18:08 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2007-08-23 00:18:08 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2007-08-23 00:18:08 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2007-08-23 00:18:08 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 12:00 15360]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54 5674352]
"PeerGuardian"="C:\Program Files\PeerGuardian2\pg2.exe" [2005-09-18 17:40 1421824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"OCAudioIni"="C:\Program Files\One-click Audio Converter\OCAudioIni.exe" [2007-03-12 13:06 57344]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-07-19 11:03 94208 C:\WINDOWS\KHALMNPR.Exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-09-29 10:45 16050688 C:\WINDOWS\RTHDCPL.EXE]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 18:51 39792]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 11:35 90112]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-07-19 11:03 94208 C:\WINDOWS\KHALMNPR.Exe]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-11-14 16:05 919016]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-10 15:27 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-01-15 03:22 267048]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 12:00 15360]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-01-24 07:39:15 125624]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2006-10-18 08:41:24 671744]
SlimServer Tray Tool.lnk - C:\Program Files\SlimServer\SlimTray.exe [2007-01-15 13:29:06 1790039]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OdysseyClient]
odyEvent.dll 2005-12-06 18:16 106496 C:\WINDOWS\system32\odyEvent.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OdTray.exe]
--a------ 2004-08-17 12:42 970810 C:\Program Files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\OdTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zone Labs Client]
--a------ 2007-11-14 16:05 919016 C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"High Definition Audio Property Page Shortcut"=HDAShCut.exe
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
R1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys [2007-12-23 21:08]
R2 LBeepKE;LBeepKE;C:\WINDOWS\system32\Drivers\LBeepKE.sys [2006-09-01 11:32]
R2 PGPsdkDriver;PGPsdkDriver;C:\WINDOWS\system32\Drivers\PGPsdk.sys [2002-11-26 15:05]
R2 PGPsdkServ;PGPsdkService;C:\WINDOWS\system32\PGPsdkServ.exe [2002-11-26 15:05]
R2 Prvflder;Prvflder;C:\WINDOWS\system32\DRIVERS\prvflder.sys [2006-04-21 08:22]
R2 SlimServerMySQL;SlimServerMySQL;C:\PROGRA~1\SLIMSE~1\server\Bin\MSWIN3~1\mysqld.exe [2007-08-15 17:23]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2004-08-04 12:00]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 21:38]
R3 odysseyIM3;Odyssey Network Services Miniport;C:\WINDOWS\system32\DRIVERS\odysseyIM3.sys [2004-08-17 11:44]
R3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2006-09-05 01:16]
R3 vncmirror;vncmirror;C:\WINDOWS\system32\DRIVERS\vncmirror.sys [2007-08-15 16:15]
S3 p2pgasvc;Peer Networking Group Authentication;C:\WINDOWS\system32\svchost.exe [2004-08-04 12:00]
S3 p2pimsvc;Peer Networking Identity Manager;C:\WINDOWS\system32\svchost.exe [2004-08-04 12:00]
S3 p2psvc;Peer Networking;C:\WINDOWS\system32\svchost.exe [2004-08-04 12:00]
S3 PCNat;PC-Nat Miniport;C:\WINDOWS\system32\DRIVERS\pcnat.sys [2003-03-26 12:51]
S3 PNRPSvc;Peer Name Resolution Protocol;C:\WINDOWS\system32\svchost.exe [2004-08-04 12:00]
S3 siusbmod;siusbmod;C:\WINDOWS\system32\DRIVERS\siusbmod.sys []
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 16:57]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 16:58]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 16:59]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-01-20 17:33]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
"2008-01-20 17:33:24 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
"2008-01-25 17:46:05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-01-29 07:21:19
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-01-29 7:24:14 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-29 07:24:07
ComboFix2.txt 2008-01-27 18:54:16
.
2008-01-21 19:31:06 --- E O F ---
HiJackThis LogLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:13:09, on 29/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\odClientService.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\PeerGuardian2\pg2.exe
C:\WINDOWS\system32\PGPsdkServ.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe
C:\Program Files\SlimServer\SlimTray.exe
C:\PROGRA~1\SLIMSE~1\server\Bin\MSWIN3~1\mysqld.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\SlimServer\server\slim.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier\mantispm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\HJT\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.bbc.co.uk/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://red.clientapps.yahoo.com/customi ... .yahoo.comR1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8088
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;192.168.*;<local>
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [OCAudioIni] C:\Program Files\One-click Audio Converter\OCAudioIni.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: SlimServer Tray Tool.lnk = C:\Program Files\SlimServer\SlimTray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupda ... 3890420875O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Odyssey Client for Fujitsu Siemens Computers (odClientService) - Funk Software, Inc. - C:\Program Files\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\odClientService.exe
O23 - Service: PGPsdkService (PGPsdkServ) - PGP Corporation - C:\WINDOWS\system32\PGPsdkServ.exe
O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: SlimServerMySQL - Unknown owner - C:\PROGRA~1\SLIMSE~1\server\Bin\MSWIN3~1\mysqld.exe
O23 - Service: SlimServer (slimsvc) - Unknown owner - C:\Program Files\SlimServer\server\slim.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - Unknown owner - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
--
End of file - 9190 bytes