Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Online scanner problems

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Online scanner problems

Unread postby koolkevdj » October 18th, 2008, 10:25 am

hi well my pc was ok after the problems i had last time and thx for your help on that,however i seem to have developed another problem,i cant run any online virus scanners at all & for some reason i cant run any exe. files from internet explorer,i get an error message say that windows cant find the specified drive,or you dont have permission.....or something like that.
hijack this log;
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:23:56, on 18/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\ups.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\wwSecure.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\TGVFDMsgservice.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Laplink\PCdefense\PCDefense.exe
C:\Program Files\vghd\VirtuaGirl_downloader.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\avgtoolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\avgtoolbar.dll
O4 - HKLM\..\Run: [TGX2_VFD] "C:\WINDOWS\system32\TGVFDMsgservice.exe"
O4 - HKLM\..\Run: [DefragTaskBar] "C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] "C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] "C:\PROGRA~1\AVG\AVG8\avgtray.exe"
O4 - HKLM\..\Run: [H2O] "C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [PCdefense ] C:\Program Files\Laplink\PCdefense\PCDefense.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: VirtuaGirl HD.LNK = C:\Program Files\vghd\vghd.exe
O4 - Global Startup: FreelineSchedule.lnk = C:\Freeline\FreelineSchedule.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.pcservicecall.co.uk
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.laplink.com/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-l ... cfscan.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: AntiLogger.dll,acaptuser32.dll,avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ashampoo Defrag Service (AshampooDefragService) - - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (http://www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Washer AutoComplete (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe

--
End of file - 12749 bytes
koolkevdj
Regular Member
 
Posts: 44
Joined: September 9th, 2008, 8:32 am
Advertisement
Register to Remove

Re: Online scanner problems

Unread postby Katana » October 25th, 2008, 6:26 pm

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.


Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:
  1. Please Read All Instructions Carefully
  2. If you don't understand something, stop and ask! Don't keep going on.
  3. Please do not run any other tools or scans whilst I am helping you
  4. Please continue to respond until I give you the "All Clear"
    (Just because you can't see a problem doesn't mean it isn't there)

If you can do those few things, everything should go smoothly :D

Please Note, your security programs may give warnings for some of the tools I will ask you to use.
Be assured, any links I give are safe


----------------------------------------------------------------------------------------

I apologize for the delay in responding, but as you can probably see the forums are quite busy.
Unfortunately there are far more people needing help than there are helpers.

If you still require help please do the following


Download and Run RSIT
  • Please download Random's System Information Tool by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open:
    • log.txt will be opened maximized.
    • info.txt will be opened minimized.
  • Please post the contents of both log.txt and info.txt.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Online scanner problems

Unread postby koolkevdj » October 26th, 2008, 4:36 am

HI THANKS FOR YOUR HELP,OK HERE ARE THE LOGS:
Logfile of random's system information tool (written by random/random)
Run by kevin miller at 2008-10-26 08:34:13
Microsoft Windows XP Professional Service Pack 3
System drive C: has 86 GB (31%) free of 282 GB
Total RAM: 2047 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:34:25, on 26/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\ups.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\wwSecure.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\TGVFDMsgservice.exe
C:\Program Files\Laplink\PCdefense\PCDefense.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
C:\Program Files\vghd\VirtuaGirl_downloader.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\Documents and Settings\kevin miller\My Documents\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\kevin miller.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\avgtoolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TrendProtect - {E3578B37-6346-4EC1-A82B-38273A100DCF} - C:\Program Files\Trend Micro\TrendProtect\MSIE\wrs.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\avgtoolbar.dll
O3 - Toolbar: TrendProtect - {F83BE649-1CC3-48EE-B2E2-0826CEF3822A} - C:\Program Files\Trend Micro\TrendProtect\MSIE\wrs.dll
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TGX2_VFD] "C:\WINDOWS\system32\TGVFDMsgservice.exe"
O4 - HKLM\..\Run: [PCdefense ] C:\Program Files\Laplink\PCdefense\PCDefense.exe
O4 - HKLM\..\Run: [H2O] "C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] "C:\PROGRA~1\AVG\AVG8\avgtray.exe"
O4 - HKLM\..\Run: [DefragTaskBar] "C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: VirtuaGirl HD.LNK = C:\Program Files\vghd\vghd.exe
O4 - Global Startup: FreelineSchedule.lnk = C:\Freeline\FreelineSchedule.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.pcservicecall.co.uk
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.laplink.com/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-l ... cfscan.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: trendprotect - {BC3A5F6F-12A0-4B14-A184-32939F413823} - C:\Program Files\Trend Micro\TrendProtect\MSIE\wrs.dll
O20 - AppInit_DLLs: AntiLogger.dll,acaptuser32.dll,avgrsstx.dll
O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ashampoo Defrag Service (AshampooDefragService) - - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Washer AutoComplete (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe

--
End of file - 12698 bytes

Scheduled tasks folder

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Laplink PCdefense.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\wrSpySweeperFullSweep.job

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-10-23 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-10-17 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\avgtoolbar.dll [2008-09-27 2055960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll [2008-10-05 652784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-09-04 121632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-10-17 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3578B37-6346-4EC1-A82B-38273A100DCF}]
BhoMisc Class - C:\Program Files\Trend Micro\TrendProtect\MSIE\wrs.dll [2007-09-07 566536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-10-17 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-08-13 2549368]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-09-04 121632]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-16 118784]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\avgtoolbar.dll [2008-09-27 2055960]
{F83BE649-1CC3-48EE-B2E2-0826CEF3822A} - TrendProtect - C:\Program Files\Trend Micro\TrendProtect\MSIE\wrs.dll [2007-09-07 566536]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-10-09 981904]
"TGX2_VFD"=C:\WINDOWS\system32\TGVFDMsgservice.exe [2004-11-06 233472]
"PCdefense "=C:\Program Files\Laplink\PCdefense\PCDefense.exe [2006-08-31 1585152]
"H2O"=C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2007-12-11 307200]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-10-23 1235736]
"DefragTaskBar"=C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe [2008-04-18 173408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\'Ashampoo AntiSpyWare 2 Guard']
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe [2008-09-08 2349912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
C:\WINDOWS\AGRSMMSG.exe [2004-10-08 88363]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-10-01 111936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ashampoo AntiSpyWare 2 Guard]
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe [2008-09-08 2349912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-08-25 339968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDAgent]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDMCon]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDNewsAgent]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CaPPcl]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cctray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CD-Ejector]
C:\Documents and Settings\kevin miller\My Documents\CD-Ejector\CD-Ejector.exe [2005-06-11 147456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DesktopMaestro]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-13 29744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe [2005-03-08 176128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-02-08 488984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe [2007-02-08 774168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-02-28 570664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress]
C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [2004-08-05 1335386]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2008-07-07 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE [2002-09-13 212992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
C:\Program Files\Registry Mechanic\regmech.exe [2008-07-08 2828184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-03 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2005-09-22 14854144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkinClock]
C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe [2008-03-05 526848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SM1BG]
C:\WINDOWS\SM1BG.EXE [2003-08-28 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe [2008-08-09 5418864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2008-10-17 136600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ThreatFire]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
C:\WINDOWS\system32\dumprep 0 -u []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BlueSoleil.lnk]
C:\PROGRA~1\IVTCOR~1\BLUESO~1\BLUESO~1.EXE [2005-06-15 1208320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^FreelineSchedule.lnk]
C:\Freeline\FREELI~1.EXE [2005-02-02 16384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^RaConfig2500.lnk]
C:\PROGRA~1\RALINK\RT2500~1\INSTAL~1\WINXP\RACONF~1.EXE [2004-09-20 528384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^kevin miller^Start Menu^Programs^Startup^ Registration.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^kevin miller^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE [2007-12-07 101440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^kevin miller^Start Menu^Programs^Startup^Registration Brothers In Arms.LNK]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^kevin miller^Start Menu^Programs^Startup^Shareaza Turbo Accelerator.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^kevin miller^Start Menu^Programs^Startup^Trend Micro Anti-Spyware.lnk]
C:\PROGRA~1\Trend Micro\Tmasy\Tmasy.exe [2008-10-22 1406480]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
FreelineSchedule.lnk - C:\Freeline\FreelineSchedule.exe

C:\Documents and Settings\kevin miller\Start Menu\Programs\Startup
VirtuaGirl HD.LNK - C:\Program Files\vghd\vghd.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="AntiLogger.dll,acaptuser32.dll,avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-07-04 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{1869181A-9F50-4FCF-8BFF-1B8588ECB85C}"= []
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"= []
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\Z]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2de79507-915a-11dd-a292-00142a5d2135}]
shell\AutoRun\command - I:\Launch.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d5653300-69b7-11dd-a189-00142a5d2135}]
shell\AutoRun\command - H:\Launch.exe


File associations

.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"

