Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Coker

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Coker

Unread postby shancoker » March 22nd, 2009, 11:32 am

Having issues and need help, please. Thank you.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:14:29 AM, on 3/22/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe
C:\Windows\sttray.exe
C:\Program Files\ATT Internet Tools\blsloader.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
C:\Program Files\palmOne\Hotsync.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html ... &M=GM5454E
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html ... &M=GM5454E
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html ... &M=GM5454E
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html ... &M=GM5454E
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BlspcHlpr Class - {15C9938F-CB96-496D-800A-B827F2E34EA1} - C:\Program Files\ATT Internet Tools\blspc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\google\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [BigFix] c:\program files\Bigfix\bigfix.exe /atstartup
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\Run: [RecoverFromReboot] C:\Windows\Temp\RecoverFromReboot.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [blspcloader] C:\Program Files\ATT Internet Tools\blsloader.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2511111831-2057517083-3689216067-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-21-2511111831-2057517083-3689216067-1000\..\RunOnce: [RunPalmPIL] "C:\Program Files\palmOne\pil.exe" (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-21-2511111831-2057517083-3689216067-1002\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'Allan')
O4 - S-1-5-21-2511111831-2057517083-3689216067-1002 Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Allan')
O4 - S-1-5-21-2511111831-2057517083-3689216067-1002 User Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Allan')
O4 - Startup: Mobipocket Web Companion.lnk = ?
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.att.net
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... .0.1.1.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {549F957E-2F89-11D6-8CFE-00C04F52B225} (CMV5 Class) - http://couponmom.coupons.smartsource.co ... scmv5X.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9537 bytes
shancoker
Active Member
 
Posts: 10
Joined: March 22nd, 2009, 11:28 am
Advertisement
Register to Remove

Re: Coker

Unread postby peku006 » March 26th, 2009, 12:34 pm

Hello and welcome to Malware Removal.

My name is peku006 and I will be helping you to remove any infection(s) that you may have.
I will be giving you a series of instructions that need to be followed in the order in which I give them to you.

Please observe these rules while we work:

  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Please continue to respond until I give you the "All Clear"

If you follow these instructions, everything should go smoothly.

1 - download and run RSIT

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
    Note: If you are using Windows Vista, right click at RSIT.exe and select 'Run as administrator'.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt<- (will be maximized) and info.txt<- (will be minimized)

2 - Status Check
Please reply with

1.the logs from RSIT (log.txt ,info.txt)
Could you please describe your malware problems?

Thanks peku006
User avatar
peku006
MRU Emeritus
MRU Emeritus
 
Posts: 3357
Joined: May 14th, 2007, 2:18 pm
Location: Norway

Re: Coker

Unread postby shancoker » March 26th, 2009, 2:03 pm

info.txt logfile of random's system information tool 1.06 2009-03-26 14:01:43

======Uninstall list======

2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}
Addit-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D3161124-2B4D-478F-901A-D21BCAD72C7E}\setup.exe" -l0x9
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
Amazon MP3 Downloader 1.0.3-->C:\Program Files\Amazon\MP3 Downloader\Uninstall.exe
AT&T Parental Controls-->C:\Program Files\ATT Internet Tools\parental-setup.exe -u
BigFix-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{34FF0741-EC67-4C05-AC2A-6D257123DF2E}\setup.exe" -l0x9 -uninst -f"C:\Program Files\BigFix\Uninst.isu" -c"C:\Program Files\BigFix\Lib\UninstallHelper.dll"
Broadcom 802.11 Network Adapter-->"C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter"
Browser Address Error Redirector-->regsvr32 /u /s "c:\google\BAE.dll"
Calendar Maker 4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F63A5A9B-4D3A-46DA-9B92-EE0F550B8019}\setup.exe" -l0x9
Coupon Printer for Windows-->"C:\Program Files\Coupons\uninstall.exe" "/U:C:\Program Files\Coupons\Uninstall\uninstall.xml"
Digital Media Reader-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61} /l1033
Documents To Go-->MsiExec.exe /X{BDFE199D-E889-4BB6-BECB-C4BDF5700849}
Gateway Game Console-->"C:\Program Files\Gateway Games\Gateway Game Console\Uninstall.exe"
Gateway Recovery Center Installer-->MsiExec.exe /X{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Customer Participation Program 8.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 8.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP OCR Software 8.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
HP Officejet All-In-One Series-->C:\Program Files\HP\Digital Imaging\{3C43EAE7-22C0-4b33-ABFB-3757ECA5FD7B}\setup\hpzscr01.exe -datfile hpwscr10.dat
HP Photosmart Essential-->MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Product Assistant-->MsiExec.exe /I{36FDBE6E-6684-462B-AE98-9A39A1B200CC}
HP Solution Center 8.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}
HPSSupply-->MsiExec.exe /X{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}
Intel(R) Management Engine Interface-->C:\Windows\system32\heciudlg.exe -uninstall
Intel(R) PRO Network Connections Drivers-->Prounstl.exe
Intel(R) Viiv(TM) Software-->MsiExec.exe /X{26C610BF-761B-4209-BD6A-A0F1B73D6DDE} /qb!
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Logitech Legacy USB Camera Driver Package-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\legacyqcam\10.50.1091\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\legacyqcam\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"legacyqcam_10.50" /clone_wait /hide_progress
Logitech QuickCam Driver Package-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.80.1048\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=2000 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_11.80" /clone_wait /hide_progress
Logitech QuickCam-->MsiExec.exe /X{3AF8FCCD-F51A-4014-9002-F195E1CBC876}
Logitech Updater-->MsiExec.exe /I{53735ECE-E461-4FD0-B742-23A352436D3A}
Microsoft Digital Image Starter Edition 2006-->"C:\Program Files\Common Files\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=TRIAL VERSION=12
Microsoft Money 2006-->"C:\Program Files\Microsoft Money 2006\MNYCoreFiles\Setup\uninst.exe" /s:120
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall OUTLOOKR /dll OSETUP.DLL
Microsoft Office Outlook 2007-->MsiExec.exe /X{91120000-001A-0000-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
Mobipocket Reader 6.2-->MsiExec.exe /I{342126E1-173C-4585-BFBE-3EBDD20E3E9E}
MobiPocket Reader-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\MobiPocket.com\MobiPocket Reader\uninstall\Setup.exe" /uninstall
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
Palm Outlook Conduits Updater-->MsiExec.exe /I{616A66CD-D36D-4E24-8B67-33AFDFF48061}
palmOne-->MsiExec.exe /X{FF8157AA-F640-45BD-B7C2-BAA1016B267A}
PCI Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1\HXFSETUP.EXE -U -IPDRSLSMzK.inf
Power2Go 5.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" -uninstall
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
SigmaTel Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
SplashShopper-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0681859-D086-4384-B204-386FA7D80A5B}\setup.exe" -l0x9
Trend Micro PC-cillin Internet Security 2007-->C:\PROGRA~1\TRENDM~1\INTERN~1\remove.exe
Trend Micro PC-cillin Internet Security 2007-->MsiExec.exe /X{BB4B6355-D38A-492C-873B-A1B2CF6C3832}
Update for Microsoft Office 2007 Help for Common Features (KB957244)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {C8C72583-C907-4D20-8973-C3858D96BD9E}
Update for Microsoft Office Excel 2007 Help (KB957242)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {51864046-74C8-487B-97CD-6167A4B1DB56}
Update for Microsoft Office OneNote 2007 Help (KB957245)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {7332DE60-DC79-4578-A60A-A5EA0D6E032B}
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Microsoft Office Outlook 2007 Help (KB957246)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {6F0E4983-E419-4591-B7DD-EFB0073D3E47}
Update for Microsoft Office PowerPoint 2007 Help (KB957247)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {B20E2C59-EEC5-4102-9E50-5DBB2093C37D}
Update for Microsoft Office Word 2007 Help (KB957252)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {54DF3345-0720-4224-9740-C7E00303F565}
Update for Microsoft Script Editor Help (KB957253)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {F21BF703-548C-47B2-B92A-6876E9566C42}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb962871)-->msiexec /package {91120000-001A-0000-0000-0000000FF1CE} /uninstall {297857BF-4011-449B-BD74-DB64D182821C}
USB Wireless Keyboard Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32C39757-3684-41FE-BAAB-207A2BE56646}\Setup.exe" -l0x9
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"

======Security center information======

AV: Trend Micro PC-cillin Internet Security 2007
FW: Trend Micro PC-cillin Internet Security (Firewall)
AS: Trend Micro PC-cillin Internet Security 2007
AS: Windows Defender (disabled)

======System event log======

Computer Name: Main-PC
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 32678
Source Name: Tcpip
Time Written: 20090318141840.191441-000
Event Type: Warning
User:

Computer Name: Main-PC
Event Code: 36
Message: The time service has not synchronized the system time for 86400 seconds because none of the time service providers provided a usable time stamp. The time service will not update the local system time until it is able to synchronize with a time source. If the local system is configured to act as a time server for clients, it will stop advertising as a time source to clients. The time service will continue to retry and sync time with its time sources. Check system event log for other W32time events for more details. Run 'w32tm /resync' to force an instant time synchronization.
Record Number: 32735
Source Name: Microsoft-Windows-Time-Service
Time Written: 20090319123930.000000-000
Event Type: Warning
User:

Computer Name: Main-PC
Event Code: 36
Message: The time service has not synchronized the system time for 86400 seconds because none of the time service providers provided a usable time stamp. The time service will not update the local system time until it is able to synchronize with a time source. If the local system is configured to act as a time server for clients, it will stop advertising as a time source to clients. The time service will continue to retry and sync time with its time sources. Check system event log for other W32time events for more details. Run 'w32tm /resync' to force an instant time synchronization.
Record Number: 33133
Source Name: Microsoft-Windows-Time-Service
Time Written: 20090326123923.000000-000
Event Type: Warning
User:

Computer Name: Main-PC
Event Code: 27
Message: Intel(R) 82562V 10/100 Network Connection Link has been disconnected.
Record Number: 33141
Source Name: e1express
Time Written: 20090326154649.603829-000
Event Type: Warning
User:

Computer Name: Main-PC
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 0019D1550B35. The following error occurred:
The semaphore timeout period has expired.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Record Number: 33145
Source Name: Microsoft-Windows-Dhcp-Client
Time Written: 20090326154725.000000-000
Event Type: Warning
User:

=====Application event log=====

Computer Name: Main-PC
Event Code: 1002
Message: The program iexplore.exe version 7.0.6001.18000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: ba54 Start Time: 01c9ab03d0ddb569 Termination Time: 59
Record Number: 4857
Source Name: Application Hang
Time Written: 20090322161453.000000-000
Event Type: Error
User:

Computer Name: Main-PC
Event Code: 1000
Message: Faulting application LVPrcSrv.exe, version 11.80.1048.0, time stamp 0x488b3c0e, faulting module USER32.dll, version 6.0.6001.18000, time stamp 0x4791a7a6, exception code 0xc0000142, fault offset 0x00009cac, process id 0xc098, application start time 0x01c9ab1f6e34868d.
Record Number: 4859
Source Name: Application Error
Time Written: 20090322185305.000000-000
Event Type: Error
User:

Computer Name: Main-PC
Event Code: 1002
Message: The program iexplore.exe version 7.0.6001.18000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 10360 Start Time: 01c9ad5a7893590e Termination Time: 32
Record Number: 4911
Source Name: Application Hang
Time Written: 20090325153612.000000-000
Event Type: Error
User:

Computer Name: Main-PC
Event Code: 1000
Message: Faulting application LVPrcSrv.exe, version 11.80.1048.0, time stamp 0x488b3c0e, faulting module USER32.dll, version 6.0.6001.18000, time stamp 0x4791a7a6, exception code 0xc0000142, fault offset 0x00009cac, process id 0x106f4, application start time 0x01c9ae1e15d87f50.
Record Number: 4916
Source Name: Application Error
Time Written: 20090326142100.000000-000
Event Type: Error
User:

Computer Name: Main-PC
Event Code: 1000
Message: Faulting application LVPrcSrv.exe, version 11.80.1048.0, time stamp 0x488b3c0e, faulting module USER32.dll, version 6.0.6001.18000, time stamp 0x4791a7a6, exception code 0xc0000142, fault offset 0x00009cac, process id 0x12154, application start time 0x01c9ae2a71a3a202.
Record Number: 4919
Source Name: Application Error
Time Written: 20090326154928.000000-000
Event Type: Error
User:

=====Security event log=====

Computer Name: Main-PC
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 11544
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090326180136.361809-000
Event Type: Audit Failure
User:

Computer Name: Main-PC
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 11545
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090326180136.388175-000
Event Type: Audit Failure
User:

Computer Name: Main-PC
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 11546
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090326180136.414540-000
Event Type: Audit Failure
User:

Computer Name: Main-PC
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 11547
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090326180136.439929-000
Event Type: Audit Failure
User:

Computer Name: Main-PC
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 11548
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090326180136.462389-000
Event Type: Audit Failure
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=0f06
"NUMBER_OF_PROCESSORS"=2

-----------------EOF-----------------


Logfile of random's system information tool 1.06 (written by random/random)
Run by Shannon at 2009-03-26 14:01:28
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 312 GB (67%) free of 467 GB
Total RAM: 2029 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:01:38 PM, on 3/26/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe
C:\Windows\sttray.exe
C:\Program Files\ATT Internet Tools\blsloader.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
C:\Program Files\palmOne\Hotsync.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Users\Shannon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RT8VCKID\RSIT[1].exe
C:\Program Files\Trend Micro\HijackThis\Shannon.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html ... &M=GM5454E
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html ... &M=GM5454E
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html ... &M=GM5454E
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html ... &M=GM5454E
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BlspcHlpr Class - {15C9938F-CB96-496D-800A-B827F2E34EA1} - C:\Program Files\ATT Internet Tools\blspc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\google\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [BigFix] c:\program files\Bigfix\bigfix.exe /atstartup
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\Run: [RecoverFromReboot] C:\Windows\Temp\RecoverFromReboot.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [blspcloader] C:\Program Files\ATT Internet Tools\blsloader.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2511111831-2057517083-3689216067-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-21-2511111831-2057517083-3689216067-1000\..\RunOnce: [RunPalmPIL] "C:\Program Files\palmOne\pil.exe" (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-21-2511111831-2057517083-3689216067-1002\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'Allan')
O4 - HKUS\S-1-5-21-2511111831-2057517083-3689216067-501\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'Guest')
O4 - S-1-5-21-2511111831-2057517083-3689216067-1002 Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Allan')
O4 - S-1-5-21-2511111831-2057517083-3689216067-1002 User Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Allan')
O4 - S-1-5-21-2511111831-2057517083-3689216067-501 Startup: palmOne Registration.lnk = C:\Program Files\palmOne\register.exe (User 'Guest')
O4 - S-1-5-21-2511111831-2057517083-3689216067-501 User Startup: palmOne Registration.lnk = C:\Program Files\palmOne\register.exe (User 'Guest')
O4 - Startup: Mobipocket Web Companion.lnk = ?
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.att.net
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... .0.1.1.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {549F957E-2F89-11D6-8CFE-00C04F52B225} (CMV5 Class) - http://couponmom.coupons.smartsource.co ... scmv5X.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10200 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{B4FCE2B4-F960-4E6A-BE77-F71805A0AB32}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15C9938F-CB96-496D-800A-B827F2E34EA1}]
BlspcHlpr Class - C:\Program Files\ATT Internet Tools\blspc.dll [2009-03-17 1437696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0\bin\ssv.dll [2008-12-24 501384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-12-24 2193280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - c:\google\BAE.dll [2006-02-01 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-12-24 2193280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"CCUTRAYICON"=C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe [2006-11-18 182744]
"NMSSupport"=C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe [2006-09-26 423424]
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2006-10-24 1429504]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-12-25 29744]
"BigFix"=c:\program files\Bigfix\bigfix.exe [2006-11-16 2348584]
"pccguide.exe"=C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe [2006-12-29 3429904]
"RecoverFromReboot"=C:\Windows\Temp\RecoverFromReboot.exe [2003-07-08 151552]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-18 13580832]
"SigmatelSysTrayApp"=C:\Windows\sttray.exe [2006-11-22 303104]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-08-03 36352]
"blspcloader"=C:\Program Files\ATT Internet Tools\blsloader.exe [2009-03-17 107856]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe [2008-10-04 235936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-11 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ledpointer]
C:\Windows\CNYHKey.exe [2006-11-09 5585408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2008-08-14 565008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\QuickCam\Quickcam.exe [2008-08-14 2407184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MoLed]
C:\Windows\ModLEDKey.exe [2006-11-09 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NapsterShell]
C:\Program Files\Napster\napster.exe /systray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\Windows\system32\NvMcTray.dll [2008-09-18 92704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-01-03 210520]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
DataViz Inc Messenger.lnk - C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
HotSync Manager.lnk - C:\Program Files\palmOne\Hotsync.exe

C:\Users\Shannon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Mobipocket Web Companion.lnk - C:\Program Files\MobiPocket.com\MobiPocket Reader\webcomp.exe
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{91d2dee2-d1e2-11dd-96cd-806e6f6e6963}]
shell\AutoRun\command - I:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b637d14a-ebbf-11dd-a409-0019d1550b35}]
shell\AutoRun\command - J:\Installer.exe


======List of files/folders created in the last 1 months======

2009-03-26 14:01:28 ----D---- C:\rsit
2009-03-18 10:29:18 ----D---- C:\FSP12
2009-03-18 10:29:07 ----A---- C:\Windows\UNINST16.EXE
2009-03-17 10:04:32 ----A---- C:\Windows\system32\msxml3a.dll
2009-03-17 10:03:56 ----D---- C:\temp
2009-03-17 10:03:56 ----D---- C:\Program Files\ATT Internet Tools
2009-03-11 01:42:33 ----A---- C:\Windows\system32\wmp.dll
2009-03-11 01:42:33 ----A---- C:\Windows\system32\spwmp.dll
2009-03-11 01:42:33 ----A---- C:\Windows\system32\dxmasf.dll
2009-03-11 01:42:32 ----A---- C:\Windows\system32\wmploc.DLL
2009-03-11 01:42:27 ----A---- C:\Windows\system32\schannel.dll
2009-03-04 23:44:16 ----D---- C:\ProgramData\CyberLink
2009-03-04 13:29:52 ----D---- C:\Program Files\MobiPocket.com

======List of files/folders modified in the last 1 months======

2009-03-26 14:01:38 ----D---- C:\Windows\Prefetch
2009-03-26 14:01:24 ----D---- C:\Windows\Temp
2009-03-26 01:35:04 ----D---- C:\Windows\System32
2009-03-26 00:00:20 ----D---- C:\System Volume Information
2009-03-22 11:10:40 ----D---- C:\Program Files\Trend Micro
2009-03-22 10:56:35 ----SD---- C:\Windows\Downloaded Program Files
2009-03-18 17:46:24 ----D---- C:\Windows\inf
2009-03-18 17:46:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-03-18 10:30:24 ----D---- C:\Windows
2009-03-18 10:29:07 ----D---- C:\Windows\system
2009-03-17 10:03:56 ----RD---- C:\Program Files
2009-03-17 00:00:24 ----D---- C:\Windows\system32\catroot2
2009-03-11 03:20:26 ----D---- C:\Windows\winsxs
2009-03-11 03:10:20 ----D---- C:\Windows\system32\catroot
2009-03-11 03:08:39 ----HD---- C:\Config.Msi
2009-03-11 03:08:39 ----D---- C:\Program Files\Microsoft Silverlight
2009-03-11 03:07:06 ----D---- C:\Program Files\Windows Media Player
2009-03-11 03:07:06 ----D---- C:\Program Files\Windows Mail
2009-03-11 03:01:01 ----SHD---- C:\Windows\Installer
2009-03-11 03:01:01 ----D---- C:\ProgramData\Microsoft Help
2009-03-06 15:50:52 ----D---- C:\Windows\system32\WDI
2009-03-04 23:44:16 ----HD---- C:\ProgramData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys [2006-12-29 75088]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-10-26 12672]
R2 nmsgopro;GoProto Protocol Driver for NMS; C:\Windows\system32\DRIVERS\nmsgopro.sys [2006-09-27 28672]
R2 nmsunidr;UniDriver for NMS; C:\Windows\system32\DRIVERS\nmsunidr.sys [2006-10-19 7424]
R2 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [2007-12-24 138384]
R2 tmmbd;Trend Micro MBD Driver; C:\Windows\system32\DRIVERS\tm_mbd_c.sys [2006-12-29 111888]
R2 tmpreflt;tmpreflt; C:\Windows\system32\DRIVERS\tmpreflt.sys [2008-11-26 36368]
R2 tmxpflt;tmxpflt; C:\Windows\system32\DRIVERS\tmxpflt.sys [2008-11-26 205328]
R2 vsapint;vsapint; C:\Windows\system32\DRIVERS\vsapint.sys [2008-11-26 1195384]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-10-26 8192]
R3 AVMNgBasM780;AVerMedia M780 Base Driver; C:\Windows\system32\DRIVERS\AVerBas.sys [2006-12-10 51584]
R3 AVMNgCapM780;AVerMedia M780 Audio/Video Capture Driver; C:\Windows\system32\DRIVERS\AVerCap.sys [2006-12-10 364544]
R3 AVMNgTunM780;AVerMedia M780 TVTuner Driver; C:\Windows\system32\DRIVERS\AVerTun.sys [2006-12-10 162304]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-10-24 532992]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2006-11-16 214912]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2006-10-30 44416]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-10-26 986624]
R3 HSXHWBS2;HSXHWBS2; C:\Windows\system32\DRIVERS\HSXHWBS2.sys [2006-10-26 258048]
R3 IntelDH;IntelDH Driver; C:\Windows\System32\Drivers\IntelDH.sys [2008-12-24 5504]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2008-07-26 25624]
R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\lvusbsta.sys [2008-07-26 41752]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-18 7379872]
R3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2006-12-15 14240]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2008-07-26 2570520]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2006-11-22 647680]
R3 tmcfw;Trend Micro Common Firewall Service; C:\Windows\system32\DRIVERS\TM_CFW.sys [2006-12-29 288848]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-10-26 659968]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 ac97intc;Intel(r) 82801 Audio Driver Install Service (WDM); C:\Windows\system32\drivers\ac97intc.sys [2006-11-02 108032]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-10-24 532992]
S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056]
S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\C:\Windows\system32\drivers\BVRPMPR5.SYS [2007-05-23 49904]
S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2006-11-02 14208]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-19 131584]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-19 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-19 36864]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\ialmnt5.sys [2006-11-02 1302492]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw2v32;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows Vista; C:\Windows\system32\DRIVERS\NETw2v32.sys [2006-11-02 2589184]
S3 PalmUSBD;PalmUSBD; C:\Windows\system32\drivers\PalmUSBD.sys [2009-01-19 16694]
S3 SDDMI2;SDDMI2; \??\C:\Windows\system32\DDMI2.sys []
S3 TSHWMDTCP;TSHWMDTCP; \??\C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [2006-11-18 18904]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 VST_DPV;VST_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
S3 VSTHWBS2;VSTHWBS2; C:\Windows\system32\DRIVERS\VSTBS23.SYS [2006-11-02 251904]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AlertService;Intel(R) Alert Service; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [2006-11-18 195032]
R2 DQLWinService;DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-10-29 208896]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 ISSM;Intel(R) Software Services Manager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [2006-11-18 81880]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2008-07-26 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 150040]
R2 M1 Server;Intel(R) Viiv(TM) Media Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [2006-11-18 32216]
R2 MCLServiceATL;Intel(R) Application Tracker; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [2006-11-18 174552]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-18 196608]
R2 PcCtlCom;Trend Micro Central Control Component; C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe [2007-01-03 1922576]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Remote UI Service;Intel(R) Remoting Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [2006-11-18 550872]
R2 Tmntsrv;Trend Micro Real-time Service; C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe [2006-12-29 480784]
R2 TmPfw;Trend Micro Personal Firewall; C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe [2006-12-29 943696]
R2 tmproxy;Trend Micro Proxy Service; C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe [2006-12-29 566872]
R2 wltrysvc;Broadcom Wireless LAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2006-10-24 24064]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-10-26 386560]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 PcScnSrv;Trend Micro Protection Against Spyware ; C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe [2006-12-29 214544]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-12-25 29744]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------
shancoker
Active Member
 
Posts: 10
Joined: March 22nd, 2009, 11:28 am

Re: Coker

Unread postby peku006 » March 26th, 2009, 2:14 pm

Hi shancoker
Logs are clean, what kind of problems you have
Having issues

can you explain in more detail, browser, software or internet connection problems
User avatar
peku006
MRU Emeritus
MRU Emeritus
 
Posts: 3357
Joined: May 14th, 2007, 2:18 pm
Location: Norway

Re: Coker

Unread postby shancoker » March 26th, 2009, 3:12 pm

I keep having a contrast box come up from my monitor and I can't close it; I have to wait for it to go away myself, and I'm not causing it to come up. Also, when I sign on to myspace and try to navigate, it signs me out and brings me back to the sign in page. I can't sign in to my bank's website either. I can access myspace and my bank's website from another computer in my home, however. Trend Micro PC-Cillin has twice now told me that it has found a trojan that it can't quarantine, but when I try to find the files to remove, I can't find them.

