|
|||||||
| Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs |
 |
|
|
Topic Tools |
|
#1
August 29th, 2008, 05:45 PM
|
|||
|
|||
|
Infected with R/Crypt.ULPM.Gen Trojan (Logs inside)
Hows it going friends? Alright so I went away and came back to this infection on my computer. Recently installed Avira so I could clean it. It detected all that mess you see at the bottom of the screen in the log file. But now like every 10-15 minutes a new process gets created in my system32 folder and it gets detected immediatly by Avira...so I say to delete and a new one comes back. Even trying to search the processes in google and nothing comes up about them. You can see the processes in the Avira list. I know there is some issue and would like some assistance in cleaning this up please. I am also pretty sure there is a corrupt version of Tune up utilities on here that randomly gives out errors and stuff. Thanks in advance.. The log file from Avira is rather large....but it has all the trojan information in it. I can wait till I get a response before I post it to avoid double posting. The trojan names are
TR/Exploit.Bytverify.A Trojan TR/Small.971264 Trojan TR/Crypt.ULPM.Gen Trojan HTML/Infected.WebPage.Gen HTML script virus the whole logfile with all details will be posted when you need it. Logfile of HijackThis v1.99.1 Scan saved at 12:38:45 PM, on 8/29/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\sm56hlpr.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCMTR.EXE C:\WINDOWS\ALCWZRD.EXE c:\windows\system\hpsysdrv.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...rm1=seconduser R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...rm1=seconduser R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...rm1=seconduser R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TY...rm1=seconduser O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - https://activatemydsl.verizon.net/sd...SL/tgctlcm.cab O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english...an_unicode.cab O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://home3.ca.com/PestPatrol/unibl...n/pestscan.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/res...lscbase370.cab O16 - DPF: {5F5F9FB8-878E-4455-95E0-F64B2314288A} (ijjiPlugin2 Class) - http://gamedownload.ijjimax.com/game...lugin11USA.cab O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM1 2.EXE O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe Last edited by PossibleOne; August 29th, 2008 at 05:50 PM. 
|
|
#2
August 29th, 2008, 09:36 PM
|
|||
|
|||
|
It may be that your internet cache has become infected and every time explorer restarts, it re-initialies the trojan. Google for a product called atf-cleaner and empty all temp files/folders , cookies, cache etc (select all). Then run PCtools antispyware and antivirus (free versions!) from www.pctools.com.
Let me know the results.
|
|
#3
August 30th, 2008, 12:31 AM
|
|||
|
|||
|
That response doesn't tell me anything that I don't already know. In addition, I am not going to put new software on my computer that I don't want, and/or having tools that would be equal or greater to pctools. I appreciate your help, but I have had Tom, and Acrobaze help me before so I will wait for their advice or another staff member.
Last edited by PossibleOne; August 30th, 2008 at 01:21 AM.
|
|
#4
August 31st, 2008, 03:43 AM
|
||||
|
||||
|
Hi BobWillcox. I am sure you are trying to help however because of past problems created by well meaning posts, we ask that only qualified Helpers post in this Forum. See the sticky topic Cyber Safety Forum Guidelines - Please Read .
Hi PossibleOne. I would like to see another type of log please and I may want to see the Avira log too but hold that for now. Download OldTimer's OTViewIt from here to your desktop,and doubleclick on OTViewIt.exe to start the scan. When the display opens place a check next to: Scan All Users Then click the Run Scan button to start the scan. Once that completes a textbox will open. Copy and paste the contents here for review please. The log can also be found on your desktop as OTViewIt.Txt. It will be a reasonably large log so you may have to divide the log into sections and make several posts to post it. Extras.txt will also be generated. Please post that log as well. Note - do not press any other buttons or make any other changes when running the scan.
|
|
#6
August 31st, 2008, 06:13 AM
|
|||
|
|||
|
Thanks for responding, AnnMarie.
I would also like to add that when my AV picks up a trojan it is only when someone is using IE 7. I personally use FireFox and have had no new additions. With that said, here is the log you requested. I would also like to add that I know my computer has a lot of files that have been deleted or anything like that since I had to clean this once before from a good bit of unwanted things. I can also see that from this scan. All of these things were once tried to be removed...I see there are remnants and would be more than willing to get them off completely. When we are finished I have a problem with a program as well but I will address that later.... OTViewIt logfile created on: 8/31/2008 1:04:46 AM - Run 1 OTViewIt by OldTimer - Version 1.0.1.7 Folder = C:\Documents and Settings\HP_Administrator\Desktop Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1015.29 Mb Total Physical Memory | 490.20 Mb Available Physical Memory | 48.28% Memory free 2.38 Gb Paging File | 1.98 Gb Available in Paging File | 83.24% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 178.30 Gb Total Space | 113.52 Gb Free Space | 63.67% Space Free | Partition Type: NTFS Drive D: | 8.00 Gb Total Space | 0.91 Gb Free Space | 11.42% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: YOUR-B27FB1C401 Current User Name: Possible Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Whitelist: On ===== Processes - Non-Microsoft Only ===== [06/08/2005 01:59 PM | 00,077,824 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\hkcmd.exe [06/08/2005 02:03 PM | 00,114,688 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\igfxpers.exe [09/28/2005 02:05 AM | 00,098,304 | ---- | M] (Apple Computer, Inc.) - C:\Program Files\QuickTime\qttask.exe [01/24/2005 05:56 AM | 00,544,768 | ---- | M] (Motorola Inc.) - C:\WINDOWS\sm56hlpr.exe [09/26/2007 12:51 AM | 00,066,872 | ---- | M] () - C:\WINDOWS\system32\PnkBstrA.exe [05/04/2005 01:01 PM | 02,805,248 | ---- | M] (RealTek Semicoductor Corp.) - C:\WINDOWS\ALCWZRD.EXE [06/08/2005 01:58 PM | 00,155,648 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\igfxsrvc.exe [08/28/2008 09:23 PM | 00,307,712 | ---- | M] (Mozilla Corporation) - C:\Program Files\Mozilla Firefox\firefox.exe ===== Win32 Services - Non-Microsoft Only ===== (iPodService) iPod Service [Disabled | Stopped] [05/05/2005 03:21 AM | 00,327,680 | ---- | M] (Apple Computer, Inc.) - C:\Program Files\iPod\bin\iPodService.exe (PnkBstrA) PnkBstrA [Auto | Running] [09/26/2007 12:51 AM | 00,066,872 | ---- | M] () - C:\WINDOWS\system32\PnkBstrA.exe (TuneUp.Defrag) TuneUp Drive Defrag Service [Disabled | Stopped] [04/06/2008 05:29 AM | 00,307,968 | ---- | M] (TuneUp Software GmbH) - C:\WINDOWS\system32\TuneUpDefragService.exe ===== Driver Services - Non-Microsoft Only ===== (ftsata2) ftsata2 [Boot | Stopped] File not found - C:\WINDOWS\system32\DRIVERS\ftsata2.sys (giveio) giveio [Boot | Running] [04/03/1996 03:33 PM | 00,005,248 | ---- | M] () - C:\WINDOWS\system32\giveio.sys (ialm) ialm [On_Demand | Running] [06/08/2005 02:27 PM | 01,050,140 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\drivers\ialmnt5.sys (iaStor) Intel RAID Controller [Boot | Running] [03/09/2005 09:09 PM | 00,870,912 | ---- | M] (Intel Corporation) - C:\WINDOWS\system32\drivers\iaStor.sys (ltmodem5) LT Modem Driver [On_Demand | Stopped] [08/04/2004 08:41 AM | 00,606,684 | ---- | M] (LT) - C:\WINDOWS\system32\drivers\ltmdmnt.sys (mbmiodrvr) mbmiodrvr [Auto | Running] [04/10/2004 09:42 AM | 00,002,944 | ---- | M] (cansoft@livewiredev.com) - C:\WINDOWS\system32\mbmiodrvr.sys (RTL8023xp) Realtek 10/100/1000 NIC Family all in one NDIS XP Driver [On_Demand | Running] [03/04/2005 02:10 PM | 00,074,496 | ---- | M] (Realtek Semiconductor Corporation ) - C:\WINDOWS\system32\drivers\Rtlnicxp.sys (rtl8139) Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver [On_Demand | Stopped] [08/04/2004 08:31 AM | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) - C:\WINDOWS\system32\drivers\RTL8139.sys (samhid) samhid [On_Demand | Stopped] [01/07/2006 12:09 PM | 00,007,548 | ---- | M] () - C:\WINDOWS\system32\drivers\Samhid.sys (smserial) smserial [On_Demand | Running] [01/25/2005 09:56 AM | 00,923,863 | ---- | M] (Motorola Inc.) - C:\WINDOWS\system32\drivers\smserial.sys (speedfan) speedfan [Boot | Running] [09/24/2006 09:28 AM | 00,005,248 | ---- | M] (Windows (R) 2000 DDK provider) - C:\WINDOWS\system32\speedfan.sys (sptd) sptd [Boot | Running] [10/22/2006 05:00 AM | 00,611,064 | ---- | M] () - C:\WINDOWS\system32\drivers\sptd.sys (XDva016) XDva016 [On_Demand | Stopped] File not found - C:\WINDOWS\system32\XDva016.sys (XDva024) XDva024 [On_Demand | Stopped] File not found - C:\WINDOWS\system32\XDva024.sys (XTrapD12) XTrapD12 [On_Demand | Stopped] File not found - C:\WINDOWS\system32\XTrapD12.sys ({DEF85C80-216A-43ab-AF70-1665EDBE2780}) {DEF85C80-216A-43ab-AF70-1665EDBE2780} [On_Demand | Stopped] File not found - C:\WINDOWS\TEMP\3E2.tmp ========== Run Keys ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run] "avgnt" = "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min [06/12/2008 02:28 PM | 00,266,497 | ---- | M] (Avira GmbH) "High Definition Audio Property Page Shortcut" = HDAShCut.exe [01/08/2005 03:07 AM | 00,061,952 | ---- | M] (Windows (R) Server 2003 DDK provider) "HotKeysCmds" = C:\WINDOWS\system32\hkcmd.exe [06/08/2005 01:59 PM | 00,077,824 | ---- | M] (Intel Corporation) "HP Software Update" = C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [05/08/2007 04:24 PM | 00,054,840 | ---- | M] (Hewlett-Packard) "HPBootOp" = "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run [02/26/2005 01:34 AM | 00,245,760 | ---- | M] (Hewlett-Packard Company) "HPHUPD08" = c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe [06/02/2005 02:35 AM | 00,049,152 | ---- | M] (Hewlett-Packard) "KBD" = C:\HP\KBD\KBD.EXE [02/02/2005 04:44 PM | 00,061,440 | ---- | M] (Hewlett-Packard Company) "Persistence" = C:\WINDOWS\system32\igfxpers.exe [06/08/2005 02:03 PM | 00,114,688 | ---- | M] (Intel Corporation) "QuickTime Task" = "C:\Program Files\QuickTime\qttask.exe" -atboottime [09/28/2005 02:05 AM | 00,098,304 | ---- | M] (Apple Computer, Inc.) "SMSERIAL" = sm56hlpr.exe [01/24/2005 05:56 AM | 00,544,768 | ---- | M] (Motorola Inc.) "SunJavaUpdateSched" = "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) "TkBellExe" = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot [04/12/2008 10:15 PM | 00,185,896 | ---- | M] (RealNetworks, Inc.) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = Reg Error: Value load does not exist or could not be read. "run" = Reg Error: Value run does not exist or could not be read. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. [HKEY_USERS\S-1-5-21-3168850613-2940384695-3104939514-1008\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "load" = "run" = Reg Error: Value run does not exist or could not be read. ========== Startup Folders ========== [Administrator Startup Folder - C:\Documents and Settings\Administrator\Start Menu\Programs\Startup] [All Users Startup Folder - C:\Documents and Settings\All Users\Start Menu\Programs\Startup] [Default User Startup Folder - C:\Documents and Settings\Default User\Start Menu\Programs\Startup] [HP_Administrator Startup Folder - C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup] ========== BHO's ========== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] HKLM CLSID: (Adobe PDF Reader Link Helper) - [12/18/2006 05:16 AM | 00,059,032 | ---- | M] (Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] HKLM CLSID: (RealPlayer Download and Record Plugin for Internet Explorer) - [04/12/2008 10:15 PM | 00,308,856 | ---- | M] (RealPlayer) C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] HKLM CLSID: (SSVHelper Class) - [02/22/2008 04:25 AM | 00,509,328 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll ========== Toolbars ========== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser] "{5CBE2611-C31B-401F-89BC-4CBB25E853D7}" HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened. [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened. [HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{54B1488E-4984-472F-B6AA-B83044D7CD90}" HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened. [HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{54B1488E-4984-472F-B6AA-B83044D7CD90}" HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened. [HKEY_USERS\S-1-5-21-3168850613-2940384695-3104939514-1008\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser] "{5CBE2611-C31B-401F-89BC-4CBB25E853D7}" HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened. [HKEY_USERS\S-1-5-21-3168850613-2940384695-3104939514-1008\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened. ========== AppInit_Dlls ========== ========== HKLM Security Providers ========== ========== HKLM Winlogon Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell] "explorer.exe" - [06/13/2007 06:23 AM | 01,033,216 | ---- | M] (Microsoft Corporation) C:\WINDOWS\explorer.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit] "C:\WINDOWS\system32\userinit.exe" - [08/10/2004 03:00 PM | 00,024,576 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\userinit.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost] "logonui.exe" - [08/10/2004 03:00 PM | 00,514,560 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\logonui.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet] "rundll32 shell32" - [10/25/2007 11:34 PM | 08,460,288 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll "Control_RunDLL "sysdm.cpl"" - [08/10/2004 03:00 PM | 00,298,496 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl ========== User's Winlogon Settings ========== ========== Winlogon Notify Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] "DllName" = C:\WINDOWS\system32\igfxdev.dll [06/08/2005 01:58 PM | 00,131,072 | ---- | M] (Intel Corporation) Last edited by PossibleOne; August 31st, 2008 at 06:22 AM.