List of files/folders created in the last three months

2008-10-25 09:42:35 ----D---- C:\Program Files\Microsoft Plus! Digital Media Edition
2008-10-25 09:42:34 ----D---- C:\Program Files\Dancer Plus! LE de Microsoft
2008-10-24 19:52:37 ----D---- C:\Program Files\Uninstall
2008-10-24 17:01:32 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-24 08:32:33 ----A---- C:\WINDOWS\ntbtlog.txt
2008-10-24 07:48:11 ----D---- C:\Program Files\Adobe Media Player
2008-10-23 22:34:43 ----D---- C:\Program Files\AESTESIS
2008-10-23 18:54:52 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-23 18:49:34 ----D---- C:\Documents and Settings\kevin miller\Application Data\NuVJ
2008-10-23 18:49:02 ----D---- C:\Program Files\Apple Software Update
2008-10-22 10:00:42 ----A---- C:\WINDOWS\system32\tmmute.ini
2008-10-21 03:07:55 ----D---- C:\WINDOWS\Sun
2008-10-20 09:54:37 ----D---- C:\Downloads
2008-10-20 07:02:44 ----D---- C:\Documents and Settings\kevin miller\Application Data\Cycling '74
2008-10-20 07:02:06 ----D---- C:\Program Files\Neuromixer
2008-10-20 07:02:06 ----A---- C:\WINDOWS\system32\NMavmixerpro13T.txt
2008-10-20 07:02:06 ----A---- C:\WINDOWS\system32\NMavmixerpro10Prefs.txt
2008-10-17 18:56:37 ----D---- C:\Documents and Settings\kevin miller\Application Data\REAPER
2008-10-17 18:56:28 ----D---- C:\Program Files\REAPER
2008-10-17 17:50:43 ----A---- C:\WINDOWS\system32\javaws.exe
2008-10-17 17:50:43 ----A---- C:\WINDOWS\system32\javaw.exe
2008-10-17 17:50:43 ----A---- C:\WINDOWS\system32\java.exe
2008-10-17 17:50:43 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-10-17 17:49:34 ----D---- C:\Documents and Settings\kevin miller\Application Data\Sun
2008-10-16 17:50:55 ----D---- C:\WINDOWS\McAfee.com
2008-10-16 16:59:17 ----D---- C:\Program Files\QuickTime Alternative
2008-10-16 16:59:17 ----D---- C:\Program Files\Media Player Classic
2008-10-15 23:39:50 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2008-10-15 23:39:49 ----A---- C:\WINDOWS\system32\zlcomm.dll
2008-10-15 15:26:06 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-15 15:25:52 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-15 15:25:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-15 15:25:33 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-15 15:25:22 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-14 19:40:28 ----D---- C:\Documents and Settings\kevin miller\Application Data\DAEMON Tools Pro
2008-10-14 15:27:32 ----D---- C:\Program Files\Norton Security Scan
2008-10-13 16:56:10 ----D---- C:\Program Files\BitComet
2008-10-13 12:20:21 ----D---- C:\Program Files\Note
2008-10-12 13:38:06 ----A---- C:\WINDOWS\system32\Synsopos.exe
2008-10-12 10:51:33 ----D---- C:\nuendo
2008-10-07 19:50:02 ----D---- C:\Program Files\Eidos Interactive
2008-10-07 19:32:25 ----D---- C:\Documents and Settings\kevin miller\Application Data\Gearbox Software
2008-10-07 18:59:24 ----D---- C:\Program Files\Ubisoft
2008-10-07 18:44:46 ----D---- C:\Program Files\OpenAL
2008-10-07 18:44:46 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2008-10-07 18:44:45 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2008-10-07 18:24:40 ----D---- C:\Program Files\Oxygen Interactive
2008-10-07 10:19:43 ----A---- C:\WINDOWS\ProductKeyExplorer.INI
2008-10-07 08:15:30 ----D---- C:\Program Files\SWiSHstudio
2008-10-07 08:03:00 ----D---- C:\Program Files\KoolMoves
2008-10-07 07:45:54 ----D---- C:\Program Files\Spyware Doctor
2008-10-07 07:45:54 ----D---- C:\Documents and Settings\kevin miller\Application Data\PC Tools
2008-10-06 19:07:30 ----D---- C:\Documents and Settings\kevin miller\Application Data\BlackBean
2008-10-06 17:34:20 ----D---- C:\Documents and Settings\kevin miller\Application Data\SuperEasy Software
2008-10-06 09:14:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-10-05 20:55:13 ----A---- C:\WINDOWS\unins001.exe
2008-10-05 20:55:13 ----A---- C:\WINDOWS\system32\marblaxp.dll
2008-10-05 20:55:13 ----A---- C:\WINDOWS\system32\mapledxp.dll
2008-10-05 20:55:13 ----A---- C:\WINDOWS\system32\mapleapi.dll
2008-10-05 16:56:41 ----D---- C:\Program Files\MixMeister Fusion + Video
2008-10-05 14:15:49 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2008-10-05 12:43:21 ----A---- C:\Documents and Settings\kevin miller\Application Data\alarms.ini
2008-10-05 12:43:13 ----A---- C:\Documents and Settings\kevin miller\Application Data\AtomicAlarmClock.ini
2008-10-05 12:00:27 ----D---- C:\Documents and Settings\kevin miller\Application Data\Leadertech
2008-10-05 11:45:15 ----D---- C:\Program Files\Wondershare
2008-10-05 11:44:06 ----D---- C:\Program Files\Atomic Alarm Clock
2008-10-05 11:23:52 ----D---- C:\Program Files\Nufsoft
2008-10-05 10:09:57 ----RSHD---- C:\sys
2008-10-04 12:00:10 ----A---- C:\WINDOWS\system32\wvc1dmod.dll
2008-10-02 21:28:48 ----D---- C:\cubase
2008-10-02 19:41:59 ----A---- C:\WINDOWS\system32\SynsoLChk.dll
2008-10-02 19:41:58 ----D---- C:\Program Files\Syncrosoft
2008-10-01 19:48:59 ----A---- C:\WINDOWS\NeroDigital.ini
2008-10-01 19:41:30 ----D---- C:\Documents and Settings\kevin miller\Application Data\Nero
2008-10-01 19:35:21 ----D---- C:\Program Files\Nero
2008-10-01 19:35:21 ----D---- C:\Program Files\Common Files\Nero
2008-10-01 19:04:14 ----D---- C:\Program Files\Reference Assemblies
2008-10-01 19:03:32 ----N---- C:\WINDOWS\system32\spmsg2.dll
2008-10-01 18:42:47 ----A---- C:\WINDOWS\system32\regsvr32.exe.log
2008-10-01 17:50:26 ----A---- C:\WINDOWS\system32\ShellManager310E2D762.dll
2008-10-01 17:49:41 ----A---- C:\WINDOWS\Irremote.ini
2008-09-30 15:18:41 ----D---- C:\Program Files\Lexicon
2008-09-29 15:13:28 ----D---- C:\Documents and Settings\All Users\Application Data\Webroot
2008-09-29 15:13:28 ----A---- C:\WINDOWS\WRSetup.dll
2008-09-29 15:10:27 ----D---- C:\Program Files\Windows Resource Kits
2008-09-29 14:57:58 ----D---- C:\Program Files\Windows Installer Clean Up
2008-09-29 14:57:39 ----D---- C:\Program Files\MSECACHE
2008-09-28 10:00:09 ----A---- C:\WINDOWS\eidmgopd.ini
2008-09-27 11:16:05 ----A---- C:\WINDOWS\system32\ACAPTUSER32.DLL
2008-09-27 10:20:28 ----HD---- C:\$AVG8.VAULT$
2008-09-27 07:06:36 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-09-27 07:06:26 ----D---- C:\Documents and Settings\kevin miller\Application Data\AVGTOOLBAR
2008-09-26 21:20:28 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-09-26 18:08:32 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-26 17:48:50 ----D---- C:\Documents and Settings\kevin miller\Application Data\Mozilla
2008-09-24 16:32:42 ----D---- C:\Documents and Settings\kevin miller\Application Data\GrandVJ
2008-09-24 16:32:06 ----D---- C:\Program Files\ArKaos GrandVJ 1.0 FC1
2008-09-22 16:36:29 ----D---- C:\Documents and Settings\kevin miller\Application Data\Koblo
2008-09-22 16:36:29 ----A---- C:\WINDOWS\CentaurusApp.ini
2008-09-22 16:34:51 ----D---- C:\Program Files\Koblo
2008-09-21 22:15:38 ----D---- C:\Program Files\Flash Menu Factory
2008-09-20 03:17:21 ----D---- C:\Documents and Settings\kevin miller\Application Data\NetMedia Providers
2008-09-20 03:13:21 ----N---- C:\WINDOWS\system32\dbmsqlgc.dll
2008-09-20 03:13:21 ----N---- C:\WINDOWS\system32\dbmsgnet.dll
2008-09-20 03:12:08 ----D---- C:\Documents and Settings\All Users\Application Data\Sony
2008-09-20 03:05:10 ----D---- C:\Documents and Settings\kevin miller\Application Data\Sony Setup
2008-09-18 10:51:03 ----D---- C:\Program Files\CDXTRACT4
2008-09-18 06:43:04 ----D---- C:\Documents and Settings\kevin miller\Application Data\Publish Providers
2008-09-18 06:38:42 ----D---- C:\Documents and Settings\kevin miller\Application Data\Sony
2008-09-18 06:38:25 ----A---- C:\WINDOWS\system32\BASSMOD.dll
2008-09-18 06:36:37 ----D---- C:\Program Files\Sony
2008-09-18 06:35:37 ----D---- C:\Program Files\Sony Setup
2008-09-16 20:22:35 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-09-16 20:08:19 ----D---- C:\Program Files\Mozilla Firefox
2008-09-15 15:59:36 ----D---- C:\Documents and Settings\kevin miller\Application Data\PACE Anti-Piracy
2008-09-15 15:59:36 ----D---- C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
2008-09-15 15:59:35 ----D---- C:\Program Files\Common Files\PACE Anti-Piracy
2008-09-15 14:10:06 ----D---- C:\Program Files\InterLok
2008-09-15 14:05:23 ----N---- C:\WINDOWS\system32\ilinet.dll
2008-09-15 09:32:45 ----D---- C:\Documents and Settings\kevin miller\Application Data\VSRevoGroup
2008-09-14 10:20:02 ----D---- C:\fsaua.data
2008-09-14 09:13:32 ----D---- C:\Program Files\MP3Gain
2008-09-14 09:11:35 ----D---- C:\Program Files\Awave Studio
2008-09-13 23:36:27 ----D---- C:\Documents and Settings\All Users\Application Data\onOne Software
2008-09-13 23:26:28 ----D---- C:\Documents and Settings\kevin miller\Application Data\onOne Software
2008-09-13 23:26:25 ----D---- C:\Program Files\onOne Software
2008-09-13 23:22:16 ----A---- C:\WINDOWS\Snowflakes (plug-in) Uninstaller.exe
2008-09-13 23:19:54 ----SHD---- C:\WINDOWS\ftpcache
2008-09-13 23:19:44 ----A---- C:\WINDOWS\Natura Sound Therapy Uninstaller.exe
2008-09-13 23:19:39 ----D---- C:\Program Files\Natura Sound Therapy
2008-09-13 23:03:10 ----A---- C:\WINDOWS\system32\vfolx32n.dll
2008-09-13 23:02:04 ----D---- C:\Documents and Settings\kevin miller\Application Data\EBookSys
2008-09-13 23:00:55 ----D---- C:\Program Files\E-Book Systems
2008-09-13 20:23:26 ----D---- C:\Documents and Settings\All Users\Application Data\Particles
2008-09-13 20:12:06 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-09-13 20:05:19 ----D---- C:\WINDOWS\speech
2008-09-13 19:14:23 ----A---- C:\caisslog.txt
2008-09-13 18:48:13 ----D---- C:\Program Files\VS Revo Group
2008-09-13 16:26:54 ----D---- C:\Documents and Settings\kevin miller\Application Data\Simply Super Software
2008-09-13 16:09:54 ----A---- C:\WINDOWS\system32\ztvunrar36.dll
2008-09-13 16:09:54 ----A---- C:\WINDOWS\system32\ztvunace26.dll
2008-09-13 16:09:54 ----A---- C:\WINDOWS\system32\ztvcabinet.dll
2008-09-13 16:09:54 ----A---- C:\WINDOWS\system32\unacev2.dll
2008-09-13 16:09:53 ----A---- C:\WINDOWS\system32\UNRAR3.dll
2008-09-13 14:30:20 ----D---- C:\Documents and Settings\All Users\Application Data\SpeedBit
2008-09-13 09:34:32 ----D---- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-09-13 08:56:07 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2008-09-13 08:54:24 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2008-09-13 08:53:34 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2008-09-13 08:52:17 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-09-12 09:21:41 ----D---- C:\rsit
2008-09-12 09:07:55 ----D---- C:\WINDOWS\system32\LogFiles
2008-09-12 09:06:34 ----HDC---- C:\WINDOWS\$NtUninstallKB925766$
2008-09-11 14:07:34 ----A---- C:\WINDOWS\Sam10_E.INI
2008-09-10 22:18:07 ----A---- C:\WINDOWS\system32\ArmAccess.dll
2008-09-10 22:18:06 ----A---- C:\WINDOWS\system32\SHDOC401.DLL
2008-09-10 22:18:05 ----D---- C:\Program Files\PC Doc Pro
2008-09-10 20:08:43 ----D---- C:\Documents and Settings\All Users\Application Data\AraldFX
2008-09-10 17:19:57 ----D---- C:\WINDOWS\Corel
2008-09-10 17:09:20 ----A---- C:\WINDOWS\AVPuzzlePro12.ini
2008-09-10 17:09:19 ----A---- C:\WINDOWS\AVUNTOOL.EXE
2008-09-10 16:22:29 ----D---- C:\Program Files\Extensis
2008-09-10 16:07:52 ----A---- C:\WINDOWS\uninst.exe
2008-09-10 15:37:59 ----D---- C:\Program Files\Kodak
2008-09-10 14:49:12 ----D---- C:\Documents and Settings\kevin miller\Application Data\Alien Skin
2008-09-10 14:46:02 ----D---- C:\Program Files\Alien Skin
2008-09-10 12:59:05 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-09 16:34:47 ----D---- C:\Documents and Settings\kevin miller\Application Data\Malwarebytes
2008-09-09 16:34:32 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-09 15:13:29 ----D---- C:\Program Files\Trend Micro
2008-09-09 07:59:52 ----A---- C:\WINDOWS\system32\zpeng25.dll
2008-09-09 03:38:41 ----D---- C:\Documents and Settings\All Users\Application Data\Avg8
2008-09-09 02:20:02 ----D---- C:\WINDOWS\Profiles
2008-09-08 20:12:17 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-09-08 20:12:02 ----D---- C:\Program Files\SUPERAntiSpyware
2008-09-08 20:12:02 ----D---- C:\Documents and Settings\kevin miller\Application Data\SUPERAntiSpyware.com
2008-09-08 20:02:40 ----HD---- C:\WINDOWS\system32\GroupPolicy
2008-09-07 18:40:52 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2008-09-07 18:40:19 ----D---- C:\Program Files\Windows Media Connect 2
2008-09-07 18:40:02 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-09-07 18:38:20 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-09-07 18:37:00 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-09-07 17:42:12 ----HDC---- C:\WINDOWS\$NtUninstallKB900325$
2008-09-07 17:39:55 ----HDC---- C:\WINDOWS\$NtUninstallKB903157$
2008-09-06 11:31:50 ----D---- C:\Program Files\IObit
2008-09-06 09:54:57 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2008-09-06 09:54:57 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2008-09-06 09:54:56 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2008-09-06 09:54:55 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2008-09-06 09:54:55 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2008-09-06 09:54:53 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2008-09-06 09:54:52 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2008-09-06 09:54:52 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2008-09-06 09:54:51 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2008-09-06 09:54:50 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2008-09-06 09:54:49 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2008-09-06 09:54:49 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2008-09-06 09:54:48 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2008-09-06 09:54:47 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2008-09-06 09:54:46 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2008-09-06 09:54:45 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2008-09-06 09:54:44 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2008-09-06 09:54:44 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2008-09-06 09:54:42 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2008-09-06 09:54:40 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2008-09-06 09:54:38 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2008-09-06 09:54:38 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2008-09-06 09:54:37 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2008-09-06 09:54:36 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2008-09-06 09:54:34 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2008-09-06 09:54:34 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2008-09-06 09:54:33 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2008-09-06 09:54:32 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2008-09-06 09:54:32 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2008-09-06 09:54:31 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2008-09-06 09:54:31 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2008-09-06 09:54:30 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2008-09-06 09:54:29 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2008-09-06 09:54:28 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2008-09-06 09:54:26 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2008-09-06 09:54:26 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2008-09-06 09:54:23 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2008-09-06 09:54:22 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2008-09-06 09:54:19 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2008-09-06 09:54:18 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2008-09-06 09:54:17 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2008-09-06 09:54:17 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2008-09-06 09:54:16 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2008-09-06 09:54:14 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2008-09-06 09:54:14 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2008-09-06 09:54:13 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2008-09-06 09:54:12 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-09-06 09:54:11 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2008-09-06 09:54:06 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2008-09-06 09:54:06 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2008-09-06 09:54:05 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-09-06 09:54:04 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-09-06 09:54:03 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-09-06 09:54:02 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-09-06 09:54:01 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-09-04 17:20:22 ----A---- C:\WINDOWS\system32\notepad.exe.rmv
2008-09-04 12:53:07 ----A---- C:\WINDOWS\system32\avgrsstx(2).dll
2008-09-04 12:52:42 ----D---- C:\Program Files\AVG
2008-09-02 21:21:28 ----D---- C:\Documents and Settings\kevin miller\Application Data\Samsung
2008-09-02 21:03:13 ----A---- C:\WINDOWS\system32\framedyn.dll
2008-09-02 21:01:54 ----D---- C:\WINDOWS\system32\Samsung_USB_Drivers
2008-09-02 21:00:01 ----D---- C:\Program Files\Samsung
2008-09-01 10:43:27 ----HD---- C:\WINDOWS\msdownld.tmp
2008-09-01 10:43:18 ----D---- C:\WINDOWS\Logs
2008-09-01 09:01:17 ----D---- C:\Documents and Settings\kevin miller\Application Data\Steinberg
2008-08-31 18:42:13 ----D---- C:\Program Files\Common Files\DirectX
2008-08-31 18:37:58 ----D---- C:\Program Files\THQ
2008-08-30 19:04:54 ----D---- C:\Program Files\iPod
2008-08-30 19:04:50 ----D---- C:\Program Files\iTunes
2008-08-29 20:29:15 ----A---- C:\WINDOWS\DNAPrinters.ini
2008-08-29 17:17:38 ----A---- C:\WINDOWS\system32\MSVCR70d.dll
2008-08-29 14:39:25 ----D---- C:\Program Files\Tone2
2008-08-29 09:18:58 ----A---- C:\WINDOWS\system32\dns-sd.exe
2008-08-29 08:53:50 ----A---- C:\WINDOWS\system32\dnssd.dll
2008-08-28 20:09:04 ----A---- C:\WINDOWS\system32\libmmd.dll
2008-08-28 16:16:43 ----D---- C:\Program Files\CM Vocoder
2008-08-28 15:51:41 ----D---- C:\Program Files\KeyToSound
2008-08-28 06:09:16 ----D---- C:\Program Files\AKAI professional M.I. Corp
2008-08-27 20:26:56 ----D---- C:\Documents and Settings\kevin miller\Application Data\KORG
2008-08-27 15:05:23 ----D---- C:\alfred
2008-08-27 14:32:58 ----D---- C:\Program Files\Common Files\KORG
2008-08-27 14:32:57 ----D---- C:\Program Files\KORG Legacy
2008-08-27 14:32:57 ----D---- C:\Documents and Settings\All Users\Application Data\KORG
2008-08-26 16:13:57 ----RA---- C:\WINDOWS\system32\HPZc3212.dll
2008-08-26 15:51:54 ----A---- C:\WINDOWS\system32\HPZipm12.exe
2008-08-26 15:51:54 ----A---- C:\WINDOWS\system32\HPZinw12.exe
2008-08-26 15:51:53 ----A---- C:\WINDOWS\system32\HPZisn12.dll
2008-08-26 15:51:50 ----A---- C:\WINDOWS\system32\HPZipt12.dll
2008-08-26 15:51:49 ----A---- C:\WINDOWS\system32\HPZipr12.dll
2008-08-26 15:51:48 ----A---- C:\WINDOWS\system32\HPZidr12.dll
2008-08-26 13:38:06 ----D---- C:\Temp
2008-08-26 13:22:51 ----D---- C:\Documents and Settings\kevin miller\Application Data\Printer Info Cache
2008-08-26 13:22:45 ----D---- C:\Documents and Settings\kevin miller\Application Data\Image Zone Express
2008-08-26 13:22:24 ----D---- C:\Program Files\Common Files\HP
2008-08-25 11:15:51 ----D---- C:\Program Files\rgcaudio software
2008-08-24 20:07:42 ----D---- C:\WINDOWS\BDOSCAN8
2008-08-24 18:54:39 ----A---- C:\WINDOWS\system32\ra32sipr.dll
2008-08-24 18:54:39 ----A---- C:\WINDOWS\system32\ra32dnet.dll
2008-08-24 18:54:39 ----A---- C:\WINDOWS\system32\ra3228_8.dll
2008-08-24 18:54:38 ----A---- C:\WINDOWS\system32\rmbe3260.dll
2008-08-24 18:54:37 ----A---- C:\WINDOWS\system32\ra3214_4.dll
2008-08-24 18:54:37 ----A---- C:\WINDOWS\system32\pngu3263.dll
2008-08-24 18:54:36 ----A---- C:\WINDOWS\system32\pneng50.dll
2008-08-24 18:54:36 ----A---- C:\WINDOWS\system32\pnc3250.dll
2008-08-24 18:54:36 ----A---- C:\WINDOWS\system32\encdnet.dll
2008-08-24 18:54:36 ----A---- C:\WINDOWS\system32\decdnet.dll
2008-08-24 16:37:27 ----D---- C:\Documents and Settings\All Users\Application Data\Syncrosoft
2008-08-24 13:41:05 ----A---- C:\WINDOWS\system32\libguide40.dll
2008-08-24 13:41:03 ----A---- C:\WINDOWS\system32\DSE2_DFT.dll
2008-08-22 18:31:02 ----D---- C:\Program Files\Sophos
2008-08-22 16:21:02 ----D---- C:\Program Files\Common Files\reFX
2008-08-21 19:35:33 ----D---- C:\Documents and Settings\kevin miller\Application Data\HP
2008-08-21 14:48:35 ----D---- C:\Program Files\HP
2008-08-21 14:42:19 ----RA---- C:\WINDOWS\system32\hpotscl.dll
2008-08-21 14:31:11 ----D---- C:\Program Files\NoLimits Fairground 1.5
2008-08-21 13:43:49 ----D---- C:\WINDOWS\Flash Menu Factory
2008-08-21 13:31:03 ----D---- C:\Program Files\Krrrk.com
2008-08-21 13:27:23 ----D---- C:\Program Files\Anim-FX
2008-08-21 13:24:39 ----A---- C:\WINDOWS\iun507.exe
2008-08-21 13:24:10 ----D---- C:\Program Files\Strip Kittens
2008-08-21 09:49:55 ----D---- C:\Program Files\WWAYM
2008-08-20 16:09:41 ----D---- C:\Program Files\ASIO4ALL v2
2008-08-20 01:52:29 ----D---- C:\Documents and Settings\All Users\Application Data\Wave Arts
2008-08-20 01:52:29 ----A---- C:\WINDOWS\eidmgoic.ini
2008-08-20 01:52:29 ----A---- C:\WINDOWS\eidmgohj.ini
2008-08-20 01:52:29 ----A---- C:\WINDOWS\eidmgofn.ini
2008-08-20 01:52:29 ----A---- C:\WINDOWS\eidmgobo.ini
2008-08-20 01:50:14 ----D---- C:\Program Files\Wave Arts
2008-08-19 20:29:28 ----D---- C:\WINDOWS\system32\appmgmt
2008-08-19 13:35:16 ----A---- C:\WINDOWS\system32\WPPFilt.dll
2008-08-19 12:05:00 ----D---- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-08-18 11:45:06 ----D---- C:\Documents and Settings\kevin miller\Application Data\MixMeister Technology
2008-08-18 11:35:38 ----D---- C:\Program Files\MixMeister Fusion
2008-08-17 18:20:39 ----D---- C:\Documents and Settings\All Users\Application Data\Audio Damage
2008-08-17 13:12:31 ----D---- C:\Program Files\ManyCam 2.3
2008-08-17 12:36:23 ----D---- C:\Program Files\Xilisoft
2008-08-17 12:03:32 ----RA---- C:\WINDOWS\system32\AdobePDFUI.dll
2008-08-17 12:03:32 ----RA---- C:\WINDOWS\system32\AdobePDF.dll
2008-08-17 10:47:01 ----D---- C:\Program Files\KoolMoves Serif Edition
2008-08-17 10:41:48 ----A---- C:\WINDOWS\Replicant VST plug-in Uninstaller.exe
2008-08-17 10:27:18 ----D---- C:\WINDOWS\Minidump
2008-08-17 10:23:27 ----A---- C:\WINDOWS\BigSeq VST plug-in Uninstaller.exe
2008-08-17 10:19:14 ----A---- C:\WINDOWS\PhaseTwo VST plug-in Uninstaller.exe
2008-08-17 10:15:37 ----D---- C:\Program Files\Overloud
2008-08-17 09:57:17 ----A---- C:\WINDOWS\system32\sslibree.dll
2008-08-17 09:57:16 ----A---- C:\WINDOWS\system32\solefw.dll
2008-08-17 09:57:15 ----A---- C:\WINDOWS\system32\slibddf.dll
2008-08-17 09:57:14 ----A---- C:\WINDOWS\system32\sslibeh.dll
2008-08-17 00:35:29 ----D---- C:\Program Files\Elastik
2008-08-16 15:47:15 ----D---- C:\Documents and Settings\All Users\Application Data\ALM
2008-08-16 15:25:05 ----D---- C:\Program Files\MixMeister BPM Analyzer
2008-08-16 14:51:58 ----D---- C:\Documents and Settings\kevin miller\Application Data\Waves
2008-08-16 14:51:51 ----D---- C:\Documents and Settings\kevin miller\Application Data\Waves Preferences
2008-08-16 14:51:27 ----D---- C:\Documents and Settings\kevin miller\Application Data\Blue Cat Audio
2008-08-16 14:05:25 ----A---- C:\WINDOWS\system32\NPSWF32_FlashUtil.exe
2008-08-16 14:05:25 ----A---- C:\WINDOWS\system32\NPSWF32.dll
2008-08-16 13:51:47 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-08-16 13:44:11 ----D---- C:\Program Files\Edirol
2008-08-16 13:31:20 ----D---- C:\Program Files\Antares
2008-08-16 13:23:51 ----D---- C:\Program Files\Common Files\Macrovision Shared
2008-08-15 23:18:09 ----D---- C:\Program Files\PowerISO
2008-08-15 16:31:20 ----D---- C:\Documents and Settings\kevin miller\Application Data\Serif
2008-08-15 16:20:55 ----D---- C:\Program Files\Serif
2008-08-15 15:43:19 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-08-15 14:02:54 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-08-15 13:39:10 ----D---- C:\Documents and Settings\kevin miller\Application Data\Acronis
2008-08-15 13:31:30 ----D---- C:\Documents and Settings\All Users\Application Data\Acronis
2008-08-15 13:31:20 ----D---- C:\Program Files\Common Files\Acronis
2008-08-15 13:31:19 ----D---- C:\Program Files\Acronis
2008-08-15 13:21:26 ----D---- C:\Program Files\NoLimits Coasters v1.6
2008-08-15 13:12:34 ----D---- C:\Documents and Settings\kevin miller\Application Data\Ashampoo Cover Studio
2008-08-15 13:01:29 ----D---- C:\Program Files\Windows Defender
2008-08-15 09:47:30 ----SHD---- C:\WINDOWS\CSC
2008-08-15 09:38:35 ----A---- C:\WINDOWS\BeatBox.INI
2008-08-15 09:17:42 ----D---- C:\Program Files\vghd
2008-08-15 09:17:41 ----D---- C:\Documents and Settings\kevin miller\Application Data\vghd
2008-08-15 08:01:28 ----A---- C:\WINDOWS\Robota.INI
2008-08-15 08:01:16 ----D---- C:\Documents and Settings\kevin miller\Application Data\MAGIX
2008-08-15 08:00:25 ----A---- C:\WINDOWS\system32\wmv8dmod.dll
2008-08-15 08:00:24 ----A---- C:\WINDOWS\system32\mpg4c32.dll
2008-08-15 07:56:49 ----A---- C:\WINDOWS\system32\mgxasio2.dll
2008-08-15 07:56:46 ----A---- C:\WINDOWS\system32\TTIC32.dll
2008-08-15 07:56:46 ----A---- C:\WINDOWS\system32\TTI32.dll
2008-08-15 07:56:46 ----A---- C:\WINDOWS\system32\STRING32.dll
2008-08-15 07:56:46 ----A---- C:\WINDOWS\system32\MXRestore.exe
2008-08-15 07:56:46 ----A---- C:\WINDOWS\system32\mgxcdr.txt
2008-08-15 07:56:46 ----A---- C:\WINDOWS\system32\DLLTPO32.dll
2008-08-15 07:56:46 ----A---- C:\WINDOWS\system32\DLLRES32.dll
2008-08-15 07:56:45 ----A---- C:\WINDOWS\system32\DLLRD32.dll
2008-08-15 07:56:45 ----A---- C:\WINDOWS\system32\DLLPTL32.dll
2008-08-15 07:56:45 ----A---- C:\WINDOWS\system32\DLLPRJ32.dll
2008-08-15 07:56:45 ----A---- C:\WINDOWS\system32\DLLPRF32.dll
2008-08-15 07:56:45 ----A---- C:\WINDOWS\system32\DLLPNT32.dll
2008-08-15 07:56:45 ----A---- C:\WINDOWS\system32\DLLMSC32.dll
2008-08-15 07:56:44 ----A---- C:\WINDOWS\system32\DLLIX.dll
2008-08-15 07:56:44 ----A---- C:\WINDOWS\system32\DLLISO32.dll
2008-08-15 07:56:44 ----A---- C:\WINDOWS\system32\DLLIO32.dll
2008-08-15 07:56:44 ----A---- C:\WINDOWS\system32\DLLIMG32.dll
2008-08-15 07:56:43 ----A---- C:\WINDOWS\system32\DLLDRV32.dll
2008-08-15 07:56:43 ----A---- C:\WINDOWS\system32\DLLDIR32.dll
2008-08-15 07:56:43 ----A---- C:\WINDOWS\system32\DLLDEV32.dll
2008-08-15 07:56:43 ----A---- C:\WINDOWS\system32\DLLCPY32.dll
2008-08-15 07:56:43 ----A---- C:\WINDOWS\system32\DLLCDF32.dll
2008-08-15 07:56:42 ----A---- C:\WINDOWS\system32\DLLCDA32.dll
2008-08-15 07:56:42 ----A---- C:\WINDOWS\system32\DLLAV32.dll
2008-08-15 07:54:07 ----D---- C:\Documents and Settings\All Users\Application Data\MAGIX
2008-08-15 07:52:43 ----D---- C:\Program Files\MAGIX
2008-08-15 07:52:43 ----A---- C:\WINDOWS\system32\DLLDEV32i.dll
2008-08-15 07:52:11 ----D---- C:\WINDOWS\system32\MAGIX
2008-08-15 07:52:11 ----A---- C:\WINDOWS\mgxoschk.ini
2008-08-15 07:52:10 ----A---- C:\WINDOWS\system32\mgxoschk.dll
2008-08-14 22:20:58 ----D---- C:\Documents and Settings\kevin miller\Application Data\FabFilter
2008-08-14 22:08:15 ----D---- C:\Documents and Settings\kevin miller\Application Data\Grisoft
2008-08-14 22:07:59 ----D---- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-08-14 19:39:05 ----D---- C:\Program Files\Arturia
2008-08-14 17:23:11 ----D---- C:\Program Files\T-RackS 24
2008-08-14 16:54:53 ----D---- C:\Program Files\Waves
2008-08-14 16:26:25 ----A---- C:\WINDOWS\system32\PSP Xenon.dll
2008-08-14 13:34:24 ----D---- C:\Program Files\Ableton
2008-08-14 13:25:45 ----D---- C:\Documents and Settings\kevin miller\Application Data\Ableton
2008-08-14 13:10:12 ----D---- C:\Program Files\Sonik Synth 2 Free
2008-08-14 12:31:23 ----D---- C:\Program Files\Steinberg
2008-08-14 12:31:23 ----D---- C:\Program Files\Pinnacle
2008-08-14 12:30:41 ----D---- C:\Documents and Settings\All Users\Application Data\Pinnacle
2008-08-14 12:26:14 ----D---- C:\Program Files\KORG
2008-08-14 11:51:40 ----D---- C:\Program Files\NeroInstall.bak
2008-08-14 11:46:12 ----A---- C:\WINDOWS\system32\MsiExec.exe.log
2008-08-14 11:41:25 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2008-08-14 11:38:27 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-08-14 11:38:23 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-08-14 11:37:48 ----HD---- C:\WINDOWS\PIF
2008-08-14 11:22:01 ----A---- C:\WINDOWS\system32\LVUI2RC.dll
2008-08-14 11:22:01 ----A---- C:\WINDOWS\system32\LVUI2.dll
2008-08-14 11:22:01 ----A---- C:\WINDOWS\system32\lvcodec2.dll
2008-08-14 11:22:00 ----A---- C:\WINDOWS\system32\lvcoinst.ini
2008-08-14 11:22:00 ----A---- C:\WINDOWS\system32\lvci1051.dll
2008-08-14 11:19:55 ----D---- C:\Documents and Settings\All Users\Application Data\Logishrd
2008-08-14 11:19:50 ----D---- C:\Documents and Settings\All Users\Application Data\Logitech
2008-08-14 11:19:45 ----D---- C:\Program Files\Common Files\LogiShrd
2008-08-14 11:17:46 ----D---- C:\Program Files\Logitech
2008-08-14 10:59:38 ----A---- C:\WINDOWS\unvise32.exe
2008-08-14 10:59:00 ----D---- C:\Program Files\SWiSH Max2
2008-08-14 10:53:11 ----D---- C:\Program Files\Pinguin Audio Meter
2008-08-14 10:49:15 ----D---- C:\Program Files\VirtualDJ
2008-08-14 10:39:21 ----D---- C:\Documents and Settings\kevin miller\Application Data\Deckadance
2008-08-14 10:25:51 ----A---- C:\WINDOWS\iun506.exe
2008-08-14 10:25:35 ----D---- C:\Program Files\Magic Flare
2008-08-14 10:23:21 ----D---- C:\Program Files\Common Files\Native Instruments
2008-08-14 10:08:11 ----D---- C:\Program Files\Toontrack
2008-08-14 10:02:46 ----D---- C:\Documents and Settings\kevin miller\Application Data\Cakewalk
2008-08-14 10:01:56 ----D---- C:\Documents and Settings\All Users\Application Data\Identities
2008-08-14 10:01:54 ----A---- C:\WINDOWS\dsdxirmv.exe
2008-08-14 09:55:54 ----D---- C:\Program Files\Lounge Lizard
2008-08-14 09:54:52 ----D---- C:\Documents and Settings\kevin miller\Application Data\Applied Acoustics Systems
2008-08-14 09:54:41 ----D---- C:\Program Files\AAS
2008-08-14 09:52:16 ----D---- C:\Program Files\123 Flash Menu
2008-08-14 09:44:55 ----D---- C:\Program Files\Cakewalk
2008-08-14 09:44:55 ----D---- C:\Documents and Settings\All Users\Application Data\Cakewalk
2008-08-14 09:44:55 ----D---- C:\Cakewalk Projects
2008-08-14 09:38:59 ----D---- C:\Documents and Settings\kevin miller\Application Data\Webroot
2008-08-14 09:38:57 ----D---- C:\Program Files\Webroot
2008-08-14 09:38:57 ----D---- C:\Program Files\Common Files\Webroot Shared
2008-08-14 09:38:46 ----A---- C:\WINDOWS\Unwash6.exe
2008-08-14 09:38:46 ----A---- C:\WINDOWS\system32\wwSecure.exe
2008-08-14 09:19:44 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-08-14 09:19:23 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-08-14 09:19:05 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-08-14 09:18:45 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-14 09:17:13 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-08-14 09:16:58 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-08-14 09:16:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-08-14 09:11:06 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-08-14 09:09:48 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-08-14 09:09:33 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-14 09:08:46 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2008-08-14 09:07:36 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-08-14 09:07:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-08-14 09:04:31 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP10$
2008-08-14 08:49:57 ----D---- C:\Documents and Settings\kevin miller\Application Data\Apple Computer
2008-08-14 08:48:41 ----A---- C:\WINDOWS\system32\sslibff.dll
2008-08-14 08:48:39 ----A---- C:\WINDOWS\system32\sslibsd.dll
2008-08-14 08:48:35 ----A---- C:\WINDOWS\system32\sslibgs.dll
2008-08-14 08:48:34 ----A---- C:\WINDOWS\system32\sslibqqe.dll
2008-08-14 08:48:30 ----A---- C:\WINDOWS\system32\slibgs.dll
2008-08-14 08:48:28 ----A---- C:\WINDOWS\system32\slibfg.dll
2008-08-14 08:47:58 ----D---- C:\Program Files\Sonalksis
2008-08-14 08:47:58 ----A---- C:\WINDOWS\unins000.exe
2008-08-14 08:46:46 ----D---- C:\Program Files\Bonjour
2008-08-14 08:44:19 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-08-14 08:35:21 ----D---- C:\Program Files\Common Files\Apple
2008-08-14 08:27:45 ----A---- C:\WINDOWS\system32\xvidcore.dll
2008-08-14 08:27:44 ----D---- C:\Program Files\XviD
2008-08-14 08:27:44 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2008-08-14 08:25:08 ----D---- C:\Program Files\WinAVI Video Converter
2008-08-14 08:22:40 ----N---- C:\WINDOWS\system32\PSP Nitro.dll
2008-08-14 08:21:07 ----D---- C:\Documents and Settings\All Users\Application Data\iZotope
2008-08-14 08:21:00 ----D---- C:\Program Files\Common Files\iZotope
2008-08-14 08:17:22 ----D---- C:\Program Files\Java
2008-08-14 08:07:19 ----A---- C:\WINDOWS\LOOP.exe
2008-08-14 07:56:07 ----D---- C:\Documents and Settings\All Users\Application Data\IK Multimedia
2008-08-14 07:51:56 ----A---- C:\WINDOWS\system32\msvcsv60.dll
2008-08-14 07:48:14 ----D---- C:\Program Files\IK Multimedia
2008-08-14 07:48:06 ----D---- C:\Documents and Settings\kevin miller\Application Data\InstallShield
2008-08-14 07:45:48 ----D---- C:\Documents and Settings\kevin miller\Application Data\Antares
2008-08-14 07:45:44 ----D---- C:\Program Files\Antares Audio Technologies
2008-08-14 07:42:20 ----D---- C:\Program Files\QuickTime
2008-08-14 07:38:53 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2008-08-14 07:38:26 ----D---- C:\Program Files\iZotope
2008-08-14 07:36:46 ----D---- C:\Program Files\MU Technologies
2008-08-14 07:35:20 ----D---- C:\Program Files\Sonnox
2008-08-14 07:34:42 ----D---- C:\Documents and Settings\All Users\Application Data\Propellerhead Software
2008-08-14 07:34:41 ----D---- C:\Documents and Settings\kevin miller\Application Data\Propellerhead Software
2008-08-14 07:33:46 ----AS---- C:\WINDOWS\system32\REX Shared Library.dll
2008-08-14 07:33:45 ----D---- C:\Program Files\Propellerhead
2008-08-14 07:33:06 ----D---- C:\Program Files\PSP Audioware
2008-08-14 07:28:19 ----A---- C:\WINDOWS\system32\PSP VintageWarmer.dll
2008-08-14 07:28:18 ----A---- C:\WINDOWS\system32\PSP VintageWarmer2.dll
2008-08-14 07:20:23 ----D---- C:\Program Files\PSPaudioware