You're help is greatly appreciated.
shancoker
Active Member
 
Posts: 10
Joined: March 22nd, 2009, 11:28 am

Re: Coker

Unread postby peku006 » March 26th, 2009, 3:33 pm

Hi shancoker
Let us take a deeper look......

Please download OTScanIt2 from Geeks to Go or Bleeping Computer. Save it to your desktop.

  1. Double click on OTScanIt2.exe to run it.
  2. Click on Extract. Once done, you will be prompted. Click OK and click Close.
  3. Double click on the OTScanIt2 folder. Double click on OTScanIt2.exe to run it.
  4. Under Rookit Search, select Yes.
  5. Under Additional Scans, click on "Extras" button.
  6. Click on Run Scan at the top left hand corner.
  7. When done, Notepad will open. Please post this log in your next reply.

Thanks peku006
User avatar
peku006
MRU Emeritus
MRU Emeritus
 
Posts: 3357
Joined: May 14th, 2007, 2:18 pm
Location: Norway

Re: Coker

Unread postby shancoker » March 27th, 2009, 12:46 pm

It won't let me put the whole log on here, it's too many characters. Suggestions?
shancoker
Active Member
 
Posts: 10
Joined: March 22nd, 2009, 11:28 am

Re: Coker

Unread postby peku006 » March 27th, 2009, 1:12 pm

Hi shancoker

Split your log over two posts
User avatar
peku006
MRU Emeritus
MRU Emeritus
 
Posts: 3357
Joined: May 14th, 2007, 2:18 pm
Location: Norway

Re: Coker

Unread postby shancoker » March 27th, 2009, 3:01 pm

[code]
OTScanIt2 logfile created on: 3/27/2009 12:37:00 PM - Run 3
OTScanIt2 by OldTimer - Version 1.0.9.1 Folder = C:\Users\Shannon\OTScanIt2
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.98 Gb Total Physical Memory | 0.89 Gb Available Physical Memory | 44.83% Memory free
4.00 Gb Paging File | 2.41 Gb Available in Paging File | 60.30% Paging File free
Paging file location(s): ?:\pagefile.sys;

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455.89 Gb Total Space | 304.57 Gb Free Space | 66.81% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 9.87 Gb Total Space | 0.01 Gb Free Space | 0.06% Space Free | Partition Type: NTFS
Drive I: | 195.60 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: MAIN-PC
Current User Name: Shannon
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days

[Processes - Safe List]
a.exe -> %SystemDrive%\Users\Allan\AppData\Local\Temp\a.exe -> [2009/01/20 11:36:19 | 00,081,924 | ---- | M] ()
alertservice.exe -> %ProgramFiles%\Intel\IntelDH\CCU\AlertService.exe -> [2006/11/18 11:01:26 | 00,195,032 | ---- | M] (Intel(R) Corporation)
bcmwltry.exe -> %SystemRoot%\System32\bcmwltry.exe -> [2006/10/24 16:40:54 | 01,601,536 | ---- | M] (Broadcom Corporation)
bigfix.exe -> %ProgramFiles%\BigFix\bigfix.exe -> [2006/11/16 20:04:58 | 02,348,584 | ---- | M] (BigFix Inc.)
blsloader.exe -> %ProgramFiles%\ATT Internet Tools\blsloader.exe -> [2009/03/17 10:04:14 | 00,107,856 | ---- | M] (AT&T Corporation)
blsloader.exe -> %ProgramFiles%\ATT Internet Tools\blsloader.exe -> [2009/03/17 10:04:14 | 00,107,856 | ---- | M] (AT&T Corporation)
catchme.exe -> %UserProfile%\OTScanIt2\CatchMe.exe -> [2007/11/27 15:14:50 | 00,140,288 | ---- | M] ()
ccu_engine.exe -> %ProgramFiles%\Intel\IntelDH\CCU\CCU_Engine.exe -> [2006/11/18 11:01:32 | 00,272,856 | ---- | M] (Intel(R) Corporation)
ccu_engine.exe -> %ProgramFiles%\Intel\IntelDH\CCU\CCU_Engine.exe -> [2006/11/18 11:01:32 | 00,272,856 | ---- | M] (Intel(R) Corporation)
ccu_trayicon.exe -> %ProgramFiles%\Intel\IntelDH\CCU\CCU_TrayIcon.exe -> [2006/11/18 11:01:42 | 00,182,744 | ---- | M] (Intel(R) Corporation)
ccu_trayicon.exe -> %ProgramFiles%\Intel\IntelDH\CCU\CCU_TrayIcon.exe -> [2006/11/18 11:01:42 | 00,182,744 | ---- | M] (Intel(R) Corporation)
dqlwinservice.exe -> %CommonProgramFiles%\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -> [2006/10/29 13:03:30 | 00,208,896 | ---- | M] ()
dvzincmsgr.exe -> %CommonProgramFiles%\DataViz\DvzIncMsgr.exe -> [2009/01/20 21:49:53 | 00,028,672 | ---- | M] (DataViz, Inc.)
dvzincmsgr.exe -> %CommonProgramFiles%\DataViz\DvzIncMsgr.exe -> [2009/01/20 21:49:53 | 00,028,672 | ---- | M] (DataViz, Inc.)
ehmsas.exe -> %SystemRoot%\ehome\ehmsas.exe -> [2008/01/19 03:33:09 | 00,037,376 | ---- | M] (Microsoft Corporation)
ehmsas.exe -> %SystemRoot%\ehome\ehmsas.exe -> [2008/01/19 03:33:09 | 00,037,376 | ---- | M] (Microsoft Corporation)
ehtray.exe -> %SystemRoot%\ehome\ehtray.exe -> [2008/01/19 03:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation)
ehtray.exe -> %SystemRoot%\ehome\ehtray.exe -> [2008/01/19 03:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation)
explorer.exe -> %SystemRoot%\Explorer.EXE -> [2008/12/25 07:12:13 | 02,927,104 | ---- | M] (Microsoft Corporation)
explorer.exe -> %SystemRoot%\Explorer.EXE -> [2008/12/25 07:12:13 | 02,927,104 | ---- | M] (Microsoft Corporation)
googledesktop.exe -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> [2008/12/25 11:58:32 | 00,029,744 | ---- | M] (Google)
googledesktop.exe -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> [2008/12/25 11:58:32 | 00,029,744 | ---- | M] (Google)
googledesktop.exe -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> [2008/12/25 11:58:32 | 00,029,744 | ---- | M] (Google)
googledesktop.exe -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> [2008/12/25 11:58:32 | 00,029,744 | ---- | M] (Google)
googledesktop.exe -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> [2008/12/25 11:58:32 | 00,029,744 | ---- | M] (Google)
hotsync.exe -> %ProgramFiles%\palmOne\Hotsync.exe -> [2004/06/09 15:16:08 | 00,471,040 | ---- | M] (PalmSource, Inc)
hotsync.exe -> %ProgramFiles%\palmOne\Hotsync.exe -> [2004/06/09 15:16:08 | 00,471,040 | ---- | M] (PalmSource, Inc)
ieuser.exe -> %ProgramFiles%\Internet Explorer\ieuser.exe -> [2008/01/19 03:33:12 | 00,299,520 | ---- | M] (Microsoft Corporation)
iexplore.exe -> %ProgramFiles%\Internet Explorer\iexplore.exe -> [2008/01/19 03:33:12 | 00,625,664 | ---- | M] (Microsoft Corporation)
intelhctagent.exe -> %CommonProgramFiles%\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe -> [2006/09/26 14:56:00 | 00,423,424 | ---- | M] (Intel Corporation)
issm.exe -> %ProgramFiles%\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe -> [2006/11/18 10:59:38 | 00,081,880 | ---- | M] (Intel(R) Corporation)
lvcomser.exe -> %CommonProgramFiles%\LogiShrd\LVCOMSER\LVComSer.exe -> [2008/07/26 12:23:42 | 00,186,904 | ---- | M] (Logitech Inc.)
lvcomser.exe -> %CommonProgramFiles%\LogiShrd\LVCOMSER\LVComSer.exe -> [2008/07/26 12:23:42 | 00,186,904 | ---- | M] (Logitech Inc.)
lvcomser.exe -> %CommonProgramFiles%\LogiShrd\LVCOMSER\LVComSer.exe -> [2008/07/26 12:23:42 | 00,186,904 | ---- | M] (Logitech Inc.)
lvprcsrv.exe -> %CommonProgramFiles%\LogiShrd\LVMVFM\LVPrcSrv.exe -> [2008/07/26 12:25:36 | 00,150,040 | ---- | M] (Logitech Inc.)
mclserviceatl.exe -> %ProgramFiles%\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -> [2006/11/18 11:00:06 | 00,174,552 | ---- | M] (Intel(R) Corporation)
mediaserver.exe -> %ProgramFiles%\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -> [2006/11/18 10:59:02 | 00,032,216 | ---- | M] ()
mobsync.exe -> %SystemRoot%\System32\mobsync.exe -> [2008/01/19 03:33:15 | 00,095,744 | ---- | M] (Microsoft Corporation)
mobsync.exe -> %SystemRoot%\System32\mobsync.exe -> [2008/01/19 03:33:15 | 00,095,744 | ---- | M] (Microsoft Corporation)
nvvsvc.exe -> %SystemRoot%\system32\nvvsvc.exe -> [2008/09/18 03:55:00 | 00,196,608 | ---- | M] (NVIDIA Corporation)
otscanit2.exe -> %UserProfile%\OTScanIt2\OTScanIt2.exe -> [2009/03/27 10:59:42 | 00,492,544 | ---- | M] (OldTimer Tools)
pccguide.exe -> %ProgramFiles%\Trend Micro\Internet Security 2007\pccguide.exe -> [2006/12/29 02:52:56 | 03,429,904 | ---- | M] (Trend Micro Inc.)
pccguide.exe -> %ProgramFiles%\Trend Micro\Internet Security 2007\pccguide.exe -> [2006/12/29 02:52:56 | 03,429,904 | ---- | M] (Trend Micro Inc.)
pcctlcom.exe -> %ProgramFiles%\Trend Micro\Internet Security 2007\PcCtlCom.exe -> [2007/01/03 23:38:58 | 01,922,576 | ---- | M] (Trend Micro Inc.)
pcscnsrv.exe -> %ProgramFiles%\Trend Micro\Internet Security 2007\PcScnSrv.exe -> [2006/12/29 02:53:14 | 00,214,544 | ---- | M] (Trend Micro Inc.)
remote ui service.exe -> %ProgramFiles%\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -> [2006/11/18 11:00:48 | 00,550,872 | ---- | M] (Intel(R) Corporation)
sttray.exe -> %SystemRoot%\sttray.exe -> [2006/11/22 18:56:00 | 00,303,104 | ---- | M] (SigmaTel, Inc.)
sttray.exe -> %SystemRoot%\sttray.exe -> [2006/11/22 18:56:00 | 00,303,104 | ---- | M] (SigmaTel, Inc.)
tmntsrv.exe -> %ProgramFiles%\Trend Micro\Internet Security 2007\Tmntsrv.exe -> [2006/12/29 02:53:14 | 00,480,784 | ---- | M] (Trend Micro Inc.)
tmpfw.exe -> %ProgramFiles%\Trend Micro\Internet Security 2007\TmPfw.exe -> [2006/12/29 02:53:06 | 00,943,696 | ---- | M] (Trend Micro Inc.)
tmproxy.exe -> %ProgramFiles%\Trend Micro\Internet Security 2007\tmproxy.exe -> [2006/12/29 02:53:10 | 00,566,872 | ---- | M] (Trend Micro Inc.)
winampa.exe -> %ProgramFiles%\Winamp\winampa.exe -> [2008/08/03 19:02:20 | 00,036,352 | ---- | M] ()
wltray.exe -> %SystemRoot%\System32\WLTRAY.EXE -> [2006/10/24 16:40:54 | 01,429,504 | ---- | M] (Broadcom Corporation)
wltray.exe -> %SystemRoot%\System32\WLTRAY.EXE -> [2006/10/24 16:40:54 | 01,429,504 | ---- | M] (Broadcom Corporation)
wltrysvc.exe -> %SystemRoot%\System32\WLTRYSVC.EXE -> [2006/10/24 16:40:54 | 00,024,064 | ---- | M] ()
wmiprvse.exe -> %SystemRoot%\system32\wbem\wmiprvse.exe -> [2008/01/19 03:33:39 | 00,245,248 | ---- | M] (Microsoft Corporation)
wudfhost.exe -> %SystemRoot%\system32\WUDFHost.exe -> [2008/01/19 03:33:40 | 00,142,336 | ---- | M] (Microsoft Corporation)
xaudio.exe -> %SystemRoot%\system32\DRIVERS\xaudio.exe -> [2006/10/26 14:44:40 | 00,386,560 | ---- | M] (Conexant Systems, Inc.)

[Win32 Services - Safe List]
(AlertService) Intel(R) Alert Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\IntelDH\CCU\AlertService.exe -> [2006/11/18 11:01:26 | 00,195,032 | ---- | M] (Intel(R) Corporation)
(clr_optimization_v2.0.50727_32) Microsoft .NET Framework NGEN v2.0.50727_X86 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2008/01/05 07:26:41 | 00,070,144 | ---- | M] (Microsoft Corporation)
(DQLWinService) DQLWinService [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -> [2006/10/29 13:03:30 | 00,208,896 | ---- | M] ()
(ehRecvr) Windows Media Center Receiver Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\ehome\ehRecvr.exe -> [2008/01/19 03:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation)
(ehSched) Windows Media Center Scheduler Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\ehome\ehsched.exe -> [2006/11/02 08:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation)
(ehstart) Windows Media Center Service Launcher [Win32_Shared | Auto | Stopped] -> %SystemRoot%\ehome\ehstart.dll -> [2006/11/02 08:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation)
(FontCache3.0.0.0) Windows Presentation Foundation Font Cache 3.0.0.0 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -> [2008/01/05 07:21:53 | 00,036,864 | ---- | M] (Microsoft Corporation)
(GoogleDesktopManager-061008-081103) Google Desktop Manager 5.7.806.10245 [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktop.exe -> [2008/12/25 11:58:32 | 00,029,744 | ---- | M] (Google)
(hpqcxs08) hpqcxs08 [Win32_Shared | On_Demand | Running] -> %ProgramFiles%\HP\Digital Imaging\bin\hpqcxs08.dll -> [2007/01/03 02:46:54 | 00,225,280 | ---- | M] (Hewlett-Packard Co.)
(hpqddsvc) HP CUE DeviceDiscovery Service [Win32_Shared | Auto | Running] -> %ProgramFiles%\HP\Digital Imaging\bin\hpqddsvc.dll -> [2006/12/11 03:29:24 | 00,131,072 | ---- | M] (Hewlett-Packard Co.)
(idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> [2008/01/05 07:21:39 | 00,864,256 | ---- | M] (Microsoft Corporation)
(ISSM) Intel(R) Software Services Manager [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe -> [2006/11/18 10:59:38 | 00,081,880 | ---- | M] (Intel(R) Corporation)
(LVCOMSer) LVCOMSer [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LogiShrd\LVCOMSER\LVComSer.exe -> [2008/07/26 12:23:42 | 00,186,904 | ---- | M] (Logitech Inc.)
(LVPrcSrv) Process Monitor [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LogiShrd\LVMVFM\LVPrcSrv.exe -> [2008/07/26 12:25:36 | 00,150,040 | ---- | M] (Logitech Inc.)
(M1 Server) Intel(R) Viiv(TM) Media Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -> [2006/11/18 10:59:02 | 00,032,216 | ---- | M] ()
(MCLServiceATL) Intel(R) Application Tracker [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -> [2006/11/18 11:00:06 | 00,174,552 | ---- | M] (Intel(R) Corporation)
(Net Driver HPZ12) Net Driver HPZ12 [Win32_Own | Auto | Running] -> %SystemRoot%\system32\HPZinw12.dll -> [2006/11/08 20:35:36 | 00,043,520 | ---- | M] (Hewlett-Packard)
(NetTcpPortSharing) Net.Tcp Port Sharing Service [Win32_Shared | Disabled | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -> [2008/01/05 07:21:39 | 00,122,880 | ---- | M] (Microsoft Corporation)
(nvsvc) NVIDIA Display Driver Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\nvvsvc.exe -> [2008/09/18 03:55:00 | 00,196,608 | ---- | M] (NVIDIA Corporation)
(odserv) Microsoft Office Diagnostics Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\OFFICE12\ODSERV.EXE -> [2007/08/24 07:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation)
(ose) Office Source Engine [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Microsoft Shared\Source Engine\OSE.EXE -> [2006/10/26 18:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation)
(PcCtlCom) Trend Micro Central Control Component [Win32_Own | Auto | Running] -> %ProgramFiles%\Trend Micro\Internet Security 2007\PcCtlCom.exe -> [2007/01/03 23:38:58 | 01,922,576 | ---- | M] (Trend Micro Inc.)
(PcScnSrv) Trend Micro Protection Against Spyware [Win32_Own | On_Demand | Running] -> %ProgramFiles%\Trend Micro\Internet Security 2007\PcScnSrv.exe -> [2006/12/29 02:53:14 | 00,214,544 | ---- | M] (Trend Micro Inc.)
(Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | Auto | Running] -> %SystemRoot%\system32\HPZipm12.dll -> [2006/11/08 20:35:38 | 00,053,248 | ---- | M] (Hewlett-Packard)
(Remote UI Service) Intel(R) Remoting Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -> [2006/11/18 11:00:48 | 00,550,872 | ---- | M] (Intel(R) Corporation)
(Tmntsrv) Trend Micro Real-time Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Trend Micro\Internet Security 2007\Tmntsrv.exe -> [2006/12/29 02:53:14 | 00,480,784 | ---- | M] (Trend Micro Inc.)
(TmPfw) Trend Micro Personal Firewall [Win32_Own | Auto | Running] -> %ProgramFiles%\Trend Micro\Internet Security 2007\TmPfw.exe -> [2006/12/29 02:53:06 | 00,943,696 | ---- | M] (Trend Micro Inc.)
(tmproxy) Trend Micro Proxy Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Trend Micro\Internet Security 2007\tmproxy.exe -> [2006/12/29 02:53:10 | 00,566,872 | ---- | M] (Trend Micro Inc.)
(WinDefend) Windows Defender [Win32_Shared | Auto | Stopped] -> %ProgramFiles%\Windows Defender\mpsvc.dll -> [2008/01/19 03:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation)
(wltrysvc) Broadcom Wireless LAN Tray Service [Win32_Own | Auto | Running] -> %SystemRoot%\System32\WLTRYSVC.EXE -> [2006/10/24 16:40:54 | 00,024,064 | ---- | M] ()
(WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> [2008/01/19 03:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation)
(XAudioService) XAudioService [Win32_Own | Auto | Running] -> %SystemRoot%\system32\DRIVERS\xaudio.exe -> [2006/10/26 14:44:40 | 00,386,560 | ---- | M] (Conexant Systems, Inc.)

[Driver Services - Safe List]
(ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ac97intc.sys -> [2006/11/02 03:36:49 | 00,108,032 | ---- | M] (Intel Corporation)
(adp94xx) adp94xx [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\adp94xx.sys -> [2006/11/02 05:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.)
(adpahci) adpahci [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\adpahci.sys -> [2006/11/02 05:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.)
(adpu160m) adpu160m [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\adpu160m.sys -> [2006/11/02 05:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.)
(adpu320) adpu320 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\adpu320.sys -> [2006/11/02 05:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.)
(aic78xx) aic78xx [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\djsvs.sys -> [2006/11/02 05:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.)
(aliide) aliide [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\aliide.sys -> [2006/11/02 05:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.)
(arc) arc [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\arc.sys -> [2006/11/02 05:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.)
(arcsas) arcsas [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\arcsas.sys -> [2006/11/02 05:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.)
(AVMNgBasM780) AVerMedia M780 Base Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\AVerBas.sys -> [2006/12/10 19:42:34 | 00,051,584 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.)
(AVMNgCapM780) AVerMedia M780 Audio/Video Capture Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\AVerCap.sys -> [2006/12/10 19:42:44 | 00,364,544 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.)
(AVMNgTunM780) AVerMedia M780 TVTuner Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\AVerTun.sys -> [2006/12/10 19:42:58 | 00,162,304 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.)
(BCM43XV) Broadcom Extensible 802.11 Network Adapter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\bcmwl6.sys -> [2006/10/24 15:40:28 | 00,532,992 | ---- | M] (Broadcom Corporation)
(BCM43XX) Broadcom 802.11 Network Adapter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\bcmwl6.sys -> [2006/10/24 15:40:28 | 00,532,992 | ---- | M] (Broadcom Corporation)
(bcm4sbxp) Broadcom 440x 10/100 Integrated Controller XP Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\bcm4sbxp.sys -> [2006/11/02 03:30:53 | 00,045,056 | ---- | M] (Broadcom Corporation)
(BrFiltLo) Brother USB Mass-Storage Lower Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\brfiltlo.sys -> [2006/11/02 04:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.)
(BrFiltUp) Brother USB Mass-Storage Upper Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\brfiltup.sys -> [2006/11/02 04:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.)
(Brserid) Brother MFC Serial Port Interface Driver (WDM) [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\brserid.sys -> [2006/11/02 04:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.)
(BrSerWdm) Brother WDM Serial driver [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\brserwdm.sys -> [2006/11/02 04:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.)
(BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\brusbmdm.sys -> [2006/11/02 04:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.)
(BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\brusbser.sys -> [2006/11/02 04:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.)
(BVRPMPR5) BVRPMPR5 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\BVRPMPR5.SYS -> [2007/05/23 17:26:34 | 00,049,904 | R--- | M] (Avanquest Software)
(cmdide) cmdide [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\cmdide.sys -> [2006/11/02 05:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.)
(e1express) Intel(R) PRO/1000 PCI Express Network Connection Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\e1e6032.sys -> [2006/11/16 14:10:44 | 00,214,912 | ---- | M] (Intel Corporation)
(E1G60) Intel(R) PRO/1000 NDIS 6 Adapter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\E1G60I32.sys -> [2006/11/02 03:30:54 | 00,117,760 | ---- | M] (Intel Corporation)
(elxstor) elxstor [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\elxstor.sys -> [2006/11/02 05:51:34 | 00,316,520 | ---- | M] (Emulex)
(HECI) Intel(R) Management Engine Interface [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HECI.sys -> [2006/10/30 20:53:32 | 00,044,416 | ---- | M] (Intel Corporation)
(HpCISSs) HpCISSs [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\hpcisss.sys -> [2006/11/02 05:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company)
(HSF_DPV) HSF_DPV [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HSX_DPV.sys -> [2006/10/26 14:44:38 | 00,986,624 | ---- | M] (Conexant Systems, Inc.)
(HSXHWBS2) HSXHWBS2 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HSXHWBS2.sys -> [2006/10/26 14:44:36 | 00,258,048 | ---- | M] (Conexant Systems, Inc.)
(ialm) ialm [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\ialmnt5.sys -> [2006/11/02 03:36:45 | 01,302,492 | ---- | M] (Intel Corporation)
(iaStorV) Intel RAID Controller Vista [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\iastorv.sys -> [2006/11/02 05:51:25 | 00,232,040 | ---- | M] (Intel Corporation)
(iirsp) iirsp [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\iirsp.sys -> [2006/11/02 05:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH)
(IntelDH) IntelDH Driver [Kernel | On_Demand | Running] -> %SystemRoot%\System32\Drivers\IntelDH.sys -> [2008/12/24 14:02:54 | 00,005,504 | ---- | M] (Intel Corporation)
(iteatapi) ITEATAPI_Service_Install [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\iteatapi.sys -> [2006/11/02 05:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.)
(iteraid) ITERAID_Service_Install [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\iteraid.sys -> [2006/11/02 05:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.)
(LSI_FC) LSI_FC [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\lsi_fc.sys -> [2006/11/02 05:50:04 | 00,065,640 | ---- | M] (LSI Logic)
(LSI_SAS) LSI_SAS [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\lsi_sas.sys -> [2006/11/02 05:50:05 | 00,065,640 | ---- | M] (LSI Logic)
(LSI_SCSI) LSI_SCSI [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\lsi_scsi.sys -> [2006/11/02 05:50:10 | 00,065,640 | ---- | M] (LSI Logic)
(LVPr2Mon) Logitech LVPr2Mon Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\LVPr2Mon.sys -> [2008/07/26 12:25:02 | 00,025,624 | ---- | M] ()
(LVRS) Logitech RightSound Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\lvrs.sys -> [2008/07/26 11:25:46 | 00,627,864 | ---- | M] (Logitech Inc.)
(LVUSBSta) Logitech USB Monitor Filter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\lvusbsta.sys -> [2008/07/26 11:26:20 | 00,041,752 | ---- | M] (Logitech Inc.)
(mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\mdmxsdk.sys -> [2006/10/26 14:44:40 | 00,012,672 | ---- | M] (Conexant)
(megasas) megasas [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\megasas.sys -> [2006/11/02 05:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation)
(Mraid35x) Mraid35x [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\mraid35x.sys -> [2006/11/02 05:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation)
(NETw2v32) Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows Vista [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\NETw2v32.sys -> [2006/11/02 03:30:56 | 02,589,184 | ---- | M] (Intel® Corporation)
(nfrd960) nfrd960 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\nfrd960.sys -> [2006/11/02 05:50:19 | 00,045,160 | ---- | M] (IBM Corporation)
(nmsgopro) GoProto Protocol Driver for NMS [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\nmsgopro.sys -> [2006/09/27 20:37:24 | 00,028,672 | --S- | M] (Gteko Ltd.)
(nmsunidr) UniDriver for NMS [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\nmsunidr.sys -> [2006/10/19 19:49:48 | 00,007,424 | --S- | M] (Gteko Ltd.)
(ntrigdigi) N-trig HID Tablet Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ntrigdigi.sys -> [2006/11/02 03:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies)
(nvlddmkm) nvlddmkm [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\nvlddmkm.sys -> [2008/09/18 03:55:00 | 07,379,872 | ---- | M] (NVIDIA Corporation)
(nvraid) nvraid [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\nvraid.sys -> [2006/11/02 05:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation)
(nvstor) nvstor [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\nvstor.sys -> [2006/11/02 05:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation)
(PalmUSBD) PalmUSBD [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\PalmUSBD.sys -> [2009/01/19 21:18:03 | 00,016,694 | ---- | M] (PalmSource, Inc.)
(pepifilter) Volume Adapter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\lv302af.sys -> [2006/12/15 01:36:25 | 00,014,240 | ---- | M] (Logitech Inc.)
(PID_PEPI) Logitech QuickCam IM(PID_PEPI) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\LV302V32.SYS -> [2008/07/26 11:22:32 | 02,570,520 | ---- | M] (Logitech Inc.)
(ql2300) QLogic Fibre Channel Miniport Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql2300.sys -> [2006/11/02 05:51:45 | 00,900,712 | ---- | M] (QLogic Corporation)
(ql40xx) QLogic iSCSI Miniport Driver [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ql40xx.sys -> [2006/11/02 05:50:35 | 00,106,088 | ---- | M] (QLogic Corporation)
(secdrv) Security Driver [Kernel | Auto | Running] -> %SystemRoot%\System32\drivers\secdrv.sys -> [2006/11/02 02:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(SiSRaid2) SiSRaid2 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sisraid2.sys -> [2006/11/02 05:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.)
(SiSRaid4) SiSRaid4 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sisraid4.sys -> [2006/11/02 05:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems)
(STHDA) SigmaTel High Definition Audio CODEC [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\stwrt.sys -> [2006/11/22 18:56:52 | 00,647,680 | ---- | M] (SigmaTel, Inc.)
(Symc8xx) Symc8xx [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\symc8xx.sys -> [2006/11/02 05:50:05 | 00,035,944 | ---- | M] (LSI Logic)
(Sym_hi) Sym_hi [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sym_hi.sys -> [2006/11/02 05:49:56 | 00,031,848 | ---- | M] (LSI Logic)
(Sym_u3) Sym_u3 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\sym_u3.sys -> [2006/11/02 05:50:03 | 00,034,920 | ---- | M] (LSI Logic)
(tmcfw) Trend Micro Common Firewall Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\TM_CFW.sys -> [2006/12/29 02:53:52 | 00,288,848 | ---- | M] (Trend Micro Inc.)
(tmcomm) tmcomm [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\tmcomm.sys -> [2007/12/24 21:37:00 | 00,138,384 | ---- | M] (Trend Micro Inc.)
(tmmbd) Trend Micro MBD Driver [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\tm_mbd_c.sys -> [2006/12/29 02:53:52 | 00,111,888 | ---- | M] (Trend Micro Inc.)
(tmpreflt) tmpreflt [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\tmpreflt.sys -> [2008/11/26 21:42:40 | 00,036,368 | ---- | M] (Trend Micro Inc.)
(tmtdi) Trend Micro TDI Driver [Kernel | System | Running] -> %SystemRoot%\system32\DRIVERS\tmtdi.sys -> [2006/12/29 02:53:52 | 00,075,088 | ---- | M] (Trend Micro Incorporated.)
(tmxpflt) tmxpflt [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\tmxpflt.sys -> [2008/11/26 21:42:42 | 00,205,328 | ---- | M] (Trend Micro Inc.)
(TSHWMDTCP) TSHWMDTCP [File_System | On_Demand | Stopped] -> %ProgramFiles%\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys -> [2006/11/18 11:01:08 | 00,018,904 | ---- | M] ()
(uliahci) uliahci [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\uliahci.sys -> [2006/11/02 05:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.)
(UlSata) UlSata [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ulsata.sys -> [2006/11/02 05:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.)
(ulsata2) ulsata2 [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\ulsata2.sys -> [2006/11/02 05:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.)
(usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\usbaudio.sys -> [2008/01/19 01:53:23 | 00,073,088 | ---- | M] (Microsoft Corporation)
(viaide) viaide [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\viaide.sys -> [2006/11/02 05:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.)
(vsapint) vsapint [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\vsapint.sys -> [2008/11/26 21:39:56 | 01,195,384 | ---- | M] (Trend Micro Inc.)
(vsmraid) vsmraid [Kernel | Disabled | Stopped] -> %SystemRoot%\system32\drivers\vsmraid.sys -> [2006/11/02 05:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd)
(VSTHWBS2) VSTHWBS2 [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\VSTBS23.SYS -> [2006/11/02 03:41:53 | 00,251,904 | ---- | M] (Conexant Systems, Inc.)
(VST_DPV) VST_DPV [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\DRIVERS\VSTDPV3.SYS -> [2006/11/02 03:41:50 | 00,987,648 | ---- | M] (Conexant Systems, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Running] -> %SystemRoot%\system32\DRIVERS\HSX_CNXT.sys -> [2006/10/26 14:44:38 | 00,659,968 | ---- | M] (Conexant Systems, Inc.)
(XAudio) XAudio [Kernel | Auto | Running] -> %SystemRoot%\system32\DRIVERS\xaudio.sys -> [2006/10/26 14:44:40 | 00,008,192 | ---- | M] (Conexant Systems, Inc.)

[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://www.gateway.com/g/startpage.html ... &M=GM5454E ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" -> Reg Error: Invalid data type. ->
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://www.gateway.com/g/startpage.html ... &M=GM5454E ->
HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://www.gateway.com/g/sidepanel.html ... &M=GM5454E ->
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> ->
HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\Windows\system32\blank.htm ->
HKEY_CURRENT_USER\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_CURRENT_USER\: Main\\"SearchDefaultBranded" -> Reg Error: Invalid data type. ->
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.gateway.com/g/startpage.html ... &M=GM5454E ->
HKEY_CURRENT_USER\: Main\\"StartPageCache" -> Reg Error: Invalid data type. ->
HKEY_CURRENT_USER\: SearchURL\\"FindProvidersURL" -> http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 ->
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 ->
HKEY_CURRENT_USER\: "ProxyOverride" -> <local> ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
< FireFox Extensions [User Folders] > ->
< HOSTS File > (761 bytes and 20 lines) -> C:\Windows\System32\drivers\etc\Hosts ->
Reset Hosts
127.0.0.1 localhost
::1 localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/10/23 00:08:42 | 00,062,080 | ---- | M] (Adobe Systems Incorporated)
{15C9938F-CB96-496D-800A-B827F2E34EA1} [HKLM] -> %ProgramFiles%\ATT Internet Tools\blspc.dll [BlspcHlpr Class] -> [2009/03/17 10:04:12 | 01,437,696 | ---- | M] (AT&T Corporation)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.6.0\bin\ssv.dll [SSVHelper Class] -> [2008/12/24 14:24:27 | 00,501,384 | ---- | M] (Sun Microsystems, Inc.)
{AA58ED58-01DD-4d91-8333-CF10577473F7} [HKLM] -> %ProgramFiles%\google\googletoolbar1.dll [Google Toolbar Helper] -> [2008/12/24 14:24:39 | 02,193,280 | R--- | M] (Google Inc.)
{CA6319C0-31B7-401E-A518-A07C3DB8F777} [HKLM] -> %SystemDrive%\google\BAE.dll [CBrowserHelperObject Object] -> [2006/02/01 06:54:30 | 00,094,208 | ---- | M] (Gateway Inc.)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" [HKLM] -> %ProgramFiles%\google\googletoolbar1.dll [&Google] -> [2008/12/24 14:24:39 | 02,193,280 | R--- | M] (Google Inc.)
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" [HKLM] -> %ProgramFiles%\google\googletoolbar1.dll [&Google] -> [2008/12/24 14:24:39 | 02,193,280 | R--- | M] (Google Inc.)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Adobe Reader Speed Launcher" -> %ProgramFiles%\Adobe\Reader 8.0\Reader\Reader_sl.exe ["C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> [2008/10/15 02:04:34 | 00,039,792 | ---- | M] (Adobe Systems Incorporated)
"BigFix" -> %ProgramFiles%\Bigfix\bigfix.exe [c:\program files\Bigfix\bigfix.exe /atstartup] -> [2006/11/16 20:04:58 | 02,348,584 | ---- | M] (BigFix Inc.)
"blspcloader" -> %ProgramFiles%\ATT Internet Tools\blsloader.exe [C:\Program Files\ATT Internet Tools\blsloader.exe] -> [2009/03/17 10:04:14 | 00,107,856 | ---- | M] (AT&T Corporation)
"Broadcom Wireless Manager UI" -> %SystemRoot%\system32\WLTRAY.exe [C:\Windows\system32\WLTRAY.exe] -> [2006/10/24 16:40:54 | 01,429,504 | ---- | M] (Broadcom Corporation)
"CCUTRAYICON" -> %ProgramFiles%\Intel\IntelDH\CCU\CCU_TrayIcon.exe [C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe] -> [2006/11/18 11:01:42 | 00,182,744 | ---- | M] (Intel(R) Corporation)
"Google Desktop Search" -> ["C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup] -> File not found
"NMSSupport" -> ["C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup] -> File not found
"NvCplDaemon" -> %SystemRoot%\system32\NvCpl.DLL [RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup] -> [2008/09/18 03:55:00 | 13,580,832 | ---- | M] (NVIDIA Corporation)
"pccguide.exe" -> %ProgramFiles%\Trend Micro\Internet Security 2007\pccguide.exe ["C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"] -> [2006/12/29 02:52:56 | 03,429,904 | ---- | M] (Trend Micro Inc.)
"RecoverFromReboot" -> %SystemRoot%\Temp\RecoverFromReboot.exe SECURITY 2007\PCCGUIDE.EXE [C:\Windows\Temp\RecoverFromReboot.exe SECURITY 2007\PCCGUIDE.EXE] -> File not found
"SigmatelSysTrayApp" -> %SystemRoot%\sttray.exe [sttray.exe] -> [2006/11/22 18:56:00 | 00,303,104 | ---- | M] (SigmaTel, Inc.)
"WinampAgent" -> %ProgramFiles%\Winamp\winampa.exe ["C:\Program Files\Winamp\winampa.exe"] -> [2008/08/03 19:02:20 | 00,036,352 | ---- | M] ()
"Windows Defender" -> %ProgramFiles%\Windows Defender\MSASCui.exe [%ProgramFiles%\Windows Defender\MSASCui.exe -hide] -> [2008/01/19 03:38:38 | 01,008,184 | ---- | M] (Microsoft Corporation)
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"ehTray.exe" -> %SystemRoot%\ehome\ehTray.exe [C:\Windows\ehome\ehTray.exe] -> [2008/01/19 03:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation)
"WindowsWelcomeCenter" -> %SystemRoot%\system32\oobefldr.DLL [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2008/01/19 03:36:02 | 02,153,472 | ---- | M] (Microsoft Corporation)
< RunOnce [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"FlashPlayerUpdate" -> %SystemRoot%\system32\Macromed\Flash\FlashUtil10a.exe [C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe] -> [2008/10/04 23:16:26 | 00,235,936 | R--- | M] (Adobe Systems, Inc.)
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" -> [2] -> File not found
\\"ConsentPromptBehaviorUser" -> [1] -> File not found
\\"EnableInstallerDetection" -> [1] -> File not found
\\"EnableLUA" -> [1] -> File not found
\\"EnableSecureUIAPaths" -> [1] -> File not found
\\"EnableVirtualization" -> [1] -> File not found
\\"PromptOnSecureDesktop" -> [1] -> File not found
\\"ValidateAdminCodeSignatures" -> [0] -> File not found
\\"dontdisplaylastusername" -> [0] -> File not found
\\"legalnoticecaption" -> [] -> File not found
\\"legalnoticetext" -> [] -> File not found
\\"scforceoption" -> [0] -> File not found
\\"shutdownwithoutlogon" -> [1] -> File not found
\\"undockwithoutlogon" -> [1] -> File not found
\\"FilterAdministratorToken" -> [0] -> File not found
\\"EnableUIADesktopToggle" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
\UIPI\Clipboard\ExceptionFormats\\"CF_TEXT" -> [1] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_BITMAP" -> [2] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_OEMTEXT" -> [7] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_DIB" -> [8] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_PALETTE" -> [9] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_UNICODETEXT" -> [13] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_DIBV5" -> [17] -> File not found
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ ->
E&xport to Microsoft Excel -> %ProgramFiles%\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000] -> [2008/10/18 22:30:22 | 17,931,616 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} [HKLM] -> %ProgramFiles%\Java\jre1.6.0\bin\ssv.dll [Menu: Sun Java Console] -> [2008/12/24 14:24:27 | 00,501,384 | ---- | M] (Sun Microsystems, Inc.)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [Button: Send to OneNote] -> [2007/12/13 06:20:58 | 00,606,288 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\ONBttnIE.dll [Menu: S&end to OneNote] -> [2007/12/13 06:20:58 | 00,606,288 | ---- | M] (Microsoft Corporation)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> %ProgramFiles%\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2006/10/27 00:12:22 | 00,040,424 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
PluginsPageFriendlyName -> Microsoft ActiveX Gallery ->
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 3 domain(s) found. ->
att.net .[http] -> Trusted sites ->
att.net .[https] -> Trusted sites ->
sbcglobal.net .[https] -> Trusted sites ->
clientapps_yahoo.com [http] -> Trusted sites ->
clientapps_yahoo.com [https] -> Trusted sites ->
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 1 range(s) found. ->
GD [:Range = 127.0.0.1] -> http = Local intranet | ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{02BCC737-B171-4746-94C9-0D8A0B2C0089} [HKLM] -> http://office.microsoft.com/templates/ieawsdc.cab [Microsoft Office Template and Media Control] ->
{0742B9EF-8C83-41CA-BFBA-830A59E23533} [HKLM] -> https://support.microsoft.com/OAS/ActiveX/MSDcode.cab [Microsoft Data Collection Control] ->
{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} [HKLM] -> http://ak.exe.imgfarm.com/images/nocach ... .0.1.1.cab [Reg Error: Key error.] ->
{48DD0448-9209-4F81-9F6D-D83562940134} [HKLM] -> http://lads.myspace.com/upload/MySpaceUploader1006.cab [MySpace Uploader Control] ->
{549F957E-2F89-11D6-8CFE-00C04F52B225} [HKLM] -> http://couponmom.coupons.smartsource.co ... scmv5X.cab [CMV5 Class] ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab [Java Plug-in 1.6.0] ->
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/fl ... rashim.cab [Reg Error: Key error.] ->
{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab [Java Plug-in 1.6.0] ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab [Java Plug-in 1.6.0] ->
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{4D86D2A2-ABE3-4855-828A-599B29196074} -> (Broadcom 802.11g Network Adapter) ->
{756DD2F0-8FD3-4A5E-AACB-0650CB30F878} -> (Intel(R) 82562V 10/100 Network Connection) ->
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs ->
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls ->
C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL -> %ProgramFiles%\Google\Google Desktop Search\GoogleDesktopNetwork3.dll -> [2008/12/25 11:58:32 | 00,113,664 | ---- | M] (Google)
*MultiFile Done* -> ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> %SystemRoot%\explorer.exe -> [2008/12/25 07:12:13 | 02,927,104 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
"AlternateShell" -> cmd.exe ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" -> %SystemRoot%\system32\DRIVERS\cdrom.sys [system32\DRIVERS\cdrom.sys] -> [2008/01/19 01:49:51 | 00,067,072 | ---- | M] (Microsoft Corporation)
< Drives with AutoRun files > -> ->
C:\autoexec.bat [REM Dummy file for NTVDM | ] -> %SystemDrive%\autoexec.bat [ NTFS ] -> [2006/09/18 17:43:36 | 00,000,024 | ---- | M] ()
H:\Autorun.inf [[AUTORUN] | ShellExecute=Info.exe protect.ed 480 480 | ] -> H:\Autorun.inf [ NTFS ] -> [2004/04/30 20:01:00 | 00,000,053 | -HS- | M] ()
I:\autorun.apm [-Ãï= | ] -> I:\autorun.apm [ CDFS ] -> [2002/12/05 03:20:45 | 00,039,556 | R--- | M] ()
I:\autorun.exe [MZ | ] -> I:\autorun.exe [ CDFS ] -> [2001/09/04 13:00:07 | 00,536,576 | R--- | M] (Indigo Rose Corporation)
I:\autorun.inf [[AutoRun] | OPEN=autorun.exe | ] -> I:\autorun.inf [ CDFS ] -> [2002/12/05 03:20:51 | 00,000,029 | R--- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
\{91d2dee2-d1e2-11dd-96cd-806e6f6e6963}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91d2dee2-d1e2-11dd-96cd-806e6f6e6963}\shell
\{91d2dee2-d1e2-11dd-96cd-806e6f6e6963}\shell\\"" -> [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91d2dee2-d1e2-11dd-96cd-806e6f6e6963}\shell\AutoRun\command
\{91d2dee2-d1e2-11dd-96cd-806e6f6e6963}\shell\AutoRun\command\\"" -> I:\autorun.exe [I:\autorun.exe] -> [2001/09/04 13:00:07 | 00,536,576 | R--- | M] (Indigo Rose Corporation)
\{b637d14a-ebbf-11dd-a409-0019d1550b35}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b637d14a-ebbf-11dd-a409-0019d1550b35}\shell\AutoRun\command
\{b637d14a-ebbf-11dd-a409-0019d1550b35}\shell\AutoRun\command\\"" -> J:\Installer.exe [J:\Installer.exe] -> File not found
shancoker
Active Member
 