|
|
#7
August 31st, 2008, 06:14 AM
|
|||
|
|||
|
========== Policies ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\policies\Explorer] Unable to open key or key not present! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\policies\System] "dontdisplaylastusername" = 0 "legalnoticecaption" = "legalnoticetext" = "shutdownwithoutlogon" = 1 "undockwithoutlogon" = 1 "InstallVisualStyle" = C:\WINDOWS\Resources\Themes\Royale\Royale.mss File not found "InstallTheme" = C:\WINDOWS\Resources\Themes\Royale.the File not found [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\policies\Explorer] "NoDriveTypeAutoRun" = 145 "NoBandCustomize" = 0 "NoMovingBands" = 0 "NoCloseDragDropBands" = 0 "NoSetTaskbar" = 0 "NoToolbarsOnTaskbar" = 0 "NoSaveSettings" = 0 "NoActiveDesktop" = 0 "ClassicShell" = 0 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\policies\System] [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\Cur rentVersion\policies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\Cur rentVersion\policies\System] Unable to open key or key not present! [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\System] Unable to open key or key not present! [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\System] Unable to open key or key not present! [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\Explorer] "NoDriveTypeAutoRun" = 145 [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\polic ies\System] Unable to open key or key not present! [HKEY_USERS\S-1-5-21-3168850613-2940384695-3104939514-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer] "NoDriveTypeAutoRun" = 145 "NoBandCustomize" = 0 "NoMovingBands" = 0 "NoCloseDragDropBands" = 0 "NoSetTaskbar" = 0 "NoToolbarsOnTaskbar" = 0 "NoSaveSettings" = 0 "NoActiveDesktop" = 0 "ClassicShell" = 0 [HKEY_USERS\S-1-5-21-3168850613-2940384695-3104939514-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System] ========== Lsa Authentication Packages ========== ========== Lsa Security Packages ========== ========== Desktop Components ========== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "FriendlyName" = "My Current Home Page" "Source" = "About:Home" "SubscribedURL" = "About:Home" ========== Safeboot Options ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot] "AlternateShell" = cmd.exe ========== Disabled MsConfig Items ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services] "TuneUp.Defrag" = 3 "LightScribeService" = 2 "iPodService" = 3 "Fax" = 3 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] "path" = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk File not found "backup" = C:\WINDOWS\pss\Adobe Reader Speed Launch.lnk File not found "location" = Common Startup "command" = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [09/23/2005 11:05 PM | 00,029,696 | ---- | M] (Adobe Systems Incorporated) "item" = Adobe Reader Speed Launch [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] "path" = C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk File not found "backup" = C:\WINDOWS\pss\HP Digital Imaging Monitor.lnk File not found "location" = Common Startup "command" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [05/12/2005 09:23 AM | 00,282,624 | ---- | M] (Hewlett-Packard Co.) "item" = HP Digital Imaging Monitor [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^HP_Administrator^Start Menu^Programs^Startup^Cyber-shot Viewer Media Check Tool.lnk] "path" = C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\Cyber-shot Viewer Media Check Tool.lnk File not found "backup" = C:\WINDOWS\pss\Cyber-shot Viewer Media Check Tool.lnk File not found "location" = Startup "command" = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [10/28/2005 03:12 PM | 00,155,648 | ---- | M] (Sony Corporation) "item" = Cyber-shot Viewer Media Check Tool [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] "key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run "item" = "hkey" = HKCU "command" = "inimapping" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Aim6] "key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run "item" = AOLLaunch "hkey" = HKCU "command" = C:\Program Files\Common Files\AOL\Launch\aollaunch.exe [12/15/2005 09:38 PM | 00,050,792 | ---- | M] (America Online, Inc.) "inimapping" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\googletalk] "key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run "item" = googletalk "hkey" = HKCU "command" = C:\Program Files\Google\Google Talk\googletalk.exe File not found "inimapping" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HostManager] "key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run "item" = AOLHostManager "hkey" = HKLM "command" = C:\Program Files\Common Files\AOL\1141872391\ee\AOLHostManager.exe [12/15/2005 09:38 PM | 00,013,416 | ---- | M] (America Online, Inc.) "inimapping" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSMSGS] "key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run "item" = msmsgs "hkey" = HKCU "command" = C:\Program Files\Messenger\msmsgs.exe [10/13/2004 07:24 PM | 01,694,208 | ---- | M] (Microsoft Corporation) "inimapping" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PCDrProfiler] "key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run "item" = "hkey" = HKLM "command" = "inimapping" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe] "key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run "item" = realsched "hkey" = HKLM "command" = C:\Program Files\Common Files\Real\Update_OB\realsched.exe [04/12/2008 10:15 PM | 00,185,896 | ---- | M] (RealNetworks, Inc.) "inimapping" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\updateMgr] "key" = SOFTWARE\Microsoft\Windows\CurrentVersion\Run "item" = AdobeUpdateManager "hkey" = HKCU "command" = C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [03/30/2006 05:45 PM | 00,313,472 | R--- | M] (Adobe Systems Incorporated) "inimapping" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state] "system.ini" = 0 "win.ini" = 0 "bootini" = 0 "services" = 2 "startup" = 2 ========== CDRom AutoRun Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Cdrom] "AutoRun" = 1 ========== Autorun Files on Drives ========== AUTOEXEC.BAT [PATH=%PATH%;C:\PROGRA~1\COMMON~1\MUVEET~1\030625 | PATH=%PATH%;C:\PROGRA~1\COMMON~1\MUVEET~1\030625 | ] [09/28/2005 02:09 AM | 00,000,100 | ---- | M] () C:\AUTOEXEC.BAT [ NTFS ] AUTOEXEC.BAT [] [07/28/2001 05:07 AM | 00,000,000 | -HS- | M] () D:\AUTOEXEC.BAT [ FAT32 ] Autorun.inf [[AUTORUN] | ShellExecute=Info.exe protect.ed 480 480 | ] [04/30/2004 09:01 PM | 00,000,053 | -HS- | M] () D:\Autorun.inf [ FAT32 ] ========== MountPoints2 ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{009a82f9-d3bc-11db-8dbc-0013d4e9e658}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{051d8e46-9750-11db-8db8-0013d4e9e658}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{af221b6f-bd0f-11db-8dba-0013d4e9e658}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{af221b75-bd0f-11db-8dba-0013d4e9e658}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{c7dea048-c1c8-11db-8dbb-0013d4e9e658}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{df4591b8-8279-11db-8db5-0013d4e9e658}\Shell] "" = None [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\MountPoints2\{e619c920-81a8-11db-8db4-0013d4e9e658}\Shell] "" = None ========== DNS Name Servers ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip\Parameters\Adapters\{24C35E9D-43DE-47B3-8C8D-C6AC403DF807}] Servers: | Description: Realtek RTL8139 Family PCI Fast Ethernet NIC [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip\Parameters\Adapters\{B43D45C4-246C-4B18-8A68-6B1D4349FF5E}] Servers: | Description: 1394 Net Adapter [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Tcpip\Parameters\Adapters\{F2EA6E95-22A4-4FA3-AC0B-59DAE1720471}] Servers: | Description: Realtek RTL8139/810x Family Fast Ethernet NIC ========== Hosts File ========== HOSTS File = (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts First 25 entries... 127.0.0.1 localhost
|
|
#8
August 31st, 2008, 06:15 AM
|
|||
|
|||
|
========== Files/Folders - Created Within 30 days ==========
[08/29/2008 05:31 PM | 00,004,639 | ---- | C] () - C:\WINDOWS\System32\dllcache\mplayer2.exe [08/29/2008 05:31 PM | 00,009,472 | ---- | C] () - C:\WINDOWS\System32\dllcache\ativmdcd.sys [08/29/2008 05:31 PM | 00,010,240 | ---- | C] () - C:\WINDOWS\System32\dllcache\atipcxxx.sys [08/29/2008 05:31 PM | 00,010,880 | ---- | C] (Aureal, Inc.) - C:\WINDOWS\System32\dllcache\admjoy.sys [08/29/2008 05:31 PM | 00,016,969 | ---- | C] (AmbiCom, Inc.) - C:\WINDOWS\System32\dllcache\amb8002.sys [08/29/2008 05:31 PM | 00,017,152 | ---- | C] () - C:\WINDOWS\System32\dllcache\atitunep.sys [08/29/2008 05:31 PM | 00,017,152 | ---- | C] () - C:\WINDOWS\System32\dllcache\atitvsnd.sys [08/29/2008 05:31 PM | 00,019,456 | ---- | C] () - C:\WINDOWS\System32\dllcache\ativttxx.sys [08/29/2008 05:31 PM | 00,020,160 | ---- | C] (ADMtek Incorporated) - C:\WINDOWS\System32\dllcache\adm8511.sys [08/29/2008 05:31 PM | 00,023,552 | ---- | C] () - C:\WINDOWS\System32\dllcache\atixbar.sys [08/29/2008 05:31 PM | 00,026,624 | ---- | C] () - C:\WINDOWS\System32\dllcache\ativxbar.sys [08/29/2008 05:31 PM | 00,026,880 | ---- | C] () - C:\WINDOWS\System32\dllcache\atirtsnd.sys [08/29/2008 05:31 PM | 00,036,128 | ---- | C] (3Dfx Interactive, Inc.) - C:\WINDOWS\System32\dllcache\banshee.sys [08/29/2008 05:31 PM | 00,036,992 | ---- | C] (Aztech Systems Ltd) - C:\WINDOWS\System32\dllcache\aztw2320.sys [08/29/2008 05:31 PM | 00,037,568 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\avmwan.sys [08/29/2008 05:31 PM | 00,046,112 | ---- | C] (Adaptec, Inc ) - C:\WINDOWS\System32\dllcache\adptsf50.sys [08/29/2008 05:31 PM | 00,046,464 | ---- | C] () - C:\WINDOWS\System32\dllcache\atibt829.sys [08/29/2008 05:31 PM | 00,049,920 | ---- | C] () - C:\WINDOWS\System32\dllcache\atirtcap.sys [08/29/2008 05:31 PM | 00,061,440 | ---- | C] (Color Flatbed Scanner) - C:\WINDOWS\System32\dllcache\acerscad.dll [08/29/2008 05:31 PM | 00,077,568 | ---- | C] (ATI Technologies, Inc.) - C:\WINDOWS\System32\dllcache\ati.sys [08/29/2008 05:31 PM | 00,084,480 | ---- | C] (VIA Technologies, Inc.) - C:\WINDOWS\System32\dllcache\ac97via.sys [08/29/2008 05:31 PM | 00,087,552 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\avmcoxp.dll [08/29/2008 05:31 PM | 00,089,952 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\b1cbase.sys [08/29/2008 05:31 PM | 00,096,256 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\dllcache\ac97intc.sys [08/29/2008 05:31 PM | 00,097,354 | ---- | C] (Bay Networks, Inc.) - C:\WINDOWS\System32\dllcache\aspndis3.sys [08/29/2008 05:31 PM | 00,098,304 | ---- | C] (Aureal Semiconductor) - C:\WINDOWS\System32\dllcache\a3d.dll [08/29/2008 05:31 PM | 00,144,384 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\avmenum.dll [08/29/2008 05:31 PM | 00,148,352 | ---- | C] (3dfx Interactive, Inc.) - C:\WINDOWS\System32\dllcache\3dfxvsm.sys [08/29/2008 05:31 PM | 00,297,728 | ---- | C] (Silicon Integrated Systems Corp.) - C:\WINDOWS\System32\dllcache\ac97sis.sys [08/29/2008 05:31 PM | 00,342,336 | ---- | C] (3Dfx Interactive, Inc.) - C:\WINDOWS\System32\dllcache\banshee.dll [08/29/2008 05:31 PM | 00,462,848 | ---- | C] (Aureal Inc.) - C:\WINDOWS\System32\dllcache\a3dapi.dll [08/29/2008 05:31 PM | 00,553,984 | ---- | C] (Aureal, Inc.) - C:\WINDOWS\System32\dllcache\adm8820.sys [08/29/2008 05:31 PM | 00,584,448 | ---- | C] (Aureal, Inc.) - C:\WINDOWS\System32\dllcache\adm8810.sys [08/29/2008 05:31 PM | 00,689,216 | ---- | C] (3dfx Interactive, Inc.) - C:\WINDOWS\System32\dllcache\3dfxvs.dll [08/29/2008 05:31 PM | 00,747,392 | ---- | C] (Aureal, Inc.) - C:\WINDOWS\System32\dllcache\adm8830.sys [08/29/2008 05:31 PM | 00,762,780 | ---- | C] (3Com, Inc.) - C:\WINDOWS\System32\dllcache\3cwmcru.sys [08/29/2008 05:32 PM | 00,002,944 | ---- | C] (Brother Industries Ltd.) - C:\WINDOWS\System32\dllcache\brfilt.sys [08/29/2008 05:32 PM | 00,003,168 | ---- | C] (Brother Industries Ltd.) - C:\WINDOWS\System32\dllcache\brparimg.sys [08/29/2008 05:32 PM | 00,003,968 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brfiltup.sys [08/29/2008 05:32 PM | 00,005,120 | ---- | C] (Brother Industries,Ltd.) - C:\WINDOWS\System32\dllcache\brscnrsm.dll [08/29/2008 05:32 PM | 00,009,728 | ---- | C] (Brother Industries Ltd.) - C:\WINDOWS\System32\dllcache\brcoinst.dll [08/29/2008 05:32 PM | 00,009,728 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brserif.dll [08/29/2008 05:32 PM | 00,010,368 | ---- | C] (Brother Industries Ltd.) - C:\WINDOWS\System32\dllcache\brusbscn.sys [08/29/2008 05:32 PM | 00,011,008 | ---- | C] (Brother Industries Ltd.) - C:\WINDOWS\System32\dllcache\brusbmdm.sys [08/29/2008 05:32 PM | 00,012,160 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brfiltlo.sys [08/29/2008 05:32 PM | 00,012,800 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brevif.dll [08/29/2008 05:32 PM | 00,015,360 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brmfbidi.dll [08/29/2008 05:32 PM | 00,019,456 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brbidiif.dll [08/29/2008 05:32 PM | 00,020,736 | ---- | C] (OMNIKEY AG) - C:\WINDOWS\System32\dllcache\cmbp0wdm.sys [08/29/2008 05:32 PM | 00,021,530 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\ce2n5.sys [08/29/2008 05:32 PM | 00,022,044 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\cem28n5.sys [08/29/2008 05:32 PM | 00,022,044 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\cem33n5.sys [08/29/2008 05:32 PM | 00,027,164 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\ce3n5.sys [08/29/2008 05:32 PM | 00,029,696 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brmflpt.dll [08/29/2008 05:32 PM | 00,031,529 | ---- | C] (BreezeCOM) - C:\WINDOWS\System32\dllcache\brzwlan.sys [08/29/2008 05:32 PM | 00,032,256 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brmfrsmg.exe [08/29/2008 05:32 PM | 00,032,256 | ---- | C] (Eicon Technology Corporation) - C:\WINDOWS\System32\dllcache\diapi2NT.dll [08/29/2008 05:32 PM | 00,037,916 | ---- | C] (Fast Ethernet Controller Provider) - C:\WINDOWS\System32\dllcache\cb102.sys [08/29/2008 05:32 PM | 00,039,552 | ---- | C] (Brother Industries Ltd.) - C:\WINDOWS\System32\dllcache\brparwdm.sys [08/29/2008 05:32 PM | 00,039,680 | ---- | C] (Silicom Ltd.) - C:\WINDOWS\System32\dllcache\cb325.sys [08/29/2008 05:32 PM | 00,041,472 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brmfusb.dll [08/29/2008 05:32 PM | 00,046,108 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\cben5.sys [08/29/2008 05:32 PM | 00,049,182 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\cem56n5.sys [08/29/2008 05:32 PM | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) - C:\WINDOWS\System32\dllcache\cap7146.sys [08/29/2008 05:32 PM | 00,060,416 | ---- | C] (Brother Industries Ltd.) - C:\WINDOWS\System32\dllcache\brserwdm.sys [08/29/2008 05:32 PM | 00,164,923 | ---- | C] (Eicon Technology) - C:\WINDOWS\System32\dllcache\diapi2.sys [08/29/2008 05:32 PM | 00,173,568 | ---- | C] () - C:\WINDOWS\System32\dllcache\chtskf.dll [08/29/2008 05:32 PM | 00,272,640 | ---- | C] (RAVISENT Technologies Inc.) - C:\WINDOWS\System32\dllcache\cinemclc.sys [08/29/2008 05:32 PM | 00,714,698 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\cbmdmkxx.sys [08/29/2008 05:32 PM | 00,871,388 | ---- | C] (BCM) - C:\WINDOWS\System32\dllcache\bcmdm.sys [08/29/2008 05:32 PM | 00,980,034 | ---- | C] (Xircom) - C:\WINDOWS\System32\dllcache\cicap.sys [08/29/2008 05:33 PM | 00,003,072 | ---- | C] (Crystal Semiconductor Corp.) - C:\WINDOWS\System32\dllcache\cwbase.sys [08/29/2008 05:33 PM | 00,003,072 | ---- | C] (Crystal Semiconductor Corp.) - C:\WINDOWS\System32\dllcache\cwbmidi.sys [08/29/2008 05:33 PM | 00,003,584 | ---- | C] (Crystal Semiconductor Corp.) - C:\WINDOWS\System32\dllcache\cwcosnt5.sys [08/29/2008 05:33 PM | 00,003,712 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\dllcache\ctljystk.sys [08/29/2008 05:33 PM | 00,004,096 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\dllcache\ctwdm32.dll [08/29/2008 05:33 PM | 00,006,216 | ---- | C] () - C:\WINDOWS\System32\dllcache\divaci.dll [08/29/2008 05:33 PM | 00,006,729 | ---- | C] (Eicon Technology) - C:\WINDOWS\System32\dllcache\disrvci.dll [08/29/2008 05:33 PM | 00,006,912 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\dllcache\ctlfacem.sys [08/29/2008 05:33 PM | 00,020,928 | ---- | C] (Digital Networks, LLC) - C:\WINDOWS\System32\dllcache\defpa.sys [08/29/2008 05:33 PM | 00,021,533 | ---- | C] (Compaq Computer Corporation) - C:\WINDOWS\System32\dllcache\cpqndis5.sys [08/29/2008 05:33 PM | 00,024,064 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\dllcache\devldr32.exe [08/29/2008 05:33 PM | 00,024,648 | ---- | C] (D-Link) - C:\WINDOWS\System32\dllcache\dfe650.sys [08/29/2008 05:33 PM | 00,024,649 | ---- | C] (D-Link) - C:\WINDOWS\System32\dllcache\dfe650d.sys [08/29/2008 05:33 PM | 00,029,768 | ---- | C] () - C:\WINDOWS\System32\dllcache\divasu.dll [08/29/2008 05:33 PM | 00,031,305 | ---- | C] (Eicon Technology) - C:\WINDOWS\System32\dllcache\disrvpp.dll [08/29/2008 05:33 PM | 00,037,962 | ---- | C] () - C:\WINDOWS\System32\dllcache\divaprop.dll [08/29/2008 05:33 PM | 00,038,985 | ---- | C] (Eicon Technology) - C:\WINDOWS\System32\dllcache\disrvsu.dll [08/29/2008 05:33 PM | 00,048,640 | ---- | C] (Crystal Semiconductor Corp.) - C:\WINDOWS\System32\dllcache\cwrwdm.sys [08/29/2008 05:33 PM | 00,060,970 | ---- | C] (Compaq Computer Corp.) - C:\WINDOWS\System32\dllcache\cpqtrnd5.sys [08/29/2008 05:33 PM | 00,063,208 | ---- | C] (Intel Corporation.) - C:\WINDOWS\System32\dllcache\dc21x4.sys [08/29/2008 05:33 PM | 00,072,832 | ---- | C] (Crystal Semiconductor Corp.) - C:\WINDOWS\System32\dllcache\cwbwdm.sys [08/29/2008 05:33 PM | 00,091,305 | ---- | C] (Eicon Technology) - C:\WINDOWS\System32\dllcache\dimaint.sys [08/29/2008 05:33 PM | 00,093,952 | ---- | C] (Crystal Semiconductor Corp.) - C:\WINDOWS\System32\dllcache\cwcwdm.sys [08/29/2008 05:33 PM | 00,096,256 | ---- | C] (Copyright (C) Creative Technology Ltd. 1994-2001) - C:\WINDOWS\System32\dllcache\ctlsb16.sys [08/29/2008 05:33 PM | 00,111,872 | ---- | C] (Crystal Semiconductor Corp.) - C:\WINDOWS\System32\dllcache\cwcspud.sys [08/29/2008 05:33 PM | 00,117,760 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\dllcache\d100ib5.sys [08/29/2008 05:33 PM | 00,216,064 | ---- | C] (COMPAQ Inc.) - C:\WINDOWS\System32\dllcache\cpscan.dll [08/29/2008 05:33 PM | 00,236,060 | ---- | C] (Eicon Technology) - C:\WINDOWS\System32\dllcache\ditrace.exe [08/29/2008 05:33 PM | 00,249,856 | ---- | C] (Comtrol® Corporation) - C:\WINDOWS\System32\dllcache\ctmasetp.dll [08/29/2008 05:33 PM | 00,256,512 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\dllcache\devcon32.dll [08/29/2008 05:34 PM | 00,018,503 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\dllcache\epro4.sys [08/29/2008 05:34 PM | 00,019,594 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\dllcache\e100isa4.sys [08/29/2008 05:34 PM | 00,026,698 | ---- | C] (D-Link Corporation) - C:\WINDOWS\System32\dllcache\dlh5xnd5.sys [08/29/2008 05:34 PM | 00,028,062 | ---- | C] (National Semiconductor Coproration) - C:\WINDOWS\System32\dllcache\dp83820.sys [08/29/2008 05:34 PM | 00,029,696 | ---- | C] (CNet Technology, Inc. ) - C:\WINDOWS\System32\dllcache\dm9pci5.sys [08/29/2008 05:34 PM | 00,037,120 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\dllcache\es1370mp.sys [08/29/2008 05:34 PM | 00,040,704 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\dllcache\es1371mp.sys [08/29/2008 05:34 PM | 00,050,719 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\dllcache\e1000nt5.sys [08/29/2008 05:34 PM | 00,072,192 | ---- | C] (ESS Technology Inc.) - C:\WINDOWS\System32\dllcache\es1969.sys [08/29/2008 05:34 PM | 00,117,760 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\dllcache\e100b325.sys [08/29/2008 05:34 PM | 00,283,904 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\dllcache\emu10k1m.sys [08/29/2008 05:34 PM | 00,334,208 | ---- | C] (Yamaha Corp.) - C:\WINDOWS\System32\dllcache\ds1wdm.sys [08/29/2008 05:34 PM | 00,952,007 | ---- | C] (Eicon Technology) - C:\WINDOWS\System32\dllcache\diwan.sys [08/29/2008 05:35 PM | 00,011,850 | ---- | C] (FUJITSU LIMITED) - C:\WINDOWS\System32\dllcache\f3ab18xj.sys [08/29/2008 05:35 PM | 00,012,362 | ---- | C] (FUJITSU LIMITED) - C:\WINDOWS\System32\dllcache\f3ab18xi.sys [08/29/2008 05:35 PM | 00,016,998 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\dllcache\ex10.sys [08/29/2008 05:35 PM | 00,024,618 | ---- | C] (NETGEAR) - C:\WINDOWS\System32\dllcache\fa410nd5.sys [08/29/2008 05:35 PM | 00,027,165 | ---- | C] (VIA Technologies, Inc. ) - C:\WINDOWS\System32\dllcache\fetnd5.sys [08/29/2008 05:35 PM | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) - C:\WINDOWS\System32\dllcache\esucmd.dll [08/29/2008 05:35 PM | 00,034,173 | ---- | C] (Marconi Communications, Inc.) - C:\WINDOWS\System32\dllcache\forehe.sys [08/29/2008 05:35 PM | 00,034,816 | ---- | C] (SEIKO EPSON CORP.) - C:\WINDOWS\System32\dllcache\esuimg.dll [08/29/2008 05:35 PM | 00,043,008 | ---- | C] (SEIKO EPSON CORP.) - C:\WINDOWS\System32\dllcache\esucm.dll [08/29/2008 05:35 PM | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) - C:\WINDOWS\System32\dllcache\esunid.dll [08/29/2008 05:35 PM | 00,045,568 | ---- | C] (SEIKO EPSON CORP.) - C:\WINDOWS\System32\dllcache\esuni.dll [08/29/2008 05:35 PM | 00,045,568 | ---- | C] (SEIKO EPSON CORP.) - C:\WINDOWS\System32\dllcache\esunib.dll [08/29/2008 05:35 PM | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) - C:\WINDOWS\System32\dllcache\esuimgd.dll [08/29/2008 05:35 PM | 00,094,208 | ---- | C] () - C:\WINDOWS\System32\dllcache\fpencode.dll [08/29/2008 05:35 PM | 00,441,728 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\fpcmbase.sys [08/29/2008 05:35 PM | 00,442,240 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\fpnpbase.sys [08/29/2008 05:35 PM | 00,444,416 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\fpcibase.sys [08/29/2008 05:35 PM | 00,454,912 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\fxusbase.sys [08/29/2008 05:35 PM | 00,455,296 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\fusbbase.sys [08/29/2008 05:35 PM | 00,455,680 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\fus2base.sys [08/29/2008 05:36 PM | 00,017,408 | ---- | C] (Gemplus) - C:\WINDOWS\System32\dllcache\gpr400.sys [08/29/2008 05:36 PM | 00,028,288 | ---- | C] (Gemplus) - C:\WINDOWS\System32\dllcache\grserial.sys [08/29/2008 05:36 PM | 00,068,608 | ---- | C] (Avisioin) - C:\WINDOWS\System32\dllcache\hpgt53tk.dll [08/29/2008 05:36 PM | 00,082,304 | ---- | C] (Gemplus) - C:\WINDOWS\System32\dllcache\grclass.sys [08/29/2008 05:36 PM | 00,083,968 | ---- | C] () - C:\WINDOWS\System32\dllcache\hpgt21.dll [08/29/2008 05:36 PM | 00,089,088 | ---- | C] () - C:\WINDOWS\System32\dllcache\hpgt33.dll [08/29/2008 05:36 PM | 00,093,696 | ---- | C] () - C:\WINDOWS\System32\dllcache\hpgt42.dll [08/29/2008 05:36 PM | 00,101,376 | ---- | C] () - C:\WINDOWS\System32\dllcache\hpgt34.dll [08/29/2008 05:36 PM | 00,108,827 | ---- | C] () - C:\WINDOWS\System32\dllcache\hanja.lex [08/29/2008 05:36 PM | 00,126,976 | ---- | C] (Hewlett Packard) - C:\WINDOWS\System32\dllcache\hpgt34tk.dll [08/29/2008 05:36 PM | 00,165,888 | ---- | C] () - C:\WINDOWS\System32\dllcache\hpgt53.dll [08/29/2008 05:37 PM | 00,009,216 | ---- | C] (IBM Corporation) - C:\WINDOWS\System32\dllcache\ibmsgnet.dll [08/29/2008 05:37 PM | 00,028,700 | ---- | C] (IBM Corp.) - C:\WINDOWS\System32\dllcache\ibmexmp.sys [08/29/2008 05:37 PM | 00,058,592 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\dllcache\i740nt5.sys [08/29/2008 05:37 PM | 00,100,936 | ---- | C] (IBM Corporation) - C:\WINDOWS\System32\dllcache\ibmtok.sys [08/29/2008 05:37 PM | 00,109,085 | ---- | C] (IBM Corporation) - C:\WINDOWS\System32\dllcache\ibmtrp.sys [08/29/2008 05:37 PM | 00,353,184 | ---- | C] (Intel Corporation) - C:\WINDOWS\System32\dllcache\i740dnt5.dll [08/29/2008 05:37 PM | 13,463,552 | ---- | C] () - C:\WINDOWS\System32\dllcache\hwxjpn.dll
|
|
#9
August 31st, 2008, 06:16 AM
|
|||
|
|||
|
[08/29/2008 05:38 PM | 00,023,552 | ---- | C] (MKNet Corporation) - C:\WINDOWS\System32\dllcache\irmk7.sys
[08/29/2008 05:38 PM | 00,038,784 | ---- | C] (Perle Systems Ltd. ) - C:\WINDOWS\System32\dllcache\io8.sys [08/29/2008 05:38 PM | 00,045,632 | ---- | C] (Interphase (R) Corporation a Windows (R) 2000 DDK Driver Provider) - C:\WINDOWS\System32\dllcache\ip5515.sys [08/29/2008 05:38 PM | 00,059,392 | ---- | C] () - C:\WINDOWS\System32\dllcache\imscinst.exe [08/29/2008 05:38 PM | 00,090,200 | ---- | C] (Perle Systems Ltd. ) - C:\WINDOWS\System32\dllcache\io8ports.dll [08/29/2008 05:38 PM | 00,134,339 | ---- | C] () - C:\WINDOWS\System32\dllcache\imekr.lex [08/29/2008 05:38 PM | 00,196,665 | ---- | C] () - C:\WINDOWS\System32\dllcache\imjpinst.exe [08/29/2008 05:38 PM | 00,372,824 | ---- | C] (Xircom) - C:\WINDOWS\System32\dllcache\iconf32.dll [08/29/2008 05:39 PM | 00,015,744 | ---- | C] (Litronic Industries) - C:\WINDOWS\System32\dllcache\lit220p.sys [08/29/2008 05:39 PM | 00,019,016 | ---- | C] (Kingston Technology Company ) - C:\WINDOWS\System32\dllcache\ktc111.sys [08/29/2008 05:39 PM | 00,020,573 | ---- | C] (The Linksts Group ) - C:\WINDOWS\System32\dllcache\lne100.sys [08/29/2008 05:39 PM | 00,020,864 | ---- | C] (Logitech Inc.) - C:\WINDOWS\System32\dllcache\lwadihid.sys [08/29/2008 05:39 PM | 00,022,848 | ---- | C] (Logitech Inc.) - C:\WINDOWS\System32\dllcache\lwusbhid.sys [08/29/2008 05:39 PM | 00,025,065 | ---- | C] (D-Link) - C:\WINDOWS\System32\dllcache\lmndis3.sys [08/29/2008 05:39 PM | 00,026,442 | ---- | C] (SMSC) - C:\WINDOWS\System32\dllcache\lanepic5.sys [08/29/2008 05:39 PM | 00,034,688 | ---- | C] (Toshiba Corp.) - C:\WINDOWS\System32\dllcache\lbrtfdc.sys [08/29/2008 05:39 PM | 00,070,730 | ---- | C] (Linksys Group, Inc.) - C:\WINDOWS\System32\dllcache\lne100tx.sys [08/29/2008 05:39 PM | 00,164,586 | ---- | C] (Madge Networks Ltd) - C:\WINDOWS\System32\dllcache\mdgndis5.sys [08/29/2008 05:39 PM | 00,420,992 | ---- | C] (LT) - C:\WINDOWS\System32\dllcache\ltmdmntt.sys [08/29/2008 05:39 PM | 00,576,746 | ---- | C] (LT) - C:\WINDOWS\System32\dllcache\ltmdmntl.sys [08/29/2008 05:39 PM | 00,727,786 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\ltck000c.sys [08/29/2008 05:39 PM | 00,797,500 | ---- | C] (LT) - C:\WINDOWS\System32\dllcache\ltsmt.sys [08/29/2008 05:39 PM | 00,802,683 | ---- | C] (Lucent Technologies) - C:\WINDOWS\System32\dllcache\ltsm.sys [08/29/2008 05:39 PM | 01,158,818 | ---- | C] () - C:\WINDOWS\System32\dllcache\korwbrkr.lex [08/29/2008 05:40 PM | 00,007,168 | ---- | C] (Moxa Technologies Co., Ltd) - C:\WINDOWS\System32\dllcache\mxport.dll [08/29/2008 05:40 PM | 00,017,280 | ---- | C] (American Megatrends Inc.) - C:\WINDOWS\System32\dllcache\mraid35x.sys [08/29/2008 05:40 PM | 00,019,968 | ---- | C] (Macronix International Co., Ltd. ) - C:\WINDOWS\System32\dllcache\mxnic.sys [08/29/2008 05:40 PM | 00,019,968 | ---- | C] (Moxa Technologies Co., Ltd) - C:\WINDOWS\System32\dllcache\mxicfg.dll [08/29/2008 05:40 PM | 00,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) - C:\WINDOWS\System32\dllcache\mxcard.sys [08/29/2008 05:40 PM | 00,052,255 | ---- | C] (Compaq Computer Corporation) - C:\WINDOWS\System32\dllcache\n1000nt5.sys [08/29/2008 05:40 PM | 00,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) - C:\WINDOWS\System32\dllcache\mxport.sys [08/29/2008 05:40 PM | 00,103,296 | ---- | C] (Matrox Graphics Inc) - C:\WINDOWS\System32\dllcache\mtxvideo.sys [08/29/2008 05:41 PM | 00,013,664 | ---- | C] (Number Nine Visual Technology Corp.) - C:\WINDOWS\System32\dllcache\n9i128.sys [08/29/2008 05:41 PM | 00,027,936 | ---- | C] (Number Nine Visual Technology Corp.) - C:\WINDOWS\System32\dllcache\n9i3d.sys [08/29/2008 05:41 PM | 00,028,672 | ---- | C] (National Semiconductor Corporation) - C:\WINDOWS\System32\dllcache\nscirda.sys [08/29/2008 05:41 PM | 00,032,840 | ---- | C] (NETGEAR Corporation.) - C:\WINDOWS\System32\dllcache\ngrpci.sys [08/29/2008 05:41 PM | 00,033,088 | ---- | C] (Number Nine Visual Technology Corp.) - C:\WINDOWS\System32\dllcache\n9i128v2.sys [08/29/2008 05:41 PM | 00,035,392 | ---- | C] (Number Nine Visual Technology Corp.) - C:\WINDOWS\System32\dllcache\n9i128.dll [08/29/2008 05:41 PM | 00,039,264 | ---- | C] (NeoMagic Corporation) - C:\WINDOWS\System32\dllcache\neo20xx.sys [08/29/2008 05:41 PM | 00,051,552 | ---- | C] (Kensington Technology Group) - C:\WINDOWS\System32\dllcache\ntgrip.sys [08/29/2008 05:41 PM | 00,059,104 | ---- | C] (Number Nine Visual Technology Corp.) - C:\WINDOWS\System32\dllcache\n9i128v2.dll [08/29/2008 05:41 PM | 00,060,480 | ---- | C] (NeoMagic Corporation) - C:\WINDOWS\System32\dllcache\neo20xx.dll [08/29/2008 05:41 PM | 00,065,278 | ---- | C] (Compaq Computer Corporation) - C:\WINDOWS\System32\dllcache\netflx3.sys [08/29/2008 05:41 PM | 00,087,040 | ---- | C] (NeoMagic Corporation) - C:\WINDOWS\System32\dllcache\nm6wdm.sys [08/29/2008 05:41 PM | 00,091,488 | ---- | C] (Number Nine Visual Technology Corp.) - C:\WINDOWS\System32\dllcache\n9i3disp.dll [08/29/2008 05:41 PM | 00,126,080 | ---- | C] (NeoMagic Corporation) - C:\WINDOWS\System32\dllcache\nm5a2wdm.sys [08/29/2008 05:41 PM | 00,128,000 | ---- | C] (Compaq Computer Corporation) - C:\WINDOWS\System32\dllcache\n100325.sys [08/29/2008 05:41 PM | 00,132,695 | ---- | C] (802.11b) - C:\WINDOWS\System32\dllcache\netwlan5.sys [08/29/2008 05:42 PM | 00,026,153 | ---- | C] (Linksys) - C:\WINDOWS\System32\dllcache\pcmlm56.sys [08/29/2008 05:42 PM | 00,027,209 | ---- | C] (Ositech Communications, Inc.) - C:\WINDOWS\System32\dllcache\otc06x5.sys [08/29/2008 05:42 PM | 00,029,502 | ---- | C] (Marconi Communications, Inc.) - C:\WINDOWS\System32\dllcache\pca200e.sys [08/29/2008 05:42 PM | 00,029,769 | ---- | C] (AMD Inc.) - C:\WINDOWS\System32\dllcache\pcntn5m.sys [08/29/2008 05:42 PM | 00,030,282 | ---- | C] (AMD Inc.) - C:\WINDOWS\System32\dllcache\pcntn5hl.sys [08/29/2008 05:42 PM | 00,030,495 | ---- | C] (Linksys) - C:\WINDOWS\System32\dllcache\pc100nds.sys [08/29/2008 05:42 PM | 00,043,689 | ---- | C] (Ositech Communications, Inc.) - C:\WINDOWS\System32\dllcache\otceth5.sys [08/29/2008 05:42 PM | 00,054,186 | ---- | C] (Ositech Communications, Inc.) - C:\WINDOWS\System32\dllcache\otcsercb.sys [08/29/2008 05:42 PM | 00,054,528 | ---- | C] (Yamaha Corp.) - C:\WINDOWS\System32\dllcache\opl3sax.sys [08/29/2008 05:43 PM | 00,016,128 | ---- | C] (SCM Microsystems, Inc.) - C:\WINDOWS\System32\dllcache\pscr.sys [08/29/2008 05:43 PM | 00,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) - C:\WINDOWS\System32\dllcache\perm2.sys [08/29/2008 05:43 PM | 00,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) - C:\WINDOWS\System32\dllcache\perm3.sys [08/29/2008 05:43 PM | 00,035,328 | ---- | C] (AMD Inc.) - C:\WINDOWS\System32\dllcache\pcntpci5.sys [08/29/2008 05:43 PM | 00,086,016 | ---- | C] (PCtel, Inc.) - C:\WINDOWS\System32\dllcache\pctspk.exe [08/29/2008 05:43 PM | 00,128,286 | ---- | C] (PCTEL, INC.) - C:\WINDOWS\System32\dllcache\ptserli.sys [08/29/2008 05:43 PM | 00,169,984 | ---- | C] (Cisco Systems) - C:\WINDOWS\System32\dllcache\pcx500.sys [08/29/2008 05:43 PM | 00,175,104 | ---- | C] () - C:\WINDOWS\System32\dllcache\pintlcsa.dll [08/29/2008 05:43 PM | 00,211,712 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) - C:\WINDOWS\System32\dllcache\perm2dll.dll [08/29/2008 05:43 PM | 00,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) - C:\WINDOWS\System32\dllcache\perm3dd.dll [08/29/2008 05:44 PM | 00,009,216 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\rsmgrstr.dll [08/29/2008 05:44 PM | 00,019,017 | ---- | C] (Realtek Semiconductor Corporation) - C:\WINDOWS\System32\dllcache\rtl8029.sys [08/29/2008 05:44 PM | 00,037,563 | ---- | C] (RadioLAN) - C:\WINDOWS\System32\dllcache\rlnet5.sys [08/29/2008 05:44 PM | 00,079,104 | ---- | C] (Comtrol Corporation) - C:\WINDOWS\System32\dllcache\rocket.sys [08/29/2008 05:44 PM | 00,086,097 | ---- | C] (Xircom) - C:\WINDOWS\System32\dllcache\reslog32.dll [08/29/2008 05:44 PM | 00,112,574 | ---- | C] (PCTEL, INC.) - C:\WINDOWS\System32\dllcache\ptserlp.sys [08/29/2008 05:44 PM | 00,130,942 | ---- | C] (PCTEL, INC.) - C:\WINDOWS\System32\dllcache\ptserlv.sys [08/29/2008 05:44 PM | 00,714,762 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\r2mdmkxx.sys [08/29/2008 05:44 PM | 00,899,146 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\r2mdkxga.sys [08/29/2008 05:45 PM | 00,023,936 | ---- | C] (OMNIKEY AG) - C:\WINDOWS\System32\dllcache\sccmn50m.sys [08/29/2008 05:45 PM | 00,023,936 | ---- | C] (OMNIKEY AG) - C:\WINDOWS\System32\dllcache\sccmusbm.sys [08/29/2008 05:45 PM | 00,024,576 | ---- | C] (Ricoh Co., Ltd.) - C:\WINDOWS\System32\dllcache\rw430ext.dll [08/29/2008 05:45 PM | 00,026,624 | ---- | C] (Ricoh Co., Ltd.) - C:\WINDOWS\System32\dllcache\rw330ext.dll [08/29/2008 05:45 PM | 00,026,624 | ---- | C] (Ricoh Co., Ltd.) - C:\WINDOWS\System32\dllcache\rw450ext.dll [08/29/2008 05:45 PM | 00,041,216 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3mt3d.sys [08/29/2008 05:45 PM | 00,061,504 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3sav3dm.sys [08/29/2008 05:45 PM | 00,062,496 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3mtrio.dll [08/29/2008 05:45 PM | 00,077,824 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3sav4m.sys [08/29/2008 05:45 PM | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) - C:\WINDOWS\System32\dllcache\rwia001.dll [08/29/2008 05:45 PM | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) - C:\WINDOWS\System32\dllcache\rwia330.dll [08/29/2008 05:45 PM | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) - C:\WINDOWS\System32\dllcache\rwia430.dll [08/29/2008 05:45 PM | 00,082,432 | ---- | C] (Ricoh Co., Ltd.) - C:\WINDOWS\System32\dllcache\rwia450.dll [08/29/2008 05:45 PM | 00,166,720 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3m.sys [08/29/2008 05:45 PM | 00,179,264 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3sav3d.dll [08/29/2008 05:45 PM | 00,182,272 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3mt3d.dll [08/29/2008 05:45 PM | 00,198,400 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3sav4.dll [08/29/2008 05:45 PM | 00,210,496 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3mvirge.dll [08/29/2008 05:45 PM | 00,495,616 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\dllcache\sblfx.dll [08/29/2008 05:46 PM | 00,017,280 | ---- | C] (SCM Microsystems) - C:\WINDOWS\System32\dllcache\scr111.sys [08/29/2008 05:46 PM | 00,018,400 | ---- | C] (Micro Systemation) - C:\WINDOWS\System32\dllcache\sgsmld.sys [08/29/2008 05:46 PM | 00,032,768 | ---- | C] (SiS Corporation) - C:\WINDOWS\System32\dllcache\sisnic.sys [08/29/2008 05:46 PM | 00,036,480 | ---- | C] (Creative Technology Ltd.) - C:\WINDOWS\System32\dllcache\sfmanm.sys [08/29/2008 05:46 PM | 00,098,080 | ---- | C] (Trident Microsystems Inc.) - C:\WINDOWS\System32\dllcache\sgiulnt5.sys [08/29/2008 05:46 PM | 00,161,568 | ---- | C] (Micro Systemation) - C:\WINDOWS\System32\dllcache\sgsmusb.sys [08/29/2008 05:46 PM | 00,386,560 | ---- | C] (Trident Microsystems Inc.) - C:\WINDOWS\System32\dllcache\sgiul50.dll [08/29/2008 05:47 PM | 00,024,576 | ---- | C] (SMC Networks, Inc.) - C:\WINDOWS\System32\dllcache\smc8000n.sys [08/29/2008 05:47 PM | 00,025,034 | ---- | C] (SMC Networks, Inc.) - C:\WINDOWS\System32\dllcache\smcpwr2n.sys [08/29/2008 05:47 PM | 00,035,913 | ---- | C] (SMC) - C:\WINDOWS\System32\dllcache\smcirda.sys [08/29/2008 05:47 PM | 00,058,368 | ---- | C] (Silicon Motion Inc.) - C:\WINDOWS\System32\dllcache\smiminib.sys [08/29/2008 05:47 PM | 00,063,547 | ---- | C] (Symbol Technologies) - C:\WINDOWS\System32\dllcache\sla30nd5.sys [08/29/2008 05:47 PM | 00,091,294 | ---- | C] (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) - C:\WINDOWS\System32\dllcache\skfpwin.sys [08/29/2008 05:47 PM | 00,094,698 | ---- | C] (SysKonnect GmbH.) - C:\WINDOWS\System32\dllcache\sk98xwin.sys [08/29/2008 05:47 PM | 00,147,200 | ---- | C] (Silicon Motion Inc.) - C:\WINDOWS\System32\dllcache\smidispb.dll [08/29/2008 05:48 PM | 00,016,896 | ---- | C] (SCM Microsystems, Inc.) - C:\WINDOWS\System32\dllcache\stcusb.sys [08/29/2008 05:48 PM | 00,019,072 | ---- | C] (Adaptec, Inc.) - C:\WINDOWS\System32\dllcache\sparrow.sys [08/29/2008 05:48 PM | 00,024,660 | ---- | C] (Perle Systems Ltd.) - C:\WINDOWS\System32\dllcache\spxupchk.dll [08/29/2008 05:48 PM | 00,048,736 | ---- | C] (3Com) - C:\WINDOWS\System32\dllcache\srwlnd5.sys [08/29/2008 05:48 PM | 00,053,248 | ---- | C] (Stallion Technologies) - C:\WINDOWS\System32\dllcache\stlncoin.dll [08/29/2008 05:48 PM | 00,061,824 | ---- | C] (Perle Systems Ltd.) - C:\WINDOWS\System32\dllcache\speed.sys [08/29/2008 05:48 PM | 00,106,584 | ---- | C] (Perle Systems Ltd.) - C:\WINDOWS\System32\dllcache\spdports.dll [08/29/2008 05:48 PM | 00,155,648 | ---- | C] (Stallion Technologies) - C:\WINDOWS\System32\dllcache\stlnprop.dll [08/29/2008 05:48 PM | 00,285,760 | ---- | C] (Stallion Technologies) - C:\WINDOWS\System32\dllcache\stlnata.sys [08/29/2008 05:49 PM | 00,094,293 | ---- | C] (Perle Systems Ltd. ) - C:\WINDOWS\System32\dllcache\sxports.dll [08/29/2008 05:49 PM | 00,103,936 | ---- | C] (Perle Systems Ltd. ) - C:\WINDOWS\System32\dllcache\sx.sys [2 C:\WINDOWS\*.tmp files] [08/29/2008 04:45 PM | ---D | C] - C:\WINDOWS\5888428E699C4E71BF7194EE06B497DA.TMP [08/29/2008 05:34 PM | ---D | C] - C:\WINDOWS\LastGood [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At25.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At26.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At27.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At28.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At29.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At30.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At31.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At32.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At33.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At34.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At35.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At36.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At37.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At38.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At39.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At40.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At41.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At42.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At43.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At44.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At45.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At46.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At47.job [08/17/2008 02:10 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At48.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At1.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At10.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At11.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At12.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At13.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At14.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At15.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At16.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At17.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At18.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At19.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At2.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At20.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At21.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At22.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At23.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At24.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At3.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At4.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At5.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At6.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At7.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At8.job [08/23/2008 12:17 AM | 00,000,350 | ---- | C] () - C:\WINDOWS\tasks\At9.job [08/28/2008 08:18 AM | ---D | C] - C:\Documents and Settings\All Users\Application Data\Avira [08/28/2008 08:18 AM | 00,001,862 | ---- | C] () - C:\Documents and Settings\All Users\Desktop\AntiVir PE Classic.lnk [08/28/2008 08:18 AM | ---D | C] - C:\Program Files\Avira
|
|
#10
August 31st, 2008, 06:16 AM
|
|||
|
|||
|
========== Files - Modified Within 30 days ==========
[08/30/2008 11:10 PM | 00,137,472 | ---- | M] () - C:\WINDOWS\System32\drivers\PnkBstrK.sys [3 C:\WINDOWS\System32\*.tmp files] [08/29/2008 05:04 PM | 00,001,158 | ---- | M] () - C:\WINDOWS\System32\wpa.dbl [08/30/2008 11:10 PM | 00,111,928 | ---- | M] () - C:\WINDOWS\System32\PnkBstrB.exe [08/29/2008 05:06 PM | 00,000,246 | ---- | M] () - C:\WINDOWS\System\hpsysdrv.dat [2 C:\WINDOWS\*.tmp files] [08/11/2008 06:09 PM | 00,000,105 | ---- | M] () - C:\WINDOWS\muveeapp.INI [08/13/2008 03:02 AM | 00,001,374 | ---- | M] () - C:\WINDOWS\imsins.BAK [08/28/2008 08:19 AM | 00,001,031 | ---- | M] () - C:\WINDOWS\win.ini [08/29/2008 05:03 PM | 00,002,048 | --S- | M] () - C:\WINDOWS\bootstat.dat [08/29/2008 01:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At14.job [08/29/2008 01:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At38.job [08/29/2008 02:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At15.job [08/29/2008 02:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At39.job [08/29/2008 03:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At16.job [08/29/2008 03:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At40.job [08/29/2008 04:00 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At29.job [08/29/2008 04:00 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At5.job [08/29/2008 04:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At17.job [08/29/2008 04:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At41.job [08/29/2008 05:00 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At30.job [08/29/2008 05:00 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At6.job [08/29/2008 05:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At18.job [08/29/2008 05:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At42.job [08/29/2008 05:03 PM | 00,000,006 | -H-- | M] () - C:\WINDOWS\tasks\SA.DAT [08/29/2008 06:00 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At31.job [08/29/2008 06:00 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At7.job [08/29/2008 07:00 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At32.job [08/29/2008 07:00 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At8.job [08/29/2008 08:00 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At33.job [08/29/2008 08:00 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At9.job [08/29/2008 09:00 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At10.job [08/29/2008 09:00 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At34.job [08/29/2008 10:00 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At11.job [08/29/2008 10:00 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At35.job [08/29/2008 11:00 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At12.job [08/29/2008 11:00 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At36.job [08/29/2008 12:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At13.job [08/29/2008 12:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At37.job [08/30/2008 02:00 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At27.job [08/30/2008 02:00 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At3.job [08/30/2008 03:00 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At28.job [08/30/2008 03:00 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At4.job [08/30/2008 06:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At19.job [08/30/2008 06:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At43.job [08/30/2008 07:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At20.job [08/30/2008 07:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At44.job [08/30/2008 08:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At21.job [08/30/2008 08:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At45.job [08/30/2008 09:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At22.job [08/30/2008 09:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At46.job [08/30/2008 10:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At23.job [08/30/2008 10:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At47.job [08/30/2008 11:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At24.job [08/30/2008 11:00 PM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At48.job [08/31/2008 01:00 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At2.job [08/31/2008 01:00 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At26.job [08/31/2008 01:00 AM | 00,000,492 | ---- | M] () - C:\WINDOWS\tasks\1-Click Maintenance.job [08/31/2008 12:32 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At1.job [08/31/2008 12:50 AM | 00,000,350 | ---- | M] () - C:\WINDOWS\tasks\At25.job [08/28/2008 08:18 AM | 00,001,862 | ---- | M] () - C:\Documents and Settings\All Users\Desktop\AntiVir PE Classic.lnk < End of report >
|
|
#11
August 31st, 2008, 06:17 AM
|
|||
|
|||
|
OTViewIt Extras logfile created on: 8/31/2008 1:04:46 AM - Run 1
OTViewIt by OldTimer - Version 1.0.1.7 Folder = C:\Documents and Settings\HP_Administrator\Desktop Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1015.29 Mb Total Physical Memory | 490.20 Mb Available Physical Memory | 48.28% Memory free 2.38 Gb Paging File | 1.98 Gb Available in Paging File | 83.24% Paging File free Paging file location(s): C:\pagefile.sys 1524 3048; %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 178.30 Gb Total Space | 113.52 Gb Free Space | 63.67% Space Free | Partition Type: NTFS Drive D: | 8.00 Gb Total Space | 0.91 Gb Free Space | 11.42% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res. dll,-22019 [08/10/2004 03:00 PM | 00,140,800 | ---- | M] (Microsoft Corporation) "%ProgramFiles%\iTunes\iTunes.exe" = %ProgramFiles%\iTunes\iTunes.exe:*:enabled:iTunes [05/05/2005 03:10 AM | 09,034,240 | ---- | M] (Apple Computer, Inc.) "C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe" = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP [09/28/2005 02:13 AM | 00,036,903 | ---- | M] (Hewlett-Packard) "C:\Program Files\Common Files\AOL\1141872391\ee\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1141872391\ee\AOLServiceHost.exe:*:Enabl ed:AOL Services [08/02/2005 03:33 PM | 00,151,640 | ---- | M] (America Online, Inc.) "C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader [07/11/2005 05:35 PM | 00,011,352 | ---- | M] (America Online, Inc.) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 [10/10/2006 08:44 AM | 00,557,568 | ---- | M] (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res. dll,-22019 [08/10/2004 03:00 PM | 00,140,800 | ---- | M] (Microsoft Corporation) "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe [05/12/2005 09:23 AM | 00,282,624 | ---- | M] (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe [05/12/2005 10:40 AM | 00,204,800 | ---- | M] (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe [05/24/2005 12:17 PM | 00,225,280 | ---- | M] (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe [05/24/2005 12:18 PM | 00,040,960 | ---- | M] (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe [05/24/2005 12:13 PM | 00,081,920 | ---- | M] (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe [05/12/2005 08:06 PM | 00,200,704 | ---- | M] () "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe [05/12/2005 05:28 PM | 01,081,344 | ---- | M] (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe [05/24/2005 12:42 PM | 00,172,032 | ---- | M] (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe [05/12/2005 06:34 PM | 00,151,635 | ---- | M] (Hewlett-Packard) "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe [05/24/2005 12:18 PM | 00,458,752 | ---- | M] (Hewlett-Packard Co.) "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe [03/16/2005 01:12 AM | 00,417,792 | ---- | M] () "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe [03/16/2005 01:17 AM | 00,704,512 | ---- | M] ( ) "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe [06/01/2005 10:56 AM | 00,057,344 | ---- | M] (Hewlett-Packard Co.) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes [05/05/2005 03:10 AM | 09,034,240 | ---- | M] (Apple Computer, Inc.) "C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe" = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP [09/28/2005 02:13 AM | 00,036,903 | ---- | M] (Hewlett-Packard) "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink File not found "C:\Program Files\Common Files\AOL\1141872391\ee\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1141872391\ee\aolsoftware.exe:*:Enabled: AOL Services [12/15/2005 09:38 PM | 00,050,792 | ---- | M] (America Online, Inc.) "C:\Program Files\Common Files\AOL\1141872391\ee\aim6.exe" = C:\Program Files\Common Files\AOL\1141872391\ee\aim6.exe:*:Enabled:AIM [02/08/2006 02:43 PM | 00,050,792 | ---- | M] (America Online, Inc.) "C:\Program Files\Common Files\AOL\1141872391\ee\AOLServiceHost.exe" = C:\Program Files\Common Files\AOL\1141872391\ee\AOLServiceHost.exe:*:Enabl ed:AOL Services [08/02/2005 03:33 PM | 00,151,640 | ---- | M] (America Online, Inc.) "C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader [07/11/2005 05:35 PM | 00,011,352 | ---- | M] (America Online, Inc.) "C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk File not found "C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire File not found "C:\Program Files\uTorrent\utorrent.exe" = C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent File not found "C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorre nt File not found "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enable d:Yahoo! Messenger File not found "C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo ! FT Server File not found "C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger [10/13/2004 07:24 PM | 01,694,208 | ---- | M] (Microsoft Corporation) "C:\WINDOWS\system32\rlvknlg.exe" = C:\WINDOWS\system32\rlvknlg.exe:*:Enabled:rlvknlg. exe [04/10/2007 11:01 AM | 01,503,232 | ---- | M] (RelevantKnowledge) "C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe" = C:\Program Files\Microsoft Games\Age of Empires II\empires2.exe:*:Enabled:Age of Empires II File not found "C:\WINDOWS\system32\dplaysvr.exe" = C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microso ft DirectPlay Helper [08/10/2004 03:00 PM | 00,030,208 | ---- | M] (Microsoft Corporation) "C:\Program Files\Wolfenstein - Enemy Territory\ET.exe" = C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Enabled:ET [03/10/2005 02:00 PM | 01,286,144 | ---- | M] () "C:\Program Files\Microsoft Games\Age of Empires II\age2_x1.exe" = C:\Program Files\Microsoft Games\Age of Empires II\age2_x1.exe:*:Enabled:Age of Empires II Expansion [09/04/2001 07:04 PM | 02,699,309 | ---- | M] (Microsoft Corporation) "C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe" = C:\Program Files\Microsoft Games\Age of Empires II\age2_x1\age2_x1.exe:*:Enabled:The Conquerors [08/10/2001 05:20 PM | 00,344,863 | ---- | M] (Microsoft Corporation)
|
|
#12
August 31st, 2008, 06:19 AM
|
|||
|
|||
|
"C:\Program Files\GameSpy Arcade\Aphex.exe" = C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade
File not found "C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger [08/05/2005 04:08 PM | 00,067,160 | ---- | M] (America Online, Inc.) "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype File not found "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 [10/10/2006 08:44 AM | 00,557,568 | ---- | M] (Microsoft Corporation) "C:\ijji\ENGLISH\u_skid.exe" = C:\ijji\ENGLISH\u_skid.exe:*:Enabled:<ijji Downloader> [02/20/2008 10:19 PM | 00,770,048 | ---- | M] (NHN USA inc.) "C:\Program Files\DriftCity\DriftCity.exe" = C:\Program Files\DriftCity\DriftCity.exe:*:Enabled  riftCity[04/15/2008 05:23 AM | 01,568,256 | ---- | M] () "C:\ijji\ENGLISH\u_sf\soldierfront.exe" = C:\ijji\ENGLISH\u_sf\soldierfront.exe:*:Enabled:so ldierfront [08/26/2008 10:03 PM | 01,413,120 | ---- | M] () "C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr. exe" = C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe:* :Enabled:Remote Assistance - Windows Messenger and Voice [08/10/2004 03:00 PM | 00,768,512 | ---- | M] (Microsoft Corporation) "C:\ijji\ENGLISH\u_sf.exe" = C:\ijji\ENGLISH\u_sf.exe:*:Enabled:<ijji Downloader> [06/23/2008 04:43 AM | 00,688,128 | ---- | M] (NHN USA inc.) ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .bat [@ = batfile] - "%1" %* .cmd [@ = cmdfile] - "%1" %* .com [@ = comfile] - "%1" %* .exe [@ = exefile] - "%1" %* .html [@ = FirefoxHTML] - [08/28/2008 09:23 PM | 00,307,712 | ---- | M] (Mozilla Corporation) - C:\Program Files\Mozilla Firefox\firefox.exe .pif [@ = piffile] - "%1" %* .scr [@ = scrfile] - "%1" /S ========== Winsock2 Catalogs ========== ========== HKEY_LOCAL_MACHINE Protocol Defaults ========== ========== HKEY_CURRENT_USER Protocol Defaults ========== ========== HKEY_USERS Protocol Defaults ========== ========== HKEY_USERS Protocol Defaults ========== ========== HKEY_USERS Protocol Defaults ========== ========== HKEY_USERS Protocol Defaults ========== ========== HKEY_USERS Protocol Defaults ========== ========== Protocol Handlers ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Hand ler\] ipp: [HKLM - No CLSID value] msdaipp: [HKLM - No CLSID value] ========== Protocol Filters ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall] "{03B1B42B-F6DE-41d9-8CFF-DC44E895C7A7}" = PhotoGallery "{0611BD4E-4FE4-4a62-B0C0-18A4CC463428}" = CP_Package_Variety1 "{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data "{09984AEC-6B9F-4ca7-B78D-CB44D4771DA3}" = Destinations "{0B33B738-AD79-4E32-90C5-E67BFB10BBFF}" = AiO_Scan "{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE "{14589F05-C658-4594-9429-D437BA688686}" = IntelliMover Data Transfer Demo "{172975EB-9465-4861-95B5-C7BB6D3DE62A}" = DocumentViewer "{19753FBA-FAC0-4A2C-91E8-182CBDE4E29B}" = VidiotMaps Map Overlay "{1A103D70-5C9B-4E1A-B306-5106C68F9914}" = Microsoft Plus! Dancer LE "{1C139D7D-9FEA-468d-A9C8-2A6E3BDE564A}" = CP_Package_Variety3 "{1DCC7418-2089-4BDD-B321-3771956160FC}" = ijji Auto Installer "{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus "{21DB3D90-D816-4092-A260-CA3F6B55A6DD}" = Sonic_PrimoSDK "{23A7B376-BBEC-4e76-BBD7-0F155E70D74B}" = CP_Panorama1Config "{2C3D719A-92C7-4323-89CC-C937D0267B84}" = muvee autoProducer 4.0 "{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0}" = HP Deskjet Printer Preload "{2CADCEAB-D5DA-44D6-B5FC-7DEE87AB3C0C}" = Unload "{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox "{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager "{30C19FF2-7FBA-4d09-B9DE-1659977F64F6}" = TrayApp "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5 "{32BDCCB8-9DC8-496d-9DB1-F77510775BDB}" = InstantShareDevices "{33D6CC28-9F75-4d1b-A11D-98895B3A3729}" = HP Photosmart 330,380,420,470,7800,8000,8200 Series "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36BC3F0C-8777-4DB2-B2F4-7FA5250F34BA}" = GtkRadiant-1.3.8-ET "{36E47DA1-10E1-45d9-8B19-14D19607CDCF}" = CP_CalendarTemplates1 "{37477865-A3F1-4772-AD43-AAFC6BCFF99F}" = MSXML 4.0 SP2 (KB927978) "{3819891A-030B-4a4e-98ED-B28A649E48AB}" = HP Deskjet 3900 series "{3BA95526-6AE0-4B87-A62D-17187EF565FC}" = HP Boot Optimizer "{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth "{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works "{42F6BED9-41DD-40F1-85A8-8E0350493626}" = HPDeskjet3900Series "{523E6F2A-2D59-4D91-90E8-6C49931C9F50}" = iTunes "{54E3707F-808E-4fd4-95C9-15D1AB077E5D}" = NewCopy "{56EE8B17-8274-418d-89AC-C057C5DB251E}" = RandMap "{56F8AFC3-FA98-4ff1-9673-8A026CBF85BE}" = WebReg "{5A01C58E-B0EC-49b9-AD71-7C0468688087}" = CP_Package_Basic1 "{5B39603F-2A77-40E6-950D-ED7B8307933D}" = Microsoft IntelliPoint 5.3 "{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}" = HP PSC & OfficeJet 5.3.B "{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver "{5F26311C-B135-4F7F-B11E-8E650F83651E}" = DeviceFunctionQFolder "{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = PlayNC Launcher "{64D5E9DE-7890-4FB0-8865-8B24BE1773F7}" = LightScribe 1.4.42.1 "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler "{66BA8C26-AFE4-4408-807B-43E76B57EF53}" = SkinsHP1 "{6BB6627C-694F-4FDC-A3E5-C7F4BED4C724}" = DocProc "{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer "{755EC5E3-FD51-46bd-A57F-7A2D56FBF061}" = PSTAPlugin "{769A295C-DCF4-41d6-AFBA-7D9394B23AFE}" = PSPrinters08 "{7850A6D2-CBEA-4728-9877-F1BEDEA9F619}" = AiOSoftware "{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder "{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme "{7E27304E-BAA2-4d90-A34E-76641FAFABB4}" = CP_AtenaShokunin1Config "{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder "{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver "{8D0C57BC-4942-4960-BB6D-142456D6F233}" = HP Image Zone for Media Center PC "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD Player "{923A7F5A-1E8C-4FBE-8DF6-85940A60A79F}" = Readme "{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders "{A195B13E-A5E3-4BAF-A995-7F70F445CD06}" = ScannerCopy "{A3455242-DAE0-4523-8242-FD82706ABF4B}" = CameraDrivers "{A5BB5365-EFB4-44c3-A7E2-EB59B7EFD23D}" = CueTour "{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio "{AC76BA86-7AD7-1033-7B44-A70900000002}" = Adobe Reader 7.0.9 "{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}" = Digimax Master "{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy "{B1931B3A-29E9-4F91-9B61-BE2CF05E84F1}" = muvee autoProducer unPlugged 1.1 - HPD "{B4D279F1-4309-49cc-A4B5-3A0D2E59C7B5}" = PanoStandAlone "{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1 "{B824B5C9-849F-4b9e-9EA7-6FD8CD8116DA}" = CP_Package_Variety2 "{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply "{B996AE66-10DB-4ac5-B151-E8B4BFBC42FC}" = BufferChm "{BE9FEFBA-F2F8-468B-A108-4356F73A3E9C}" = Office 2003 Tour "{C04E32E0-0416-434D-AFB9-6969D703A9EF}" = MSXML 4.0 SP2 (KB936181) "{C506A18C-1469-4678-B094-F4EC9DAE6DB7}" = Scan "{C6996F17-9233-49EB-8084-E73E5272DAF4}" = AGEIA PhysX v7.05.05 "{C83A12B9-B31B-461A-BBD4-CE9B988094F1}" = HP Photosmart Cameras 5.0 "{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE24344F-DFD8-40C8-8FD8-C9740B5F25AC}" = Fax "{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility "{D518592A-0F1E-40ca-BECB-3D3F026C6B0D}" = CameraDrivers "{D54193B7-D2DF-4977-B546-86CA48DB214E}" = HP Tunes "{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp "{E07B7A31-E160-466D-A003-3BB7B8989D52}" = Full Tilt Poker.Net "{E3F90083-80D4-4b5a-87C7-E97E12F5516D}" = HPProductAssistant "{EA103B64-C0E4-4C0E-A506-751590E1653D}" = SolutionCenter "{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential "{F4C2E5F5-2970-45f4-ABD3-C180C4D961C4}" = Status "{F80239D8-7811-4D5E-B033-0D0BBFE32920}" = HP DigitalMedia Archive "Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player Plugin "Adobe Shockwave Player" = Adobe Shockwave Player "Age of Empires 2.0" = Microsoft Age of Empires II "Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion "AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus "AOL Instant Messenger" = AOL Instant Messenger "AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove) "COH" = City of Heroes (remove only) "Cool Edit Pro 2.1" = Cool Edit Pro 2.1 "DriftCity" = Drift City "GGE909 PC Recoil Pad" = GGE909 PC Recoil Pad "Gunz" = ijji - Gunz "HijackThis" = HijackThis 1.99.1 "HijackThis 1.99.1" = HijackThis 1.99.1 "Hijackthis_is1" = Hijackthis 1.99.1 "HP Document Viewer" = HP Document Viewer 5.3 "HP Imaging Device Functions" = HP Imaging Device Functions 5.3 "HP Photo & Imaging" = HP Image Zone 5.3 "HP Solution Center & Imaging Support Tools" = HP Solution Center & Imaging Support Tools 5.3 "HPOOVClient-9972322 Uninstaller" = Updates from HP (remove only) "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "InstallShield_{523E6F2A-2D59-4D91-90E8-6C49931C9F50}" = iTunes "Kaspersky On-line Scanner" = Kaspersky On-line Scanner
|
|
#13
August 31st, 2008, 06:20 AM
|
|||
|
|||
|
"KB873339" = Windows XP Hotfix - KB873339
"KB883667" = Windows XP Hotfix - KB883667 "KB883939" = Security Update for Windows XP (KB883939) "KB885250" = Windows XP Hotfix - KB885250 "KB885354" = Windows XP Hotfix - KB885354 "KB885835" = Windows XP Hotfix - KB885835 "KB885836" = Windows XP Hotfix - KB885836 "KB886185" = Windows XP Hotfix - KB886185 "KB887472" = Windows XP Hotfix - KB887472 "KB887742" = Windows XP Hotfix - KB887742 "KB887998" = Microsoft .NET Framework 1.0 Hotfix (KB887998) "KB888111WXPSP2" = High Definition Audio Driver Package - KB888111 "KB888113" = Windows XP Hotfix - KB888113 "KB888302" = Windows XP Hotfix - KB888302 "KB888316" = Windows XP Media Center Edition 2005 KB888316 "KB889858" = Windows Media Player 10 Hotfix [See KB889858 for more information] "KB890046" = Security Update for Windows XP (KB890046) "KB890175" = Windows XP Hotfix - KB890175 "KB890859" = Windows XP Hotfix - KB890859 "KB891220" = Windows XP Hotfix - KB891220 "KB891781" = Windows XP Hotfix - KB891781 "KB893066" = Windows XP Hotfix - KB893066 "KB893756" = Security Update for Windows XP (KB893756) "KB893803v2" = Windows Installer 3.1 (KB893803) "KB894391" = Update for Windows XP (KB894391) "KB895678" = Windows XP Media Center Edition 2005 KB895678 "KB896358" = Security Update for Windows XP (KB896358) "KB896422" = Security Update for Windows XP (KB896422) "KB896423" = Security Update for Windows XP (KB896423) "KB896424" = Security Update for Windows XP (KB896424) "KB896428" = Security Update for Windows XP (KB896428) "KB898458" = Security Update for Step By Step Interactive Training (KB898458) "KB898461" = Update for Windows XP (KB898461) "KB899587" = Security Update for Windows XP (KB899587) "KB899589" = Security Update for Windows XP (KB899589) "KB899591" = Security Update for Windows XP (KB899591) "KB900485" = Update for Windows XP (KB900485) "KB900725" = Security Update for Windows XP (KB900725) "KB901017" = Security Update for Windows XP (KB901017) "KB901214" = Security Update for Windows XP (KB901214) "KB902400" = Security Update for Windows XP (KB902400) "KB904706" = Security Update for Windows XP (KB904706) "KB904942" = Update for Windows XP (KB904942) "KB905414" = Security Update for Windows XP (KB905414) "KB905749" = Security Update for Windows XP (KB905749) "KB905915" = Security Update for Windows XP (KB905915) "KB908519" = Security Update for Windows XP (KB908519) "KB908531" = Security Update for Windows XP (KB908531) "KB910437" = Update for Windows XP (KB910437) "KB911280" = Security Update for Windows XP (KB911280) "KB911562" = Security Update for Windows XP (KB911562) "KB911565" = Security Update for Windows Media Player 10 (KB911565) "KB911567" = Security Update for Windows XP (KB911567) "KB911927" = Security Update for Windows XP (KB911927) "KB912812" = Security Update for Windows XP (KB912812) "KB912919" = Security Update for Windows XP (KB912919) "KB913446" = Security Update for Windows XP (KB913446) "KB913580" = Security Update for Windows XP (KB913580) "KB914388" = Security Update for Windows XP (KB914388) "KB914389" = Security Update for Windows XP (KB914389) "KB914440" = Hotfix for Windows XP (KB914440) "KB915865" = Hotfix for Windows XP (KB915865) "KB916281" = Security Update for Windows XP (KB916281) "KB916595" = Update for Windows XP (KB916595) "KB917159" = Security Update for Windows XP (KB917159) "KB917344" = Security Update for Windows XP (KB917344) "KB917422" = Security Update for Windows XP (KB917422) "KB917734_WMP10" = Security Update for Windows Media Player 10 (KB917734) "KB917953" = Security Update for Windows XP (KB917953) "KB918118" = Security Update for Windows XP (KB918118) "KB918439" = Security Update for Windows XP (KB918439) "KB918899" = Security Update for Windows XP (KB918899) "KB919007" = Security Update for Windows XP (KB919007) "KB920213" = Security Update for Windows XP (KB920213) "KB920214" = Security Update for Windows XP (KB920214) "KB920670" = Security Update for Windows XP (KB920670) "KB920683" = Security Update for Windows XP (KB920683) "KB920685" = Security Update for Windows XP (KB920685) "KB920872" = Update for Windows XP (KB920872) "KB921398" = Security Update for Windows XP (KB921398) "KB921503" = Security Update for Windows XP (KB921503) "KB921883" = Security Update for Windows XP (KB921883) "KB922582" = Update for Windows XP (KB922582) "KB922616" = Security Update for Windows XP (KB922616) "KB922760" = Security Update for Windows XP (KB922760) "KB922819" = Security Update for Windows XP (KB922819) "KB923191" = Security Update for Windows XP (KB923191) "KB923414" = Security Update for Windows XP (KB923414) "KB923689" = Security Update for Windows XP (KB923689) "KB923694" = Security Update for Windows XP (KB923694) "KB923723" = Security Update for Step By Step Interactive Training (KB923723) "KB923980" = Security Update for Windows XP (KB923980) "KB924191" = Security Update for Windows XP (KB924191) "KB924270" = Security Update for Windows XP (KB924270) "KB924496" = Security Update for Windows XP (KB924496) "KB924667" = Security Update for Windows XP (KB924667) "KB925398_WMP64" = Security Update for Windows Media Player 6.4 (KB925398) "KB925454" = Security Update for Windows XP (KB925454) "KB925486" = Security Update for Windows XP (KB925486) "KB925902" = Security Update for Windows XP (KB925902) "KB926255" = Security Update for Windows XP (KB926255) "KB926436" = Security Update for Windows XP (KB926436) "KB927779" = Security Update for Windows XP (KB927779) "KB927802" = Security Update for Windows XP (KB927802) "KB927891" = Update for Windows XP (KB927891) "KB928090" = Security Update for Windows XP (KB928090) "KB928255" = Security Update for Windows XP (KB928255) "KB928843" = Security Update for Windows XP (KB928843) "KB929123" = Security Update for Windows XP (KB929123) "KB929338" = Update for Windows XP (KB929338) "KB929969" = Security Update for Windows XP (KB929969) "KB930178" = Security Update for Windows XP (KB930178) "KB930494" = Microsoft .NET Framework 1.0 Hotfix (KB930494) "KB930916" = Update for Windows XP (KB930916) "KB931261" = Security Update for Windows XP (KB931261) "KB931768" = Security Update for Windows XP (KB931768) "KB931784" = Security Update for Windows XP (KB931784) "KB931836" = Update for Windows XP (KB931836) "KB932168" = Security Update for Windows XP (KB932168) "KB932823-v3" = Update for Windows XP (KB932823-v3) "KB933360" = Update for Windows XP (KB933360) "KB933566" = Security Update for Windows XP (KB933566) "KB933729" = Security Update for Windows XP (KB933729) "KB935448" = Hotfix for Windows XP (KB935448) "KB935839" = Security Update for Windows XP (KB935839) "KB935840" = Security Update for Windows XP (KB935840) "KB936021" = Security Update for Windows XP (KB936021) "KB936357" = Update for Windows XP (KB936357) "KB936782_WMP10" = Security Update for Windows Media Player 10 (KB936782) "KB937143" = Security Update for Windows XP (KB937143) "KB937894" = Security Update for Windows XP (KB937894) "KB938127" = Security Update for Windows XP (KB938127) "KB938127-IE7" = Security Update for Windows Internet Explorer 7 (KB938127) "KB938828" = Update for Windows XP (KB938828) "KB938829" = Security Update for Windows XP (KB938829) "KB939653" = Security Update for Windows XP (KB939653) "KB939653-IE7" = Security Update for Windows Internet Explorer 7 (KB939653) "KB941202" = Security Update for Windows XP (KB941202) "KB941568" = Security Update for Windows XP (KB941568) "KB941569" = Security Update for Windows XP (KB941569) "KB941644" = Security Update for Windows XP (KB941644) "KB941693" = Security Update for Windows XP (KB941693) "KB942615-IE7" = Security Update for Windows Internet Explorer 7 (KB942615) "KB942763" = Update for Windows XP (KB942763) "KB943055" = Security Update for Windows XP (KB943055) "KB943460" = Security Update for Windows XP (KB943460) "KB943485" = Security Update for Windows XP (KB943485) "KB944533-IE7" = Security Update for Windows Internet Explorer 7 (KB944533) "KB944653" = Security Update for Windows XP (KB944653) "KB945553" = Security Update for Windows XP (KB945553) "KB946026" = Security Update for Windows XP (KB946026) "KB946648" = Security Update for Windows XP (KB946648) "KB947864-IE7" = Hotfix for Windows Internet Explorer 7 (KB947864) "KB948590" = Security Update for Windows XP (KB948590) "KB948881" = Security Update for Windows XP (KB948881) "KB950749" = Security Update for Windows XP (KB950749) "KB950759-IE7" = Security Update for Windows Internet Explorer 7 (KB950759) "KB950760" = Security Update for Windows XP (KB950760) "KB950762" = Security Update for Windows XP (KB950762) "KB950974" = Security Update for Windows XP (KB950974) "KB951066" = Security Update for Windows XP (KB951066) "KB951072-v2" = Update for Windows XP (KB951072-v2) "KB951376" = Security Update for Windows XP (KB951376) "KB951376-v2" = Security Update for Windows XP (KB951376-v2) "KB951698" = Security Update for Windows XP (KB951698) "KB951748" = Security Update for Windows XP (KB951748) "KB952287" = Hotfix for Windows XP (KB952287) "KB952954" = Security Update for Windows XP (KB952954) "KB953838-IE7" = Security Update for Windows Internet Explorer 7 (KB953838) "KB953839" = Security Update for Windows XP (KB953839) "KBD" = Enhanced Multimedia Keyboard Solution "M928366" = Microsoft .NET Framework 1.1 Hotfix (KB928366) "MC05Upd1" = Update Rollup 1 for Windows XP Media Center Edition 2005 with HDTV Support (KB873369) "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Motherboard Monitor 5_is1" = Motherboard Monitor 5 "Mozilla Firefox (3.0.1)" = Mozilla Firefox (3.0.1) "MSConfig CleanUp_is1" = MSConfig CleanUp 1.5 "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NOHO Tournament Manager_is1" = NOHO Tournament Manager 1.2 "QuickTime" = QuickTime "RealPlayer 6.0" = RealPlayer "Shop for HP Supplies" = Shop for HP Supplies "Smart PDF Converter_is1" = Smart PDF Converter "SMSERIAL" = Motorola SM56 Speakerphone Modem "SpeedFan" = SpeedFan (remove only) "Verizon Online DSL_is1" = Verizon Online DSL "ViewpointMediaPlayer" = Viewpoint Media Player "Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner "Windows Media Format Runtime" = Windows Media Format Runtime "Windows Media Player" = Windows Media Player 10 "WinRAR archiver" = WinRAR archiver "Wolfenstein - Enemy Territory" = Wolfenstein - Enemy Territory
|
|
#14
August 31st, 2008, 06:20 AM
|
|||
|
|||
|
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Uninstall] "ijji FireFox Launcher" = ijji FireFox Launcher 1.0 "ijji.com" = ijji ========== HKEY_USERS Uninstall List ========== ========== HKEY_USERS Uninstall List ========== ========== HKEY_USERS Uninstall List ========== ========== HKEY_USERS Uninstall List ========== ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3168850613-2940384695-3104939514-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall] "ijji FireFox Launcher" = ijji FireFox Launcher 1.0 "ijji.com" = ijji ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 8/29/2008 8:36:06 PM - Computer Name = YOUR-B27FB1C401 - User Name = YOUR-B27FB1C401\Possible - Source = MsiInstaller Description = Product: TuneUp Utilities 2008 -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: UninstallServicesWithAccessExe, location: C:\Program Files\TuneUp Utilities 2008\access.exe, command: --setup-uninstall Error - 8/29/2008 8:36:33 PM - Computer Name = YOUR-B27FB1C401 - User Name = YOUR-B27FB1C401\Possible - Source = MsiInstaller Description = Product: TuneUp Utilities 2008 -- Error 1721. There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support personnel or package vendor. Action: UninstallServicesWithAccessExe, location: C:\Program Files\TuneUp Utilities 2008\access.exe, command: --setup-uninstall Error - 8/29/2008 8:45:11 PM - Computer Name = YOUR-B27FB1C401 - User Name = YOUR-B27FB1C401\Possible - Source = MsiInstaller Description = Product: TuneUp Utilities 2008 -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action UninstallServicesWithAccessExe, location: C:\Program Files\TuneUp Utilities 2008\access.exe, command: --setup-uninstall Error - 8/29/2008 8:45:40 PM - Computer Name = YOUR-B27FB1C401 - User Name = YOUR-B27FB1C401\Possible - Source = MsiInstaller Description = Product: TuneUp Utilities 2008 -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action UninstallServicesWithAccessExe, location: C:\Program Files\TuneUp Utilities 2008\access.exe, command: --setup-uninstall Error - 8/29/2008 9:20:07 PM - Computer Name = YOUR-B27FB1C401 - User Name = YOUR-B27FB1C401\Possible - Source = MsiInstaller Description = Product: TuneUp Utilities 2008 -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action UninstallServicesWithAccessExe, location: C:\Program Files\TuneUp Utilities 2008\access.exe, command: --setup-uninstall Error - 8/29/2008 9:53:22 PM - Computer Name = YOUR-B27FB1C401 - User Name = YOUR-B27FB1C401\Possible - Source = MsiInstaller Description = Product: TuneUp Utilities 2008 -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action UninstallServicesWithAccessExe, location: C:\Program Files\TuneUp Utilities 2008\access.exe, command: --setup-uninstall Error - 8/29/2008 11:14:18 PM - Computer Name = YOUR-B27FB1C401 - User Name = User SID not found - Source = Application Hang Description = Hanging application regsearch.exe, version 2.0.5.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 8/30/2008 9:34:13 PM - Computer Name = YOUR-B27FB1C401 - User Name = User SID not found - Source = Application Error Description = Faulting application aim.exe, version 5.9.3861.0, faulting module unknown, version 0.0.0.0, fault address 0x1221254f. Error - 8/31/2008 1:10:25 AM - Computer Name = YOUR-B27FB1C401 - User Name = User SID not found - Source = Can not find Ping Info Description = Error - 8/31/2008 3:09:09 AM - Computer Name = YOUR-B27FB1C401 - User Name = User SID not found - Source = Application Error Description = Faulting application et.exe, version 0.0.0.0, faulting module cgame_mp_x86.dll, version 0.0.0.0, fault address 0x00022e41. [ Internet Explorer Events ] [ Media Center Events ] [ Security Events ] [ System Events ] Error - 8/31/2008 1:00:00 AM - Computer Name = YOUR-B27FB1C401 - User Name = User SID not found - Source = Schedule Description = The At22.job command failed to start due to the following error: %%2147942402 Error - 8/31/2008 1:00:00 AM - Computer Name = YOUR-B27FB1C401 - User Name = User SID not found - Source = Schedule Description = The At46.job command failed to start due to the following error: %%2147942402 Error - 8/31/2008 2:00:00 AM - Computer Name = YOUR-B27FB1C401 - User Name = User SID not found - Source = Schedule Description = The At23.job command failed to start due to the following error: %%2147942402 Error - 8/31/2008 2:00:00 AM - Computer Name = YOUR-B27FB1C401 - User Name = User SID not found - Source = Schedule Description = The At47.job command failed to start due to the following error: %%2147942402 Error - 8/31/2008 3:00:00 AM - Computer Name = YOUR-B27FB1C401 - User Name = User SID not found - Source = Schedule Description = The At24.job command failed to start due to the following error: %%2147942402 Error - 8/31/2008 3:00:00 AM - Computer Name = YOUR-B27FB1C401 - User Name = User SID not found - Source = Schedule Description = The At48.job command failed to start due to the following error: %%2147942402 Error - 8/31/2008 4:32:00 AM - Computer Name = YOUR-B27FB1C401 - User Name = User SID not found - Source = Schedule Description = The At1.job command failed to start due to the following error: %%2147942402 Error - 8/31/2008 4:50:00 AM - Computer Name = YOUR-B27FB1C401 - User Name = User SID not found - Source = Schedule Description = The At25.job command failed to start due to the following error: %%2147942402 Error - 8/31/2008 5:00:00 AM - Computer Name = YOUR-B27FB1C401 - User Name = User SID not found - Source = Schedule Description = The At2.job command failed to start due to the following error: %%2147942402 Error - 8/31/2008 5:00:00 AM - Computer Name = YOUR-B27FB1C401 - User Name = User SID not found - Source = Schedule Description = The At26.job command failed to start due to the following error: %%2147942402 < End of report >
|
|
#15
August 31st, 2008, 06:32 AM
|
||||
|
||||
|
I can see the infection PossibleOne but I need to see another log before I start removal. It's likely there is a rootkit component and if so, it will not appear in standard logs.
Download gmer.zip from here to your Desktop. Once downloaded, doubleclick on gmer.zip and unzip the file to its own folder When you have done this, close all running programs including those in your notification area (bottom righthand corner of your screen) and doubleclick on Gmer.exe to run it. Click on the Rootkit tab and look at the righthand side (under Files) and uncheck all drives with the exception of your C drive and then click on Scan (before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan). When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Save the file and copy the information and post it here please. Warning! Please do not select the "Show all" checkbox during the scan
|
|
| Bookmarks |
«
Previous Topic
|
Next Topic
»
|
|
Similar Topics
|
||||
| Topic | Topic Starter | Forum | Replies | Last Post |
| How to De-Crypt Infected Files from Virus | leachim | Malware Removal | 3 | May 31st, 2014 11:04 PM |
| Infected with kd Crypt worm | rainie | Malware Removal | 18 | February 15th, 2009 01:33 AM |
| Trojan.Win32.crypt.o | blakeh7787 | Malware Removal | 44 | July 26th, 2006 04:32 AM |
| Malware? Virus? Trojan? (HJT, ewido logs inside) | AlphaShadow | Malware Removal | 4 | June 8th, 2006 02:59 AM |
| Searchem.net Problem (popups... logs inside) | ShhBeqQuiet9772 | Malware Removal | 3 | May 12th, 2005 01:11 PM |
All times are GMT +1. The time now is 05:17 AM.