2008-08-14 07:20:07 ----A---- C:\WINDOWS\system32\PSP MixBass2.dll
2008-08-14 07:10:15 ----D---- C:\Documents and Settings\kevin miller\Application Data\Twin
2008-08-14 07:05:16 ----D---- C:\Program Files\Common Files\VST3
2008-08-14 07:01:46 ----N---- C:\WINDOWS\system32\synsoacc.dll
2008-08-14 06:58:49 ----D---- C:\Documents and Settings\All Users\Application Data\VirSyn Software Synthesizer
2008-08-14 06:52:22 ----D---- C:\Program Files\VirSyn Software Synthesizer
2008-08-14 06:47:49 ----A---- C:\WINDOWS\system32\msvcp71d.dll
2008-08-14 06:47:48 ----A---- C:\WINDOWS\system32\msvcr71d.dll
2008-08-14 06:47:43 ----D---- C:\Program Files\Nomad Factory
2008-08-14 06:41:43 ----D---- C:\Program Files\FabFilter
2008-08-14 06:34:45 ----D---- C:\Program Files\u-he
2008-08-14 06:16:39 ----D---- C:\Documents and Settings\All Users\Application Data\Big Fish Audio
2008-08-14 06:04:28 ----D---- C:\Program Files\Spectrasonics
2008-08-14 05:52:38 ----A---- C:\WINDOWS\system32\NI_IRC_1_2.dll
2008-08-14 05:52:37 ----A---- C:\WINDOWS\system32\NI_DFD_1_5.dll
2008-08-14 05:50:42 ----D---- C:\Program Files\Native Instruments
2008-08-14 05:50:20 ----A---- C:\WINDOWS\system32\gdiplus.dll
2008-08-14 05:01:21 ----D---- C:\Program Files\Common Files\Digidesign
2008-08-14 05:01:10 ----D---- C:\Program Files\Zero-G
2008-08-14 04:56:09 ----A---- C:\Documents and Settings\kevin miller\Application Data\inst.exe
2008-08-14 04:56:08 ----D---- C:\Documents and Settings\kevin miller\Application Data\Vso
2008-08-14 04:56:00 ----A---- C:\WINDOWS\system32\Pncrt.dll
2008-08-14 04:56:00 ----A---- C:\WINDOWS\system32\drv43260.dll
2008-08-14 04:56:00 ----A---- C:\WINDOWS\system32\drv33260.dll
2008-08-14 04:55:59 ----A---- C:\WINDOWS\system32\vp7vfw.dll
2008-08-14 04:55:59 ----A---- C:\WINDOWS\system32\drv23260.dll
2008-08-14 04:55:59 ----A---- C:\WINDOWS\system32\cook3260.dll
2008-08-14 04:55:59 ----A---- C:\WINDOWS\gdiplus.dll
2008-08-14 04:55:57 ----D---- C:\Program Files\VSO
2008-08-14 04:53:00 ----D---- C:\Program Files\Sugar Bytes
2008-08-14 04:48:36 ----D---- C:\Program Files\Common Files\Adobe Systems Shared
2008-08-14 04:46:32 ----D---- C:\Program Files\discoDSP
2008-08-14 04:43:17 ----D---- C:\Program Files\DAMN NFO Viewer
2008-08-13 21:47:07 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-08-13 21:42:50 ----D---- C:\Documents and Settings\kevin miller\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2008-08-13 21:20:02 ----D---- C:\Documents and Settings\kevin miller\Application Data\Download Manager
2008-08-13 21:02:58 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2008-08-13 21:02:48 ----D---- C:\Program Files\NOS
2008-08-13 20:27:02 ----D---- C:\Program Files\Laplink
2008-08-13 20:14:00 ----D---- C:\Documents and Settings\kevin miller\Application Data\WinRAR
2008-08-13 19:47:26 ----A---- C:\WINDOWS\system32\msonpmon.dll
2008-08-13 19:40:19 ----D---- C:\Program Files\MSBuild
2008-08-13 19:39:41 ----D---- C:\Program Files\Microsoft Visual Studio
2008-08-13 19:39:40 ----D---- C:\Program Files\Common Files\DESIGNER
2008-08-13 19:38:34 ----D---- C:\Program Files\Microsoft.NET
2008-08-13 19:33:46 ----D---- C:\WINDOWS\SHELLNEW
2008-08-13 19:32:53 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-08-13 19:31:46 ----RHD---- C:\MSOCache
2008-08-13 19:22:10 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-08-13 19:18:43 ----D---- C:\Program Files\MixMeister Fusion + Video 7.1.1
2008-08-13 18:51:23 ----D---- C:\Program Files\CCleaner
2008-08-13 18:49:40 ----D---- C:\Program Files\Unlocker
2008-08-13 18:44:29 ----D---- C:\Program Files\Common Files\Softwin
2008-08-13 18:29:29 ----D---- C:\Documents and Settings\kevin miller\Application Data\CallingID
2008-08-13 18:29:15 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-08-13 18:28:40 ----D---- C:\WINDOWS\Downloaded Installations
2008-08-13 18:28:36 ----HD---- C:\Config.msi
2008-08-13 18:28:21 ----D---- C:\Documents and Settings\All Users\Application Data\CA
2008-08-13 18:19:54 ----D---- C:\Program Files\MixMeister Fusion 7.2.2
2008-08-13 18:19:16 ----N---- C:\WINDOWS\system32\ReWire.dll
2008-08-13 18:19:16 ----D---- C:\Program Files\VstPlugins
2008-08-13 18:18:32 ----D---- C:\Program Files\Outsim
2008-08-13 18:16:46 ----D---- C:\Program Files\Image-Line
2008-08-13 18:14:24 ----D---- C:\Documents and Settings\kevin miller\Application Data\Ashampoo
2008-08-13 18:02:42 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-08-13 18:02:42 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-08-13 17:57:06 ----A---- C:\WINDOWS\system32\STKIT432.DLL
2008-08-13 17:57:04 ----D---- C:\Program Files\Registry Mechanic
2008-08-13 17:54:14 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-13 17:54:03 ----D---- C:\Documents and Settings\All Users\Application Data\PC Tools
2008-08-13 17:50:34 ----D---- C:\ATI
2008-08-13 17:46:02 ----D---- C:\Documents and Settings\All Users\Application Data\ashampoo
2008-08-13 17:45:58 ----D---- C:\Program Files\Ashampoo
2008-08-13 17:40:09 ----D---- C:\Program Files\WinRAR
2008-08-13 17:36:59 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-08-13 17:35:27 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-08-13 17:35:22 ----D---- C:\Program Files\Windows Live
2008-08-13 17:35:13 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-08-13 17:28:55 ----A---- C:\WINDOWS\system32\vsregexp.dll
2008-08-13 17:28:55 ----A---- C:\WINDOWS\system32\libeay32_0.9.6l.dll
2008-08-13 17:28:52 ----D---- C:\WINDOWS\system32\ZoneLabs
2008-08-13 17:28:52 ----D---- C:\Program Files\Zone Labs
2008-08-13 17:28:52 ----A---- C:\WINDOWS\system32\vsxml.dll
2008-08-13 17:28:52 ----A---- C:\WINDOWS\system32\vswmi.dll
2008-08-13 17:28:52 ----A---- C:\WINDOWS\system32\vspubapi.dll
2008-08-13 17:28:52 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2008-08-13 17:28:23 ----D---- C:\WINDOWS\Internet Logs
2008-08-13 17:28:23 ----A---- C:\WINDOWS\system32\vsutil.dll
2008-08-13 17:28:23 ----A---- C:\WINDOWS\system32\vsinit.dll
2008-08-13 17:28:23 ----A---- C:\WINDOWS\system32\vsdata.dll
2008-08-13 17:27:22 ----D---- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-08-13 17:27:12 ----D---- C:\Program Files\Common Files\McAfee
2008-08-13 17:26:50 ----D---- C:\Program Files\McAfee
2008-08-13 17:26:50 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2008-08-13 17:19:13 ----D---- C:\WINDOWS\ie7updates
2008-08-13 17:18:48 ----D---- C:\WINDOWS\WBEM
2008-08-13 17:18:43 ----D---- C:\Documents and Settings\kevin miller\Application Data\Adobe
2008-08-13 17:17:30 ----HDC---- C:\WINDOWS\ie7
2008-08-13 17:17:17 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-08-13 17:16:57 ----D---- C:\Documents and Settings\kevin miller\Application Data\Talkback
2008-08-13 17:16:44 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-08-13 17:15:21 ----A---- C:\WINDOWS\system32\MRT.exe
2008-08-13 17:12:43 ----D---- C:\Documents and Settings\kevin miller\Application Data\Google
2008-08-13 17:12:13 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-08-13 17:12:09 ----D---- C:\Program Files\Common Files\Adobe
2008-08-13 17:11:02 ----N---- C:\WINDOWS\system32\vxblock.dll
2008-08-13 17:11:02 ----N---- C:\WINDOWS\system32\pxwave.dll
2008-08-13 17:11:02 ----N---- C:\WINDOWS\system32\pxmas.dll
2008-08-13 17:11:02 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2008-08-13 17:11:02 ----N---- C:\WINDOWS\system32\pxdrv.dll
2008-08-13 17:11:02 ----N---- C:\WINDOWS\system32\px.dll
2008-08-13 17:10:57 ----D---- C:\Program Files\Picasa2
2008-08-13 17:10:54 ----D---- C:\WINDOWS\system32\runtime
2008-08-13 17:10:22 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-08-13 17:10:12 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-08-13 17:10:10 ----D---- C:\Program Files\Google
2008-08-13 17:06:40 ----SHD---- C:\RECYCLER
2008-08-13 17:02:25 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2008-08-13 17:02:24 ----A---- C:\WINDOWS\system32\kbd106.dll
2008-08-13 17:01:36 ----D---- C:\WINDOWS\Prefetch
2008-08-13 00:56:04 ----D---- C:\WINDOWS\I386
2008-08-13 00:54:01 ----A---- C:\WINDOWS\system32\wzcsvc.dll
2008-08-13 00:54:01 ----A---- C:\WINDOWS\system32\wzcsapi.dll
2008-08-13 00:53:58 ----A---- C:\WINDOWS\system32\wowfaxui.dll
2008-08-13 00:53:55 ----A---- C:\WINDOWS\system32\wowfax.dll
2008-08-13 00:53:48 ----A---- C:\WINDOWS\system32\usrvpa.dll
2008-08-13 00:53:45 ----A---- C:\WINDOWS\system32\usrvoica.dll
2008-08-13 00:53:42 ----A---- C:\WINDOWS\system32\usrv80a.dll
2008-08-13 00:53:39 ----A---- C:\WINDOWS\system32\usrv42a.dll
2008-08-13 00:53:36 ----A---- C:\WINDOWS\system32\usrsvpia.dll
2008-08-13 00:53:33 ----A---- C:\WINDOWS\system32\usrshuta.exe
2008-08-13 00:53:31 ----A---- C:\WINDOWS\system32\usrsdpia.dll
2008-08-13 00:53:28 ----A---- C:\WINDOWS\system32\usrrtosa.dll
2008-08-13 00:53:25 ----A---- C:\WINDOWS\system32\usrprbda.exe
2008-08-13 00:53:22 ----A---- C:\WINDOWS\system32\usrmlnka.exe
2008-08-13 00:53:19 ----A---- C:\WINDOWS\system32\usrlbva.dll
2008-08-13 00:53:16 ----A---- C:\WINDOWS\system32\usrfaxa.dll
2008-08-13 00:53:13 ----A---- C:\WINDOWS\system32\usrdtea.dll
2008-08-13 00:53:11 ----A---- C:\WINDOWS\system32\usrdpa.dll
2008-08-13 00:53:08 ----A---- C:\WINDOWS\system32\usrcoina.dll
2008-08-13 00:53:05 ----A---- C:\WINDOWS\system32\usrcntra.dll
2008-08-13 00:53:04 ----A---- C:\WINDOWS\system32\usbui.dll
2008-08-13 00:53:02 ----A---- C:\WINDOWS\system32\tsbyuv.dll
2008-08-13 00:52:59 ----A---- C:\WINDOWS\system32\streamci.dll
2008-08-13 00:52:58 ----A---- C:\WINDOWS\system32\storprop.dll
2008-08-13 00:52:56 ----A---- C:\WINDOWS\system32\sprio800.dll
2008-08-13 00:52:53 ----A---- C:\WINDOWS\system32\sprio600.dll
2008-08-13 00:52:49 ----A---- C:\WINDOWS\system32\spnike.dll
2008-08-13 00:52:47 ----A---- C:\WINDOWS\system32\pjlmon.dll
2008-08-13 00:52:47 ----A---- C:\WINDOWS\system32\pid.dll
2008-08-13 00:52:45 ----A---- C:\WINDOWS\system32\paqsp.dll
2008-08-13 00:52:39 ----A---- C:\WINDOWS\system32\msyuv.dll
2008-08-13 00:52:35 ----A---- C:\WINDOWS\system32\mdwmdmsp.dll
2008-08-13 00:52:34 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-08-13 00:52:34 ----A---- C:\WINDOWS\system32\iyuv_32.dll
2008-08-13 00:52:33 ----A---- C:\WINDOWS\system32\hid.dll
2008-08-13 00:52:31 ----A---- C:\WINDOWS\system32\dvdplay.exe
2008-08-13 00:51:39 ----A---- C:\WINDOWS\system32\dmutil.dll
2008-08-13 00:51:02 ----A---- C:\WINDOWS\system32\cnbjmon.dll
2008-08-13 00:50:05 ----RD---- C:\Program Files
2008-08-13 00:49:42 ----RSD---- C:\WINDOWS\assembly
2008-08-13 00:49:39 ----RD---- C:\WINDOWS\Offline Web Pages
2008-08-13 00:49:16 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-08-13 00:36:06 ----A---- C:\WINDOWS\system32\zipfldr.dll
2008-08-13 00:36:03 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2008-08-13 00:36:03 ----A---- C:\WINDOWS\system32\xpsp1res.dll
2008-08-13 00:36:03 ----A---- C:\WINDOWS\system32\xpob2res.dll
2008-08-13 00:36:03 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-08-13 00:36:03 ----A---- C:\WINDOWS\system32\xmlprovi.dll
2008-08-13 00:36:03 ----A---- C:\WINDOWS\system32\xmlprov.dll
2008-08-13 00:36:02 ----A---- C:\WINDOWS\system32\xenroll.dll
2008-08-13 00:36:02 ----A---- C:\WINDOWS\system32\xcopy.exe
2008-08-13 00:36:02 ----A---- C:\WINDOWS\system32\xactsrv.dll
2008-08-13 00:36:02 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2008-08-13 00:36:02 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-08-13 00:36:02 ----A---- C:\WINDOWS\system32\wups.dll
2008-08-13 00:36:02 ----A---- C:\WINDOWS\system32\wupdmgr.exe
2008-08-13 00:36:02 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-08-13 00:36:02 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-08-13 00:36:02 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-08-13 00:36:02 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-08-13 00:36:02 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-08-13 00:36:02 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-08-13 00:36:01 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-08-13 00:36:01 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2008-08-13 00:36:01 ----A---- C:\WINDOWS\system32\wstdecod.dll
2008-08-13 00:36:01 ----A---- C:\WINDOWS\system32\wsock32.dll
2008-08-13 00:36:01 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2008-08-13 00:36:01 ----A---- C:\WINDOWS\system32\wshtcpip.dll
2008-08-13 00:36:01 ----A---- C:\WINDOWS\system32\wshrm.dll
2008-08-13 00:36:01 ----A---- C:\WINDOWS\system32\wshnetbs.dll
2008-08-13 00:36:01 ----A---- C:\WINDOWS\system32\wshisn.dll
2008-08-13 00:36:01 ----A---- C:\WINDOWS\system32\wship6.dll
2008-08-13 00:36:01 ----A---- C:\WINDOWS\system32\wshext.dll
2008-08-13 00:36:01 ----A---- C:\WINDOWS\system32\wshcon.dll
2008-08-13 00:36:01 ----A---- C:\WINDOWS\system32\wshbth.dll
2008-08-13 00:36:01 ----A---- C:\WINDOWS\system32\wshatm.dll
2008-08-13 00:36:01 ----A---- C:\WINDOWS\system32\wsecedit.dll
2008-08-13 00:36:01 ----A---- C:\WINDOWS\system32\wscsvc.dll
2008-08-13 00:36:01 ----A---- C:\WINDOWS\system32\wscript.exe
2008-08-13 00:36:01 ----A---- C:\WINDOWS\system32\wscntfy.exe
2008-08-13 00:36:00 ----A---- C:\WINDOWS\system32\ws2help.dll
2008-08-13 00:36:00 ----A---- C:\WINDOWS\system32\ws2_32.dll
2008-08-13 00:36:00 ----A---- C:\WINDOWS\system32\write.exe
2008-08-13 00:36:00 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2008-08-13 00:36:00 ----A---- C:\WINDOWS\system32\wpabaln.exe
2008-08-13 00:36:00 ----A---- C:\WINDOWS\system32\wowexec.exe
2008-08-13 00:36:00 ----A---- C:\WINDOWS\system32\wowdeb.exe
2008-08-13 00:36:00 ----A---- C:\WINDOWS\system32\wow32.dll
2008-08-13 00:36:00 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll
2008-08-13 00:36:00 ----A---- C:\WINDOWS\system32\wmvdmoe2(2).dll
2008-08-13 00:36:00 ----A---- C:\WINDOWS\system32\wmvdmod.dll
2008-08-13 00:36:00 ----A---- C:\WINDOWS\system32\wmvdmod(2).dll
2008-08-13 00:35:59 ----A---- C:\WINDOWS\system32\wmvcore.dll
2008-08-13 00:35:59 ----A---- C:\WINDOWS\system32\wmvcore(6).dll
2008-08-13 00:35:59 ----A---- C:\WINDOWS\system32\wmvcore(5).dll
2008-08-13 00:35:59 ----A---- C:\WINDOWS\system32\wmvcore(4).dll
2008-08-13 00:35:59 ----A---- C:\WINDOWS\system32\wmvcore(3).dll
2008-08-13 00:35:59 ----A---- C:\WINDOWS\system32\wmvcore(2).dll
2008-08-13 00:35:59 ----A---- C:\WINDOWS\system32\WMVADVE.DLL
2008-08-13 00:35:59 ----A---- C:\WINDOWS\system32\WMVADVE(2).DLL
2008-08-13 00:35:59 ----A---- C:\WINDOWS\system32\wmstream.dll
2008-08-13 00:35:58 ----A---- C:\WINDOWS\system32\WMSPDMOE.dll
2008-08-13 00:35:58 ----A---- C:\WINDOWS\system32\wmspdmoe(2).dll
2008-08-13 00:35:58 ----A---- C:\WINDOWS\system32\WMSPDMOD.dll
2008-08-13 00:35:58 ----A---- C:\WINDOWS\system32\wmspdmod(2).dll
2008-08-13 00:35:58 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll
2008-08-13 00:35:58 ----A---- C:\WINDOWS\system32\wmsdmoe2(2).dll
2008-08-13 00:35:58 ----A---- C:\WINDOWS\system32\wmsdmoe.dll
2008-08-13 00:35:58 ----A---- C:\WINDOWS\system32\wmsdmod.dll
2008-08-13 00:35:58 ----A---- C:\WINDOWS\system32\wmsdmod(2).dll
2008-08-13 00:35:58 ----A---- C:\WINDOWS\system32\wmpsrcwp.dll
2008-08-13 00:35:58 ----A---- C:\WINDOWS\system32\wmpshell.dll
2008-08-13 00:35:57 ----A---- C:\WINDOWS\system32\wmploc.dll
2008-08-13 00:35:56 ----A---- C:\WINDOWS\system32\wmpencen.dll
2008-08-13 00:35:56 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2008-08-13 00:35:56 ----A---- C:\WINDOWS\system32\wmpasf.dll
2008-08-13 00:35:56 ----A---- C:\WINDOWS\system32\wmpasf(2).dll
2008-08-13 00:35:55 ----A---- C:\WINDOWS\system32\wmp.dll
2008-08-13 00:35:54 ----A---- C:\WINDOWS\system32\WMNetMgr.dll
2008-08-13 00:35:53 ----A---- C:\WINDOWS\system32\wmiscmgr.dll
2008-08-13 00:35:53 ----A---- C:\WINDOWS\system32\wmiprop.dll
2008-08-13 00:35:53 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-08-13 00:35:53 ----A---- C:\WINDOWS\system32\wmidx.dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\wmi.dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\wmerror.dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\wmerrenu.dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\wmdrmnet.dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\wmdrmdev.dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\wmdmps.dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\wmdmlog.dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\wmasf.dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\wmasf(7).dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\wmasf(6).dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\wmasf(5).dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\wmasf(4).dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\wmasf(3).dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\wmasf(2).dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\WMADMOE.dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\wmadmoe(2).dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\WMADMOD.dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\wmadmod(2).dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\wlnotify.dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\wldap32.dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\wkssvc.dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\winver.exe
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\wintrust.dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\winstrm.dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\winsta.dll
2008-08-13 00:35:52 ----A---- C:\WINDOWS\system32\winspool.exe
2008-08-13 00:35:51 ----A---- C:\WINDOWS\system32\winsock.dll
2008-08-13 00:35:51 ----A---- C:\WINDOWS\system32\winshfhc.dll
2008-08-13 00:35:51 ----A---- C:\WINDOWS\system32\winscard.dll
2008-08-13 00:35:51 ----A---- C:\WINDOWS\system32\winrnr.dll
2008-08-13 00:35:51 ----A---- C:\WINDOWS\system32\winntbbu.dll
2008-08-13 00:35:49 ----A---- C:\WINDOWS\winhlp32.exe
2008-08-13 00:35:49 ----A---- C:\WINDOWS\winhelp.exe
2008-08-13 00:35:49 ----A---- C:\WINDOWS\system32\winnls.dll
2008-08-13 00:35:49 ----A---- C:\WINDOWS\system32\winmsd.exe
2008-08-13 00:35:49 ----A---- C:\WINDOWS\system32\winmm.dll
2008-08-13 00:35:49 ----A---- C:\WINDOWS\system32\winmine.exe
2008-08-13 00:35:49 ----A---- C:\WINDOWS\system32\winlogon.exe
2008-08-13 00:35:49 ----A---- C:\WINDOWS\system32\winipsec.dll
2008-08-13 00:35:49 ----A---- C:\WINDOWS\system32\winhttp.dll
2008-08-13 00:35:49 ----A---- C:\WINDOWS\system32\winhlp32.exe
2008-08-13 00:35:48 ----A---- C:\WINDOWS\system32\winfax.dll
2008-08-13 00:35:48 ----A---- C:\WINDOWS\system32\winchat.exe
2008-08-13 00:35:48 ----A---- C:\WINDOWS\system32\winbrand.dll
2008-08-13 00:35:48 ----A---- C:\WINDOWS\system32\win87em.dll
2008-08-13 00:35:47 ----A---- C:\WINDOWS\system32\win32spl.dll
2008-08-13 00:35:47 ----A---- C:\WINDOWS\system32\win.com
2008-08-13 00:35:47 ----A---- C:\WINDOWS\system32\wifeman.dll
2008-08-13 00:35:47 ----A---- C:\WINDOWS\system32\wiavusd.dll
2008-08-13 00:35:47 ----A---- C:\WINDOWS\system32\wiavideo.dll
2008-08-13 00:35:47 ----A---- C:\WINDOWS\system32\wiashext.dll
2008-08-13 00:35:47 ----A---- C:\WINDOWS\system32\wiaservc.dll
2008-08-13 00:35:47 ----A---- C:\WINDOWS\system32\wiascr.dll
2008-08-13 00:35:47 ----A---- C:\WINDOWS\system32\wiadss.dll
2008-08-13 00:35:47 ----A---- C:\WINDOWS\system32\wiadefui.dll
2008-08-13 00:35:47 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2008-08-13 00:35:46 ----A---- C:\WINDOWS\system32\wextract.exe
2008-08-13 00:35:46 ----A---- C:\WINDOWS\system32\webvw.dll
2008-08-13 00:35:46 ----A---- C:\WINDOWS\system32\webhits.dll
2008-08-13 00:35:46 ----A---- C:\WINDOWS\system32\webclnt.dll
2008-08-13 00:35:46 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-08-13 00:35:45 ----A---- C:\WINDOWS\system32\wdigest.dll
2008-08-13 00:35:42 ----A---- C:\WINDOWS\system32\wavemsp.dll
2008-08-13 00:35:42 ----A---- C:\WINDOWS\system32\w3ssl.dll
2008-08-13 00:35:42 ----A---- C:\WINDOWS\system32\w32topl.dll
2008-08-13 00:35:42 ----A---- C:\WINDOWS\system32\w32tm.exe
2008-08-13 00:35:42 ----A---- C:\WINDOWS\system32\w32time.dll
2008-08-13 00:35:42 ----A---- C:\WINDOWS\system32\vwipxspx.exe
2008-08-13 00:35:42 ----A---- C:\WINDOWS\system32\vwipxspx.dll
2008-08-13 00:35:42 ----A---- C:\WINDOWS\system32\vssvc.exe
2008-08-13 00:35:42 ----A---- C:\WINDOWS\system32\vssapi.dll
2008-08-13 00:35:42 ----A---- C:\WINDOWS\system32\vssadmin.exe
2008-08-13 00:35:42 ----A---- C:\WINDOWS\system32\vss_ps.dll
2008-08-13 00:35:41 ----A---- C:\WINDOWS\vmmreg32.dll
2008-08-13 00:35:41 ----A---- C:\WINDOWS\system32\vjoy.dll
2008-08-13 00:35:41 ----A---- C:\WINDOWS\system32\vga64k.dll
2008-08-13 00:35:41 ----A---- C:\WINDOWS\system32\vga256.dll
2008-08-13 00:35:41 ----A---- C:\WINDOWS\system32\vga.dll
2008-08-13 00:35:41 ----A---- C:\WINDOWS\system32\vfpodbc.dll
2008-08-13 00:35:41 ----A---- C:\WINDOWS\system32\version.dll
2008-08-13 00:35:40 ----A---- C:\WINDOWS\system32\verifier.exe
2008-08-13 00:35:40 ----A---- C:\WINDOWS\system32\verifier.dll
2008-08-13 00:35:40 ----A---- C:\WINDOWS\system32\ver.dll
2008-08-13 00:35:40 ----A---- C:\WINDOWS\system32\vdmredir.dll
2008-08-13 00:35:40 ----A---- C:\WINDOWS\system32\vdmdbg.dll
2008-08-13 00:35:40 ----A---- C:\WINDOWS\system32\vcdex.dll
2008-08-13 00:35:40 ----A---- C:\WINDOWS\system32\vbscript.dll
2008-08-13 00:35:40 ----A---- C:\WINDOWS\system32\vbajet32.dll
2008-08-13 00:35:31 ----A---- C:\WINDOWS\system32\uxtheme.dll
2008-08-13 00:35:31 ----A---- C:\WINDOWS\system32\utilman.exe
2008-08-13 00:35:31 ----A---- C:\WINDOWS\system32\utildll.dll
2008-08-13 00:35:31 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-08-13 00:35:31 ----A---- C:\WINDOWS\system32\usp10.dll
2008-08-13 00:35:30 ----A---- C:\WINDOWS\system32\userinit.exe
2008-08-13 00:35:30 ----A---- C:\WINDOWS\system32\userenv.dll
2008-08-13 00:35:30 ----A---- C:\WINDOWS\system32\user.exe
2008-08-13 00:35:29 ----A---- C:\WINDOWS\system32\usbmon.dll
2008-08-13 00:35:29 ----A---- C:\WINDOWS\system32\url.dll
2008-08-13 00:35:29 ----A---- C:\WINDOWS\system32\ureg.dll
2008-08-13 00:35:29 ----A---- C:\WINDOWS\system32\ups.exe
2008-08-13 00:35:29 ----A---- C:\WINDOWS\system32\upnpui.dll
2008-08-13 00:35:29 ----A---- C:\WINDOWS\system32\upnphost.dll
2008-08-13 00:35:29 ----A---- C:\WINDOWS\system32\upnpcont.exe
2008-08-13 00:35:29 ----A---- C:\WINDOWS\system32\upnp.dll
2008-08-13 00:35:28 ----A---- C:\WINDOWS\system32\untfs.dll
2008-08-13 00:35:28 ----A---- C:\WINDOWS\system32\unlodctr.exe
2008-08-13 00:35:28 ----A---- C:\WINDOWS\system32\uniplat.dll
2008-08-13 00:35:28 ----A---- C:\WINDOWS\system32\unimdmat.dll
2008-08-13 00:35:28 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2008-08-13 00:35:28 ----A---- C:\WINDOWS\system32\umdmxfrm.dll
2008-08-13 00:35:28 ----A---- C:\WINDOWS\system32\umandlg.dll
2008-08-13 00:35:28 ----A---- C:\WINDOWS\system32\ulib.dll
2008-08-13 00:35:28 ----A---- C:\WINDOWS\system32\ufat.dll
2008-08-13 00:35:28 ----A---- C:\WINDOWS\system32\udhisapi.dll
2008-08-13 00:35:28 ----A---- C:\WINDOWS\system32\typeperf.exe
2008-08-13 00:35:28 ----A---- C:\WINDOWS\system32\typelib.dll
2008-08-13 00:35:27 ----A---- C:\WINDOWS\twunk_32.exe
2008-08-13 00:35:27 ----A---- C:\WINDOWS\twunk_16.exe
2008-08-13 00:35:27 ----A---- C:\WINDOWS\twain_32.dll
2008-08-13 00:35:27 ----A---- C:\WINDOWS\twain.dll
2008-08-13 00:35:27 ----A---- C:\WINDOWS\system32\txflog.dll
2008-08-13 00:35:27 ----A---- C:\WINDOWS\system32\twext.dll
2008-08-13 00:35:27 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-08-13 00:35:27 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-08-13 00:35:27 ----A---- C:\WINDOWS\system32\tskill.exe
2008-08-13 00:35:27 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-08-13 00:35:27 ----A---- C:\WINDOWS\system32\tsddd.dll
2008-08-13 00:35:27 ----A---- C:\WINDOWS\system32\tsd32.dll
2008-08-13 00:35:27 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-08-13 00:35:27 ----A---- C:\WINDOWS\system32\tscon.exe
2008-08-13 00:35:27 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-08-13 00:35:27 ----A---- C:\WINDOWS\system32\tsappcmp.dll
2008-08-13 00:35:27 ----A---- C:\WINDOWS\system32\trkwks.dll
2008-08-13 00:35:26 ----A---- C:\WINDOWS\system32\tree.com
2008-08-13 00:35:26 ----A---- C:\WINDOWS\system32\traffic.dll
2008-08-13 00:35:26 ----A---- C:\WINDOWS\system32\tracert6.exe
2008-08-13 00:35:26 ----A---- C:\WINDOWS\system32\tracert.exe
2008-08-13 00:35:26 ----A---- C:\WINDOWS\system32\tracerpt.exe
2008-08-13 00:35:25 ----A---- C:\WINDOWS\system32\tourstart.exe
2008-08-13 00:35:25 ----A---- C:\WINDOWS\system32\toolhelp.dll
2008-08-13 00:35:24 ----A---- C:\WINDOWS\system32\tlntsvrp.dll
2008-08-13 00:35:24 ----A---- C:\WINDOWS\system32\tlntsvr.exe
2008-08-13 00:35:24 ----A---- C:\WINDOWS\system32\tlntsess.exe
2008-08-13 00:35:24 ----A---- C:\WINDOWS\system32\tlntadmn.exe
2008-08-13 00:35:23 ----A---- C:\WINDOWS\system32\themeui.dll
2008-08-13 00:35:23 ----A---- C:\WINDOWS\system32\tftp.exe
2008-08-13 00:35:23 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-08-13 00:35:23 ----A---- C:\WINDOWS\system32\termmgr.dll
2008-08-13 00:35:23 ----A---- C:\WINDOWS\system32\telnet.exe
2008-08-13 00:35:22 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-08-13 00:35:22 ----A---- C:\WINDOWS\system32\tcpsvcs.exe
2008-08-13 00:35:22 ----A---- C:\WINDOWS\system32\tcpmonui.dll
2008-08-13 00:35:22 ----A---- C:\WINDOWS\system32\tcpmon.ini
2008-08-13 00:35:22 ----A---- C:\WINDOWS\system32\tcpmon.dll
2008-08-13 00:35:22 ----A---- C:\WINDOWS\system32\tcpmib.dll
2008-08-13 00:35:22 ----A---- C:\WINDOWS\system32\tcmsetup.exe
2008-08-13 00:35:22 ----A---- C:\WINDOWS\system32\taskmgr.exe
2008-08-13 00:35:22 ----A---- C:\WINDOWS\system32\taskman.exe
2008-08-13 00:35:22 ----A---- C:\WINDOWS\system32\tasklist.exe
2008-08-13 00:35:22 ----A---- C:\WINDOWS\system32\taskkill.exe
2008-08-13 00:35:22 ----A---- C:\WINDOWS\system32\tapiui.dll
2008-08-13 00:35:22 ----A---- C:\WINDOWS\system32\tapisrv.dll
2008-08-13 00:35:22 ----A---- C:\WINDOWS\system32\tapiperf.dll
2008-08-13 00:35:22 ----A---- C:\WINDOWS\system32\tapi32.dll
2008-08-13 00:35:22 ----A---- C:\WINDOWS\system32\tapi3.dll
2008-08-13 00:35:22 ----A---- C:\WINDOWS\system32\tapi.dll
2008-08-13 00:35:21 ----A---- C:\WINDOWS\system32\t2embed.dll
2008-08-13 00:35:21 ----A---- C:\WINDOWS\system32\systray.exe
2008-08-13 00:35:21 ----A---- C:\WINDOWS\system32\syssetup.dll
2008-08-13 00:35:21 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2008-08-13 00:35:20 ----A---- C:\WINDOWS\system32\systeminfo.exe
2008-08-13 00:35:20 ----A---- C:\WINDOWS\system32\syskey.exe
2008-08-13 00:35:20 ----A---- C:\WINDOWS\system32\sysinv.dll
2008-08-13 00:35:20 ----A---- C:\WINDOWS\system32\sysedit.exe
2008-08-13 00:35:20 ----A---- C:\WINDOWS\system32\syncui.dll
2008-08-13 00:35:20 ----A---- C:\WINDOWS\system32\synceng.dll
2008-08-13 00:35:20 ----A---- C:\WINDOWS\system32\syncapp.exe
2008-08-13 00:35:19 ----A---- C:\WINDOWS\system32\sxs.dll
2008-08-13 00:35:19 ----A---- C:\WINDOWS\system32\swprv.dll
2008-08-13 00:35:19 ----A---- C:\WINDOWS\system32\svcpack.dll
2008-08-13 00:35:19 ----A---- C:\WINDOWS\system32\svchost.exe
2008-08-13 00:35:13 ----A---- C:\WINDOWS\system32\subst.exe
2008-08-13 00:35:13 ----A---- C:\WINDOWS\system32\strmfilt.dll
2008-08-13 00:35:13 ----A---- C:\WINDOWS\system32\strmdll.dll
2008-08-13 00:35:13 ----A---- C:\WINDOWS\system32\storage.dll
2008-08-13 00:35:13 ----A---- C:\WINDOWS\system32\stobject.dll
2008-08-13 00:35:13 ----A---- C:\WINDOWS\system32\stimon.exe
2008-08-13 00:35:13 ----A---- C:\WINDOWS\system32\sti_ci.dll
2008-08-13 00:35:13 ----A---- C:\WINDOWS\system32\sti.dll
2008-08-13 00:35:12 ----A---- C:\WINDOWS\system32\stclient.dll
2008-08-13 00:35:12 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2008-08-13 00:35:12 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2008-08-13 00:35:11 ----N---- C:\WINDOWS\system32\sqlunirl.dll
2008-08-13 00:35:11 ----N---- C:\WINDOWS\system32\sqlsrv32.dll
2008-08-13 00:35:11 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-08-13 00:35:11 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-08-13 00:35:11 ----A---- C:\WINDOWS\system32\srclient.dll
2008-08-13 00:35:11 ----A---- C:\WINDOWS\system32\sqlwoa.dll
2008-08-13 00:35:11 ----A---- C:\WINDOWS\system32\sqlwid.dll
2008-08-13 00:35:10 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-08-13 00:35:10 ----A---- C:\WINDOWS\system32\sprestrt.exe
2008-08-13 00:35:07 ----A---- C:\WINDOWS\system32\spoolsv.exe
2008-08-13 00:35:07 ----A---- C:\WINDOWS\system32\spoolss.dll
2008-08-13 00:35:07 ----A---- C:\WINDOWS\system32\spnpinst.exe
2008-08-13 00:35:07 ----A---- C:\WINDOWS\system32\spiisupd.exe
2008-08-13 00:35:07 ----A---- C:\WINDOWS\system32\spider.exe
2008-08-13 00:34:59 ----A---- C:\WINDOWS\system32\sort.exe
2008-08-13 00:34:58 ----A---- C:\WINDOWS\system32\sol.exe
2008-08-13 00:34:58 ----A---- C:\WINDOWS\system32\softpub.dll
2008-08-13 00:34:58 ----A---- C:\WINDOWS\system32\snmpsnap.dll
2008-08-13 00:34:58 ----A---- C:\WINDOWS\system32\snmpapi.dll
2008-08-13 00:34:58 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-08-13 00:34:58 ----A---- C:\WINDOWS\system32\smss.exe
2008-08-13 00:34:57 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2008-08-13 00:34:57 ----A---- C:\WINDOWS\system32\smlogcfg.dll
2008-08-13 00:34:57 ----A---- C:\WINDOWS\system32\smbinst.exe
2008-08-13 00:34:56 ----A---- C:\WINDOWS\system32\slbrccsp.dll
2008-08-13 00:34:56 ----A---- C:\WINDOWS\system32\slbiop.dll
2008-08-13 00:34:56 ----A---- C:\WINDOWS\system32\slbcsp.dll
2008-08-13 00:34:56 ----A---- C:\WINDOWS\system32\slayerxp.dll
2008-08-13 00:34:56 ----A---- C:\WINDOWS\system32\skeys.exe
2008-08-13 00:34:56 ----A---- C:\WINDOWS\system32\skdll.dll
2008-08-13 00:34:56 ----A---- C:\WINDOWS\system32\sisbkup.dll
2008-08-13 00:34:56 ----A---- C:\WINDOWS\system32\sigverif.exe
2008-08-13 00:34:56 ----A---- C:\WINDOWS\system32\sigtab.dll
2008-08-13 00:34:55 ----A---- C:\WINDOWS\system32\shutdown.exe
2008-08-13 00:34:55 ----A---- C:\WINDOWS\system32\shsvcs.dll
2008-08-13 00:34:55 ----A---- C:\WINDOWS\system32\shscrap.dll
2008-08-13 00:34:55 ----A---- C:\WINDOWS\system32\shrpubw.exe
2008-08-13 00:34:55 ----A---- C:\WINDOWS\system32\shmgrate.exe
2008-08-13 00:34:55 ----A---- C:\WINDOWS\system32\shmedia.dll
2008-08-13 00:34:55 ----A---- C:\WINDOWS\system32\shimgvw.dll
2008-08-13 00:34:55 ----A---- C:\WINDOWS\system32\shimeng.dll
2008-08-13 00:34:55 ----A---- C:\WINDOWS\system32\shgina.dll
2008-08-13 00:34:55 ----A---- C:\WINDOWS\system32\shfolder.dll
2008-08-13 00:34:54 ----A---- C:\WINDOWS\system32\shell.dll
2008-08-13 00:34:54 ----A---- C:\WINDOWS\system32\shdoclc.dll
2008-08-13 00:34:54 ----A---- C:\WINDOWS\system32\share.exe
2008-08-13 00:34:54 ----A---- C:\WINDOWS\system32\shadow.exe
2008-08-13 00:34:54 ----A---- C:\WINDOWS\system32\sfmapi.dll
2008-08-13 00:34:54 ----A---- C:\WINDOWS\system32\sfcfiles.dll
2008-08-13 00:34:54 ----A---- C:\WINDOWS\system32\sfc_os.dll
2008-08-13 00:34:54 ----A---- C:\WINDOWS\system32\sfc.exe
2008-08-13 00:34:54 ----A---- C:\WINDOWS\system32\sfc.dll
2008-08-13 00:34:54 ----A---- C:\WINDOWS\system32\setver.exe
2008-08-13 00:34:52 ----A---- C:\WINDOWS\system32\setupdll.dll
2008-08-13 00:34:52 ----A---- C:\WINDOWS\system32\setupapi.dll
2008-08-13 00:34:52 ----A---- C:\WINDOWS\system32\setup.exe
2008-08-13 00:34:52 ----A---- C:\WINDOWS\system32\sethc.exe
2008-08-13 00:34:52 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-08-13 00:34:52 ----A---- C:\WINDOWS\system32\serwvdrv.dll
2008-08-13 00:34:52 ----A---- C:\WINDOWS\system32\services.msc
2008-08-13 00:34:52 ----A---- C:\WINDOWS\system32\services.exe
2008-08-13 00:34:52 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-08-13 00:34:52 ----A---- C:\WINDOWS\system32\serialui.dll
2008-08-13 00:34:52 ----A---- C:\WINDOWS\system32\senscfg.dll
2008-08-13 00:34:52 ----A---- C:\WINDOWS\system32\sensapi.dll
2008-08-13 00:34:51 ----A---- C:\WINDOWS\system32\sens.dll
2008-08-13 00:34:51 ----A---- C:\WINDOWS\system32\sendmail.dll
2008-08-13 00:34:51 ----A---- C:\WINDOWS\system32\sendcmsg.dll
2008-08-13 00:34:51 ----A---- C:\WINDOWS\system32\security.dll
2008-08-13 00:34:51 ----A---- C:\WINDOWS\system32\secur32.dll
2008-08-13 00:34:51 ----A---- C:\WINDOWS\system32\secpol.msc
2008-08-13 00:34:51 ----A---- C:\WINDOWS\system32\seclogon.dll
2008-08-13 00:34:51 ----A---- C:\WINDOWS\system32\secedit.exe
2008-08-13 00:34:51 ----A---- C:\WINDOWS\system32\sdpblb.dll
2008-08-13 00:34:51 ----A---- C:\WINDOWS\system32\sdhcinst.dll
2008-08-13 00:34:51 ----A---- C:\WINDOWS\system32\sdbinst.exe
2008-08-13 00:34:51 ----A---- C:\WINDOWS\system32\scrrun.dll
2008-08-13 00:34:51 ----A---- C:\WINDOWS\system32\scrobj.dll
2008-08-13 00:34:51 ----A---- C:\WINDOWS\system32\scriptpw.dll
2008-08-13 00:34:51 ----A---- C:\WINDOWS\system32\scredir.dll
2008-08-13 00:34:51 ----A---- C:\WINDOWS\system32\sclgntfy.dll
2008-08-13 00:34:51 ----A---- C:\WINDOWS\system32\schtasks.exe
2008-08-13 00:34:50 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-08-13 00:34:50 ----A---- C:\WINDOWS\system32\schannel.dll
2008-08-13 00:34:50 ----A---- C:\WINDOWS\system32\scesrv.dll
2008-08-13 00:34:50 ----A---- C:\WINDOWS\system32\scecli.dll
2008-08-13 00:34:50 ----A---- C:\WINDOWS\system32\sccsccp.dll
2008-08-13 00:34:50 ----A---- C:\WINDOWS\system32\sccbase.dll
2008-08-13 00:34:50 ----A---- C:\WINDOWS\system32\scardsvr.exe
2008-08-13 00:34:50 ----A---- C:\WINDOWS\system32\scardssp.dll
2008-08-13 00:34:50 ----A---- C:\WINDOWS\system32\scarddlg.dll
2008-08-13 00:34:50 ----A---- C:\WINDOWS\system32\sc.exe
2008-08-13 00:34:50 ----A---- C:\WINDOWS\system32\sbeio.dll
2008-08-13 00:34:50 ----A---- C:\WINDOWS\system32\savedump.exe
2008-08-13 00:34:50 ----A---- C:\WINDOWS\system32\samsrv.dll
2008-08-13 00:34:50 ----A---- C:\WINDOWS\system32\samlib.dll
2008-08-13 00:34:49 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-08-13 00:34:49 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-08-13 00:34:49 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-08-13 00:34:49 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-08-13 00:34:48 ----R---- C:\WINDOWS\system32\rsop.msc
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\runonce.exe
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\rundll32.exe
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\runas.exe
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\rtutils.dll
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\rtm.dll