Posts: 10
Joined: March 22nd, 2009, 11:28 am

Re: Coker

Unread postby shancoker » March 27th, 2009, 3:02 pm

[Registry - Additional Scans - Safe List]
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.bat [@ = batfile] -> "%1" %* ->
.cmd [@ = cmdfile] -> "%1" %* ->
.com [@ = comfile] -> "%1" %* ->
.cpl [@ = cplfile] -> %SystemRoot%\System32\control.exe -> [2006/11/02 05:44:59 | 00,211,968 | ---- | M] (Microsoft Corporation)
.exe [@ = exefile] -> "%1" %* ->
.hlp [@ = hlpfile] -> %SystemRoot%\winhlp32.exe -> [2006/11/02 05:45:57 | 00,009,216 | ---- | M] (Microsoft Corporation)
.html [@ = htmlfile] -> %ProgramFiles%\Internet Explorer\iexplore.exe -> [2008/01/19 03:33:12 | 00,625,664 | ---- | M] (Microsoft Corporation)
.pif [@ = piffile] -> "%1" %* ->
.scr [@ = scrfile] -> "%1" /S ->
< Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ ->
text/xml:{807563E5-5146-11D5-A672-00B0D022E945} [HKLM] -> %CommonProgramFiles%\microsoft shared\OFFICE12\MSOXMLMF.DLL[Microsoft Office InfoPath XML Mime Filter] -> [2006/10/27 01:41:48 | 00,044,344 | ---- | M] (Microsoft Corporation)
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} [HKLM] -> %CommonProgramFiles%\Microsoft Shared\Help\hxds.dll[HxProtocol Class] -> [2006/10/26 17:45:02 | 00,873,216 | ---- | M] (Microsoft Corporation)
ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} [HKLM] -> %CommonProgramFiles%\Microsoft Shared\Information Retrieval\msitss.dll[Microsoft Infotech Storage Protocol for IE 4.0] -> [2001/06/20 12:26:46 | 00,221,184 | ---- | M] (Microsoft Corporation)
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
\\"cval" -> [1] -> File not found
\\"AutoUpdateDisableNotify" -> [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware
\Monitoring\McAfeeAntiSpyware\\"DisableMonitoring" -> [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall
\Monitoring\TrendFirewall\\"DisableMonitoring" -> [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc
\Svc\\"AntiVirusOverride" -> [0] -> File not found
\Svc\\"AntiSpywareOverride" -> [0] -> File not found
\Svc\\"FirewallOverride" -> [0] -> File not found
\Svc\\"VistaSp1" -> [] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2511111831-2057517083-3689216067-1001\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2511111831-2057517083-3689216067-1001
\Svc\S-1-5-21-2511111831-2057517083-3689216067-1001\\"EnableNotificationsRef" -> [2] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2511111831-2057517083-3689216067-500\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2511111831-2057517083-3689216067-500
\Svc\S-1-5-21-2511111831-2057517083-3689216067-500\\"EnableNotificationsRef" -> [2] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol\ -> ->

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
\\"DisableNotifications" -> [0] -> File not found
\\"EnableFirewall" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging\ -> ->
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{1746EA69-DCB6-4408-B5A5-E75F55439CDF} -> Scan
{179C56A4-F57F-4561-8BBF-F911D26EB435} -> WebReg
{2318C2B1-4965-11d4-9B18-009027A5CD4F} -> Google Toolbar for Internet Explorer
{26C610BF-761B-4209-BD6A-A0F1B73D6DDE} -> Intel(R) Viiv(TM) Software
{3248F0A8-6813-11D6-A77B-00B0D0160000} -> Java(TM) SE Runtime Environment 6
{32C39757-3684-41FE-BAAB-207A2BE56646} -> USB Wireless Keyboard Driver
{342126E1-173C-4585-BFBE-3EBDD20E3E9E} -> Mobipocket Reader 6.2
{34FF0741-EC67-4C05-AC2A-6D257123DF2E} -> BigFix
{36FDBE6E-6684-462B-AE98-9A39A1B200CC} -> HP Product Assistant
{3AF8FCCD-F51A-4014-9002-F195E1CBC876} -> Logitech QuickCam
{3C43EAE7-22C0-4b33-ABFB-3757ECA5FD7B} -> HP Officejet All-In-One Series
{3EE33958-7381-4E7B-A4F3-6E43098E9E9C} -> Browser Address Error Redirector
{40724630-C95F-449d-B71D-777CFDE9EA21} -> J5700
{40BA976E-38B8-4C63-990C-50999C8C3521} -> BPD_Scan
{40BF1E83-20EB-11D8-97C5-0009C5020658} -> Power2Go 5.0
{41A96655-19FB-473c-AAB7-429E372527C8} -> ProductContext
{44C05309-60F4-410B-BC32-31733CFF1A41} -> Microsoft Digital Image Starter Edition 2006 Editor
{49F2B650-2D7B-4F59-B33D-346F63776BD3} -> DocProc
{4FE542EB-FF0B-4739-94DD-25C8AE0AB251} -> Microsoft Digital Image Starter Edition 2006 Library
{53735ECE-E461-4FD0-B742-23A352436D3A} -> Logitech Updater
{5D0F0C1F-46B0-4AA2-B8DC-02E5FE777C19} -> 5700_Help
{616A66CD-D36D-4E24-8B67-33AFDFF48061} -> Palm Outlook Conduits Updater
{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8} -> eSupportQFolder
{67D3F1A0-A1F2-49b7-B9EE-011277B170CD} -> HPProductAssistant
{6D52C408-B09A-4520-9B18-475B81D393F1} -> Microsoft Works
{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15} -> CustomerResearchQFolder
{7A7DC702-DEDE-42A8-8722-B3BA724D546F} -> Fax
{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718} -> Gateway Recovery Center Installer
{87E2B986-07E8-477a-93DC-AF0B6758B192} -> DocProcQFolder
{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight
{90120000-0016-0409-0000-0000000FF1CE} -> Microsoft Office Excel MUI (English) 2007
{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-0018-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (English) 2007
{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001A-0409-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (English) 2007
{90120000-001A-0409-0000-0000000FF1CE}_OUTLOOKR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001B-0409-0000-0000000FF1CE} -> Microsoft Office Word MUI (English) 2007
{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007
{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007
{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007
{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-002C-0409-0000-0000000FF1CE} -> Microsoft Office Proofing (English) 2007
{90120000-006E-0409-0000-0000000FF1CE} -> Microsoft Office Shared MUI (English) 2007
{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-00A1-0409-0000-0000000FF1CE} -> Microsoft Office OneNote MUI (English) 2007
{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{90120000-0115-0409-0000-0000000FF1CE} -> Microsoft Office Shared Setup Metadata MUI (English) 2007
{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{91120000-001A-0000-0000-0000000FF1CE} -> Microsoft Office Outlook 2007
{91120000-001A-0000-0000-0000000FF1CE}_OUTLOOKR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{91120000-002F-0000-0000-0000000FF1CE} -> Microsoft Office Home and Student 2007
{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419} -> 2007 Microsoft Office Suite Service Pack 1 (SP1)
{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9} -> MarketResearch
{978C25EE-5777-46e4-8988-732C297CBDBD} -> Status
{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF} -> Destinations
{9F7FC79B-3059-4264-9450-39EB368E3225} -> Microsoft Digital Image Library 9 - Blocker
{A0D47410-9AF8-11D4-AD14-0000B49DF1AC} -> MobiPocket Reader
{A2CC286B-BFE9-4D1F-9EDA-AA3E8289CA12} -> BPDSoftware_Ini
{A36CD345-625C-4d6c-B3E2-76E1248CB451} -> SolutionCenter
{A462213D-EED4-42C2-9A60-7BDD4D4B0B17} -> SigmaTel Audio
{A49F249F-0C91-497F-86DF-B2585E8E76B7} -> Microsoft Visual C++ 2005 Redistributable
{AB5D51AE-EBC3-438D-872C-705C7C2084B0} -> DeviceManagementQFolder
{AC76BA86-7AD7-1033-7B44-A81300000003} -> Adobe Reader 8.1.3
{BB4B6355-D38A-492C-873B-A1B2CF6C3832} -> Trend Micro PC-cillin Internet Security 2007
{BDFE199D-E889-4BB6-BECB-C4BDF5700849} -> Documents To Go
{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61} -> Digital Media Reader
{BE77A81F-B315-4666-9BF3-AE70C0ADB057} -> BufferChm
{C716522C-3731-4667-8579-40B098294500} -> Toolbox
{D3161124-2B4D-478F-901A-D21BCAD72C7E} -> Addit
{DBEA1034-5882-4A88-8033-81C4EF0CFA29} -> Google Toolbar for Internet Explorer
{EB21A812-671B-4D08-B974-2A347F0D8F70} -> HP Photosmart Essential
{EB75DE50-5754-4F6F-875D-126EDF8E4CB3} -> HPSSupply
{ECAD4F6A-0BF3-4028-9C81-E5D9F9606CBA} -> BPDSoftware
{F0681859-D086-4384-B204-386FA7D80A5B} -> SplashShopper
{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7} -> 32 Bit HP CIO Components Installer
{F63A5A9B-4D3A-46DA-9B92-EE0F550B8019} -> Calendar Maker 4
{FE57DE70-95DE-4B64-9266-84DA811053DB} -> HP Update
{FF075778-6E50-47ed-991D-3B07FD4E3250} -> TrayApp
{FF8157AA-F640-45BD-B7C2-BAA1016B267A} -> palmOne
Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX
Amazon MP3 Downloader -> Amazon MP3 Downloader 1.0.3
ATT Parental Controls -> AT&T Parental Controls
Broadcom 802.11b Network Adapter -> Broadcom 802.11 Network Adapter
CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1 -> PCI Soft Data Fax Modem with SmartCP
Coupon Printer for Windows4.0 -> Coupon Printer for Windows
Gateway Game Console -> Gateway Game Console
Google Desktop -> Google Desktop
HECI -> Intel(R) Management Engine Interface
HijackThis -> HijackThis 2.0.2
HOMESTUDENTR -> Microsoft Office Home and Student 2007
HP Imaging Device Functions -> HP Imaging Device Functions 8.0
HP Solution Center & Imaging Support Tools -> HP Solution Center 8.0
HPExtendedCapabilities -> HP Customer Participation Program 8.0
HPOCR -> HP OCR Software 8.0
InstallShield_{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61} -> Digital Media Reader
Intel(R) Configuration Center -> Intel(R) Viiv(TM) Software
legacyqcam_10.50 -> Logitech Legacy USB Camera Driver Package
lvdrivers_11.80 -> Logitech QuickCam Driver Package
Money2006b -> Microsoft Money 2006
NVIDIA Drivers -> NVIDIA Drivers
OUTLOOKR -> Microsoft Office Outlook 2007
PictureItSuiteTrial_v12 -> Microsoft Digital Image Starter Edition 2006
PROSet -> Intel(R) PRO Network Connections Drivers
TmPcc -> Trend Micro PC-cillin Internet Security 2007
Winamp -> Winamp
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->
NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] -> %SystemRoot%\system32\NLAapi.dll -> [2008/01/19 03:35:38 | 00,048,128 | ---- | M] (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] -> %SystemRoot%\system32\napinsp.dll -> [2008/01/19 03:35:35 | 00,050,176 | ---- | M] (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] -> %SystemRoot%\system32\pnrpnsp.dll -> [2008/01/19 03:36:07 | 00,062,464 | ---- | M] (Microsoft Corporation)
NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] -> %SystemRoot%\system32\pnrpnsp.dll -> [2008/01/19 03:36:07 | 00,062,464 | ---- | M] (Microsoft Corporation)
< Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
ldap -> 4 = Restricted sites (Not a Default Protocol) ->
news -> 4 = Restricted sites (Not a Default Protocol) ->
nntp -> 4 = Restricted sites (Not a Default Protocol) ->
oecmd -> 4 = Restricted sites (Not a Default Protocol) ->
snews -> 4 = Restricted sites (Not a Default Protocol) ->
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 3/7/2009 4:15:54 PM Computer Name = Main-PC | Source = Application Error | ID = 1000 -> Description = Faulting application OUTLOOK.EXE, version 12.0.6316.5000, time stamp 0x4833a470, faulting module mapi32.dll_unloaded, version 0.0.0.0, time stamp 0x4549bcef, exception code 0xc0000005, fault offset 0x6d417c88, process id 0x2da58, application start time 0x01c99f60a8cac61b.
Application [ Error ] 3/9/2009 3:10:01 PM Computer Name = Main-PC | Source = Application Error | ID = 1000 -> Description = Faulting application LVPrcSrv.exe, version 11.80.1048.0, time stamp 0x488b3c0e, faulting module USER32.dll, version 6.0.6001.18000, time stamp 0x4791a7a6, exception code 0xc0000142, fault offset 0x00009cac, process id 0x369c8, application start time 0x01c9a0eaa4cc2122.
Application [ Error ] 3/11/2009 9:12:40 AM Computer Name = Main-PC | Source = Outlook | ID = 34 -> Description = Failed to get the Crawl Scope Manager with error=0x8001010d.
Application [ Error ] 3/11/2009 9:12:40 AM Computer Name = Main-PC | Source = Outlook | ID = 35 -> Description = Failed to determine if the store is in the crawl scope (error=0x8001010d).
Application [ Error ] 3/11/2009 9:12:40 AM Computer Name = Main-PC | Source = Outlook | ID = 35 -> Description = Failed to determine if the store is in the crawl scope (error=0x8001010d).
Application [ Error ] 3/11/2009 9:32:17 PM Computer Name = Main-PC | Source = Outlook | ID = 34 -> Description = Failed to get the Crawl Scope Manager with error=0x8001010d.
Application [ Error ] 3/11/2009 9:32:17 PM Computer Name = Main-PC | Source = Outlook | ID = 35 -> Description = Failed to determine if the store is in the crawl scope (error=0x8001010d).
Application [ Error ] 3/12/2009 10:30:38 AM Computer Name = Main-PC | Source = Application Error | ID = 1000 -> Description = Faulting application LVPrcSrv.exe, version 11.80.1048.0, time stamp 0x488b3c0e, faulting module USER32.dll, version 6.0.6001.18000, time stamp 0x4791a7a6, exception code 0xc0000142, fault offset 0x00009cac, process id 0x487c, application start time 0x01c9a31f1c7026f3.
Application [ Error ] 3/12/2009 10:30:38 AM Computer Name = Main-PC | Source = Application Error | ID = 1000 -> Description = Faulting application LVPrcSrv.exe, version 11.80.1048.0, time stamp 0x488b3c0e, faulting module USER32.dll, version 6.0.6001.18000, time stamp 0x4791a7a6, exception code 0xc0000142, fault offset 0x00009cac, process id 0x490c, application start time 0x01c9a31f1d14a935.
Application [ Error ] 3/12/2009 10:31:03 AM Computer Name = Main-PC | Source = Application Error | ID = 1000 -> Description = Faulting application sidebar.exe, version 6.0.6001.18000, time stamp 0x4791952a, faulting module ntdll.dll, version 6.0.6001.18000, time stamp 0x4791a7a6, exception code 0xc0000374, fault offset 0x000b015d, process id 0x4844, application start time 0x01c9a31f2b37d8a7.
Broadcom Wireless LAN [ Error ] 12/29/2008 1:29:08 AM Computer Name = Main-PC | Source = WLAN-Tray | ID = 0 -> Description = 21:29:08, Sun, Dec 28, 08 Error - Unable to gain access to user store
Broadcom Wireless LAN [ Error ] 2/1/2009 10:15:19 AM Computer Name = Main-PC | Source = WLAN-Tray | ID = 0 -> Description = 09:15:19, Sun, Feb 01, 09 Error - Unable to decrypt string
Broadcom Wireless LAN [ Error ] 2/4/2009 3:44:11 PM Computer Name = Main-PC | Source = WLAN-Tray | ID = 0 -> Description = 14:44:11, Wed, Feb 04, 09 Error - Unable to decrypt string
IntelDH [ Error ] 12/24/2008 10:54:09 PM Computer Name = Main-PC | Source = CCU_Engine | ID = 17 -> Description = A CCU interface function returned an error: CCUEngine::StartCCU failed to launch a page
System [ Error ] 2/17/2009 9:22:28 AM Computer Name = Main-PC | Source = Service Control Manager | ID = 7026 -> Description =
System [ Error ] 2/17/2009 9:26:21 AM Computer Name = Main-PC | Source = DCOM | ID = 10005 -> Description =
System [ Error ] 2/17/2009 9:26:21 AM Computer Name = Main-PC | Source = Service Control Manager | ID = 7009 -> Description =
System [ Error ] 2/17/2009 9:26:21 AM Computer Name = Main-PC | Source = Service Control Manager | ID = 7000 -> Description =
System [ Error ] 2/18/2009 11:16:27 AM Computer Name = Main-PC | Source = DCOM | ID = 10016 -> Description =
System [ Error ] 2/25/2009 4:26:37 PM Computer Name = Main-PC | Source = DCOM | ID = 10000 -> Description =
System [ Error ] 3/6/2009 2:12:37 PM Computer Name = Main-PC | Source = DCOM | ID = 10016 -> Description =
System [ Error ] 3/6/2009 2:12:37 PM Computer Name = Main-PC | Source = DCOM | ID = 10016 -> Description =
System [ Error ] 3/11/2009 3:09:40 AM Computer Name = Main-PC | Source = HTTP | ID = 15016 -> Description =
System [ Error ] 3/11/2009 3:10:17 AM Computer Name = Main-PC | Source = Service Control Manager | ID = 7026 -> Description =

[Files/Folders - Created Within 30 Days]
OTScanIt2 -> %UserProfile%\OTScanIt2 -> [2009/03/27 12:27:38 | 00,000,000 | ---D | C]
rsit -> %SystemDrive%\rsit -> [2009/03/26 14:01:28 | 00,000,000 | ---D | C]
HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [2009/03/22 11:10:40 | 00,001,874 | ---- | C] ()
Food Storage Needs.xlsx -> %UserProfile%\Documents\Food Storage Needs.xlsx -> [2009/03/18 11:13:04 | 00,011,000 | ---- | C] ()
FSP12 -> %SystemDrive%\FSP12 -> [2009/03/18 10:29:18 | 00,000,000 | ---D | C]
UNINST16.EXE -> %SystemRoot%\UNINST16.EXE -> [2009/03/18 10:29:07 | 00,249,072 | ---- | C] (InstallShield Corporation, Inc.)
CTL3D.DLL -> %SystemRoot%\System\CTL3D.DLL -> [2009/03/18 10:29:07 | 00,026,768 | ---- | C] (Microsoft Corporation)
MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [2009/03/18 10:29:01 | 00,000,000 | RHS- | C] ()
IO.SYS -> %SystemDrive%\IO.SYS -> [2009/03/18 10:29:01 | 00,000,000 | RHS- | C] ()
Copy of Food comparison sheet.xls -> %UserProfile%\Documents\Copy of Food comparison sheet.xls -> [2009/03/18 10:28:26 | 00,033,792 | ---- | C] ()
Historic_Virginia_homes_and_churches -> %UserProfile%\Desktop\Historic_Virginia_homes_and_churches -> [2009/03/17 13:34:37 | 09,020,060 | ---- | C] ()
msxml3a.dll -> %SystemRoot%\System32\msxml3a.dll -> [2009/03/17 10:04:32 | 00,024,576 | ---- | C] (Microsoft Corporation)
small1.ico -> %SystemRoot%\System32\small1.ico -> [2009/03/17 10:04:32 | 00,009,062 | ---- | C] ()
small.ico -> %SystemRoot%\System32\small.ico -> [2009/03/17 10:04:32 | 00,009,062 | ---- | C] ()
temp -> %SystemDrive%\temp -> [2009/03/17 10:03:56 | 00,000,000 | ---D | C]
ATT Internet Tools -> %ProgramFiles%\ATT Internet Tools -> [2009/03/17 10:03:56 | 00,000,000 | ---D | C]
missionary reminders cartoon.docx -> %UserProfile%\Documents\missionary reminders cartoon.docx -> [2009/03/14 21:05:23 | 00,154,046 | ---- | C] ()
wmp.dll -> %SystemRoot%\System32\wmp.dll -> [2009/03/11 01:42:33 | 10,622,976 | ---- | C] (Microsoft Corporation)
spwmp.dll -> %SystemRoot%\System32\spwmp.dll -> [2009/03/11 01:42:33 | 00,007,680 | ---- | C] (Microsoft Corporation)
msdxm.ocx -> %SystemRoot%\System32\msdxm.ocx -> [2009/03/11 01:42:33 | 00,004,096 | ---- | C] (Microsoft Corporation)
dxmasf.dll -> %SystemRoot%\System32\dxmasf.dll -> [2009/03/11 01:42:33 | 00,004,096 | ---- | C] (Microsoft Corporation)
wmploc.DLL -> %SystemRoot%\System32\wmploc.DLL -> [2009/03/11 01:42:32 | 08,147,456 | ---- | C] (Microsoft Corporation)
schannel.dll -> %SystemRoot%\System32\schannel.dll -> [2009/03/11 01:42:27 | 00,268,288 | ---- | C] (Microsoft Corporation)
win32k.sys -> %SystemRoot%\System32\win32k.sys -> [2009/03/11 01:42:25 | 02,033,152 | ---- | C] (Microsoft Corporation)
Glass & Plastic Bottles, Jars and Vials, Metal Cans & Tins, Plastic & Steel Pails and Drum - Freund Container.mht -> %UserProfile%\Glass & Plastic Bottles, Jars and Vials, Metal Cans & Tins, Plastic & Steel Pails and Drum - Freund Container.mht -> [2009/03/10 15:48:47 | 00,113,234 | ---- | C] ()
lindsays testimony.docx -> %UserProfile%\Documents\lindsays testimony.docx -> [2009/03/09 20:12:15 | 00,011,986 | ---- | C] ()
travel expense letter.docx -> %UserProfile%\Documents\travel expense letter.docx -> [2009/03/06 11:09:29 | 00,010,415 | ---- | C] ()
CyberLink -> %AllUsersProfile%\CyberLink -> [2009/03/04 23:44:16 | 00,000,000 | ---D | C]
MobiPockOurHeritage[1] -> %UserProfile%\Documents\MobiPockOurHeritage[1] -> [2009/03/04 13:52:46 | 00,000,000 | ---D | C]
Mobipocket Web Companion.lnk -> %AppData%\Microsoft\Windows\Start Menu\Programs\Startup\Mobipocket Web Companion.lnk -> [2009/03/04 13:29:53 | 00,000,845 | ---- | C] ()
MobiPocket.com -> %ProgramFiles%\MobiPocket.com -> [2009/03/04 13:29:52 | 00,000,000 | ---D | C]
2 Pricesheet_Nov08_Farmington Hills Home Storage Center.pdf -> %UserProfile%\Documents\2 Pricesheet_Nov08_Farmington Hills Home Storage Center.pdf -> [2009/02/26 22:50:14 | 00,058,806 | ---- | C] ()
DeseretBook_com - Thanks!.mht -> %UserProfile%\DeseretBook_com - Thanks!.mht -> [2009/02/25 16:55:42 | 00,455,237 | ---- | C] ()
strial.zip -> %UserProfile%\Desktop\strial.zip -> [2009/02/25 16:37:24 | 03,475,440 | ---- | C] ()
Ward Newsletter.docx -> %UserProfile%\Documents\Ward Newsletter.docx -> [2009/02/25 14:03:12 | 00,560,043 | ---- | C] ()
ExecSecretaryCollection[1] -> %UserProfile%\Documents\ExecSecretaryCollection[1] -> [2009/02/25 13:57:12 | 00,000,000 | ---D | C]

