Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Malware Removal Discussion about Trojans, viruses, hoaxes, firewalls, spyware, and general Security issues. If you suspect your PC is infected with a virus, trojan or spyware app please include any supporting documentation or logs

Reply
 
Topic Tools
  #1  
Old March 25th, 2008, 08:57 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
 
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
slow internet nd popup city

I just not long ago posted here and removed some baddies log came out clean after removeal,I had to go out of town when i came back I was getting very unusualy slow internet and lots of popups so once again here is my HJT log


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:47:31 AM, on 3/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\MSN\MSNCoreFiles\msn.exe
C:\Program Files\MSN\MSNIA\CC\MSNCC\logonmgr.exe
C:\Program Files\MSN\MSNIA\CC\MSNCC\msncc.exe
C:\Program Files\MSN\MSNIA\CC\MSNCC\WA\MSNAccel.exe
C:\Program Files\IMVU\IMVUClient.exe
C:\Program Files\IMVU\IMVUQualityAgent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ION&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ION&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = http=127.0.0.1:9022
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [ftutil2] "rundll32.exe" ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Update Page Content - C:\Program Files\MSN\MSNIA\CC\MSNCC\WA\refreshpage.htm
O8 - Extra context menu item: View All Originals On Page - C:\Program Files\MSN\MSNIA\CC\MSNCC\WA\getoriginal.htm
O8 - Extra context menu item: View Original Image - C:\Program Files\MSN\MSNIA\CC\MSNCC\WA\getoriginal.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\HP_Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/ca..._2.3.6.108.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1167164300484
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1335EF8-320B-44EA-9E1B-A0178DF9794A}: NameServer = 209.244.0.3 209.244.0.4
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 8699 bytes
Reply With Quote
  #2  
Old March 27th, 2008, 12:31 AM
dahli's Avatar
dahli dahli is offline
CTH Subscriber
 
Join Date: Oct 2004
Location: in a van down by the river
Posts: 5,335
Hello,

Go here and download the free version of SUPERAntiSpyware and install it.

After installation accept any prompts to allow SUPERAntiSpyware to install the latest infection definition files. Next follow the prompts to complete the installation. For now, uncheck the option to have SUPERAntiSpyware "Automatically check for program and definition updates". Providing an email address and allowing the software to send diagnostic reports to it's research center are up to you. Do NOT allow SUPERAntiSpyware to Protect your Home Page settings.

Once the installation is complete open SUPERAntiSpyware and press the Preferences button. Under the General and Startup tab, uncheck the following (leaving all other settings as is).

Start-up Options:
*Start SUPERAntiSpyware when Windows starts

Automatic Updates:
*Check for program updates when the application starts.

Start-up Scanning:
*Check for updates before scanning on startup.

Then select Close. Don't scan just yet though.

-----------------------

Go Here and download ATF cleaner. Click on the downloaded file to run it, and select "Select All", then click Empty Selected (and close ATF).

If you have them, also click on Firefox/Opera at the top and repeat the steps (and close ATF). Firefox/Opera will need to be closed first for the cleaning to be effective.



===============================================

Reboot into Safe Mode (at startup tap the F8 key and select Safe Mode).


Open SUPERAntiSpyware and click the Scan your Computer button. Making sure that Fixed Drive (NTFS) is checked (typically the C Drive), check "Perform Complete Scan", then click Next. SUPERAntiSpyware will now complete a system scan.


SUPERAntiSpyware will now scan your computer and when its finished it will list all the infections it has found. Make sure that they all have a check next to them and click next. If prompted allow the reboot (or manually reboot at this time), and after the reboot open SUPERAntiSpyware again (double click the bug-shaped Taskbar icon).

Click Preferences, then under the Statistics/Logs tab, click to select the most recent Scan Log, then click View Log. Save the log to your desktop, and copy/paste the text from the log back here.
Reply With Quote
  #3  
Old March 27th, 2008, 01:36 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
 
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
here are the resuslts form that scan


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 03/26/2008 at 07:23 PM

Application Version : 4.0.1154

Core Rules Database Version : 3425
Trace Rules Database Version: 1417

Scan type : Complete Scan
Total Scan Time : 00:30:07

Memory items scanned : 198
Memory threats detected : 0
Registry items scanned : 5917
Registry threats detected : 0
File items scanned : 25582
File threats detected : 5

Adware.ContextProgram
C:\SYSTEM VOLUME INFORMATION\_RESTORE{106CF321-99A3-4E3A-9103-1BD027606A99}\RP188\A0060499.DLL

Adware.PointsManager-Uninstaller
C:\SYSTEM VOLUME INFORMATION\_RESTORE{106CF321-99A3-4E3A-9103-1BD027606A99}\RP188\A0060500.EXE

Adware.Need2Find
C:\SYSTEM VOLUME INFORMATION\_RESTORE{106CF321-99A3-4E3A-9103-1BD027606A99}\RP188\A0060501.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{106CF321-99A3-4E3A-9103-1BD027606A99}\RP188\A0060502.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{106CF321-99A3-4E3A-9103-1BD027606A99}\RP188\A0060503.DLL
Reply With Quote
  #4  
Old March 27th, 2008, 02:22 AM
dahli's Avatar
dahli dahli is offline
CTH Subscriber
 
Join Date: Oct 2004
Location: in a van down by the river
Posts: 5,335
What kind of pop-up's are you receiving?
Reply With Quote
  #5  
Old March 27th, 2008, 02:26 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
 
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
like popus that appear to be windows alerts comeing up in webpage format I know thats not right because windows doesent send alarts that way I get one of 2 or 3 when I refresh a page or open the browser like one is for command prompt one for spyware alart and one for task manager optomization
Reply With Quote
  #6  
Old March 27th, 2008, 02:49 AM
dahli's Avatar
dahli dahli is offline
CTH Subscriber
 
Join Date: Oct 2004
Location: in a van down by the river
Posts: 5,335
Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.


1. Close all applications and windows.
2. Double-click on dss.exe to run it, and follow the prompts.
3. When the scan is complete, it will create two text files - main.txt <- this one will be maximized and extra.txt<-this one will be minimized on your Taskbar.
4. Copy/paste both logs back here please (they will also be located at C:\Deckard\System Scanner).
Reply With Quote
  #7  
Old March 27th, 2008, 03:38 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
 
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
by these logs its aparent someone was useing my computer wil I was out of town here they are

Deckard's System Scanner v20071014.68
Run by HP_Administrator on 2008-03-26 21:23:15
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
126: 2008-03-27 02:23:24 UTC - RP195 - Deckard's System Scanner Restore Point
125: 2008-03-26 07:27:04 UTC - RP194 - System Checkpoint
124: 2008-03-25 06:38:50 UTC - RP193 - Installed Microsoft Visual C++ 2005 Redistributable
123: 2008-03-25 06:38:04 UTC - RP192 - Removed Microsoft Visual C++ 2005 Redistributable
122: 2008-03-24 13:16:16 UTC - RP191 - System Checkpoint


-- First Restore Point --
1: 2007-12-28 14:57:38 UTC - RP70 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as HP_Administrator.exe) ------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:24:24 PM, on 3/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\MSN\MSNIA\CC\MSNCC\logonmgr.exe
C:\Program Files\MSN\MSNIA\CC\MSNCC\msncc.exe
C:\Documents and Settings\HP_Administrator\Desktop\dss.exe
C:\HJT\HP_Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ION&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ION&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = http=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [ftutil2] "rundll32.exe" ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\HP_Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/ca..._2.3.6.108.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1167164300484
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 8363 bytes

-- HijackThis Fixed Entries (C:\HJT\backups\) ----------------------------------

backup-20070921-193123-452 O15 - Trusted Zone: http://*.trymedia.com (HKLM)
backup-20080309-171729-204 O2 - BHO: ContextProgram - {E4D1D56C-3EC9-2F5D-FAA3-4112CCDD61DC} - C:\Program Files\ContextProgram\ContextProgram-1.dll
backup-20080309-224718-112 R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
backup-20080324-025224-805 O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL

-- File Associations -----------------------------------------------------------

.reg - regfile - shell\open\command - "regedit.exe" "%1"


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 ELhid (EL hid Service) - c:\windows\system32\drivers\elhid.sys <Not Verified; Intel Corporation; Intel(R) Quick Resume Technology>
R1 ELkbd (EL KB Service) - c:\windows\system32\drivers\elkbd.sys <Not Verified; Intel Corporation; Intel(R) Quick Resume Technology>
R1 ELmon (EL Monitor Service) - c:\windows\system32\drivers\elmon.sys <Not Verified; Intel Corporation; Intel(R) Quick Resume Technology>
R1 ELmou (EL Mouse Service) - c:\windows\system32\drivers\elmou.sys <Not Verified; Intel Corporation; Intel(R) Quick Resume Technology>
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R3 CA561 (ICatch (VI) PC Camera) - c:\windows\system32\drivers\spca561.sys <Not Verified; SP; Microsoft(R) Windows NT(R) Operating System>

S0 ftsata2 - c:\windows\system32\drivers\ftsata2.sys (file missing)
S3 catchme - c:\docume~1\hp_adm~1\locals~1\temp\catchme.sys (file missing)
S3 EagleNT - c:\windows\system32\drivers\eaglent.sys (file missing)
S3 NPDriver (Norton Unerase Protection Driver) - c:\windows\system32\drivers\npdriver.sys (file missing)
S3 SABProcEnum - c:\program files\internet explorer\sabprocenum.sys (file missing)
S3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S4 ELService (Intel(R) Quick Resume technology) - c:\program files\intel\inteldh\intel(r) quick resume technology drivers\elservice.exe <Not Verified; Intel Corporation; Intel(R) Quick Resume Technology>
S4 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\C6567111D800
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\C6567111D800
Service: NIC1394


-- Scheduled Tasks -------------------------------------------------------------

2008-03-26 18:36:21 444 --ah----- C:\WINDOWS\Tasks\User_Feed_Synchronization-{9A2FDC6F-1BD4-45AF-9928-51A90B2C128D}.job
2008-03-22 17:35:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-02-26 and 2008-03-26 -----------------------------