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\rtipxmib.dll
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\rtcshare.exe
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\rsvpsp.dll
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\rsvpperf.dll
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\rsvpmsg.dll
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\rsvp.ini
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\rsvp.exe
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\rsopprov.exe
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\rsnotify.exe
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\rsmui.exe
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\rsmsink.exe
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\rsmps.dll
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\rsm.exe
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\rshx32.dll
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\rsh.exe
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\rsfsaps.dll
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\rsaenh.dll
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2008-08-13 00:34:48 ----A---- C:\WINDOWS\system32\rpcns4.dll
2008-08-13 00:34:47 ----A---- C:\WINDOWS\system32\routetab.dll
2008-08-13 00:34:47 ----A---- C:\WINDOWS\system32\routemon.exe
2008-08-13 00:34:47 ----A---- C:\WINDOWS\system32\route.exe
2008-08-13 00:34:47 ----A---- C:\WINDOWS\system32\rnr20.dll
2008-08-13 00:34:47 ----A---- C:\WINDOWS\system32\riched32.dll
2008-08-13 00:34:47 ----A---- C:\WINDOWS\system32\riched20.dll
2008-08-13 00:34:47 ----A---- C:\WINDOWS\system32\rexec.exe
2008-08-13 00:34:47 ----A---- C:\WINDOWS\system32\resutils.dll
2008-08-13 00:34:47 ----A---- C:\WINDOWS\system32\reset.exe
2008-08-13 00:34:47 ----A---- C:\WINDOWS\system32\replace.exe
2008-08-13 00:34:46 ----A---- C:\WINDOWS\system32\rend.dll
2008-08-13 00:34:46 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-08-13 00:34:46 ----A---- C:\WINDOWS\system32\relog.exe
2008-08-13 00:34:46 ----A---- C:\WINDOWS\system32\regwizc.dll
2008-08-13 00:34:46 ----A---- C:\WINDOWS\system32\regwiz.exe
2008-08-13 00:34:46 ----A---- C:\WINDOWS\system32\regsvr32.exe
2008-08-13 00:34:46 ----A---- C:\WINDOWS\system32\regsvc.dll
2008-08-13 00:34:46 ----A---- C:\WINDOWS\system32\regini.exe
2008-08-13 00:34:46 ----A---- C:\WINDOWS\system32\regedt32.exe
2008-08-13 00:34:46 ----A---- C:\WINDOWS\system32\regapi.dll
2008-08-13 00:34:46 ----A---- C:\WINDOWS\system32\reg.exe
2008-08-13 00:34:46 ----A---- C:\WINDOWS\system32\redir.exe
2008-08-13 00:34:46 ----A---- C:\WINDOWS\system32\recover.exe
2008-08-13 00:34:46 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-08-13 00:34:46 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-08-13 00:34:46 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-08-13 00:34:46 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-08-13 00:34:46 ----A---- C:\WINDOWS\system32\rdpdd.dll
2008-08-13 00:34:46 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-08-13 00:34:46 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-08-13 00:34:46 ----A---- C:\WINDOWS\regedit.exe
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rcp.exe
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rcimlby.exe
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rcbdyctl.dll
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rastls.dll
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rastapi.dll
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rasser.dll
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rassapi.dll
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rasrad.dll
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rasppp.dll
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rasphone.exe
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rasmxs.dll
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rasmontr.dll
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rasmans.dll
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rasman.dll
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rasdlg.dll
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rasdial.exe
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rasctrs.ini
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rasctrs.dll
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\raschap.dll
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rasautou.exe
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rasauto.dll
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rasapi32.dll
2008-08-13 00:34:45 ----A---- C:\WINDOWS\system32\rasadhlp.dll
2008-08-13 00:34:44 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-08-13 00:34:44 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-08-13 00:34:44 ----A---- C:\WINDOWS\system32\query.dll
2008-08-13 00:34:44 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-08-13 00:34:44 ----A---- C:\WINDOWS\system32\qosname.dll
2008-08-13 00:34:44 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-08-13 00:34:44 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-08-13 00:34:43 ----A---- C:\WINDOWS\system32\qedwipes.dll
2008-08-13 00:34:43 ----A---- C:\WINDOWS\system32\qedit.dll
2008-08-13 00:34:43 ----A---- C:\WINDOWS\system32\qdvd.dll
2008-08-13 00:34:43 ----A---- C:\WINDOWS\system32\qdv.dll
2008-08-13 00:34:43 ----A---- C:\WINDOWS\system32\qcap.dll
2008-08-13 00:34:43 ----A---- C:\WINDOWS\system32\qasf.dll
2008-08-13 00:34:43 ----A---- C:\WINDOWS\system32\qasf(2).dll
2008-08-13 00:34:43 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-08-13 00:34:43 ----A---- C:\WINDOWS\system32\pubprn.vbs
2008-08-13 00:34:43 ----A---- C:\WINDOWS\system32\pstorsvc.dll
2008-08-13 00:34:43 ----A---- C:\WINDOWS\system32\pstorec.dll
2008-08-13 00:34:43 ----A---- C:\WINDOWS\system32\psnppagn.dll
2008-08-13 00:34:43 ----A---- C:\WINDOWS\system32\pschdprf.ini
2008-08-13 00:34:43 ----A---- C:\WINDOWS\system32\pschdprf.dll
2008-08-13 00:34:43 ----A---- C:\WINDOWS\system32\psbase.dll
2008-08-13 00:34:43 ----A---- C:\WINDOWS\system32\psapi.dll
2008-08-13 00:34:42 ----A---- C:\WINDOWS\system32\proxycfg.exe
2008-08-13 00:34:42 ----A---- C:\WINDOWS\system32\proquota.exe
2008-08-13 00:34:42 ----A---- C:\WINDOWS\system32\progman.exe
2008-08-13 00:34:42 ----A---- C:\WINDOWS\system32\profmap.dll
2008-08-13 00:34:42 ----A---- C:\WINDOWS\system32\prodspec.ini
2008-08-13 00:34:37 ----A---- C:\WINDOWS\system32\prnqctl.vbs
2008-08-13 00:34:37 ----A---- C:\WINDOWS\system32\prnport.vbs
2008-08-13 00:34:37 ----A---- C:\WINDOWS\system32\prnmngr.vbs
2008-08-13 00:34:37 ----A---- C:\WINDOWS\system32\prnjobs.vbs
2008-08-13 00:34:37 ----A---- C:\WINDOWS\system32\prndrvr.vbs
2008-08-13 00:34:37 ----A---- C:\WINDOWS\system32\prncnfg.vbs
2008-08-13 00:34:36 ----N---- C:\WINDOWS\system32\pngfilt.dll
2008-08-13 00:34:36 ----A---- C:\WINDOWS\system32\printui.dll
2008-08-13 00:34:36 ----A---- C:\WINDOWS\system32\print.exe
2008-08-13 00:34:36 ----A---- C:\WINDOWS\system32\prflbmsg.dll
2008-08-13 00:34:36 ----A---- C:\WINDOWS\system32\powrprof.dll
2008-08-13 00:34:36 ----A---- C:\WINDOWS\system32\powercfg.exe
2008-08-13 00:34:36 ----A---- C:\WINDOWS\system32\polstore.dll
2008-08-13 00:34:36 ----A---- C:\WINDOWS\system32\pnrpnsp.dll
2008-08-13 00:34:36 ----A---- C:\WINDOWS\system32\pmspl.dll
2008-08-13 00:34:35 ----R---- C:\WINDOWS\system32\perfmon.msc
2008-08-13 00:34:35 ----A---- C:\WINDOWS\system32\plustab.dll
2008-08-13 00:34:35 ----A---- C:\WINDOWS\system32\ping6.exe
2008-08-13 00:34:35 ----A---- C:\WINDOWS\system32\ping.exe
2008-08-13 00:34:35 ----A---- C:\WINDOWS\system32\pifmgr.dll
2008-08-13 00:34:35 ----A---- C:\WINDOWS\system32\pidgen.dll
2008-08-13 00:34:35 ----A---- C:\WINDOWS\system32\photowiz.dll
2008-08-13 00:34:35 ----A---- C:\WINDOWS\system32\perfwci.ini
2008-08-13 00:34:35 ----A---- C:\WINDOWS\system32\perfts.dll
2008-08-13 00:34:35 ----A---- C:\WINDOWS\system32\perfproc.dll
2008-08-13 00:34:35 ----A---- C:\WINDOWS\system32\perfos.dll
2008-08-13 00:34:35 ----A---- C:\WINDOWS\system32\perfnw.dll
2008-08-13 00:34:35 ----A---- C:\WINDOWS\system32\perfnet.dll
2008-08-13 00:34:35 ----A---- C:\WINDOWS\system32\perfmon.exe
2008-08-13 00:34:35 ----A---- C:\WINDOWS\system32\perffilt.ini
2008-08-13 00:34:34 ----A---- C:\WINDOWS\system32\perfdisk.dll
2008-08-13 00:34:34 ----A---- C:\WINDOWS\system32\perfctrs.dll
2008-08-13 00:34:34 ----A---- C:\WINDOWS\system32\perfci.ini
2008-08-13 00:34:34 ----A---- C:\WINDOWS\system32\pentnt.exe
2008-08-13 00:34:34 ----A---- C:\WINDOWS\system32\pdh.dll
2008-08-13 00:34:33 ----A---- C:\WINDOWS\system32\pautoenr.dll
2008-08-13 00:34:33 ----A---- C:\WINDOWS\system32\pathping.exe
2008-08-13 00:34:33 ----A---- C:\WINDOWS\system32\panmap.dll
2008-08-13 00:34:32 ----A---- C:\WINDOWS\system32\pagefileconfig.vbs
2008-08-13 00:34:32 ----A---- C:\WINDOWS\system32\packager.exe
2008-08-13 00:34:32 ----A---- C:\WINDOWS\system32\p2psvc.dll
2008-08-13 00:34:32 ----A---- C:\WINDOWS\system32\p2pnetsh.dll
2008-08-13 00:34:32 ----A---- C:\WINDOWS\system32\p2pgraph.dll
2008-08-13 00:34:32 ----A---- C:\WINDOWS\system32\p2pgasvc.dll
2008-08-13 00:34:32 ----A---- C:\WINDOWS\system32\p2p.dll
2008-08-13 00:34:31 ----A---- C:\WINDOWS\system32\osuninst.exe
2008-08-13 00:34:31 ----A---- C:\WINDOWS\system32\osuninst.dll
2008-08-13 00:34:31 ----A---- C:\WINDOWS\system32\osk.exe
2008-08-13 00:34:31 ----A---- C:\WINDOWS\system32\opengl32.dll
2008-08-13 00:34:31 ----A---- C:\WINDOWS\system32\openfiles.exe
2008-08-13 00:34:31 ----A---- C:\WINDOWS\system32\olethk32.dll
2008-08-13 00:34:31 ----A---- C:\WINDOWS\system32\olesvr32.dll
2008-08-13 00:34:31 ----A---- C:\WINDOWS\system32\olesvr.dll
2008-08-13 00:34:31 ----A---- C:\WINDOWS\system32\olepro32.dll
2008-08-13 00:34:31 ----A---- C:\WINDOWS\system32\oleprn.dll
2008-08-13 00:34:31 ----A---- C:\WINDOWS\system32\oledlg.dll
2008-08-13 00:34:31 ----A---- C:\WINDOWS\system32\olecli.dll
2008-08-13 00:34:31 ----A---- C:\WINDOWS\system32\oleaut32.dll
2008-08-13 00:34:31 ----A---- C:\WINDOWS\system32\oleaccrc.dll
2008-08-13 00:34:31 ----A---- C:\WINDOWS\system32\oleacc.dll
2008-08-13 00:34:30 ----A---- C:\WINDOWS\system32\ole2nls.dll
2008-08-13 00:34:30 ----A---- C:\WINDOWS\system32\ole2disp.dll
2008-08-13 00:34:30 ----A---- C:\WINDOWS\system32\ole2.dll
2008-08-13 00:34:30 ----A---- C:\WINDOWS\system32\offfilt.dll
2008-08-13 00:34:25 ----A---- C:\WINDOWS\system32\odtext32.dll
2008-08-13 00:34:25 ----A---- C:\WINDOWS\system32\odpdx32.dll
2008-08-13 00:34:25 ----A---- C:\WINDOWS\system32\odfox32.dll
2008-08-13 00:34:25 ----A---- C:\WINDOWS\system32\odexl32.dll
2008-08-13 00:34:25 ----A---- C:\WINDOWS\system32\oddbse32.dll
2008-08-13 00:34:25 ----A---- C:\WINDOWS\system32\odbctrac.dll
2008-08-13 00:34:25 ----A---- C:\WINDOWS\system32\odbcp32r.dll
2008-08-13 00:34:25 ----A---- C:\WINDOWS\system32\odbcjt32.dll
2008-08-13 00:34:24 ----N---- C:\WINDOWS\system32\odbcbcp.dll
2008-08-13 00:34:24 ----N---- C:\WINDOWS\system32\occache.dll
2008-08-13 00:34:24 ----A---- C:\WINDOWS\system32\odbcji32.dll
2008-08-13 00:34:24 ----A---- C:\WINDOWS\system32\odbcint.dll
2008-08-13 00:34:24 ----A---- C:\WINDOWS\system32\odbccu32.dll
2008-08-13 00:34:24 ----A---- C:\WINDOWS\system32\odbccr32.dll
2008-08-13 00:34:24 ----A---- C:\WINDOWS\system32\odbccp32.dll
2008-08-13 00:34:24 ----A---- C:\WINDOWS\system32\odbcconf.exe
2008-08-13 00:34:24 ----A---- C:\WINDOWS\system32\odbcconf.dll
2008-08-13 00:34:24 ----A---- C:\WINDOWS\system32\odbcad32.exe
2008-08-13 00:34:24 ----A---- C:\WINDOWS\system32\odbc32gt.dll
2008-08-13 00:34:24 ----A---- C:\WINDOWS\system32\odbc32.dll
2008-08-13 00:34:24 ----A---- C:\WINDOWS\system32\odbc16gt.dll
2008-08-13 00:34:24 ----A---- C:\WINDOWS\system32\ocmanage.dll
2008-08-13 00:34:23 ----RA---- C:\WINDOWS\system32\nwprovau.dll
2008-08-13 00:34:23 ----A---- C:\WINDOWS\system32\objsel.dll
2008-08-13 00:34:23 ----A---- C:\WINDOWS\system32\oakley.dll
2008-08-13 00:34:23 ----A---- C:\WINDOWS\system32\nwwks.dll
2008-08-13 00:34:23 ----A---- C:\WINDOWS\system32\nwscript.exe
2008-08-13 00:34:23 ----A---- C:\WINDOWS\system32\nwevent.dll
2008-08-13 00:34:23 ----A---- C:\WINDOWS\system32\nwcfg.dll
2008-08-13 00:34:23 ----A---- C:\WINDOWS\system32\nwapi32.dll
2008-08-13 00:34:23 ----A---- C:\WINDOWS\system32\nwapi16.dll
2008-08-13 00:34:23 ----A---- C:\WINDOWS\system32\nw16.exe
2008-08-13 00:34:23 ----A---- C:\WINDOWS\system32\ntvdmd.dll
2008-08-13 00:34:22 ----A---- C:\WINDOWS\system32\ntvdm.exe
2008-08-13 00:34:22 ----A---- C:\WINDOWS\system32\ntshrui.dll
2008-08-13 00:34:22 ----A---- C:\WINDOWS\system32\ntsdexts.dll
2008-08-13 00:34:22 ----A---- C:\WINDOWS\system32\ntsd.exe
2008-08-13 00:34:22 ----A---- C:\WINDOWS\system32\ntprint.dll
2008-08-13 00:34:21 ----A---- C:\WINDOWS\system32\ntmssvc.dll
2008-08-13 00:34:21 ----A---- C:\WINDOWS\system32\ntmsoprq.msc
2008-08-13 00:34:21 ----A---- C:\WINDOWS\system32\ntmsmgr.msc
2008-08-13 00:34:21 ----A---- C:\WINDOWS\system32\ntmsmgr.dll
2008-08-13 00:34:21 ----A---- C:\WINDOWS\system32\ntmsevt.dll
2008-08-13 00:34:21 ----A---- C:\WINDOWS\system32\ntmsdba.dll
2008-08-13 00:34:21 ----A---- C:\WINDOWS\system32\ntmsapi.dll
2008-08-13 00:34:21 ----A---- C:\WINDOWS\system32\ntmarta.dll
2008-08-13 00:34:20 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2008-08-13 00:34:20 ----A---- C:\WINDOWS\system32\ntlanui2.dll
2008-08-13 00:34:20 ----A---- C:\WINDOWS\system32\ntlanui.dll
2008-08-13 00:34:20 ----A---- C:\WINDOWS\system32\ntlanman.dll
2008-08-13 00:34:19 ----A---- C:\WINDOWS\system32\ntdsbcli.dll
2008-08-13 00:34:19 ----A---- C:\WINDOWS\system32\ntdsapi.dll
2008-08-13 00:34:19 ----A---- C:\WINDOWS\system32\ntdll.dll
2008-08-13 00:34:18 ----A---- C:\WINDOWS\system32\ntbackup.exe
2008-08-13 00:34:17 ----A---- C:\WINDOWS\system32\nslookup.exe
2008-08-13 00:34:17 ----A---- C:\WINDOWS\system32\npptools.dll
2008-08-13 00:34:17 ----A---- C:\WINDOWS\system32\notepad.exe
2008-08-13 00:34:17 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-08-13 00:34:17 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-08-13 00:34:17 ----A---- C:\WINDOWS\notepad.exe
2008-08-13 00:34:16 ----A---- C:\WINDOWS\system32\nlsfunc.exe
2008-08-13 00:34:16 ----A---- C:\WINDOWS\system32\nlhtml.dll
2008-08-13 00:34:15 ----A---- C:\WINDOWS\system32\newdev.dll
2008-08-13 00:34:15 ----A---- C:\WINDOWS\system32\netui2.dll
2008-08-13 00:34:15 ----A---- C:\WINDOWS\system32\netui1.dll
2008-08-13 00:34:15 ----A---- C:\WINDOWS\system32\netui0.dll
2008-08-13 00:34:14 ----A---- C:\WINDOWS\system32\netstat.exe
2008-08-13 00:34:14 ----A---- C:\WINDOWS\system32\netshell.dll
2008-08-13 00:34:14 ----A---- C:\WINDOWS\system32\netsh.exe
2008-08-13 00:34:14 ----A---- C:\WINDOWS\system32\netsetup.exe
2008-08-13 00:34:14 ----A---- C:\WINDOWS\system32\netrap.dll
2008-08-13 00:34:14 ----A---- C:\WINDOWS\system32\netplwiz.dll
2008-08-13 00:34:14 ----A---- C:\WINDOWS\system32\netmsg.dll
2008-08-13 00:34:14 ----A---- C:\WINDOWS\system32\netman.dll
2008-08-13 00:34:14 ----A---- C:\WINDOWS\system32\netlogon.dll
2008-08-13 00:34:13 ----A---- C:\WINDOWS\system32\netid.dll
2008-08-13 00:34:13 ----A---- C:\WINDOWS\system32\neth.dll
2008-08-13 00:34:13 ----A---- C:\WINDOWS\system32\netevent.dll
2008-08-13 00:34:13 ----A---- C:\WINDOWS\system32\netdde.exe
2008-08-13 00:34:13 ----A---- C:\WINDOWS\system32\netcfgx.dll
2008-08-13 00:34:12 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-08-13 00:34:12 ----A---- C:\WINDOWS\system32\netapi.dll
2008-08-13 00:34:12 ----A---- C:\WINDOWS\system32\net1.exe
2008-08-13 00:34:12 ----A---- C:\WINDOWS\system32\net.exe
2008-08-13 00:34:12 ----A---- C:\WINDOWS\system32\nddenb32.dll
2008-08-13 00:34:12 ----A---- C:\WINDOWS\system32\nddeapir.exe
2008-08-13 00:34:12 ----A---- C:\WINDOWS\system32\nddeapi.dll
2008-08-13 00:34:12 ----A---- C:\WINDOWS\system32\ncxpnt.dll
2008-08-13 00:34:12 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2008-08-13 00:34:12 ----A---- C:\WINDOWS\system32\nbtstat.exe
2008-08-13 00:34:11 ----A---- C:\WINDOWS\system32\narrhook.dll
2008-08-13 00:34:11 ----A---- C:\WINDOWS\system32\narrator.exe
2008-08-13 00:34:11 ----A---- C:\WINDOWS\system32\mydocs.dll
2008-08-13 00:34:11 ----A---- C:\WINDOWS\system32\mycomput.dll
2008-08-13 00:34:10 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-08-13 00:34:10 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-08-13 00:34:10 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-08-13 00:34:10 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-08-13 00:34:10 ----A---- C:\WINDOWS\system32\mtxclu.dll
2008-08-13 00:34:09 ----A---- C:\WINDOWS\system32\msxmlr.dll
2008-08-13 00:34:09 ----A---- C:\WINDOWS\system32\msxml3r.dll
2008-08-13 00:34:09 ----A---- C:\WINDOWS\system32\msxml3.dll
2008-08-13 00:34:09 ----A---- C:\WINDOWS\system32\msxml2r.dll
2008-08-13 00:34:09 ----A---- C:\WINDOWS\system32\msxml2.dll
2008-08-13 00:34:09 ----A---- C:\WINDOWS\system32\msxml.dll
2008-08-13 00:34:09 ----A---- C:\WINDOWS\system32\msxbde40.dll
2008-08-13 00:34:08 ----A---- C:\WINDOWS\system32\mswstr10.dll
2008-08-13 00:34:08 ----A---- C:\WINDOWS\system32\mswsock.dll
2008-08-13 00:34:08 ----A---- C:\WINDOWS\system32\mswmdm.dll
2008-08-13 00:34:08 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2008-08-13 00:34:08 ----A---- C:\WINDOWS\system32\mswdat10.dll
2008-08-13 00:34:08 ----A---- C:\WINDOWS\system32\msw3prt.dll
2008-08-13 00:34:08 ----A---- C:\WINDOWS\system32\msvideo.dll
2008-08-13 00:34:07 ----N---- C:\WINDOWS\system32\msvcp60.dll
2008-08-13 00:34:07 ----A---- C:\WINDOWS\system32\msvidc32.dll
2008-08-13 00:34:07 ----A---- C:\WINDOWS\system32\msvfw32.dll
2008-08-13 00:34:07 ----A---- C:\WINDOWS\system32\msvcrt40.dll
2008-08-13 00:34:07 ----A---- C:\WINDOWS\system32\msvcrt20.dll
2008-08-13 00:34:07 ----A---- C:\WINDOWS\system32\msvcrt.dll
2008-08-13 00:34:07 ----A---- C:\WINDOWS\system32\msvcp50.dll
2008-08-13 00:34:07 ----A---- C:\WINDOWS\system32\msvcirt.dll
2008-08-13 00:34:07 ----A---- C:\WINDOWS\system32\msvbvm60.dll
2008-08-13 00:34:07 ----A---- C:\WINDOWS\system32\msvbvm50.dll
2008-08-13 00:34:07 ----A---- C:\WINDOWS\system32\msv1_0.dll
2008-08-13 00:34:07 ----A---- C:\WINDOWS\system32\msutb.dll
2008-08-13 00:34:06 ----N---- C:\WINDOWS\system32\mstime.dll
2008-08-13 00:34:06 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-08-13 00:34:06 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-08-13 00:34:06 ----A---- C:\WINDOWS\system32\mstlsapi.dll
2008-08-13 00:34:06 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-08-13 00:34:06 ----A---- C:\WINDOWS\system32\mstext40.dll
2008-08-13 00:34:06 ----A---- C:\WINDOWS\system32\mstask.dll
2008-08-13 00:34:06 ----A---- C:\WINDOWS\system32\msswchx.exe
2008-08-13 00:34:06 ----A---- C:\WINDOWS\system32\msswch.dll
2008-08-13 00:34:06 ----A---- C:\WINDOWS\system32\mssip32.dll
2008-08-13 00:34:06 ----A---- C:\WINDOWS\system32\mssign32.dll
2008-08-13 00:34:06 ----A---- C:\WINDOWS\system32\msscp.dll
2008-08-13 00:34:06 ----A---- C:\WINDOWS\system32\mssap.dll
2008-08-13 00:34:06 ----A---- C:\WINDOWS\system32\msrle32.dll
2008-08-13 00:34:05 ----A---- C:\WINDOWS\system32\msrepl40.dll
2008-08-13 00:34:05 ----A---- C:\WINDOWS\system32\msrecr40.dll
2008-08-13 00:34:05 ----A---- C:\WINDOWS\system32\msrd3x40.dll
2008-08-13 00:34:05 ----A---- C:\WINDOWS\system32\msrd2x40.dll
2008-08-13 00:34:05 ----A---- C:\WINDOWS\system32\msrclr40.dll
2008-08-13 00:34:05 ----A---- C:\WINDOWS\system32\msratelc.dll
2008-08-13 00:34:05 ----A---- C:\WINDOWS\system32\msr2cenu.dll
2008-08-13 00:34:05 ----A---- C:\WINDOWS\system32\msr2c.dll
2008-08-13 00:34:05 ----A---- C:\WINDOWS\system32\msprivs.dll
2008-08-13 00:34:05 ----A---- C:\WINDOWS\system32\msports.dll
2008-08-13 00:34:05 ----A---- C:\WINDOWS\system32\mspmsp.dll
2008-08-13 00:34:05 ----A---- C:\WINDOWS\system32\mspmsnsv.dll
2008-08-13 00:34:05 ----A---- C:\WINDOWS\system32\mspbde40.dll
2008-08-13 00:34:05 ----A---- C:\WINDOWS\system32\mspatcha.dll
2008-08-13 00:34:05 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-08-13 00:34:05 ----A---- C:\WINDOWS\system32\msorcl32.dll
2008-08-13 00:34:05 ----A---- C:\WINDOWS\system32\msorc32r.dll
2008-08-13 00:34:05 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-08-13 00:34:04 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-08-13 00:34:03 ----A---- C:\WINDOWS\system32\msobjs.dll
2008-08-13 00:34:03 ----A---- C:\WINDOWS\system32\msnsspc.dll
2008-08-13 00:34:01 ----A---- C:\WINDOWS\system32\msnetobj.dll
2008-08-13 00:33:56 ----A---- C:\WINDOWS\system32\msltus40.dll
2008-08-13 00:33:56 ----A---- C:\WINDOWS\system32\msls31.dll
2008-08-13 00:33:56 ----A---- C:\WINDOWS\system32\mslbui.dll
2008-08-13 00:33:56 ----A---- C:\WINDOWS\system32\msjtes40.dll
2008-08-13 00:33:56 ----A---- C:\WINDOWS\system32\msjter40.dll
2008-08-13 00:33:56 ----A---- C:\WINDOWS\system32\msjint40.dll
2008-08-13 00:33:56 ----A---- C:\WINDOWS\system32\msjetoledb40.dll
2008-08-13 00:33:56 ----A---- C:\WINDOWS\system32\msjet40.dll
2008-08-13 00:33:55 ----A---- C:\WINDOWS\system32\msimtf.dll
2008-08-13 00:33:55 ----A---- C:\WINDOWS\system32\msimg32.dll
2008-08-13 00:33:55 ----A---- C:\WINDOWS\system32\msieftp.dll
2008-08-13 00:33:55 ----A---- C:\WINDOWS\system32\msidntld.dll
2008-08-13 00:33:55 ----A---- C:\WINDOWS\system32\msidle.dll
2008-08-13 00:33:55 ----A---- C:\WINDOWS\system32\msident.dll
2008-08-13 00:33:55 ----A---- C:\WINDOWS\system32\mshtmler.dll
2008-08-13 00:33:55 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-08-13 00:33:54 ----A---- C:\WINDOWS\system32\mshta.exe
2008-08-13 00:33:54 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-08-13 00:33:54 ----A---- C:\WINDOWS\system32\msgsvc.dll
2008-08-13 00:33:54 ----A---- C:\WINDOWS\system32\msgina.dll
2008-08-13 00:33:53 ----A---- C:\WINDOWS\system32\msg.exe
2008-08-13 00:33:53 ----A---- C:\WINDOWS\system32\msftedit.dll
2008-08-13 00:33:53 ----A---- C:\WINDOWS\system32\msexcl40.dll
2008-08-13 00:33:53 ----A---- C:\WINDOWS\system32\msexch40.dll
2008-08-13 00:33:53 ----A---- C:\WINDOWS\system32\msencode.dll
2008-08-13 00:33:53 ----A---- C:\WINDOWS\system32\msdxmlc.dll
2008-08-13 00:33:53 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-08-13 00:33:52 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-08-13 00:33:52 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-08-13 00:33:52 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-08-13 00:33:52 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-08-13 00:33:52 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-08-13 00:33:52 ----A---- C:\WINDOWS\system32\msdmo.dll
2008-08-13 00:33:52 ----A---- C:\WINDOWS\system32\msdart.dll
2008-08-13 00:33:52 ----A---- C:\WINDOWS\system32\msdadiag.dll
2008-08-13 00:33:52 ----A---- C:\WINDOWS\system32\msctfp.dll
2008-08-13 00:33:52 ----A---- C:\WINDOWS\system32\msctf.dll
2008-08-13 00:33:52 ----A---- C:\WINDOWS\system32\mscpxl32.dll
2008-08-13 00:33:52 ----A---- C:\WINDOWS\system32\mscpx32r.dll
2008-08-13 00:33:52 ----A---- C:\WINDOWS\msdfmap.ini
2008-08-13 00:33:51 ----A---- C:\WINDOWS\system32\msconf.dll
2008-08-13 00:33:51 ----A---- C:\WINDOWS\system32\mscms.dll
2008-08-13 00:33:51 ----A---- C:\WINDOWS\system32\mscdexnt.exe
2008-08-13 00:33:51 ----A---- C:\WINDOWS\system32\mscat32.dll
2008-08-13 00:33:51 ----A---- C:\WINDOWS\system32\msaudite.dll
2008-08-13 00:33:51 ----A---- C:\WINDOWS\system32\msasn1.dll
2008-08-13 00:33:51 ----A---- C:\WINDOWS\system32\msapsspc.dll
2008-08-13 00:33:50 ----A---- C:\WINDOWS\system32\msafd.dll
2008-08-13 00:33:50 ----A---- C:\WINDOWS\system32\msacm32.dll
2008-08-13 00:33:50 ----A---- C:\WINDOWS\system32\msacm.dll
2008-08-13 00:33:50 ----A---- C:\WINDOWS\system32\msaatext.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mrinfo.exe
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mqutil.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mqupgrd.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mqtrig.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mqtgsvc.exe
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mqsvc.exe
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mqsnap.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mqsec.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mqrtdep.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mqrt.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mqqm.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mqperf.ini
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mqperf.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mqoa.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mqlogmgr.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mqise.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mqgentr.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mqdscli.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mqcertui.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mqbkup.exe
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mqad.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mprui.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mprmsg.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mprdim.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mprddm.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mprapi.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mpr.dll
2008-08-13 00:33:48 ----A---- C:\WINDOWS\system32\mpnotify.exe
2008-08-13 00:33:47 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-08-13 00:33:47 ----A---- C:\WINDOWS\system32\MPG4DMOD.dll
2008-08-13 00:33:47 ----A---- C:\WINDOWS\system32\mpg4dmod(2).dll
2008-08-13 00:33:47 ----A---- C:\WINDOWS\system32\MP4SDMOD.dll
2008-08-13 00:33:47 ----A---- C:\WINDOWS\system32\mp4sdmod(2).dll
2008-08-13 00:33:47 ----A---- C:\WINDOWS\system32\MP43DMOD.dll
2008-08-13 00:33:47 ----A---- C:\WINDOWS\system32\mp43dmod(2).dll
2008-08-13 00:33:46 ----A---- C:\WINDOWS\system32\mountvol.exe
2008-08-13 00:33:46 ----A---- C:\WINDOWS\system32\moricons.dll
2008-08-13 00:33:46 ----A---- C:\WINDOWS\system32\more.com
2008-08-13 00:33:46 ----A---- C:\WINDOWS\system32\modex.dll
2008-08-13 00:33:46 ----A---- C:\WINDOWS\system32\modemui.dll
2008-08-13 00:33:45 ----A---- C:\WINDOWS\system32\mode.com
2008-08-13 00:33:45 ----A---- C:\WINDOWS\system32\mobsync.exe
2008-08-13 00:33:45 ----A---- C:\WINDOWS\system32\mobsync.dll
2008-08-13 00:33:45 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-08-13 00:33:45 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-08-13 00:33:45 ----A---- C:\WINDOWS\system32\mmutilse.dll
2008-08-13 00:33:44 ----A---- C:\WINDOWS\system32\mmsystem.dll
2008-08-13 00:33:44 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-08-13 00:33:44 ----A---- C:\WINDOWS\system32\mmdrv.dll
2008-08-13 00:33:44 ----A---- C:\WINDOWS\system32\mmcshext.dll
2008-08-13 00:33:44 ----A---- C:\WINDOWS\system32\mmcndmgr.dll
2008-08-13 00:33:44 ----A---- C:\WINDOWS\system32\mmcbase.dll
2008-08-13 00:33:44 ----A---- C:\WINDOWS\system32\mmc.exe
2008-08-13 00:33:44 ----A---- C:\WINDOWS\system32\mll_qic.dll
2008-08-13 00:33:44 ----A---- C:\WINDOWS\system32\mll_mtf.dll
2008-08-13 00:33:44 ----A---- C:\WINDOWS\system32\mll_hp.dll
2008-08-13 00:33:44 ----A---- C:\WINDOWS\system32\mlang.dll
2008-08-13 00:33:43 ----A---- C:\WINDOWS\system32\mimefilt.dll
2008-08-13 00:33:43 ----A---- C:\WINDOWS\system32\migpwd.exe
2008-08-13 00:33:43 ----A---- C:\WINDOWS\system32\miglibnt.dll
2008-08-13 00:33:43 ----A---- C:\WINDOWS\system32\midimap.dll
2008-08-13 00:33:43 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2008-08-13 00:33:42 ----A---- C:\WINDOWS\system32\mfcsubs.dll
2008-08-13 00:33:42 ----A---- C:\WINDOWS\system32\mfc42u.dll
2008-08-13 00:33:42 ----A---- C:\WINDOWS\system32\mfc42.dll
2008-08-13 00:33:42 ----A---- C:\WINDOWS\system32\mfc40u.dll
2008-08-13 00:33:42 ----A---- C:\WINDOWS\system32\mfc40.dll
2008-08-13 00:33:42 ----A---- C:\WINDOWS\system32\mf3216.dll
2008-08-13 00:33:41 ----A---- C:\WINDOWS\system32\mem.exe
2008-08-13 00:33:40 ----A---- C:\WINDOWS\system32\mdminst.dll
2008-08-13 00:33:39 ----A---- C:\WINDOWS\system32\mdhcp.dll
2008-08-13 00:33:39 ----A---- C:\WINDOWS\system32\mciwave.dll
2008-08-13 00:33:39 ----A---- C:\WINDOWS\system32\mciseq.dll
2008-08-13 00:33:39 ----A---- C:\WINDOWS\system32\mciqtz32.dll
2008-08-13 00:33:39 ----A---- C:\WINDOWS\system32\mciole32.dll
2008-08-13 00:33:39 ----A---- C:\WINDOWS\system32\mciole16.dll
2008-08-13 00:33:39 ----A---- C:\WINDOWS\system32\mcicda.dll
2008-08-13 00:33:39 ----A---- C:\WINDOWS\system32\mciavi32.dll
2008-08-13 00:33:39 ----A---- C:\WINDOWS\system32\mchgrcoi.dll
2008-08-13 00:33:38 ----A---- C:\WINDOWS\system32\mcdsrv32.dll
2008-08-13 00:33:38 ----A---- C:\WINDOWS\system32\mcd32.dll
2008-08-13 00:33:38 ----A---- C:\WINDOWS\system32\mcastmib.dll
2008-08-13 00:33:38 ----A---- C:\WINDOWS\system32\mapistub.dll
2008-08-13 00:33:38 ----A---- C:\WINDOWS\system32\makecab.exe
2008-08-13 00:33:38 ----A---- C:\WINDOWS\system32\magnify.exe
2008-08-13 00:33:38 ----A---- C:\WINDOWS\system32\mag_hook.dll
2008-08-13 00:33:38 ----A---- C:\WINDOWS\system32\lzexpand.dll
2008-08-13 00:33:38 ----A---- C:\WINDOWS\system32\lz32.dll
2008-08-13 00:33:38 ----A---- C:\WINDOWS\system32\lusrmgr.msc
2008-08-13 00:33:37 ----A---- C:\WINDOWS\system32\lsass.exe
2008-08-13 00:33:37 ----A---- C:\WINDOWS\system32\lprmonui.dll
2008-08-13 00:33:37 ----A---- C:\WINDOWS\system32\lprhelp.dll
2008-08-13 00:33:37 ----A---- C:\WINDOWS\system32\lpr.exe
2008-08-13 00:33:37 ----A---- C:\WINDOWS\system32\lpq.exe
2008-08-13 00:33:37 ----A---- C:\WINDOWS\system32\lpk.dll
2008-08-13 00:33:37 ----A---- C:\WINDOWS\system32\logonui.exe
2008-08-13 00:33:37 ----A---- C:\WINDOWS\system32\logoff.exe
2008-08-13 00:33:37 ----A---- C:\WINDOWS\system32\logman.exe
2008-08-13 00:33:37 ----A---- C:\WINDOWS\system32\login.cmd
2008-08-13 00:33:37 ----A---- C:\WINDOWS\system32\loghours.dll
2008-08-13 00:33:37 ----A---- C:\WINDOWS\system32\logagent.exe
2008-08-13 00:33:37 ----A---- C:\WINDOWS\system32\lodctr.exe
2008-08-13 00:33:37 ----A---- C:\WINDOWS\system32\locator.exe
2008-08-13 00:33:36 ----A---- C:\WINDOWS\system32\localui.dll
2008-08-13 00:33:36 ----A---- C:\WINDOWS\system32\localspl.dll
2008-08-13 00:33:36 ----A---- C:\WINDOWS\system32\localsec.dll
2008-08-13 00:33:36 ----A---- C:\WINDOWS\system32\loadperf.dll
2008-08-13 00:33:36 ----A---- C:\WINDOWS\system32\loadfix.com
2008-08-13 00:33:36 ----A---- C:\WINDOWS\system32\lnkstub.exe
2008-08-13 00:33:36 ----A---- C:\WINDOWS\system32\lmrt.dll
2008-08-13 00:33:36 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2008-08-13 00:33:36 ----A---- C:\WINDOWS\system32\linkinfo.dll
2008-08-13 00:33:36 ----A---- C:\WINDOWS\system32\lights.exe
2008-08-13 00:33:36 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-08-13 00:33:36 ----A---- C:\WINDOWS\system32\licmgr10.dll
2008-08-13 00:33:36 ----A---- C:\WINDOWS\system32\licdll.dll
2008-08-13 00:33:35 ----A---- C:\WINDOWS\system32\LAPRXY.dll
2008-08-13 00:33:35 ----A---- C:\WINDOWS\system32\langwrbk.dll
2008-08-13 00:33:35 ----A---- C:\WINDOWS\system32\label.exe
2008-08-13 00:33:35 ----A---- C:\WINDOWS\system32\krnl386.exe
2008-08-13 00:33:35 ----A---- C:\WINDOWS\system32\keymgr.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kernel32.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kerberos.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kdcom.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kd1394.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdycl.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdycc.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbduzb.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdusx.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdusr.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdusl.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdus.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdur.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdukx.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbduk.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdtuq.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdtuf.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdtat.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdsw.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdsp.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdsmsno.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdsmsfi.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdsl.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdsg.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdsf.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdru1.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdru.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdro.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdpo.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdpl.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdno1.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdno.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdnec.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdne.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdmon.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdmlt48.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdmlt47.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdmaori.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdmac.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdlv1.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdlv.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdlt1.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdlt.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdla.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdkyr.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdkaz.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdit142.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdit.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdir.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdinmal.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdinben.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdinbe1.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdic.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdhu.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdhept.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdhela3.dll
2008-08-13 00:33:34 ----A---- C:\WINDOWS\system32\kbdhela2.dll
2008-08-13 00:33:33 ----N---- C:\WINDOWS\system32\jsproxy.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdhe319.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdhe220.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdhe.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdgr1.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdgr.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdgkl.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdgae.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdfr.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdfo.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdfi1.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdfi.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdfc.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdest.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdes.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbddv.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdda.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdcz2.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdcz1.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdcz.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdcr.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdcan.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdca.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdbu.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdbr.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdblr.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdbene.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdbe.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdazel.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kbdaze.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\kb16.com
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\jscript.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\jobexec.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\jgsh400.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\jgsd400.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\jgpl400.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\jgmd400.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\jgdw400.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\jgaw400.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\jet500.dll
2008-08-13 00:33:33 ----A---- C:\WINDOWS\system32\ixsso.dll
2008-08-13 00:33:32 ----A---- C:\WINDOWS\system32\iuengine.dll
2008-08-13 00:33:32 ----A---- C:\WINDOWS\system32\itss.dll
2008-08-13 00:33:32 ----A---- C:\WINDOWS\system32\itircl.dll
2008-08-13 00:33:32 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-08-13 00:33:32 ----A---- C:\WINDOWS\system32\isign32.dll
2008-08-13 00:33:32 ----A---- C:\WINDOWS\system32\irclass.dll
2008-08-13 00:33:32 ----A---- C:\WINDOWS\system32\ir50_qcx.dll
2008-08-13 00:33:32 ----A---- C:\WINDOWS\system32\ir50_qc.dll
2008-08-13 00:33:32 ----A---- C:\WINDOWS\system32\ir50_32.dll
2008-08-13 00:33:32 ----A---- C:\WINDOWS\system32\ir41_qcx.dll
2008-08-13 00:33:32 ----A---- C:\WINDOWS\system32\ir41_qc.dll
2008-08-13 00:33:32 ----A---- C:\WINDOWS\system32\ir32_32.dll
2008-08-13 00:33:32 ----A---- C:\WINDOWS\system32\ipxwan.dll
2008-08-13 00:33:32 ----A---- C:\WINDOWS\system32\ipxsap.dll
2008-08-13 00:33:32 ----A---- C:\WINDOWS\system32\ipxrtmgr.dll
2008-08-13 00:33:32 ----A---- C:\WINDOWS\system32\ipxroute.exe
2008-08-13 00:33:32 ----A---- C:\WINDOWS\system32\ipxrip.dll
2008-08-13 00:33:32 ----A---- C:\WINDOWS\system32\ipxpromn.dll
2008-08-13 00:33:32 ----A---- C:\WINDOWS\system32\ipxmontr.dll
2008-08-13 00:33:31 ----A---- C:\WINDOWS\system32\ipv6mon.dll
2008-08-13 00:33:31 ----A---- C:\WINDOWS\system32\ipv6.exe
2008-08-13 00:33:31 ----A---- C:\WINDOWS\system32\ipsmsnap.dll
2008-08-13 00:33:31 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
2008-08-13 00:33:31 ----A---- C:\WINDOWS\system32\ipsecsnp.dll
2008-08-13 00:33:31 ----A---- C:\WINDOWS\system32\ipsec6.exe
2008-08-13 00:33:31 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2008-08-13 00:33:31 ----A---- C:\WINDOWS\system32\iprtprio.dll
2008-08-13 00:33:31 ----A---- C:\WINDOWS\system32\iprop.dll
2008-08-13 00:33:31 ----A---- C:\WINDOWS\system32\ippromon.dll
2008-08-13 00:33:31 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2008-08-13 00:33:31 ----A---- C:\WINDOWS\system32\ipmontr.dll
2008-08-13 00:33:31 ----A---- C:\WINDOWS\system32\iphlpapi.dll
2008-08-13 00:33:31 ----A---- C:\WINDOWS\system32\ipconfig.exe
2008-08-13 00:33:31 ----A---- C:\WINDOWS\system32\iologmsg.dll
2008-08-13 00:33:30 ----A---- C:\WINDOWS\system32\input.dll
2008-08-13 00:33:30 ----A---- C:\WINDOWS\system32\initpki.dll
2008-08-13 00:33:30 ----A---- C:\WINDOWS\system32\infosoft.dll
2008-08-13 00:33:29 ----A---- C:\WINDOWS\system32\inetres.dll
2008-08-13 00:33:29 ----A---- C:\WINDOWS\system32\inetppui.dll
2008-08-13 00:33:29 ----A---- C:\WINDOWS\system32\inetpp.dll
2008-08-13 00:33:29 ----A---- C:\WINDOWS\system32\inetmib1.dll
2008-08-13 00:33:29 ----A---- C:\WINDOWS\system32\inetcplc.dll
2008-08-13 00:33:29 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-08-13 00:33:29 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-08-13 00:33:29 ----A---- C:\WINDOWS\system32\imm32.dll
2008-08-13 00:33:29 ----A---- C:\WINDOWS\system32\imgutil.dll
2008-08-13 00:33:29 ----A---- C:\WINDOWS\system32\imeshare.dll
2008-08-13 00:33:29 ----A---- C:\WINDOWS\system32\imapi.exe
2008-08-13 00:33:28 ----A---- C:\WINDOWS\system32\imagehlp.dll
2008-08-13 00:33:28 ----A---- C:\WINDOWS\system32\ils.dll
2008-08-13 00:33:28 ----A---- C:\WINDOWS\system32\iissuba.dll
2008-08-13 00:33:27 ----N---- C:\WINDOWS\system32\iernonce.dll
2008-08-13 00:33:27 ----A---- C:\WINDOWS\system32\igmpagnt.dll
2008-08-13 00:33:27 ----A---- C:\WINDOWS\system32\ifsutil.dll
2008-08-13 00:33:27 ----A---- C:\WINDOWS\system32\ifmon.dll
2008-08-13 00:33:27 ----A---- C:\WINDOWS\system32\iexpress.exe
2008-08-13 00:33:27 ----A---- C:\WINDOWS\system32\iesetup.dll
2008-08-13 00:33:26 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2008-08-13 00:33:26 ----N---- C:\WINDOWS\system32\ieakui.dll
2008-08-13 00:33:26 ----N---- C:\WINDOWS\system32\ieaksie.dll
2008-08-13 00:33:26 ----N---- C:\WINDOWS\system32\ieakeng.dll
2008-08-13 00:33:26 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2008-08-13 00:33:26 ----A---- C:\WINDOWS\system32\ieencode.dll
2008-08-13 00:33:26 ----A---- C:\WINDOWS\system32\idq.dll
2008-08-13 00:33:26 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-08-13 00:33:26 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-08-13 00:33:26 ----A---- C:\WINDOWS\system32\icmui.dll
2008-08-13 00:33:26 ----A---- C:\WINDOWS\system32\icmp.dll
2008-08-13 00:33:26 ----A---- C:\WINDOWS\system32\icm32.dll
2008-08-13 00:33:26 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-08-13 00:33:26 ----A---- C:\WINDOWS\system32\iccvid.dll
2008-08-13 00:33:25 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-08-13 00:33:25 ----A---- C:\WINDOWS\system32\iassvcs.dll
2008-08-13 00:33:25 ----A---- C:\WINDOWS\system32\iassdo.dll
2008-08-13 00:33:25 ----A---- C:\WINDOWS\system32\iassam.dll
2008-08-13 00:33:25 ----A---- C:\WINDOWS\system32\iasrecst.dll
2008-08-13 00:33:25 ----A---- C:\WINDOWS\system32\iasrad.dll
2008-08-13 00:33:25 ----A---- C:\WINDOWS\system32\iaspolcy.dll
2008-08-13 00:33:25 ----A---- C:\WINDOWS\system32\iasnap.dll
2008-08-13 00:33:25 ----A---- C:\WINDOWS\system32\iashlpr.dll
2008-08-13 00:33:25 ----A---- C:\WINDOWS\system32\iasads.dll
2008-08-13 00:33:25 ----A---- C:\WINDOWS\system32\iasacct.dll
2008-08-13 00:33:25 ----A---- C:\WINDOWS\system32\htui.dll
2008-08-13 00:33:25 ----A---- C:\WINDOWS\system32\httpapi.dll
2008-08-13 00:33:25 ----A---- C:\WINDOWS\system32\hticons.dll
2008-08-13 00:33:24 ----A---- C:\WINDOWS\system32\hotplug.dll
2008-08-13 00:33:24 ----A---- C:\WINDOWS\system32\hostname.exe
2008-08-13 00:33:23 ----A---- C:\WINDOWS\system32\hnetwiz.dll
2008-08-13 00:33:23 ----A---- C:\WINDOWS\system32\hnetmon.dll
2008-08-13 00:33:23 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2008-08-13 00:33:22 ----A---- C:\WINDOWS\system32\hhsetup.dll
2008-08-13 00:33:22 ----A---- C:\WINDOWS\system32\help.exe
2008-08-13 00:33:22 ----A---- C:\WINDOWS\hh.exe
2008-08-13 00:33:21 ----A---- C:\WINDOWS\system32\h323msp.dll
2008-08-13 00:33:21 ----A---- C:\WINDOWS\system32\grpconv.exe
2008-08-13 00:33:21 ----A---- C:\WINDOWS\system32\graphics.com
2008-08-13 00:33:21 ----A---- C:\WINDOWS\system32\graftabl.com
2008-08-13 00:33:20 ----A---- C:\WINDOWS\system32\gpupdate.exe
2008-08-13 00:33:20 ----A---- C:\WINDOWS\system32\gptext.dll
2008-08-13 00:33:20 ----A---- C:\WINDOWS\system32\gpresult.exe
2008-08-13 00:33:20 ----A---- C:\WINDOWS\system32\gpkrsrc.dll
2008-08-13 00:33:20 ----A---- C:\WINDOWS\system32\gpkcsp.dll
2008-08-13 00:33:20 ----A---- C:\WINDOWS\system32\gpedit.msc
2008-08-13 00:33:20 ----A---- C:\WINDOWS\system32\gpedit.dll
2008-08-13 00:33:19 ----A---- C:\WINDOWS\system32\glu32.dll
2008-08-13 00:33:19 ----A---- C:\WINDOWS\system32\glmf32.dll
2008-08-13 00:33:19 ----A---- C:\WINDOWS\system32\getuname.dll
2008-08-13 00:33:19 ----A---- C:\WINDOWS\system32\getmac.exe
2008-08-13 00:33:18 ----A---- C:\WINDOWS\system32\gdi32.dll
2008-08-13 00:33:18 ----A---- C:\WINDOWS\system32\gdi.exe
2008-08-13 00:33:18 ----A---- C:\WINDOWS\system32\gcdef.dll
2008-08-13 00:33:17 ----A---- C:\WINDOWS\system32\fwcfg.dll
2008-08-13 00:33:17 ----A---- C:\WINDOWS\system32\ftsrch.dll
2008-08-13 00:33:17 ----A---- C:\WINDOWS\system32\ftp.exe
2008-08-13 00:33:17 ----A---- C:\WINDOWS\system32\fsutil.exe
2008-08-13 00:33:17 ----A---- C:\WINDOWS\system32\fsusd.dll
2008-08-13 00:33:17 ----A---- C:\WINDOWS\system32\fsquirt.exe
2008-08-13 00:33:17 ----A---- C:\WINDOWS\system32\fsmgmt.msc
2008-08-13 00:33:17 ----A---- C:\WINDOWS\system32\freecell.exe
2008-08-13 00:33:17 ----A---- C:\WINDOWS\system32\framebuf.dll
2008-08-13 00:33:16 ----A---- C:\WINDOWS\system32\format.com
2008-08-13 00:33:16 ----A---- C:\WINDOWS\system32\forcedos.exe
2008-08-13 00:33:16 ----A---- C:\WINDOWS\system32\fontview.exe
2008-08-13 00:33:16 ----A---- C:\WINDOWS\system32\fontsub.dll
2008-08-13 00:33:16 ----A---- C:\WINDOWS\system32\fontext.dll
2008-08-13 00:33:16 ----A---- C:\WINDOWS\system32\fmifs.dll
2008-08-13 00:33:16 ----A---- C:\WINDOWS\system32\fltmc.exe
2008-08-13 00:33:16 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-08-13 00:33:16 ----A---- C:\WINDOWS\system32\fldrclnr.dll
2008-08-13 00:33:15 ----N---- C:\WINDOWS\system32\extmgr.dll
2008-08-13 00:33:15 ----A---- C:\WINDOWS\system32\fixmapi.exe
2008-08-13 00:33:15 ----A---- C:\WINDOWS\system32\finger.exe
2008-08-13 00:33:15 ----A---- C:\WINDOWS\system32\findstr.exe
2008-08-13 00:33:15 ----A---- C:\WINDOWS\system32\find.exe
2008-08-13 00:33:15 ----A---- C:\WINDOWS\system32\filemgmt.dll
2008-08-13 00:33:15 ----A---- C:\WINDOWS\system32\feclient.dll
2008-08-13 00:33:15 ----A---- C:\WINDOWS\system32\fdeploy.dll
2008-08-13 00:33:15 ----A---- C:\WINDOWS\system32\fde.dll
2008-08-13 00:33:15 ----A---- C:\WINDOWS\system32\fc.exe
2008-08-13 00:33:15 ----A---- C:\WINDOWS\system32\faultrep.dll
2008-08-13 00:33:15 ----A---- C:\WINDOWS\system32\fastopen.exe
2008-08-13 00:33:15 ----A---- C:\WINDOWS\system32\exts.dll
2008-08-13 00:33:15 ----A---- C:\WINDOWS\system32\extrac32.exe
2008-08-13 00:33:15 ----A---- C:\WINDOWS\system32\expsrv.dll
2008-08-13 00:33:14 ----A---- C:\WINDOWS\system32\expand.exe
2008-08-13 00:33:14 ----A---- C:\WINDOWS\system32\exe2bin.exe
2008-08-13 00:33:14 ----A---- C:\WINDOWS\system32\eventtriggers.exe
2008-08-13 00:33:14 ----A---- C:\WINDOWS\system32\eventquery.vbs
2008-08-13 00:33:14 ----A---- C:\WINDOWS\explorer.exe
2008-08-13 00:33:13 ----A---- C:\WINDOWS\system32\eventvwr.msc
2008-08-13 00:33:13 ----A---- C:\WINDOWS\system32\eventvwr.exe
2008-08-13 00:33:13 ----A---- C:\WINDOWS\system32\eventlog.dll
2008-08-13 00:33:13 ----A---- C:\WINDOWS\system32\eventcreate.exe
2008-08-13 00:33:13 ----A---- C:\WINDOWS\system32\eventcls.dll
2008-08-13 00:33:13 ----A---- C:\WINDOWS\system32\eula.txt
2008-08-13 00:33:13 ----A---- C:\WINDOWS\system32\eudcedit.exe
2008-08-13 00:33:13 ----A---- C:\WINDOWS\system32\esentutl.exe
2008-08-13 00:33:13 ----A---- C:\WINDOWS\system32\esentprf.ini
2008-08-13 00:33:13 ----A---- C:\WINDOWS\system32\esentprf.dll
2008-08-13 00:33:13 ----A---- C:\WINDOWS\system32\esent97.dll
2008-08-13 00:33:13 ----A---- C:\WINDOWS\system32\esent.dll
2008-08-13 00:33:13 ----A---- C:\WINDOWS\system32\es.dll
2008-08-13 00:33:13 ----A---- C:\WINDOWS\system32\ersvc.dll
2008-08-13 00:33:13 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-08-13 00:33:12 ----A---- C:\WINDOWS\system32\encapi.dll
2008-08-13 00:33:12 ----A---- C:\WINDOWS\system32\els.dll
2008-08-13 00:33:12 ----A---- C:\WINDOWS\system32\efsadu.dll
2008-08-13 00:33:12 ----A---- C:\WINDOWS\system32\edlin.exe
2008-08-13 00:33:12 ----A---- C:\WINDOWS\system32\edit.com
2008-08-13 00:33:12 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-08-13 00:33:12 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-08-13 00:33:11 ----A---- C:\WINDOWS\system32\dxmasf.dll
2008-08-13 00:33:11 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2008-08-13 00:33:11 ----A---- C:\WINDOWS\system32\dxdiag.exe
2008-08-13 00:33:11 ----A---- C:\WINDOWS\system32\dx8vb.dll
2008-08-13 00:33:11 ----A---- C:\WINDOWS\system32\dx7vb.dll
2008-08-13 00:33:11 ----A---- C:\WINDOWS\system32\dwwin.exe
2008-08-13 00:33:11 ----A---- C:\WINDOWS\system32\dvdupgrd.exe
2008-08-13 00:33:11 ----A---- C:\WINDOWS\system32\duser.dll
2008-08-13 00:33:11 ----A---- C:\WINDOWS\system32\dumprep.exe
2008-08-13 00:33:11 ----A---- C:\WINDOWS\system32\dswave.dll
2008-08-13 00:33:11 ----A---- C:\WINDOWS\system32\dsuiext.dll
2008-08-13 00:33:11 ----A---- C:\WINDOWS\system32\dssenh.dll
2008-08-13 00:33:11 ----A---- C:\WINDOWS\system32\dssec.dll
2008-08-13 00:33:10 ----A---- C:\WINDOWS\system32\dsquery.dll
2008-08-13 00:33:10 ----A---- C:\WINDOWS\system32\dsprpres.dll
2008-08-13 00:33:10 ----A---- C:\WINDOWS\system32\dsprop.dll
2008-08-13 00:33:10 ----A---- C:\WINDOWS\system32\dsound3d.dll
2008-08-13 00:33:10 ----A---- C:\WINDOWS\system32\dsound.dll
2008-08-13 00:33:10 ----A---- C:\WINDOWS\system32\dskquoui.dll
2008-08-13 00:33:10 ----A---- C:\WINDOWS\system32\dskquota.dll
2008-08-13 00:33:10 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
2008-08-13 00:33:10 ----A---- C:\WINDOWS\system32\dsdmo.dll
2008-08-13 00:33:10 ----A---- C:\WINDOWS\system32\dsauth.dll
2008-08-13 00:33:10 ----A---- C:\WINDOWS\system32\ds32gt.dll
2008-08-13 00:33:10 ----A---- C:\WINDOWS\system32\ds16gt.dLL
2008-08-13 00:33:10 ----A---- C:\WINDOWS\system32\drwtsn32.exe
2008-08-13 00:33:10 ----A---- C:\WINDOWS\system32\drwatson.exe
2008-08-13 00:33:09 ----A---- C:\WINDOWS\system32\drprov.dll
2008-08-13 00:33:09 ----A---- C:\WINDOWS\system32\drmv2clt.dll
2008-08-13 00:33:09 ----A---- C:\WINDOWS\system32\drmv2clt(2).dll
2008-08-13 00:33:09 ----A---- C:\WINDOWS\system32\drmstor.dll
2008-08-13 00:33:09 ----A---- C:\WINDOWS\system32\drmclien.dll
2008-08-13 00:33:09 ----A---- C:\WINDOWS\system32\driverquery.exe
2008-08-13 00:32:44 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2008-08-13 00:32:44 ----A---- C:\WINDOWS\system32\dpwsock.dll
2008-08-13 00:32:44 ----A---- C:\WINDOWS\system32\dpvvox.dll
2008-08-13 00:32:44 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2008-08-13 00:32:44 ----A---- C:\WINDOWS\system32\dpvoice.dll
2008-08-13 00:32:44 ----A---- C:\WINDOWS\system32\dpvacm.dll
2008-08-13 00:32:44 ----A---- C:\WINDOWS\system32\dpserial.dll
2008-08-13 00:32:44 ----A---- C:\WINDOWS\system32\dpnwsock.dll
2008-08-13 00:32:44 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2008-08-13 00:32:44 ----A---- C:\WINDOWS\system32\dpnmodem.dll
2008-08-13 00:32:44 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2008-08-13 00:32:44 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2008-08-13 00:32:44 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2008-08-13 00:32:44 ----A---- C:\WINDOWS\system32\dpnet.dll
2008-08-13 00:32:44 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2008-08-13 00:32:44 ----A---- C:\WINDOWS\system32\dpmodemx.dll
2008-08-13 00:32:44 ----A---- C:\WINDOWS\system32\dplayx.dll
2008-08-13 00:32:44 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2008-08-13 00:32:44 ----A---- C:\WINDOWS\system32\dplay.dll
2008-08-13 00:32:43 ----A---- C:\WINDOWS\system32\dpcdll.dll
2008-08-13 00:32:27 ----A---- C:\WINDOWS\system32\dosx.exe
2008-08-13 00:32:27 ----A---- C:\WINDOWS\system32\doskey.exe
2008-08-13 00:32:27 ----A---- C:\WINDOWS\system32\docprop2.dll
2008-08-13 00:32:27 ----A---- C:\WINDOWS\system32\docprop.dll
2008-08-13 00:32:27 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2008-08-13 00:32:27 ----A---- C:\WINDOWS\system32\dnsapi.dll
2008-08-13 00:32:27 ----A---- C:\WINDOWS\system32\dmusic.dll
2008-08-13 00:32:27 ----A---- C:\WINDOWS\system32\dmsynth.dll
2008-08-13 00:32:27 ----A---- C:\WINDOWS\system32\dmstyle.dll
2008-08-13 00:32:27 ----A---- C:\WINDOWS\system32\dmserver.dll
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\dmscript.dll
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\dmremote.exe
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\dmocx.dll
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\dmloader.dll
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\dmintf.dll
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\dmime.dll
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\dmdskres.dll
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\dmdskmgr.dll
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\dmdlgs.dll
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\dmconfig.dll
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\dmcompos.dll
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\dmband.dll
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\dmadmin.exe
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\dllhst3g.exe
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\dllhost.exe
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\dispex.dll
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\diskperf.exe
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\diskpart.exe
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\diskmgmt.msc
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\diskcopy.dll
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\diskcopy.com
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\diskcomp.com
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\dinput8.dll
2008-08-13 00:32:26 ----A---- C:\WINDOWS\system32\dinput.dll
2008-08-13 00:32:25 ----A---- C:\WINDOWS\system32\dimap.dll
2008-08-13 00:32:25 ----A---- C:\WINDOWS\system32\digest.dll
2008-08-13 00:32:25 ----A---- C:\WINDOWS\system32\diantz.exe
2008-08-13 00:32:25 ----A---- C:\WINDOWS\system32\diactfrm.dll
2008-08-13 00:32:25 ----A---- C:\WINDOWS\system32\dhcpsapi.dll
2008-08-13 00:32:24 ----N---- C:\WINDOWS\system32\dbnetlib.dll
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\dhcpmon.dll
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\dgnet.dll
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\dfsshlex.dll
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\dfrgui.dll
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\dfrgsnap.dll
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\dfrgres.dll
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\dfrgfat.exe
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\dfrg.msc
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\devmgr.dll
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\devmgmt.msc
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\devenum.dll
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\deskperf.dll
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\deskmon.dll
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\deskadp.dll
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\defrag.exe
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\debug.exe
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\ddrawex.dll
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\ddraw.dll
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\ddeshare.exe
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\ddeml.dll
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\dciman32.dll
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\dbnmpntw.dll
2008-08-13 00:32:24 ----A---- C:\WINDOWS\system32\dbmsrpcn.dll
2008-08-13 00:32:23 ----A---- C:\WINDOWS\system32\dbghelp.dll
2008-08-13 00:32:23 ----A---- C:\WINDOWS\system32\dbgeng.dll
2008-08-13 00:32:23 ----A---- C:\WINDOWS\system32\davclnt.dll
2008-08-13 00:32:23 ----A---- C:\WINDOWS\system32\datime.dll
2008-08-13 00:32:23 ----A---- C:\WINDOWS\system32\dataclen.dll
2008-08-13 00:32:23 ----A---- C:\WINDOWS\system32\danim.dll
2008-08-13 00:32:23 ----A---- C:\WINDOWS\system32\d3dxof.dll
2008-08-13 00:32:23 ----A---- C:\WINDOWS\system32\d3drm.dll
2008-08-13 00:32:22 ----R---- C:\WINDOWS\system32\ctl3dv2.dll
2008-08-13 00:32:22 ----A---- C:\WINDOWS\system32\d3dramp.dll
2008-08-13 00:32:22 ----A---- C:\WINDOWS\system32\d3dpmesh.dll
2008-08-13 00:32:22 ----A---- C:\WINDOWS\system32\d3dim700.dll
2008-08-13 00:32:22 ----A---- C:\WINDOWS\system32\d3dim.dll
2008-08-13 00:32:22 ----A---- C:\WINDOWS\system32\d3d9.dll
2008-08-13 00:32:22 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2008-08-13 00:32:22 ----A---- C:\WINDOWS\system32\d3d8.dll
2008-08-13 00:32:22 ----A---- C:\WINDOWS\system32\ctl3d32.dll
2008-08-13 00:32:22 ----A---- C:\WINDOWS\system32\ctfmon.exe
2008-08-13 00:32:22 ----A---- C:\WINDOWS\system32\csseqchk.dll
2008-08-13 00:32:22 ----A---- C:\WINDOWS\system32\csrss.exe
2008-08-13 00:32:22 ----A---- C:\WINDOWS\system32\csrsrv.dll
2008-08-13 00:32:22 ----A---- C:\WINDOWS\system32\cscui.dll
2008-08-13 00:32:22 ----A---- C:\WINDOWS\system32\cscript.exe
2008-08-13 00:32:22 ----A---- C:\WINDOWS\system32\cscdll.dll
2008-08-13 00:32:21 ----A---- C:\WINDOWS\system32\cryptui.dll
2008-08-13 00:32:21 ----A---- C:\WINDOWS\system32\cryptsvc.dll
2008-08-13 00:32:21 ----A---- C:\WINDOWS\system32\cryptnet.dll
2008-08-13 00:32:21 ----A---- C:\WINDOWS\system32\cryptext.dll
2008-08-13 00:32:21 ----A---- C:\WINDOWS\system32\cryptdll.dll
2008-08-13 00:32:21 ----A---- C:\WINDOWS\system32\cryptdlg.dll
2008-08-13 00:32:21 ----A---- C:\WINDOWS\system32\crypt32.dll
2008-08-13 00:32:21 ----A---- C:\WINDOWS\system32\crtdll.dll
2008-08-13 00:32:21 ----A---- C:\WINDOWS\system32\credui.dll
2008-08-13 00:32:20 ----A---- C:\WINDOWS\system32\corpol.dll
2008-08-13 00:32:20 ----A---- C:\WINDOWS\system32\convert.exe
2008-08-13 00:32:20 ----A---- C:\WINDOWS\system32\control.exe
2008-08-13 00:32:20 ----A---- C:\WINDOWS\system32\console.dll
2008-08-13 00:32:20 ----A---- C:\WINDOWS\system32\conime.exe
2008-08-13 00:32:20 ----A---- C:\WINDOWS\system32\confmsp.dll
2008-08-13 00:32:19 ----A---- C:\WINDOWS\system32\comuid.dll
2008-08-13 00:32:19 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-08-13 00:32:19 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-08-13 00:32:19 ----A---- C:\WINDOWS\system32\comres.dll
2008-08-13 00:32:19 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-08-13 00:32:19 ----A---- C:\WINDOWS\system32\compstui.dll
2008-08-13 00:32:19 ----A---- C:\WINDOWS\system32\compobj.dll
2008-08-13 00:32:19 ----A---- C:\WINDOWS\system32\compmgmt.msc
2008-08-13 00:32:13 ----A---- C:\WINDOWS\system32\compatui.dll
2008-08-13 00:32:13 ----A---- C:\WINDOWS\system32\compact.exe
2008-08-13 00:32:13 ----A---- C:\WINDOWS\system32\comp.exe
2008-08-13 00:32:13 ----A---- C:\WINDOWS\system32\commdlg.dll
2008-08-13 00:32:13 ----A---- C:\WINDOWS\system32\command.com
2008-08-13 00:32:12 ----A---- C:\WINDOWS\system32\comdlg32.dll
2008-08-13 00:32:12 ----A---- C:\WINDOWS\system32\comctl32.dll
2008-08-13 00:32:12 ----A---- C:\WINDOWS\system32\comcat.dll
2008-08-13 00:32:12 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-08-13 00:32:12 ----A---- C:\WINDOWS\system32\colbact.dll
2008-08-13 00:32:12 ----A---- C:\WINDOWS\system32\cnvfat.dll
2008-08-13 00:32:12 ----A---- C:\WINDOWS\system32\cnetcfg.dll
2008-08-13 00:32:12 ----A---- C:\WINDOWS\system32\cmutil.dll
2008-08-13 00:32:12 ----A---- C:\WINDOWS\system32\cmstp.exe
2008-08-13 00:32:12 ----A---- C:\WINDOWS\system32\cmsetacl.dll
2008-08-13 00:32:12 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-08-13 00:32:12 ----A---- C:\WINDOWS\system32\cmpbk32.dll
2008-08-13 00:32:12 ----A---- C:\WINDOWS\system32\cmmon32.exe
2008-08-13 00:32:11 ----A---- C:\WINDOWS\system32\shellstyle.dll
2008-08-13 00:32:11 ----A---- C:\WINDOWS\system32\cmdl32.exe
2008-08-13 00:32:11 ----A---- C:\WINDOWS\system32\cmdial32.dll
2008-08-13 00:32:11 ----A---- C:\WINDOWS\system32\cmd.exe
2008-08-13 00:32:11 ----A---- C:\WINDOWS\system32\cmcfg32.dll
2008-08-13 00:32:11 ----A---- C:\WINDOWS\system32\clusapi.dll
2008-08-13 00:32:11 ----A---- C:\WINDOWS\system32\clipsrv.exe
2008-08-13 00:32:11 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-08-13 00:32:11 ----A---- C:\WINDOWS\system32\cliconfg.exe
2008-08-13 00:32:11 ----A---- C:\WINDOWS\system32\cliconfg.dll
2008-08-13 00:32:11 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2008-08-13 00:32:11 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-08-13 00:32:11 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-08-13 00:32:11 ----A---- C:\WINDOWS\system32\clb.dll
2008-08-13 00:32:11 ----A---- C:\WINDOWS\system32\ckcnv.exe
2008-08-13 00:32:11 ----A---- C:\WINDOWS\system32\cisvc.exe
2008-08-13 00:32:11 ----A---- C:\WINDOWS\system32\cipher.exe
2008-08-13 00:32:11 ----A---- C:\WINDOWS\system32\ciodm.dll
2008-08-13 00:32:10 ----A---- C:\WINDOWS\system32\cidaemon.exe
2008-08-13 00:32:10 ----A---- C:\WINDOWS\system32\cic.dll
2008-08-13 00:32:10 ----A---- C:\WINDOWS\system32\ciadv.msc
2008-08-13 00:32:10 ----A---- C:\WINDOWS\system32\ciadmin.dll
2008-08-13 00:32:10 ----A---- C:\WINDOWS\system32\chkntfs.exe
2008-08-13 00:32:10 ----A---- C:\WINDOWS\system32\chkdsk.exe
2008-08-13 00:32:10 ----A---- C:\WINDOWS\system32\chcp.com
2008-08-13 00:32:10 ----A---- C:\WINDOWS\system32\charmap.exe
2008-08-13 00:32:10 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
2008-08-13 00:32:10 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-08-13 00:32:10 ----A---- C:\WINDOWS\system32\cewmdm.dll
2008-08-13 00:32:10 ----A---- C:\WINDOWS\system32\certmgr.msc
2008-08-13 00:32:10 ----A---- C:\WINDOWS\system32\certmgr.dll
2008-08-13 00:32:09 ----A---- C:\WINDOWS\system32\certcli.dll
2008-08-13 00:32:09 ----A---- C:\WINDOWS\system32\cdosys.dll
2008-08-13 00:32:09 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-08-13 00:32:09 ----A---- C:\WINDOWS\system32\cdm.dll
2008-08-13 00:32:09 ----A---- C:\WINDOWS\system32\ccfgnt.dll
2008-08-13 00:32:09 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-08-13 00:32:09 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-08-13 00:32:09 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-08-13 00:32:09 ----A---- C:\WINDOWS\system32\cards.dll
2008-08-13 00:32:09 ----A---- C:\WINDOWS\system32\capesnpn.dll
2008-08-13 00:32:09 ----A---- C:\WINDOWS\system32\camocx.dll
2008-08-13 00:32:09 ----A---- C:\WINDOWS\system32\cacls.exe
2008-08-13 00:32:09 ----A---- C:\WINDOWS\system32\cabview.dll
2008-08-13 00:32:09 ----A---- C:\WINDOWS\system32\cabinet.dll
2008-08-13 00:32:07 ----A---- C:\WINDOWS\system32\btpanui.dll
2008-08-13 00:32:07 ----A---- C:\WINDOWS\system32\bthserv.dll
2008-08-13 00:32:07 ----A---- C:\WINDOWS\system32\bthci.dll
2008-08-13 00:32:07 ----A---- C:\WINDOWS\system32\browsewm.dll
2008-08-13 00:32:07 ----A---- C:\WINDOWS\system32\browser.dll
2008-08-13 00:32:07 ----A---- C:\WINDOWS\system32\browselc.dll
2008-08-13 00:32:06 ----A---- C:\WINDOWS\system32\bootvrfy.exe
2008-08-13 00:32:06 ----A---- C:\WINDOWS\system32\bootvid.dll
2008-08-13 00:32:06 ----A---- C:\WINDOWS\system32\bootok.exe
2008-08-13 00:32:06 ----A---- C:\WINDOWS\system32\bootcfg.exe
2008-08-13 00:32:05 ----A---- C:\WINDOWS\system32\blastcln.exe
2008-08-13 00:32:05 ----A---- C:\WINDOWS\system32\blackbox.dll
2008-08-13 00:32:05 ----A---- C:\WINDOWS\system32\blackbox(2).dll
2008-08-13 00:32:05 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-08-13 00:32:05 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-08-13 00:32:05 ----A---- C:\WINDOWS\system32\bidispl.dll
2008-08-13 00:32:05 ----A---- C:\WINDOWS\system32\batt.dll
2008-08-13 00:32:05 ----A---- C:\WINDOWS\system32\batmeter.dll
2008-08-13 00:32:05 ----A---- C:\WINDOWS\system32\basesrv.dll
2008-08-13 00:32:04 ----A---- C:\WINDOWS\system32\avwav.dll
2008-08-13 00:32:04 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-08-13 00:32:04 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-08-13 00:32:04 ----A---- C:\WINDOWS\system32\avifile.dll
2008-08-13 00:32:04 ----A---- C:\WINDOWS\system32\avifil32.dll
2008-08-13 00:32:04 ----A---- C:\WINDOWS\system32\avicap32.dll
2008-08-13 00:32:04 ----A---- C:\WINDOWS\system32\avicap.dll
2008-08-13 00:32:04 ----A---- C:\WINDOWS\system32\autolfn.exe
2008-08-13 00:32:04 ----A---- C:\WINDOWS\system32\autofmt.exe
2008-08-13 00:32:04 ----A---- C:\WINDOWS\system32\autodisc.dll
2008-08-13 00:32:04 ----A---- C:\WINDOWS\system32\autoconv.exe
2008-08-13 00:32:03 ----A---- C:\WINDOWS\system32\autochk.exe
2008-08-13 00:32:03 ----A---- C:\WINDOWS\system32\auditusr.exe
2008-08-13 00:32:03 ----A---- C:\WINDOWS\system32\audiosrv.dll
2008-08-13 00:32:03 ----A---- C:\WINDOWS\system32\audiodev.dll
2008-08-13 00:32:03 ----A---- C:\WINDOWS\system32\attrib.exe
2008-08-13 00:32:03 ----A---- C:\WINDOWS\system32\atrace.dll
2008-08-13 00:32:03 ----A---- C:\WINDOWS\system32\atmpvcno.dll
2008-08-13 00:32:03 ----A---- C:\WINDOWS\system32\atmlib.dll
2008-08-13 00:32:03 ----A---- C:\WINDOWS\system32\atmfd.dll
2008-08-13 00:32:03 ----A---- C:\WINDOWS\system32\atmadm.exe
2008-08-13 00:32:03 ----A---- C:\WINDOWS\system32\atl.dll
2008-08-13 00:32:03 ----A---- C:\WINDOWS\system32\atkctrs.dll
2008-08-13 00:32:03 ----A---- C:\WINDOWS\system32\at.exe
2008-08-13 00:32:03 ----A---- C:\WINDOWS\system32\asycfilt.dll
2008-08-13 00:32:03 ----A---- C:\WINDOWS\system32\asr_pfu.exe
2008-08-13 00:32:03 ----A---- C:\WINDOWS\system32\asr_ldm.exe
2008-08-13 00:32:03 ----A---- C:\WINDOWS\system32\asr_fmt.exe
2008-08-13 00:31:48 ----A---- C:\WINDOWS\system32\asferror.dll
2008-08-13 00:31:47 ----A---- C:\WINDOWS\system32\arp.exe
2008-08-13 00:31:46 ----A---- C:\WINDOWS\system32\appmgr.dll
2008-08-13 00:31:46 ----A---- C:\WINDOWS\system32\appmgmts.dll
2008-08-13 00:31:46 ----A---- C:\WINDOWS\system32\apphelp.dll
2008-08-13 00:31:46 ----A---- C:\WINDOWS\system32\append.exe
2008-08-13 00:31:46 ----A---- C:\WINDOWS\system32\apcups.dll
2008-08-13 00:31:46 ----A---- C:\WINDOWS\system32\amstream.dll
2008-08-13 00:31:46 ----A---- C:\WINDOWS\system32\alrsvc.dll
2008-08-13 00:31:46 ----A---- C:\WINDOWS\system32\alg.exe
2008-08-13 00:31:46 ----A---- C:\WINDOWS\system32\ahui.exe
2008-08-13 00:31:45 ----A---- C:\WINDOWS\system32\advpack.dll
2008-08-13 00:31:45 ----A---- C:\WINDOWS\system32\advapi32.dll
2008-08-13 00:31:45 ----A---- C:\WINDOWS\system32\adsnw.dll
2008-08-13 00:31:45 ----A---- C:\WINDOWS\system32\adsnt.dll
2008-08-13 00:31:45 ----A---- C:\WINDOWS\system32\adsnds.dll
2008-08-13 00:31:45 ----A---- C:\WINDOWS\system32\adsmsext.dll
2008-08-13 00:31:45 ----A---- C:\WINDOWS\system32\adsldpc.dll
2008-08-13 00:31:45 ----A---- C:\WINDOWS\system32\adsldp.dll
2008-08-13 00:31:45 ----A---- C:\WINDOWS\system32\adptif.dll
2008-08-13 00:31:44 ----A---- C:\WINDOWS\system32\admparse.dll
2008-08-13 00:31:44 ----A---- C:\WINDOWS\system32\actxprxy.dll
2008-08-13 00:31:44 ----A---- C:\WINDOWS\system32\actmovie.exe
2008-08-13 00:31:44 ----A---- C:\WINDOWS\system32\activeds.dll
2008-08-13 00:31:44 ----A---- C:\WINDOWS\system32\aclui.dll
2008-08-13 00:31:44 ----A---- C:\WINDOWS\system32\acledit.dll
2008-08-13 00:31:44 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-08-13 00:31:44 ----A---- C:\WINDOWS\system32\acctres.dll
2008-08-13 00:31:44 ----A---- C:\WINDOWS\system32\aaaamon.dll
2008-08-13 00:30:03 ----A---- C:\WINDOWS\system32\6to4svc.dll
2008-08-12 17:26:37 ----D---- C:\WINDOWS\system32\scripting
2008-08-12 17:26:37 ----D---- C:\WINDOWS\system32\en-us
2008-08-12 17:26:37 ----D---- C:\WINDOWS\system32\en
2008-08-12 17:26:37 ----D---- C:\WINDOWS\l2schemas
2008-08-12 17:26:36 ----D---- C:\WINDOWS\system32\bits
2008-08-12 17:25:25 ----D---- C:\WINDOWS\ServicePackFiles
2008-08-12 17:23:38 ----D---- C:\WINDOWS\network diagnostic
2008-08-12 17:20:11 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-08-12 17:12:19 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-08-12 17:12:12 ----D---- C:\WINDOWS\system32\PreInstall
2008-08-12 17:12:10 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-08-12 17:07:47 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-08-12 17:07:47 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-08-12 17:07:18 ----D---- C:\WINDOWS\pss
2008-08-12 17:04:42 ----D---- C:\Documents and Settings\kevin miller\Application Data\Macromedia
2008-08-12 17:04:40 ----A---- C:\WINDOWS\ModemLog_Agere Systems PCI Soft Modem #2.txt
2008-08-12 17:04:05 ----ASH---- C:\Documents and Settings\kevin miller\Application Data\desktop.ini
2008-08-12 17:04:03 ----SD---- C:\Documents and Settings\kevin miller\Application Data\Microsoft
2008-08-12 17:04:03 ----D---- C:\Documents and Settings\kevin miller\Application Data\SampleView
2008-08-12 17:04:03 ----D---- C:\Documents and Settings\kevin miller\Application Data\Identities
2008-08-12 17:04:03 ----D---- C:\Documents and Settings\kevin miller\Application Data\Help
2008-08-12 17:04:03 ----D---- C:\Documents and Settings\kevin miller\Application Data\CyberLink
2008-08-12 17:02:02 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-08-12 17:00:01 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-08-12 16:58:38 ----SHD---- C:\System Volume Information
2008-08-09 13:42:08 ----A---- C:\WINDOWS\system32\wrLZMA.dll
2008-08-09 13:42:00 ----A---- C:\WINDOWS\system32\SsiEfr.exe
2008-08-08 13:52:18 ----A---- C:\WINDOWS\system32\PPPFilt.dll
2008-07-31 09:16:54 ----A---- C:\WINDOWS\system32\msjava.dll

List of drivers

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\system32\System32\Drivers\avgldx86.sys []
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\system32\System32\Drivers\avgmfx86.sys []
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\system32\System32\Drivers\avgtdix.sys []
R1 HCW88AUD;Hauppauge WinTV 88x Audio Capture; C:\WINDOWS\system32\drivers\hcw88aud.sys [2005-05-31 11970]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 mapledxp;mapledxp; C:\WINDOWS\system32\System32\drivers\mapledxp.SYS []
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-07-07 56108]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-09-02 5632]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-10-09 353680]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.0.0.5; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2005-08-13 15939]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2008-03-21 1203776]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-07-04 3230720]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
R3 CamDrL;Logitech QuickCam Pro 3000(CamDrl); C:\WINDOWS\system32\DRIVERS\Camdrl.sys [2007-02-03 1075360]
R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 DfuUsb;DfuUsb; C:\WINDOWS\SYSTEM32\DRIVERS\DFUUsb.sys [2007-11-08 10880]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HCW88BDA;Hauppauge WinTV 88x DVB Tuner/Demod; C:\WINDOWS\system32\drivers\hcw88bda.sys [2005-05-31 130112]
R3 HCW88TSE;Hauppauge WinTV 88x MPEG/TS Capture; C:\WINDOWS\system32\drivers\hcw88tse.sys [2005-05-31 296259]
R3 HCW88TUNE;Hauppauge WinTV 88x Tuner; C:\WINDOWS\system32\drivers\hcw88tun.sys [2005-05-31 137793]
R3 hcw88vid;Hauppauge WinTV 88x Video; C:\WINDOWS\system32\drivers\hcw88vid.sys [2005-05-31 611444]
R3 HCW88XBAR;Hauppauge WinTV 88x Crossbar; C:\WINDOWS\system32\drivers\HCW88BAR.sys [2005-05-31 27984]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidIr;Microsoft Infrared HID Driver; C:\WINDOWS\system32\DRIVERS\hidir.sys [2008-04-13 19200]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-09-23 3966976]
R3 IrBus;Infrared bus filter driver for eHome remote controls; C:\WINDOWS\system32\DRIVERS\IrBus.sys [2008-04-13 46592]
R3 KORGUMDS;KORG USB-MIDI Driver for Windows XP; C:\WINDOWS\System32\Drivers\KORGUMDS.SYS [2004-07-12 12544]
R3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys [2007-02-06 1964064]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2007-02-06 25632]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\LVUSBSta.sys [2007-02-03 41504]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\WINDOWS\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-08-14 47360]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-10 5888]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-02-25 105088]
R3 SPYPRV;SPYPRV; \??\C:\WINDOWS\system32\drivers\SPYPRV.SYS []
R3 TGX263;TriGem X2 Device Driver; C:\WINDOWS\System32\Drivers\TGX263.sys [2004-11-04 16384]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
S1 AVG Anti-Spyware Driver;AVG Anti-Spyware Driver; \??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys []
S1 AvgArCln;Avg Anti-Rootkit Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgArCln.sys []
S1 AvgAsCln;AVG Anti-Spyware Clean Driver; C:\WINDOWS\System32\DRIVERS\AvgAsCln.sys []
S1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2006-10-05 2432]
S1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2006-10-05 2560]
S3 bdfdll;bdfdll; \??\C:\Program Files\Softwin\BitDefender10\bdfdll.sys []
S3 BDFsDrv;BDFsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdfsdrv.sys []
S3 BDRsDrv;BDRsDrv; \??\C:\Program Files\Softwin\BitDefender10\bdrsdrv.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
S3 IKFileSec;File Security Driver; C:\WINDOWS\system32\system32\drivers\ikfilesec.sys []
S3 IKSysFlt;System Filter Driver; C:\WINDOWS\system32\drivers\iksysflt.sys [2008-06-02 66952]
S3 IKSysSec;System Security Driver; C:\WINDOWS\system32\drivers\iksyssec.sys [2008-06-10 81288]
S3 LLRKD;LLRKD; \??\C:\WINDOWS\system32\drivers\LLRKD.sys []
S3 LtcyCfgWDM;PCI Latency Tool Driver Service; C:\WINDOWS\system32\DRIVERS\LtcyCfgWDM.sys [2005-12-25 6656]
S3 LVcKap;Logitech AEC Driver; C:\WINDOWS\system32\DRIVERS\LVcKap.sys [2007-02-06 1691808]
S3 MBAMDrvService;MBAMDrvService; \??\C:\WINDOWS\system32\drivers\mbam.sys []
S3 MEMSWEEP2;MEMSWEEP2; \??\C:\WINDOWS\system32\279.tmp []
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 Profos;Profos; \??\C:\Program Files\Softwin\BitDefender10\profos.sys []
S3 RT2500;RT2500 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2500.sys [2004-09-10 212096]
S3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys [2003-12-31 69504]
S3 SABProcEnum;SABProcEnum; \??\C:\Program Files\Internet Explorer\SABProcEnum.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SynasUSB;SynasUSB; C:\WINDOWS\system32\drivers\SynasUSB.sys [2005-11-03 16896]
S3 Trufos;Trufos; \??\C:\Program Files\Softwin\BitDefender10\trufos.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\system32\System32\drivers\ws2ifsl.sys []

List of services

R2 AASW2_Service;Ashampoo AntiSpyWare 2 Service; C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe [2008-09-08 749400]
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2006-04-18 159744]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2008-03-18 13312]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 AshampooDefragService;Ashampoo Defrag Service; C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe [2008-04-18 746848]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-07-04 561152]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-10-23 874776]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-09-27 231704]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-10-05 168432]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-10-17 152984]
R2 LVPrcSrv;Process Monitor; c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe [2007-02-06 109344]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2008-09-08 198944]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-10-09 2405776]
R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine; C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe [2008-08-09 3585384]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 wwSecSvc;Washer AutoComplete; C:\WINDOWS\system32\wwSecure.exe [2005-04-20 487936]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-07-03 593920]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-02-06 105248]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-08-14 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-10-24 655624]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-13 29744]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920]
S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2008-08-07 1073544]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 AVG Anti-Spyware Guard;AVG Anti-Spyware Guard; C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe []

-----------------EOF-----------------
info.txt logfile of random's system information tool 2008-09-20 05:26:06

Uninstall list

-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
123 Flash Menu v3.0.0.1301-->"C:\Program Files\123 Flash Menu\uninstall.exe"
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
3GP Video Converter 3-->C:\Program Files\Xilisoft\3GP Video Converter 3\Uninstall.exe
55mm v6 for Adobe Photoshop & Compatible Applications-->C:\WINDOWS\unvise32.exe c:\program files\adobe\adobe photoshop cs3\plug-ins\55mm_v6_uninstal.log
ABL 2.1.2-->"C:\Program Files\VstPlugins\AudioRealism\ABL2\unins000.exe"
Acrobat.com-->msiexec /qb /x {77DCDCE3-2DED-62F3-8154-05E745472D07}
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Acronis Privacy Expert Suite-->MsiExec.exe /X{89246F31-3388-48D6-B268-4E817B3E4383}
ADM 1.0.1-->"C:\Program Files\VstPlugins\AudioRealism\ADM\unins000.exe"
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch-->msiexec /I {AC76BA86-1033-F400-7761-000000000004}
Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Audition 3.0-->msiexec /I {53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge CS4-->MsiExec.exe /I{0F99EAFA-4054-4ABC-A3D3-D2299210572F}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Contribute CS3-->C:\Program Files\Common Files\Adobe\Installers\c4c00451d35772e88ad87152169b2f3\Setup.exe
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Dreamweaver CS3-->C:\Program Files\Common Files\Adobe\Installers\7328fdfcb73660ec8b11d5a3d5c6232\Setup.exe
Adobe Dreamweaver CS3-->MsiExec.exe /I{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}
Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Extension Manager CS3-->MsiExec.exe /I{BE5F3842-8309-4754-92D5-83E02E6077A3}
Adobe Fireworks CS3-->C:\Program Files\Common Files\Adobe\Installers\bbef028176efa5abf0233d3e1747be8\Setup.exe
Adobe Fireworks CS3-->MsiExec.exe /I{7DFC1012-D346-46CE-B03E-FF79125AE029}
Adobe Flash CS3 Professional-->C:\Program Files\Common Files\Adobe\Installers\c3c7fe8b09d497ab2b3fd91c9353390\Setup.exe
Adobe Flash CS3-->MsiExec.exe /I{6B52140A-F189-4945-BFFC-DB3F00B8C589}
Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\UninstFl.exe -q
Adobe Flash Player 9 ActiveX-->MsiExec.exe /X{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}
Adobe Flash Player 9 Plugin-->MsiExec.exe /X{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Video Encoder-->MsiExec.exe /I{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Illustrator CS3-->C:\Program Files\Common Files\Adobe\Installers\a04a925a57548091300ada368235fc6\Setup.exe
Adobe InDesign CS3-->C:\Program Files\Common Files\Adobe\Installers\05ba3a63f36684fe0c5dde2ebe6f8f5\Setup.exe
Adobe InDesign CS3-->MsiExec.exe /I{CB3F8375-B600-4B9F-83C9-238ED1E583FD}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\d584bd300844dccb4c5967a80869477\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}
Adobe Photoshop CS4-->C:\Program Files\Common Files\Adobe\Installers\b741c3c52d3108664cedeb2b76f6d96\Setup.exe
Adobe Photoshop CS4-->MsiExec.exe /I{05B7B9BA-9EBC-4C5B-933D-49F372EFE7A1}
Adobe Presenter 7-->msiexec /I {4F93ABBE-5A1D-4D56-94CB-022F109FDE4D}
Adobe Presenter 7-->MsiExec.exe /I{4F93ABBE-5A1D-4D56-94CB-022F109FDE4D}
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe Setup-->MsiExec.exe /I{0650BB10-BCF4-400A-85EE-04097E3046C6}
Adobe Setup-->MsiExec.exe /I{11C10759-3BCC-4BF4-8EE6-9B545CB00E32}
Adobe Setup-->MsiExec.exe /I{4F3E17F8-F1C8-4A4B-9EB8-1EE2D190CDA9}
Adobe Setup-->MsiExec.exe /I{56B8B892-317E-4FDE-9E4D-44B189848A27}
Adobe Setup-->MsiExec.exe /I{84D58782-A2F0-47D4-A557-3041363893CF}
Adobe Setup-->MsiExec.exe /I{A1C9D1DA-7803-4586-B509-450009938312}
Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Setup-->MsiExec.exe /I{C92A5A89-B218-46F7-8898-77C52113FFE0}
Adobe SING CS3-->MsiExec.exe /I{3F9B2FD2-1C83-4401-9967-C3636638E958}
Adobe Soundbooth CS3-->C:\Program Files\Common Files\Adobe\Installers\a2d19e6e015da53f697cb97ae89ca85\Setup.exe
Adobe Soundbooth CS3-->MsiExec.exe /I{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}
Advanced WindowsCare Personal-->"C:\Program Files\IObit\Advanced WindowsCare V2\unins000.exe"
Agere Systems PCI Soft Modem-->agrsmdel
AKAI professional DCVocoder 1.0-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\AKAI professional M.I. Corp.\AKAI professional DCVocoder\UninstDCVocoder.isu"
AlgoMusic M42 Nebula v2 VSTi-->C:\PROGRA~1\VSTPLU~1\\M42V2\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\\M42V2\INSTALL.LOG
Alien Skin Blow Up-->C:\PROGRA~1\Adobe\ADOBEP~1\Plug-Ins\Alien Skin\Blow Up\Unwise32.exe C:\PROGRA~1\Adobe\ADOBEP~1\Plug-Ins\Alien Skin\Blow Up\INSTALL.LOG
Alien Skin Eye Candy 5 Impact-->C:\PROGRA~1\Adobe\ADOBEP~1\Plug-Ins\Alien Skin\Eye Candy 5 Impact\Unwise32.exe C:\PROGRA~1\Adobe\ADOBEP~1\Plug-Ins\Alien Skin\Eye Candy 5 Impact\INSTALL.LOG
Alien Skin Eye Candy 5 Nature-->C:\PROGRA~1\Adobe\ADOBEP~1\Plug-Ins\Alien Skin\Eye Candy 5 Nature\UNWISE.EXE C:\PROGRA~1\Adobe\ADOBEP~1\Plug-Ins\Alien Skin\Eye Candy 5 Nature\INSTALL.LOG
Alien Skin Eye Candy 5 Textures-->C:\PROGRA~1\Adobe\ADOBEP~1\Plug-Ins\Alien Skin\Eye Candy 5 Textures\UNWISE.EXE C:\PROGRA~1\Adobe\ADOBEP~1\Plug-Ins\Alien Skin\Eye Candy 5 Textures\INSTALL.LOG
Alien Skin Image Doctor 1.0-->C:\PROGRA~1\Adobe\ADOBEP~1\Plug-Ins\Image Doctor\UNWISE.EXE C:\PROGRA~1\Adobe\ADOBEP~1\Plug-Ins\Image Doctor\INSTALL.LOG
Alien Skin Snap Art-->C:\PROGRA~1\Adobe\ADOBEP~1\Plug-Ins\Alien Skin\Snap Art\Unwise32.exe C:\PROGRA~1\Adobe\ADOBEP~1\Plug-Ins\Alien Skin\Snap Art\INSTALL.LOG
Alien Skin Xenofex 2.0 Demo-->C:\PROGRA~1\Adobe\ADOBEP~1\Plug-Ins\Xenofex 2\UNWISE.EXE C:\PROGRA~1\Adobe\ADOBEP~1\Plug-Ins\Xenofex 2\INSTALL.LOG
Alien Skin Xenofex 2.0-->C:\PROGRA~1\Adobe\ADOBEP~1\Plug-Ins\Xenofex 2\UNWISE.EXE C:\PROGRA~1\Adobe\ADOBEP~1\Plug-Ins\Xenofex 2\INSTALL.LOG
AmpliTube2-->C:\Program Files\InstallShield Installation Information\{C95AACD4-9507-4F5C-9D53-22B1ACCFECD1}\setup.exe -runfromtemp -l0x0009 uninstall -removeonly
Analog Factory SE 1.2-->"C:\Program Files\Arturia\Analog Factory\unins000.exe"
Anim-FX-->"C:\Program Files\Anim-FX\uninstall.exe"
Antares Autotune VST v5.09-->"C:\Program Files\Antares Audio Technologies\Uninstall\unins000.exe"
Antares Filter VST DX v1.0-->C:\PROGRA~1\Antares\UNINST~1\UNWISE.EXE C:\PROGRA~1\Antares\UNINST~1\INSTALL.LOG
Antares Kantos v1.0-->C:\PROGRA~1\Antares\kantos\UNINST~1\UNWISE.EXE C:\PROGRA~1\Antares\kantos\UNINST~1\INSTALL.LOG
Antares Tube v1.0-->C:\PROGRA~1\Antares\TUBEUN~1\UNWISE.EXE C:\PROGRA~1\Antares\TUBEUN~1\INSTALL.LOG
Apple Mobile Device Support-->MsiExec.exe /I{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}
Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
Artillery-->C:\PROGRA~1\SUGARB~1\ARTILL~1\UNWISE.EXE C:\PROGRA~1\SUGARB~1\ARTILL~1\INSTALL.LOG
Ashampoo AntiSpyWare 2.02-->"C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\unins000.exe"
Ashampoo Burning Studio 8.03-->"C:\Program Files\Ashampoo\Ashampoo Burning Studio 8\unins000.exe"
Ashampoo Cover Studio 1.00-->"C:\Program Files\Ashampoo\Ashampoo Cover Studio\unins000.exe"
Ashampoo Magical Defrag 2-->"C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\unins000.exe"
Ashampoo Media Player+ 2.03-->"C:\Program Files\Ashampoo\Ashampoo Media Player+\unins000.exe"
Ashampoo Music Studio 3-->"C:\Program Files\Ashampoo\Ashampoo Music Studio 3\Uninstall\0230_Uninstall.EXE"
Ashampoo WinOptimizer 5.05-->"C:\Program Files\Ashampoo\Ashampoo WinOptimizer 5\unins000.exe"
ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Atmosphere-->"C:\Program Files\Spectrasonics\Atmosphere\unins000.exe"
Audio Damage 907A VST v1.0.0.7-->C:\PROGRA~1\VSTPLU~1\\AUDIOD~1\907UNI~1\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\\AUDIOD~1\907UNI~1\INSTALL.LOG
Audio Damage DeVerb VST v1.0-->C:\PROGRA~1\VSTPLU~1\\AUDIOD~1\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\\AUDIOD~1\INSTALL.LOG
Audio Damage DubStation VST v1.0.2.0-->C:\PROGRA~1\VSTPLU~1\\AUDIOD~1\DUBUNI~1\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\\AUDIOD~1\DUBUNI~1\INSTALL.LOG
Audio Damage Mayhem VST v1.0-->C:\PROGRA~1\VSTPLU~1\AUDIOD~1\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\AUDIOD~1\INSTALL.LOG
Audio.Damage.Ronin.v1.0.VST-DAC-->C:\PROGRA~1\VSTPLU~1\AUDIOD~1\\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\AUDIOD~1\\INSTALL.LOG
AV Bros. Page Curl 1.2 (Remove Only)-->C:\WINDOWS\AVUNTOOL.EXE AVBrosPageCurl
AV Bros. Puzzle Pro 1.2 (Remove Only)-->C:\WINDOWS\AVUNTOOL.EXE AVBrosPuzzlePro12
AVG 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Awave Studio v10-->C:\PROGRA~1\Awave Studio\UNWISE.EXE C:\PROGRA~1\Awave Studio\INSTALL.LOG
BBE D82 Sonic Maximizer VST RTAS v2.0-->"C:\Program Files\Nomad Factory\Uninstall\unins000.exe"
BigSeq VST plug-in-->C:\WINDOWS\BigSeq VST plug-in Uninstaller.exe
BlueSoleil-->MsiExec.exe /X{843B6370-4102-4FE9-9519-C0206A0A27DF}
Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
Camel Audio Camel Phat VST v3.15-->C:\PROGRA~1\VSTPLU~1\CAMELP~1\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\CAMELP~1\INSTALL.LOG
Camel Audio Cameleon 5000 VSTi v1.6-->C:\PROGRA~1\VSTPLU~1\\CAMELE~1\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\\CAMELE~1\INSTALL.LOG
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CDXtract 4.5-->"C:\Program Files\CDXTRACT4\unins000.exe"
Chromatica-->C:\WINDOWS\uninst.exe -f"c:\program files\adobe\adobe photoshop cs3\plug-ins\Chromatica\DeIsL1.isu"
CM Vocoder-->C:\Program Files\CM Vocoder\uninstall.exe
Collab-->C:\Program Files\Image-Line\Collab\uninstall.exe
ConvertXtoDVD 3.2.0.52-->"C:\Program Files\VSO\ConvertX\3\unins000.exe"
Cypress USB Mass Storage Driver Installation-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E0695EE-ED29-4D96-BD77-2A9A17EDF0D6}\Setup.exe" -l0x9 NotFirstInstall
Deckadance-->C:\Program Files\Image-Line\Deckadance\uninstall.exe
Digidesign Free Bomb Factory Plug-Ins 7.4-->C:\Program Files\InstallShield Installation Information\{82D48AB1-8E7F-4AA5-A5FA-47FA58A48110}\Setup.exe -runfromtemp -l0x0009 FromUninstall -removeonly
Digidesign Shared Plug-Ins 7.4-->C:\Program Files\InstallShield Installation Information\{AFE354A5-640F-4A23-94C8-0B441E8967CA}\Setup.exe -runfromtemp -l0x0009 FromUninstall -removeonly
Digital Element Aurora-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC4ECCC8-11CE-4542-A3DB-78947BC11D1D}\Setup.exe"
discoDSP Discovery VSTi v2.9-->"C:\Program Files\discoDSP\Uninstall\unins000.exe"
discoDSP ThrillMe VST v2.1-->C:\PROGRA~1\VSTPLU~1\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\INSTALL.LOG
discoDSP Vertigo v2.6-->"C:\Program Files\VstPlugins\discoDSP\unins000.exe"
DreamStation DXi2-->C:\WINDOWS\DSDXIRMV.EXE C:\PROGRAM FILES\CAKEWALK\SHARED DXI\AUDIO SIMULATION\DREAMSTATION DXI2
ElastikStandalone-->MsiExec.exe /I{57386F63-DBDC-4F19-9BE9-5A09CFE156AB}
ElastikVst-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{92F027CB-BDF9-4047-A654-13A050908158}\setup.exe" -l0x9 -removeonly
Extensis PhotoTools 3.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{806D03FF-BC0F-48DB-8D94-4EE3E99E53B5}\Setup.exe" -l0x9 -uninst
Eye Candy 4000-->C:\PROGRA~1\Adobe\ADOBEP~1\Plug-Ins\Eye Candy 4000\UNWISE.EXE C:\PROGRA~1\Adobe\ADOBEP~1\Plug-Ins\Eye Candy 4000\INSTALL.LOG
EZdrummer-->MsiExec.exe /I{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}
EZXCocktail-->MsiExec.exe /I{147567F0-8575-4BE0-B5B3-62706C67FA5A}
FabFilter Pro-C VST RTAS v1.10-->"C:\Program Files\FabFilter\unins000.exe"
FabFilter Timeless v1.00 VST-->C:\PROGRA~1\FABFIL~1\Timeless\UNWISE.EXE C:\PROGRA~1\FABFIL~1\Timeless\INSTALL.LOG
FabFilter Twin VST RTAS v1.21-->"C:\Program Files\VstPlugins\FabFilter\Twin\Uninstall\unins000.exe"
FabFilter Volcano 2.00-->C:\Program Files\FabFilter\Volcano 2\Uninst.exe
Fatsondo 2.0-->"C:\Program Files\VstPlugins\Fatsondo\uninst\unins000.exe"
Filters Unlimited 2.0-->"C:\Program Files\Adobe\Adobe Photoshop CS3\Plug-Ins\Filters Unlimited 2.0\unins000.exe"
Firebird SQL Server - MAGIX Edition-->C:\Program Files\MAGIX\Common\Database\unwise.exe
FL Studio 8-->C:\Program Files\Image-Line\FL Studio 8\uninstall.exe
Flash Menu Factory-->"C:\WINDOWS\Flash Menu Factory\uninstall.exe" "/U:C:\Program Files\Flash Menu Factory\Uninstall\uninstall.xml"
FLUX Spring Pack Bundle v1.0.4.14-->"C:\Program Files\Flux\unins000.exe"
Gladiator v1.2.2.0-->"C:\Program Files\Vstplugins\unins000.exe"
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Earth-->MsiExec.exe /I{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}
Google Photos Screensaver-->MsiExec.exe /X{481E9852-DA0C-403B-ADA4-05D86C8BF9A9}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Hauppauge MCE2005 Software Encoder-->C:\PROGRA~1\WinTV\UNSftMCE.EXE C:\PROGRA~1\WinTV\softMCE.LOG
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HP PSC 1400 series-->rundll32 hpzcon12.dll,VendorJettison HP PSC 1400 series
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
Impulse v. 3.10-->C:\Program Files\VstPlugins\ImpulseUninstal.exe
Insaniquarium Deluxe 1.0-->C:\WINDOWS\iun6002.exe "C:\Program Files\Insaniquarium Deluxe\irunin.ini"
Interlok driver setup x32-->MsiExec.exe /X{25613C10-27D2-410B-942B-D922D5C3A7BE}
iTunes-->MsiExec.exe /I{3DE0053C-FD9A-483E-B7C9-B06E4392206E}
iZotope Ozone 3-->"C:\Program Files\iZotope\Ozone 3\unins000.exe"
iZotope RX-->"C:\Program Files\iZotope\RX\unins000.exe"
iZotope Spectron-->"C:\Program Files\iZotope\Spectron\unins000.exe"
iZotope Trash-->"C:\Program Files\iZotope\Trash\unins000.exe"
iZotope Vinyl-->"C:\Program Files\iZotope\Vinyl\unins000.exe"
Java 2 Runtime Environment, SE v1.4.1_01-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1666FA7C-CB5F-11D6-A78C-00B0D079AF64}\setup.exe" Anytext
Jupiter-8V 1.0-->"C:\Program Files\Arturia\Jupiter-8V\unins000.exe"
KeyToSound - Dynamic EQ 1.0 r4-->"C:\Program Files\KeyToSound\Dynamic EQ\unins000.exe"
KeyToSound - Essential Compressor 1.0 r4-->"C:\Program Files\KeyToSound\Essential Compressor\unins000.exe"
KeyToSound - Precision EQ 1.0 r4-->"C:\Program Files\KeyToSound\Precision EQ\unins000.exe"
KeyToSound - Vintage EQ 1.0 r4-->"C:\Program Files\KeyToSound\Vintage EQ\unins000.exe"
Kodak DIGITAL GEM Professional Plug-In 1.0.1-->MsiExec.exe /I{0E8A4742-880F-4C30-B5C8-425160EA9D73}
Kodak DIGITAL ROC Professional Plug-In 1.0.2-->MsiExec.exe /I{5FD281D7-3EBF-47DF-ACE3-40D6FB0C220D}
Kodak DIGITAL SHO Professional Plug-In 1.0-->MsiExec.exe /I{BBEB5EDB-109D-4CA3-809E-ABF8B1436AB9}
KoolMoves 5.4.3 (Serif Edition)-->"C:\Program Files\KoolMoves Serif Edition\unins000.exe"
Korg Legacy Collection v1.1.10-->C:\PROGRA~1\KORGLE~1\UNWISE.EXE C:\PROGRA~1\KORGLE~1\INSTALL.LOG
KPT(R) effects(TM)-->C:\WINDOWS\IsUninst.exe -f"c:\program files\adobe\adobe photoshop cs3\plug-ins\KPT effects\KPTUnins.isu"
Lexicon Alpha ASIO (remove only)-->C:\Program Files\Lexicon\Alpha\AlphaUNInstaller.exe
LinPlug DeltaIII VSTi v3.0.5-->C:\PROGRA~1\VSTPLU~1\DeltaIII\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\DeltaIII\INSTALL.LOG
LinPlug Organ 3-->C:\Program Files\VstPlugins\UninstalOrgan3.exe
LinPlug SaxLab-->C:\Program Files\VstPlugins\UninstalSaxLab.exe
Linplug.CronoX.VSTi.v3.0.0-DAC-->C:\PROGRA~1\VSTPLU~1\Linplug\\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\Linplug\\INSTALL.LOG
Live 7.0.3-->C:\PROGRA~1\Ableton\LIVE70~1.3\Install\UNWISE.EXE C:\PROGRA~1\Ableton\LIVE70~1.3\Install\INSTALL.LOG
Logitech Audio Echo Cancellation Component-->MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870}
Logitech QuickCam-->MsiExec.exe /X{7D2370AC-D8E6-4996-986A-19824F8A167C}
Logitech® Camera Driver-->"C:\Program Files\Common Files\LogiShrd\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Lounge Lizard EP-2 v2.0-->C:\PROGRA~1\LOUNGE~1\UNINST~1\UNWISE.EXE C:\PROGRA~1\LOUNGE~1\UNINST~1\INSTALL.LOG
LuraWave.jp2 Photoshop Plug-In-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{EA0E1488-208B-48D7-93A4-2C3B168F1FF2} /l1033
Magic Flare 1.0-->C:\WINDOWS\iun506.exe C:\Program Files\Magic Flare\irunin.ini
MAGIX Music Maker 14 Producer Edition Trial 13.0.2.1 (US)-->C:\Program Files\MAGIX\MusicMaker14PE_Download_version\unwise.exe
MAGIX Screenshare 4.3.6.1987 (US)-->C:\Program Files\MAGIX\PCVisit\unwise.exe
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
ManyCam 2.3 (remove only)-->"C:\Program Files\ManyCam 2.3\uninstall.exe"
McAfee SiteAdvisor-->C:\Program Files\McAfee\SiteAdvisor\Uninstall.exe
MFM2 2.0.1-->"C:\Program Files\VstPlugins\u-he\unins000.exe"
microKONTROL Editor Librarian-->MsiExec.exe /I{41C12350-7819-4DF6-9B05-C9B2C88F9BA3}
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
MixMeister BPM Analyzer 1.0-->"C:\Program Files\MixMeister BPM Analyzer\unins000.exe"
MixMeister Fusion + Video 7.1.1-->"C:\Program Files\MixMeister Fusion + Video 7.1.1\unins000.exe"
MixMeister Fusion 7.2.2-->"C:\Program Files\MixMeister Fusion 7.2.2\unins000.exe"
MixMeister Fusion Demo 7.3.2-->"C:\Program Files\MixMeister Fusion\unins000.exe"
MotoGP URT 3-->"C:\Program Files\THQ\MotoGP URT 3\unins000.exe"
Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MU Technologies MU Voice VST RTAS v1.1.1-->"C:\Program Files\MU Technologies\MU Voice\Uninstall\unins000.exe"
MVision-->MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93}
Napster-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BBBCAE4B-B416-4182-A6F2-438180894A81}\setup.exe" -l0x9 AddRemoveCPRun
Native Instruments Absynth 4-->C:\PROGRA~1\NATIVE~1\ABSYNT~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\ABSYNT~1\INSTALL.LOG
Native Instruments FM8 v1.0.1.002 VSTi DXi RTAS-->C:\PROGRA~1\NATIVE~1\FM8\UNWISE.EXE C:\PROGRA~1\NATIVE~1\FM8\INSTALL.LOG
Native Instruments FM8-->C:\PROGRA~1\NATIVE~1\FM8\uninstall.exe
Native Instruments Spektral Delay-->C:\PROGRA~1\NATIVE~1\SPEKTR~1\UNWISE.EXE C:\PROGRA~1\NATIVE~1\SPEKTR~1\INSTALL.LOG
Native Instruments Vokator-->C:\PROGRA~1\NATIVE~1\Vokator\UNWISE.EXE C:\PROGRA~1\NATIVE~1\Vokator\INSTALL.LOG
Natura Sound Therapy-->C:\WINDOWS\Natura Sound Therapy Uninstaller.exe
Nero 8-->MsiExec.exe /X{BE282C23-5484-47FF-B2C1-EBEA5C891033}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NoLimits Coasters 1.7 (remove only)-->"C:\Program Files\NoLimits Coasters v1.6\uninstall.EXE"
NoLimits Fairground 1.5-->"C:\Program Files\NoLimits Fairground 1.5\unins000.exe"
Norton Security Scan-->MsiExec.exe /I{3A4FFB84-D070-4DA5-AB7B-D41D87FD8D19}
OrangeVocoder VST 2.02-->C:\WINDOWS\iun6002.exe "C:\Program Files\VstPlugins\OrangeVocoder VST\irunin.ini"
PC Doc Pro-->"C:\Program Files\PC Doc Pro\unins000.exe"
PCdefense-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{F1C54BF1-4B00-4069-ABD3-A65384419B87}
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Philips Media Manager 3.2.1.0004-->C:\Program Files\Philips\Media Manager\uninstall.exe
Photo Stacker version 1.1.1-->"C:\Program Files\Krrrk.com\Photo Stacker\unins000.exe"
PhotoFrame Pro 3.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5F073685-ADDB-4D5A-98E9-0F795989A57F}\setup.exe" -l0x9 -uninst -removeonly
Photoshop Camera Raw-->MsiExec.exe /I{C4418DF9-5B57-4C5D-ACC2-D6B1338CCE09}
PhotoTools 1.0 Professional Edition-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B01DD5B7-9862-43D7-BCA3-7882A17E4328}\setup.exe" -l0x9 -uninst -removeonly
Phrazor 1.02-->"C:\Program Files\Phrazor\Tools\Uninstall\unins000.exe"
Phrazor VST 1.02-->"C:\Program Files\VstPlugins\Phrazor Uninstall\unins000.exe"
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
Plugin Galaxy 1.0-->"C:\WINDOWS\UNISTB32.EXE" /U "C:\Program Files\Adobe\Adobe Photoshop CS3\Plug-Ins\PluginGalaxy\UNINST0.000" "C:\Program Files\Adobe\Adobe Photoshop CS3\Plug-Ins\PluginGalaxy\UNINST1.000"
PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe
Power2Go 4.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" -uninstall
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
PSP Audioware Xenon v1.0-->"C:\Program Files\PSPaudioware\PSP Xenon iLok\Uninstall\unins000.exe"
PSP MixPack2 2.0.3-->"C:\Program Files\PSPaudioware\PSP MixPack2\uninstall.exe" "/U:C:\Program Files\PSPaudioware\PSP MixPack2\irunin.xml"
PSP Nitro 1.1.1-->"C:\Program Files\PSPaudioware\PSP Nitro\uninstall.exe" "/U:C:\Program Files\PSPaudioware\PSP Nitro\irunin.xml"
PSP VintageWarmer2 2.1.4-->"C:\Program Files\PSPaudioware\PSP VintageWarmer2\uninstall.exe" "/U:C:\Program Files\PSPaudioware\PSP VintageWarmer2\irunin.xml"
QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
REALTEK Gigabit and Fast Ethernet NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94FB906A-CF42-4128-A509-D353026A607E}\Setup.exe" -l0x9 REMOVE
Reason 4.0.1-->"C:\Program Files\Propellerhead\Reason\Uninstall Reason\unins000.exe"
ReCycle 2.1.2-->"C:\Program Files\Propellerhead\ReCycle\unins000.exe"
REFLECT-->MsiExec.exe /I{068BBFD6-300E-4847-AB86-DE8C0A58AE66}
reFX Nexus 1.0.0-->"C:\Program Files\VstPlugins\Nexus\Uninstall\unins000.exe"
reFX Nexus 1.0.9-->"C:\Program Files\VstPlugins\unins004.exe"
reFX Nexus 1.4.1-->"C:\Program Files\VstPlugins\Nexus\unins000.exe"
reFX Vanguard 1.7.2-->"C:\Program Files\VstPlugins\unins003.exe"
reFX Vanguard VSTi v1.6.1-->"C:\Program Files\VstPlugins\Vanguard\Uninstall\unins000.exe"
reFX Vanguard VSTi-->"C:\Program Files\VstPlugins\Vanguard\Uninstall\unins001.exe"
Registry Mechanic 8.0-->"C:\Program Files\Registry Mechanic\unins000.exe" /Log
Replicant VST plug-in-->C:\WINDOWS\Replicant VST plug-in Uninstaller.exe
Revo Uninstaller 1.71-->C:\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe
rgc:audio z3ta+ 1.5-->"C:\Program Files\Cakewalk\z3ta+\unins000.exe"
rgcAudio z3ta Plus v1.40-->C:\PROGRA~1\RGCAUD~1\Z3TA_~1\Z3TA_U~1\UNWISE.EXE C:\PROGRA~1\RGCAUD~1\Z3TA_~1\Z3TA_U~1\INSTALL.LOG
Rhino 1.08-->C:\WINDOWS\iun6002.exe "C:\Program Files\VstPlugins\Rhino\irunin.ini"
Rhino-->MsiExec.exe /X{BB4047ED-4018-49A0-9D4F-A223A7D16044}
Rob Papen Albino 3 Demo-->C:\Program Files\VstPlugins\UninstalAlbino3.exe
Rob Papen Albino 3-->C:\Program Files\VstPlugins\UninstalAlbino3.exe
Rob Papen BLUE Version 1.7.0-->"C:\Program Files\VstPlugins\unins002.exe"
Rob Papen Blue VSTi v1.02-->C:\PROGRA~1\VSTPLU~1\Blue\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\Blue\INSTALL.LOG
Rob Papen Predator V1.1.1-->"C:\Program Files\VstPlugins\unins001.exe"
Robotronic-->C:\PROGRA~1\SUGARB~1\ROBOTR~1\UNWISE.EXE C:\PROGRA~1\SUGARB~1\ROBOTR~1\INSTALL.LOG
Roxio Burn Engine-->MsiExec.exe /I{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}
RT2500 Wireless LAN Card-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAA66A0D-E610-40B8-9D51-C1854285773A}\setup.exe" -l0x9 -removeonly
SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe
Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x9 -removeonly
Security Update for 2007 Microsoft Office System (KB951596)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB951546)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Serif DrawPlus 8 Resources-->MsiExec.exe /I{9044384C-1D53-4DEA-B257-0A0C7D6C7452}
Serif DrawPlus 8-->MsiExec.exe /I{838E3304-69BE-4537-8297-1760E36A2DA5}
Serif MoviePlus 5 Resources-->MsiExec.exe /I{5F081A89-4CBD-4ACA-9456-7AE7A4BF0830}
Serif MoviePlus 5-->MsiExec.exe /I{78728272-F480-4899-BBCB-776207C77D89}
Serif PagePlus X2-->MsiExec.exe /I{B00B1355-DD54-4314-90B1-161C6A7D3FD3}
Serif PagePlus X3-->MsiExec.exe /X{596DA8A2-C576-46F5-A92E-8C9CCECE4E9D}
Serif WebPlus X2 Resources-->MsiExec.exe /I{05BC428A-F2A5-4E11-8130-10C3237FD67B}
Serif WebPlus X2-->MsiExec.exe /I{8829E394-87E1-41C0-BCED-9B47F7C6DCDD}
Snowflakes (plug-in)-->C:\WINDOWS\Snowflakes (plug-in) Uninstaller.exe
Sonalksis Plug-Ins for Windows 1.28-->"C:\WINDOWS\unins000.exe"
SONAR 7 Producer Edition-->"C:\Program Files\Cakewalk\SONAR 7 Producer Edition\unins000.exe"
Sonnox Oxford R3 Dynamics Native VST v1.3.1-->"C:\Program Files\Sonnox\Uninstall\Sonnox Oxford R3 Dynamics Native VST\unins000.exe"
Sony ACID Pro 6.0-->MsiExec.exe /X{2956585F-DB2F-45C2-9363-F8CB0BB4F2A7}
Sony Media Manager 2.2-->MsiExec.exe /X{2B5A75F0-FD85-4094-AB00-94902398D192}
Sony Noise Reduction Plug-In 2.0h-->MsiExec.exe /X{06A1BE8A-4CA4-4A39-B9E4-E815AA8FE05C}
Sophos Anti-Rootkit 1.3.1-->C:\Program Files\Sophos\Sophos Anti-Rootkit\helper.exe remove
Space Effect 2.0-->"C:\Program Files\VstPlugins\SpaceEffect\uninst\unins000.exe"
SpectR-Pro 2.5.101-->"C:\Program Files\VstPlugins\SpectR-Pro\unins000.exe"
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
Splat! 1.0 Demo-->C:\PROGRA~1\Adobe\ADOBEP~1\Plug-Ins\Splat\UNWISE.EXE C:\PROGRA~1\Adobe\ADOBEP~1\Plug-Ins\Splat\INSTALL.LOG
Spy Sweeper Core-->MsiExec.exe /I{3F5B6210-0903-4DC6-8034-8F488AA3A782}
Spy Sweeper-->"C:\Program Files\Webroot\Spy Sweeper\unins000.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Spyware Doctor 5.5-->C:\Program Files\Spyware Doctor\unins000.exe /LOG
StormGate1 1.0c-->"C:\Documents and Settings\All Users\Application Data\AraldFX\SG1\unins000.exe"
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
SWiSH Max2-->C:\WINDOWS\unvise32.exe C:\Program Files\SWiSH Max2\uninstal.log
Synapse.Junglist.v3.11-OxYGeN-->C:\PROGRA~1\VSTPLU~1\Junglist\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\Junglist\Install.log
Synthation Vanguard Essentials Soundbank-->C:\PROGRA~1\VSTPLU~1\Vanguard\Presets\Presets\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\Vanguard\Presets\Presets\INSTALL.LOG
TerraTec Komplexer VSTi v1.0.2.0-->"C:\Program Files\VstPlugins\TerraTec Producer\Uninstall\unins000.exe"
Text-To-Speech-Runtime-->MsiExec.exe /X{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}
Tone2 Firebird VSTi v1.2.1-->C:\PROGRA~1\Tone2\UNWISE.EXE C:\PROGRA~1\Tone2\INSTALL.LOG
Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe
T-RackS 1.x-->C:\Program Files\InstallShield Installation Information\{37BCCAE2-A3AD-4E03-B4FD-A1BE1FE6365A}\setup.exe -runfromtemp -l0x0009 uninstall -removeonly
T-RackS 24-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\IK Multimedia\T-RackS 24\Uninst.isu"
Trilogy-->"C:\Program Files\Spectrasonics\Trilogy\unins000.exe"
Uninstall DreamSuite-->C:\WINDOWS\unvise32.exe c:\program files\adobe\adobe photoshop cs3\plug-ins\DreamSuite\DreamSuite Uninstall.log
Uninstall Mystical-->C:\WINDOWS\unvise32.exe c:\program files\adobe\adobe photoshop cs3\plug-ins\Mystical\Mystical Uninstall.log
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb956080)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {96CC215F-3F22-4E1E-A101-F0041934A456}
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update Rollup 2 for Windows XP Media Center Edition 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
USB Storage Adapter FX (SM1)-->SM1UN.EXE SM1FX_AT
VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6}
Virsyn Tera VSTi RTAS v3.2.1-->"C:\Program Files\VirSyn Software Synthesizer\Uninstall\unins000.exe"
VirtuaGirl HD-->C:\Documents and Settings\kevin miller\Start Menu\Programs\VirtuaGirl HD\uninstall.lnk
Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
Wave Arts Power Suite-->C:\PROGRA~1\WAVEAR~1\UNWISE.EXE C:\PROGRA~1\WAVEAR~1\INSTALL.LOG
Waves Diamond Bundle v5.2-->C:\PROGRA~1\Waves\DIAMON~1\UNWISE.EXE C:\PROGRA~1\Waves\DIAMON~1\INSTALL.LOG
Waves L3 16-->C:\PROGRA~1\Waves\Logs\WAVESL~1\UNWISE.EXE C:\PROGRA~1\Waves\Logs\WAVESL~1\INSTALL.LOG
Waves L3 v5.2-->C:\PROGRA~1\Waves\UNINST~1\UNWISE.EXE C:\PROGRA~1\Waves\UNINST~1\INSTALL.LOG
Waves Masters 3.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6B7FB6C2-B673-474E-8B68-00A0BF8652DB}\Setup.exe" -l0x9
WinAVI Video Converter-->"C:\Program Files\WinAVI Video Converter\unins000.exe"
Window Washer-->C:\WINDOWS\Unwash6.exe
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows XP Media Center Edition 2005 KB890760-->C:\WINDOWS\$NtUninstallKB890760$\spuninst\spuninst.exe
Windows XP Media Center Edition 2005 KB895198-->C:\WINDOWS\$NtUninstallKB895198$\spuninst\spuninst.exe
Windows XP Media Center Edition 2005 KB895678-->C:\WINDOWS\$NtUninstallKB895678$\spuninst\spuninst.exe
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WWAYM - NWSynth V1.3-->"C:\WINDOWS\lsb_un20.exe" /C=UC /N=WWAYM - NWSynth V1.3
XviD MPEG-4 Video Codec-->"C:\Program Files\XviD\unins000.exe"
Zero-G Nostalgia-->C:\PROGRA~1\Zero-G\NOSTAL~1\UNWISE.EXE C:\PROGRA~1\Zero-G\NOSTAL~1\INSTALL.LOG
Zero-G Sounds of Polynesia-->C:\PROGRA~1\Zero-G\SOUNDS~1\UNWISE.EXE C:\PROGRA~1\Zero-G\SOUNDS~1\INSTALL.LOG
Zero-G Sounds of the 70s-->C:\PROGRA~1\Zero-G\SOUNDS~2\UNWISE.EXE C:\PROGRA~1\Zero-G\SOUNDS~2\INSTALL.LOG
Zero-G Wired - The Elements of Trance-->C:\PROGRA~1\Zero-G\WIRED-~1\UNWISE.EXE C:\PROGRA~1\Zero-G\WIRED-~1\INSTALL.LOG
ZoneAlarm Pro-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

Security center information

AV: Spyware Doctor with AntiVirus (disabled)
AV: AVG Anti-Virus
FW: ZoneAlarm Pro Firewall

Environment variables

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Common Files\iZotope\Runtimes;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=0403
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\j2re1.4.1_01\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\j2re1.4.1_01\lib\ext\QTJava.zip
"tvdumpflags"=8

-----------------EOF-----------------
koolkevdj
Regular Member
 
Posts: 44
Joined: September 9th, 2008, 8:32 am

Re: Online scanner problems

Unread postby Katana » October 26th, 2008, 6:54 am

Let's try this for the online scanner problem


----------------------------------------------------------- -----------------------------------------------------------

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Please download JavaRa and unzip it to your desktop.

***Please close any instances of Internet Explorer (or other web browser) before continuing!***

  • Double-click on JavaRa.exe to start the program.
  • From the drop-down menu, choose English and click on Select.
  • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
  • Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
  • A logfile will pop up. Please save it to a convenient location.

Now download and install Java Runtime Environment (JRE) .

----------------------------------------------------------- -----------------------------------------------------------




Kaspersky Online Scanner .
Your Antivirus and/or Antispyware may give a warning during the scan. This is perfectly normal
NOTE:- This scan is best done from IE (Internet Explorer)

NOTE:- Vista users should start IE by Start(Vista Orb) >> Internet Explorer >> Right-Click Run As Admin
Go Here http://www.kaspersky.com/kos/eng/partne ... bscan.html

Read the Requirements and limitations before you click Accept.
Once the database has downloaded, click My Computer in the left pane
Now go and put the kettle on !
When the scan has completed, click Save Report As...
Enter a name for the file in the Filename: text box and then click the down arrow to the right of Save as type: and select text file (*.txt)
Click Save - by default the file will be saved to your Desktop, but you can change this if you wish.


**Note**

To optimize scanning time and produce a more sensible report for review:
  • Close any open programs.
  • Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.
Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.


----------------------------------------------------------- -----------------------------------------------------------

What exe files are you trying to run in Internet Explorer ?
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Online scanner problems

Unread postby koolkevdj » October 27th, 2008, 4:07 am

hi thx for your help it is working ok now,i can now run online scanners and run exe.files from ie7,i have one other question tho,every now and again i get a warning from zone alarm saying that generic services for win 32 is asking to access the internet,destination port 135,i thought this to be strange as legitamte win programs very rarly ask for permission to access the internet,
koolkevdj
Regular Member
 
Posts: 44
Joined: September 9th, 2008, 8:32 am

Re: Online scanner problems

Unread postby Katana » October 27th, 2008, 6:30 am

Did Kaspersky find any problems ?

RE ZoneAlarm, does this explain it ?
http://www.blackviper.com/AskBV/tech4.htm

Are there any other problems now ?
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Online scanner problems

Unread postby koolkevdj » October 27th, 2008, 6:55 am

hi no kaspersky didnt find anything so all looks good there,and the problem with the warning from zonealarm is explained in the link you gave,so is it only ok to allow outbound alerts and not incoming as i read somewhere that if its inbound it could be a worm or trojan,i might be wrong.
koolkevdj
Regular Member
 
Posts: 44
Joined: September 9th, 2008, 8:32 am

Re: Online scanner problems

Unread postby Katana » October 27th, 2008, 10:22 am

koolkevdj wrote:if its inbound it could be a worm or trojan,i might be wrong.

Correct.






The following is some info to help you stay safe and clean.
( Vista users must ensure that any programs are Vista compatible BEFORE installing )

You may already have some of the following programs, but I include the full list for the benefit of all the other people who will be reading this thread in the future.

Online Scanners
I would recommend a scan at one or more of the following sites at least once a month.

http://www.pandasecurity.com/activescan
http://www.kaspersky.com/kos/eng/partne ... bscan.html

!!! Make sure that all your programs are updated !!!
Secunia Software Inspector does all the work for you, .... see HERE for details

AntiSpyware
    AntiSpyware is not the same thing as Antivirus.
    Different AntiSpyware programs detect different things, so in this case it is recommended that you have more than one.
    You should only have one running all the time, the other/s should be used "on demand" on a regular basis.
    Most of the programs in this list have a free (for Home Users ) and paid versions,
    it is worth paying for one and having "realtime" protection, unless you intend to do a manual scan often.
  • Spybot - Search & Destroy <<< A must have program
    • It includes host protection and registry protection
    • A hosts file is a bit like a phone book, it points to the actual numeric address (i.e. the IP address) from the human friendly name of a website. This feature can be used to block malicious websites
  • MalwareBytes Anti-malware <<< A New and effective program
  • a-squared Free <<< A good "realtime" or "on demand" scanner
  • superantispyware <<< A good "realtime" or "on demand" scanner

Prevention
    These programs don't detect malware, they help stop it getting on your machine in the first place.
    Each does a different job, so you can have more than one
  • Winpatrol
    • An excellent startup manager and then some !!
    • Notifies you if programs are added to startup
    • Allows delayed startup
    • A must have addition
  • SpywareBlaster 4.0
    • SpywareBlaster sets killbits in the registry to prevent known malicious activex controls from installing themselves on your computer.
  • SpywareGuard 2.2
    • SpywareGuard provides real-time protection against spyware.
    • Not required if you have other "realtime" antispyware or Winpatrol
  • ZonedOut
    • Formerly known as IE-SPYAD, adds a long list of sites and domains associated with known advertisers and marketers to the Restricted sites zone of Internet Explorer.
  • MVPS HOSTS
    • This little program packs a powerful punch as it blocks ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers.
    • For information on how to download and install, please read this tutorial by WinHelp2002.
    • Not required if you are using other host file protections

Internet Browsers
    Microsoft has worked hard to make IE.7 a more secure browser, unfortunately whilst it is still the leading browser of choice it will always be under attack from the bad guys.
    Using a different web browser can help stop malware getting on your machine.
    • Make your Internet Explorer more secure - This can be done by following these simple instructions:
      1. From within Internet Explorer click on the Tools menu and then click on Options.
      2. Click once on the Security tab
      3. Click once on the Internet icon so it becomes highlighted.
      4. Click once on the Custom Level button.
        • Change the Download signed ActiveX controls to Prompt
        • Change the Download unsigned ActiveX controls to Disable
        • Change the Initialise and script ActiveX controls not marked as safe to Disable
        • Change the Installation of desktop items to Prompt
        • Change the Launching programs and files in an IFRAME to Prompt
        • Change the Navigate sub-frames across different domains to Prompt
        • When all these settings have been made, click on the OK button.
        • If it prompts you as to whether or not you want to save the settings, press the Yes button.
      5. Next press the Apply button and then the OK to exit the Internet Properties page.
    If you are still using IE6 then either update, or get one of the following.
    • FireFox
      • With many addons available that make customization easy this is a very popular choice
      • NoScript and AdBlockPlus addons are essential
    • Opera
      • Another popular alternative
    • Netscape
      • Another popular alternative
      • Also has Addons available

Cleaning Temporary Internet Files and Tracking Cookies
    Temporary Internet Files are mainly the files that are downloaded when you open a web page.
    Unfortunately, if the site you visit is of a dubious nature or has been hacked, they can also be an entry point for malware.
    It is a good idea to empty the Temporary Internet Files folder on a regular basis.

    Tracking Cookies are files that websites use to monitor which sites you visit and how often.
    A lot of Antispyware scanners pick up these tracking cookies and flag them as unwanted.
    CAUTION :- If you delete all your cookies you will lose any autologin information for sites that you visit, and will need your passwords

    Both of these can be cleaned manually, but a quicker option is to use a program
  • ATF Cleaner
    • Free and very simple to use
  • CCleaner
    • Free and very flexible, you can chose which cookies to keep

Also PLEASE read this article.....So How Did I Get Infected In The First Place

The last and most important thing I can tell you is UPDATE.
If you don't update your security programs (Antivirus, Antispyware even Windows) then you are at risk.
Malware changes on a day to day basis. You should update every week at the very least.

If you follow this advice then (with a bit of luck) you will never have to hear from me again :D


If you could post back one more time to let me know everything is OK, then I can have this thread archived.

Happy surfing K'
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Online scanner problems

Unread postby koolkevdj » October 28th, 2008, 6:44 pm

hi,ok well the last problem has been sorted but now i have yet another problem............i do not know where the hell it came from but i got a trojan.virtumonde............i ran super anti spyware & it detected 38 infections.............i then ran malware anti bytes & it detected 3 infections.........i checked to remove them and i had to reboot the pc which i did....however when the pc rebooted i cannot now access my c-drive for some reason.......i restarted the pc in safe mode but was unable to o so............i then rebooted into windows normally & i could not access the desktop or anything else........so i did ctl-alt-del to get the task manager up & clicked new task for which i entered explore.exe.................the task bar came back for 10 seconds then went off again..............looks like ill have to do a full system recovery as its doing my head in now .............but if you have any other suggestions then that would be good.................thankyou for your time....................kevin
Malwarebytes' Anti-Malware 1.30
Database version: 1333
Windows 5.1.2600 Service Pack 3

28/10/2008 22:44:30
mbam-log-2008-10-28 (22-44-30).txt

Scan type: Quick Scan
Objects scanned: 64244
Time elapsed: 8 minute(s), 7 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
koolkevdj
Regular Member
 
Posts: 44
Joined: September 9th, 2008, 8:32 am

Re: Online scanner problems

Unread postby Katana » October 28th, 2008, 7:09 pm

Download ComboFix from one of these locations:

Link 1
Link 2
Link 3

* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
    See HERE for help
  • Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Image



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Online scanner problems

Unread postby koolkevdj » October 29th, 2008, 6:21 am

hi,all done as to your instructions and this is the log for combofix..many thanks
ComboFix 08-10-29.04 - kevin miller 2008-10-29 9:11:50.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1425 [GMT 0:00]
Running from: C:\Documents and Settings\kevin miller\My Documents\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\kevin miller\Application Data\inst.exe
C:\WINDOWS\system32\dNTAGfhk.ini
C:\WINDOWS\system32\dNTAGfhk.ini2
C:\WINDOWS\system32\msvcsv60.dll
C:\WINDOWS\system32\vfolx32n.dll

.
((((((((((((((((((((((((( Files Created from 2008-09-28 to 2008-10-29 )))))))))))))))))))))))))))))))
.

2008-10-28 08:46 . 2006-12-02 15:32 167,936 --a------ C:\WINDOWS\system32\Engine3D021206.dll
2008-10-28 08:39 . 2008-10-28 08:39 <DIR> d-------- C:\Program Files\The Foundry
2008-10-27 22:55 . 2008-10-27 22:55 <DIR> d-------- C:\cubase
2008-10-27 08:05 . 2008-10-27 08:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-27 08:04 . 2008-10-27 08:04 <DIR> d-------- C:\Program Files\QuickTime
2008-10-26 13:36 . 2008-10-26 13:36 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-10-26 13:06 . 2008-10-26 13:06 <DIR> d-------- C:\Documents and Settings\kevin miller\Application Data\Summitsoft
2008-10-26 08:31 . 2008-10-26 08:31 601 --a------ C:\WINDOWS\NetOps10.doc
2008-10-26 08:27 . 2008-10-26 08:27 12 --a------ C:\WINDOWS\NetOps04.doc
2008-10-25 09:42 . 2008-10-25 09:42 <DIR> d-------- C:\Program Files\Microsoft Plus! Digital Media Edition
2008-10-25 09:42 . 2008-10-25 09:42 <DIR> d-------- C:\Program Files\Dancer Plus! LE de Microsoft
2008-10-24 19:52 . 2008-10-24 19:52 <DIR> d-------- C:\Program Files\Uninstall
2008-10-24 07:48 . 2008-10-24 07:48 <DIR> d-------- C:\Program Files\Adobe Media Player
2008-10-23 22:34 . 2008-10-23 22:34 <DIR> d-------- C:\Program Files\AESTESIS
2008-10-23 18:49 . 2008-10-23 18:49 <DIR> d-------- C:\Program Files\Apple Software Update
2008-10-23 18:49 . 2008-10-23 18:49 <DIR> d-------- C:\Documents and Settings\kevin miller\Application Data\NuVJ
2008-10-23 16:17 . 2008-10-23 16:17 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-10-23 16:17 . 2008-10-23 16:17 1,409 --a------ C:\WINDOWS\QTFont.for
2008-10-22 10:00 . 2008-10-22 10:00 76,560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-10-22 10:00 . 2008-10-22 10:00 2,162 --a------ C:\WINDOWS\system32\tmmute.ini
2008-10-21 03:07 . 2008-10-21 03:07 <DIR> d-------- C:\WINDOWS\Sun
2008-10-20 09:54 . 2008-10-29 08:57 <DIR> d-------- C:\Downloads
2008-10-20 07:02 . 2008-10-20 07:02 <DIR> d-------- C:\Program Files\Neuromixer
2008-10-20 07:02 . 2008-10-20 07:02 <DIR> d-------- C:\Documents and Settings\kevin miller\Application Data\Cycling '74
2008-10-17 18:56 . 2008-10-19 11:33 <DIR> d-------- C:\Program Files\REAPER
2008-10-17 18:56 . 2008-10-19 11:30 <DIR> d-------- C:\Documents and Settings\kevin miller\Application Data\REAPER
2008-10-17 17:50 . 2008-10-26 13:36 410,976 --a------ C:\WINDOWS\system32\deploytk.dll
2008-10-16 17:50 . 2008-10-16 17:50 <DIR> d-------- C:\WINDOWS\McAfee.com
2008-10-16 16:59 . 2008-10-23 18:50 <DIR> d-------- C:\Program Files\QuickTime Alternative
2008-10-16 16:59 . 2008-10-16 16:59 <DIR> d-------- C:\Program Files\Media Player Classic
2008-10-16 16:59 . 2002-12-20 11:40 675,328 --a------ C:\WINDOWS\system32\ir50_32.qtx
2008-10-16 16:59 . 2004-10-27 12:01 360,504 --a------ C:\WINDOWS\system32\QTPlugin.ocx
2008-10-16 16:59 . 2004-01-12 16:57 86,016 --a------ C:\WINDOWS\system32\QuickTime.ax
2008-10-15 15:16 . 2008-08-14 09:33 2,066,048 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-15 15:16 . 2008-08-14 09:33 2,023,936 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-15 15:16 . 2008-09-15 12:12 1,846,400 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys
2008-10-15 15:16 . 2008-09-08 10:41 333,824 -----c--- C:\WINDOWS\system32\dllcache\srv.sys
2008-10-14 19:40 . 2008-10-14 19:40 <DIR> d-------- C:\Documents and Settings\kevin miller\Application Data\DAEMON Tools Pro
2008-10-14 18:31 . 2008-10-14 18:31 685,816 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-10-14 15:27 . 2008-10-14 15:27 <DIR> d-------- C:\Program Files\Norton Security Scan
2008-10-13 16:56 . 2008-10-13 17:02 <DIR> d-------- C:\Program Files\BitComet
2008-10-13 12:20 . 2008-10-13 12:20 <DIR> d-------- C:\Program Files\Note
2008-10-12 13:38 . 2005-11-03 16:14 45,056 --a------ C:\WINDOWS\system32\Synsopos.exe
2008-10-12 10:51 . 2008-10-12 13:48 <DIR> d-------- C:\nuendo
2008-10-07 19:50 . 2008-10-07 19:50 <DIR> d-------- C:\Program Files\Eidos Interactive
2008-10-07 19:32 . 2008-10-09 08:24 <DIR> d-------- C:\Documents and Settings\kevin miller\Application Data\Gearbox Software
2008-10-07 18:59 . 2008-10-07 18:59 <DIR> d-------- C:\Program Files\Ubisoft
2008-10-07 18:44 . 2008-10-07 18:44 <DIR> d-------- C:\Program Files\OpenAL
2008-10-07 18:44 . 2008-10-07 18:44 413,696 --a------ C:\WINDOWS\system32\wrap_oal.dll
2008-10-07 18:44 . 2008-10-07 18:44 110,592 --a------ C:\WINDOWS\system32\OpenAL32.dll
2008-10-07 18:24 . 2008-10-07 18:24 <DIR> d-------- C:\Program Files\Oxygen Interactive
2008-10-07 10:19 . 2008-10-07 10:19 48 --a------ C:\WINDOWS\ProductKeyExplorer.INI
2008-10-07 08:15 . 2008-10-07 08:18 <DIR> d-------- C:\Program Files\SWiSHstudio
2008-10-07 08:03 . 2008-10-07 08:03 <DIR> d-------- C:\Program Files\KoolMoves
2008-10-07 07:46 . 2008-06-10 20:22 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2008-10-07 07:46 . 2008-06-02 14:19 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2008-10-07 07:46 . 2008-06-02 14:19 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2008-10-07 07:46 . 2008-06-02 14:19 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2008-10-07 07:45 . 2008-10-23 20:48 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-10-07 07:45 . 2008-10-07 07:45 <DIR> d-------- C:\Documents and Settings\kevin miller\Application Data\PC Tools
2008-10-07 07:34 . 2008-10-07 07:34 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVGTOOLBAR
2008-10-06 19:25 . 2008-10-06 19:25 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\BlackBean
2008-10-06 19:07 . 2008-10-06 19:07 <DIR> d-------- C:\Documents and Settings\kevin miller\Application Data\BlackBean
2008-10-06 17:34 . 2008-10-06 17:34 <DIR> d-------- C:\Documents and Settings\kevin miller\Application Data\SuperEasy Software
2008-10-05 20:55 . 2008-10-05 20:55 673,546 --a------ C:\WINDOWS\unins001.exe
2008-10-05 20:55 . 2003-09-22 16:10 61,440 --a------ C:\WINDOWS\system32\marblaxp.dll
2008-10-05 20:55 . 2003-09-22 16:10 53,248 --a------ C:\WINDOWS\system32\drivers\maplevmd000.exe
2008-10-05 20:55 . 2003-09-22 16:09 49,152 --a------ C:\WINDOWS\system32\mapleapi.dll
2008-10-05 20:55 . 2003-09-22 16:10 31,624 --a------ C:\WINDOWS\system32\mapledxp.dll
2008-10-05 20:55 . 2004-04-05 09:44 24,720 --a------ C:\WINDOWS\system32\drivers\mapledxp.sys
2008-10-05 20:55 . 2008-10-05 20:55 7,460 --a------ C:\WINDOWS\unins001.dat
2008-10-05 16:56 . 2008-10-05 16:59 <DIR> d-------- C:\Program Files\MixMeister Fusion + Video
2008-10-05 14:15 . 2008-10-05 14:15 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-10-05 14:13 . 2008-10-05 14:39 1,570 --a------ C:\WINDOWS\system32\ealregsnapshot1.reg
2008-10-05 12:00 . 2008-10-05 12:00 <DIR> d-------- C:\Documents and Settings\kevin miller\Application Data\Leadertech
2008-10-05 11:45 . 2008-10-14 20:13 <DIR> d-------- C:\Program Files\Wondershare
2008-10-05 11:45 . 2007-08-30 15:55 1,435,272 --a------ C:\WINDOWS\system32\Flash8.ocx
2008-10-05 11:44 . 2008-10-05 11:44 <DIR> d-------- C:\Program Files\Atomic Alarm Clock
2008-10-05 11:23 . 2008-10-05 11:23 <DIR> d-------- C:\Program Files\Nufsoft
2008-10-05 10:09 . 2008-10-05 10:09 <DIR> dr-hs---- C:\sys
2008-10-04 12:00 . 2006-05-20 16:16 1,184,984 --a------ C:\WINDOWS\system32\wvc1dmod.dll
2008-10-02 19:42 . 2003-07-31 19:28 147,425 --a------ C:\WINDOWS\system32\SYNSOACC-Aide.chm
2008-10-02 19:42 . 2003-05-26 14:29 120,468 --a------ C:\WINDOWS\system32\SYNSOACC-Hilfe.chm
2008-10-02 19:42 . 2003-05-26 14:29 114,279 --a------ C:\WINDOWS\system32\SYNSOACC-Help.chm
2008-10-02 19:41 . 2008-10-12 13:38 <DIR> d-------- C:\Program Files\Syncrosoft
2008-10-02 19:41 . 2005-11-08 10:20 147,456 --a------ C:\WINDOWS\system32\SynsoLChk.dll
2008-10-01 19:48 . 2008-10-29 09:58 155 --a------ C:\WINDOWS\NeroDigital.ini
2008-10-01 19:41 . 2008-10-01 19:41 <DIR> d-------- C:\Documents and Settings\kevin miller\Application Data\Nero
2008-10-01 19:35 . 2008-10-01 19:35 <DIR> d-------- C:\Program Files\Nero
2008-10-01 19:35 . 2008-10-01 19:38 <DIR> d-------- C:\Program Files\Common Files\Nero
2008-10-01 19:04 . 2008-10-01 19:04 <DIR> d-------- C:\Program Files\Reference Assemblies
2008-10-01 19:03 . 2006-06-29 12:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2008-10-01 17:50 . 2008-02-28 12:26 1,414,440 --a------ C:\WINDOWS\system32\ShellManager310E2D762.dll
2008-10-01 17:50 . 2008-02-28 12:01 774,144 --a------ C:\WINDOWS\system32\NEROINSTAEC43759.DB
2008-10-01 17:49 . 2008-10-01 17:49 0 --a------ C:\WINDOWS\Irremote.ini
2008-10-01 16:47 . 2008-10-01 16:47 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
2008-10-01 16:41 . 2008-10-01 16:41 164 --a------ C:\install.dat
2008-09-30 15:18 . 2008-09-30 15:18 <DIR> d-------- C:\Program Files\Lexicon
2008-09-29 15:13 . 2008-10-01 16:42 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Webroot
2008-09-29 15:13 . 2008-08-09 15:04 1,538,928 --a------ C:\WINDOWS\WRSetup.dll
2008-09-29 15:10 . 2008-09-29 15:10 <DIR> d-------- C:\Program Files\Windows Resource Kits
2008-09-29 14:57 . 2008-09-29 14:57 <DIR> d-------- C:\Program Files\Windows Installer Clean Up
2008-09-29 14:57 . 2008-09-29 14:57 <DIR> d-------- C:\Program Files\MSECACHE

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-29 09:56 205,824 ----a-w C:\WINDOWS\Internet Logs\xDB1A.tmp
2008-10-29 04:06 221,696 ----a-w C:\WINDOWS\Internet Logs\xDB18.tmp
2008-10-29 04:06 2,587,136 ----a-w C:\WINDOWS\Internet Logs\xDB19.tmp
2008-10-28 22:09 776,192 ----a-w C:\WINDOWS\Internet Logs\xDB17.tmp
2008-10-28 21:53 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-10-28 21:22 90,632 ----a-w C:\WINDOWS\system32\drivers\avgtdix.sys
2008-10-28 21:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avg8
2008-10-28 18:49 394,240 ----a-w C:\WINDOWS\Internet Logs\xDB15.tmp
2008-10-28 18:49 2,561,536 ----a-w C:\WINDOWS\Internet Logs\xDB16.tmp
2008-10-28 18:20 119,296 ----a-w C:\WINDOWS\Internet Logs\xDB14.tmp
2008-10-28 18:13 2,558,464 ----a-w C:\WINDOWS\Internet Logs\xDB13.tmp
2008-10-28 18:13 2,307,584 ----a-w C:\WINDOWS\Internet Logs\xDB12.tmp
2008-10-28 15:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-10-28 12:21 2,762,752 ----a-w C:\WINDOWS\Internet Logs\xDB10.tmp
2008-10-28 12:21 2,534,400 ----a-w C:\WINDOWS\Internet Logs\xDB11.tmp
2008-10-28 08:03 --------- d-----w C:\Program Files\Sony
2008-10-28 08:02 --------- d-----w C:\Program Files\Sony Setup
2008-10-27 22:00 2,766,630 ----a-w C:\WINDOWS\Internet Logs\tvDebug.Zip
2008-10-27 20:39 2,152,960 ----a-w C:\WINDOWS\Internet Logs\xDBF.tmp
2008-10-27 14:00 2,502,144 ----a-w C:\WINDOWS\Internet Logs\xDBE.tmp
2008-10-27 08:20 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-10-27 08:18 --------- d-----w C:\Documents and Settings\kevin miller\Application Data\Vso
2008-10-27 08:06 --------- d-----w C:\Program Files\iTunes
2008-10-27 08:05 --------- d-----w C:\Program Files\iPod
2008-10-27 08:04 --------- d-----w C:\Program Files\Common Files\Apple
2008-10-26 22:30 1,000,448 ----a-w C:\WINDOWS\Internet Logs\xDBD.tmp
2008-10-26 21:18 --------- d-----w C:\Program Files\Common Files\Adobe
2008-10-26 17:48 664,576 ----a-w C:\WINDOWS\Internet Logs\xDBB.tmp
2008-10-26 17:48 2,463,232 ----a-w C:\WINDOWS\Internet Logs\xDBC.tmp
2008-10-26 17:47 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-10-26 17:47 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-10-26 17:47 --------- d-----w C:\Documents and Settings\kevin miller\Application Data\SUPERAntiSpyware.com
2008-10-26 15:41 2,918,400 ----a-w C:\WINDOWS\Internet Logs\xDBA.tmp
2008-10-26 13:27 --------- d-----w C:\Program Files\Java
2008-10-25 21:55 3,306,496 ----a-w C:\WINDOWS\Internet Logs\xDB9.tmp
2008-10-25 16:27 147,456 ----a-w C:\WINDOWS\AVUNTOOL.EXE
2008-10-25 09:59 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-25 03:13 2,360,832 ----a-w C:\WINDOWS\Internet Logs\xDB8.tmp
2008-10-25 03:13 1,980,416 ----a-w C:\WINDOWS\Internet Logs\xDB7.tmp
2008-10-24 19:52 --------- d-----w C:\Program Files\VstPlugins
2008-10-24 17:22 3,134,464 ----a-w C:\WINDOWS\Internet Logs\xDB5.tmp
2008-10-24 17:22 2,354,176 ----a-w C:\WINDOWS\Internet Logs\xDB6.tmp
2008-10-24 16:38 --------- d-----w C:\Program Files\Sugar Bytes
2008-10-24 09:19 2,460,672 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp
2008-10-24 09:19 2,347,008 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp
2008-10-23 22:43 3,059,200 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
2008-10-23 22:43 2,320,896 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
2008-10-23 22:39 24,640 ----a-w C:\Program Files\Common Files\security
2008-10-23 18:54 --------- d-----w C:\Program Files\Bonjour
2008-10-23 13:29 --------- d-----w C:\Documents and Settings\kevin miller\Application Data\PACE Anti-Piracy
2008-10-23 13:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\PACE Anti-Piracy
2008-10-23 13:28 --------- d-----w C:\Program Files\iZotope
2008-10-22 16:10 38,496 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-22 16:10 15,504 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-10-22 10:00 --------- d-----w C:\Program Files\Trend Micro
2008-10-17 12:47 --------- d-----w C:\Program Files\Cakewalk
2008-10-17 12:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Cakewalk
2008-10-16 17:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-10-16 16:53 --------- d-----w C:\Program Files\WinAVI Video Converter
2008-10-15 21:09 --------- d-----w C:\Program Files\Spectrasonics
2008-10-15 15:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-10-14 15:27 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-10-13 11:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-13 11:30 --------- d-----w C:\Documents and Settings\kevin miller\Application Data\Apple Computer
2008-10-12 10:43 --------- d-----w C:\Documents and Settings\kevin miller\Application Data\Steinberg
2008-10-12 10:33 --------- d-----w C:\Program Files\Steinberg
2008-10-10 19:09 --------- d-----w C:\Program Files\MixMeister Fusion
2008-10-10 08:12 --------- d-----w C:\Program Files\ASIO4ALL v2
2008-10-09 19:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-10-09 13:25 1,221,008 ----a-w C:\WINDOWS\system32\zpeng25.dll
2008-10-04 15:51 --------- d-----w C:\Program Files\Picasa2
2008-10-04 09:41 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-10-01 21:10 --------- d-----w C:\Program Files\MSBuild
2008-10-01 19:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero
2008-10-01 16:42 --------- d-----w C:\Program Files\Webroot
2008-10-01 16:42 --------- d-----w C:\Documents and Settings\kevin miller\Application Data\Webroot
2008-09-30 11:41 --------- d-----w C:\Program Files\KeyToSound
2008-09-30 05:57 --------- d-----w C:\Program Files\Image-Line
2008-09-29 09:39 --------- d-----w C:\Documents and Settings\LocalService\Application Data\SACore
2008-09-27 11:16 111,992 ----a-w C:\WINDOWS\system32\ACAPTUSER32.DLL
2008-09-27 09:39 --------- d-----w C:\Documents and Settings\kevin miller\Application Data\AVGTOOLBAR
2008-09-27 07:06 97,928 ----a-w C:\WINDOWS\system32\drivers\avgldx86.sys
2008-09-27 07:06 12,936 ----a-w C:\WINDOWS\system32\drivers\avgrkx86.sys
2008-09-27 07:06 10,520 ----a-w C:\WINDOWS\system32\avgrsstx.dll
2008-09-27 07:06 --------- d-----w C:\Program Files\AVG
2008-09-26 00:37 456,433 ----a-w C:\WINDOWS\Natura Sound Therapy Uninstaller.exe
2008-09-26 00:37 --------- d-----w C:\Program Files\Natura Sound Therapy
2008-09-25 12:17 --------- d-----w C:\Documents and Settings\kevin miller\Application Data\GrandVJ
2008-09-24 16:32 --------- d-----w C:\Program Files\ArKaos GrandVJ 1.0 FC1
2008-09-22 16:36 --------- d-----w C:\Documents and Settings\kevin miller\Application Data\Koblo
2008-09-22 16:34 --------- d-----w C:\Program Files\Koblo
2008-09-21 22:31 --------- d-----w C:\Program Files\Flash Menu Factory
2008-09-21 14:37 --------- d-----w C:\Program Files\123 Flash Menu
2008-09-20 03:45 --------- d-----w C:\Documents and Settings\kevin miller\Application Data\Sony
2008-09-20 03:17 --------- d-----w C:\Documents and Settings\kevin miller\Application Data\NetMedia Providers
2008-09-20 03:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony
2008-09-20 03:05 --------- d-----w C:\Documents and Settings\kevin miller\Application Data\Sony Setup
2008-09-18 10:51 --------- d-----w C:\Program Files\CDXTRACT4
2008-09-18 06:43 --------- d-----w C:\Documents and Settings\kevin miller\Application Data\Publish Providers
2008-09-16 13:12 --------- d-----w C:\Documents and Settings\kevin miller\Application Data\EBookSys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DefragTaskBar"="C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe" [2008-04-18 173408]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-10-28 1235736]
"H2O"="C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe" [2007-12-11 307200]
"PCdefense "="C:\Program Files\Laplink\PCdefense\PCDefense.exe" [2006-08-31 1585152]
"TGX2_VFD"="C:\WINDOWS\system32\TGVFDMsgservice.exe" [2004-11-06 233472]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-10-09 981904]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]

C:\Documents and Settings\kevin miller\Start Menu\Programs\Startup\
VirtuaGirl HD.LNK - C:\Program Files\vghd\vghd.exe [2008-08-15 11875648]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
FreelineSchedule.lnk - C:\Freeline\FreelineSchedule.exe [2005-08-13 16384]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
"NoResolveSearch"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.clmp3enc"= C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM
"midi7"= mapledxp.dll
"midi4"= KORGUMDD.DRV

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BlueSoleil.lnk]
backup=C:\WINDOWS\pss\BlueSoleil.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^FreelineSchedule.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\FreelineSchedule.lnk
backup=C:\WINDOWS\pss\FreelineSchedule.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^RaConfig2500.lnk]
backup=C:\WINDOWS\pss\RaConfig2500.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^kevin miller^Start Menu^Programs^Startup^ Registration.lnk]
backup=C:\WINDOWS\pss\ Registration.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^kevin miller^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
backup=C:\WINDOWS\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^kevin miller^Start Menu^Programs^Startup^Registration Brothers In Arms.LNK]
backup=C:\WINDOWS\pss\Registration Brothers In Arms.LNKStartup

[HKLM\~\startupfolder\C:^Documents and Settings^kevin miller^Start Menu^Programs^Startup^Shareaza Turbo Accelerator.lnk]
backup=C:\WINDOWS\pss\Shareaza Turbo Accelerator.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^kevin miller^Start Menu^Programs^Startup^Trend Micro Anti-Spyware.lnk]
backup=C:\WINDOWS\pss\Trend Micro Anti-Spyware.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDAgent
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDMCon
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDNewsAgent
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:\WINDOWS
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C:\WINDOWS\system32
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CaPPcl
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cctray
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DesktopMaestro
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ThreatFire

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
C:\WINDOWS\system32\dumprep 0 -u [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\'Ashampoo AntiSpyWare 2 Guard']
--a------ 2008-09-08 10:09 2349912 C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
--a------ 2008-06-11 21:43 640376 C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
--a------ 2008-06-12 01:25 37232 C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
--a------ 2008-08-14 06:58 611712 C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO]
--a------ 2008-08-15 05:46 378224 C:\PROGRA~1\COMMON~1\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
--a------ 2005-05-03 17:43 69632 C:\WINDOWS\ALCMTR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
--a------ 2008-10-01 11:57 111936 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ashampoo AntiSpyWare 2 Guard]
--a------ 2008-09-08 10:09 2349912 C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
--a------ 2004-08-25 18:52 339968 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CD-Ejector]
--a------ 2005-06-11 23:49 147456 C:\Documents and Settings\kevin miller\My Documents\CD-Ejector\CD-Ejector.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-14 00:12 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
--a------ 2005-08-05 12:56 64512 C:\WINDOWS\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
--a------ 2008-08-13 17:10 29744 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2007-08-24 06:00 33648 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
--a------ 2005-03-08 04:42 176128 C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2008-02-28 16:07 1828136 C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-10-01 17:57 289576 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
--a------ 2007-02-08 00:12 488984 C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
--a------ 2007-02-08 00:13 774168 C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 10:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
--a------ 2008-02-18 15:29 2221352 C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2008-02-28 08:59 570664 C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress]
--a------ 2004-08-05 18:28 1335386 C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
--a------ 2008-07-07 07:34 167936 C:\Program Files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 15:09 413696 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
--a------ 2002-09-13 20:42 212992 C:\WINDOWS\SMINST\Recguard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
--a------ 2008-07-08 15:41 2828184 C:\Program Files\Registry Mechanic\RegMech.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2004-11-03 02:24 32768 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
--a------ 2005-09-22 12:36 14854144 C:\WINDOWS\RTHDCPL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkinClock]
--a------ 2008-03-05 18:12 526848 C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SM1BG]
-ra------ 2003-08-28 04:20 94208 C:\WINDOWS\SM1bg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
--a------ 2008-08-09 15:04 5418864 C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-10-26 13:36 136600 C:\Program Files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
--a------ 2008-09-03 14:07 1576176 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
--a------ 2004-10-08 09:50 88363 C:\WINDOWS\AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut]
--a------ 2005-01-07 23:07 61952 C:\WINDOWS\system32\HdAShCut.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"KernelFaultCheck"=
"Acronis Scheduler2 Service"="C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" -hide
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=
"C:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"22986:TCP"= 22986:TCP:BitComet 22986 TCP
"22986:UDP"= 22986:UDP:BitComet 22986 UDP
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server
"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server
"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server

R0 AvgRkx86;avgrkx86.sys;C:\WINDOWS\system32\Drivers\avgrkx86.sys [2008-09-27 12936]
R0 ssfs0bbc;ssfs0bbc;C:\WINDOWS\system32\DRIVERS\ssfs0bbc.sys [2008-08-09 29808]
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-09-27 97928]
R1 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-10-28 90632]
R1 HCW88AUD;Hauppauge WinTV 88x Audio Capture;C:\WINDOWS\system32\drivers\hcw88aud.sys [2005-05-31 11970]
R1 mapledxp;mapledxp;C:\WINDOWS\system32\drivers\mapledxp.SYS [2004-04-05 24720]
R2 AASW2_Service;Ashampoo AntiSpyWare 2 Service;C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe [2008-09-08 749400]
R2 adfs;adfs;C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-10-28 874776]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-09-27 231704]
R2 JavaQuickStarterService;Java Quick Starter;C:\Program Files\Java\jre6\bin\jqs.exe [2008-10-26 152984]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2008-09-08 198944]
R3 CLEDX;Team H2O CLEDX service;C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 DfuUsb;DfuUsb;C:\WINDOWS\system32\DRIVERS\DFUUsb.sys [2007-11-08 10880]
R3 HCW88BDA;Hauppauge WinTV 88x DVB Tuner/Demod;C:\WINDOWS\system32\drivers\hcw88bda.sys [2005-05-31 130112]
R3 HCW88TSE;Hauppauge WinTV 88x MPEG/TS Capture;C:\WINDOWS\system32\drivers\hcw88tse.sys [2005-05-31 296259]
R3 HCW88TUNE;Hauppauge WinTV 88x Tuner;C:\WINDOWS\system32\drivers\hcw88tun.sys [2005-05-31 137793]
R3 hcw88vid;Hauppauge WinTV 88x Video;C:\WINDOWS\system32\drivers\hcw88vid.sys [2005-05-31 611444]
R3 HCW88XBAR;Hauppauge WinTV 88x Crossbar;C:\WINDOWS\system32\drivers\HCW88BAR.sys [2005-05-31 27984]
R3 KORGUMDS;KORG USB-MIDI Driver for Windows XP;C:\WINDOWS\system32\Drivers\KORGUMDS.SYS [2004-07-12 12544]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\WINDOWS\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
R3 SPYPRV;SPYPRV;C:\WINDOWS\system32\drivers\SPYPRV.SYS [2006-08-31 54260]
R3 TGX263;TriGem X2 Device Driver;C:\WINDOWS\system32\Drivers\TGX263.sys [2004-11-04 16384]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-13 29744]
S3 LLRKD;LLRKD;C:\WINDOWS\system32\drivers\LLRKD.sys [2006-08-31 16579]
S3 LtcyCfgWDM;PCI Latency Tool Driver Service;C:\WINDOWS\system32\DRIVERS\LtcyCfgWDM.sys [2005-12-25 6656]
S3 MBAMDrvService;MBAMDrvService;C:\WINDOWS\system32\drivers\mbam.sys [2008-10-22 15504]
S3 MEMSWEEP2;MEMSWEEP2;C:\WINDOWS\system32\279.tmp [ ]
S3 SynasUSB;SynasUSB;C:\WINDOWS\system32\drivers\SynasUSB.sys [2005-11-03 16896]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\Z]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe folder.htt 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2de79507-915a-11dd-a292-00142a5d2135}]
\Shell\AutoRun\command - I:\Launch.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d5653300-69b7-11dd-a189-00142a5d2135}]
\Shell\AutoRun\command - H:\Launch.exe
.
Contents of the 'Scheduled Tasks' folder

2008-10-23 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2008-10-28 C:\WINDOWS\Tasks\Laplink PCdefense.job
- C:\Program Files\Laplink\PCdefense\XoftSpy.exe [2006-06-19 06:35]

2008-10-29 C:\WINDOWS\Tasks\MP Scheduled Scan.job
- C:\Program Files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]

2008-10-24 C:\WINDOWS\Tasks\wrSpySweeperFullSweep.job
- C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe [2008-08-09 15:04]

2008-10-24 C:\WINDOWS\Tasks\wrSpySweeperFullSweep.job
- C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe [2008-08-09 15:04]

2008-10-24 C:\WINDOWS\Tasks\wrSpySweeperFullSweep.job
- C:\","D:\","E:\","F:\" []
.
- - - - ORPHANS REMOVED - - - -

ShellExecuteHooks-{1869181A-9F50-4FCF-8BFF-1B8588ECB85C} - (no file)
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)
MSConfigStartUp-Adobe Reader Speed Launcher - C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-kdlfo - C:\WINDOWS\system32\kdlfo.exe


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\kevin miller\Application Data\Mozilla\Firefox\Profiles\7iku5dve.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.com/
FF -: plugin - C:\Program Files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll
FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
FF -: plugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
FF -: plugin - C:\Program Files\Picasa2\npPicasa2.dll
FF -: plugin - C:\Program Files\QuickTime Alternative\Plugins\npqtplugin.dll
FF -: plugin - C:\Program Files\QuickTime Alternative\Plugins\npqtplugin2.dll
FF -: plugin - C:\Program Files\QuickTime Alternative\Plugins\npqtplugin3.dll
FF -: plugin - C:\Program Files\QuickTime Alternative\Plugins\npqtplugin4.dll
FF -: plugin - C:\Program Files\QuickTime Alternative\Plugins\npqtplugin5.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-29 10:01:31
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet007\Services\MEMSWEEP2]
"ImagePath"="\??\C:\WINDOWS\system32\279.tmp"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\WINDOWS\system32\detoured.dll
-> C:\Program Files\McAfee\SiteAdvisor\saHook.dll
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\ehome\ehrecvr.exe
C:\WINDOWS\ehome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\wwSecure.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\vghd\VirtuaGirl_Downloader.exe
.
**************************************************************************
.
Completion time: 2008-10-29 10:18:19 - machine was rebooted
ComboFix-quarantined-files.txt 2008-10-29 10:17:38

Pre-Run: 113,635,344,384 bytes free
Post-Run: 113,445,703,680 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

529 --- E O F --- 2008-10-29 08:55:09
koolkevdj
Regular Member
 
Posts: 44
Joined: September 9th, 2008, 8:32 am

Re: Online scanner problems

Unread postby Katana » October 29th, 2008, 6:52 am

Please post a fresh HJT log also
How are things running now ?
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Online scanner problems

Unread postby koolkevdj » October 29th, 2008, 7:31 am

hi ,things are running good now thx,as isaid i have no idea where this virtumonde trojan came from,but here is the hijack this log.....
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:30:18, on 29/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\wwSecure.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Laplink\PCdefense\PCDefense.exe
C:\WINDOWS\system32\TGVFDMsgservice.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\vghd\VirtuaGirl_downloader.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\avgtoolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: TrendProtect - {E3578B37-6346-4EC1-A82B-38273A100DCF} - C:\Program Files\Trend Micro\TrendProtect\MSIE\wrs.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\avgtoolbar.dll
O3 - Toolbar: TrendProtect - {F83BE649-1CC3-48EE-B2E2-0826CEF3822A} - C:\Program Files\Trend Micro\TrendProtect\MSIE\wrs.dll
O4 - HKLM\..\Run: [DefragTaskBar] "C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [H2O] "C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe"
O4 - HKLM\..\Run: [PCdefense ] C:\Program Files\Laplink\PCdefense\PCDefense.exe
O4 - HKLM\..\Run: [TGX2_VFD] "C:\WINDOWS\system32\TGVFDMsgservice.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: VirtuaGirl HD.LNK = C:\Program Files\vghd\vghd.exe
O4 - Global Startup: FreelineSchedule.lnk = C:\Freeline\FreelineSchedule.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.pcservicecall.co.uk
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.laplink.com/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-l ... cfscan.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: trendprotect - {BC3A5F6F-12A0-4B14-A184-32939F413823} - C:\Program Files\Trend Micro\TrendProtect\MSIE\wrs.dll
O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ashampoo Defrag Service (AshampooDefragService) - - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Washer AutoComplete (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe

--
End of file - 12302 bytes
koolkevdj
Regular Member
 
Posts: 44
Joined: September 9th, 2008, 8:32 am

Re: Online scanner problems

Unread postby Katana » October 29th, 2008, 7:49 am

koolkevdj wrote:as isaid i have no idea where this virtumonde trojan came from

"VirtuaGirl_downloader.exe" --- anything related to that type of program is a good source of infection.


Congratulations your logs look clean :)

Let's see if I can help you keep it that way

First lets tidy up



  • This will clear your System Volume Information restore points and remove all the infected files that were quarantined
  • Click START then RUN
  • Now type Combofix /u in the runbox and click OK. Note the space between the X and the /U, it needs to be there.
    • Image
You can also delete any logs we have produced, and empty your Recycle bin.





The following is some info to help you stay safe and clean.
( Vista users must ensure that any programs are Vista compatible BEFORE installing )

You may already have some of the following programs, but I include the full list for the benefit of all the other people who will be reading this thread in the future.

Online Scanners
I would recommend a scan at one or more of the following sites at least once a month.

http://www.pandasecurity.com/activescan
http://www.kaspersky.com/kos/eng/partne ... bscan.html

!!! Make sure that all your programs are updated !!!
Secunia Software Inspector does all the work for you, .... see HERE for details

AntiSpyware
    AntiSpyware is not the same thing as Antivirus.
    Different AntiSpyware programs detect different things, so in this case it is recommended that you have more than one.
    You should only have one running all the time, the other/s should be used "on demand" on a regular basis.
    Most of the programs in this list have a free (for Home Users ) and paid versions,
    it is worth paying for one and having "realtime" protection, unless you intend to do a manual scan often.
  • Spybot - Search & Destroy <<< A must have program
    • It includes host protection and registry protection
    • A hosts file is a bit like a phone book, it points to the actual numeric address (i.e. the IP address) from the human friendly name of a website. This feature can be used to block malicious websites
  • MalwareBytes Anti-malware <<< A New and effective program
  • a-squared Free <<< A good "realtime" or "on demand" scanner
  • superantispyware <<< A good "realtime" or "on demand" scanner

Prevention
    These programs don't detect malware, they help stop it getting on your machine in the first place.
    Each does a different job, so you can have more than one
  • Winpatrol
    • An excellent startup manager and then some !!
    • Notifies you if programs are added to startup
    • Allows delayed startup
    • A must have addition
  • SpywareBlaster 4.0
    • SpywareBlaster sets killbits in the registry to prevent known malicious activex controls from installing themselves on your computer.
  • SpywareGuard 2.2
    • SpywareGuard provides real-time protection against spyware.
    • Not required if you have other "realtime" antispyware or Winpatrol
  • ZonedOut
    • Formerly known as IE-SPYAD, adds a long list of sites and domains associated with known advertisers and marketers to the Restricted sites zone of Internet Explorer.
  • MVPS HOSTS
    • This little program packs a powerful punch as it blocks ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers.
    • For information on how to download and install, please read this tutorial by WinHelp2002.
    • Not required if you are using other host file protections

Internet Browsers
    Microsoft has worked hard to make IE.7 a more secure browser, unfortunately whilst it is still the leading browser of choice it will always be under attack from the bad guys.
    Using a different web browser can help stop malware getting on your machine.
    • Make your Internet Explorer more secure - This can be done by following these simple instructions:
      1. From within Internet Explorer click on the Tools menu and then click on Options.
      2. Click once on the Security tab
      3. Click once on the Internet icon so it becomes highlighted.
      4. Click once on the Custom Level button.
        • Change the Download signed ActiveX controls to Prompt
        • Change the Download unsigned ActiveX controls to Disable
        • Change the Initialise and script ActiveX controls not marked as safe to Disable
        • Change the Installation of desktop items to Prompt
        • Change the Launching programs and files in an IFRAME to Prompt
        • Change the Navigate sub-frames across different domains to Prompt
        • When all these settings have been made, click on the OK button.
        • If it prompts you as to whether or not you want to save the settings, press the Yes button.
      5. Next press the Apply button and then the OK to exit the Internet Properties page.
    If you are still using IE6 then either update, or get one of the following.
    • FireFox
      • With many addons available that make customization easy this is a very popular choice
      • NoScript and AdBlockPlus addons are essential
    • Opera
      • Another popular alternative
    • Netscape
      • Another popular alternative
      • Also has Addons available

Cleaning Temporary Internet Files and Tracking Cookies
    Temporary Internet Files are mainly the files that are downloaded when you open a web page.
    Unfortunately, if the site you visit is of a dubious nature or has been hacked, they can also be an entry point for malware.
    It is a good idea to empty the Temporary Internet Files folder on a regular basis.

    Tracking Cookies are files that websites use to monitor which sites you visit and how often.
    A lot of Antispyware scanners pick up these tracking cookies and flag them as unwanted.
    CAUTION :- If you delete all your cookies you will lose any autologin information for sites that you visit, and will need your passwords

    Both of these can be cleaned manually, but a quicker option is to use a program
  • ATF Cleaner
    • Free and very simple to use
  • CCleaner
    • Free and very flexible, you can chose which cookies to keep

Also PLEASE read this article.....So How Did I Get Infected In The First Place

The last and most important thing I can tell you is UPDATE.
If you don't update your security programs (Antivirus, Antispyware even Windows) then you are at risk.
Malware changes on a day to day basis. You should update every week at the very least.

If you follow this advice then (with a bit of luck) you will never have to hear from me again :D


If you could post back one more time to let me know everything is OK, then I can have this thread archived.

Happy surfing K'
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Re: Online scanner problems

Unread postby koolkevdj » October 29th, 2008, 8:23 am

hi thx i just did a scan with superanti spyware and it found this file in the system 32 folder...kdweu.exe
koolkevdj
Regular Member
 
Posts: 44
Joined: September 9th, 2008, 8:32 am
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 287 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware