It seems to be getting a little quicker. I had to go into windows explorer to delete C:\windows\system32\printer.exe and it worked the second time. I am getting no response when I try and fix the control panel it and some other controls are still lost. When normal startup the windows file protection starts and it cannot start alot of dlls so I have had to cancel that part of it and also the Microsoft .NET framework has an unhandled exception occuring in a component in your application coming up. On top of all this the windows installer has gone out and I can't get it to download.
I really thank you for your help. Jim
Deckard's System Scanner v20070819.64
Run by User on 2007-08-20 11:23:40
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Unable to create WMI object; The operation completed successfully.
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 448 MiB (512 MiB recommended).
-- HijackThis (run as User.exe) ------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:24:58 AM, on 8/20/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\ATP\Navigator\EZUpdateService.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\WinAvXX.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Citrix\ICA Client\pnagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\User\Desktop\deckardsdss.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\User.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://www.yahoo.com
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\HDAudPropShortcut.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [HijackThis startup scan] C:\Program Files\Trend Micro\HijackThis\HijackThis.exe /startupscan
O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe
O4 - HKUS\S-1-5-21-1202660629-1409082233-839522115-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-1202660629-1409082233-839522115-1003\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User '?')
O4 - HKUS\S-1-5-21-1202660629-1409082233-839522115-1003\..\Run: [HijackThis startup scan] C:\Program Files\Trend Micro\HijackThis\HijackThis.exe /startupscan (User '?')
O4 - HKUS\S-1-5-21-1202660629-1409082233-839522115-1003\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe (User '?')
O4 - S-1-5-21-1202660629-1409082233-839522115-1003 Startup: system.exe (User '?')
O4 - Startup: system.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: autorun.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: hpzsetup.LNK = E:\HPZstub.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Program Neighborhood Agent.lnk = C:\Program Files\Citrix\ICA Client\pnagent.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) -
http://housecall65.trendmicro.com/house ... hcImpl.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} -
http://ipgweb.cce.hp.com/rdqcpc/downloads/sysinfo.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -
http://cdn.scan.onecare.live.com/resour ... se8300.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ATP EZUpdate Service (EZUpdateService) - Aircraft Technical Publishers - C:\Program Files\ATP\Navigator\EZUpdateService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ViRobot Expert Monitoring (vrmonsvc) - Unknown owner - (no file)
--
End of file - 7756 bytes
-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------
backup-20070814-093144-582 O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
backup-20070814-122209-307 O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
backup-20070814-122209-352 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
backup-20070814-122209-780 O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
backup-20070814-123636-104 O2 - BHO: Farstone Popup Blocker - {E22F9B9D-1A1F-473E-BED6-D8BC152441F4} - C:\PROGRA~1\PCSECU~2\THESHI~1\FARPOP~1.DLL
backup-20070814-123636-169 O2 - BHO: Farstone Url Blocker - {316AEF8D-3C37-423E-9E6E-13820A9DC37A} - C:\PROGRA~1\PCSECU~2\THESHI~1\IrlOnIE.dll
backup-20070814-123636-287 O2 - BHO: IEHlprObj Class - {ABCDECF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\system32\vtr212.dll
backup-20070814-123636-302 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
backup-20070814-123636-358 O4 - HKUS\S-1-5-21-1202660629-1409082233-839522115-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
backup-20070814-123636-405 O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
backup-20070814-123636-500 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
backup-20070814-123636-648 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
backup-20070814-123636-834 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
backup-20070814-123636-928 O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
backup-20070814-152750-948 O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe
backup-20070814-152828-125 O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe
backup-20070815-122002-177 O4 - HKUS\S-1-5-21-1202660629-1409082233-839522115-1003\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S (User '?')
backup-20070815-122002-782 O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
backup-20070815-122002-992 O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
backup-20070820-103333-200 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
backup-20070820-103333-365 O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
backup-20070820-103333-543 F3 - REG:win.ini: load=????
backup-20070820-103333-632 O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
backup-20070820-103333-645 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
backup-20070820-103333-729 F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe
backup-20070820-103333-865 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
backup-20070820-110806-208 O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
backup-20070820-110806-368 F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe
backup-20070820-110806-813 O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
3 cmudax (C-Media High Definition Audio Interface) - system32\drivers\cmudax.sys (file missing)
3 FarStoneFireWallDrive - c:\windows\system32\drivers\fardrive.sys
3 GMSIPCI - d:\install\gmsipci.sys (file missing)
3 HdAudAddService (Microsoft UAA Function Driver for High Definition Audio Service) - system32\drivers\hdaudio.sys (file missing)
3 HDAudBus (Microsoft UAA Bus Driver for High Definition Audio) - system32\drivers\hdaudbus.sys (file missing)
3 NTACCESS - d:\ntaccess.sys (file missing)
3 s3chipid - c:\docume~1\user\locals~1\temp\s3chipid.sys (file missing)
3 SetupNTGLM7X - d:\ntglm7x.sys (file missing)
3 viagfx - system32\drivers\vtmini.sys (file missing)
3 VRcore - c:\windows\system32\drivers\vrcore.sys <Not Verified; HAURI, Inc. 1998-2003; >
3 VRFIL - c:\windows\system32\drivers\vrfil.sys <Not Verified; HAURI; VR Filter for Windows NT/2K/XP>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
2 aawservice (Ad-Aware 2007 Service) - c:\program files\lavasoft\ad-aware 2007\aawservice.exe
2 EZUpdateService (ATP EZUpdate Service) - c:\program files\atp\navigator\ezupdateservice.exe <Not Verified; Aircraft Technical Publishers; EZ Update>
3 hpqcxs08 - c:\windows\system32\svchost.exe
2 hpqddsvc (HP CUE DeviceDiscovery Service) - c:\windows\system32\svchost.exe
2 Net Driver HPZ12 - c:\windows\system32\svchost.exe
2 NWCWorkstation (Client Service for NetWare) - c:\windows\system32\svchost.exe
-- Device Manager: Disabled ----------------------------------------------------
Unable to create WMI object.
-- Scheduled Tasks -------------------------------------------------------------
2007-08-17 17:00:00 436 --a------ C:\WINDOWS\Tasks\RegCure Program Check.job
2007-08-17 12:05:00 306 --a------ C:\WINDOWS\Tasks\WebReg Photosmart C4200 series.job
2007-08-17 08:57:00 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2007-08-17 03:30:00 408 --a------ C:\WINDOWS\Tasks\RegistryBot Scheduled Scan.job
2007-08-17 03:00:00 370 --a------ C:\WINDOWS\Tasks\RegCure.job
-- Files created between 2007-07-20 and 2007-08-20 -----------------------------
2007-08-20 09:32:32 0 d-------- C:\Downloads
2007-08-20 09:32:32 0 d-------- C:\Documents and Settings\User\Application Data\GetRightToGo
2007-08-20 08:16:01 0 dr-h----- C:\Documents and Settings\User\Recent
2007-08-17 16:54:06 0 d-------- C:\movedfiles
2007-08-17 16:36:52 14848 --a------ C:\WINDOWS\system32\WinAvXX.exe <Not Verified; Microsoft Co; Anvivirus Application>
2007-08-16 13:10:20 0 d-------- C:\Program Files\Alwil Software
2007-08-15 16:39:34 0 d-------- C:\Documents and Settings\User\.housecall6.6
2007-08-14 16:06:16 0 d-------- C:\Documents and Settings\User\Application Data\Uniblue
2007-08-14 16:06:11 0 d-------- C:\Program Files\Uniblue
2007-08-14 09:57:45 0 d-------- C:\Documents and Settings\User\Application Data\Grisoft
2007-08-14 09:57:35 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-08-14 09:53:51 0 d-------- C:\Program Files\RogueRemover FREE
2007-08-13 15:32:34 179 --a------ C:\handle.dat
2007-08-13 12:03:08 0 d-------- C:\WINDOWS\DED53B0BB67C4244AE6AD6FD3C28D1EF.TMP
2007-08-13 12:01:22 0 d-------- C:\Program Files\Lavasoft
2007-08-09 12:44:04 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-08-09 12:43:24 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-08-09 10:09:55 0 d-------- C:\Linkone
2007-08-09 10:09:52 0 d-------- C:\Program Files\Mincom
2007-08-09 09:41:07 0 d-------- C:\Documents and Settings\User\Application Data\Mincom
2007-08-09 09:41:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Mincom
2007-08-08 16:51:13 0 d-------- C:\Program Files\ACW
2007-08-08 12:20:53 0 d-------- C:\Documents and Settings\User\Application Data\RegistryBot
2007-08-07 19:51:27 0 d-------- C:\WINDOWS\setupupd
2007-08-07 18:30:36 53353 --a------ C:\WINDOWS\system\zip.dll
2007-08-07 18:30:36 53248 --a------ C:\WINDOWS\system\wtvh.dll
2007-08-07 18:30:36 73728 --a------ C:\WINDOWS\system\wtmulti.dll <Not Verified; WildTangent, Inc.; WildTangent Multiplayer>
2007-08-07 18:30:36 57344 --a------ C:\WINDOWS\system\WTHostCtl.dll <Not Verified; WildTangent; WTHostCtl Module>
2007-08-07 18:30:36 77885 --a------ C:\WINDOWS\system\WT12uien.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:36 45116 --a------ C:\WINDOWS\system\WT12SPWP.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:36 53308 --a------ C:\WINDOWS\system\WT12SPTP.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:36 114748 --a------ C:\WINDOWS\system\WT12SPML.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:36 28732 --a------ C:\WINDOWS\system\WT12spls.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:36 53308 --a------ C:\WINDOWS\system\WT12sphs.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:36 823352 --a------ C:\WINDOWS\system\WT12LI.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:36 53309 --a------ C:\WINDOWS\system\WT12ldzu.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:36 32829 --a------ C:\WINDOWS\system\WT12LDXX.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:36 53309 --a------ C:\WINDOWS\system\WT12ldxh.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:36 41021 --a------ C:\WINDOWS\system\WT12LDTR.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:36 53309 --a------ C:\WINDOWS\system\WT12ldtn.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:36 61501 --a------ C:\WINDOWS\system\WT12LDSV.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:36 86077 --a------ C:\WINDOWS\system\WT12LDSU.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:36 53309 --a------ C:\WINDOWS\system\WT12LDST.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:36 57405 --a------ C:\WINDOWS\system\WT12LDSL.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:36 53309 --a------ C:\WINDOWS\system\WT12LDRU.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:36 53309 --a------ C:\WINDOWS\system\WT12LDPO.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:36 53309 --a------ C:\WINDOWS\system\WT12LDPL.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:36 41021 --a------ C:\WINDOWS\system\WT12LDNO.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:35 389181 --a------ C:\WINDOWS\system\WT12LDNL.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:35 53309 --a------ C:\WINDOWS\system\WT12LDIT.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:35 41021 --a------ C:\WINDOWS\system\WT12LDIS.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:35 53309 --a------ C:\WINDOWS\system\WT12LDGR.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:35 53309 --a------ C:\WINDOWS\system\WT12LDGA.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:35 307261 --a------ C:\WINDOWS\system\WT12LDFR.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:35 401469 --a------ C:\WINDOWS\system\WT12LDES.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:35 409661 --a------ C:\WINDOWS\system\WT12LDEN.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:35 65597 --a------ C:\WINDOWS\system\WT12LDDK.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:35 389181 --a------ C:\WINDOWS\system\WT12LDDE.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:35 61501 --a------ C:\WINDOWS\system\WT12LDCZ.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:35 53309 --a------ C:\WINDOWS\system\WT12LDCA.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:35 217149 --a------ C:\WINDOWS\system\Wt12ldaf.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:35 278528 --a------ C:\WINDOWS\system\WT12COD.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:34 71 --a------ C:\WINDOWS\system\wt3d.dll
2007-08-07 18:30:34 294970 --a------ C:\WINDOWS\system\WT12cbe.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:34 19456 --a------ C:\WINDOWS\system\WndFrame.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:34 98304 --a------ C:\WINDOWS\system\WireControl.dll <Not Verified; ; WireControl Module>
2007-08-07 18:30:34 57344 --a------ C:\WINDOWS\system\winman.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:34 393216 --a------ C:\WINDOWS\system\Win.dll <Not Verified; EarthLink, Inc.; EarthLink COmmon>
2007-08-07 18:30:34 712704 --a------ C:\WINDOWS\system\webdriver.dll <Not Verified; WildTangent, Inc.; WildTangent WebDriver>
2007-08-07 18:30:34 737280 --a------ C:\WINDOWS\system\wdengine.dll <Not Verified; WildTangent; WebDriver 3D Engine Library>
2007-08-07 18:30:34 20563 --a------ C:\WINDOWS\system\w2k_lsa_auth.dll
2007-08-07 18:30:34 57442 --a------ C:\WINDOWS\system\verify.dll
2007-08-07 18:30:34 159744 --a------ C:\WINDOWS\system\VBE6INTL.DLL <Not Verified; Microsoft Corporation; Visual Basic Environment>
2007-08-07 18:30:33 507904 --a------ C:\WINDOWS\system\Utils.dll <Not Verified; EarthLink, Inc.; EarthLink COmmon>
2007-08-07 18:30:33 26624 --a------ C:\WINDOWS\system\TxtSpyNT.dll <Not Verified; GTek technologies; GTek technologies TxtSpyNT>
2007-08-07 18:30:33 13824 --a------ C:\WINDOWS\system\TreeView.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:33 32256 --a------ C:\WINDOWS\system\tranenyp.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:33 16384 --a------ C:\WINDOWS\system\tooltip.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:33 24576 --a------ C:\WINDOWS\system\ToolBar.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:33 14336 --a------ C:\WINDOWS\system\TabCtrl.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:33 22528 --a------ C:\WINDOWS\system\Sysinfo.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:33 4096 --a------ C:\WINDOWS\system\svgrsrc.dll <Not Verified; Adobe Systems Inc.; Adobe SVG Viewer>
2007-08-07 18:30:33 10752 --a------ C:\WINDOWS\system\sversion.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:33 12288 --a------ C:\WINDOWS\system\SVEDiag.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:33 24576 --a------ C:\WINDOWS\system\SVE_NWR.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:33 77824 --a------ C:\WINDOWS\system\SVE_8023.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS Language Specific Resource Provider>
2007-08-07 18:30:32 1164800 --a------ C:\WINDOWS\system\SV21WR32.DLL <Not Verified; ViewPort Development AB; Synex ViewPort>
2007-08-07 18:30:32 110592 --a------ C:\WINDOWS\system\SPSRXUI.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System>
2007-08-07 18:30:32 22016 --a------ C:\WINDOWS\system\Speach.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:32 98304 --a------ C:\WINDOWS\system\Sound.dll <Not Verified; WildTangent, Inc.; WildTangent WebDriver>
2007-08-07 18:30:32 320512 --a------ C:\WINDOWS\system\SNBD6W9S.DLL <Not Verified; SnowBound; SnowBound Image Format Library/Windows NT>
2007-08-07 18:30:32 27136 --a------ C:\WINDOWS\system\slider.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:32 52736 --a------ C:\WINDOWS\system\sharedat.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:32 57344 --a------ C:\WINDOWS\system\SGML PlugIn.dll <Not Verified; Innotech Solutions Pty Ltd; LinkOne>
2007-08-07 18:30:31 655360 --a------ C:\WINDOWS\system\SetupKrn.dll <Not Verified; EarthLink, Inc.; EarthLink TotalAccess>
2007-08-07 18:30:31 282756 --a------ C:\WINDOWS\system\setup.dll <Not Verified; InstallShield Software Corporation; InstallShield (R)>
2007-08-07 18:30:31 20992 --a------ C:\WINDOWS\system\Scroll.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:31 28672 --a------ C:\WINDOWS\system\s8023ps.dll
2007-08-07 18:30:31 24576 --a------ C:\WINDOWS\system\s8023Pps.dll
2007-08-07 18:30:31 20579 --a------ C:\WINDOWS\system\rmi.dll
2007-08-07 18:30:31 106600 --a------ C:\WINDOWS\system\RegUtils.dll
2007-08-07 18:30:31 45568 --a------ C:\WINDOWS\system\RegComm.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:31 33280 --a------ C:\WINDOWS\system\Reg.dll <Not Verified; ; Reg Dynamic Link Library>
2007-08-07 18:30:31 24576 --a------ C:\WINDOWS\system\rDRM0302.dll <Not Verified; WildTangent Inc; WildTangent Inc DRM3>
2007-08-07 18:30:31 159744 --a------ C:\WINDOWS\system\rdriver.dll
2007-08-07 18:30:31 12288 --a------ C:\WINDOWS\system\PTBDiag.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:31 24576 --a------ C:\WINDOWS\system\PTB_NWR.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:31 86016 --a------ C:\WINDOWS\system\PTB_8023.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS Language Specific Resource Provider>
2007-08-07 18:30:31 86016 --a------ C:\WINDOWS\system\PNC802_3.dll <Not Verified; Intel(R) Corporation; Intel(R) Network Configuration Services>
2007-08-07 18:30:31 36352 --a------ C:\WINDOWS\system\plugdll.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:31 22528 --a------ C:\WINDOWS\system\playback.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:31 303104 --a------ C:\WINDOWS\system\PDF PlugIn.dll <Not Verified; Mincom Limited.; LinkOne>
2007-08-07 18:30:31 745472 --a------ C:\WINDOWS\system\PCM802_3.dll <Not Verified; Intel(R) Corporation; Intel(R) Network Configuration Services>
2007-08-07 18:30:30 499712 --a------ C:\WINDOWS\system\OWCI10.DLL <Not Verified; Microsoft Corporation; Microsoft Office XP>
2007-08-07 18:30:30 77824 --a------ C:\WINDOWS\system\OUPEng.dll
2007-08-07 18:30:30 168448 --a------ C:\WINDOWS\system\OSDiag.dll <Not Verified; ; OSDIAG Dynamic Link Library>
2007-08-07 18:30:30 32768 --a------ C:\WINDOWS\system\objpscnv.dll <Not Verified; InstallShield Software Corporation; InstallShield (R)>
2007-08-07 18:30:30 32768 --a------ C:\WINDOWS\system\objps8.dll <Not Verified; InstallShield Software Corporation; InstallShield (R)>
2007-08-07 18:30:30 32768 --a------ C:\WINDOWS\system\objps7.dll <Not Verified; InstallShield Software Corporation; InstallShield (R)>
2007-08-07 18:30:30 32768 --a------ C:\WINDOWS\system\objectps.dll <Not Verified; InstallShield Software Corporation; InstallShield (R)>
2007-08-07 18:30:30 155648 --a------ C:\WINDOWS\system\ObjectBundle.dll <Not Verified; WildTangent, Inc.; WildTangent WebDriver>
2007-08-07 18:30:30 28160 --a------ C:\WINDOWS\system\objctdll.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:30 177152 --a------ C:\WINDOWS\system\nsvplayx_vp5_mp3.dll <Not Verified; * * *; NsvPlayX ActiveX Control Module>
2007-08-07 18:30:30 32768 --a------ C:\WINDOWS\system\npWTHost.dll <Not Verified; WildTangent; WildTangent Netscape Webdriver Host>
2007-08-07 18:30:30 65636 --a------ C:\WINDOWS\system\NPOJI610.dll <Not Verified; JavaSoft / Sun Microsystems, Inc.; Java Plug-in>
2007-08-07 18:30:30 65636 --a------ C:\WINDOWS\system\NPJPI142.dll <Not Verified; JavaSoft / Sun Microsystems, Inc.; Java Plug-in>
2007-08-07 18:30:30 65636 --a------ C:\WINDOWS\system\NPJava32.dll <Not Verified; JavaSoft / Sun Microsystems, Inc.; Java Plug-in>
2007-08-07 18:30:30 65636 --a------ C:\WINDOWS\system\NPJava14.dll <Not Verified; JavaSoft / Sun Microsystems, Inc.; Java Plug-in>
2007-08-07 18:30:30 65636 --a------ C:\WINDOWS\system\NPJava13.dll <Not Verified; JavaSoft / Sun Microsystems, Inc.; Java Plug-in>
2007-08-07 18:30:30 65636 --a------ C:\WINDOWS\system\NPJava12.dll <Not Verified; JavaSoft / Sun Microsystems, Inc.; Java Plug-in>
2007-08-07 18:30:30 65636 --a------ C:\WINDOWS\system\NPJava11.dll <Not Verified; JavaSoft / Sun Microsystems, Inc.; Java Plug-in>
2007-08-07 18:30:30 12288 --a------ C:\WINDOWS\system\NORDiag.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:30 24576 --a------ C:\WINDOWS\system\NOR_NWR.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:30 77824 --a------ C:\WINDOWS\system\NOR_8023.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS Language Specific Resource Provider>
2007-08-07 18:30:30 12288 --a------ C:\WINDOWS\system\NLDDiag.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:30 28672 --a------ C:\WINDOWS\system\NLD_NWR.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:30 86016 --a------ C:\WINDOWS\system\NLD_8023.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS Language Specific Resource Provider>
2007-08-07 18:30:30 32869 --a------ C:\WINDOWS\system\nio.dll
2007-08-07 18:30:30 43008 --a------ C:\WINDOWS\system\niceeff.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:30 12288 --a------ C:\WINDOWS\system\NetClose.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:30 57444 --a------ C:\WINDOWS\system\net.dll
2007-08-07 18:30:30 31744 --a------ C:\WINDOWS\system\MultiZip.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:29 24576 --a------ C:\WINDOWS\system\msddsui.dll <Not Verified; Microsoft Corporation; Microsoft Development Environment>
2007-08-07 18:30:29 22528 --a------ C:\WINDOWS\system\mscorsecr.dll <Not Verified; Microsoft Corporation; Microsoft .NET Framework>
2007-08-07 18:30:29 41472 --a------ C:\WINDOWS\system\mouse.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:29 32768 --a------ C:\WINDOWS\system\menu.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:29 53760 --a------ C:\WINDOWS\system\MDT2QDUI.DLL <Not Verified; Microsoft Corporation; Microsoft Design Tools>
2007-08-07 18:30:29 64272 --a------ C:\WINDOWS\system\MDT2FWUI.DLL <Not Verified; Microsoft Corporation; Microsoft Design Tools>
2007-08-07 18:30:29 14336 --a------ C:\WINDOWS\system\MDT2DDUI.DLL <Not Verified; Microsoft Corporation; Microsoft Design Tools>
2007-08-07 18:30:29 56832 --a------ C:\WINDOWS\system\MDT2DBUI.DLL <Not Verified; Microsoft Corporation; Microsoft Design Tools>
2007-08-07 18:30:29 221184 --a------ C:\WINDOWS\system\MDPlugin.dll <Not Verified; Musicmatch, Inc.; Dell DJ plug-in for Musicmatch Jukebox>
2007-08-07 18:30:29 192512 --a------ C:\WINDOWS\system\mainrENU.dll <Not Verified; ; MainrENU Dynamic Link Library>
2007-08-07 18:30:29 64512 --a------ C:\WINDOWS\system\MacroFuncs.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:29 31232 --a------ C:\WINDOWS\system\listview.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:29 16896 --a------ C:\WINDOWS\system\Let.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:29 23552 --a------ C:\WINDOWS\system\LangMan.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:29 12288 --a------ C:\WINDOWS\system\KORDiag.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:29 20480 --a------ C:\WINDOWS\system\KOR_NWR.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:29 49152 --a------ C:\WINDOWS\system\KOR_8023.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS Language Specific Resource Provider>
2007-08-07 18:30:29 18432 --a------ C:\WINDOWS\system\Keyboard.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:28 1208439 --a------ C:\WINDOWS\system\jvm.dll
2007-08-07 18:30:28 139373 --a------ C:\WINDOWS\system\jsound.dll
2007-08-07 18:30:28 12288 --a------ C:\WINDOWS\system\JPNDiag.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:28 20480 --a------ C:\WINDOWS\system\JPN_NWR.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:28 49152 --a------ C:\WINDOWS\system\JPN_8023.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS Language Specific Resource Provider>
2007-08-07 18:30:28 73832 --a------ C:\WINDOWS\system\jpishare.dll <Not Verified; ; Java Plug-in>
2007-08-07 18:30:28 86116 --a------ C:\WINDOWS\system\jpinsp.dll <Not Verified; JavaSoft / Sun Microsystems, Inc.; Java Plug-in>
2007-08-07 18:30:28 45156 --a------ C:\WINDOWS\system\jpins7.dll
2007-08-07 18:30:28 41060 --a------ C:\WINDOWS\system\jpins6.dll
2007-08-07 18:30:28 28772 --a------ C:\WINDOWS\system\jpins4.dll
2007-08-07 18:30:28 94312 --a------ C:\WINDOWS\system\jpiexp32.dll <Not Verified; JavaSoft / Sun Microsystems; JavaSoft / Sun Microsystems -- Java(TM) Plug-in>
2007-08-07 18:30:28 82024 --a------ C:\WINDOWS\system\jpicom32.dll <Not Verified; ; JPICom Module>
2007-08-07 18:30:28 122981 --a------ C:\WINDOWS\system\jpeg.dll
2007-08-07 18:30:28 102494 --a------ C:\WINDOWS\system\jdwp.dll
2007-08-07 18:30:28 24576 --a------ C:\WINDOWS\system\jDRM0302.dll <Not Verified; WildTangent Inc; WildTangent Inc DRM3>
2007-08-07 18:30:28 167936 --a------ C:\WINDOWS\system\jdriver.dll
2007-08-07 18:30:28 49267 --a------ C:\WINDOWS\system\JdbcOdbc.dll
2007-08-07 18:30:28 61533 --a------ C:\WINDOWS\system\jcov.dll
2007-08-07 18:30:28 20581 --a------ C:\WINDOWS\system\jawt.dll
2007-08-07 18:30:28 36864 --a------ C:\WINDOWS\system\javawspl.dll
2007-08-07 18:30:28 139264 --a------ C:\WINDOWS\system\JavaWebStart.dll <Not Verified; Sun Microsystems, Inc.; JavaWebStart Module>
2007-08-07 18:30:28 98408 --a------ C:\WINDOWS\system\java.dll
2007-08-07 18:30:28 20600 --a------ C:\WINDOWS\system\jaas_nt.dll
2007-08-07 18:30:28 172032 --a------ C:\WINDOWS\system\IUserCnv.dll <Not Verified; InstallShield Software Corporation; InstallShield (R)>
2007-08-07 18:30:28 176128 --a------ C:\WINDOWS\system\iuser.dll <Not Verified; InstallShield Software Corporation; InstallShield (R)>
2007-08-07 18:30:27 188416 --a------ C:\WINDOWS\system\IUser8.dll <Not Verified; InstallShield Software Corporation; InstallShield (R)>
2007-08-07 18:30:27 188416 --a------ C:\WINDOWS\system\IUser7.dll <Not Verified; InstallShield Software Corporation; InstallShield (R)>
2007-08-07 18:30:27 135168 --a------ C:\WINDOWS\system\ITNGRAM.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System>
2007-08-07 18:30:27 12288 --a------ C:\WINDOWS\system\ITADiag.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:27 28672 --a------ C:\WINDOWS\system\ITA_NWR.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:27 90112 --a------ C:\WINDOWS\system\ITA_8023.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS Language Specific Resource Provider>
2007-08-07 18:30:27 409600 --a------ C:\WINDOWS\system\ISRT.dll <Not Verified; InstallShield Software Corporation; InstallShield (R)>
2007-08-07 18:30:27 237568 --a------ C:\WINDOWS\system\IScript8.dll <Not Verified; InstallShield Software Corporation; InstallShield (R)>
2007-08-07 18:30:27 233472 --a------ C:\WINDOWS\system\IScript7.dll <Not Verified; InstallShield Software Corporation; InstallShield (R)>
2007-08-07 18:30:27 237568 --a------ C:\WINDOWS\system\iscript.dll <Not Verified; InstallShield Software Corporation; InstallShield (R)>
2007-08-07 18:30:27 266240 --a------ C:\WINDOWS\system\IScrCnv.dll <Not Verified; InstallShield Software Corporation; InstallShield (R)>
2007-08-07 18:30:27 24704 --a------ C:\WINDOWS\system\ioser12.dll
2007-08-07 18:30:26 696320 --a------ C:\WINDOWS\system\iKernel.dll <Not Verified; InstallShield Software Corporation; InstallShield (R)>
2007-08-07 18:30:26 110592 --a------ C:\WINDOWS\system\IGLZW.dll <Not Verified; AccuSoft Corporation; AccuSoft ImageGear>
2007-08-07 18:30:26 180224 --a------ C:\WINDOWS\system\iGdiCnv.dll <Not Verified; InstallShield Software Corporation; InstallShield (R)>
2007-08-07 18:30:26 163972 --a------ C:\WINDOWS\system\iGdi.dll <Not Verified; InstallShield Software Corporation; InstallShield (R)>
2007-08-07 18:30:26 413696 --a------ C:\WINDOWS\system\iANS8023.dll <Not Verified; Intel(R) Corporation; Intel(R) Network Configuration Services>
2007-08-07 18:30:26 266240 --a------ C:\WINDOWS\system\HTML PlugIn.dll <Not Verified; Mincom Limited.; LinkOne>
2007-08-07 18:30:25 1963008 --a------ C:\WINDOWS\system\hpzui3xu.dll <Not Verified; Hewlett-Packard Corporation; HP UI>
2007-08-07 18:30:24 2954752 --a------ C:\WINDOWS\system\hpzst3xu.dll <Not Verified; Hewlett-Packard Corporation; HP LaserJet Generic String Table>
2007-08-07 18:30:24 557056 --a------ C:\WINDOWS\system\hpzss3xu.dll <Not Verified; Hewlett-Packard Corporation; HP LaserJet Services String Table>
2007-08-07 18:30:22 72192 --a------ C:\WINDOWS\system\hpzpr3xu.dll <Not Verified; Hewlett Packard Corporation; HP Print Preview>
2007-08-07 18:30:21 515584 --a------ C:\WINDOWS\system\hpzev3xu.dll <Not Verified; Hewlett-Packard Corporation; HP Doc Event Dialogs>
2007-08-07 18:30:20 1055232 --a------ C:\WINDOWS\system\hpz3r3xu.dll <Not Verified; Hewlett Packard Corporation; HP PCL 3 Render>
2007-08-07 18:30:20 1264640 --a------ C:\WINDOWS\system\hpz3a3xu.dll <Not Verified; Hewlett-Packard Corporation; Hewlett-Packard Corporation DeskJet Services>
2007-08-07 18:30:20 49247 --a------ C:\WINDOWS\system\hprof.dll
2007-08-07 18:30:20 28780 --a------ C:\WINDOWS\system\hpi.dll
2007-08-07 18:30:20 16384 --a------ C:\WINDOWS\system\hpfrs3xu.dll <Not Verified; Hewlett-Packard Company; HP Printing System for Windows>
2007-08-07 18:30:17 7718400 --a------ C:\WINDOWS\system\hpfig3xu.dll <Not Verified; Hewlett-Packard Company; HP DeskJet>
2007-08-07 18:30:17 177152 --a------ C:\WINDOWS\system\hpfie3xu.dll <Not Verified; Hewlett-Packard Company; HP DeskJet>
2007-08-07 18:30:17 659456 --a------ C:\WINDOWS\system\hpcdmc32.dll <Not Verified; HP; DMC>
2007-08-07 18:30:16 1323008 --a------ C:\WINDOWS\system\hpbcfgre.dll <Not Verified; ; hpbcfgre Dynamic Link Library>
2007-08-07 18:30:16 53760 --a------ C:\WINDOWS\system\hooks.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:16 24576 --a------ C:\WINDOWS\system\Hm8023ps.dll
2007-08-07 18:30:16 72704 --a------ C:\WINDOWS\system\HHSETUP.DLL <Not Verified; Microsoft Corporation; HTML Help hhsetup>
2007-08-07 18:30:16 434176 --a------ C:\WINDOWS\system\HamPci.dll <Not Verified; Intel(R) Corporation; Intel(R) Network Configuration Services>
2007-08-07 18:30:16 33280 --a------ C:\WINDOWS\system\glftypes.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:16 15872 --a------ C:\WINDOWS\system\glfman.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:15 1847296 --a------ C:\WINDOWS\system\gear12d.dll <Not Verified; AccuSoft Corporation; AccuSoft ImageGear>
2007-08-07 18:30:15 12288 --a------ C:\WINDOWS\system\FRADiag.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:15 28672 --a------ C:\WINDOWS\system\FRA_NWR.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:15 90112 --a------ C:\WINDOWS\system\FRA_8023.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS Language Specific Resource Provider>
2007-08-07 18:30:13 450669 --a------ C:\WINDOWS\system\FP4AWEC.DLL <Not Verified; Microsoft Corporation; Microsoft® FrontPage® 2000>
2007-08-07 18:30:13 65645 --a------ C:\WINDOWS\system\FP4ANWI.DLL <Not Verified; Microsoft Corporation; Microsoft® FrontPage® 2000>
2007-08-07 18:30:12 327800 --a------ C:\WINDOWS\system\fontmanager.dll
2007-08-07 18:30:12 12288 --a------ C:\WINDOWS\system\FINDiag.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:12 24576 --a------ C:\WINDOWS\system\FIN_NWR.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:12 77824 --a------ C:\WINDOWS\system\FIN_8023.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS Language Specific Resource Provider>
2007-08-07 18:30:12 12288 --a------ C:\WINDOWS\system\filedll.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:12 61536 --a------ C:\WINDOWS\system\eula.dll <Not Verified; Sun Microsystems, Inc.; EULA Module>
2007-08-07 18:30:12 12288 --a------ C:\WINDOWS\system\ESNDiag.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:12 28672 --a------ C:\WINDOWS\system\ESN_NWR.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:12 90112 --a------ C:\WINDOWS\system\ESN_8023.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS Language Specific Resource Provider>
2007-08-07 18:30:12 139264 --a------ C:\WINDOWS\system\ENUTSTPP.DLL <Not Verified; Lernout & Hauspie Speech Products; L&H TTS3000 ENU for SAPI5>
2007-08-07 18:30:12 827392 --a------ C:\WINDOWS\system\ENUTG2P.DLL <Not Verified; Lernout & Hauspie Speech Products; L&H TTS3000 ENU for SAPI5>
2007-08-07 18:30:12 348160 --a------ C:\WINDOWS\system\ENUTEMPP.DLL <Not Verified; Lernout & Hauspie Speech Products; L&H TTS3000 ENU for SAPI5>
2007-08-07 18:30:11 573440 --a------ C:\WINDOWS\system\ENUT11M1.DLL <Not Verified; Lernout & Hauspie Speech Products; L&H TTS3000 ENU for SAPI5>
2007-08-07 18:30:11 561152 --a------ C:\WINDOWS\system\ENUT11F1.DLL <Not Verified; Lernout & Hauspie Speech Products; L&H TTS3000 ENU for SAPI5>
2007-08-07 18:30:11 180224 --a------ C:\WINDOWS\system\ENUPCMRs.dll <Not Verified; Intel(R) Corporation; Intel(R) Network Configuration Services>
2007-08-07 18:30:11 12288 --a------ C:\WINDOWS\system\EnuDiag.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:11 24576 --a------ C:\WINDOWS\system\ENU_NWR.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:11 73728 --a------ C:\WINDOWS\system\enu_8023.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS Language Specific Resource Provider>
2007-08-07 18:30:11 41984 --a------ C:\WINDOWS\system\Ecrypt.dll <Not Verified; EarthLink, Inc.; EarthLink TotalAccess>
2007-08-07 18:30:11 147456 --a------ C:\WINDOWS\system\E60Cmmon.dll <Not Verified; EarthLink, Inc.; EarthLink COmmon>
2007-08-07 18:30:11 65536 --a------ C:\WINDOWS\system\dx7drv.dll <Not Verified; WildTangent, Inc.; WildTangent WebDriver>
2007-08-07 18:30:11 45056 --a------ C:\WINDOWS\system\dx5drv.dll <Not Verified; WildTangent, Inc.; WildTangent WebDriver>
2007-08-07 18:30:11 20584 --a------ C:\WINDOWS\system\dt_socket.dll
2007-08-07 18:30:11 24678 --a------ C:\WINDOWS\system\dt_shmem.dll
2007-08-07 18:30:11 21504 --a------ C:\WINDOWS\system\DRM0302.dll <Not Verified; WildTangent, Inc.; DRM3 Module>
2007-08-07 18:30:11 21504 --a------ C:\WINDOWS\system\DllsPlug.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:11 413696 --a------ C:\WINDOWS\system\Dev8023.dll <Not Verified; Intel(R) Corporation; Intel(R) Network Configuration Services>
2007-08-07 18:30:10 12288 --a------ C:\WINDOWS\system\DEUDiag.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:10 28672 --a------ C:\WINDOWS\system\DEU_NWR.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:10 86016 --a------ C:\WINDOWS\system\DEU_8023.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS Language Specific Resource Provider>
2007-08-07 18:30:10 16384 --a------ C:\WINDOWS\system\defwind.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:10 139364 --a------ C:\WINDOWS\system\dcpr.dll
2007-08-07 18:30:10 49664 --a------ C:\WINDOWS\system\dbase.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:10 12288 --a------ C:\WINDOWS\system\DANDiag.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:10 24576 --a------ C:\WINDOWS\system\DAN_NWR.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:10 77824 --a------ C:\WINDOWS\system\DAN_8023.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS Language Specific Resource Provider>
2007-08-07 18:30:10 77824 --a------ C:\WINDOWS\system\ctor.dll <Not Verified; InstallShield Software Corporation; InstallShield (R)>
2007-08-07 18:30:10 45056 --a------ C:\WINDOWS\system\CSOF.DLL <Not Verified; Microsoft Corporation; Microsoft Office>
2007-08-07 18:30:10 1466436 --a------ C:\WINDOWS\system\CrlWTC112.dll <Not Verified; Corel Corporation; CorelDRAW(R)>
2007-08-07 18:30:09 49221 --a------ C:\WINDOWS\system\CODAC.dll <Not Verified; Corel Corporation; Corel Writing Tools>
2007-08-07 18:30:09 139363 --a------ C:\WINDOWS\system\cmm.dll
2007-08-07 18:30:09 80384 --a------ C:\WINDOWS\system\Cloak.dll <Not Verified; GTek Technologies Ltd.; GTCoach Cloak>
2007-08-07 18:30:09 12288 --a------ C:\WINDOWS\system\CHTDiag.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:09 16384 --a------ C:\WINDOWS\system\CHT_NWR.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:09 40960 --a------ C:\WINDOWS\system\CHT_8023.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS Language Specific Resource Provider>
2007-08-07 18:30:09 12288 --a------ C:\WINDOWS\system\CHSDiag.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:09 16384 --a------ C:\WINDOWS\system\CHS_NWR.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS WMI Resource Module>
2007-08-07 18:30:09 36864 --a------ C:\WINDOWS\system\CHS_8023.dll <Not Verified; Intel(R) Corporation; Intel(R) NCS Language Specific Resource Provider>
2007-08-07 18:30:09 18432 --a------ C:\WINDOWS\system\ChgRes.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:09 560628 --a------ C:\WINDOWS\system\CGMIMP.DLL <Not Verified; Microsoft Corporation; Microsoft Graphic Filters>
2007-08-07 18:30:08 709120 --a------ C:\WINDOWS\system\CGMIMP32.DLL <Not Verified; Microsoft Corporation; Microsoft Graphic Filters>
2007-08-07 18:30:07 335872 --a------ C:\WINDOWS\system\BVLUI.DLL <Not Verified; Microsoft; Financial Manager - Buy Vs Lease>
2007-08-07 18:30:07 118784 --a------ C:\WINDOWS\system\BVL.DLL <Not Verified; Microsoft; bvl>
2007-08-07 18:30:07 94312 --a------ C:\WINDOWS\system\axbridge.dll <Not Verified; JavaSoft / Sun Microsystems; JavaSoft / Sun Microsystems -- ActiveX bridge>
2007-08-07 18:30:07 950371 --a------ C:\WINDOWS\system\awt.dll
2007-08-07 18:30:07 49664 --a------ C:\WINDOWS\system\aolui.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:07 64000 --a------ C:\WINDOWS\system\Aol.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:06 131072 --a------ C:\WINDOWS\system\allwhook.dll <Not Verified; Gtek Tech.; Gtek Tech. allwhook>
2007-08-07 18:30:06 15360 --a------ C:\WINDOWS\system\allow.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:06 43008 --a------ C:\WINDOWS\system\advui.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:06 19968 --a------ C:\WINDOWS\system\AdpSys.dll <Not Verified; ; AdpSys Dynamic Link Library>
2007-08-07 18:30:06 20992 --a------ C:\WINDOWS\system\AdpAol.dll <Not Verified; ; AdpAol Dynamic Link Library>
2007-08-07 18:30:06 102400 --a------ C:\WINDOWS\system\actorobject.dll <Not Verified; WildTangent, Inc.; WildTangent WebDriver>
2007-08-07 18:30:06 27648 --a------ C:\WINDOWS\system\Action.dll <Not Verified; GTek Technologies Ltd.; GTCoach>
2007-08-07 18:30:06 6656 --a------ C:\WINDOWS\system\AcsRollbackRes.dll <Not Verified; America Online, Inc; AOL Connectivity Service>
2007-08-07 18:30:04 540772 --a------ C:\WINDOWS\system\_ISRES1033.dll <Not Verified; InstallShield Software Corporation; InstallShield (R)>
2007-08-07 11:57:32 0 d-------- C:\Documents and Settings\Administrator\Application Data\Macromedia
2007-08-07 11:57:08 0 d-------- C:\Documents and Settings\Administrator\.housecall6.6
2007-08-07 11:35:21 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sun
2007-08-03 17:54:39 0 d-------- C:\{80005DCA-0000-0000-6F90-BA71B0C1B84C}
2007-08-03 15:48:49 0 d-------- C:\Program Files\Windows Live Safety Center
2007-08-03 09:11:38 0 d-------- C:\Documents and Settings\Administrator\Application Data\Lavasoft
2007-08-03 06:12:02 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2007-08-03 06:12:00 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2007-08-03 06:12:00 0 dr------- C:\Documents and Settings\Administrator\My Documents
2007-08-03 06:12:00 0 d-------- C:\Documents and Settings\Administrator\Desktop
2007-08-03 06:11:59 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2007-08-03 06:11:59 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2007-08-03 06:11:59 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2007-08-03 06:11:59 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2007-08-03 06:10:32 0 d-------- C:\0dc24fbde12ecb896d755993959b
2007-08-02 16:23:17 0 d-------- C:\Documents and Settings\Administrator\Application Data\HP
2007-08-02 16:20:03 0 dr------- C:\Documents and Settings\Administrator\Favorites <FAVORI~1>
2007-08-02 16:20:03 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2007-08-02 16:20:03 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2007-08-02 16:20:03 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2007-08-02 16:20:02 0 d--h----- C:\Documents and Settings\Administrator\Templates
2007-08-02 16:20:02 1048576 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2007-08-02 16:20:02 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2007-08-02 14:01:04 886519 --a------ C:\SmitfraudFix.exe
2007-08-02 13:56:39 3048 --a------ C:\WINDOWS\system32\tmp.reg
2007-08-02 13:53:56 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2007-08-02 13:53:55 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified;
http://www.beyondlogic.org; Command Line Process Utility>
2007-08-02 13:45:35 0 d-------- C:\Program Files\Common Files\Download Manager
2007-08-02 11:45:01 0 d-------- C:\Program Files\Trend Micro
2007-08-02 11:15:22 0 d-------- C:\Program Files\NoAdware5.0
2007-08-01 10:28:52 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
-- Find3M Report ---------------------------------------------------------------
2007-08-20 09:29:52 0 d-------- C:\Documents and Settings\User\Application Data\Image Zone Express
2007-08-17 16:26:07 129778 --a------ C:\WINDOWS\hpoins13.dat
2007-08-14 12:38:06 0 d-------- C:\Program Files\RegCure
2007-08-09 12:43:24 0 d-------- C:\Program Files\Common Files
2007-08-09 12:39:52 0 d-------- C:\Documents and Settings\User\Application Data\Lavasoft
2007-08-07 19:51:28 0 d-------- C:\Program Files\AWS
2007-08-07 19:49:33 0 d-------- C:\Program Files\3B Software
2007-08-03 12:31:50 0 d---s---- C:\Program Files\Common Files\Teknum Systems
2007-07-24 13:24:44 0 d-------- C:\Program Files\Windows Media Connect 2
2007-07-23 07:08:59 0 d-------- C:\Documents and Settings\User\Application Data\WeatherBug
2007-07-13 15:19:26 0 d-------- C:\Documents and Settings\User\Application Data\Printer Info Cache
2007-07-13 13:21:30 0 d-------- C:\Program Files\HP
2007-07-13 13:16:15 0 d-------- C:\Documents and Settings\User\Application Data\HP
2007-07-13 13:00:15 0 d-------- C:\Documents and Settings\User\Application Data\Preclick
2007-07-11 08:38:25 278528 --a------ C:\WINDOWS\system32\livesnth.dll <Not Verified; LiveUpdate; LiveSynth>
2007-06-27 13:04:45 0 d-------- C:\Program Files\Hewlett-Packard
2007-06-21 12:01:15 0 d-------- C:\Program Files\Common Files\Sonic Shared
2007-06-21 12:00:34 0 d-------- C:\Program Files\Common Files\HP
2007-06-21 11:56:30 0 d-------- C:\Program Files\Common Files\Hewlett-Packard
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" [11/09/2006 04:07 PM]
"SoundMan"="SOUNDMAN.EXE" [09/22/2005 04:42 AM C:\WINDOWS\soundman.exe]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [07/09/2001 12:50 PM]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [03/04/2004 10:46 AM]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [12/10/2006 09:52 PM]
"High Definition Audio Property Page Shortcut"="C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\HDAudPropShortcut.exe" [03/17/2004 05:10 PM]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [06/07/2005 12:46 AM]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [06/11/2007 05:25 AM]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [07/27/2007 06:03 PM]
"WinAVX"="C:\WINDOWS\system32\WinAvXX.exe" [08/01/2007 10:28 AM]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 08:00 AM]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [10/18/2006 08:05 PM]
"HijackThis startup scan"="C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" [08/02/2007 11:45 AM]
"WinAVX"="C:\WINDOWS\system32\WinAvXX.exe" [08/01/2007 10:28 AM]
C:\Documents and Settings\User\Start Menu\Programs\Startup\
system.exe [8/1/2007 10:28:02 AM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [3/20/2007 9:16:38 AM]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/23/2005 11:05:26 PM]
autorun.exe [8/1/2007 10:28:02 AM]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [1/2/2007 9:40:10 PM]
HP Photosmart Premier Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [12/15/2005 1:00:54 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=1 (0x1)
"HideStartupScripts"=0 (0x0)
"HideShutdownScripts"=0 (0x0)
"RunStartupScriptSync"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoControlPanel"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoControlPanel"=1 (0x1)
"NoWindowsUpdate"=1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoWindowsUpdate"=1 (0x1)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 nwprovau
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt hpqcxs08 hpqddsvc
-- Hosts -----------------------------------------------------------------------
192.168.200.3 ad.doubleclick.net
192.168.200.3 ad.fastclick.net
192.168.200.3 ads.fastclick.net
192.168.200.3 atdmt.com
192.168.200.3 awaps.net
192.168.200.3 banner.fastclick.net
192.168.200.3 banners.fastclick.net
192.168.200.3 click.atdmt.com
192.168.200.3 clicks.atdmt.com
192.168.200.3 engine.awaps.net
8 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2007-08-20 11:25:48 ------------
Deckard's System Scanner v20070819.64
Run by User on 2007-08-20 11:23:40
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Unable to create WMI object; The operation completed successfully.
Backed up registry hives.
Performed disk cleanup.
Total Physical Memory: 448 MiB (512 MiB recommended).
-- HijackThis (run as User.exe) ------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:24:58 AM, on 8/20/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\ATP\Navigator\EZUpdateService.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\WinAvXX.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Citrix\ICA Client\pnagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\User\Desktop\deckardsdss.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\User.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://www.yahoo.com
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\HDAudPropShortcut.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [HijackThis startup scan] C:\Program Files\Trend Micro\HijackThis\HijackThis.exe /startupscan
O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe
O4 - HKUS\S-1-5-21-1202660629-1409082233-839522115-1003\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-21-1202660629-1409082233-839522115-1003\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (User '?')
O4 - HKUS\S-1-5-21-1202660629-1409082233-839522115-1003\..\Run: [HijackThis startup scan] C:\Program Files\Trend Micro\HijackThis\HijackThis.exe /startupscan (User '?')
O4 - HKUS\S-1-5-21-1202660629-1409082233-839522115-1003\..\Run: [WinAVX] C:\WINDOWS\syst