[Files/Folders - Modified Within 30 Days]
1 C:\Windows\*.tmp files -> C:\Windows\*.tmp ->
212 C:\Users\Shannon\AppData\Local\Temp\*.tmp files -> C:\Users\Shannon\AppData\Local\Temp\*.tmp ->
6 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp ->
NTUSER.DAT -> %UserProfile%\NTUSER.DAT -> [2009/03/27 12:37:16 | 02,097,152 | -HS- | M] ()
tmvsthfud.bin -> %SystemRoot%\System32\drivers\etc\tmvsthfud.bin -> [2009/03/27 12:36:51 | 00,000,761 | ---- | M] ()
tmvsthfss.bin -> %SystemRoot%\System32\drivers\etc\tmvsthfss.bin -> [2009/03/27 12:36:39 | 00,000,761 | ---- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> %SystemRoot%\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2009/03/27 10:55:27 | 00,005,520 | -H-- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> %SystemRoot%\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2009/03/27 10:55:27 | 00,005,520 | -H-- | M] ()
qmgr1.dat -> %AllUsersProfile%\Microsoft\Network\Downloader\qmgr1.dat -> [2009/03/27 10:49:28 | 04,194,304 | ---- | M] ()
qmgr0.dat -> %AllUsersProfile%\Microsoft\Network\Downloader\qmgr0.dat -> [2009/03/27 10:49:28 | 04,194,304 | ---- | M] ()
User_Feed_Synchronization-{B4FCE2B4-F960-4E6A-BE77-F71805A0AB32}.job -> %SystemRoot%\tasks\User_Feed_Synchronization-{B4FCE2B4-F960-4E6A-BE77-F71805A0AB32}.job -> [2009/03/27 04:24:08 | 00,000,418 | -H-- | M] ()
PublishedRacMonSWITable.DAT -> %AllUsersProfile%\Microsoft\RAC\PublishedData\PublishedRacMonSWITable.DAT -> [2009/03/27 00:11:08 | 00,215,840 | ---- | M] ()
PublishedRacMonAFLTable.DAT -> %AllUsersProfile%\Microsoft\RAC\PublishedData\PublishedRacMonAFLTable.DAT -> [2009/03/27 00:11:08 | 00,023,184 | ---- | M] ()
PublishedRacMonOSFTable.DAT -> %AllUsersProfile%\Microsoft\RAC\PublishedData\PublishedRacMonOSFTable.DAT -> [2009/03/27 00:11:08 | 00,000,828 | ---- | M] ()
PublishedRacMonHFLTable.DAT -> %AllUsersProfile%\Microsoft\RAC\PublishedData\PublishedRacMonHFLTable.DAT -> [2009/03/27 00:11:08 | 00,000,000 | ---- | M] ()
PublishedRacMonCLKTable.DAT -> %AllUsersProfile%\Microsoft\RAC\PublishedData\PublishedRacMonCLKTable.DAT -> [2009/03/27 00:11:08 | 00,000,000 | ---- | M] ()
PublishedRacMonIndex.DAT -> %AllUsersProfile%\Microsoft\RAC\PublishedData\PublishedRacMonIndex.DAT -> [2009/03/27 00:11:07 | 00,002,232 | ---- | M] ()
HijackThis.lnk -> %UserProfile%\Desktop\HijackThis.lnk -> [2009/03/22 11:10:40 | 00,001,874 | ---- | M] ()
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2009/03/18 17:46:24 | 00,694,964 | ---- | M] ()
perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [2009/03/18 17:46:24 | 00,598,350 | ---- | M] ()
perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [2009/03/18 17:46:24 | 00,101,988 | ---- | M] ()
Food Storage Needs.xlsx -> %UserProfile%\Documents\Food Storage Needs.xlsx -> [2009/03/18 11:13:04 | 00,011,000 | ---- | M] ()
MSDOS.SYS -> %SystemDrive%\MSDOS.SYS -> [2009/03/18 10:29:01 | 00,000,000 | RHS- | M] ()
IO.SYS -> %SystemDrive%\IO.SYS -> [2009/03/18 10:29:01 | 00,000,000 | RHS- | M] ()
Copy of Food comparison sheet.xls -> %UserProfile%\Documents\Copy of Food comparison sheet.xls -> [2009/03/18 10:28:26 | 00,033,792 | ---- | M] ()
hosts.ics -> %SystemRoot%\System32\drivers\etc\hosts.ics -> [2009/03/17 18:56:09 | 00,000,374 | ---- | M] ()
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2009/03/17 18:55:42 | 00,000,006 | -H-- | M] ()
bootstat.dat -> %SystemRoot%\bootstat.dat -> [2009/03/17 18:55:40 | 00,067,584 | --S- | M] ()
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2009/03/17 18:55:20 | 21,282,52928 | -HS- | M] ()
NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms -> %UserProfile%\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms -> [2009/03/17 18:54:02 | 00,524,288 | -HS- | M] ()
NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf -> %UserProfile%\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf -> [2009/03/17 18:54:02 | 00,065,536 | -HS- | M] ()
IconCache.db -> %UserProfile%\AppData\Local\IconCache.db -> [2009/03/17 18:53:32 | 06,291,456 | -H-- | M] ()
Historic_Virginia_homes_and_churches -> %UserProfile%\Desktop\Historic_Virginia_homes_and_churches -> [2009/03/17 13:34:37 | 09,020,060 | ---- | M] ()
msxml3a.dll -> %SystemRoot%\System32\msxml3a.dll -> [2009/03/17 10:04:32 | 00,024,576 | ---- | M] (Microsoft Corporation)
small1.ico -> %SystemRoot%\System32\small1.ico -> [2009/03/17 10:04:32 | 00,009,062 | ---- | M] ()
small.ico -> %SystemRoot%\System32\small.ico -> [2009/03/17 10:04:32 | 00,009,062 | ---- | M] ()
missionary reminders cartoon.docx -> %UserProfile%\Documents\missionary reminders cartoon.docx -> [2009/03/14 21:05:23 | 00,154,046 | ---- | M] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> %UserProfile%\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2009/03/11 21:51:33 | 00,067,072 | ---- | M] ()
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2009/03/11 03:09:36 | 00,297,160 | ---- | M] ()
Glass & Plastic Bottles, Jars and Vials, Metal Cans & Tins, Plastic & Steel Pails and Drum - Freund Container.mht -> %UserProfile%\Glass & Plastic Bottles, Jars and Vials, Metal Cans & Tins, Plastic & Steel Pails and Drum - Freund Container.mht -> [2009/03/10 15:48:59 | 00,113,234 | ---- | M] ()
lindsays testimony.docx -> %UserProfile%\Documents\lindsays testimony.docx -> [2009/03/09 20:17:30 | 00,011,986 | ---- | M] ()
Ward Newsletter.docx -> %UserProfile%\Documents\Ward Newsletter.docx -> [2009/03/08 20:32:50 | 00,560,043 | ---- | M] ()
travel expense letter.docx -> %UserProfile%\Documents\travel expense letter.docx -> [2009/03/06 11:09:29 | 00,010,415 | ---- | M] ()
Mobipocket Web Companion.lnk -> %AppData%\Microsoft\Windows\Start Menu\Programs\Startup\Mobipocket Web Companion.lnk -> [2009/03/04 13:29:53 | 00,000,845 | ---- | M] ()
2 Pricesheet_Nov08_Farmington Hills Home Storage Center.pdf -> %UserProfile%\Documents\2 Pricesheet_Nov08_Farmington Hills Home Storage Center.pdf -> [2009/02/26 22:50:14 | 00,058,806 | ---- | M] ()
DeseretBook_com - Thanks!.mht -> %UserProfile%\DeseretBook_com - Thanks!.mht -> [2009/02/25 16:55:44 | 00,455,237 | ---- | M] ()
strial.zip -> %UserProfile%\Desktop\strial.zip -> [2009/02/25 16:37:24 | 03,475,440 | ---- | M] ()
mrt.exe -> %SystemRoot%\System32\mrt.exe -> [2009/02/25 12:55:00 | 24,768,960 | ---- | M] (Microsoft Corporation)
CondMgr.dll -> %UserProfile%\AppData\Local\Temp\{FF8157AA-F640-45BD-B7C2-BAA1016B267A}\CondMgr.dll -> [2009/01/19 21:18:04 | 00,176,128 | ---- | M] (PalmSource, Inc)
HSAPI.dll -> %UserProfile%\AppData\Local\Temp\{FF8157AA-F640-45BD-B7C2-BAA1016B267A}\HSAPI.dll -> [2009/01/19 21:18:04 | 00,061,440 | ---- | M] (Palm, Inc.)
opa12.dat -> %AllUsersProfile%\Microsoft\OFFICE\DATA\opa12.dat -> [2009/01/19 19:06:54 | 00,008,560 | ---- | M] ()
Guest.dat -> %AllUsersProfile%\Microsoft\User Account Pictures\Guest.dat -> [2008/12/30 21:32:00 | 00,032,032 | ---- | M] ()
qc_quickcam.exe -> %UserProfile%\AppData\Local\Temp\qc_quickcam.exe -> [2008/12/29 13:36:33 | 01,869,888 | ---- | M] (Logitech, Inc.)
HPUSelfUpdate.exe -> %UserProfile%\AppData\Local\Temp\HPSUR9GO.44K\HPUSelfUpdate.exe -> [2008/12/27 15:12:32 | 02,909,288 | ---- | M] (Hewlett-Packard )
quickcamenu.exe -> %UserProfile%\AppData\Local\Temp\quickcamenu.exe -> [2008/12/27 03:41:33 | 29,845,664 | ---- | M] (Logitech, Inc.)
Allan.dat -> %AllUsersProfile%\Microsoft\User Account Pictures\Allan.dat -> [2008/12/26 14:39:17 | 00,000,000 | ---- | M] ()
WT_Plugin.dll -> %UserProfile%\AppData\Local\Temp\nsuC773.tmp\WT_Plugin.dll -> [2008/12/24 19:38:57 | 00,167,936 | ---- | M] ()
WT_Plugin.dll -> %UserProfile%\AppData\Local\Temp\nse948C.tmp\WT_Plugin.dll -> [2008/12/24 19:38:44 | 00,167,936 | ---- | M] ()
WT_Plugin.dll -> %UserProfile%\AppData\Local\Temp\nsf3D83.tmp\WT_Plugin.dll -> [2008/12/24 19:38:21 | 00,167,936 | ---- | M] ()
WT_Plugin.dll -> %UserProfile%\AppData\Local\Temp\nsdD35F.tmp\WT_Plugin.dll -> [2008/12/24 19:37:54 | 00,167,936 | ---- | M] ()
WT_Plugin.dll -> %UserProfile%\AppData\Local\Temp\nsxAB55.tmp\WT_Plugin.dll -> [2008/12/24 19:37:44 | 00,167,936 | ---- | M] ()
WT_Plugin.dll -> %UserProfile%\AppData\Local\Temp\nsm48F8.tmp\WT_Plugin.dll -> [2008/12/24 19:28:38 | 00,167,936 | ---- | M] ()
WT_Plugin.dll -> %UserProfile%\AppData\Local\Temp\nsxBE37.tmp\WT_Plugin.dll -> [2008/12/24 19:14:56 | 00,167,936 | ---- | M] ()
WT_Plugin.dll -> %UserProfile%\AppData\Local\Temp\nsl86EB.tmp\WT_Plugin.dll -> [2008/12/24 19:14:40 | 00,167,936 | ---- | M] ()
WT_Plugin.dll -> %UserProfile%\AppData\Local\Temp\nsm5694.tmp\WT_Plugin.dll -> [2008/12/24 19:14:27 | 00,167,936 | ---- | M] ()
WT_Plugin.dll -> %UserProfile%\AppData\Local\Temp\nsm2330.tmp\WT_Plugin.dll -> [2008/12/24 19:14:13 | 00,167,936 | ---- | M] ()
Shannon.dat -> %AllUsersProfile%\Microsoft\User Account Pictures\Shannon.dat -> [2008/12/24 14:44:40 | 00,000,000 | ---- | M] ()
mspod11.dat -> %AllUsersProfile%\Microsoft\POD\mspod11.dat -> [2008/12/24 14:23:24 | 00,000,004 | ---- | M] ()
mspi11.dat -> %AllUsersProfile%\Microsoft\PI\mspi11.dat -> [2008/12/24 14:23:24 | 00,000,004 | ---- | M] ()
IUSR_NMPR.dat -> %AllUsersProfile%\Microsoft\User Account Pictures\IUSR_NMPR.dat -> [2008/12/24 14:07:54 | 00,000,000 | ---- | M] ()
LgDrvInst.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Drivers\LgDrvInst.exe -> [2008/08/14 20:37:50 | 05,376,168 | ---- | M] (Macrovision Corporation)
videoc.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Setup\videoc.dll -> [2008/08/14 20:16:42 | 01,414,416 | ---- | M] ()
Setup.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Elevated\Setup.exe -> [2008/08/14 20:16:20 | 00,333,072 | ---- | M] (Logitech Inc.)
Setup.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Setup\Setup.exe -> [2008/08/14 20:15:56 | 00,578,832 | ---- | M] ()
UnstLgcy.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\UnstLgcy.exe -> [2008/08/14 20:14:36 | 00,062,736 | ---- | M] ()
Setup.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Setup.exe -> [2008/08/14 20:14:14 | 00,333,072 | ---- | M] (Logitech Inc.)
LVPrcInj01.dll -> %SystemRoot%\Temp\logishrd\LVPrcInj01.dll -> [2008/07/26 12:25:24 | 00,109,080 | ---- | M] (Logitech Inc.)
WUApp32.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Drivers\x32\PRO5\WUApp32.exe -> [2008/07/26 11:29:56 | 00,439,568 | ---- | M] ()
WUApp32.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Drivers\x32\IM2\WUApp32.exe -> [2008/07/26 11:29:56 | 00,439,568 | ---- | M] ()
lvWIAext.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Drivers\x32\PRO5\lvWIAext.dll -> [2008/07/26 11:27:18 | 00,236,056 | ---- | M] (Logitech Inc.)
lvWIAext.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Drivers\x32\IM2\lvWIAext.dll -> [2008/07/26 11:27:18 | 00,236,056 | ---- | M] (Logitech Inc.)
LVUI2RC.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Drivers\x32\PRO5\LVUI2RC.dll -> [2008/07/26 11:26:20 | 00,465,432 | ---- | M] (Logitech Inc.)
LVUI2RC.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Drivers\x32\IM2\LVUI2RC.dll -> [2008/07/26 11:26:20 | 00,465,432 | ---- | M] (Logitech Inc.)
LVUI2.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Drivers\x32\PRO5\LVUI2.dll -> [2008/07/26 11:26:08 | 00,490,008 | ---- | M] (Logitech Inc.)
LVUI2.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Drivers\x32\IM2\LVUI2.dll -> [2008/07/26 11:26:08 | 00,490,008 | ---- | M] (Logitech Inc.)
lvcoinst.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Drivers\x32\PRO5\lvcoinst.dll -> [2008/07/26 11:23:28 | 00,195,096 | ---- | M] (Logitech Inc.)
lvcoinst.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Drivers\x32\IM2\lvcoinst.dll -> [2008/07/26 11:23:28 | 00,195,096 | ---- | M] (Logitech Inc.)
lvcodec2.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Drivers\x32\PRO5\lvcodec2.dll -> [2008/07/26 11:23:18 | 00,416,280 | ---- | M] (Logitech Inc.)
lvcodec2.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Drivers\x32\IM2\lvcodec2.dll -> [2008/07/26 11:23:18 | 00,416,280 | ---- | M] (Logitech Inc.)
WUApp32.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Drivers\x32\ELCH\WUApp32.exe -> [2008/02/01 05:49:50 | 00,439,568 | ---- | M] ()
lvWIAext.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Drivers\x32\ELCH\lvWIAext.dll -> [2008/02/01 05:47:22 | 00,236,056 | ---- | M] (Logitech Inc.)
LVUI2RC.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Drivers\x32\ELCH\LVUI2RC.dll -> [2008/02/01 05:46:26 | 00,465,432 | ---- | M] (Logitech Inc.)
LVUI2.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Drivers\x32\ELCH\LVUI2.dll -> [2008/02/01 05:46:14 | 00,490,008 | ---- | M] (Logitech Inc.)
lvcoinst.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Drivers\x32\ELCH\lvcoinst.dll -> [2008/02/01 05:43:34 | 00,195,096 | ---- | M] (Logitech Inc.)
lvcodec2.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Drivers\x32\ELCH\lvcodec2.dll -> [2008/02/01 05:43:24 | 00,416,280 | ---- | M] (Logitech Inc.)
LgDrvInst.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\LgDrvInst.exe -> [2007/10/25 20:00:24 | 05,197,624 | ---- | M] (Macrovision Corporation)
videoc.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Setup\videoc.dll -> [2007/10/25 19:38:28 | 01,412,880 | ---- | M] ()
Setup.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Setup\Setup.exe -> [2007/10/25 19:37:42 | 00,574,736 | ---- | M] ()
Setup.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Elevated\Setup.exe -> [2007/10/25 19:37:08 | 00,333,072 | ---- | M] (Logitech Inc.)
Setup.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Setup.exe -> [2007/10/25 19:35:02 | 00,333,072 | ---- | M] (Logitech Inc.)
WUApp32.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\PRO564\WUApp32.exe -> [2007/10/11 22:03:10 | 00,439,568 | ---- | M] ()
WUApp32.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\IM264\WUApp32.exe -> [2007/10/11 22:03:10 | 00,439,568 | ---- | M] ()
WUApp32.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\ELCH64\WUApp32.exe -> [2007/10/11 22:03:10 | 00,439,568 | ---- | M] ()
WUApp32.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x32\PRO5\WUApp32.exe -> [2007/10/11 22:03:10 | 00,439,568 | ---- | M] ()
WUApp32.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x32\IM2\WUApp32.exe -> [2007/10/11 22:03:10 | 00,439,568 | ---- | M] ()
WUApp32.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x32\ELCH\WUApp32.exe -> [2007/10/11 22:03:10 | 00,439,568 | ---- | M] ()
lvWIAext.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x32\PRO5\lvWIAext.dll -> [2007/10/11 22:01:28 | 00,236,056 | ---- | M] (Logitech Inc.)
lvWIAext.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x32\IM2\lvWIAext.dll -> [2007/10/11 22:01:28 | 00,236,056 | ---- | M] (Logitech Inc.)
lvWIAext.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x32\ELCH\lvWIAext.dll -> [2007/10/11 22:01:28 | 00,236,056 | ---- | M] (Logitech Inc.)
lvWIAext.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\PRO564\lvWIAext.dll -> [2007/10/11 22:00:54 | 00,355,352 | ---- | M] (Logitech Inc.)
lvWIAext.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\IM264\lvWIAext.dll -> [2007/10/11 22:00:54 | 00,355,352 | ---- | M] (Logitech Inc.)
lvWIAext.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\ELCH64\lvWIAext.dll -> [2007/10/11 22:00:54 | 00,355,352 | ---- | M] (Logitech Inc.)
LVUI2RC.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\PRO564\LVUI2RC.dll -> [2007/10/11 22:00:32 | 00,465,432 | ---- | M] (Logitech Inc.)
LVUI2RC.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\IM264\LVUI2RC.dll -> [2007/10/11 22:00:32 | 00,465,432 | ---- | M] (Logitech Inc.)
LVUI2RC.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\ELCH64\LVUI2RC.dll -> [2007/10/11 22:00:32 | 00,465,432 | ---- | M] (Logitech Inc.)
LVUI2RC.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x32\PRO5\LVUI2RC.dll -> [2007/10/11 22:00:32 | 00,465,432 | ---- | M] (Logitech Inc.)
LVUI2RC.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x32\IM2\LVUI2RC.dll -> [2007/10/11 22:00:32 | 00,465,432 | ---- | M] (Logitech Inc.)
LVUI2RC.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x32\ELCH\LVUI2RC.dll -> [2007/10/11 22:00:32 | 00,465,432 | ---- | M] (Logitech Inc.)
LVUI2.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\PRO564\LVUI2.dll -> [2007/10/11 22:00:20 | 00,490,008 | ---- | M] (Logitech Inc.)
LVUI2.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\IM264\LVUI2.dll -> [2007/10/11 22:00:20 | 00,490,008 | ---- | M] (Logitech Inc.)
LVUI2.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\ELCH64\LVUI2.dll -> [2007/10/11 22:00:20 | 00,490,008 | ---- | M] (Logitech Inc.)
LVUI2.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x32\PRO5\LVUI2.dll -> [2007/10/11 22:00:20 | 00,490,008 | ---- | M] (Logitech Inc.)
LVUI2.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x32\IM2\LVUI2.dll -> [2007/10/11 22:00:20 | 00,490,008 | ---- | M] (Logitech Inc.)
LVUI2.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x32\ELCH\LVUI2.dll -> [2007/10/11 22:00:20 | 00,490,008 | ---- | M] (Logitech Inc.)
LVUIRC64.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\PRO564\LVUIRC64.dll -> [2007/10/11 22:00:08 | 00,486,936 | ---- | M] (Logitech Inc.)
LVUIRC64.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\IM264\LVUIRC64.dll -> [2007/10/11 22:00:08 | 00,486,936 | ---- | M] (Logitech Inc.)
LVUIRC64.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\ELCH64\LVUIRC64.dll -> [2007/10/11 22:00:08 | 00,486,936 | ---- | M] (Logitech Inc.)
LVUI64.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\PRO564\LVUI64.dll -> [2007/10/11 21:59:56 | 00,685,080 | ---- | M] (Logitech Inc.)
LVUI64.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\IM264\LVUI64.dll -> [2007/10/11 21:59:56 | 00,685,080 | ---- | M] (Logitech Inc.)
LVUI64.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\ELCH64\LVUI64.dll -> [2007/10/11 21:59:56 | 00,685,080 | ---- | M] (Logitech Inc.)
lvcoinst.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\PRO564\lvcoinst.dll -> [2007/10/11 21:57:40 | 00,195,096 | ---- | M] (Logitech Inc.)
lvcoinst.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\IM264\lvcoinst.dll -> [2007/10/11 21:57:40 | 00,195,096 | ---- | M] (Logitech Inc.)
lvcoinst.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\ELCH64\lvcoinst.dll -> [2007/10/11 21:57:40 | 00,195,096 | ---- | M] (Logitech Inc.)
lvcoinst.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x32\PRO5\lvcoinst.dll -> [2007/10/11 21:57:40 | 00,195,096 | ---- | M] (Logitech Inc.)
lvcoinst.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x32\IM2\lvcoinst.dll -> [2007/10/11 21:57:40 | 00,195,096 | ---- | M] (Logitech Inc.)
lvcoinst.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x32\ELCH\lvcoinst.dll -> [2007/10/11 21:57:40 | 00,195,096 | ---- | M] (Logitech Inc.)
lvcodec2.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\PRO564\lvcodec2.dll -> [2007/10/11 21:57:28 | 00,416,280 | ---- | M] (Logitech Inc.)
lvcodec2.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\IM264\lvcodec2.dll -> [2007/10/11 21:57:28 | 00,416,280 | ---- | M] (Logitech Inc.)
lvcodec2.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\ELCH64\lvcodec2.dll -> [2007/10/11 21:57:28 | 00,416,280 | ---- | M] (Logitech Inc.)
lvcodec2.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x32\PRO5\lvcodec2.dll -> [2007/10/11 21:57:28 | 00,416,280 | ---- | M] (Logitech Inc.)
lvcodec2.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x32\IM2\lvcodec2.dll -> [2007/10/11 21:57:28 | 00,416,280 | ---- | M] (Logitech Inc.)
lvcodec2.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x32\ELCH\lvcodec2.dll -> [2007/10/11 21:57:28 | 00,416,280 | ---- | M] (Logitech Inc.)
lvcoin64.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\PRO564\lvcoin64.dll -> [2007/10/11 21:57:06 | 00,257,560 | ---- | M] (Logitech Inc.)
lvcoin64.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\IM264\lvcoin64.dll -> [2007/10/11 21:57:06 | 00,257,560 | ---- | M] (Logitech Inc.)
LVCoin64.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\ELCH64\LVCoin64.dll -> [2007/10/11 21:57:06 | 00,257,560 | ---- | M] (Logitech Inc.)
lvcod64.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\PRO564\lvcod64.dll -> [2007/10/11 21:56:54 | 00,475,672 | ---- | M] (Logitech Inc.)
lvcod64.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\IM264\lvcod64.dll -> [2007/10/11 21:56:54 | 00,475,672 | ---- | M] (Logitech Inc.)
lvcod64.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\ELCH64\lvcod64.dll -> [2007/10/11 21:56:54 | 00,475,672 | ---- | M] (Logitech Inc.)
WUApp64.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\PRO564\WUApp64.exe -> [2007/10/11 21:54:16 | 00,663,312 | ---- | M] ()
WUApp64.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\IM264\WUApp64.exe -> [2007/10/11 21:54:16 | 00,663,312 | ---- | M] ()
WUApp64.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Drivers\x64\ELCH64\WUApp64.exe -> [2007/10/11 21:54:16 | 00,663,312 | ---- | M] ()
hpwscrTron.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hpwscrTron.dat -> [2007/09/27 07:29:18 | 00,008,562 | ---- | M] ()
hpwscrTron.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hpwscrTron.dat -> [2007/09/27 07:29:18 | 00,008,562 | ---- | M] ()
hpwscrCPE01.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hpwscrCPE01.dat -> [2007/09/20 11:00:11 | 00,010,373 | ---- | M] ()
hpwscrCPE01.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hpwscrCPE01.dat -> [2007/09/20 11:00:11 | 00,010,373 | ---- | M] ()
hpwPrescr10.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hpwPrescr10.dat -> [2007/09/17 04:48:06 | 00,008,601 | ---- | M] ()
hpwPrescr10.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hpwPrescr10.dat -> [2007/09/17 04:48:06 | 00,008,601 | ---- | M] ()
hpwscr10.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hpwscr10.dat -> [2007/09/17 04:48:05 | 00,010,376 | ---- | M] ()
hpwscr10.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hpwscr10.dat -> [2007/09/17 04:48:05 | 00,010,376 | ---- | M] ()
hpqbid15.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpqbid15.dat -> [2007/09/17 04:45:31 | 00,255,587 | ---- | M] ()
hpqbid15.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpqbid15.dat -> [2007/09/17 04:45:31 | 00,255,587 | ---- | M] ()
hpwbid01.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpwbid01.dat -> [2007/09/17 04:45:23 | 00,255,752 | ---- | M] ()
hpwbid01.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpwbid01.dat -> [2007/09/17 04:45:23 | 00,255,752 | ---- | M] ()
hpwmdl10.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hpwmdl10.dat -> [2007/09/17 04:45:15 | 00,001,042 | ---- | M] ()
hpwmdl10.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpwmdl10.dat -> [2007/09/17 04:45:15 | 00,001,042 | ---- | M] ()
hpwmdl10.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hpwmdl10.dat -> [2007/09/17 04:45:15 | 00,001,042 | ---- | M] ()
hpwmdl10.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpwmdl10.dat -> [2007/09/17 04:45:15 | 00,001,042 | ---- | M] ()
hponiscan64.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hponiscan64.exe -> [2007/07/24 01:46:12 | 00,020,992 | ---- | M] (Hewlett-Packard Co.)
hponiscan64.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hponiscan64.exe -> [2007/07/24 01:46:12 | 00,020,992 | ---- | M] (Hewlett-Packard Co.)
hponiprint64.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hponiprint64.exe -> [2007/07/24 01:46:10 | 00,066,560 | ---- | M] (Hewlett-Packard Co.)
hponiprint64.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hponiprint64.exe -> [2007/07/24 01:46:10 | 00,066,560 | ---- | M] (Hewlett-Packard Co.)
hponicifs01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hponicifs01.exe -> [2007/07/24 01:36:04 | 00,036,864 | ---- | M] (Hewlett-Packard Co.)
hponicifs01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hponicifs01.exe -> [2007/07/24 01:36:04 | 00,036,864 | ---- | M] (Hewlett-Packard Co.)
hponac01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hponac01.exe -> [2007/07/24 01:36:03 | 00,045,056 | ---- | M] (Hewlett-Packard Co.)
hponac01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hponac01.exe -> [2007/07/24 01:36:03 | 00,045,056 | ---- | M] (Hewlett-Packard Co.)
hpwprm01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hpwprm01.exe -> [2007/07/24 01:34:07 | 00,290,816 | ---- | M] (Hewlett-Packard)
hpwprm01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hpwprm01.exe -> [2007/07/24 01:34:07 | 00,290,816 | ---- | M] (Hewlett-Packard)
hponiscan01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hponiscan01.exe -> [2007/07/24 01:33:59 | 00,024,576 | ---- | M] (Hewlett-Packard Co.)
hponiscan01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hponiscan01.exe -> [2007/07/24 01:33:59 | 00,024,576 | ---- | M] (Hewlett-Packard Co.)
hpwlpd01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hpwlpd01.exe -> [2007/07/24 00:00:19 | 00,233,472 | ---- | M] ()
hpwlpd01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hpwlpd01.exe -> [2007/07/24 00:00:19 | 00,233,472 | ---- | M] ()
hponiprint01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hponiprint01.exe -> [2007/07/24 00:00:12 | 00,053,248 | ---- | M] (Hewlett-Packard Co.)
hponiprint01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hponiprint01.exe -> [2007/07/24 00:00:12 | 00,053,248 | ---- | M] (Hewlett-Packard Co.)
mdfix01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\mdfix01.exe -> [2007/07/10 05:11:10 | 00,045,056 | ---- | M] ()
mdfix01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\mdfix01.exe -> [2007/07/10 05:11:10 | 00,045,056 | ---- | M] ()
FixErr1714.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\FixErr1714.exe -> [2007/07/10 05:08:48 | 00,192,512 | ---- | M] (Hewlett-Packard)
FixErr1714.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\FixErr1714.exe -> [2007/07/10 05:08:48 | 00,192,512 | ---- | M] (Hewlett-Packard)
AccessDeniedUtility.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\AccessDeniedUtility.exe -> [2007/07/10 05:08:47 | 00,242,896 | ---- | M] (Hewlett-Packard)
AccessDeniedUtility.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\AccessDeniedUtility.exe -> [2007/07/10 05:08:47 | 00,242,896 | ---- | M] (Hewlett-Packard)
DPInst.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\DPInst_x64_VISTA\DPInst.exe -> [2007/07/10 05:06:49 | 00,667,648 | ---- | M] (Microsoft Corporation)
DPInst.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\DPInst_x64_VISTA\DPInst.exe -> [2007/07/10 05:06:49 | 00,667,648 | ---- | M] (Microsoft Corporation)
DPInst.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\DPInst_x64\DPInst.exe -> [2007/07/10 05:06:48 | 00,667,648 | ---- | M] (Microsoft Corporation)
DPInst.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\DPInst_x64\DPInst.exe -> [2007/07/10 05:06:48 | 00,667,648 | ---- | M] (Microsoft Corporation)
HPZshl40.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZshl40.exe -> [2007/07/10 05:06:47 | 01,651,800 | ---- | M] (Hewlett-Packard)
HPZshl40.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZshl40.exe -> [2007/07/10 05:06:47 | 01,651,800 | ---- | M] (Hewlett-Packard)
HPZscr40.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZscr40.exe -> [2007/07/10 05:06:46 | 01,570,392 | ---- | M] (Hewlett-Packard)
HPZscr40.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZscr40.exe -> [2007/07/10 05:06:46 | 01,570,392 | ---- | M] (Hewlett-Packard)
HPZprl40.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZprl40.exe -> [2007/07/10 05:06:46 | 00,580,696 | ---- | M] (Hewlett-Packard)
HPZprl40.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZprl40.exe -> [2007/07/10 05:06:46 | 00,580,696 | ---- | M] (Hewlett-Packard)
HPZpnp40.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZpnp40.exe -> [2007/07/10 05:06:45 | 00,557,144 | ---- | M] (Hewlett-Packard)
HPZpnp40.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZpnp40.exe -> [2007/07/10 05:06:45 | 00,557,144 | ---- | M] (Hewlett-Packard)
HPZmsi40.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZmsi40.exe -> [2007/07/10 05:06:44 | 01,359,960 | ---- | M] (Hewlett-Packard)
HPZmsi40.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZmsi40.exe -> [2007/07/10 05:06:44 | 01,359,960 | ---- | M] (Hewlett-Packard)
HPZdui40.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZdui40.exe -> [2007/07/10 05:06:43 | 02,911,320 | ---- | M] (Hewlett-Packard)
HPZdui40.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZdui40.exe -> [2007/07/10 05:06:43 | 02,911,320 | ---- | M] (Hewlett-Packard)
DPInst.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\DPInst_x32_VISTA\DPInst.exe -> [2007/07/10 05:01:26 | 00,534,528 | ---- | M] (Microsoft Corporation)
DPInst.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\DPInst_x32\DPInst.exe -> [2007/07/10 05:01:26 | 00,534,528 | ---- | M] (Microsoft Corporation)
DPInst.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\DPInst_x32_VISTA\DPInst.exe -> [2007/07/10 05:01:26 | 00,534,528 | ---- | M] (Microsoft Corporation)
DPInst.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\DPInst_x32\DPInst.exe -> [2007/07/10 05:01:26 | 00,534,528 | ---- | M] (Microsoft Corporation)
hpzmsirb.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hpzmsirb.dat -> [2007/07/10 05:01:26 | 00,004,523 | ---- | M] ()
hpzmsirb.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hpzmsirb.dat -> [2007/07/10 05:01:26 | 00,004,523 | ---- | M] ()
instmsi.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\wis\Win2K_XP\instmsi.exe -> [2007/07/10 05:01:25 | 01,821,008 | ---- | M] (Microsoft Corporation)
instmsi.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\wis\Win2K_XP\instmsi.exe -> [2007/07/10 05:01:25 | 01,821,008 | ---- | M] (Microsoft Corporation)
usbready.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\usbready.exe -> [2007/07/10 05:01:25 | 00,545,280 | ---- | M] (Intel Corporation)
usbready.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\usbready.exe -> [2007/07/10 05:01:25 | 00,545,280 | ---- | M] (Intel Corporation)
RulesEngine.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\RulesEngine.dll -> [2007/07/10 05:01:25 | 00,315,392 | ---- | M] (Hewlett-Packard)
RulesEngine.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\RulesEngine.dll -> [2007/07/10 05:01:25 | 00,315,392 | ---- | M] (Hewlett-Packard)
msxml3r.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\msxml3r.dll -> [2007/07/10 05:01:25 | 00,044,032 | ---- | M] (Microsoft Corporation)
msxml3r.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\msxml3r.dll -> [2007/07/10 05:01:25 | 00,044,032 | ---- | M] (Microsoft Corporation)
msxml3a.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\msxml3a.dll -> [2007/07/10 05:01:25 | 00,024,576 | ---- | M] (Microsoft Corporation)
msxml3a.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\msxml3a.dll -> [2007/07/10 05:01:25 | 00,024,576 | ---- | M] (Microsoft Corporation)
msxml3.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\msxml3.dll -> [2007/07/10 05:01:24 | 01,118,720 | ---- | M] (Microsoft Corporation)
msxml3.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\msxml3.dll -> [2007/07/10 05:01:24 | 01,118,720 | ---- | M] (Microsoft Corporation)
InternetUtil.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\InternetUtil.dll -> [2007/07/10 05:01:24 | 00,339,968 | ---- | M] (Hewlett-Packard)
InternetUtil.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\InternetUtil.dll -> [2007/07/10 05:01:24 | 00,339,968 | ---- | M] (Hewlett-Packard)
InstallMetrics.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\InstallMetrics.dll -> [2007/07/10 05:01:24 | 00,176,128 | ---- | M] (Hewlett-Packard)
InstallMetrics.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\InstallMetrics.dll -> [2007/07/10 05:01:24 | 00,176,128 | ---- | M] (Hewlett-Packard)
HPeSupport.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPeSupport.dll -> [2007/07/10 05:01:24 | 00,124,016 | ---- | M] (Hewlett-Packard)
HPeSupport.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPeSupport.dll -> [2007/07/10 05:01:24 | 00,124,016 | ---- | M] (Hewlett-Packard)
HPScripting.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPScripting.dll -> [2007/07/10 05:01:24 | 00,081,920 | ---- | M] (Hewlett-Packard)
HPScripting.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPScripting.dll -> [2007/07/10 05:01:24 | 00,081,920 | ---- | M] (Hewlett-Packard)
HPZIDS40.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\HPZIDS40.dll -> [2007/07/10 05:01:23 | 00,338,944 | ---- | M] (Hewlett-Packard)
HPZIDS40.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\HPZIDS40.dll -> [2007/07/10 05:01:23 | 00,338,944 | ---- | M] (Hewlett-Packard)
HPeDiag.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPeDiag.dll -> [2007/07/10 05:01:23 | 00,319,488 | ---- | M] (Hewlett-Packard)
HPeDiag.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPeDiag.dll -> [2007/07/10 05:01:23 | 00,319,488 | ---- | M] (Hewlett-Packard)
hpzids01.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpzids01.dll -> [2007/07/10 05:01:23 | 00,258,048 | ---- | M] (Hewlett-Packard)
hpzids01.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpzids01.dll -> [2007/07/10 05:01:23 | 00,258,048 | ---- | M] (Hewlett-Packard)
HPCommunication.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPCommunication.dll -> [2007/07/10 05:01:23 | 00,208,896 | ---- | M] (Hewlett-Packard)
HPCommunication.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPCommunication.dll -> [2007/07/10 05:01:23 | 00,208,896 | ---- | M] (Hewlett-Packard)
hpzprl02.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpzprl02.dat -> [2007/07/10 05:01:23 | 00,004,363 | ---- | M] ()
hpzprl02.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpzprl02.dat -> [2007/07/10 05:01:23 | 00,004,363 | ---- | M] ()
hpzprl01.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpzprl01.dat -> [2007/07/10 05:01:23 | 00,004,277 | ---- | M] ()
hpzprl01.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpzprl01.dat -> [2007/07/10 05:01:23 | 00,004,277 | ---- | M] ()
hpzprl42.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpzprl42.dat -> [2007/07/10 05:01:23 | 00,001,102 | ---- | M] ()
hpzprl42.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpzprl42.dat -> [2007/07/10 05:01:23 | 00,001,102 | ---- | M] ()
hpzprl41.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpzprl41.dat -> [2007/07/10 05:01:23 | 00,000,821 | ---- | M] ()
hpzprl41.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpzprl41.dat -> [2007/07/10 05:01:23 | 00,000,821 | ---- | M] ()
hpzprl03.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpzprl03.dat -> [2007/07/10 05:01:23 | 00,000,507 | ---- | M] ()
hpzprl03.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpzprl03.dat -> [2007/07/10 05:01:23 | 00,000,507 | ---- | M] ()
HPZstub.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\HPZstub.exe -> [2007/07/10 05:01:22 | 00,372,736 | ---- | M] (Hewlett-Packard)
HPZstub.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\HPZstub.exe -> [2007/07/10 05:01:22 | 00,372,736 | ---- | M] (Hewlett-Packard)
HPZwup01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZwup01.exe -> [2007/07/10 05:01:21 | 01,302,528 | ---- | M] (Hewlett-Packard)
HPZwup01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZwup01.exe -> [2007/07/10 05:01:21 | 01,302,528 | ---- | M] (Hewlett-Packard)
HPZwis01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZwis01.exe -> [2007/07/10 05:01:21 | 00,356,352 | ---- | M] (Hewlett-Packard)
HPZwis01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZwis01.exe -> [2007/07/10 05:01:21 | 00,356,352 | ---- | M] (Hewlett-Packard)
HPZwrp01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZwrp01.exe -> [2007/07/10 05:01:21 | 00,348,160 | ---- | M] (Hewlett-Packard)
HPZwrp01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZwrp01.exe -> [2007/07/10 05:01:21 | 00,348,160 | ---- | M] (Hewlett-Packard)
HPZtim01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZtim01.exe -> [2007/07/10 05:01:20 | 00,380,928 | ---- | M] (Hewlett-Packard)
HPZtim01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZtim01.exe -> [2007/07/10 05:01:20 | 00,380,928 | ---- | M] (Hewlett-Packard)
HPZsui01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZsui01.exe -> [2007/07/10 05:01:19 | 02,609,152 | ---- | M] (Hewlett-Packard)
HPZsui01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZsui01.exe -> [2007/07/10 05:01:19 | 02,609,152 | ---- | M] (Hewlett-Packard)
HPZshl01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZshl01.exe -> [2007/07/10 05:01:18 | 01,269,760 | ---- | M] (Hewlett-Packard)
HPZshl01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZshl01.exe -> [2007/07/10 05:01:18 | 01,269,760 | ---- | M] (Hewlett-Packard)
HPZscr01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZscr01.exe -> [2007/07/10 05:01:17 | 01,089,536 | ---- | M] (Hewlett-Packard)
HPZscr01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZscr01.exe -> [2007/07/10 05:01:17 | 01,089,536 | ---- | M] (Hewlett-Packard)
HPZrein01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZrein01.exe -> [2007/07/10 05:01:17 | 00,544,768 | ---- | M] (Hewlett-Packard)
HPZrein01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZrein01.exe -> [2007/07/10 05:01:17 | 00,544,768 | ---- | M] (Hewlett-Packard)
HPZrcv01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZrcv01.exe -> [2007/07/10 05:01:16 | 01,216,512 | ---- | M] (Hewlett-Packard)
HPZrcv01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZrcv01.exe -> [2007/07/10 05:01:16 | 01,216,512 | ---- | M] (Hewlett-Packard)
HPZpsc01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZpsc01.exe -> [2007/07/10 05:01:15 | 00,585,728 | ---- | M] (Hewlett-Packard)
HPZpsc01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZpsc01.exe -> [2007/07/10 05:01:15 | 00,585,728 | ---- | M] (Hewlett-Packard)
HPZrcn01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZrcn01.exe -> [2007/07/10 05:01:15 | 00,405,504 | ---- | M] (Hewlett-Packard)
HPZrcn01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZrcn01.exe -> [2007/07/10 05:01:15 | 00,405,504 | ---- | M] (Hewlett-Packard)
HPZpsl01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZpsl01.exe -> [2007/07/10 05:01:15 | 00,401,408 | ---- | M] (Hewlett-Packard)
HPZpsl01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZpsl01.exe -> [2007/07/10 05:01:15 | 00,401,408 | ---- | M] (Hewlett-Packard)
HPZpnp01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZpnp01.exe -> [2007/07/10 05:01:14 | 00,393,216 | ---- | M] (Hewlett-Packard)
HPZpnp01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZpnp01.exe -> [2007/07/10 05:01:14 | 00,393,216 | ---- | M] (Hewlett-Packard)
HPZprl01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZprl01.exe -> [2007/07/10 05:01:14 | 00,385,024 | ---- | M] (Hewlett-Packard)
HPZprl01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZprl01.exe -> [2007/07/10 05:01:14 | 00,385,024 | ---- | M] (Hewlett-Packard)
HPZopt01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZopt01.exe -> [2007/07/10 05:01:13 | 00,860,160 | ---- | M] (Hewlett-Packard)
HPZopt01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZopt01.exe -> [2007/07/10 05:01:13 | 00,860,160 | ---- | M] (Hewlett-Packard)
HPZnop01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZnop01.exe -> [2007/07/10 05:01:13 | 00,352,256 | ---- | M] (Hewlett-Packard)
HPZnop01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZnop01.exe -> [2007/07/10 05:01:13 | 00,352,256 | ---- | M] (Hewlett-Packard)
HPZnet01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZnet01.exe -> [2007/07/10 05:01:12 | 00,403,032 | ---- | M] (Hewlett-Packard)
HPZnet01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZnet01.exe -> [2007/07/10 05:01:12 | 00,403,032 | ---- | M] (Hewlett-Packard)
HPZnfx01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZnfx01.exe -> [2007/07/10 05:01:12 | 00,323,584 | ---- | M] (Hewlett-Packard)
HPZnfx01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZnfx01.exe -> [2007/07/10 05:01:12 | 00,323,584 | ---- | M] (Hewlett-Packard)
HPZmsi01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZmsi01.exe -> [2007/07/10 05:01:11 | 01,126,400 | ---- | M] (Hewlett-Packard)
HPZmsi01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZmsi01.exe -> [2007/07/10 05:01:11 | 01,126,400 | ---- | M] (Hewlett-Packard)
HPZgat01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZgat01.exe -> [2007/07/10 05:01:11 | 00,352,256 | ---- | M] (Hewlett-Packard)
HPZgat01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZgat01.exe -> [2007/07/10 05:01:11 | 00,352,256 | ---- | M] (Hewlett-Packard)
HPZdui01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZdui01.exe -> [2007/07/10 05:01:09 | 02,621,440 | ---- | M] (Hewlett-Packard)
HPZdui01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZdui01.exe -> [2007/07/10 05:01:09 | 02,621,440 | ---- | M] (Hewlett-Packard)
HPZchk01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZchk01.exe -> [2007/07/10 05:01:08 | 01,478,656 | ---- | M] (Hewlett-Packard)
HPZchk01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZchk01.exe -> [2007/07/10 05:01:08 | 01,478,656 | ---- | M] (Hewlett-Packard)
HPZcdl01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZcdl01.exe -> [2007/07/10 05:01:08 | 00,405,504 | ---- | M] (Hewlett-Packard)
HPZcdl01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZcdl01.exe -> [2007/07/10 05:01:08 | 00,405,504 | ---- | M] (Hewlett-Packard)
HPZarp01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\HPZarp01.exe -> [2007/07/10 05:01:08 | 00,360,448 | ---- | M] (Hewlett-Packard)
HPZarp01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\HPZarp01.exe -> [2007/07/10 05:01:08 | 00,360,448 | ---- | M] (Hewlett-Packard)
hpzsetup.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpzsetup.exe -> [2007/07/10 05:01:07 | 00,786,432 | ---- | M] (Hewlett-Packard)
hpzsetup.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpzsetup.exe -> [2007/07/10 05:01:07 | 00,786,432 | ---- | M] (Hewlett-Packard)
hpqbid13.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpqbid13.dat -> [2007/07/10 04:57:52 | 00,255,660 | ---- | M] ()
hpqbid13.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpqbid13.dat -> [2007/07/10 04:57:52 | 00,255,660 | ---- | M] ()
hpqbid16.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpqbid16.dat -> [2007/07/10 04:57:52 | 00,255,568 | ---- | M] ()
hpqbid16.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpqbid16.dat -> [2007/07/10 04:57:52 | 00,255,568 | ---- | M] ()
hpqbud05.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hpqbud05.dat -> [2007/07/10 04:57:52 | 00,033,849 | ---- | M] ()
hpqbud05.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hpqbud05.dat -> [2007/07/10 04:57:52 | 00,033,849 | ---- | M] ()
hpqbud13.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hpqbud13.dat -> [2007/07/10 04:57:52 | 00,033,414 | ---- | M] ()
hpqbud13.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hpqbud13.dat -> [2007/07/10 04:57:52 | 00,033,414 | ---- | M] ()
HPZscr01.exe.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\eSupport\HPZscr01.exe.dat -> [2007/07/10 04:57:52 | 00,010,629 | ---- | M] ()
HPZscr01.exe.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\eSupport\HPZscr01.exe.dat -> [2007/07/10 04:57:52 | 00,010,629 | ---- | M] ()
hpqbpl13.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpqbpl13.dat -> [2007/07/10 04:57:52 | 00,000,816 | ---- | M] ()
hpqbpl13.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpqbpl13.dat -> [2007/07/10 04:57:52 | 00,000,816 | ---- | M] ()
hpqbid05.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpqbid05.dat -> [2007/07/10 04:57:51 | 00,255,595 | ---- | M] ()
hpqbid05.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpqbid05.dat -> [2007/07/10 04:57:51 | 00,255,595 | ---- | M] ()
hpqbpl05.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpqbpl05.dat -> [2007/07/10 04:57:51 | 00,000,717 | ---- | M] ()
hpqbpl05.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpqbpl05.dat -> [2007/07/10 04:57:51 | 00,000,717 | ---- | M] ()
