Will Not Acquire IP Address

[marc1021]

Thanks For your Help....
My Dell Dimension 2350 with a Belkin 54g MimO external suddenly cannot "acquire an IP address"...just looks and lingers

Kaspersky has detected the following but will not let me delete or disinfect (options are shaded)
"detected risk hidden install - Running process : C:\Documents and Settings\Owner\Local Settings\Application Data|vlnet1.com_Installer.exe"

Searched computer and could not find this installer....as well as add/removeprograms ( it showed up once, didnt remove, tried to open a browser, then disappeared ).

I did a sytem restore from 3 days ago, when all was well...no luck.
Did an "ipconfig...release and renew"...no luck.
Something is blocking my connection as it finds my home network.

Here is my Hijack This! log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:27:00 PM, on 1/23/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Creative\News\NewsUpd.EXE
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ceoexpress.com/default.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [NewsUpd] C:\Program Files\Creative\News\NewsUpd.EXE /q
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [AOLRebootNeeded] regsvr32.exe /s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1232389936186
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1232422660906
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 9127 bytes

Thanks again!
marc

[Jintan]

Welcome to CTH marc1021,


That "vlnet1.com_Installer.exe" refers to part of a Conduit brand toolbar. Conduit passes these around to various websites and vendors for free, but they all tend to redirect search settings to Conduit's servers as well as make other browser changes. I don't see it installed in this view though. Let's get more details and check further. May need to transfer scan tools over to the system to complete these steps for now.


To keep them from interfering with the repairs, be sure to temporarily disable all antivirus/anti-spyware softwares while these steps are being completed. This can usually be done through right clicking the software's Taskbar icons, or accessing each software through Start - Programs.


Download RSIT (random's system information tool) from here to your desktop, then click on the RSIT.exe to start the scan.

If necessary allow it to locate or download a copy of HijackThis as needed.

Once the scan completes a textbox will open - copy/paste those contents here for review please. The log can also be found at C:\rsit\log.txt.

RSIT will also create a second log, info.txt, which will be minimized to your taskbar. Post that here as well please (it will also be stored at C:\rsit\info.txt).

You can break logs into parts and use separate posts here when replying and posting the log files, if needed.

--------------------

Also let's check one area for the net access issues.


Go to Start > Run and type:

cmd.exe

and ok. Copy and paste the below string after the prompt, then press Enter:

netsh winsock show catalog > looker.txt && notepad looker.txt

Your drive will be scanned and when finished, Notepad will pop up with some information. Copy and paste it in this thread. Sorry - this will be a longish log file, but the details may prove helpful.

[marc1021]

Tom

Here are the logs requested...probably in 4 segments(posts) as there is a size restriction:

here we go:
Log.txt

Logfile of random's system information tool 1.05 (written by random/random)
Run by Owner at 2009-01-28 15:53:13
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 29 GB (50%) free of 57 GB
Total RAM: 1022 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:53:18 PM, on 1/28/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\CTSvcCDA.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Creative\News\NewsUpd.EXE
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
F:\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Owner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ceoexpress.com/default.asp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [NewsUpd] C:\Program Files\Creative\News\NewsUpd.EXE /q
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1232389936186
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1232422660906
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 8959 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2005-05-31 853672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-20 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-20 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-20 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-10-19 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-10-19 126976]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [2007-06-28 218376]
"WINDVDPatch"=C:\WINDOWS\system32\CTHELPER.EXE [2002-07-02 24576]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"Jet Detection"=C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe [2001-11-29 28672]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-20 136600]
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]
""= []
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]
"zBrowser Launcher"=C:\Program Files\Logitech\iTouch\iTouch.exe [2004-03-18 892928]
"NewsUpd"=C:\Program Files\Creative\News\NewsUpd.EXE [2000-03-23 39936]
"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2006-08-10 221184]
"RoxioDragToDisc"=C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe [2006-07-31 1116920]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2005-10-19 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2007-06-28 206088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\standard profile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32 \sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Pro gram Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enable d:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo ! FT Server"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\servic es\sharedaccess\parameters\firewallpolicy\domainpr ofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32 \sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

[marc1021]

======List of files/folders created in the last 1 months======

2009-01-28 15:53:13 ----D---- C:\rsit
2009-01-23 16:22:34 ----D---- C:\Program Files\Trend Micro
2009-01-23 14:44:14 ----D---- C:\VundoFix Backups
2009-01-23 14:44:14 ----A---- C:\VundoFix.txt
2009-01-23 12:50:18 ----A---- C:\WINDOWS\ntbtlog.txt
2009-01-20 14:11:51 ----D---- C:\Program Files\iPod
2009-01-20 14:11:47 ----D---- C:\Program Files\iTunes
2009-01-20 14:11:47 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-20 14:05:20 ----D---- C:\Documents and Settings\Owner\Application Data\Apple Computer
2009-01-20 13:39:34 ----D---- C:\WINDOWS\Minidump
2009-01-20 13:38:07 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2009-01-20 13:35:59 ----D---- C:\Program Files\QuickTime
2009-01-20 13:35:58 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-01-20 13:35:17 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-01-20 13:34:50 ----D---- C:\Program Files\Common Files\Apple
2009-01-20 13:19:54 ----A---- C:\itouch_config_crash_info.txt
2009-01-20 13:16:37 ----D---- C:\Program Files\InterActual
2009-01-20 13:00:32 ----D---- C:\Program Files\MSXML 6.0
2009-01-20 12:50:37 ----D---- C:\Program Files\MSXML 4.0
2009-01-20 12:46:27 ----D---- C:\Documents and Settings\Owner\Application Data\Roxio
2009-01-20 12:40:59 ----D---- C:\WINDOWS\system32\DLA
2009-01-20 12:40:59 ----A---- C:\WINDOWS\wininit.ini
2009-01-20 12:40:59 ----A---- C:\WINDOWS\system32\DLAAPI_W.DLL
2009-01-20 12:40:59 ----A---- C:\WINDOWS\DLA.EXE
2009-01-20 12:40:22 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2009-01-20 12:38:53 ----D---- C:\Program Files\Common Files\SureThing Shared
2009-01-20 12:36:05 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic
2009-01-20 12:34:56 ----D---- C:\Program Files\Xingtone
2009-01-20 12:34:38 ----D---- C:\Program Files\SightSpeed
2009-01-20 12:28:43 ----D---- C:\Documents and Settings\All Users\Application Data\Roxio
2009-01-20 12:28:11 ----D---- C:\Program Files\Common Files\Sonic Shared
2009-01-20 12:28:10 ----D---- C:\Program Files\Roxio
2009-01-20 12:28:10 ----D---- C:\Program Files\Common Files\SightSpeed
2009-01-20 12:25:31 ----D---- C:\Program Files\Common Files\Roxio Shared
2009-01-20 12:11:26 ----D---- C:\Program Files\BelkinUpdate
2009-01-20 12:09:55 ----A---- C:\WINDOWS\system32\cato3xed.dll
2009-01-20 12:09:55 ----A---- C:\WINDOWS\system32\cato3tbr.dll
2009-01-20 12:09:55 ----A---- C:\WINDOWS\system32\cato3sbr.dll
2009-01-20 12:09:55 ----A---- C:\WINDOWS\system32\cabl3db1.dll
2009-01-20 12:09:55 ----A---- C:\WINDOWS\system32\cabl3.dll
2009-01-20 12:09:54 ----D---- C:\Mortgage Wizard Plus
2009-01-20 12:09:54 ----A---- C:\WINDOWS\system32\carstdxp.dll
2009-01-20 12:02:41 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2009-01-20 12:02:41 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-01-20 12:02:41 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-01-20 12:02:41 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2009-01-20 12:02:41 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-01-20 12:02:41 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-01-20 12:02:40 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-01-20 12:02:40 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-01-20 12:02:40 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-01-20 12:02:40 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-01-20 12:02:40 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-01-20 12:02:40 ----N---- C:\WINDOWS\system32\px.dll
2009-01-20 12:02:09 ----D---- C:\Program Files\DivX
2009-01-20 11:23:43 ----A---- C:\WINDOWS\CTREGRUN.EXE
2009-01-20 11:23:27 ----A---- C:\WINDOWS\system32\CTDetres.dll
2009-01-20 11:23:26 ----A---- C:\WINDOWS\system32\Ctsvcctl.exe
2009-01-20 11:23:26 ----A---- C:\WINDOWS\system32\Ctsvccda.exe
2009-01-20 11:11:41 ----A---- C:\WINDOWS\IsUninst.exe
2009-01-20 10:59:58 ----D---- C:\Documents and Settings\Owner\Application Data\WinRAR
2009-01-20 10:59:27 ----D---- C:\Program Files\WinRAR
2009-01-20 10:46:23 ----D---- C:\lj1010seriesprintsys
2009-01-20 03:36:41 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-01-20 03:36:41 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-01-20 02:25:58 ----A---- C:\itouch_crash_info.txt
2009-01-20 02:25:55 ----D---- C:\Program Files\Common Files\Logitech
2009-01-20 02:25:52 ----D---- C:\Program Files\Logitech
2009-01-20 02:02:28 ----D---- C:\Program Files\Lavasoft
2009-01-20 01:43:24 ----A---- C:\WINDOWS\mchguid.ini
2009-01-20 01:43:24 ----A---- C:\Documents and Settings\All Users\Application Data\mchguid.ini
2009-01-20 01:41:29 ----A---- C:\WINDOWS\system32\acXMLParser.dll
2009-01-20 01:41:28 ----A---- C:\WINDOWS\system32\cdintf300.dll
2009-01-20 01:41:15 ----A---- C:\WINDOWS\winpoint.ini
2009-01-20 01:39:37 ----D---- C:\WINPOINT
2009-01-20 01:39:37 ----D---- C:\PNTTEMPL
2009-01-20 01:39:37 ----D---- C:\PNTDATA
2009-01-20 01:32:41 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2009-01-20 01:32:26 ----D---- C:\Program Files\WinZip
2009-01-20 01:20:31 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-20 01:20:26 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-01-20 01:19:17 ----D---- C:\Documents and Settings\Owner\Application Data\Mozilla
2009-01-20 01:19:03 ----D---- C:\Program Files\Mozilla Firefox
2009-01-20 01:09:25 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-01-20 00:46:18 ----D---- C:\Documents and Settings\All Users\Application Data\FLEXnet
2009-01-20 00:43:35 ----A---- C:\WINDOWS\system32\javaws.exe
2009-01-20 00:43:35 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-01-20 00:43:34 ----A---- C:\WINDOWS\system32\javaw.exe
2009-01-20 00:43:34 ----A---- C:\WINDOWS\system32\java.exe
2009-01-20 00:41:59 ----D---- C:\Documents and Settings\Owner\Application Data\Sun
2009-01-20 00:34:23 ----D---- C:\Program Files\Microsoft WSE
2009-01-20 00:33:43 ----D---- C:\Program Files\Common Files\Outlook Security Manager
2009-01-20 00:33:12 ----D---- C:\Program Files\Encompass
2009-01-20 00:31:51 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-01-20 00:27:52 ----RA---- C:\WINDOWS\system32\cdintf251.dll
2009-01-20 00:06:31 ----D---- C:\Program Files\Common Files\Macrovision Shared
2009-01-20 00:05:51 ----RA---- C:\WINDOWS\system32\AdobePDFUI.dll
2009-01-20 00:05:51 ----RA---- C:\WINDOWS\system32\AdobePDF.dll
2009-01-19 23:36:33 ----D---- C:\Program Files\Common Files\Adobe
2009-01-19 23:36:33 ----D---- C:\Program Files\Adobe
2009-01-19 23:36:33 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-01-19 23:19:21 ----D---- C:\Documents and Settings\Owner\Application Data\LimeWire
2009-01-19 23:18:14 ----D---- C:\Program Files\Java
2009-01-19 23:15:55 ----D---- C:\Program Files\Common Files\Java
2009-01-19 23:15:31 ----D---- C:\Program Files\LimeWire
2009-01-19 23:01:17 ----D---- C:\Documents and Settings\Owner\Application Data\acccore
2009-01-19 23:00:30 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2009-01-19 23:00:26 ----D---- C:\Program Files\Viewpoint
2009-01-19 23:00:25 ----D---- C:\Documents and Settings\All Users\Application Data\acccore
2009-01-19 22:59:58 ----D---- C:\Documents and Settings\All Users\Application Data\AOL OCP
2009-01-19 22:59:58 ----D---- C:\Documents and Settings\All Users\Application Data\AOL
2009-01-19 22:59:37 ----D---- C:\Program Files\Common Files\AOL
2009-01-19 22:47:36 ----D---- C:\Program Files\Microsoft
2009-01-19 22:47:17 ----D---- C:\Program Files\Windows Live SkyDrive
2009-01-19 22:46:51 ----D---- C:\Program Files\Windows Live
2009-01-19 22:42:35 ----D---- C:\Program Files\Common Files\Windows Live
2009-01-19 22:32:19 ----A---- C:\WINDOWS\system32\msonpmon.dll
2009-01-19 22:29:44 ----D---- C:\Program Files\Microsoft Works
2009-01-19 22:29:22 ----D---- C:\Program Files\MSBuild
2009-01-19 22:28:26 ----D---- C:\Program Files\Microsoft Visual Studio
2009-01-19 22:28:26 ----D---- C:\Program Files\Common Files\DESIGNER
2009-01-19 22:26:30 ----D---- C:\Program Files\Microsoft.NET
2009-01-19 22:16:15 ----D---- C:\Program Files\Microsoft Visual Studio 8
2009-01-19 22:14:10 ----D---- C:\WINDOWS\SHELLNEW
2009-01-19 22:13:23 ----D---- C:\Program Files\Microsoft Office
2009-01-19 22:13:23 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-01-19 22:12:16 ----RHD---- C:\MSOCache
2009-01-19 22:03:36 ----RHD---- C:\Documents and Settings\Owner\Application Data\yahoo!
2009-01-19 22:01:39 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2009-01-19 22:00:53 ----A---- C:\YServer.txt
2009-01-19 22:00:20 ----D---- C:\Program Files\Yahoo!
2009-01-19 21:48:33 ----D---- C:\Documents and Settings\Owner\Application Data\ACD Systems
2009-01-19 21:47:47 ----D---- C:\Documents and Settings\All Users\Application Data\ACD Systems
2009-01-19 21:47:44 ----D---- C:\Program Files\Common Files\ACD Systems
2009-01-19 21:47:44 ----D---- C:\Program Files\ACD Systems
2009-01-19 21:40:40 ----A---- C:\WINDOWS\{00000001-00000000-00000006-00001102-00000002-80641102}.BAK
2009-01-19 18:39:19 ----A---- C:\WINDOWS\SBWIN.INI
2009-01-19 18:39:18 ----N---- C:\WINDOWS\Updreg.EXE
2009-01-19 18:39:16 ----N---- C:\WINDOWS\system32\SFCVRT32.DLL
2009-01-19 18:39:16 ----N---- C:\WINDOWS\system32\MFCUIA32.DLL
2009-01-19 18:39:16 ----N---- C:\WINDOWS\CTRES.DLL
2009-01-19 18:39:16 ----N---- C:\WINDOWS\CTCCW.DLL
2009-01-19 18:39:16 ----N---- C:\WINDOWS\AC3API.INI
2009-01-19 18:39:15 ----N---- C:\WINDOWS\system32\MFCANS32.DLL
2009-01-19 18:39:15 ----N---- C:\WINDOWS\system32\INETWH32.DLL
2009-01-19 18:39:15 ----N---- C:\WINDOWS\system32\CTWFLT32.DLL
2009-01-19 18:39:15 ----N---- C:\WINDOWS\system32\CTL3D.DLL
2009-01-19 18:39:10 ----D---- C:\WINDOWS\system32\Defaults
2009-01-19 18:38:17 ----D---- C:\WINDOWS\system32\Data
2009-01-19 18:38:17 ----A---- C:\WINDOWS\system32\Emu10kx.ini
2009-01-19 18:38:17 ----A---- C:\WINDOWS\system32\ctzapxx.ini
2009-01-19 18:38:16 ----A---- C:\WINDOWS\INRES.DLL
2009-01-19 18:38:00 ----A---- C:\WINDOWS\CTDCRES.DLL
2009-01-19 18:37:59 ----A---- C:\WINDOWS\system32\SFMS32.DLL
2009-01-19 18:37:59 ----A---- C:\WINDOWS\system32\REGPLIB.EXE
2009-01-19 18:37:59 ----A---- C:\WINDOWS\READREG.EXE
2009-01-19 18:37:59 ----A---- C:\WINDOWS\PSCONV.EXE
2009-01-19 18:37:58 ----A---- C:\WINDOWS\system32\PIAPROXY.DLL
2009-01-19 18:37:58 ----A---- C:\WINDOWS\system32\OPENAL32.DLL
2009-01-19 18:37:58 ----A---- C:\WINDOWS\system32\KILLAPPS.EXE
2009-01-19 18:37:58 ----A---- C:\WINDOWS\system32\KILL.INI
2009-01-19 18:37:58 ----A---- C:\WINDOWS\system32\EAXAC3.DLL
2009-01-19 18:37:58 ----A---- C:\WINDOWS\MIDIDEF.EXE
2009-01-19 18:37:58 ----A---- C:\WINDOWS\DEVREG.DLL
2009-01-19 18:37:56 ----A---- C:\WINDOWS\system32\CTSPKHLP.DLL
2009-01-19 18:37:56 ----A---- C:\WINDOWS\system32\CTSBLFX.DLL
2009-01-19 18:37:55 ----A---- C:\WINDOWS\system32\CTOSUSER.DLL
2009-01-19 18:37:55 ----A---- C:\WINDOWS\system32\CTHELPER.EXE
2009-01-19 18:37:54 ----A---- C:\WINDOWS\system32\CTEMUPIA.DLL
2009-01-19 18:37:53 ----A---- C:\WINDOWS\system32\CTDPROXY.DLL
2009-01-19 18:37:52 ----A---- C:\WINDOWS\system32\CTDEVCON.DLL
2009-01-19 18:37:52 ----A---- C:\WINDOWS\system32\CTASIO.DLL
2009-01-19 18:37:52 ----A---- C:\WINDOWS\system32\CTAGENT.DLL
2009-01-19 18:37:51 ----A---- C:\WINDOWS\system32\COMMONFX.DLL
2009-01-19 18:37:51 ----A---- C:\WINDOWS\system32\AC3API.DLL
2009-01-19 18:37:51 ----A---- C:\WINDOWS\system32\a3d.dll
2009-01-19 18:37:14 ----A---- C:\WINDOWS\system32\AHQCpURes.dll
2009-01-19 18:36:18 ----D---- C:\Program Files\Creative
2009-01-19 18:06:43 ----D---- C:\Temp
2009-01-19 17:58:43 ----A---- C:\WINDOWS\system32\igfxres.dll
2009-01-19 17:23:23 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-01-19 17:23:16 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-01-19 17:22:49 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2009-01-19 17:22:22 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-01-19 17:13:26 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
2009-01-19 17:13:03 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-01-19 17:13:02 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-01-19 17:12:18 ----D---- C:\Program Files\Windows Media Connect 2
2009-01-19 17:11:33 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-01-19 17:09:08 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-01-19 17:07:53 ----D---- C:\WINDOWS\system32\LogFiles
2009-01-19 17:07:46 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-01-19 17:06:52 ----HDC---- C:\WINDOWS\$NtUninstallKB925876$
2009-01-19 17:06:33 ----HDC---- C:\WINDOWS\$NtUninstallKB896344$
2009-01-19 17:03:46 ----RSD---- C:\WINDOWS\assembly
2009-01-19 17:03:46 ----D---- C:\WINDOWS\Microsoft.NET
2009-01-19 17:03:44 ----D---- C:\WINDOWS\system32\URTTemp
2009-01-19 17:02:01 ----N---- C:\WINDOWS\system32\tsgqec.dll
2009-01-19 17:02:01 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2009-01-19 17:02:01 ----N---- C:\WINDOWS\system32\aaclient.dll
2009-01-19 16:36:33 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
2009-01-19 16:23:06 ----D---- C:\WINDOWS\system32\CatRoot_bak
2009-01-19 16:11:50 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-19 16:11:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-01-19 16:11:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-01-19 16:11:22 ----HDC---- C:\WINDOWS\$NtUninstallKB960714$
2009-01-19 16:11:12 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2009-01-19 16:10:52 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
2009-01-19 16:10:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-01-19 16:10:29 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2009-01-19 16:10:19 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-01-19 16:10:09 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
20-01-19 16:09:59 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-01-19 16:09:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2009-01-19 16:09:34 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2009-01-19 16:09:24 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2009-01-19 16:09:15 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2009-01-19 16:09:06 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-01-19 16:08:57 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-01-19 16:08:48 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-01-19 16:08:40 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-01-19 16:08:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-01-19 16:08:22 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2009-01-19 16:08:10 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-01-19 16:08:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2009-01-19 16:07:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-01-19 16:07:46 ----D---- C:\Music
2009-01-19 16:07:42 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-01-19 16:07:32 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-01-19 16:07:07 ----D---- C:\Marc's Stuff
2009-01-19 16:06:55 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
2009-01-19 16:05:19 ----D---- C:\WINDOWS\ie7updates
2009-01-19 16:04:38 ----D---- C:\WINDOWS\WBEM
2009-01-19 16:04:33 ----D---- C:\WINDOWS\system32\en-US
2009-01-19 16:02:34 ----HDC---- C:\WINDOWS\ie7
2009-01-19 16:02:14 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPI s$
2009-01-19 16:01:50 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapp ing$
2009-01-19 16:01:23 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2009-01-19 16:01:14 ----N---- C:\WINDOWS\system32\xmllite.dll

[marc1021]

2009-01-19 15:59:54 ----HDC---- C:\WINDOWS\$NtUninstallKB943460$
2009-01-19 15:59:49 ----D---- C:\WINDOWS\network diagnostic
2009-01-19 15:59:47 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2009-01-19 15:59:39 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2009-01-19 15:56:16 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$
2009-01-19 15:56:09 ----HDC---- C:\WINDOWS\$NtUninstallKB943055$
2009-01-19 15:56:02 ----HDC---- C:\WINDOWS\$NtUninstallKB946026$
2009-01-19 15:55:55 ----HDC---- C:\WINDOWS\$NtUninstallKB943485$
2009-01-19 15:55:49 ----HDC---- C:\WINDOWS\$NtUninstallKB944653$
2009-01-19 15:55:41 ----HDC---- C:\WINDOWS\$NtUninstallKB936357$
2009-01-19 15:55:27 ----HDC---- C:\WINDOWS\$NtUninstallKB943460_0$
2009-01-19 15:55:19 ----HDC---- C:\WINDOWS\$NtUninstallKB933729$
2009-01-19 15:55:12 ----HDC---- C:\WINDOWS\$NtUninstallKB938127$
2009-01-19 15:55:03 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP9$
2009-01-19 15:54:47 ----HDC---- C:\WINDOWS\$NtUninstallKB938828$
2009-01-19 15:54:40 ----HDC---- C:\WINDOWS\$NtUninstallKB925398_WMP64$
2009-01-19 15:54:21 ----HDC---- C:\WINDOWS\$NtUninstallKB935839$
2009-01-19 15:54:15 ----HDC---- C:\WINDOWS\$NtUninstallKB935840$
2009-01-19 15:54:06 ----HDC---- C:\WINDOWS\$NtUninstallKB929123$
2009-01-19 15:53:58 ----HDC---- C:\WINDOWS\$NtUninstallKB927891$
2009-01-19 15:53:51 ----HDC---- C:\WINDOWS\$NtUninstallKB930916$
2009-01-19 15:53:44 ----HDC---- C:\WINDOWS\$NtUninstallKB920213$
2009-01-19 15:53:37 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$
2009-01-19 15:53:31 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$
2009-01-19 15:53:24 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$
2009-01-19 15:53:17 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$
2009-01-19 15:53:09 ----HDC---- C:\WINDOWS\$NtUninstallKB925902$
2009-01-19 15:53:01 ----HDC---- C:\WINDOWS\$NtUninstallKB926436$
2009-01-19 15:52:54 ----HDC---- C:\WINDOWS\$NtUninstallKB918118$
2009-01-19 15:52:47 ----HDC---- C:\WINDOWS\$NtUninstallKB927779$
2009-01-19 15:52:40 ----HDC---- C:\WINDOWS\$NtUninstallKB924667$
2009-01-19 15:52:34 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$
2009-01-19 15:52:27 ----HDC---- C:\WINDOWS\$NtUninstallKB928843$
2009-01-19 15:52:16 ----HDC---- C:\WINDOWS\$NtUninstallKB928255$
2009-01-19 15:52:09 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$
2009-01-19 15:52:02 ----HDC---- C:\WINDOWS\$NtUninstallKB923980$
2009-01-19 15:51:55 ----HDC---- C:\WINDOWS\$NtUninstallKB924270$
2009-01-19 15:51:46 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$
2009-01-19 15:51:39 ----HDC---- C:\WINDOWS\$NtUninstallKB924496$
2009-01-19 15:51:31 ----HDC---- C:\WINDOWS\$NtUninstallKB920872$
2009-01-19 15:51:22 ----HDC---- C:\WINDOWS\$NtUninstallKB920685$
2009-01-19 15:51:15 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$
2009-01-19 15:51:04 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$
2009-01-19 15:50:44 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$
2009-01-19 15:50:37 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$
2009-01-19 15:50:30 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$
2009-01-19 15:50:23 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$
2009-01-19 15:50:16 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$
2009-01-19 15:50:09 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$
2009-01-19 15:50:02 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$
2009-01-19 15:49:54 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$
2009-01-19 15:49:47 ----HDC---- C:\WINDOWS\$NtUninstallKB900485$
2009-01-19 15:49:39 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$
2009-01-19 15:49:31 ----HDC---- C:\WINDOWS\$NtUninstallKB911564$
2009-01-19 15:49:13 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$
2009-01-19 15:49:07 ----HDC---- C:\WINDOWS\$NtUninstallKB908519$
2009-01-19 15:49:00 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$
2009-01-19 15:48:50 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$
2009-01-19 15:48:43 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$
2009-01-19 15:48:37 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$
2009-01-19 15:48:31 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$
2009-01-19 15:48:16 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
2009-01-19 15:48:08 ----HDC---- C:\WINDOWS\$NtUninstallKB894391$
2009-01-19 15:48:01 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$
2009-01-19 15:47:55 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$
2009-01-19 15:47:50 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$
2009-01-19 15:47:44 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$
2009-01-19 15:47:37 ----HDC---- C:\WINDOWS\$NtUninstallKB896358$
2009-01-19 15:47:26 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$
2009-01-19 15:47:20 ----HDC---- C:\WINDOWS\$NtUninstallKB901214$
2009-01-19 15:47:14 ----HDC---- C:\WINDOWS\$NtUninstallKB896428$
2009-01-19 15:47:07 ----HDC---- C:\WINDOWS\$NtUninstallKB885835$
2009-01-19 15:47:02 ----HDC---- C:\WINDOWS\$NtUninstallKB891781$
2009-01-19 15:46:55 ----HDC---- C:\WINDOWS\$NtUninstallKB887472$
2009-01-19 15:46:50 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$
2009-01-19 15:46:45 ----HDC---- C:\WINDOWS\$NtUninstallKB885836$
2009-01-19 15:46:39 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$
2009-01-19 15:46:32 ----HDC---- C:\WINDOWS\$NtUninstallKB873339$
2009-01-19 15:05:55 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-01-19 15:02:53 ----D---- C:\WINDOWS\system32\PreInstall
2009-01-19 15:02:50 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-01-19 15:02:50 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-19 14:13:09 ----D---- C:\Program Files\Kaspersky Lab
2009-01-19 14:13:09 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2009-01-19 14:10:56 ----D---- C:\KAV
2009-01-19 14:09:15 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-19 14:06:27 ----D---- C:\WINDOWS\Prefetch
2009-01-19 14:02:03 ----D---- C:\WINDOWS\provisioning
2009-01-19 14:02:03 ----D---- C:\WINDOWS\peernet
2009-01-19 14:01:00 ----D---- C:\WINDOWS\ServicePackFiles
2009-01-19 13:57:53 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-01-19 13:56:17 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-01-19 13:56:14 ----D---- C:\WINDOWS\EHome
2009-01-19 13:51:43 ----N---- C:\WINDOWS\system32\spnpinst.exe
2009-01-19 13:47:35 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-01-19 13:38:40 ----D---- C:\WINDOWS\system32\bits
2009-01-19 13:38:33 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$
2009-01-19 13:38:22 ----N---- C:\WINDOWS\system32\xpob2res.dll
2009-01-19 13:38:22 ----N---- C:\WINDOWS\system32\bitsprx3.dll
2009-01-19 13:38:22 ----N---- C:\WINDOWS\system32\bitsprx2.dll
2009-01-19 13:38:22 ----A---- C:\WINDOWS\system32\winhttp.dll
2009-01-19 13:38:22 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-01-19 13:36:30 ----A---- C:\WINDOWS\system32\wups2.dll
2009-01-19 13:36:30 ----A---- C:\WINDOWS\system32\wups.dll
2009-01-19 13:36:30 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2009-01-19 13:36:30 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-01-19 13:36:30 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2009-01-19 13:36:30 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2009-01-19 13:36:30 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-01-19 13:32:23 ----D---- C:\WINDOWS\SoftwareDistribution
2009-01-19 13:31:15 ----D---- C:\Documents and Settings\Owner\Application Data\Macromedia
2009-01-19 13:26:00 ----D---- C:\Documents and Settings\Owner\Application Data\Adobe
2009-01-19 13:24:54 ----A---- C:\WINDOWS\system32\wpa.bak
2009-01-19 13:17:01 ----D---- C:\Program Files\Belkin
2009-01-19 13:04:15 ----SHD---- C:\RECYCLER
2009-01-19 12:53:02 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-01-19 12:52:54 ----D---- C:\WINDOWS\Drivers
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\igfxzoom.exe
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\igfxtray.exe
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\igfxsrvc.dll
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\igfxress.dll
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\igfxpph.dll
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\igfxhk.dll
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\igfxext.exe
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\igfxexps.dll
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\igfxeud.dll
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\igfxdo.dll
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\igfxdiag.exe
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\igfxdgps.dll
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\igfxdev.dll
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\igfxcfg.exe
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\ialmrnt5.dll
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\ialmrem.dll
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\ialmgicd.dll
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\ialmgdev.dll
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\ialmdnt5.dll
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\ialmdev5.dll
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\ialmdd5.dll
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\iAlmCoIn_v3762.dll
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\hkcmd.exe
2009-01-19 12:52:54 ----A---- C:\WINDOWS\system32\hccutils.dll
2009-01-19 12:52:45 ----D---- C:\dell
2009-01-19 12:30:05 ----SD---- C:\WINDOWS\system32\Microsoft
2009-01-19 12:27:57 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-19 12:27:41 ----A---- C:\WINDOWS\system32\results.txt
2009-01-19 12:26:28 ----D---- C:\WINDOWS\Downloaded Installations
2009-01-19 12:26:28 ----D---- C:\Program Files\Common Files\InstallShield
2009-01-06 12:14:05 ----SHD---- C:\WINDOWS\Installer
2009-01-06 12:14:02 ----D---- C:\Documents and Settings\Owner\Application Data\Identities
2009-01-06 12:13:57 ----HD---- C:\Program Files\Uninstall Information
2009-01-06 12:13:52 ----ASH---- C:\Documents and Settings\Owner\Application Data\desktop.ini
2009-01-06 12:13:51 ----SD---- C:\Documents and Settings\Owner\Application Data\Microsoft
2009-01-06 12:13:47 ----SHD---- C:\System Volume Information
2009-01-06 12:13:46 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-06 12:07:57 ----D---- C:\WINDOWS\system32\xircom
2009-01-06 12:07:57 ----D---- C:\Program Files\xerox
2009-01-06 12:07:57 ----D---- C:\Program Files\microsoft frontpage
2009-01-06 12:07:45 ----A---- C:\WINDOWS\control.ini
2009-01-06 12:07:45 ----A---- C:\AUTOEXEC.BAT
2009-01-06 12:07:37 ----A---- C:\WINDOWS\OEWABLog.txt
2009-01-06 12:07:33 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-01-06 12:06:44 ----RD---- C:\WINDOWS\Offline Web Pages
2009-01-06 12:06:43 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-01-06 12:06:43 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-01-06 12:06:37 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-01-06 12:06:20 ----D---- C:\WINDOWS\srchasst
2009-01-06 12:06:13 ----D---- C:\WINDOWS\system32\Macromed
2009-01-06 12:06:13 ----D---- C:\WINDOWS\system32\DirectX
2009-01-06 12:06:03 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-01-06 12:06:02 ----D---- C:\Program Files\Movie Maker
2009-01-06 12:05:49 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-01-06 12:05:49 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-01-06 12:05:49 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-01-06 12:05:49 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-01-06 12:05:49 ----A---- C:\WINDOWS\system32\atrace.dll
2009-01-06 12:05:45 ----A---- C:\WINDOWS\system32\desktop.ini
2009-01-06 12:05:45 ----A---- C:\WINDOWS\desktop.ini
2009-01-06 12:05:40 ----D---- C:\WINDOWS\system32\Restore
2009-01-06 12:05:40 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-01-06 12:05:40 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-01-06 12:05:40 ----A---- C:\WINDOWS\system32\srclient.dll
2009-01-06 12:05:39 ----D---- C:\Program Files\Windows Media Player
2009-01-06 12:05:39 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-01-06 12:05:39 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-01-06 12:05:39 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-01-06 12:05:39 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-01-06 12:05:39 ----A---- C:\WINDOWS\system32\ils.dll
2009-01-06 12:05:38 ----A---- C:\WINDOWS\system32\msconf.dll
2009-01-06 12:05:38 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-01-06 12:05:36 ----D---- C:\Program Files\NetMeeting
2009-01-06 12:05:35 ----D---- C:\WINDOWS\PCHEALTH
2009-01-06 12:05:35 ----D---- C:\Program Files\Common Files\Services
2009-01-06 12:05:35 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-01-06 12:05:35 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-01-06 12:05:35 ----A---- C:\WINDOWS\system32\acctres.dll
2009-01-06 12:05:34 ----A---- C:\WINDOWS\system32\inetres.dll
2009-01-06 12:05:33 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-01-06 12:05:30 ----SD---- C:\WINDOWS\Tasks
2009-01-06 12:05:30 ----D---- C:\Program Files\Outlook Express
2009-01-06 12:05:30 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-01-06 12:05:30 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-01-06 12:05:30 ----A---- C:\WINDOWS\system32\mstask.dll
2009-01-06 12:05:30 ----A---- C:\WINDOWS\system32\isign32.dll
2009-01-06 12:05:30 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-01-06 12:05:30 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-01-06 12:05:30 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-01-06 12:05:29 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-01-06 12:05:28 ----D---- C:\Program Files\Common Files\MSSoap
2009-01-06 12:05:24 ----D---- C:\Program Files\Common Files\System
2009-01-06 12:05:21 ----D---- C:\Program Files\Internet Explorer
2009-01-06 12:05:07 ----D---- C:\Program Files\ComPlus Applications
2009-01-06 12:05:05 ----A---- C:\WINDOWS\vbaddin.ini
2009-01-06 12:05:05 ----A---- C:\WINDOWS\vb.ini
2009-01-06 12:05:01 ----D---- C:\WINDOWS\Registration
2009-01-06 12:04:31 ----HD---- C:\Program Files\WindowsUpdate
2009-01-06 12:04:31 ----D---- C:\Program Files\Online Services
2009-01-06 12:04:26 ----D---- C:\Program Files\Messenger
2009-01-06 12:04:21 ----D---- C:\Program Files\MSN
2009-01-06 12:04:18 ----D---- C:\Program Files\MSN Gaming Zone
2009-01-06 12:04:18 ----A---- C:\WINDOWS\system32\write.exe
2009-01-06 12:04:11 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-01-06 12:04:11 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-01-06 12:04:11 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-01-06 12:04:11 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-01-06 12:04:11 ----A---- C:\WINDOWS\system32\hticons.dll
2009-01-06 12:04:11 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-01-06 12:04:10 ----D---- C:\Program Files\Windows NT
2009-01-06 12:04:10 ----A---- C:\WINDOWS\system32\winchat.exe
2009-01-06 12:04:10 ----A---- C:\WINDOWS\system32\avwav.dll
2009-01-06 12:04:10 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-01-06 12:04:10 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-01-06 12:04:09 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-01-06 12:04:05 ----A---- C:\WINDOWS\system32\getuname.dll
2009-01-06 12:04:05 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-01-06 12:04:05 ----A---- C:\WINDOWS\system32\charmap.exe
2009-01-06 12:04:04 ----A---- C:\WINDOWS\system32\winmine.exe
2009-01-06 12:04:04 ----A---- C:\WINDOWS\system32\spider.exe
2009-01-06 12:04:04 ----A---- C:\WINDOWS\system32\sol.exe
2009-01-06 12:04:04 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-01-06 12:04:04 ----A---- C:\WINDOWS\system32\calc.exe
2009-01-06 12:04:03 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-01-06 12:04:03 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-01-06 12:04:03 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-01-06 12:04:03 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-01-06 12:04:03 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-01-06 12:04:03 ----A---- C:\WINDOWS\system32\freecell.exe
2009-01-06 12:04:02 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-01-06 12:04:02 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-01-06 12:04:02 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-01-06 12:04:02 ----A---- C:\WINDOWS\system32\tskill.exe
2009-01-06 12:04:02 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-01-06 12:04:02 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-01-06 12:04:02 ----A---- C:\WINDOWS\system32\tscon.exe
2009-01-06 12:04:02 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-01-06 12:04:02 ----A---- C:\WINDOWS\system32\shadow.exe
2009-01-06 12:04:02 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-01-06 12:04:02 ----A---- C:\WINDOWS\system32\reset.exe
2009-01-06 12:04:02 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-01-06 12:04:02 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-01-06 12:04:02 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-01-06 12:04:02 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-01-06 12:04:02 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-01-06 12:04:01 ----D---- C:\WINDOWS\system32\MsDtc
2009-01-06 12:04:01 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-01-06 12:04:01 ----A---- C:\WINDOWS\system32\regini.exe
2009-01-06 12:04:01 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-01-06 12:04:01 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-01-06 12:04:01 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-01-06 12:04:01 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-01-06 12:04:01 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-01-06 12:04:01 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-01-06 12:04:01 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-01-06 12:04:01 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-01-06 12:04:01 ----A---- C:\WINDOWS\system32\msg.exe
2009-01-06 12:04:01 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-01-06 12:04:01 ----A---- C:\WINDOWS\system32\logoff.exe
2009-01-06 12:04:01 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-01-06 12:04:01 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-01-06 12:04:01 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-01-06 12:04:00 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-01-06 12:04:00 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-01-06 12:04:00 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-01-06 12:04:00 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-01-06 12:04:00 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-01-06 12:04:00 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-01-06 12:03:59 ----D---- C:\WINDOWS\system32\Com
2009-01-06 12:03:59 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-01-06 12:03:59 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-01-06 12:03:59 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-01-06 12:03:59 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-01-06 12:03:59 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-01-06 12:03:59 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-01-06 12:03:59 ----A---- C:\WINDOWS\system32\colbact.dll
2009-01-06 12:03:58 ----A---- C:\WINDOWS\system32\stclient.dll
2009-01-06 12:03:58 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-01-06 12:03:58 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-01-06 12:03:58 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-01-06 12:03:58 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-01-06 12:03:58 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-01-06 12:03:57 ----A---- C:\WINDOWS\system32\comuid.dll
2009-01-06 12:03:57 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-01-06 12:03:57 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-01-06 12:03:50 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-01-06 12:03:50 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-01-06 12:03:50 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-01-06 12:03:50 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-01-06 12:03:50 ----A---- C:\WINDOWS\system32\cmprops.dll

[marc1021]

2009-01-06 07:01:43 ----A---- C:\WINDOWS\system32\h323log.txt
2009-01-06 06:58:05 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-01-06 06:57:44 ----A---- C:\WINDOWS\system32\sfman32.dll
2009-01-06 06:57:44 ----A---- C:\WINDOWS\system32\sblfx.dll
2009-01-06 06:57:44 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-01-06 06:57:44 ----A---- C:\WINDOWS\system32\devldr32.exe
2009-01-06 06:57:43 ----A---- C:\WINDOWS\system32\devcon32.dll
2009-01-06 06:57:43 ----A---- C:\WINDOWS\system32\ctwdm32.dll
2009-01-06 06:56:55 ----A---- C:\WINDOWS\system32\usbui.dll
2009-01-06 06:56:01 ----A---- C:\WINDOWS\imsins.BAK
2009-01-06 06:55:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-06 06:55:57 ----D---- C:\Program Files\Common Files\ODBC
2009-01-06 06:55:57 ----A---- C:\WINDOWS\ODBCINST.INI
2009-01-06 06:55:55 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-01-06 06:55:54 ----RD---- C:\Program Files
2009-01-06 06:55:54 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-01-06 06:55:54 ----D---- C:\Program Files\Common Files
2009-01-06 06:55:52 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-01-06 06:55:52 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-01-06 06:55:52 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-01-06 06:55:51 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-01-06 06:55:51 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-01-06 06:55:51 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-01-06 06:55:51 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-01-06 06:55:51 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-01-06 06:55:51 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-01-06 06:55:51 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-01-06 06:55:51 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-01-06 06:55:51 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-01-06 06:55:51 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-01-06 06:55:51 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-01-06 06:55:51 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-01-06 06:55:49 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-01-06 06:55:49 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-01-06 06:55:49 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-01-06 06:55:49 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-01-06 06:55:49 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-01-06 06:55:49 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-01-06 06:55:49 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-01-06 06:55:48 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-01-06 06:55:48 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-01-06 06:55:48 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-01-06 06:55:48 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-01-06 06:55:48 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-01-06 06:55:47 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-01-06 06:55:47 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-01-06 06:55:47 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-01-06 06:55:47 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-01-06 06:55:47 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-01-06 06:55:47 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-01-06 06:55:47 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-01-06 06:55:47 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-01-06 06:55:47 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-01-06 06:55:47 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-01-06 06:55:47 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-01-06 06:55:47 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-01-06 06:55:47 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-01-06 06:55:45 ----A---- C:\WINDOWS\system32\irclass.dll
2009-01-06 06:55:45 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-01-06 06:55:45 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-01-06 06:55:44 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-01-06 06:55:44 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-01-06 06:55:44 ----A---- C:\WINDOWS\system32\batt.dll
2009-01-06 06:55:43 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-01-06 06:55:42 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-01-06 06:55:42 ----A---- C:\WINDOWS\system32\storprop.dll
2009-01-06 06:55:42 ----A---- C:\WINDOWS\notepad.exe
2009-01-06 06:55:35 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-01-06 06:55:32 ----RA---- C:\WINDOWS\SET7.tmp
2009-01-06 06:55:29 ----RA---- C:\WINDOWS\SET3.tmp
2009-01-06 06:55:23 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-06 06:55:23 ----D---- C:\WINDOWS\system32\CatRoot
2009-01-06 06:55:18 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-01-06 06:55:09 ----A---- C:\WINDOWS\setuplog.txt
2009-01-06 06:55:04 ----D---- C:\Documents and Settings
2009-01-06 06:54:11 ----RASH---- C:\boot.ini
2009-01-06 06:51:10 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-06 06:51:10 ----RSD---- C:\WINDOWS\Fonts
2009-01-06 06:51:10 ----RD---- C:\WINDOWS\Web
2009-01-06 06:51:10 ----HD---- C:\WINDOWS\inf
2009-01-06 06:51:10 ----D---- C:\WINDOWS\WinSxS
2009-01-06 06:51:10 ----D---- C:\WINDOWS\twain_32
2009-01-06 06:51:10 ----D---- C:\WINDOWS\Temp
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\wins
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\wbem
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\usmt
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\spool
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\ShellExt
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\Setup
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\ras
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\oobe
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\npp
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\mui
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\inetsrv
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\IME
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\icsxml
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\ias
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\export
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\drivers
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\dhcp
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\config
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\3com_dmi
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\3076
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\2052
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\1054
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\1042
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\1041
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\1037
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\1033
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\1031
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\1028
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32\1025
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system32
2009-01-06 06:51:10 ----D---- C:\WINDOWS\system
2009-01-06 06:51:10 ----D---- C:\WINDOWS\security
2009-01-06 06:51:10 ----D---- C:\WINDOWS\Resources
2009-01-06 06:51:10 ----D---- C:\WINDOWS\repair
2009-01-06 06:51:10 ----D---- C:\WINDOWS\mui
2009-01-06 06:51:10 ----D---- C:\WINDOWS\msapps
2009-01-06 06:51:10 ----D---- C:\WINDOWS\msagent
2009-01-06 06:51:10 ----D---- C:\WINDOWS\Media
2009-01-06 06:51:10 ----D---- C:\WINDOWS\java
2009-01-06 06:51:10 ----D---- C:\WINDOWS\ime
2009-01-06 06:51:10 ----D---- C:\WINDOWS\Help
2009-01-06 06:51:10 ----D---- C:\WINDOWS\Driver Cache
2009-01-06 06:51:10 ----D---- C:\WINDOWS\Debug
2009-01-06 06:51:10 ----D---- C:\WINDOWS\Cursors
2009-01-06 06:51:10 ----D---- C:\WINDOWS\Connection Wizard
2009-01-06 06:51:10 ----D---- C:\WINDOWS\Config
2009-01-06 06:51:10 ----D---- C:\WINDOWS\AppPatch
2009-01-06 06:51:10 ----D---- C:\WINDOWS\addins
2009-01-06 06:51:10 ----D---- C:\WINDOWS

======List of files/folders modified in the last 1 months======

2009-01-20 12:58:09 ----A---- C:\WINDOWS\win.ini
2009-01-19 13:59:02 ----RASH---- C:\NTDETECT.COM
2009-01-06 06:55:54 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2006-08-01 12952]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-04 36096]
R1 klif;Klif; \??\C:\WINDOWS\system32\drivers\klif.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\System32\DRIVERS\AegisP.sys [2009-01-19 21275]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2006-08-01 51800]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\PfModNT.sys []
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\System32\drivers\ctac32k.sys [2002-07-19 127948]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2002-07-19 837548]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\System32\drivers\ctprxy2k.sys [2002-07-19 11068]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\System32\drivers\ctsfm2k.sys [2002-07-19 213860]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\System32\drivers\emupia2k.sys [2002-07-19 156604]
R3 FA312;NETGEAR FA330/FA312/FA311 Fast Ethernet Adapter Driver; C:\WINDOWS\System32\DRIVERS\FA312nd5.sys [2001-08-17 16074]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2002-07-24 998004]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2001-08-23 9600]
R3 ialm;ialm; C:\WINDOWS\System32\DRIVERS\ialmnt5.sys [2005-10-19 807998]
R3 itchfltr;iTouch Keyboard Filter; C:\WINDOWS\system32\DRIVERS\itchfltr.sys [2004-03-10 12953]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 24344]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2002-07-19 195432]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2009-01-19 10368]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-04 20480]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2004-08-04 14848]
S2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\DLA\DLABMFSM.SYS [2006-08-08 35128]
S2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-08-08 32504]
S2 DLADResM;DLADResM; C:\WINDOWS\System32\DLA\DLADResM.SYS [2006-08-08 9432]
S2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-08-08 104504]
S2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-08-08 26136]
S2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-08-08 14552]
S2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-08-08 97880]
S2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-08-08 94680]
S3 ctljystk;Creative SBLive! Gameport; C:\WINDOWS\System32\DRIVERS\ctljystk.sys [2001-08-17 3712]
S3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
S3 emu10k1;Creative Interface Manager Driver (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
S3 RT73;Belkin Wireless G Plus MIMO USB Network Adapter Driver; C:\WINDOWS\System32\DRIVERS\rt73.sys [2007-11-09 452480]
S3 sfman;Creative SoundFont Manager Driver (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 RxFilter;RxFilter; C:\WINDOWS\system32\DRIVERS\RxFilter.sys [2006-08-09 50688]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-07-07 611664]
R2 AVP;Kaspersky Anti-Virus 7.0; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe [2007-06-28 218376]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTSvcCDA.exe [1999-12-13 44032]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-20 152984]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S2 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files\Common Files\Sonic Shared\RoxioUpnpService9.exe [2006-08-10 294912]
S2 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2006-08-10 303104]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-08-10 159744]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspn et_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe [2005-09-23 66240]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-20 651720]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files\Common Files\Sonic Shared\RoxioUPnPRenderer9.exe [2006-08-10 57344]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-08-10 880640]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-07-20 73728]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]

-----------------EOF-----------------

[marc1021]

NOW THE LOOKER.TXT FILE:

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD Tcpip [TCP/IP]
Provider ID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1001
Version: 2
Address Family: 2
Max Address Length: 16
Min Address Length: 16
Socket Type: 1
Protocol: 6
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD Tcpip [UDP/IP]
Provider ID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1002
Version: 2
Address Family: 2
Max Address Length: 16
Min Address Length: 16
Socket Type: 2
Protocol: 17
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD Tcpip [RAW/IP]
Provider ID: {E70F1AA0-AB8B-11CF-8CA3-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1003
Version: 2
Address Family: 2
Max Address Length: 16
Min Address Length: 16
Socket Type: 3
Protocol: 0
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: RSVP UDP Service Provider
Provider ID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Provider Path: %SystemRoot%\system32\rsvpsp.dll
Catalog Entry ID: 1004
Version: 6
Address Family: 2
Max Address Length: 16
Min Address Length: 16
Socket Type: 2
Protocol: 17
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: RSVP TCP Service Provider
Provider ID: {9D60A9E0-337A-11D0-BD88-0000C082E69A}
Provider Path: %SystemRoot%\system32\rsvpsp.dll
Catalog Entry ID: 1005
Version: 6
Address Family: 2
Max Address Length: 16
Min Address Length: 16
Socket Type: 1
Protocol: 6
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1E227B10-D161-4084-A0D1-9FED1E1CF1B1}] SEQPACKET 5
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1062
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 5
Protocol: -5
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{1E227B10-D161-4084-A0D1-9FED1E1CF1B1}] DATAGRAM 5
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1063
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 2
Protocol: -5
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{34A9214D-8E82-44D4-8744-3D942FCD619F}] SEQPACKET 3
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1064
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 5
Protocol: -3
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{34A9214D-8E82-44D4-8744-3D942FCD619F}] DATAGRAM 3
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1065
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 2
Protocol: -3
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7FB44553-4B8F-44E1-AB64-E6F786BA85AD}] SEQPACKET 4
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1066
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 5
Protocol: -4
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{7FB44553-4B8F-44E1-AB64-E6F786BA85AD}] DATAGRAM 4
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1067
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 2
Protocol: -4
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F2ADAEEB-F262-4261-B3EE-A4788577833E}] SEQPACKET 0
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1068
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 5
Protocol: -2147483648
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{F2ADAEEB-F262-4261-B3EE-A4788577833E}] DATAGRAM 0
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1069
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 2
Protocol: -2147483648
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{87E403F5-6CE1-48B9-8661-FDAD6B93BA66}] SEQPACKET 1
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1070
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 5
Protocol: -1
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{87E403F5-6CE1-48B9-8661-FDAD6B93BA66}] DATAGRAM 1
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1071
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 2
Protocol: -1
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{48C3B1F3-F725-43E7-AD89-490A8E103A63}] SEQPACKET 2
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1072
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 5
Protocol: -2
Protocol Chain Length: 1

Winsock Catalog Provider Entry
------------------------------------------------------
Entry Type: Base Service Provider
Description: MSAFD NetBIOS [\Device\NetBT_Tcpip_{48C3B1F3-F725-43E7-AD89-490A8E103A63}] DATAGRAM 2
Provider ID: {8D5F1830-C273-11CF-95C8-00805F48A192}
Provider Path: %SystemRoot%\system32\mswsock.dll
Catalog Entry ID: 1073
Version: 2
Address Family: 17
Max Address Length: 20
Min Address Length: 20
Socket Type: 2
Protocol: -2
Protocol Chain Length: 1

Name Space Provider Entry
------------------------------------------------------
Description: Tcpip
Provider ID: {22059D40-7E9E-11CF-AE5A-00AA00A7112B}
Name Space: 12
Active: 1
Version: 0


Name Space Provider Entry
------------------------------------------------------
Description: NTDS
Provider ID: {3B2637EE-E580-11CF-A555-00C04FD8D4AC}
Name Space: 32
Active: 1
Version: 0


Name Space Provider Entry
------------------------------------------------------
Description: Network Location Awareness (NLA) Namespace
Provider ID: {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83}
Name Space: 15
Active: 1
Version: 0

[Jintan]

Not even a hint of malware here, or problems with the Winsock LSP chain by the looks of it. You may need to ask on this in the CTH Networking forum for issues maybe with your router or other net problems.