2008-03-26 18:49:37 0 dr-h----- C:\Documents and Settings\HP_Administrator\Recent
2008-03-26 03:00:27 0 d-------- C:\Documents and Settings\HP_Administrator\Application Data\IMVU
2008-03-26 03:00:19 0 d-------- C:\Program Files\IMVU
2008-03-25 01:37:55 0 d-------- C:\Program Files\Kaneva
2008-03-18 03:41:34 0 d-------- C:\WINDOWS\.jagex_cache_32
2008-03-17 19:03:02 0 d-------- C:\Documents and Settings\HP_Administrator\Application Data\Xfire
2008-03-17 19:03:00 0 d-------- C:\Program Files\Xfire
2008-03-16 16:35:01 0 d-------- C:\Program Files\Steam
2008-03-14 20:28:57 0 d-------- C:\Documents and Settings\HP_Administrator\.thumbnails
2008-03-13 01:41:33 0 d-------- C:\Documents and Settings\HP_Administrator\Application Data\gtk-2.0
2008-03-13 01:04:49 0 d-------- C:\Documents and Settings\HP_Administrator\.gimp-2.4
2008-03-13 01:04:09 0 d-------- C:\Program Files\GIMP-2.0
2008-03-12 23:03:02 0 d-------- C:\Documents and Settings\All Users\Application Data\CCP
2008-03-12 00:13:08 0 d-------- C:\Program Files\Image-Line
2008-03-11 16:16:28 0 d-------- C:\Documents and Settings\HP_Administrator\Application Data\LimeWire
2008-03-11 03:08:45 0 d-------- C:\Program Files\Need2Find
2008-03-11 02:29:18 10 --a------ C:\WINDOWS\smdat32m.sys
2008-03-11 01:40:23 23822368 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-03-11 01:37:59 0 d-------- C:\Program Files\ZoneAlarmSB
2008-03-11 01:37:03 0 d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-03-11 01:36:59 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-03-11 01:36:54 11264 --a------ C:\WINDOWS\system32\SpOrder.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(TM) Operating System>
2008-03-11 01:36:36 0 d-------- C:\WINDOWS\system32\ZoneLabs
2008-03-11 01:33:57 0 d-------- C:\WINDOWS\Internet Logs
2008-03-10 23:06:51 0 d-------- C:\Program Files\MSBuild
2008-03-10 23:05:33 0 d-------- C:\WINDOWS\system32\XPSViewer
2008-03-10 23:05:12 0 d-------- C:\Program Files\Reference Assemblies
2008-03-10 19:47:09 0 d-------- C:\Program Files\MSXML 6.0
2008-03-10 19:43:09 0 d-------- C:\Program Files\MSXML 4.0
2008-03-10 16:24:35 0 --a------ C:\WINDOWS\ativpsrm.bin


-- Find3M Report ---------------------------------------------------------------

2008-03-26 18:51:57 0 d-------- C:\Program Files\Norton Utilities
2008-03-21 05:36:02 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-03-12 00:43:59 0 d-------- C:\Program Files\VstPlugins
2008-03-11 21:20:21 0 d-------- C:\Program Files\ShotOnline International
2008-03-11 18:00:32 0 d-------- C:\Program Files\QuickTime
2008-03-11 03:36:50 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-03-11 02:18:05 0 d-------- C:\Program Files\City of Heroes
2008-03-11 00:13:28 0 d-------- C:\Documents and Settings\HP_Administrator\Application Data\AVG7
2008-03-10 04:05:59 0 d-------- C:\Program Files\HP Games
2008-03-10 04:02:49 0 d-------- C:\Program Files\Common Files
2008-03-10 04:02:49 0 d-------- C:\Program Files\Common Files\Adobe
2008-03-10 03:51:57 0 d-------- C:\Documents and Settings\HP_Administrator\Application Data\Adobe
2008-03-08 03:31:05 2509 --a----c- C:\WINDOWS\mozver.dat
2008-03-05 23:30:16 0 d-------- C:\Program Files\EVEMon
2008-03-05 23:30:07 0 d-------- C:\Documents and Settings\HP_Administrator\Application Data\EVEMon
2008-03-05 20:46:45 0 d-------- C:\Program Files\DivX
2008-03-05 02:31:19 196 --a------ C:\Documents and Settings\HP_Administrator\Application Data\G-Force Prefs (WindowsMediaPlayer).txt
2008-02-20 21:05:44 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-02-20 21:04:16 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-02-20 21:04:16 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-02-20 21:04:04 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-02-20 21:04:04 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX>
2008-02-20 21:04:04 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX>
2008-02-20 21:04:04 682496 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX>
2008-02-20 21:03:24 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2008-02-19 22:03:48 0 d-------- C:\Program Files\FileSubmit
2008-02-19 22:00:39 0 d-------- C:\Program Files\VVSN
2008-02-19 21:39:37 0 d-------- C:\Program Files\Mojicon Installer
2008-02-19 21:39:23 0 d-------- C:\Documents and Settings\HP_Administrator\Application Data\FileSubmit
2008-02-19 18:46:36 0 d-------- C:\Program Files\EvE MEEP
2008-02-19 16:22:20 0 d-------- C:\Program Files\AIMTunes
2008-02-19 01:27:44 0 d-------- C:\Program Files\AIM6
2008-02-19 01:18:20 0 d-------- C:\Program Files\Viewpoint
2008-02-16 23:53:31 0 d-------- C:\Program Files\Mplayer
2008-02-16 23:51:42 0 d-------- C:\Program Files\Quake III Arena
2008-02-13 21:19:46 0 d-------- C:\Program Files\Common Files\Futuremark Shared
2008-02-10 21:40:17 0 d-------- C:\Program Files\EFT Shipfit
2008-02-07 02:50:25 0 d-------- C:\Program Files\CCP
2008-02-07 02:41:35 0 d-------- C:\Program Files\ATI Technologies
2008-02-07 02:34:58 1100 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-02-06 23:10:09 0 d-------- C:\Documents and Settings\HP_Administrator\Application Data\ATI
2008-02-06 04:00:32 0 d-------- C:\Program Files\World of Warcraft
2008-01-29 05:17:43 0 d-------- C:\Program Files\StarWarsGalaxies
2008-01-28 06:03:03 0 d-------- C:\Program Files\VistaExperience.org
2008-01-28 05:56:18 0 d-------- C:\Program Files\Windows Sidebar
2008-01-28 05:52:09 0 d-------- C:\Program Files\Alky for Applications
2008-01-27 04:19:58 0 d-------- C:\Documents and Settings\HP_Administrator\Application Data\Talkback
2008-01-27 04:19:24 0 d-------- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla
Reply With Quote
  #8  
Old March 27th, 2008, 03:40 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
 
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
10/04/2007 03:06 PM 1135968 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
03/11/2008 01:37 AM 262144 --a------ C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [10/04/2007 03:06 PM 1135968]
"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [03/11/2008 01:37 AM 262144]

[-HKEY_CLASSES_ROOT\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[-HKEY_CLASSES_ROOT\CLSID\{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [11/10/2006 01:35 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [09/25/2007 02:11 AM]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [07/23/2005 12:14 AM]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [09/29/2006 01:39 PM]
"ftutil2"="rundll32.exe" [08/09/2004 11:00 PM C:\WINDOWS\system32\rundll32.exe]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [03/10/2008 05:21 AM]
"RTHDCPL"="RTHDCPL.EXE" [10/25/2007 03:57 AM C:\WINDOWS\RTHDCPL.EXE]
"Alcmtr"="ALCMTR.EXE" [05/03/2005 10:43 AM C:\WINDOWS\ALCMTR.EXE]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [11/14/2007 04:05 PM]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [08/19/2006 11:36 PM]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [06/29/2007 06:24 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [11/30/2006 10:49 PM]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [01/03/2008 11:15 AM]
"Steam"="C:\Program Files\Steam\Steam.exe" [03/16/2008 04:37 PM]
"hbtcoh"="c:\documents and settings\hp_administrator\local settings\application data\hbtcoh.exe" [03/18/2008 10:03 PM]

C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\
Xfire.lnk - C:\Program Files\Xfire\xfire.exe [3/13/2008 6:05:34 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\R oyale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale. theme

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 01:55 PM 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 01:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Icatch(VI) SnapDetect.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Icatch(VI) SnapDetect.lnk
backup=C:\WINDOWS\pss\Icatch(VI) SnapDetect.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates From HP.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates From HP.lnk
backup=C:\WINDOWS\pss\Updates From HP.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Administrator^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aim6]
"C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
"C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserWatch]
"C:\Program Files\Migo Software\Digital File Shredder Pro\BrowserWatchControl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMAScheduler]
"c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
C:\WINDOWS\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hid_start]
"C:\WINDOWS\System32\Rundll32.exe" "C:\WINDOWS\system32\gzmrotate.dll" DllVerify

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
"C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPBootOp]
"C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
"C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe " -startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\MSN Messenger\msnmsgr.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pccguide.exe]
"C:\Program Files\Trend Micro\Antivirus\pccguide.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCClient.exe]
"C:\Program Files\Trend Micro\Antivirus\PCClient.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCDrProfiler]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\WINDOWS\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
"C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TM Outbreak Agent]
"C:\Program Files\Trend Micro\Antivirus\TMOAgent.exe" /run

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Weather]
"C:\Program Files\AWS\WeatherBug\Weather.exe" 1

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Viewpoint Manager Service"=2 (0x2)
"Pml Driver HPZ12"=2 (0x2)
"NMSAccessU"=2 (0x2)
"LightScribeService"=2 (0x2)
"IDriverT"=3 (0x3)
"IAANTMON"=2 (0x2)
"gusvc"=3 (0x3)
"GameConsoleService"=3 (0x3)
"FLEXnet Licensing Service"=3 (0x3)
"ELService"=2 (0x2)
"Bonjour Service"=2 (0x2)
"AVGEMS"=2 (0x2)
"Avg7UpdSvc"=2 (0x2)
"Avg7Alrt"=2 (0x2)




-- End of Deckard's System Scanner: finished at 2008-03-26 21:24:54 ------------
Reply With Quote
  #9  
Old March 27th, 2008, 03:41 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
 
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz
CPU 1: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz
Percentage of Memory in Use: 25%
Physical Memory (total/avail): 2046.38 MiB / 1516.25 MiB
Pagefile Memory (total/avail): 4962.48 MiB / 4549.18 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1943.3 MiB

C: is Fixed (NTFS) - 224.23 GiB total, 135.07 GiB free.
D: is Fixed (FAT32) - 8.63 GiB total, 0.38 GiB free.
E: is CDROM (No Media)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)

\\.\PHYSICALDRIVE0 - ST3250824AS - 232.88 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 224.23 GiB - C:
\PARTITION1 - Unknown - 8.64 GiB - D:

\\.\PHYSICALDRIVE1 - Generic- Compact Flash USB Device

\\.\PHYSICALDRIVE4 - Generic- MS/MS-Pro USB Device

\\.\PHYSICALDRIVE3 - Generic- SD/MMC USB Device

\\.\PHYSICALDRIVE2 - Generic- SM/xD-Picture USB Device



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.

FW: ZoneAlarm Firewall v7.0.462.000 (Check Point, LTD.) Disabled
AV: AVG 7.5.519 v7.5.519 (Grisoft)

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List]
"C:\\Program Files\\DISC\\DiscStreamHub.exe"="C:\\Program Files\\DISC\\DiscStreamHub.exe:*isabledISCover Stream Hub"
"C:\\Program Files\\Sony\\Station\\Launchpad\\LaunchPad.exe"="C :\\Program Files\\Sony\\Station\\Launchpad\\LaunchPad.exe:*:E nabled:LaunchPad"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\ \Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Ena bled:Yahoo! Messenger"
"C:\\Program Files\\HP Games\\JEOPARDY\\JEOPARDY!.exe"="C:\\Program Files\\HP Games\\JEOPARDY\\JEOPARDY!.exe:*:Enabled:JEOPARDY! "
"C:\\Program Files\\Xfire\\xfire.exe"="C:\\Program Files\\Xfire\\xfire.exe:*:Enabled:Xfire"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\ShotOnline International\\ShotOnline.exe"="C:\\Program Files\\ShotOnline International\\ShotOnline.exe:*:Enabled:ShotOnline "
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger"
"C:\\Program Files\\Sony\\Station\\Launchpad\\_aunchPad.exe"="C :\\Program Files\\Sony\\Station\\Launchpad\\_aunchPad.exe:*:E nabled:_aunchPad"
"C:\\Program Files\\SHOUTcast\\sc_serv.exe"="C:\\Program Files\\SHOUTcast\\sc_serv.exe:*:Enabled:sc_serv"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*isabled:Bonjo ur"
"C:\\Program Files\\City of Heroes\\CohUpdater.exe"="C:\\Program Files\\City of Heroes\\CohUpdater.exe:*:Enabled:CohUpdater"
"C:\\Program Files\\HP Games\\Wheel of Fortune\\Wheel of Fortune.exe"="C:\\Program Files\\HP Games\\Wheel of Fortune\\Wheel of Fortune.exe:*:Enabled:Wheel of Fortune"
"C:\\Program Files\\City of Heroes\\CityOfHeroes.exe"="C:\\Program Files\\City of Heroes\\CityOfHeroes.exe:*:Enabled:CityOfHeroes"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"C:\\Program Files\\AIM6\\aim6.exe"="C:\\Program Files\\AIM6\\aim6.exe:*:Enabled:AIM"
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avgine t.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc. exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgam svr.exe"
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.ex e"
"C:\\Program Files\\Kaneva\\World of Kaneva V2.0\\KanevaLauncher.exe"="C:\\Program Files\\Kaneva\\World of Kaneva V2.0\\KanevaLauncher.exe:*:Enabled:KanevaLauncher"
"C:\\Program Files\\Kazaa\\kazaa.exe"="C:\\Program Files\\Kazaa\\kazaa.exe:*isabled:Kazaa"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*isabled:LimeWire"


-- Environment Variables -------------------------------------------------------

ALKY=C:\Program Files\Alky for Applications\Libraries\
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\HP_Administrator\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=RICHARD
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\HP_Administrator
LOGONSERVER=\\RICHARD
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\sys tem32\wbem;c:\Python22;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\Alky for Applications\Libraries\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\;;C:\PROGRA~1\COMMON~1\MU VEET~1\030625;C:\PROGRA~1\COMMON~1\MUVEET~1\030625
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 6, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f06
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SonicCentral=c:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp
tvdumpflags=8
USERDOMAIN=RICHARD
USERNAME=HP_Administrator
USERPROFILE=C:\Documents and Settings\HP_Administrator
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI


-- User Profiles ---------------------------------------------------------------

HP_Administrator (admin)
Gameing
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Program Files\HP Games\Airstrike 2 Gulf Thunder\Uninstall.exe"
--> "C:\Program Files\HP Games\Alien Shooter\Uninstall.exe"
--> "C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Bistro Stars\Uninstall.exe"
--> "C:\Program Files\HP Games\Blackhawk Striker 2\Uninstall.exe"
--> "C:\Program Files\HP Games\Blasterball 2 Remix\Uninstall.exe"
--> "C:\Program Files\HP Games\Blasterball 2 Revolution\Uninstall.exe"
--> "C:\Program Files\HP Games\Bookworm Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Bounce Symphony\Uninstall.exe"
--> "C:\Program Files\HP Games\Cake Mania\Uninstall.exe"
--> "C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
--> "C:\Program Files\HP Games\Family Feud\Uninstall.exe"
--> "C:\Program Files\HP Games\FATE\Uninstall.exe"
--> "C:\Program Files\HP Games\Garden Dreams\Uninstall.exe"
--> "C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\JEOPARDY\Uninstall.exe"
--> "C:\Program Files\HP Games\Jewel Quest\Uninstall.exe"
--> "C:\Program Files\HP Games\LEGO Builder Bots\Uninstall.exe"
--> "C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
--> "C:\Program Files\HP Games\Mystery Case Files\Uninstall.exe"
--> "C:\Program Files\HP Games\Penguins!\Uninstall.exe"
--> "C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
--> "C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
--> "C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe"
--> "C:\Program Files\HP Games\SCRABBLE\Uninstall.exe"
--> "C:\Program Files\HP Games\Slingo Deluxe\Uninstall.exe"
--> "C:\Program Files\HP Games\Snowy Space Trip\Uninstall.exe"
--> "C:\Program Files\HP Games\Super Granny\Uninstall.exe"
--> "C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
--> "C:\Program Files\HP Games\Wheel of Fortune\Uninstall.exe"
--> "C:\Program Files\WildTangent\Apps\My HP Game Console\Uninstall.exe"
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activ eX.exe
Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Reader 7.0.5 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70500000002}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
AIM 6 --> C:\Program Files\AIM6\uninst.exe
AIMTunes --> C:\Program Files\AIMTunes\Uninstall.exe
Alky for Applications (Windows XP) --> MsiExec.exe /X{BB05D173-9681-4812-A7FA-BD4042A3DA00}
Apple Software Update --> MsiExec.exe /I{74EC78BC-B379-4E29-9006-8F161DCAABA6}
ATI Catalyst Control Center --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x9
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallI NFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_classISPLAY -clean
Audiosurf Demo --> "C:\Program Files\Steam\steam.exe" steam://uninstall/12910
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CDBurnerXP --> "C:\Program Files\CDBurnerXP\unins000.exe"
Crimson Editor (remove only) --> C:\Program Files\Crimson Editor\uninstall.exe
Customer Experience Enhancement --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1 \IDriver.exe /M{23012310-3E05-46A5-88A9-C6CBCABCAC79} /l1033
Data Fax SoftModem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SU BSYS_200C14F1\HXFSETUP.EXE -U -ITrx200Ck.inf
DeepBurner v1.8.0.224 --> "C:\Program Files\Astonsoft\DeepBurner\Uninstall.exe" "C:\Program Files\Astonsoft\DeepBurner\install.log"
DISCover --> "C:\Program Files\DISC\uninstall.exe"
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Download Manager 2.3.6 --> C:\Program Files\Download Manager\uninst.exe
Earthsim --> "C:\Documents and Settings\All Users\Application Data\Earthsim\Channel\esuninst.exe"
Easy Internet Sign-up --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1 \IDriver.exe /M{8105684D-8CA6-440D-8F58-7E5FD67A499D} /l1033
EFT Shipfit --> C:\Program Files\EFT Shipfit\Uninstal.exe
Enhanced Multimedia Keyboard Solution --> C:\HP\KBD\Install.exe /u
Enhancement Diversification Calculator v1.2.0.0 --> MsiExec.exe /I{5C976F1F-72B1-4363-AF88-5B68939767C2}
EVE-ONLINE (remove only) --> C:\Program Files\CCP\EVE\Uninstall.exe
EvE MEEP --> C:\Program Files\EvE MEEP\Uninstal.exe
EVEMon --> C:\Program Files\EVEMon\uninstall.exe
EVEREST Home Edition v2.20 --> "C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Final Drive Fury --> "C:\Program Files\HP Games\Final Drive Fury\Uninstall.exe"
Final Drive Nitro --> "C:\Program Files\HP Games\Final Drive Nitro\Uninstall.exe"
Futuremark SystemInfo --> C:\Program Files\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe -runfromtemp -l0x0009 -removeonly
Gadget Installer --> MsiExec.exe /I{3F3733A5-8322-454D-A638-3B74E1C83752}
GIMP 2.4.5 --> "C:\Program Files\GIMP-2.0\setup\unins000.exe"
Guild Wars --> "C:\Program Files\Guild Wars\Gw.exe" -uninstall
HijackThis 2.0.2 --> "C:\HJT\HijackThis.exe" /uninstall
HP Boot Optimizer --> MsiExec.exe /X{1341D838-719C-4A05-B50F-49420CA1B4BB}
HP Customer Participation Program 7.0 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP DigitalMedia Archive --> MsiExec.exe /X{F80239D8-7811-4D5E-B033-0D0BBFE32920}
HP DVD Play 2.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
HP Imaging Device Functions 7.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart and Deskjet 7.0 Software --> C:\Program Files\HP\Digital Imaging\{76BEC1D7-8A9F-472D-84C7-014BB155E4B2}\setup\hpzscr01.exe -datfile hphscr11.dat -showdisconnect -forcereboot
HP Photosmart Essential --> MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F}
HP Photosmart Premier Software 6.5 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Solution Center 7.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
IL Download Manager --> C:\Program Files\Image-Line\Downloader\uninstall.exe
IMVU Avatar Chat Software --> C:\Program Files\IMVU\Uninstall.exe
Intel(R) Graphics Media Accelerator Driver --> C:\WINDOWS\system32\igxpun.exe -uninstall
Intel(R) Matrix Storage Manager --> C:\WINDOWS\System32\Imsmudlg.exe
Intel(R) Network Connections Drivers --> Prounstl.exe
Intel(R) Quick Resume Technology Drivers --> C:\WINDOWS\System32\Elusetup.exe
Intel Viiv™ Software --> MsiExec.exe /X{EEFEBB48-329E-46F6-AEB8-929A5BAFDB2F}
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
LiveReg (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate 1.7 (Symantec Corporation) --> C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
longhorn555.zip --> C:\PROGRA~1\FILESU~1\LONGHO~1.ZIP\UNWISE.EXE C:\PROGRA~1\FILESU~1\LONGHO~1.ZIP\INSTALL.LOG
Microsoft Base Smart Card Cryptographic Service Provider Package --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst .exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spu ninst.exe"
Microsoft Money 2006 --> "C:\Program Files\Microsoft Money 2006\MNYCoreFiles\Setup\uninst.exe" /s:120
Microsoft Office Standard Edition 2003 60 days trial --> c:\hp\bin\cloaker.exe c:\hp\bin\MSOffice\uninst.cmd
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spunin st.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works --> MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
Mozilla Firefox (2.0.0.13) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN --> C:\Program Files\MSN\MsnInstaller\msniadm.exe /Action:ARP
MSN Messenger 7.0 --> MsiExec.exe /I{ABEB838C-A1A7-4C5D-B7E1-8B4314600816}
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
muvee autoProducer 5.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\070 1\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB4740B3-2530-452D-A825-F7AB246CA7DF}\setup.exe" -l0x9
muvee autoProducer unPlugged 2.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\070 1\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5FDD0538-C67A-4F67-B3F8-09D1AAF04D99}\setup.exe" -l0x9
My HP Games --> "C:\Program Files\HP Games\Uninstall.exe"
Reply With Quote
  #10  
Old March 27th, 2008, 03:42 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
 
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
Norton Utilities 2002 for Windows --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Norton Utilities\Uninst.isu" -c"C:\Program Files\Norton Utilities\_ISNU.DLL"
Otto --> "C:\Program Files\EnglishOtto\uninstallotto.exe"
PC-Doctor 5 for Windows --> C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
Python 2.2 pywin32 extensions (build 203) --> "C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3 --> C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
Quake III Arena --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Quake III Arena\QIII.isu"
Quicken 2006 --> MsiExec.exe /X{2818095F-FB6C-42C8-827E-0A406CC9AFF5}
QuickTime --> MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RtlUpd.exe -r -m
ShotOnline International --> C:\Program Files\ShotOnline International\uninst.exe
SHOUTcast DNAS (remove only) --> "C:\Program Files\SHOUTcast\uninst-dnas.exe"
SHOUTcast Source DSP 1.9.0 (remove only) --> C:\Program Files\Winamp\uninst-dsp.exe
Sonic Express Labeler --> MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus --> MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic RecordNow Audio --> MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic RecordNow Copy --> MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic RecordNow Data --> MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205}
Sonic Update Manager --> MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Steam --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SUPERAntiSpyware Free Edition --> MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Tasco SkyWatch (Remove only) --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6E84D0-AA30-11D1-A245-00A024C41DAA}\setup.exe" -uninst
Update Rollup 2 for Windows XP Media Center Edition 2005 -->
Updates from HP (remove only) --> C:\WINDOWS\HPCPCUninstall-9972322\HPBWSetup.exe -appid 9972322 -uninstall
Ventrilo Client --> MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Viewpoint Media Player --> C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
Winamp --> "C:\Program Files\Winamp\UninstWA.exe"
Winamp Toolbar --> "C:\Program Files\Winamp Toolbar\uninstall.exe"
Windows Communication Foundation --> MsiExec.exe /X{491DD792-AD81-429C-9EB4-86DD3D22E333}
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe "
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spunin st.exe"
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Sidebar for Windows XP/2003 --> C:\Program Files\Windows Sidebar\Uninstall.exe
Windows Workflow Foundation --> MsiExec.exe /I{7D1B85BD-AA07-48B8-808D-67A4067FC6BD}
WinZip 11.1 --> MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}
World of Kaneva V2.0 --> C:\Program Files\Kaneva\World of Kaneva V2.0\uninst.exe
Xfire (remove only) --> "C:\Program Files\Xfire\uninst.exe"
XML Paper Specification Shared Components Pack 1.0 -->
Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
ZoneAlarm Spy Blocker --> rundll32 C:\PROGRA~1\ZONEAL~1\bar\1.bin\SpyBlock.dll,O


-- Application Event Log -------------------------------------------------------

Event Record #/Type15177 / Warning
Event Submitted/Written: 03/26/2008 07:28:06 PM
Event ID/Source: 1524 / Userenv
Event Description:
Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use.

Event Record #/Type15176 / Error
Event Submitted/Written: 03/26/2008 07:27:53 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application msncc.exe, version 2.0.420.0, faulting module canvas.dll, version 2.0.420.0, fault address 0x000123c0.
Processing media-specific event for [msncc.exe!ws!]

Event Record #/Type15175 / Error
Event Submitted/Written: 03/26/2008 07:27:52 PM
Event ID/Source: 4609 / EventSystem
Event Description:
The COM+ Event System detected a bad return code during its internal processing. HRESULT was 8007043C from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemo bj.cpp. Please contact Microsoft Product Support Services to report this error.

Event Record #/Type15169 / Error
Event Submitted/Written: 03/25/2008 03:30:44 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application firefox.exe, version 1.8.20080.20121, faulting module z4spyblk.dll, version 1.0.0.1, fault address 0x00007b4c.
Processing media-specific event for [firefox.exe!ws!]

Event Record #/Type15162 / Error
Event Submitted/Written: 03/24/2008 06:12:26 PM
Event ID/Source: 1002 / Application Hang
Event Description:
Hanging application DivX Player.exe, version 6.7.0.21, hang module hungapp, version 0.0.0.0, hang address 0x00000000.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

No Errors/Warnings found.


-- End of Deckard's System Scanner: finished at 2008-03-26 21:24:54 ------------
Reply With Quote
  #11  
Old March 27th, 2008, 04:02 AM
dahli's Avatar
dahli dahli is offline
CTH Subscriber
 
Join Date: Oct 2004
Location: in a van down by the river
Posts: 5,335
Download combofix.exe and save it to your C folder (C:\ComboFix.exe).

Please disable your antivirus program as it may interfere with ComboFix's routines. Doubleclick on combofix.exe and follow the prompts. A window will open with a warning. Type "1" (and Enter) to start the fix. When the scan completes, Disk Cleanup will run and then a text window with your log will open. Please copy and paste that log back here.

A caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop.


Also go here and download Silent Runners.vbs (use IE to download it) to a new folder on your drive and run it. It generates a log too. It takes a minute or two and it will notify you with a popup when your log is ready (it will be in the new folder you created). Please post the information back in this thread. If your AV queries the script, allow it to run. It's not malicious.
Reply With Quote
  #12  
Old March 27th, 2008, 04:30 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
 
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
ok here is the combo fix log
ComboFix 08-03-25.4 - HP_Administrator 2008-03-26 22:12:23.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1493 [GMT -5:00]
Running from: C:\Documents and Settings\HP_Administrator\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\hbtcoh.dat
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\hbtcoh.exe
c:\Documents and Settings\HP_Administrator\Local Settings\Application Data\hbtcoh_nav.dat
c:\Documents and Settings\HP_Administrator\Local Settings\Application Data\hbtcoh_navps.dat
C:\WINDOWS\Fonts\acrsecB.fon
C:\WINDOWS\Fonts\acrsecI.fon
C:\WINDOWS\smdat32m.sys
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\x64

.
((((((((((((((((((((((((( Files Created from 2008-02-27 to 2008-03-27 )))))))))))))))))))))))))))))))
.

2008-03-26 21:23 . 2008-03-26 21:23 <DIR> d-------- C:\Deckard
2008-03-26 03:00 . 2008-03-26 04:49 <DIR> d-------- C:\Program Files\IMVU
2008-03-26 03:00 . 2008-03-26 19:55 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\IMVU
2008-03-25 01:37 . 2008-03-25 01:37 <DIR> d-------- C:\Program Files\Kaneva
2008-03-18 03:41 . 2008-03-18 03:41 <DIR> d-------- C:\WINDOWS\.jagex_cache_32
2008-03-17 19:03 . 2008-03-25 19:53 <DIR> d-------- C:\Program Files\Xfire
2008-03-17 19:03 . 2008-03-26 22:11 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\Xfire
2008-03-16 16:35 . 2008-03-26 21:18 <DIR> d-------- C:\Program Files\Steam
2008-03-14 20:28 . 2008-03-14 20:28 <DIR> d-------- C:\Documents and Settings\HP_Administrator\.thumbnails
2008-03-13 18:05 . 2008-03-13 18:05 41,296 --a------ C:\WINDOWS\system32\xfcodec.dll
2008-03-13 01:42 . 2008-03-13 01:42 133,468 --a------ C:\Graphics.gif
2008-03-13 01:41 . 2008-03-24 04:14 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\gtk-2.0
2008-03-13 01:04 . 2008-03-13 01:04 <DIR> d-------- C:\Program Files\GIMP-2.0
2008-03-13 01:04 . 2008-03-26 02:38 <DIR> d-------- C:\Documents and Settings\HP_Administrator\.gimp-2.4
2008-03-12 23:03 . 2008-03-12 23:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\CCP
2008-03-12 00:13 . 2008-03-12 00:43 <DIR> d-------- C:\Program Files\Image-Line
2008-03-11 23:19 . 2008-03-24 01:24 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-11 23:19 . 2008-03-11 23:19 1,409 --a------ C:\WINDOWS\QTFont.for
2008-03-11 16:16 . 2008-03-25 03:43 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\LimeWire
2008-03-11 03:08 . 2008-03-11 03:08 <DIR> d-------- C:\Program Files\Need2Find
2008-03-11 01:40 . 2008-03-26 22:15 23,869,472 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-03-11 01:40 . 2008-03-26 21:16 280,124 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-03-11 01:37 . 2008-03-11 01:37 <DIR> d-------- C:\Program Files\ZoneAlarmSB
2008-03-11 01:37 . 2008-03-11 01:37 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-03-11 01:36 . 2008-03-11 01:36 <DIR> d-------- C:\Program Files\Zone Labs
2008-03-11 01:33 . 2008-03-26 21:23 <DIR> d-------- C:\WINDOWS\Internet Logs
2008-03-10 23:06 . 2008-03-10 23:06 <DIR> d-------- C:\Program Files\MSBuild
2008-03-10 23:05 . 2008-03-10 23:05 <DIR> d-------- C:\WINDOWS\system32\XPSViewer
2008-03-10 23:05 . 2008-03-10 23:05 <DIR> d-------- C:\Program Files\Reference Assemblies
2008-03-10 23:04 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2008-03-10 21:24 . 2006-11-13 01:02 288,768 --------- C:\WINDOWS\system32\rhttpaa.dll
2008-03-10 21:24 . 2006-11-13 01:02 116,736 --------- C:\WINDOWS\system32\aaclient.dll
2008-03-10 21:24 . 2006-11-13 01:02 36,352 --------- C:\WINDOWS\system32\tsgqec.dll
2008-03-10 19:47 . 2008-03-10 19:47 <DIR> d-------- C:\Program Files\MSXML 6.0
2008-03-10 19:43 . 2008-03-10 19:43 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-03-10 16:24 . 2008-03-10 16:24 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-03-10 04:29 . 2008-03-10 04:29 1,388 --a------ C:\WINDOWS\_isenv31.ini
2008-03-10 04:29 . 2008-03-10 04:29 1,360 --a------ C:\WINDOWS\_delis32.ini
2008-03-10 04:29 . 2008-03-10 04:29 521 --a------ C:\WINDOWS\_iserr31.ini

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-03-26 23:51 --------- d-----w C:\Program Files\Norton Utilities
2008-03-26 23:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-26 11:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7
2008-03-21 10:36 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-03-12 05:43 --------- d-----w C:\Program Files\VstPlugins
2008-03-12 02:20 --------- d-----w C:\Program Files\ShotOnline International
2008-03-11 23:00 --------- d-----w C:\Program Files\QuickTime
2008-03-11 08:36 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-11 07:18 --------- d-----w C:\Program Files\City of Heroes
2008-03-11 05:13 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\AVG7
2008-03-10 09:05 --------- d-----w C:\Program Files\HP Games
2008-03-10 09:02 --------- d-----w C:\Program Files\Common Files\Adobe
2008-03-06 04:30 --------- d-----w C:\Program Files\EVEMon
2008-03-06 04:30 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\EVEMon
2008-03-06 01:46 --------- d-----w C:\Program Files\DivX
2008-02-21 02:05 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2008-02-21 02:05 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-02-21 02:05 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2008-02-21 02:05 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2008-02-21 02:05 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2008-02-21 02:05 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2008-02-21 02:05 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2008-02-21 02:04 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-02-21 02:04 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-02-21 02:04 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-02-21 02:04 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-02-21 02:04 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2008-02-21 02:04 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-02-21 02:04 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-02-21 02:04 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-02-21 02:04 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-02-21 02:04 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-02-21 02:04 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2008-02-21 02:04 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2008-02-21 02:03 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-02-21 02:03 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2008-02-20 03:03 --------- d-----w C:\Program Files\FileSubmit
2008-02-20 03:00 --------- d-----w C:\Program Files\VVSN
2008-02-20 02:39 --------- d-----w C:\Program Files\Mojicon Installer
2008-02-20 02:39 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\FileSubmit
2008-02-19 23:46 --------- d-----w C:\Program Files\EvE MEEP
2008-02-19 21:22 --------- d-----w C:\Program Files\AIMTunes
2008-02-19 06:27 --------- d-----w C:\Program Files\AIM6
2008-02-19 06:18 --------- d-----w C:\Program Files\Viewpoint
2008-02-19 06:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL Downloads
2008-02-19 06:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2008-02-17 04:53 --------- d-----w C:\Program Files\Mplayer
2008-02-17 04:51 --------- d-----w C:\Program Files\Quake III Arena
2008-02-14 02:19 --------- d-----w C:\Program Files\Common Files\Futuremark Shared
2008-02-11 02:40 --------- d-----w C:\Program Files\EFT Shipfit
2008-02-10 00:46 --------- d-----w C:\Documents and Settings\Gameing\Application Data\ATI
2008-02-09 20:11 --------- d-----w C:\Documents and Settings\All Users\Application Data\Geek Squad
2008-02-07 11:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Earthsim
2008-02-07 07:50 --------- d-----w C:\Program Files\CCP
2008-02-07 07:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\ATI
2008-02-07 07:41 --------- d-----w C:\Program Files\ATI Technologies
2008-02-07 04:10 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\ATI
2008-02-06 09:00 --------- d-----w C:\Program Files\World of Warcraft
2008-01-29 10:17 --------- d-----w C:\Program Files\StarWarsGalaxies
2008-01-28 11:03 --------- d-----w C:\Program Files\VistaExperience.org
2008-01-28 10:56 --------- d-----w C:\Program Files\Windows Sidebar
2008-01-28 10:52 --------- d-----w C:\Program Files\Alky for Applications
2008-01-27 21:34 --------- d-----w C:\Documents and Settings\All Users\Application Data\WildTangent
2008-01-27 09:19 --------- d-----w C:\Documents and Settings\HP_Administrator\Application Data\Talkback
2008-01-11 05:53 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
2007-11-22 09:07 0 ----a-w C:\Documents and Settings\HP_Administrator\Application Data\wklnhst.dat
2007-08-26 03:20 452,957 ----a-w C:\WINDOWS\Fonts\star_jedi.zip
2006-12-27 02:35 251 -c--a-w C:\Program Files\wt3d.ini
Reply With Quote
  #13  
Old March 27th, 2008, 04:30 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
 
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
2006-12-26 09:39 49 -c--a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb6500.dat
2006-12-08 19:25 18,432 -c--a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb1322.dat
2006-12-07 21:50 382 -c--a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb1942.dat
2006-12-01 22:53 20,480 -c--a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb4827.dat
2006-11-29 00:15 9,216 -c--a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb9169.dat
2006-11-29 00:15 0 -c--a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb5724.dat
2006-11-20 06:28 49 -c--a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb41.dat
2006-11-17 09:38 9,216 -c--a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb8467.dat
2006-11-17 09:38 0 -c--a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb6334.dat
2006-11-17 09:35 0 -c--a-w C:\Documents and Settings\HP_Administrator\Application Data\internaldb5436.dat
2006-11-07 01:58 157 -c--a-w C:\Program Files\MIB2ROM.TXT
2006-02-19 17:28 12,288 -c--a-w C:\WINDOWS\Fonts\RandFont.dll
2000-08-30 20:46 1,807,072 ------w C:\Program Files\vcredist.exe
2006-11-02 02:52 22 -csha-w C:\WINDOWS\SMINST\HPCD.sys
.

((((((((((((((((((((((((((((( snapshot_2007-09-20_160737.45 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-08-20 10:02:09 124,928 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\advpack.dll
+ 2007-08-20 10:02:11 214,528 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\dxtrans.dll
+ 2007-08-20 10:02:09 132,608 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\extmgr.dll
+ 2007-08-20 10:02:09 63,488 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\icardie.dll
+ 2007-08-17 10:12:34 70,656 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ie4uinit.exe
+ 2007-08-20 10:02:09 153,088 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieakeng.dll
+ 2007-08-20 10:02:09 230,400 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieaksie.dll
+ 2007-08-17 07:29:55 161,792 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieakui.dll
+ 2007-04-17 09:28:12 2,455,488 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieapfltr.dat
+ 2007-08-20 10:02:09 383,488 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieapfltr.dll
+ 2007-08-20 10:02:09 387,584 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iedkcs32.dll
+ 2007-08-20 10:02:10 6,066,176 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieframe.dll
+ 2007-08-20 10:02:10 44,544 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iernonce.dll
+ 2007-08-20 10:02:10 267,776 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iertutil.dll
+ 2007-08-17 10:12:35 13,824 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieudinit.exe
+ 2007-08-17 10:12:49 625,152 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iexplore.exe
+ 2007-08-20 10:02:10 27,648 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\jsproxy.dll
+ 2007-08-20 10:02:10 459,264 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msfeeds.dll
+ 2007-08-20 10:02:10 52,224 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msfeedsbs.dll
+ 2007-08-20 10:02:11 3,592,192 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mshtml.dll
+ 2007-08-20 10:02:11 478,208 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mshtmled.dll
+ 2007-08-20 10:02:11 193,024 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\msrating.dll
+ 2007-08-20 10:02:11 671,232 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\mstime.dll
+ 2007-08-20 10:02:11 102,400 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\occache.dll
+ 2007-08-20 10:02:11 105,984 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\url.dll
+ 2007-08-20 10:02:11 1,161,728 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\urlmon.dll
+ 2007-08-20 10:02:11 232,960 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\webcheck.dll
+ 2007-08-20 10:02:11 825,344 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB939653-IE7\update\updspapi.dll
+ 2007-08-21 06:25:02 683,520 ----a-w C:\WINDOWS\$hf_mig$\KB941202\SP2QFE\inetcomm.dll
+ 2007-03-06 01:22:36 14,048 ----a-w C:\WINDOWS\$hf_mig$\KB941202\spmsg.dll
+ 2007-03-06 01:22:41 213,216 ----a-w C:\WINDOWS\$hf_mig$\KB941202\spuninst.exe
+ 2007-03-06 01:22:34 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941202\update\spcustom.dll
+ 2007-03-06 01:22:59 716,000 ----a-w C:\WINDOWS\$hf_mig$\KB941202\update\update.exe
+ 2007-03-06 01:23:51 371,424 ----a-w C:\WINDOWS\$hf_mig$\KB941202\update\updspapi.dll
- 2005-08-04 08:29:52 428,544 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\blackbox.dll
+ 2006-03-03 12:26:29 429,056 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\blackbox.dll
- 2005-08-04 08:29:52 579,584 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\drmv2clt.dll
+ 2006-03-03 12:26:57 581,632 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\drmv2clt.dll
- 2005-08-04 08:29:54 2,330,624 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmvcore.dll
+ 2006-12-07 04:14:51 2,330,624 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wmvcore.dll
- 2005-08-04 08:29:54 38,912 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpd_ci.dll
+ 2006-03-03 12:33:09 38,912 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpd_ci.dll
- 2005-08-04 08:29:54 61,952 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdconns.dll
+ 2006-03-03 12:32:57 61,952 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdconns.dll
- 2005-08-04 08:29:54 114,176 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdmtp.dll
+ 2006-03-03 12:33:00 114,176 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdmtp.dll
- 2005-08-04 08:29:54 66,560 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdmtpus.dll
+ 2006-03-03 12:33:00 66,560 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdmtpus.dll
- 2005-08-04 08:29:54 329,728 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdsp.dll
+ 2006-03-03 12:33:10 329,728 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdsp.dll
- 2005-08-04 08:29:54 18,944 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdusb.sys
+ 2006-03-03 12:33:01 18,944 -c----w C:\WINDOWS\$NtUninstallWMFDist11$\wpdusb.sys
- 2004-08-10 04:00:00 819,200 -c----w C:\WINDOWS\$NtUninstallwmp11$\setup_wm.exe
+ 2006-10-02 19:30:10 819,200 -c----w C:\WINDOWS\$NtUninstallwmp11$\setup_wm.exe
- 2005-12-06 20:02:16 5,533,696 -c----w C:\WINDOWS\$NtUninstallwmp11$\wmp.dll
+ 2007-04-30 13:20:24 5,537,792 -c----w C:\WINDOWS\$NtUninstallwmp11$\wmp.dll
- 2004-08-10 04:00:00 73,728 -c----w C:\WINDOWS\$NtUninstallwmp11$\wmplayer.exe
+ 2005-06-24 01:09:49 73,728 -c----w C:\WINDOWS\$NtUninstallwmp11$\wmplayer.exe
- 2005-11-09 02:55:16 3,371,008 -c----w C:\WINDOWS\$NtUninstallwmp11$\wmploc.dll
+ 2005-06-24 01:15:30 3,371,008 -c----w C:\WINDOWS\$NtUninstallwmp11$\wmploc.dll
+ 2000-06-24 16:40:34 509,984 ----a-w C:\WINDOWS\50comupd.exe
- 1999-04-24 20:22:00 92,112 ----a-w C:\WINDOWS\ADVPACK.DLL
+ 2000-02-14 18:24:02 74,960 ----a-r C:\WINDOWS\ADVPACK.DLL
- 2005-05-03 23:43:28 69,632 ----a-r C:\WINDOWS\Alcmtr.exe
+ 2005-05-03 15:43:28 69,632 ----a-w C:\WINDOWS\ALCMTR.EXE
- 2006-05-04 21:26:36 2,808,832 ----a-r C:\WINDOWS\alcwzrd.exe
+ 2006-05-04 13:26:36 2,808,832 ----a-w C:\WINDOWS\ALCWZRD.EXE
+ 2008-02-07 07:41:47 135,168 ----a-w C:\WINDOWS\assembly\GAC\AxInterop.MSComctlLib\2.0. 0.0__90ba9c70f846762e\AxInterop.MSComctlLib.DLL
+ 2008-02-07 07:41:47 212,992 ----a-w C:\WINDOWS\assembly\GAC\AxInterop.MSForms\2.0.0.0_ _90ba9c70f846762e\AxInterop.MSForms.DLL
+ 2008-02-07 07:41:41 15,360 ----a-w C:\WINDOWS\assembly\GAC\AxInterop.WBOCXLib\1.0.0.0 __90ba9c70f846762e\AxInterop.WBOCXLib.DLL
- 2006-08-20 04:23:49 1,863,680 ----a-w C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856a d364e35\EhCM.dll
+ 2008-02-04 09:15:23 1,863,680 ----a-w C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856a d364e35\ehcm.dll
- 2006-08-20 04:23:49 864,256 ----a-w C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856 ad364e35\ehepg.dll
+ 2008-02-04 09:15:23 868,352 ----a-w C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856 ad364e35\ehepg.dll
- 2006-08-20 04:23:49 204,800 -c--a-w C:\WINDOWS\assembly\GAC\ehiPlay\6.0.3000.0__31bf38 56ad364e35\ehiPlay.dll
+ 2008-02-04 09:15:24 204,800 ----a-w C:\WINDOWS\assembly\GAC\ehiPlay\6.0.3000.0__31bf38 56ad364e35\ehiplay.dll
+ 2008-02-07 07:41:41 143,360 ----a-w C:\WINDOWS\assembly\GAC\ICSharpCode.SharpZipLib\0.84.0.0__1b03e6acf1164f73\ICSharpCode.SharpZipLib. DLL
+ 2008-02-07 07:41:48 225,280 ----a-w C:\WINDOWS\assembly\GAC\Interop.MSComctlLib\2.0.0. 0__90ba9c70f846762e\Interop.MSComctlLib.DLL
+ 2008-02-07 07:41:48 360,448 ----a-w C:\WINDOWS\assembly\GAC\Interop.MSForms\2.0.0.0__9 0ba9c70f846762e\Interop.MSForms.DLL
+ 2008-02-07 07:41:48 49,152 ----a-w C:\WINDOWS\assembly\GAC\Interop.NewIWshRuntimeLibr ary\1.0.0.0__90ba9c70f846762e\Interop.NewIWshRunti meLibrary.DLL
+ 2008-02-07 07:41:41 13,312 ----a-w C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__ 90ba9c70f846762e\Interop.WBOCXLib.DLL
- 2006-11-02 00:01:56 68,608 -c--a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0. 0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2008-03-10 21:11:05 69,120 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0. 0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2006-11-02 00:01:57 72,192 -c--a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b0 3f5f7f11d50a3a\ISymWrapper.dll
+ 2008-03-10 21:11:09 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b0 3f5f7f11d50a3a\ISymWrapper.dll
+ 2008-03-11 04:05:12 151,552 ----a-w C:\WINDOWS\assembly\GAC_32\Microsoft.Transactions. Bridge.Dtc\3.0.0.0__b03f5f7f11d50a3a\Microsoft.Tra nsactions.Bridge.Dtc.dll
- 2006-11-02 00:01:57 4,308,992 -c--a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5 c561934e089\mscorlib.dll
+ 2008-03-10 21:10:56 4,444,160 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5 c561934e089\mscorlib.dll
+ 2008-03-11 04:05:28 3,915,776 ----a-w C:\WINDOWS\assembly\GAC_32\PresentationCore\3.0.0. 0__31bf3856ad364e35\PresentationCore.dll
- 2006-11-02 00:01:58 482,304 -c--a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClien t\2.0.0.0__b77a5c561934e089\System.Data.OracleClie nt.dll
+ 2008-03-10 21:11:11 483,840 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClien t\2.0.0.0__b77a5c561934e089\System.Data.OracleClie nt.dll
- 2006-11-02 00:01:57 2,878,976 -c--a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b7 7a5c561934e089\System.Data.dll
+ 2008-03-10 21:11:00 3,036,160 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b7 7a5c561934e089\System.Data.dll
Reply With Quote
  #14  
Old March 27th, 2008, 04:32 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
 
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
+ 2008-03-10 21:11:13 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServic es\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServ ices.dll
+ 2008-03-10 21:11:13 113,664 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServic es\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServ ices.Wrapper.dll
+ 2008-03-11 04:05:29 344,064 ----a-w C:\WINDOWS\assembly\GAC_32\System.Printing\3.0.0.0 __31bf3856ad364e35\System.Printing.dll
- 2006-11-02 00:01:58 260,096 -c--a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0 .0.0__b77a5c561934e089\System.Transactions.dll
+ 2008-03-10 21:11:10 261,120 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0 .0.0__b77a5c561934e089\System.Transactions.dll
- 2006-11-02 00:01:56 5,029,888 -c--a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03 f5f7f11d50a3a\System.Web.dll
+ 2008-03-10 21:10:58 5,431,296 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03 f5f7f11d50a3a\System.Web.dll
- 2006-11-02 00:01:56 10,752 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0 __b03f5f7f11d50a3a\Accessibility.dll
+ 2008-03-10 21:11:03 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0 __b03f5f7f11d50a3a\Accessibility.dll
+ 2008-02-07 07:41:44 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.Displays Manager.Shared\2.0.2573.17685__90ba9c70f846762e\AC E.Graphics.DisplaysManager.Shared.DLL
+ 2008-02-07 07:41:48 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shar ed\2.0.2756.30547__90ba9c70f846762e\AEM.Actions.CC AA.Shared.DLL
+ 2008-02-07 07:41:45 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.27 56.30537__90ba9c70f846762e\AEM.Foundation.DLL
+ 2008-02-07 07:41:48 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Share d\2.0.2756.30563__90ba9c70f846762e\AEM.Plugin.DPPE .Shared.DLL
+ 2008-02-07 07:41:48 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared \2.0.2756.30557__90ba9c70f846762e\AEM.Plugin.EEU.S hared.DLL
+ 2008-02-07 07:41:48 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\ 2.0.2756.30563__90ba9c70f846762e\AEM.Plugin.GD.Sha red.DLL
+ 2008-02-07 07:41:48 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Sh ared\2.0.2756.30551__90ba9c70f846762e\AEM.Plugin.H otkeys.Shared.DLL
+ 2008-02-07 07:41:48 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.EEU .Shared\2.0.2756.30561__90ba9c70f846762e\AEM.Plugi n.Source.EEU.Shared.DLL
+ 2008-02-07 07:41:48 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.GD. Shared\2.0.2756.30560__90ba9c70f846762e\AEM.Plugin .Source.GD.Shared.DLL
+ 2008-02-07 07:41:41 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit .Server\2.0.2789.37351__90ba9c70f846762e\AEM.Plugi n.Source.Kit.Server.DLL
+ 2008-02-07 07:41:45 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0 .2756.30551__90ba9c70f846762e\AEM.Server.Shared.DL L
+ 2008-02-07 07:41:40 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.2789.3 6947__90ba9c70f846762e\AEM.Server.DLL
+ 2008-02-07 07:41:45 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.UI.Shared\2.0.275 6.30588__90ba9c70f846762e\AEM.UI.Shared.DLL
+ 2008-02-07 07:41:40 94,208 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AEM.UI\2.0.2789.37293 __90ba9c70f846762e\AEM.UI.DLL
+ 2008-02-07 07:41:45 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.27 56.30555__90ba9c70f846762e\APM.Foundation.DLL
+ 2008-02-07 07:41:40 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.2789.3 6946__90ba9c70f846762e\APM.Server.DLL
- 2006-11-02 00:01:55 503,808 -c--a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0_ _b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-03-10 21:10:59 507,904 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0_ _b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2008-02-07 07:41:40 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90b a9c70f846762e\ATICCCom.DLL
+ 2008-02-07 07:41:40 65,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.2789.369 50__90ba9c70f846762e\ATIDEMOS.DLL
+ 2008-02-07 07:41:48 6,656 ----a-w C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90b a9c70f846762e\atixclib.DLL
+ 2008-02-07 07:41:47 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AxInterop.SHDocVw\1.1 .0.0__90ba9c70f846762e\AxInterop.SHDocVw.DLL
+ 2008-02-07 07:41:40 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2. 0.2789.37293__90ba9c70f846762e\CCC.Implementation. DLL
+ 2008-02-07 07:41:47 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CCC\2.0.0.0__90ba9c70 f846762e\CCC.EXE
+ 2008-02-07 07:41:54 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.AForce.Gra phics.Dashboard.resources\2.0.2789.37345_ja_90ba9c 70f846762e\CLI.Aspect.AForce.Graphics.Dashboard.re sources.DLL
+ 2008-02-07 07:41:56 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.AForce.Gra phics.Dashboard.resources\2.0.2789.37345_ko_90ba9c 70f846762e\CLI.Aspect.AForce.Graphics.Dashboard.re sources.DLL
+ 2008-02-07 07:41:57 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.AForce.Gra phics.Dashboard.resources\2.0.2789.37345_th_90ba9c 70f846762e\CLI.Aspect.AForce.Graphics.Dashboard.re sources.DLL
+ 2008-02-07 07:41:59 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.AForce.Gra phics.Dashboard.resources\2.0.2789.37345_zh-CHS_90ba9c70f846762e\CLI.Aspect.AForce.Graphics.Da shboard.resources.DLL
+ 2008-02-07 07:42:01 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.AForce.Gra phics.Dashboard.resources\2.0.2789.37345_zh-CHT_90ba9c70f846762e\CLI.Aspect.AForce.Graphics.Da shboard.resources.DLL
+ 2008-02-07 07:41:48 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.AForce.Gra phics.Dashboard\2.0.2789.37345__90ba9c70f846762e\C LI.Aspect.AForce.Graphics.Dashboard.DLL
+ 2008-02-07 07:41:48 12,288 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.AForce.Gra phics.Runtime\2.0.2789.37344__90ba9c70f846762e\CLI .Aspect.AForce.Graphics.Runtime.DLL
+ 2008-02-07 07:41:45 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.AForce.Gra phics.Shared\2.0.2756.30559__90ba9c70f846762e\CLI. Aspect.AForce.Graphics.Shared.DLL
+ 2008-02-07 07:41:45 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomForm ats.Graphics.Shared\2.0.2756.30558__90ba9c70f84676 2e\CLI.Aspect.CustomFormats.Graphics.Shared.DLL
+ 2008-02-07 07:41:54 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomForm atSelection.Graphics.Dashboard.resources\2.0.2789. 37116_ja_90ba9c70f846762e\CLI.Aspect.CustomFormatS election.Graphics.Dashboard.resources.DLL
+ 2008-02-07 07:41:55 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomForm atSelection.Graphics.Dashboard.resources\2.0.2789. 37116_ko_90ba9c70f846762e\CLI.Aspect.CustomFormatS election.Graphics.Dashboard.resources.DLL
+ 2008-02-07 07:41:57 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomForm atSelection.Graphics.Dashboard.resources\2.0.2789. 37116_th_90ba9c70f846762e\CLI.Aspect.CustomFormatS election.Graphics.Dashboard.resources.DLL
+ 2008-02-07 07:41:58 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomForm atSelection.Graphics.Dashboard.resources\2.0.2789. 37116_zh-CHS_90ba9c70f846762e\CLI.Aspect.CustomFormatSelect ion.Graphics.Dashboard.resources.DLL
+ 2008-02-07 07:42:01 16,384 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomForm atSelection.Graphics.Dashboard.resources\2.0.2789. 37116_zh-CHT_90ba9c70f846762e\CLI.Aspect.CustomFormatSelect ion.Graphics.Dashboard.resources.DLL
+ 2008-02-07 07:41:40 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomForm atSelection.Graphics.Dashboard.Shared.Private\2.0. 2756.30592__90ba9c70f846762e\CLI.Aspect.CustomForm atSelection.Graphics.Dashboard.Shared.Private.DLL
+ 2008-02-07 07:41:48 98,304 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomForm atSelection.Graphics.Dashboard\2.0.2789.37116__90b a9c70f846762e\CLI.Aspect.CustomFormatSelection.Gra phics.Dashboard.DLL
+ 2008-02-07 07:41:53 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT. Graphics.Dashboard.resources\2.0.2789.37141_ja_90b a9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashbo ard.resources.DLL
+ 2008-02-07 07:41:55 311,296 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT. Graphics.Dashboard.resources\2.0.2789.37141_ko_90b a9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashbo ard.resources.DLL
+ 2008-02-07 07:41:57 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT. Graphics.Dashboard.resources\2.0.2789.37141_th_90b a9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashbo ard.resources.DLL
+ 2008-02-07 07:41:58 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT. Graphics.Dashboard.resources\2.0.2789.37141_zh-CHS_90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics .Dashboard.resources.DLL
+ 2008-02-07 07:42:01 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT. Graphics.Dashboard.resources\2.0.2789.37141_zh-CHT_90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics .Dashboard.resources.DLL
+ 2008-02-07 07:41:49 475,136 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT. Graphics.Dashboard\2.0.2789.37141__90ba9c70f846762 e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.DLL
+ 2008-02-07 07:41:48 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT. Graphics.Runtime\2.0.2789.37147__90ba9c70f846762e\ CLI.Aspect.DeviceCRT.Graphics.Runtime.DLL
+ 2008-02-07 07:41:45 53,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT. Graphics.Shared\2.0.2756.30564__90ba9c70f846762e\C LI.Aspect.DeviceCRT.Graphics.Shared.DLL
+ 2008-02-07 07:41:53 126,976 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.G raphics.Dashboard.resources\2.0.2789.37219_ja_90ba 9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboar d.resources.DLL
+ 2008-02-07 07:41:55 192,512 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.G raphics.Dashboard.resources\2.0.2789.37219_ko_90ba 9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboar d.resources.DLL
+ 2008-02-07 07:41:56 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.G raphics.Dashboard.resources\2.0.2789.37219_th_90ba 9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboar d.resources.DLL
+ 2008-02-07 07:41:58 122,880 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.G raphics.Dashboard.resources\2.0.2789.37219_zh-CHS_90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics. Dashboard.resources.DLL
+ 2008-02-07 07:41:59 122,880 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.G raphics.Dashboard.resources\2.0.2789.37219_zh-CHT_90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics. Dashboard.resources.DLL
+ 2008-02-07 07:41:49 659,456 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.G raphics.Dashboard\2.0.2789.37219__90ba9c70f846762e \CLI.Aspect.DeviceCV.Graphics.Dashboard.DLL
+ 2008-02-07 07:42:02 65,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.G raphics.Runtime\2.0.2789.37216__90ba9c70f846762e\C LI.Aspect.DeviceCV.Graphics.Runtime.DLL
+ 2008-02-07 07:41:45 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.G raphics.Shared\2.0.2756.30567__90ba9c70f846762e\CL I.Aspect.DeviceCV.Graphics.Shared.DLL
+ 2008-02-07 07:42:02 53,248 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.G raphics.Wizard.resources\2.0.2789.37243_ja_90ba9c7 0f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.reso urces.DLL
+ 2008-02-07 07:42:03 49,152 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.G raphics.Wizard.resources\2.0.2789.37243_ko_90ba9c7 0f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.reso urces.DLL
+ 2008-02-07 07:42:03 57,344 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.G raphics.Wizard.resources\2.0.2789.37243_th_90ba9c7 0f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.reso urces.DLL
+ 2008-02-07 07:42:03 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.G raphics.Wizard.resources\2.0.2789.37243_zh-CHS_90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics. Wizard.resources.DLL
+ 2008-02-07 07:42:04 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.G raphics.Wizard.resources\2.0.2789.37243_zh-CHT_90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics. Wizard.resources.DLL
+ 2008-02-07 07:42:02 684,032 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.G raphics.Wizard\2.0.2789.37243__90ba9c70f846762e\CL I.Aspect.DeviceCV.Graphics.Wizard.DLL
+ 2008-02-07 07:41:54 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP. Graphics.Dashboard.resources\2.0.2789.37131_ja_90b a9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashbo ard.resources.DLL
+ 2008-02-07 07:41:55 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP. Graphics.Dashboard.resources\2.0.2789.37131_ko_90b a9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashbo ard.resources.DLL
+ 2008-02-07 07:41:57 15,872 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP. Graphics.Dashboard.resources\2.0.2789.37131_th_90b a9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashbo ard.resources.DLL
+ 2008-02-07 07:41:58 11,776 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP. Graphics.Dashboard.resources\2.0.2789.37131_zh-CHS_90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics .Dashboard.resources.DLL
+ 2008-02-07 07:42:01 11,776 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP. Graphics.Dashboard.resources\2.0.2789.37131_zh-CHT_90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics .Dashboard.resources.DLL
+ 2008-02-07 07:41:49 331,776 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP. Graphics.Dashboard\2.0.2789.37131__90ba9c70f846762 e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.DLL
+ 2008-02-07 07:41:49 57,344 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP. Graphics.Runtime\2.0.2789.37138__90ba9c70f846762e\ CLI.Aspect.DeviceDFP.Graphics.Runtime.DLL
+ 2008-02-07 07:41:45 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP. Graphics.Shared\2.0.2756.30590__90ba9c70f846762e\C LI.Aspect.DeviceDFP.Graphics.Shared.DLL
+ 2008-02-07 07:41:53 13,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD. Graphics.Dashboard.resources\2.0.2789.37201_ja_90b a9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashbo ard.resources.DLL
+ 2008-02-07 07:41:55 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD. Graphics.Dashboard.resources\2.0.2789.37201_ko_90b a9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashbo ard.resources.DLL
+ 2008-02-07 07:41:56 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD. Graphics.Dashboard.resources\2.0.2789.37201_th_90b a9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashbo ard.resources.DLL
+ 2008-02-07 07:41:58 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD. Graphics.Dashboard.resources\2.0.2789.37201_zh-CHS_90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics .Dashboard.resources.DLL
+ 2008-02-07 07:42:00 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD. Graphics.Dashboard.resources\2.0.2789.37201_zh-CHT_90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics .Dashboard.resources.DLL
+ 2008-02-07 07:41:49 401,408 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD. Graphics.Dashboard\2.0.2789.37201__90ba9c70f846762 e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.DLL
+ 2008-02-07 07:41:49 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD. Graphics.Runtime\2.0.2789.37200__90ba9c70f846762e\ CLI.Aspect.DeviceLCD.Graphics.Runtime.DLL
+ 2008-02-07 07:41:45 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD. Graphics.Shared\2.0.2756.30562__90ba9c70f846762e\C LI.Aspect.DeviceLCD.Graphics.Shared.DLL
+ 2008-02-07 07:41:54 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD. Graphics.Wizard.resources\2.0.2789.37044_ja_90ba9c 70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.re sources.DLL
+ 2008-02-07 07:41:56 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD. Graphics.Wizard.resources\2.0.2789.37044_ko_90ba9c 70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.re sources.DLL
+ 2008-02-07 07:41:57 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD. Graphics.Wizard.resources\2.0.2789.37044_th_90ba9c 70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.re sources.DLL
+ 2008-02-07 07:41:59 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD. Graphics.Wizard.resources\2.0.2789.37044_zh-CHS_90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics .Wizard.resources.DLL
+ 2008-02-07 07:42:01 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD. Graphics.Wizard.resources\2.0.2789.37044_zh-CHT_90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics .Wizard.resources.DLL
+ 2008-02-07 07:41:49 303,104 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD. Graphics.Wizard\2.0.2789.37044__90ba9c70f846762e\C LI.Aspect.DeviceLCD.Graphics.Wizard.DLL
+ 2008-02-07 07:41:52 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProp erty.Graphics.Dashboard.Shared.resources\2.0.2789. 37123_ja_90ba9c70f846762e\CLI.Aspect.DevicePropert y.Graphics.Dashboard.Shared.resources.DLL
+ 2008-02-07 07:41:54 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProp erty.Graphics.Dashboard.Shared.resources\2.0.2789. 37123_ko_90ba9c70f846762e\CLI.Aspect.DevicePropert y.Graphics.Dashboard.Shared.resources.DLL
+ 2008-02-07 07:41:56 12,288 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProp erty.Graphics.Dashboard.Shared.resources\2.0.2789. 37123_th_90ba9c70f846762e\CLI.Aspect.DevicePropert y.Graphics.Dashboard.Shared.resources.DLL
Reply With Quote
  #15  
Old March 27th, 2008, 04:32 AM
Rathric's Avatar
Rathric Rathric is offline
Senior Member
 
Join Date: Sep 2007
O/S: Windows XP Pro
Location: Mcloud Oklahoma
Posts: 114
+ 2008-02-07 07:41:57 9,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProp erty.Graphics.Dashboard.Shared.resources\2.0.2789. 37123_zh-CHS_90ba9c70f846762e\CLI.Aspect.DeviceProperty.Gra phics.Dashboard.Shared.resources.DLL
+ 2008-02-07 07:41:59 9,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProp erty.Graphics.Dashboard.Shared.resources\2.0.2789. 37123_zh-CHT_90ba9c70f846762e\CLI.Aspect.DeviceProperty.Gra phics.Dashboard.Shared.resources.DLL
+ 2008-02-07 07:41:49 282,624 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProp erty.Graphics.Dashboard.Shared\2.0.2789.37123__90b a9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.D ashboard.Shared.DLL
+ 2008-02-07 07:42:02 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProp erty.Graphics.Runtime\2.0.2789.37138__90ba9c70f846 762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.DL L
+ 2008-02-07 07:41:45 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProp erty.Graphics.Shared\2.0.2756.30558__90ba9c70f8467 62e\CLI.Aspect.DeviceProperty.Graphics.Shared.DLL
+ 2008-02-07 07:41:54 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.G raphics.Dashboard.resources\2.0.2789.37269_ja_90ba 9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboar d.resources.DLL
+ 2008-02-07 07:41:56 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.G raphics.Dashboard.resources\2.0.2789.37269_ko_90ba 9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboar d.resources.DLL
+ 2008-02-07 07:41:57 90,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.G raphics.Dashboard.resources\2.0.2789.37269_th_90ba 9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboar d.resources.DLL
+ 2008-02-07 07:41:59 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.G raphics.Dashboard.resources\2.0.2789.37269_zh-CHS_90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics. Dashboard.resources.DLL
+ 2008-02-07 07:42:01 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.G raphics.Dashboard.resources\2.0.2789.37269_zh-CHT_90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics. Dashboard.resources.DLL
+ 2008-02-07 07:41:49 901,120 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.G raphics.Dashboard\2.0.2789.37269__90ba9c70f846762e \CLI.Aspect.DeviceTV.Graphics.Dashboard.DLL
+ 2008-02-07 07:42:02 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.G raphics.Runtime\2.0.2789.37266__90ba9c70f846762e\C LI.Aspect.DeviceTV.Graphics.Runtime.DLL
+ 2008-02-07 07:41:46 65,536 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.G raphics.Shared\2.0.2756.30568__90ba9c70f846762e\CL I.Aspect.DeviceTV.Graphics.Shared.DLL
+ 2008-02-07 07:42:02 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.G raphics.Wizard.resources\2.0.2789.37276_ja_90ba9c7 0f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.reso urces.DLL
+ 2008-02-07 07:42:03 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.G raphics.Wizard.resources\2.0.2789.37276_ko_90ba9c7 0f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.reso urces.DLL
+ 2008-02-07 07:42:03 45,056 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.G raphics.Wizard.resources\2.0.2789.37276_th_90ba9c7 0f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.reso urces.DLL
+ 2008-02-07 07:42:03 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.G raphics.Wizard.resources\2.0.2789.37276_zh-CHS_90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics. Wizard.resources.DLL
+ 2008-02-07 07:42:04 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.G raphics.Wizard.resources\2.0.2789.37276_zh-CHT_90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics. Wizard.resources.DLL
+ 2008-02-07 07:42:02 364,544 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.G raphics.Wizard\2.0.2789.37276__90ba9c70f846762e\CL I.Aspect.DeviceTV.Graphics.Wizard.DLL
+ 2008-02-07 07:41:54 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysCo lour2.Graphics.Dashboard.resources\2.0.2789.37037_ ja_90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Gra phics.Dashboard.resources.DLL
+ 2008-02-07 07:41:56 10,240 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysCo lour2.Graphics.Dashboard.resources\2.0.2789.37037_ ko_90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Gra phics.Dashboard.resources.DLL
+ 2008-02-07 07:41:57 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysCo lour2.Graphics.Dashboard.resources\2.0.2789.37037_ th_90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Gra phics.Dashboard.resources.DLL
+ 2008-02-07 07:41:59 9,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysCo lour2.Graphics.Dashboard.resources\2.0.2789.37037_ zh-CHS_90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Gr aphics.Dashboard.resources.DLL
+ 2008-02-07 07:42:01 9,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysCo lour2.Graphics.Dashboard.resources\2.0.2789.37037_ zh-CHT_90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Gr aphics.Dashboard.resources.DLL
+ 2008-02-07 07:41:49 589,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysCo lour2.Graphics.Dashboard\2.0.2789.37037__90ba9c70f 846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashbo ard.DLL
+ 2008-02-07 07:41:49 40,960 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysCo lour2.Graphics.Runtime\2.0.2789.37043__90ba9c70f84 6762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime. DLL
+ 2008-02-07 07:41:46 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysCo lour2.Graphics.Shared\2.0.2756.30560__90ba9c70f846 762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.DL L
+ 2008-02-07 07:41:54 19,456 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysMa nager.Graphics.Dashboard.resources\2.0.2789.36984_ ja_90ba9c70f846762e\CLI.Aspect.DisplaysManager.Gra phics.Dashboard.resources.DLL
+ 2008-02-07 07:41:56 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysMa nager.Graphics.Dashboard.resources\2.0.2789.36984_ ko_90ba9c70f846762e\CLI.Aspect.DisplaysManager.Gra phics.Dashboard.resources.DLL
+ 2008-02-07 07:41:57 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysMa nager.Graphics.Dashboard.resources\2.0.2789.36984_ th_90ba9c70f846762e\CLI.Aspect.DisplaysManager.Gra phics.Dashboard.resources.DLL
+ 2008-02-07 07:41:59 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysMa nager.Graphics.Dashboard.resources\2.0.2789.36984_ zh-CHS_90ba9c70f846762e\CLI.Aspect.DisplaysManager.Gr aphics.Dashboard.resources.DLL
+ 2008-02-07 07:42:01 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysMa nager.Graphics.Dashboard.resources\2.0.2789.36984_ zh-CHT_90ba9c70f846762e\CLI.Aspect.DisplaysManager.Gr aphics.Dashboard.resources.DLL
+ 2008-02-07 07:41:49 438,272 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysMa nager.Graphics.Dashboard\2.0.2789.36984__90ba9c70f 846762e\CLI.Aspect.DisplaysManager.Graphics.Dashbo ard.DLL
+ 2008-02-07 07:42:03 98,304 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysMa nager.Graphics.Wizard.resources\2.0.2789.37006_ja_ 90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphi cs.Wizard.resources.DLL
+ 2008-02-07 07:42:03 94,208 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysMa nager.Graphics.Wizard.resources\2.0.2789.37006_ko_ 90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphi cs.Wizard.resources.DLL
+ 2008-02-07 07:42:03 106,496 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysMa nager.Graphics.Wizard.resources\2.0.2789.37006_th_ 90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphi cs.Wizard.resources.DLL
+ 2008-02-07 07:42:03 94,208 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysMa nager.Graphics.Wizard.resources\2.0.2789.37006_zh-CHS_90ba9c70f846762e\CLI.Aspect.DisplaysManager.Gr aphics.Wizard.resources.DLL
+ 2008-02-07 07:42:04 94,208 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysMa nager.Graphics.Wizard.resources\2.0.2789.37006_zh-CHT_90ba9c70f846762e\CLI.Aspect.DisplaysManager.Gr aphics.Wizard.resources.DLL
+ 2008-02-07 07:42:02 1,675,264 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysMa nager.Graphics.Wizard\2.0.2789.37006__90ba9c70f846 762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.DL L
+ 2008-02-07 07:41:53 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOp tions.Graphics.Dashboard.resources\2.0.2789.37177_ ja_90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Gra phics.Dashboard.resources.DLL
+ 2008-02-07 07:41:55 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOp tions.Graphics.Dashboard.resources\2.0.2789.37177_ ko_90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Gra phics.Dashboard.resources.DLL
+ 2008-02-07 07:41:56 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOp tions.Graphics.Dashboard.resources\2.0.2789.37177_ th_90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Gra phics.Dashboard.resources.DLL
+ 2008-02-07 07:41:58 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOp tions.Graphics.Dashboard.resources\2.0.2789.37177_ zh-CHS_90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Gr aphics.Dashboard.resources.DLL
+ 2008-02-07 07:42:00 73,728 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOp tions.Graphics.Dashboard.resources\2.0.2789.37177_ zh-CHT_90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Gr aphics.Dashboard.resources.DLL
+ 2008-02-07 07:41:50 118,784 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOp tions.Graphics.Dashboard\2.0.2789.37177__90ba9c70f 846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashbo ard.DLL
+ 2008-02-07 07:41:50 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOp tions.Graphics.Runtime\2.0.2789.37175__90ba9c70f84 6762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime. DLL
+ 2008-02-07 07:41:46 24,576 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOp tions.Graphics.Shared\2.0.2756.30565__90ba9c70f846 762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.DL L
+ 2008-02-07 07:42:02 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHan dling.Graphics.Runtime\2.0.2789.36982__90ba9c70f84 6762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime. DLL
+ 2008-02-07 07:41:46 20,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHan dling.Graphics.Shared\2.0.2756.30559__90ba9c70f846 762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.DL L
+ 2008-02-07 07:41:54 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre .Graphics.Dashboard.resources\2.0.2789.37029_ja_90 ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dash board.resources.DLL
+ 2008-02-07 07:41:56 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre .Graphics.Dashboard.resources\2.0.2789.37029_ko_90 ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dash board.resources.DLL
+ 2008-02-07 07:41:57 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre .Graphics.Dashboard.resources\2.0.2789.37029_th_90 ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dash board.resources.DLL
+ 2008-02-07 07:41:59 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre .Graphics.Dashboard.resources\2.0.2789.37029_zh-CHS_90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphic s.Dashboard.resources.DLL
+ 2008-02-07 07:42:01 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre .Graphics.Dashboard.resources\2.0.2789.37029_zh-CHT_90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphic s.Dashboard.resources.DLL
+ 2008-02-07 07:41:50 217,088 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre .Graphics.Dashboard\2.0.2789.37029__90ba9c70f84676 2e\CLI.Aspect.InfoCentre.Graphics.Dashboard.DLL
+ 2008-02-07 07:42:03 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre .Graphics.Wizard.resources\2.0.2789.37022_ja_90ba9 c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard. resources.DLL
+ 2008-02-07 07:42:03 36,864 ----a-w C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre .Graphics.Wizard.resources\2.0.2789.37022_ko_90ba9 c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard. resources.DLL
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Topics
Topic Topic Starter Forum Replies Last Post
Slow computer and Firefox popup tamwood Malware Removal 7 March 19th, 2012 10:42 PM
Laggy Internet + Popup mrjunkers Malware Removal 19 March 7th, 2007 10:03 PM
Internet Sharing Configuration Popup Shaelynn Windows XP 10 January 1st, 2007 06:34 PM
popup ads and slow computer syedafghani Malware Removal 15 June 28th, 2005 05:43 PM
popup ads and slow computer syedafghani Windows 98 1 June 16th, 2005 04:42 AM


All times are GMT +1. The time now is 01:43 PM.