hpqbid07.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpqbid07.dat -> [2007/07/10 04:57:50 | 00,255,619 | ---- | M] ()
hpqbid07.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpqbid07.dat -> [2007/07/10 04:57:50 | 00,255,619 | ---- | M] ()
hpqbid11.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpqbid11.dat -> [2007/07/10 04:57:49 | 00,255,576 | ---- | M] ()
hpqbid11.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpqbid11.dat -> [2007/07/10 04:57:49 | 00,255,576 | ---- | M] ()
hpqbud11.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hpqbud11.dat -> [2007/07/10 04:57:49 | 00,034,474 | ---- | M] ()
hpqbud11.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hpqbud11.dat -> [2007/07/10 04:57:49 | 00,034,474 | ---- | M] ()
hpqphbck.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpqphbck.dat -> [2007/07/10 04:57:49 | 00,000,969 | ---- | M] ()
hpqphbck.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpqphbck.dat -> [2007/07/10 04:57:49 | 00,000,969 | ---- | M] ()
hpqbpl11.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpqbpl11.dat -> [2007/07/10 04:57:49 | 00,000,670 | ---- | M] ()
hpqbpl11.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpqbpl11.dat -> [2007/07/10 04:57:49 | 00,000,670 | ---- | M] ()
hpqbid01.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpqbid01.dat -> [2007/07/10 04:57:47 | 00,255,764 | ---- | M] ()
hpqbid01.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpqbid01.dat -> [2007/07/10 04:57:47 | 00,255,764 | ---- | M] ()
hpqbid06.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpqbid06.dat -> [2007/07/10 04:57:47 | 00,255,649 | ---- | M] ()
hpqbid06.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpqbid06.dat -> [2007/07/10 04:57:47 | 00,255,649 | ---- | M] ()
hpqbud01.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hpqbud01.dat -> [2007/07/10 04:57:47 | 00,044,147 | ---- | M] ()
hpqbud01.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hpqbud01.dat -> [2007/07/10 04:57:47 | 00,044,147 | ---- | M] ()
hpqhsc01.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hpqhsc01.dat -> [2007/07/10 04:57:47 | 00,033,636 | ---- | M] ()
hpqhsc01.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hpqhsc01.dat -> [2007/07/10 04:57:47 | 00,033,636 | ---- | M] ()
hpqbud06.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hpqbud06.dat -> [2007/07/10 04:57:47 | 00,018,037 | ---- | M] ()
hpqbud06.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hpqbud06.dat -> [2007/07/10 04:57:47 | 00,018,037 | ---- | M] ()
HPZscr01.exe.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\DeviceManagement\HPZscr01.exe.dat -> [2007/07/10 04:57:47 | 00,010,862 | ---- | M] ()
HPZscr01.exe.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\DeviceManagement\HPZscr01.exe.dat -> [2007/07/10 04:57:47 | 00,010,862 | ---- | M] ()
hpqbpl01.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpqbpl01.dat -> [2007/07/10 04:57:47 | 00,000,801 | ---- | M] ()
hpqbpl01.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpqbpl01.dat -> [2007/07/10 04:57:47 | 00,000,801 | ---- | M] ()
hpqbpl06.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpqbpl06.dat -> [2007/07/10 04:57:47 | 00,000,788 | ---- | M] ()
hpqbpl06.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpqbpl06.dat -> [2007/07/10 04:57:47 | 00,000,788 | ---- | M] ()
hpqrrx08.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hpqrrx08.exe -> [2007/07/10 04:57:46 | 00,081,920 | ---- | M] (Hewlett-Packard Co.)
hpqrrx08.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hpqrrx08.exe -> [2007/07/10 04:57:46 | 00,081,920 | ---- | M] (Hewlett-Packard Co.)
hpqbhp01.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hpqbhp01.exe -> [2007/07/10 04:55:02 | 00,626,688 | ---- | M] (Hewlett-Packard)
hpqbhp01.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hpqbhp01.exe -> [2007/07/10 04:55:02 | 00,626,688 | ---- | M] (Hewlett-Packard)
detectlang2.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\BPDhelp\help\detectlang2.exe -> [2007/07/10 04:31:07 | 00,024,576 | ---- | M] ()
detectlang2.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\BPDhelp\help\detectlang2.exe -> [2007/07/10 04:31:07 | 00,024,576 | ---- | M] ()
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\trk\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:27:04 | 00,136,096 | ---- | M] ()
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\trk\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:27:04 | 00,136,096 | ---- | M] ()
WindowsXP-KB822603-x86-TRK.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\trk\WindowsXP-KB822603-x86-TRK.exe -> [2007/07/10 04:27:03 | 00,351,520 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-TRK.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\trk\WindowsXP-KB822603-x86-TRK.exe -> [2007/07/10 04:27:03 | 00,351,520 | ---- | M] (Microsoft Corporation)
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\sve\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:27:03 | 00,136,608 | ---- | M] ()
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\sve\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:27:03 | 00,136,608 | ---- | M] ()
WindowsXP-KB822603-x86-SVE.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\sve\WindowsXP-KB822603-x86-SVE.exe -> [2007/07/10 04:27:02 | 00,351,008 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-SVE.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\sve\WindowsXP-KB822603-x86-SVE.exe -> [2007/07/10 04:27:02 | 00,351,008 | ---- | M] (Microsoft Corporation)
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\rus\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:27:02 | 00,135,584 | ---- | M] ()
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\rus\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:27:02 | 00,135,584 | ---- | M] ()
WindowsXP-KB822603-x86-RUS.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\rus\WindowsXP-KB822603-x86-RUS.exe -> [2007/07/10 04:27:01 | 00,352,032 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-RUS.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\rus\WindowsXP-KB822603-x86-RUS.exe -> [2007/07/10 04:27:01 | 00,352,032 | ---- | M] (Microsoft Corporation)
Q283787_W2K_SP3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\ptb\Q283787_W2K_SP3_x86.EXE -> [2007/07/10 04:27:01 | 00,137,120 | ---- | M] ()
Q283787_W2K_SP3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\ptb\Q283787_W2K_SP3_x86.EXE -> [2007/07/10 04:27:01 | 00,137,120 | ---- | M] ()
WindowsXP-KB822603-x86-PLK.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\plk\WindowsXP-KB822603-x86-PLK.exe -> [2007/07/10 04:27:00 | 00,352,544 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-PLK.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\plk\WindowsXP-KB822603-x86-PLK.exe -> [2007/07/10 04:27:00 | 00,352,544 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-PTB.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\ptb\WindowsXP-KB822603-x86-PTB.exe -> [2007/07/10 04:27:00 | 00,351,520 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-PTB.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\ptb\WindowsXP-KB822603-x86-PTB.exe -> [2007/07/10 04:27:00 | 00,351,520 | ---- | M] (Microsoft Corporation)
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\plk\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:27:00 | 00,132,512 | ---- | M] ()
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\plk\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:27:00 | 00,132,512 | ---- | M] ()
WindowsXP-KB822603-x86-NOR.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\nob\WindowsXP-KB822603-x86-NOR.exe -> [2007/07/10 04:26:59 | 00,351,008 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-NOR.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\nob\WindowsXP-KB822603-x86-NOR.exe -> [2007/07/10 04:26:59 | 00,351,008 | ---- | M] (Microsoft Corporation)
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\nob\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:26:59 | 00,142,240 | ---- | M] ()
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\nob\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:26:59 | 00,142,240 | ---- | M] ()
WindowsXP-KB822603-x86-NLD.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\nld\WindowsXP-KB822603-x86-NLD.exe -> [2007/07/10 04:26:58 | 00,352,032 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-NLD.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\nld\WindowsXP-KB822603-x86-NLD.exe -> [2007/07/10 04:26:58 | 00,352,032 | ---- | M] (Microsoft Corporation)
Q283787_W2K_SP3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\nld\Q283787_W2K_SP3_x86.EXE -> [2007/07/10 04:26:58 | 00,134,048 | ---- | M] ()
Q283787_W2K_SP3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\nld\Q283787_W2K_SP3_x86.EXE -> [2007/07/10 04:26:58 | 00,134,048 | ---- | M] ()
WindowsXP-KB822603-x86-KOR.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\kor\WindowsXP-KB822603-x86-KOR.exe -> [2007/07/10 04:26:57 | 00,349,472 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-KOR.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\kor\WindowsXP-KB822603-x86-KOR.exe -> [2007/07/10 04:26:57 | 00,349,472 | ---- | M] (Microsoft Corporation)
Q283787_W2K_SP3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\kor\Q283787_W2K_SP3_x86.EXE -> [2007/07/10 04:26:57 | 00,162,728 | ---- | M] ()
Q283787_W2K_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\jpn\Q283787_W2K_sp3_x86.EXE -> [2007/07/10 04:26:57 | 00,162,728 | ---- | M] ()
Q283787_W2K_SP3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\kor\Q283787_W2K_SP3_x86.EXE -> [2007/07/10 04:26:57 | 00,162,728 | ---- | M] ()
Q283787_W2K_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\jpn\Q283787_W2K_sp3_x86.EXE -> [2007/07/10 04:26:57 | 00,162,728 | ---- | M] ()
WindowsXP-KB822603-x86-JPN.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\jpn\WindowsXP-KB822603-x86-JPN.exe -> [2007/07/10 04:26:56 | 00,350,496 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-JPN.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\jpn\WindowsXP-KB822603-x86-JPN.exe -> [2007/07/10 04:26:56 | 00,350,496 | ---- | M] (Microsoft Corporation)
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\ita\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:26:56 | 00,136,608 | ---- | M] ()
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\ita\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:26:56 | 00,136,608 | ---- | M] ()
WindowsXP-KB822603-x86-ITA.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\ita\WindowsXP-KB822603-x86-ITA.exe -> [2007/07/10 04:26:55 | 00,351,520 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-ITA.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\ita\WindowsXP-KB822603-x86-ITA.exe -> [2007/07/10 04:26:55 | 00,351,520 | ---- | M] (Microsoft Corporation)
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\hun\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:26:55 | 00,138,144 | ---- | M] ()
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\hun\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:26:55 | 00,138,144 | ---- | M] ()
WindowsXP-KB822603-x86-HUN.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\hun\WindowsXP-KB822603-x86-HUN.exe -> [2007/07/10 04:26:54 | 00,352,544 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-HUN.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\hun\WindowsXP-KB822603-x86-HUN.exe -> [2007/07/10 04:26:54 | 00,352,544 | ---- | M] (Microsoft Corporation)
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\fra\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:26:54 | 00,135,584 | ---- | M] ()
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\fra\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:26:54 | 00,135,584 | ---- | M] ()
WindowsXP-KB822603-x86-FRA.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\fra\WindowsXP-KB822603-x86-FRA.exe -> [2007/07/10 04:26:53 | 00,352,032 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-FRA.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\fra\WindowsXP-KB822603-x86-FRA.exe -> [2007/07/10 04:26:53 | 00,352,032 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-FIN.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\fin\WindowsXP-KB822603-x86-FIN.exe -> [2007/07/10 04:26:53 | 00,351,520 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-FIN.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\fin\WindowsXP-KB822603-x86-FIN.exe -> [2007/07/10 04:26:53 | 00,351,520 | ---- | M] (Microsoft Corporation)
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\fin\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:26:53 | 00,130,464 | ---- | M] ()
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\fin\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:26:53 | 00,130,464 | ---- | M] ()
WindowsXP-KB822603-x86-ESN.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\esn\WindowsXP-KB822603-x86-ESN.exe -> [2007/07/10 04:26:52 | 00,352,032 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-ESN.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\esn\WindowsXP-KB822603-x86-ESN.exe -> [2007/07/10 04:26:52 | 00,352,032 | ---- | M] (Microsoft Corporation)
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\esn\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:26:52 | 00,149,920 | ---- | M] ()
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\esn\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:26:52 | 00,149,920 | ---- | M] ()
Q283787_W2K_SP3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\enu\Q283787_W2K_SP3_x86.EXE -> [2007/07/10 04:26:51 | 00,103,664 | ---- | M] ()
Q283787_W2K_SP3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\enu\Q283787_W2K_SP3_x86.EXE -> [2007/07/10 04:26:51 | 00,103,664 | ---- | M] ()
WindowsXP-KB822603-x86-ELL.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\ell\WindowsXP-KB822603-x86-ELL.exe -> [2007/07/10 04:26:50 | 00,353,568 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-ELL.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\ell\WindowsXP-KB822603-x86-ELL.exe -> [2007/07/10 04:26:50 | 00,353,568 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-ENU.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\enu\WindowsXP-KB822603-x86-ENU.exe -> [2007/07/10 04:26:50 | 00,349,472 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-ENU.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\enu\WindowsXP-KB822603-x86-ENU.exe -> [2007/07/10 04:26:50 | 00,349,472 | ---- | M] (Microsoft Corporation)
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\ell\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:26:50 | 00,143,264 | ---- | M] ()
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\ell\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:26:50 | 00,143,264 | ---- | M] ()
HpSdUi.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\diagnostics\HpSdUi.dll -> [2007/07/10 04:26:49 | 00,139,264 | ---- | M] (Hewlett-Packard Co.)
HpSdUi.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\diagnostics\HpSdUi.dll -> [2007/07/10 04:26:49 | 00,139,264 | ---- | M] (Hewlett-Packard Co.)
DeviceInfo.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\diagnostics\DeviceInfo.dll -> [2007/07/10 04:26:49 | 00,106,496 | ---- | M] (Hewlett-Packard Co.)
DeviceInfo.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\diagnostics\DeviceInfo.dll -> [2007/07/10 04:26:49 | 00,106,496 | ---- | M] (Hewlett-Packard Co.)
HpAppEgn.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\diagnostics\HpAppEgn.dll -> [2007/07/10 04:26:49 | 00,094,208 | ---- | M] (Hewlett-Packard Co.)
HpAppEgn.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\diagnostics\HpAppEgn.dll -> [2007/07/10 04:26:49 | 00,094,208 | ---- | M] (Hewlett-Packard Co.)
HPSysDig.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\diagnostics\HPSysDig.exe -> [2007/07/10 04:26:48 | 00,385,024 | ---- | M] (Hewlett-Packard Co.)
HPSysDig.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\diagnostics\HPSysDig.exe -> [2007/07/10 04:26:48 | 00,385,024 | ---- | M] (Hewlett-Packard Co.)
logging.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\diagnostics\logging.dll -> [2007/07/10 04:26:48 | 00,114,688 | ---- | M] (Hewlett-Packard Co.)
logging.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\diagnostics\logging.dll -> [2007/07/10 04:26:48 | 00,114,688 | ---- | M] (Hewlett-Packard Co.)
systeminfo.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\diagnostics\systeminfo.dll -> [2007/07/10 04:26:48 | 00,090,112 | ---- | M] (Hewlett-Packard Co.)
systeminfo.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\diagnostics\systeminfo.dll -> [2007/07/10 04:26:48 | 00,090,112 | ---- | M] (Hewlett-Packard Co.)
zlib.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\diagnostics\zlib.dll -> [2007/07/10 04:26:48 | 00,053,248 | ---- | M] ()
zlib.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\diagnostics\zlib.dll -> [2007/07/10 04:26:48 | 00,053,248 | ---- | M] ()
WindowsXP-KB822603-x86-DEU.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\deu\WindowsXP-KB822603-x86-DEU.exe -> [2007/07/10 04:26:47 | 00,352,032 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-DEU.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\deu\WindowsXP-KB822603-x86-DEU.exe -> [2007/07/10 04:26:47 | 00,352,032 | ---- | M] (Microsoft Corporation)
Q283787_W2K_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\deu\Q283787_W2K_sp3_x86.EXE -> [2007/07/10 04:26:47 | 00,163,240 | ---- | M] ()
Q283787_W2K_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\deu\Q283787_W2K_sp3_x86.EXE -> [2007/07/10 04:26:47 | 00,163,240 | ---- | M] ()
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\dan\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:26:47 | 00,131,488 | ---- | M] ()
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\dan\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:26:47 | 00,131,488 | ---- | M] ()
WindowsXP-KB822603-x86-DAN.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\dan\WindowsXP-KB822603-x86-DAN.exe -> [2007/07/10 04:26:46 | 00,351,008 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-DAN.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\dan\WindowsXP-KB822603-x86-DAN.exe -> [2007/07/10 04:26:46 | 00,351,008 | ---- | M] (Microsoft Corporation)
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\csy\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:26:46 | 00,132,512 | ---- | M] ()
Q283787_w2k_sp3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\csy\Q283787_w2k_sp3_x86.EXE -> [2007/07/10 04:26:46 | 00,132,512 | ---- | M] ()
WindowsXP-KB822603-x86-CSY.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\csy\WindowsXP-KB822603-x86-CSY.exe -> [2007/07/10 04:26:45 | 00,351,520 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-CSY.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\csy\WindowsXP-KB822603-x86-CSY.exe -> [2007/07/10 04:26:45 | 00,351,520 | ---- | M] (Microsoft Corporation)
Q283787_W2K_SP3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\cht\Q283787_W2K_SP3_x86.EXE -> [2007/07/10 04:26:45 | 00,162,216 | ---- | M] ()
Q283787_W2K_SP3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\cht\Q283787_W2K_SP3_x86.EXE -> [2007/07/10 04:26:45 | 00,162,216 | ---- | M] ()
WindowsXP-KB822603-x86-CHT.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\cht\WindowsXP-KB822603-x86-CHT.exe -> [2007/07/10 04:26:44 | 00,349,472 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-CHT.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\cht\WindowsXP-KB822603-x86-CHT.exe -> [2007/07/10 04:26:44 | 00,349,472 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-CHS.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\chs\WindowsXP-KB822603-x86-CHS.exe -> [2007/07/10 04:26:44 | 00,348,960 | ---- | M] (Microsoft Corporation)
WindowsXP-KB822603-x86-CHS.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\chs\WindowsXP-KB822603-x86-CHS.exe -> [2007/07/10 04:26:44 | 00,348,960 | ---- | M] (Microsoft Corporation)
Q283787_W2K_SP3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\ccc\chs\Q283787_W2K_SP3_x86.EXE -> [2007/07/10 04:26:44 | 00,163,240 | ---- | M] ()
Q283787_W2K_SP3_x86.EXE -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\ccc\chs\Q283787_W2K_SP3_x86.EXE -> [2007/07/10 04:26:44 | 00,163,240 | ---- | M] ()
MSVCP60.DLL -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\MSVCP60.DLL -> [2007/07/10 04:26:43 | 00,401,462 | ---- | M] (Microsoft Corporation)
MSVCP60.DLL -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\MSVCP60.DLL -> [2007/07/10 04:26:43 | 00,401,462 | ---- | M] (Microsoft Corporation)
scrub2k.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\scrub2k.exe -> [2007/07/10 04:23:55 | 00,065,536 | ---- | M] ()
scrub2k.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\scrub2k.exe -> [2007/07/10 04:23:55 | 00,065,536 | ---- | M] ()
hpwprl06.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpwprl06.dat -> [2007/07/10 04:23:53 | 00,000,486 | ---- | M] ()
hpwprl06.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpwprl06.dat -> [2007/07/10 04:23:53 | 00,000,486 | ---- | M] ()
hpwprl07.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpwprl07.dat -> [2007/07/10 04:23:53 | 00,000,193 | ---- | M] ()
hpwprl07.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpwprl07.dat -> [2007/07/10 04:23:53 | 00,000,193 | ---- | M] ()
hpwprl01.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpwprl01.dat -> [2007/07/10 04:23:52 | 00,006,996 | ---- | M] ()
hpwprl01.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpwprl01.dat -> [2007/07/10 04:23:52 | 00,006,996 | ---- | M] ()
hpwprlx64.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpwprlx64.dat -> [2007/07/10 04:23:52 | 00,004,601 | ---- | M] ()
hpwprlx64.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpwprlx64.dat -> [2007/07/10 04:23:52 | 00,004,601 | ---- | M] ()
shancoker
Active Member
 
Posts: 10
Joined: March 22nd, 2009, 11:28 am

Re: Coker

Unread postby shancoker » March 27th, 2009, 3:03 pm

Last one...

hpzdui01.exe.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hpzdui01.exe.dat -> [2007/07/10 04:23:43 | 00,008,130 | ---- | M] ()
hpzdui01.exe.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hpzdui01.exe.dat -> [2007/07/10 04:23:43 | 00,008,130 | ---- | M] ()
hpzdui40.exe.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hpzdui40.exe.dat -> [2007/07/10 04:23:43 | 00,008,129 | ---- | M] ()
hpzdui40.exe.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hpzdui40.exe.dat -> [2007/07/10 04:23:43 | 00,008,129 | ---- | M] ()
hpaiounifax.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\fax\x64\hpaiounifax.dll -> [2007/07/10 04:23:39 | 00,061,952 | ---- | M] ()
hpaiounifax.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\fax\x64\hpaiounifax.dll -> [2007/07/10 04:23:39 | 00,061,952 | ---- | M] ()
hpzuifax.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\fax\x64\hpzuifax.dll -> [2007/07/10 04:23:37 | 01,609,728 | ---- | M] (Hewlett-Packard Corporation)
hpzuifax.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\fax\x64\hpzuifax.dll -> [2007/07/10 04:23:37 | 01,609,728 | ---- | M] (Hewlett-Packard Corporation)
hpqcxm09.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\fax\x64\hpqcxm09.dll -> [2007/07/10 04:23:36 | 00,311,808 | ---- | M] (Hewlett-Packard Co.)
hpqcxm09.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\fax\x64\hpqcxm09.dll -> [2007/07/10 04:23:36 | 00,311,808 | ---- | M] (Hewlett-Packard Co.)
hpoip09.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\fax\x64\hpoip09.dll -> [2007/07/10 04:23:36 | 00,289,280 | ---- | M] (Hewlett-Packard Co.)
hpoip09.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\fax\x64\hpoip09.dll -> [2007/07/10 04:23:36 | 00,289,280 | ---- | M] (Hewlett-Packard Co.)
hpoipw08.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\fax\x64\hpoipw08.dll -> [2007/07/10 04:23:36 | 00,158,208 | ---- | M] (Hewlett-Packard Co.)
hpoipw08.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\fax\x64\hpoipw08.dll -> [2007/07/10 04:23:36 | 00,158,208 | ---- | M] (Hewlett-Packard Co.)
hpaiofax.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\fax\x64\hpaiofax.dll -> [2007/07/10 04:23:36 | 00,097,792 | ---- | M] ()
hpaiofax.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\fax\x64\hpaiofax.dll -> [2007/07/10 04:23:36 | 00,097,792 | ---- | M] ()
hpaiounifax.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\fax\x32\hpaiounifax.dll -> [2007/07/10 04:23:35 | 00,135,168 | ---- | M] ()
hpaiounifax.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\fax\x32\hpaiounifax.dll -> [2007/07/10 04:23:35 | 00,135,168 | ---- | M] ()
hpzuifax.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\fax\x32\hpzuifax.dll -> [2007/07/10 04:23:34 | 01,662,976 | ---- | M] (Hewlett-Packard Corporation)
hpzuifax.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\fax\x32\hpzuifax.dll -> [2007/07/10 04:23:34 | 01,662,976 | ---- | M] (Hewlett-Packard Corporation)
hpaiofax.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\fax\x32\hpaiofax.dll -> [2007/07/10 04:23:33 | 00,320,927 | ---- | M] ()
hpaiofax.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\fax\x32\hpaiofax.dll -> [2007/07/10 04:23:33 | 00,320,927 | ---- | M] ()
hpzuci12.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\dot4\win98\hpzuci12.dll -> [2007/07/10 04:23:33 | 00,018,560 | ---- | M] ()
hpzuci12.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\dot4\win98\hpzuci12.dll -> [2007/07/10 04:23:33 | 00,018,560 | ---- | M] ()
hpzc3212.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\dot4\win98\hpzc3212.dll -> [2007/07/10 04:23:32 | 00,286,720 | ---- | M] (Hewlett-Packard Co.)
hpzc3212.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\dot4\win98\hpzc3212.dll -> [2007/07/10 04:23:32 | 00,286,720 | ---- | M] (Hewlett-Packard Co.)
hpzimn12.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\dot4\win98\hpzimn12.dll -> [2007/07/10 04:23:32 | 00,045,056 | ---- | M] (HP)
hpzimn12.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\dot4\win98\hpzimn12.dll -> [2007/07/10 04:23:32 | 00,045,056 | ---- | M] (HP)
difxapi.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\dot4\win2000\difxapi.dll -> [2007/07/10 04:23:31 | 00,309,760 | ---- | M] (Microsoft Corporation)
difxapi.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\dot4\win2000\difxapi.dll -> [2007/07/10 04:23:31 | 00,309,760 | ---- | M] (Microsoft Corporation)
hppldcoi.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\dot4\win2000\hppldcoi.dll -> [2007/07/10 04:23:30 | 00,364,544 | ---- | M] (Hewlett-Packard)
hppldcoi.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\dot4\win2000\hppldcoi.dll -> [2007/07/10 04:23:30 | 00,364,544 | ---- | M] (Hewlett-Packard)
hpzc3212.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpzc3212.dll -> [2007/07/10 04:23:29 | 00,286,720 | ---- | M] (Hewlett-Packard Co.)
hpzc3212.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\dot4\win2000\hpzc3212.dll -> [2007/07/10 04:23:29 | 00,286,720 | ---- | M] (Hewlett-Packard Co.)
hpzc3212.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpzc3212.dll -> [2007/07/10 04:23:29 | 00,286,720 | ---- | M] (Hewlett-Packard Co.)
hpzc3212.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\dot4\win2000\hpzc3212.dll -> [2007/07/10 04:23:29 | 00,286,720 | ---- | M] (Hewlett-Packard Co.)
hppldcoi.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\dot4\amd64\winxp\hppldcoi.dll -> [2007/07/10 04:23:25 | 00,540,672 | ---- | M] (Hewlett-Packard)
hppldcoi.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\dot4\amd64\winxp\hppldcoi.dll -> [2007/07/10 04:23:25 | 00,540,672 | ---- | M] (Hewlett-Packard)
difxapi.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\dot4\amd64\winxp\difxapi.dll -> [2007/07/10 04:23:25 | 00,508,928 | ---- | M] (Microsoft Corporation)
difxapi.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\dot4\amd64\winxp\difxapi.dll -> [2007/07/10 04:23:25 | 00,508,928 | ---- | M] (Microsoft Corporation)
hpwtiop2.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\scanner\x32\hpwtiop2.dll -> [2007/07/10 04:23:23 | 00,892,928 | ---- | M] (Hewlett-Packard Co.)
hpwtiop2.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\scanner\x32\hpwtiop2.dll -> [2007/07/10 04:23:23 | 00,892,928 | ---- | M] (Hewlett-Packard Co.)
hpovst11.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\scanner\x32\hpovst11.dll -> [2007/07/10 04:23:23 | 00,294,912 | ---- | M] (Hewlett-Packard Co.)
hpovst11.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\scanner\x32\hpovst11.dll -> [2007/07/10 04:23:23 | 00,294,912 | ---- | M] (Hewlett-Packard Co.)
hpwwiax2.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\scanner\x32\hpwwiax2.dll -> [2007/07/10 04:23:22 | 00,675,840 | ---- | M] (Hewlett-Packard)
hpwwiax2.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\scanner\x32\hpwwiax2.dll -> [2007/07/10 04:23:22 | 00,675,840 | ---- | M] (Hewlett-Packard)
hpwtusd1.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\scanner\x32\hpwtusd1.dll -> [2007/07/10 04:23:22 | 00,233,472 | ---- | M] (Hewlett-Packard)
hpwtusd1.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\scanner\x32\hpwtusd1.dll -> [2007/07/10 04:23:22 | 00,233,472 | ---- | M] (Hewlett-Packard)
hpwwiax2.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\scanner\x64\hpwwiax2.dll -> [2007/07/10 04:23:21 | 00,861,184 | ---- | M] (Hewlett-Packard)
hpwwiax2.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\scanner\x64\hpwwiax2.dll -> [2007/07/10 04:23:21 | 00,861,184 | ---- | M] (Hewlett-Packard)
hpovst11.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\scanner\x64\hpovst11.dll -> [2007/07/10 04:23:21 | 00,488,960 | ---- | M] (Hewlett-Packard Co.)
hpovst11.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\scanner\x64\hpovst11.dll -> [2007/07/10 04:23:21 | 00,488,960 | ---- | M] (Hewlett-Packard Co.)
hpwtiop2.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\drivers\scanner\x64\hpwtiop2.dll -> [2007/07/10 04:23:20 | 01,291,776 | ---- | M] (Hewlett-Packard Co.)
hpwtiop2.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\drivers\scanner\x64\hpwtiop2.dll -> [2007/07/10 04:23:20 | 01,291,776 | ---- | M] (Hewlett-Packard Co.)
hpfinst.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hpfinst.dll -> [2007/07/10 04:22:58 | 00,176,128 | ---- | M] (Hewlett-Packard Co.)
hpfinst.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hpfinst.dll -> [2007/07/10 04:22:58 | 00,176,128 | ---- | M] (Hewlett-Packard Co.)
hpfpaste.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hpfpaste.exe -> [2007/07/10 04:22:58 | 00,069,632 | ---- | M] ()
hpfpaste.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hpfpaste.exe -> [2007/07/10 04:22:58 | 00,069,632 | ---- | M] ()
hpfpnpsx.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\setup\hpfpnpsx.exe -> [2007/07/10 04:22:58 | 00,004,224 | ---- | M] ()
hpfpnpsx.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\setup\hpfpnpsx.exe -> [2007/07/10 04:22:58 | 00,004,224 | ---- | M] ()
hpcdmc64.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\CfgEdt\hpcdmc64.dll -> [2007/07/10 04:20:28 | 00,814,080 | ---- | M] (HP)
hpcdmc64.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\CfgEdt\hpcdmc64.dll -> [2007/07/10 04:20:28 | 00,814,080 | ---- | M] (HP)
HPCDMC32.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\CfgEdt\HPCDMC32.dll -> [2007/07/10 04:20:27 | 00,671,816 | ---- | M] (HP)
HPCDMC32.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\CfgEdt\HPCDMC32.dll -> [2007/07/10 04:20:27 | 00,671,816 | ---- | M] (HP)
HPBDMC32.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\CfgEdt\HPBDMC32.dll -> [2007/07/10 04:20:27 | 00,659,540 | ---- | M] (HP)
HPBDMC32.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\CfgEdt\HPBDMC32.dll -> [2007/07/10 04:20:27 | 00,659,540 | ---- | M] (HP)
hpbcfgre.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\CfgEdt\hpbcfgre.dll -> [2007/07/10 04:20:26 | 02,920,960 | ---- | M] ()
hpbcfgre.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\CfgEdt\hpbcfgre.dll -> [2007/07/10 04:20:26 | 02,920,960 | ---- | M] ()
hpbcfgui.dll -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\CfgEdt\hpbcfgui.dll -> [2007/07/10 04:20:26 | 01,351,680 | ---- | M] ()
hpbcfgui.dll -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\CfgEdt\hpbcfgui.dll -> [2007/07/10 04:20:26 | 01,351,680 | ---- | M] ()
hpbcfgap.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\util\CfgEdt\hpbcfgap.exe -> [2007/07/10 04:20:26 | 00,069,632 | ---- | M] ()
hpbcfgap.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\util\CfgEdt\hpbcfgap.exe -> [2007/07/10 04:20:26 | 00,069,632 | ---- | M] ()
Setup.exe -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\Setup.exe -> [2007/06/01 21:21:46 | 00,513,624 | ---- | M] (Hewlett-Packard)
Setup.exe -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\Setup.exe -> [2007/06/01 21:21:46 | 00,513,624 | ---- | M] (Hewlett-Packard)
ProdEnum.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Redist\MSI31\ProdEnum.exe -> [2007/02/03 03:53:20 | 00,069,632 | ---- | M] ()
ProdEnum.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Redist\MSI31\ProdEnum.exe -> [2007/02/03 03:53:20 | 00,069,632 | ---- | M] ()
ProdEnum.dat -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Redist\MSI31\ProdEnum.dat -> [2007/02/02 20:03:04 | 00,000,746 | ---- | M] ()
ProdEnum.dat -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Redist\MSI31\ProdEnum.dat -> [2007/02/02 20:03:04 | 00,000,746 | ---- | M] ()
WindowsXP-KB916089-v5-x86-ENU.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Redist\MSI31\WindowsXP-KB916089-v5-x86-ENU.exe -> [2007/02/01 09:37:46 | 01,241,912 | ---- | M] (Microsoft Corporation)
WindowsXP-KB916089-v5-x86-ENU.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Redist\MSI31\WindowsXP-KB916089-v5-x86-ENU.exe -> [2007/02/01 09:37:46 | 01,241,912 | ---- | M] (Microsoft Corporation)
tmdbg.dll -> %UserProfile%\AppData\Local\Temp\PccMsi\tmdbg.dll -> [2006/12/29 02:53:04 | 00,300,560 | ---- | M] ()
hpwprl08.dat -> %UserProfile%\AppData\Local\Temp\7zS8D08.tmp\hpwprl08.dat -> [2006/11/01 14:57:28 | 00,000,366 | ---- | M] ()
hpwprl08.dat -> %UserProfile%\AppData\Local\Temp\7zS5795.tmp\hpwprl08.dat -> [2006/11/01 14:57:28 | 00,000,366 | ---- | M] ()
WindowsServer2003.WindowsXP-KB916089-v3-x64-ENU.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Redist\MSI31\WindowsServer2003.WindowsXP-KB916089-v3-x64-ENU.exe -> [2006/10/04 17:49:16 | 02,630,456 | ---- | M] (Microsoft Corporation)
WindowsInstaller-KB893803-x86.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Redist\MSI31\WindowsInstaller-KB893803-x86.exe -> [2006/01/16 17:29:06 | 02,584,848 | ---- | M] (Microsoft Corporation)
WindowsInstaller-KB893803-x86.exe -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Redist\MSI31\WindowsInstaller-KB893803-x86.exe -> [2006/01/16 17:29:06 | 02,584,848 | ---- | M] (Microsoft Corporation)
msvcr80.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Redist\MSI31\msvcr80.dll -> [2005/09/23 03:05:58 | 00,626,688 | ---- | M] (Microsoft Corporation)
msvcr80.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Redist\MSI31\msvcr80.dll -> [2005/09/23 03:05:58 | 00,626,688 | ---- | M] (Microsoft Corporation)
DSETUP.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\Elevated\DSETUP.dll -> [2004/07/09 06:03:10 | 00,062,976 | ---- | M] (Microsoft Corporation)
DSETUP.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.80.1065\DSETUP.dll -> [2004/07/09 06:03:10 | 00,062,976 | ---- | M] (Microsoft Corporation)
DSETUP.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\Elevated\DSETUP.dll -> [2004/07/09 06:03:10 | 00,062,976 | ---- | M] (Microsoft Corporation)
DSETUP.dll -> %UserProfile%\AppData\Local\Temp\QuickCam_11.5.0\DSETUP.dll -> [2004/07/09 06:03:10 | 00,062,976 | ---- | M] (Microsoft Corporation)
RecoverFromReboot.exe -> %SystemRoot%\Temp\RecoverFromReboot.exe -> [2003/07/08 14:41:48 | 00,151,552 | ---- | M] (Motive Communications, Inc.)
[CatchMe Rootkit Scan by GMER]
< Windows folder & sub-folders >
scanning hidden processes ...
IPC error: 2 The system cannot find the file specified.
? [6456]
? [7668]
? [12396]
? [16112]
? [19728]
? [18632]
? [20112]
? [19416]
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 8
hidden services: 0
hidden files: 1
< Document and Settings folder & sub folders >
scanning hidden files ...
IPC error: 2 The system cannot find the file specified.
scan completed successfully
hidden files: 0

< End of report >
[/code]
shancoker
Active Member
 
Posts: 10
Joined: March 22nd, 2009, 11:28 am

Re: Coker

Unread postby peku006 » March 27th, 2009, 3:42 pm

Hi shancoker

1 - Clean temp files

    Download and Run ATF Cleaner
    Download ATF (Atribune Temp File) Cleaner© by Atribune to your desktop.Double-click ATF Cleaner.exe to open it.

    Under Main choose:
      Windows Temp
      Current User Temp
      All Users Temp
      Temporary Internet Files
      Prefetch
      Java Cache

      *The other boxes are optional*
      Then click the Empty Selected button.
    if you use Firefox:
      Click Firefox at the top and choose: Select All
      Click the Empty Selected button.
      NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
    if you use Opera:
      Click Opera at the top and choose: Select All
      Click the Empty Selected button.
      NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

    Click Exit on the Main menu to close the program

2 - Download and Run Malwarebytes' Anti-Malware
  1. Please download Malwarebytes' Anti-Malware and save it to a convenient location.
  2. Double click on mbam-setup.exe to install it.
  3. Before clicking the Finish button, make sure that these 2 boxes are checked (ticked):
      Update Malwarebytes' Anti-Malware
      Launch Malwarebytes' Anti-Malware
  4. Malwarebytes' Anti-Malware will now check for updates. If your firewall prompts, please allow it. If you can't update it, select the Update tab. Under Update Mirror, select one of the websites and click on Check for Updates.
  5. Select the Scanner tab. Click on Perform full scan, then click on Scan.
  6. Leave the default options as it is and click on Start Scan.
  7. When done, you will be prompted. Click OK, then click on Show Results.
  8. Checked (ticked) all items except items in the System Volume Information folder and click on Remove Selected.

    Image
  9. After it has removed the items, Notepad will open. Please post this log in your next reply. You can also find the log in the Logs tab. The bottom most log is the latest.

3 - Run Hijackthis
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad

4 - Status Check
Please reply with


1. the Malwarebytes' Anti-Malware Log
2. a fresh HijackThis log

Thanks peku006
User avatar
peku006
MRU Emeritus
MRU Emeritus
 
Posts: 3357
Joined: May 14th, 2007, 2:18 pm
Location: Norway

Re: Coker

Unread postby shancoker » March 31st, 2009, 1:22 pm

Fresh Hijack this log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:01:38 PM, on 3/26/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe
C:\Windows\sttray.exe
C:\Program Files\ATT Internet Tools\blsloader.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
C:\Program Files\palmOne\Hotsync.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Users\Shannon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RT8VCKID\RSIT[1].exe
C:\Program Files\Trend Micro\HijackThis\Shannon.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html ... &M=GM5454E
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.html ... &M=GM5454E
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.html ... &M=GM5454E
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html ... &M=GM5454E
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BlspcHlpr Class - {15C9938F-CB96-496D-800A-B827F2E34EA1} - C:\Program Files\ATT Internet Tools\blspc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\google\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [BigFix] c:\program files\Bigfix\bigfix.exe /atstartup
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O4 - HKLM\..\Run: [RecoverFromReboot] C:\Windows\Temp\RecoverFromReboot.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [blspcloader] C:\Program Files\ATT Internet Tools\blsloader.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2511111831-2057517083-3689216067-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-21-2511111831-2057517083-3689216067-1000\..\RunOnce: [RunPalmPIL] "C:\Program Files\palmOne\pil.exe" (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-21-2511111831-2057517083-3689216067-1002\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'Allan')
O4 - HKUS\S-1-5-21-2511111831-2057517083-3689216067-501\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'Guest')
O4 - S-1-5-21-2511111831-2057517083-3689216067-1002 Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Allan')
O4 - S-1-5-21-2511111831-2057517083-3689216067-1002 User Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Allan')
O4 - S-1-5-21-2511111831-2057517083-3689216067-501 Startup: palmOne Registration.lnk = C:\Program Files\palmOne\register.exe (User 'Guest')
O4 - S-1-5-21-2511111831-2057517083-3689216067-501 User Startup: palmOne Registration.lnk = C:\Program Files\palmOne\register.exe (User 'Guest')
O4 - Startup: Mobipocket Web Companion.lnk = ?
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.att.net
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocach ... .0.1.1.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {549F957E-2F89-11D6-8CFE-00C04F52B225} (CMV5 Class) - http://couponmom.coupons.smartsource.co ... scmv5X.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10200 bytes

Malware log
Malwarebytes' Anti-Malware 1.35
Database version: 1924
Windows 6.0.6001 Service Pack 1

3/31/2009 1:14:30 PM
mbam-log-2009-03-31 (13-14-30).txt

Scan type: Full Scan (C:\|H:\|)
Objects scanned: 312170
Time elapsed: 1 hour(s), 56 minute(s), 23 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 32
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\cpbrkpie.coupon6ctrl.1 (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9522b3fb-7a2b-4646-8af6-36e7f593073c} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522b3fb-7a2b-4646-8af6-36e7f593073c} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a85a5e6a-de2c-4f4e-99dc-f469df5a0eec} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{87255c51-cd7d-4506-b9ad-97606daf53f3} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e780f0b-bcd6-40cb-b2db-7af47ab4d4a4} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a138be8b-f051-4802-9a3f-a750a6d862d4} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Windows\CouponPrinter.ocx (Adware.Coupons) -> Quarantined and deleted successfully.
C:\BACKUP\08-12-24 1024AM\Users\Shannon\AppData\Local\Temp\Low\cpnprt2.cid (Adware.Agent) -> Quarantined and deleted successfully.
shancoker
Active Member
 
Posts: 10
Joined: March 22nd, 2009, 11:28 am

Re: Coker

Unread postby peku006 » March 31st, 2009, 1:50 pm

Hi shancoker

Looking good :)
Let's make sure we got everything

1 - Clean temp files

    Download and Run ATF Cleaner
    Download ATF (Atribune Temp File) Cleaner© by Atribune to your desktop.Double-click ATF Cleaner.exe to open it.

    Under Main choose:
      Windows Temp
      Current User Temp
      All Users Temp
      Temporary Internet Files
      Prefetch
      Java Cache

      *The other boxes are optional*
      Then click the Empty Selected button.
    if you use Firefox:
      Click Firefox at the top and choose: Select All
      Click the Empty Selected button.
      NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
    if you use Opera:
      Click Opera at the top and choose: Select All
      Click the Empty Selected button.
      NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

    Click Exit on the Main menu to close the program

2 - ESET NOD32 Online Scanner
Please use NOD32 Online Scanner to scan your system and post the log here
  • Please go to the following link ESET Online Scanner Link
  • Tick the box YES, I accept the Terms Of Use
  • Click the Start button
  • Now click the Install button
  • Click Start

    The scanner engine will initialise and update
  • Do Not tick the box Remove found threats
  • Click the Scan button

    The scan will now run, please be patient
  • When the scan finishes click the Details tab
  • Copy and paste the contents of the C:\Program Files\EsetOnlineScanner\log.txt back here.

3 - Run Hijackthis
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad

4 - Status Check
Please reply with

1. the ESET NOD32 online scanner report
2. a fresh HijackThis log
How's the computer running now? Any problems?

Thanks peku006
User avatar
peku006
MRU Emeritus
MRU Emeritus
 
Posts: 3357
Joined: May 14th, 2007, 2:18 pm
Location: Norway

Re: Coker

Unread postby NonSuch » April 2nd, 2009, 3:47 pm

As this issue appears to be resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 486 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware