Severe computer problems

View previous topic View next topic Go down

Severe computer problems

Post by devls9330 on Mon 09 May 2011, 3:24 pm

I have Dell PC that runs Windows XP. It is fairly old, approximately 5 years. Upon loading it one day, I ran into a blue screen telling me that it was beginning a physical dump of my memory. I ran MBAM in safe mode, but the program showed no viruses or malware. I am unable to load the computer in normal mode any longer, and the only way to operate is in safe mode. Here are my hijackthis logs:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:22:44 AM, on 5/9/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17096)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Administrator\My Documents\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
N3 - Netscape 7: user_pref("browser.startup.homepage", "[You must be registered and logged in to see this link.] (C:\Documents and Settings\ROZ WERNER\Application Data\Mozilla\Profiles\default\wr4aqi9o.slt\prefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\ROZ WERNER\Application Data\Mozilla\Profiles\default\wr4aqi9o.slt\prefs.js)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [] C:\Program Files\Internet Explorer\iexplore.exe [You must be registered and logged in to see this link.]
O4 - HKCU\..\RunOnce: [Shockwave Updater] "C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1159615.exe" -Update
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe

--
End of file - 2608 bytes

devls9330

Newbie Surfer
Newbie Surfer

Posts : 7
Joined : 2011-05-09
Operating System : Windows XP

View user profile

Back to top Go down

Re: Severe computer problems

Post by devls9330 on Mon 09 May 2011, 3:46 pm

OTL logfile created on: 5/9/2011 12:31:10 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\DOCUME~1\ROZWER~1\MYDOCU~1\DOWNLO~1
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 371.00 Mb Available Physical Memory | 73.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): c:\pagefile.sys 576 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\PROGRA~1
Drive C: | 149.04 Gb Total Space | 133.25 Gb Free Space | 89.41% Space Free | Partition Type: NTFS

Computer Name: WIZARDOFROZ | User Name: Roz Werner | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/09 00:23:45 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\ROZWER~1\MYDOCU~1\DOWNLO~1\OTL.COM
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (SafeList) ==========

MOD - [2011/05/09 00:23:45 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\DOCUME~1\ROZWER~1\MYDOCU~1\DOWNLO~1\OTL.COM
MOD - [2010/08/23 12:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Running] -- -- (helpsvc)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/04/30 13:07:08 | 000,658,432 | ---- | M] (Macrovision Europe Ltd.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2003/07/28 13:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)


========== Driver Services (SafeList) ==========

DRV - [2011/02/03 16:41:00 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2010/12/20 19:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/02/11 08:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2008/04/13 14:56:49 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008/04/13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (winusb)
DRV - [2005/11/23 16:51:38 | 000,245,248 | R--- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2005/05/14 17:10:31 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2005/02/01 19:18:38 | 000,017,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\bcm42rly.sys -- (BCM42RLY)
DRV - [2004/09/17 09:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2004/08/03 22:29:50 | 000,019,455 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wvchntxx.sys -- (iAimFP4)
DRV - [2004/08/03 22:29:48 | 000,012,063 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wsiintxx.sys -- (iAimFP3)
DRV - [2004/08/03 22:29:46 | 000,025,471 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv10nt.sys -- (iAimTV5)
DRV - [2004/08/03 22:29:46 | 000,023,615 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wch7xxnt.sys -- (iAimTV4)
DRV - [2004/08/03 22:29:46 | 000,022,271 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv06nt.sys -- (iAimTV6)
DRV - [2004/08/03 22:29:44 | 000,033,599 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv04nt.sys -- (iAimTV3)
DRV - [2004/08/03 22:29:44 | 000,019,551 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv02nt.sys -- (iAimTV1)
DRV - [2004/08/03 22:29:42 | 000,029,311 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\watv01nt.sys -- (iAimTV0)
DRV - [2004/08/03 22:29:42 | 000,011,871 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv09nt.sys -- (iAimFP7)
DRV - [2004/08/03 22:29:40 | 000,011,807 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv07nt.sys -- (iAimFP5)
DRV - [2004/08/03 22:29:40 | 000,011,295 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv08nt.sys -- (iAimFP6)
DRV - [2004/08/03 22:29:38 | 000,161,020 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\i81xnt5.sys -- (i81x)
DRV - [2004/08/03 22:29:38 | 000,012,415 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv01nt.sys -- (iAimFP0)
DRV - [2004/08/03 22:29:38 | 000,012,127 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv02nt.sys -- (iAimFP1)
DRV - [2004/08/03 22:29:38 | 000,011,775 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wadv05nt.sys -- (iAimFP2)
DRV - [2004/06/04 16:12:10 | 000,379,488 | R--- | M] (NETGEAR, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wg111nd5.sys -- (wg111nd5)
DRV - [2003/11/17 16:59:20 | 000,212,224 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 16:58:02 | 000,680,704 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 16:56:26 | 001,042,432 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2003/09/25 23:15:32 | 000,015,872 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\GTNDIS5.sys -- (GTNDIS5)
DRV - [2003/08/05 03:07:00 | 000,107,648 | R--- | M] (Cisco-Linksys LLC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vnetusbl.sys -- (USBNET)
DRV - [2003/05/28 18:53:46 | 000,017,005 | ---- | M] (Adaptec) [Kernel | Auto | Stopped] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2002/02/20 02:34:18 | 000,072,576 | R--- | M] (The LinkSys Group, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netusbxp.sys -- (USBNET_XP)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)
DRV - [2001/08/17 12:49:00 | 000,075,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atimpae.sys -- (atirage3)
DRV - [2001/08/17 10:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = [You must be registered and logged in to see this link.]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" =

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official"
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:3.11.3.15590
FF - prefs.js..extensions.enabledItems: vshareus@toolbar:1.0.0
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=LMW2&o=16046&locale=en_US&apn_uid=6455FF4A-31D1-42C9-8920-B4D0819A4DB8&apn_ptnrs=OE&apn_sauid=1FA000EA-3D7A-4911-B716-A0330DD92D81&apn_dtid=VIN006YYUS&q="

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/04 20:36:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/04 20:36:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.0\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2011/04/30 18:37:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.0\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2010/09/10 17:34:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.2\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2011/04/30 18:37:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Netscape 7.2\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2010/09/10 17:34:27 | 000,000,000 | ---D | M]

[2010/08/10 15:20:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Roz Werner\Application Data\Mozilla\Extensions
[2010/08/10 15:20:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Roz Werner\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/05/09 00:27:30 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Roz Werner\Application Data\Mozilla\Firefox\Profiles\kk0mw2zi.default\extensions
[2009/09/04 11:16:06 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Roz Werner\Application Data\Mozilla\Firefox\Profiles\kk0mw2zi.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/22 03:01:29 | 000,000,000 | ---D | M] (LimeWire Toolbar) -- C:\Documents and Settings\Roz Werner\Application Data\Mozilla\Firefox\Profiles\kk0mw2zi.default\extensions\toolbar@ask.com
[2011/01/09 23:01:47 | 000,000,000 | ---D | M] (vShare) -- C:\Documents and Settings\Roz Werner\Application Data\Mozilla\Firefox\Profiles\kk0mw2zi.default\extensions\vshareus@toolbar
[2011/05/08 23:40:24 | 000,002,568 | ---- | M] () -- C:\Documents and Settings\Roz Werner\Application Data\Mozilla\Firefox\Profiles\kk0mw2zi.default\searchplugins\askcom.xml
[2011/01/09 23:01:42 | 000,001,919 | ---- | M] () -- C:\Documents and Settings\Roz Werner\Application Data\Mozilla\Firefox\Profiles\kk0mw2zi.default\searchplugins\bing-zugo.xml
[2011/05/04 16:38:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2007/05/14 10:23:46 | 000,000,928 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {043C5167-00BB-4324-AF7E-62013FAEDACF} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {57F02779-3D88-4958-8AD3-83C12D86ADC7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {724D43A0-0D85-11D4-9908-00400523E39A} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (LimeWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Companion) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - File not found
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKCU..\RunOnce: [] C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\WINDOWS\System32\Adobe\Shockwave 11\SwHelper_1159615.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 207.69.188.185 207.69.188.186 207.69.188.187
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/05/14 15:36:34 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{559fdd2e-d28f-11dc-bb2a-000625191969}\Shell\AutoRun\command - "" = F:\setupSNK.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: helpsvc - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk - Reg Error: Value error. - File not found
MsConfig - StartUpReg: AcctMgr - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: GhostStartTrayApp - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: Mozilla Quick Launch - hkey= - key= - C:\Program Files\Netscape\Netscape\Netscp.exe (Mozilla, Netscape)
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - File not found
MsConfig - StartUpReg: RealTray - hkey= - key= - C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: RoboForm - hkey= - key= - File not found
MsConfig - StartUpReg: SpybotSD TeaTimer - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: SSC_UserPrompt - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: UserFaultCheck - hkey= - key= - File not found
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\Winampa.exe ()
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - File not found
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: nm - File not found
SafeBootNet: nm.sys - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0e} - Internet Explorer ReadMe
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0f} - IEEX
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1325db73-d9f1-48f8-8895-6d814ec58889} - Security Update for Windows XP (KB913433)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4DABA9C2-34E8-B1B6-099D-E9A401EBBD41} - NetShow
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-45

devls9330

Newbie Surfer
Newbie Surfer

Posts : 7
Joined : 2011-05-09
Operating System : Windows XP

View user profile

Back to top Go down

Re: Severe computer problems

Post by devls9330 on Mon 09 May 2011, 3:47 pm

Part 2:

11-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8BD18C0A-7EF9-4772-BF2A-336BDA8F85BE} - Advanced Searchbar for Windows
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {B7688854-288C-9C10-697B-F36B96564611} - Browser Customizations
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Reg Error: Value error.
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E017ED21-8704-BDB9-7EDB-84DDBC1EFA6A} - Windows Media Player
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Error starting restore point: The function was called in safe mode.
Error closing restore point: The sequence number is invalid.

========== Files/Folders - Created Within 30 Days ==========

[2011/05/08 23:56:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Roz Werner\Desktop\stephen
[2011/05/03 17:47:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\iJ01803PiKeO01803
[2011/04/16 23:38:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Norton
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/09 00:26:36 | 000,002,855 | ---- | M] () -- C:\Documents and Settings\Roz Werner\Desktop\Shortcut to OTL.pif
[2011/05/09 00:22:14 | 000,001,352 | ---- | M] () -- C:\Documents and Settings\Roz Werner\Desktop\Shortcut to HijackThis.lnk
[2011/05/09 00:03:01 | 000,013,668 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/05/09 00:02:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/05/09 00:02:06 | 534,855,680 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2011/05/08 23:55:57 | 000,001,501 | ---- | M] () -- C:\Documents and Settings\Roz Werner\Desktop\On-Screen Keyboard.lnk
[2011/05/07 05:27:47 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/07 03:01:00 | 000,000,244 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/05/06 15:38:05 | 000,000,454 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Roz Werner.job
[2011/05/06 08:32:51 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Administrator.job
[2011/05/04 21:40:14 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp
[2011/05/03 17:47:53 | 000,048,640 | ---- | M] () -- C:\WINDOWS\System32\drivers\4e722e7f79dfd3eb.sys
[2011/05/03 01:32:17 | 000,002,483 | ---- | M] () -- C:\Documents and Settings\Roz Werner\Desktop\Microsoft Office PowerPoint 2003.lnk
[2011/04/16 23:38:55 | 000,000,851 | ---- | M] () -- C:\Documents and Settings\Roz Werner\Desktop\Norton Installation Files.lnk
[2011/04/14 06:18:08 | 000,270,984 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/04/14 00:49:04 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/04/14 00:45:58 | 000,444,456 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/14 00:45:58 | 000,072,332 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/09 00:26:36 | 000,002,855 | ---- | C] () -- C:\Documents and Settings\Roz Werner\Desktop\Shortcut to OTL.pif
[2011/05/09 00:22:14 | 000,001,352 | ---- | C] () -- C:\Documents and Settings\Roz Werner\Desktop\Shortcut to HijackThis.lnk
[2011/05/08 23:55:57 | 000,001,501 | ---- | C] () -- C:\Documents and Settings\Roz Werner\Desktop\On-Screen Keyboard.lnk
[2011/05/07 04:22:50 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/05/04 20:32:39 | 000,000,460 | -H-- | C] () -- C:\WINDOWS\tasks\Norton Security Scan for Administrator.job
[2011/05/03 18:25:10 | 001,228,854 | ---- | C] () -- C:\fsqwr.bmp
[2011/05/03 17:47:53 | 000,048,640 | ---- | C] () -- C:\WINDOWS\System32\drivers\4e722e7f79dfd3eb.sys
[2011/04/16 23:38:55 | 000,000,851 | ---- | C] () -- C:\Documents and Settings\Roz Werner\Desktop\Norton Installation Files.lnk
[2011/03/19 16:35:17 | 000,000,049 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011/01/09 23:21:47 | 000,815,104 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2011/01/09 23:21:47 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/11/19 17:45:29 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\hidserv.dll
[2009/07/02 09:05:42 | 000,015,104 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbscan.sys
[2009/07/02 09:00:59 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2009/07/02 08:47:00 | 000,065,793 | ---- | C] () -- C:\WINDOWS\System32\EsFw32.BIN
[2009/07/02 08:46:13 | 000,000,111 | ---- | C] () -- C:\WINDOWS\EPSON Perfection 3170.ini
[2009/05/09 02:14:20 | 000,014,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\nuidfltr.sys
[2008/10/26 13:13:17 | 000,000,410 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2008/10/26 13:13:16 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\BD2140.DAT
[2008/10/26 13:07:14 | 000,000,030 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2008/09/01 10:58:57 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2008/09/01 10:56:55 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdpash.dll
[2008/09/01 10:56:55 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdnepr.dll
[2008/09/01 10:56:55 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdiultn.dll
[2008/09/01 10:56:54 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdbhc.dll
[2008/09/01 10:56:36 | 000,144,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\hdaudbus.sys
[2008/05/03 11:46:59 | 000,060,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbaudio.sys
[2008/01/23 15:59:50 | 000,032,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbccgp.sys
[2007/12/17 20:46:12 | 000,245,248 | R--- | C] () -- C:\WINDOWS\System32\drivers\rt73.sys
[2007/12/17 20:46:12 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2007/12/17 20:46:12 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\GTNDIS5.sys
[2007/12/17 20:46:10 | 000,017,992 | ---- | C] () -- C:\WINDOWS\System32\bcm42rly.sys
[2007/12/17 20:41:56 | 000,549,376 | ---- | C] () -- C:\WINDOWS\System32\u2ltw.dll
[2007/10/08 17:53:38 | 000,379,488 | R--- | C] () -- C:\WINDOWS\System32\drivers\wg111nd5.sys
[2007/09/28 17:49:27 | 000,000,094 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/08/06 11:07:30 | 000,008,784 | ---- | C] () -- C:\WINDOWS\System32\ractrlkeyhook.dll
[2007/02/02 11:59:40 | 000,014,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\kbdhid.sys
[2007/01/16 11:57:07 | 000,000,133 | ---- | C] () -- C:\Documents and Settings\Roz Werner\Local Settings\Application Data\fusioncache.dat
[2007/01/06 08:33:29 | 000,000,028 | ---- | C] () -- C:\WINDOWS\ICOA.INI
[2007/01/06 08:33:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QFNONL.ini
[2007/01/06 08:33:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QFN.ini
[2007/01/06 08:33:13 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QDQICK.ini
[2007/01/06 08:29:05 | 000,005,776 | ---- | C] () -- C:\WINDOWS\Icoadb32.dat
[2007/01/06 08:29:05 | 000,000,012 | ---- | C] () -- C:\WINDOWS\QBWCD.INI
[2006/12/13 09:30:50 | 063,839,744 | ---- | C] () -- C:\Program Files\Common Files\TaxWise Workstation.msi
[2006/11/02 07:22:54 | 000,492,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\wdf01000.sys
[2006/11/02 07:22:52 | 000,032,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\wdfldr.sys
[2006/11/02 07:00:08 | 000,039,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\winusb.sys
[2006/09/20 16:22:23 | 000,000,372 | ---- | C] () -- C:\WINDOWS\DATALINK.INI
[2006/09/20 16:22:23 | 000,000,206 | ---- | C] () -- C:\WINDOWS\TIMEXDL.INI
[2006/06/16 07:31:30 | 000,732,928 | ---- | C] () -- C:\WINDOWS\System32\drivers\senfilt.sys
[2006/06/16 07:31:30 | 000,260,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\smwdm.sys
[2006/06/16 06:50:06 | 000,016,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\MODEMCSA.sys
[2006/06/16 06:48:14 | 001,042,432 | R--- | C] () -- C:\WINDOWS\System32\drivers\HSF_DP.sys
[2006/06/16 06:48:13 | 000,212,224 | R--- | C] () -- C:\WINDOWS\System32\drivers\HSFHWBS2.sys
[2006/06/16 06:48:12 | 000,680,704 | R--- | C] () -- C:\WINDOWS\System32\drivers\HSF_CNXT.sys
[2006/06/15 17:42:36 | 000,000,121 | ---- | C] () -- C:\WINDOWS\Winamp.ini
[2006/06/12 16:18:12 | 000,876,666 | ---- | C] () -- C:\WINDOWS\System32\ialmdd5.dll
[2006/06/12 16:18:12 | 000,830,684 | ---- | C] () -- C:\WINDOWS\System32\drivers\ialmnt5.sys
[2006/06/12 16:18:12 | 000,194,298 | ---- | C] () -- C:\WINDOWS\System32\ialmdev5.dll
[2006/06/12 16:18:12 | 000,110,203 | ---- | C] () -- C:\WINDOWS\System32\ialmdnt5.dll
[2006/06/12 16:18:12 | 000,038,014 | ---- | C] () -- C:\WINDOWS\System32\ialmrnt5.dll
[2006/06/12 16:01:44 | 000,013,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\omci.sys
[2006/06/12 14:18:52 | 000,137,216 | ---- | C] () -- C:\WINDOWS\System32\atidrae.dll
[2006/06/12 13:38:47 | 000,012,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\mouhid.sys
[2006/06/12 13:38:29 | 000,010,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\hidusb.sys
[2005/12/21 18:57:36 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\nsldap32v50.dll
[2005/12/21 18:57:04 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\nsldappr32v50.dll
[2005/12/21 18:54:34 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\nsldapssl32v50.dll
[2005/08/08 19:18:41 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Roz Werner\Application Data\dm.ini
[2005/05/19 13:53:07 | 000,107,648 | R--- | C] () -- C:\WINDOWS\System32\drivers\vnetusbl.sys
[2005/05/18 12:26:48 | 000,025,856 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbprint.sys
[2005/05/16 17:47:38 | 000,105,168 | ---- | C] () -- C:\WINDOWS\GREUninstall.exe
[2005/05/16 12:18:09 | 000,000,076 | ---- | C] () -- C:\WINDOWS\Quicken.ini
[2005/05/15 06:53:58 | 000,000,878 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/05/14 19:29:11 | 000,685,056 | ---- | C] () -- C:\WINDOWS\System32\drivers\hsfcxts2.sys
[2005/05/14 19:29:11 | 000,220,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\hsfbs2s2.sys
[2005/05/14 19:29:11 | 000,019,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\hidir.sys
[2005/05/14 19:29:10 | 001,309,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2005/05/14 19:29:10 | 001,041,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\hsfdpsp2.sys
[2005/05/14 19:29:10 | 000,452,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2005/05/14 19:29:10 | 000,126,686 | ---- | C] () -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2005/05/14 19:29:10 | 000,011,043 | R--- | C] () -- C:\WINDOWS\System32\drivers\mdmxsdk.sys
[2005/05/14 19:29:09 | 001,897,408 | ---- | C] () -- C:\WINDOWS\System32\drivers\nv4_mini.sys
[2005/05/14 19:29:09 | 000,180,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2005/05/14 19:29:09 | 000,166,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2005/05/14 19:29:09 | 000,030,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2005/05/14 19:29:09 | 000,013,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\recagent.sys
[2005/05/14 19:29:09 | 000,012,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2005/05/14 19:29:08 | 000,404,990 | ---- | C] () -- C:\WINDOWS\System32\drivers\slntamr.sys
[2005/05/14 19:29:08 | 000,129,535 | ---- | C] () -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2005/05/14 19:29:08 | 000,095,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\slnthal.sys
[2005/05/14 19:29:08 | 000,044,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\uagp35.sys
[2005/05/14 19:29:08 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\sisagp.sys
[2005/05/14 19:29:08 | 000,013,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2005/05/14 19:29:08 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2005/05/14 19:29:08 | 000,003,901 | ---- | C] () -- C:\WINDOWS\System32\drivers\siint5.dll
[2005/05/14 19:29:07 | 000,377,984 | ---- | C] () -- C:\WINDOWS\System32\ati2dvaa.dll
[2005/05/14 19:29:07 | 000,121,984 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbvideo.sys
[2005/05/14 19:29:07 | 000,042,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\viaagp.sys
[2005/05/14 19:29:07 | 000,025,471 | ---- | C] () -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2005/05/14 19:29:07 | 000,022,271 | ---- | C] () -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2005/05/14 19:29:07 | 000,014,208 | ---- | C] () -- C:\WINDOWS\System32\drivers\wacompen.sys
[2005/05/14 19:29:07 | 000,011,935 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2005/05/14 19:29:07 | 000,011,871 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2005/05/14 19:29:07 | 000,011,807 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2005/05/14 19:29:07 | 000,011,325 | ---- | C] () -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2005/05/14 19:29:07 | 000,011,295 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2005/05/14 19:29:06 | 001,888,992 | ---- | C] () -- C:\WINDOWS\System32\ati3duag.dll
[2005/05/14 19:29:06 | 000,870,784 | ---- | C] () -- C:\WINDOWS\System32\ati3d1ag.dll
[2005/05/14 19:29:06 | 000,516,768 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dll
[2005/05/14 19:29:06 | 000,201,728 | ---- | C] () -- C:\WINDOWS\System32\ati2dvag.dll
[2005/05/14 19:28:59 | 001,737,856 | ---- | C] () -- C:\WINDOWS\System32\mtxparhd.dll
[2005/05/14 19:28:58 | 004,274,816 | ---- | C] () -- C:\WINDOWS\System32\nv4_disp.dll
[2005/05/14 19:28:57 | 000,397,056 | ---- | C] () -- C:\WINDOWS\System32\s3gnb.dll
[2005/05/14 17:10:58 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/05/14 17:08:51 | 000,105,168 | ---- | C] () -- C:\WINDOWS\NSUninst.exe
[2005/05/14 17:08:27 | 000,013,745 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005/05/14 15:53:14 | 000,072,576 | R--- | C] () -- C:\WINDOWS\System32\drivers\netusbxp.sys
[2005/05/14 15:39:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/05/14 15:33:39 | 000,073,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sr.sys
[2005/05/14 15:33:38 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\mnmdd.dll
[2005/05/14 15:33:25 | 000,022,720 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/05/14 15:32:02 | 000,021,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\tdtcp.sys
[2005/05/14 15:32:02 | 000,012,040 | ---- | C] () -- C:\WINDOWS\System32\drivers\tdpipe.sys
[2005/05/14 15:31:38 | 000,139,656 | ---- | C] () -- C:\WINDOWS\System32\drivers\rdpwd.sys
[2005/05/14 15:31:24 | 000,040,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\termdd.sys
[2005/05/14 15:31:23 | 000,196,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\rdpdr.sys
[2005/05/14 11:09:13 | 000,006,272 | ---- | C] () -- C:\WINDOWS\System32\drivers\splitter.sys
[2005/05/14 11:08:46 | 000,012,415 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv01nt.sys
[2005/05/14 11:08:45 | 000,012,127 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv02nt.sys
[2005/05/14 11:08:44 | 000,011,775 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv05nt.sys
[2005/05/14 11:08:43 | 000,012,063 | ---- | C] () -- C:\WINDOWS\System32\drivers\wsiintxx.sys
[2005/05/14 11:08:42 | 000,019,455 | ---- | C] () -- C:\WINDOWS\System32\drivers\wvchntxx.sys
[2005/05/14 11:08:41 | 000,029,311 | ---- | C] () -- C:\WINDOWS\System32\drivers\watv01nt.sys
[2005/05/14 11:08:40 | 000,019,551 | ---- | C] () -- C:\WINDOWS\System32\drivers\watv02nt.sys
[2005/05/14 11:08:39 | 000,033,599 | ---- | C] () -- C:\WINDOWS\System32\drivers\watv04nt.sys
[2005/05/14 11:08:38 | 000,023,615 | ---- | C] () -- C:\WINDOWS\System32\drivers\wch7xxnt.sys
[2005/05/14 11:08:31 | 000,057,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\redbook.sys
[2005/05/14 11:08:25 | 000,002,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\msmpu401.sys
[2005/05/14 11:08:06 | 000,702,845 | ---- | C] () -- C:\WINDOWS\System32\i81xdnt5.dll
[2005/05/14 11:08:06 | 000,161,020 | ---- | C] () -- C:\WINDOWS\System32\drivers\i81xnt5.sys
[2005/05/14 11:07:01 | 000,004,330 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/05/14 11:06:23 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\drivers\irenum.sys
[2005/05/14 11:05:00 | 000,270,984 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2004/12/14 18:55:22 | 000,000,019 | ---- | C] () -- C:\WINDOWS\System32\SmAgentAPI.dll
[2004/09/22 18:46:38 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\wpdusb.sys
[2004/08/12 10:11:42 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/08/12 10:11:41 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/08/12 10:10:27 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\ws2ifsl.sys
[2004/08/12 10:10:18 | 000,303,616 | ---- | C] () -- C:\WINDOWS\System32\wmstream.dll
[2004/08/12 10:09:54 | 000,004,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\wmilib.sys
[2004/08/12 10:09:49 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\wmerrenu.dll
[2004/08/12 10:09:18 | 001,857,920 | ---- | C] () -- C:\WINDOWS\System32\win32k.sys
[2004/08/12 10:08:45 | 000,034,560 | ---- | C] () -- C:\WINDOWS\System32\drivers\wanarp.sys
[2004/08/12 10:08:45 | 000,017,664 | ---- | C] () -- C:\WINDOWS\System32\watchdog.sys
[2004/08/12 10:08:35 | 000,052,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\volsnap.sys
[2004/08/12 10:08:33 | 000,081,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\videoprt.sys
[2004/08/12 10:08:23 | 000,051,456 | ---- | C] () -- C:\WINDOWS\System32\vga256.dll
[2004/08/12 10:08:23 | 000,018,176 | ---- | C] () -- C:\WINDOWS\System32\vga64k.dll
[2004/08/12 10:08:22 | 000,020,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\vga.sys
[2004/08/12 10:08:22 | 000,009,344 | ---- | C] () -- C:\WINDOWS\System32\vga.dll
[2004/08/12 10:08:05 | 000,026,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbstor.sys
[2004/08/12 10:08:05 | 000,020,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbuhci.sys
[2004/08/12 10:08:04 | 000,143,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbport.sys
[2004/08/12 10:08:03 | 000,059,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbhub.sys
[2004/08/12 10:08:03 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbehci.sys
[2004/08/12 10:08:03 | 000,004,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbd.sys
[2004/08/12 10:08:02 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\usb8023.sys
[2004/08/12 10:07:55 | 000,384,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\update.sys
[2004/08/12 10:07:41 | 000,066,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\udfs.sys
[2004/08/12 10:07:33 | 000,012,168 | ---- | C] () -- C:\WINDOWS\System32\tsddd.dll
[2004/08/12 10:07:12 | 000,019,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\tdi.sys
[2004/08/12 10:07:09 | 000,361,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\tcpip.sys
[2004/08/12 10:07:09 | 000,226,880 | ---- | C] () -- C:\WINDOWS\System32\drivers\tcpip6.sys
[2004/08/12 10:07:05 | 000,014,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\tape.sys
[2004/08/12 10:06:44 | 000,247,326 | ---- | C] () -- C:\WINDOWS\System32\strmdll.dll
[2004/08/12 10:06:30 | 000,357,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\srv.sys
[2004/08/12 10:05:45 | 000,014,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\smclib.sys
[2004/08/12 10:05:07 | 000,011,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\sffdisk.sys
[2004/08/12 10:05:07 | 000,011,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfloppy.sys
[2004/08/12 10:05:07 | 000,011,008 | ---- | C] () -- C:\WINDOWS\System32\drivers\sffp_sd.sys
[2004/08/12 10:04:57 | 000,064,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\serial.sys
[2004/08/12 10:04:56 | 000,015,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\serenum.sys
[2004/08/12 10:04:52 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/12 10:04:51 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2004/08/12 10:04:50 | 000,079,232 | ---- | C] () -- C:\WINDOWS\System32\drivers\sdbus.sys
[2004/08/12 10:04:49 | 000,096,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\scsiport.sys
[2004/08/12 10:04:24 | 000,005,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\rootmdm.sys
[2004/08/12 10:04:22 | 000,203,136 | ---- | C] () -- C:\WINDOWS\System32\drivers\rmcast.sys
[2004/08/12 10:04:22 | 000,030,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\rndismp.sys
[2004/08/12 10:04:19 | 000,059,136 | ---- | C] () -- C:\WINDOWS\System32\drivers\rfcomm.sys
[2004/08/12 10:04:08 | 000,092,424 | ---- | C] () -- C:\WINDOWS\System32\rdpdd.dll
[2004/08/12 10:04:08 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\rdpcdd.sys
[2004/08/12 10:04:07 | 000,175,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\rdbss.sys
[2004/08/12 10:04:06 | 000,034,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\rawwan.sys
[2004/08/12 10:04:04 | 000,048,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\raspptp.sys
[2004/08/12 10:04:04 | 000,041,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\raspppoe.sys
[2004/08/12 10:04:04 | 000,016,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\raspti.sys
[2004/08/12 10:04:02 | 000,051,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\rasl2tp.sys
[2004/08/12 10:04:00 | 000,008,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\rasacd.sys
[2004/08/12 10:03:49 | 000,017,792 | ---- | C] () -- C:\WINDOWS\System32\drivers\ptilink.sys
[2004/08/12 10:03:48 | 000,069,120 | ---- | C] () -- C:\WINDOWS\System32\drivers\psched.sys
[2004/08/12 10:03:21 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/12 10:03:20 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/12 10:03:14 | 000,120,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\pcmcia.sys
[2004/08/12 10:03:13 | 000,068,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\pci.sys
[2004/08/12 10:03:13 | 000,024,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\pciidex.sys
[2004/08/12 10:03:13 | 000,003,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\pciide.sys
[2004/08/12 10:03:11 | 000,019,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\partmgr.sys
[2004/08/12 10:03:11 | 000,006,784 | ---- | C] () -- C:\WINDOWS\System32\drivers\parvdm.sys
[2004/08/12 10:03:03 | 000,003,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\oprghdlr.sys
[2004/08/12 10:02:46 | 000,088,320 | ---- | C] () -- C:\WINDOWS\System32\drivers\nwlnkipx.sys
[2004/08/12 10:02:46 | 000,063,232 | ---- | C] () -- C:\WINDOWS\System32\drivers\nwlnknb.sys
[2004/08/12 10:02:46 | 000,055,936 | ---- | C] () -- C:\WINDOWS\System32\drivers\nwlnkspx.sys
[2004/08/12 10:02:46 | 000,032,512 | ---- | C] () -- C:\WINDOWS\System32\drivers\nwlnkfwd.sys
[2004/08/12 10:02:46 | 000,012,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\nwlnkflt.sys
[2004/08/12 10:02:43 | 000,002,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\null.sys
[2004/08/12 10:02:41 | 002,192,768 | ---- | C] () -- C:\WINDOWS\System32\ntoskrnl.exe
[2004/08/12 10:02:36 | 000,574,976 | ---- | C] () -- C:\WINDOWS\System32\drivers\ntfs.sys
[2004/08/12 10:02:30 | 000,030,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\npfs.sys
[2004/08/12 10:02:23 | 000,040,320 | ---- | C] () -- C:\WINDOWS\System32\drivers\nmnt.sys
[2004/08/12 10:01:47 | 000,162,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\netbt.sys
[2004/08/12 10:01:46 | 000,034,688 | ---- | C] () -- C:\WINDOWS\System32\drivers\netbios.sys
[2004/08/12 10:01:39 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndproxy.sys
[2004/08/12 10:01:38 | 000,182,656 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndis.sys
[2004/08/12 10:01:38 | 000,091,520 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndiswan.sys
[2004/08/12 10:01:38 | 000,010,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndistapi.sys
[2004/08/12 10:01:31 | 000,105,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\mup.sys
[2004/08/12 10:01:23 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\msvcrt40.dll
[2004/08/12 10:00:49 | 000,035,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\msgpc.sys
[2004/08/12 10:00:47 | 000,019,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\msfs.sys
[2004/08/12 10:00:10 | 000,455,936 | ---- | C] () -- C:\WINDOWS\System32\drivers\mrxsmb.sys
[2004/08/12 10:00:10 | 000,180,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\mrxdav.sys
[2004/08/12 10:00:00 | 000,042,368 | ---- | C] () -- C:\WINDOWS\System32\drivers\mountmgr.sys
[2004/08/12 09:59:58 | 000,010,112 | ---- | C] () -- C:\WINDOWS\System32\modex.dll
[2004/08/12 09:59:56 | 000,004,224 | ---- | C] () -- C:\WINDOWS\System32\drivers\mnmdd.sys
[2004/08/12 09:59:52 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/12 09:59:46 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/12 09:59:13 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\mcdsrv32.dll
[2004/08/12 09:59:13 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\drivers\mcd.sys
[2004/08/12 09:58:41 | 000,092,928 | ---- | C] () -- C:\WINDOWS\System32\drivers\ksecdd.sys
[2004/08/12 09:58:38 | 000,007,424 | ---- | C] () -- C:\WINDOWS\System32\kd1394.dll
[2004/08/12 09:58:38 | 000,007,040 | ---- | C] () -- C:\WINDOWS\System32\kdcom.dll
[2004/08/12 09:58:38 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\kbdycl.dll
[2004/08/12 09:58:37 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdusx.dll
[2004/08/12 09:58:37 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdusr.dll
[2004/08/12 09:58:37 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdusl.dll
[2004/08/12 09:58:37 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdycc.dll
[2004/08/12 09:58:37 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbduzb.dll
[2004/08/12 09:58:37 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdus.dll
[2004/08/12 09:58:36 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\kbdukx.dll
[2004/08/12 09:58:36 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdtuq.dll
[2004/08/12 09:58:36 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdtuf.dll
[2004/08/12 09:58:36 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdur.dll
[2004/08/12 09:58:36 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbduk.dll
[2004/08/12 09:58:35 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\kbdsmsno.dll
[2004/08/12 09:58:35 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdsw.dll
[2004/08/12 09:58:35 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdsp.dll
[2004/08/12 09:58:35 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdtat.dll
[2004/08/12 09:58:34 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\kbdsmsfi.dll
[2004/08/12 09:58:34 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\kbdsl1.dll
[2004/08/12 09:58:34 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\kbdsl.dll
[2004/08/12 09:58:34 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\kbdsg.dll
[2004/08/12 09:58:34 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdsf.dll
[2004/08/12 09:58:34 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdru1.dll
[2004/08/12 09:58:34 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdru.dll
[2004/08/12 09:58:34 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdro.dll
[2004/08/12 09:58:33 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\kbdno1.dll
[2004/08/12 09:58:33 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\kbdpl.dll
[2004/08/12 09:58:33 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdpo.dll
[2004/08/12 09:58:33 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdno.dll
[2004/08/12 09:58:33 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdpl1.dll
[2004/08/12 09:58:32 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\kbdnec.dll
[2004/08/12 09:58:32 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdne.dll
[2004/08/12 09:58:32 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdmlt48.dll
[2004/08/12 09:58:32 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdmlt47.dll
[2004/08/12 09:58:32 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdmac.dll
[2004/08/12 09:58:32 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdlv1.dll
[2004/08/12 09:58:32 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdmon.dll
[2004/08/12 09:58:32 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdmaori.dll
[2004/08/12 09:58:31 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\kbdla.dll
[2004/08/12 09:58:31 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdlv.dll
[2004/08/12 09:58:31 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdlt1.dll
[2004/08/12 09:58:31 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdlt.dll
[2004/08/12 09:58:31 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdkyr.dll
[2004/08/12 09:58:31 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdkaz.dll
[2004/08/12 09:58:30 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\kbdinmal.dll
[2004/08/12 09:58:30 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdit142.dll
[2004/08/12 09:58:30 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdit.dll
[2004/08/12 09:58:30 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdir.dll
[2004/08/12 09:58:29 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdinben.dll
[2004/08/12 09:58:29 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdinbe1.dll
[2004/08/12 09:58:29 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdic.dll
[2004/08/12 09:58:28 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\kbdhept.dll
[2004/08/12 09:58:28 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\kbdhu.dll
[2004/08/12 09:58:28 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\kbdhela3.dll
[2004/08/12 09:58:28 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdhela2.dll
[2004/08/12 09:58:28 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdhu1.dll
[2004/08/12 09:58:28 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdhe319.dll
[2004/08/12 09:58:27 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdgr1.dll
[2004/08/12 09:58:27 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdgr.dll
[2004/08/12 09:58:27 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdgkl.dll
[2004/08/12 09:58:27 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdfr.dll
[2004/08/12 09:58:27 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdfo.dll
[2004/08/12 09:58:27 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdhe220.dll
[2004/08/12 09:58:27 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdhe.dll
[2004/08/12 09:58:27 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdgae.dll
[2004/08/12 09:58:26 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\kbdfi1.dll
[2004/08/12 09:58:26 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdfi.dll
[2004/08/12 09:58:26 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdfc.dll
[2004/08/12 09:58:26 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdest.dll
[2004/08/12 09:58:26 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdes.dll
[2004/08/12 09:58:26 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\kbddv.dll
[2004/08/12 09:58:25 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\kbdclass.sys
[2004/08/12 09:58:25 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\kbdcan.dll
[2004/08/12 09:58:25 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\kbdcz.dll
[2004/08/12 09:58:25 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\kbdcz2.dll
[2004/08/12 09:58:25 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\kbdcz1.dll
[2004/08/12 09:58:25 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\kbdcr.dll
[2004/08/12 09:58:25 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdda.dll
[2004/08/12 09:58:24 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdca.dll
[2004/08/12 09:58:24 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdbr.dll
[2004/08/12 09:58:24 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdbene.dll
[2004/08/12 09:58:24 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdbe.dll
[2004/08/12 09:58:24 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdbu.dll
[2004/08/12 09:58:24 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdblr.dll
[2004/08/12 09:58:24 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdazel.dll
[2004/08/12 09:58:24 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\kbdaze.dll
[2004/08/12 09:58:23 | 000,006,656 | ---- | C] () -- C:\WINDOWS\System32\kbdal.dll
[2004/08/12 09:58:17 | 000,037,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\isapnp.sys
[2004/08/12 09:58:13 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\drivers\ipsec.sys
[2004/08/12 09:58:09 | 000,152,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\ipnat.sys
[2004/08/12 09:58:09 | 000,032,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\ipfltdrv.sys
[2004/08/12 09:58:09 | 000,020,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\ipinip.sys
[2004/08/12 09:58:08 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\drivers\ip6fw.sys
[2004/08/12 09:58:07 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\intelppm.sys
[2004/08/12 09:58:07 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\intelide.sys
[2004/08/12 09:58:03 | 000,042,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\imapi.sys
[2004/08/12 09:57:52 | 000,052,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\i8042prt.sys
[2004/08/12 09:57:51 | 000,265,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\http.sys
[2004/08/12 09:57:44 | 000,024,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\hidparse.sys
[2004/08/12 09:57:43 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\hidclass.sys
[2004/08/12 09:57:43 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\hidbth.sys
[2004/08/12 09:57:38 | 000,131,840 | ---- | C] () -- C:\WINDOWS\System32\HAL.DLL
[2004/08/12 09:57:26 | 000,009,344 | ---- | C] () -- C:\WINDOWS\System32\framebuf.dll
[2004/08/12 09:57:10 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/12 09:56:48 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/12 09:56:37 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\csrsrv.dll
[2004/08/12 09:55:55 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\bootvid.dll
[2004/08/12 09:55:52 | 000,290,432 | ---- | C] () -- C:\WINDOWS\System32\atmfd.dll
[2004/08/03 19:15:56 | 000,060,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\sysaudio.sys
[2004/08/03 19:15:50 | 000,146,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\portcls.sys
[2004/08/03 19:15:22 | 000,141,056 | ---- | C] () -- C:\WINDOWS\System32\drivers\ks.sys
[2004/08/03 19:15:06 | 000,083,072 | ---- | C] () -- C:\WINDOWS\System32\drivers\wdmaud.sys
[2004/08/03 19:09:56 | 000,025,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\sonydcam.sys
[2004/08/03 19:08:58 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbintel.sys
[2004/08/03 19:08:06 | 000,030,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\modem.sys
[2004/08/03 19:08:04 | 000,049,408 | ---- | C] () -- C:\WINDOWS\System32\drivers\stream.sys
[2004/08/03 19:07:50 | 000,172,416 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmixer.sys
[2004/08/03 19:07:48 | 000,015,488 | ---- | C] () -- C:\WINDOWS\System32\drivers\mssmbios.sys
[2004/08/03 19:07:46 | 000,063,744 | ---- | C] () -- C:\WINDOWS\System32\drivers\mf.sys
[2004/08/03 19:07:38 | 000,005,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\smbali.sys
[2004/08/03 19:03:18 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\tunmp.sys
[2004/08/03 19:03:14 | 000,014,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndisuio.sys
[2004/08/03 18:59:20 | 000,042,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\p3.sys
[2004/08/03 18:59:18 | 000,035,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\processr.sys
[2004/08/03 18:59:08 | 000,080,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\parport.sys
[2004/08/03 18:58:42 | 000,007,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\mskssrv.sys
[2004/08/03 18:58:42 | 000,004,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\mspqm.sys
[2004/08/03 18:58:42 | 000,004,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\swenum.sys
[2004/08/03 18:58:40 | 000,005,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\mspclock.sys
[2004/08/03 18:58:34 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\drivers\mouclass.sys
[2004/08/03 18:58:30 | 000,061,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\nic1394.sys
[2003/03/31 08:00:00 | 000,444,456 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003/03/31 08:00:00 | 000,072,332 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003/03/31 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/08/17 18:36:36 | 000,003,200 | ---- | C] () -- C:\WINDOWS\System32\wowfax.dll
[2001/08/17 10:06:22 | 000,021,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\tsbvcap.sys
[2001/08/17 10:03:44 | 000,025,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbcamd2.sys
[2001/08/17 10:03:42 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\usbcamd.sys
[2001/08/17 10:02:14 | 000,058,112 | ---- | C] () -- C:\WINDOWS\System32\drivers\vdmindvd.sys
[2001/08/17 10:01:34 | 000,051,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\tosdvd.sys
[2001/08/17 10:00:52 | 000,056,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\swmidi.sys
[2001/08/17 09:24:46 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\riodrv.sys
[2001/08/17 09:24:46 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\rio8drv.sys
[2001/08/17 09:24:44 | 000,012,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\nikedrv.sys
[2000/09/13 22:03:00 | 000,000,145 | ---- | C] () -- C:\WINDOWS\System32\EBPPORT.DAT
[1999/08/13 05:20:00 | 000,171,520 | ---- | C] () -- C:\WINDOWS\System32\patchw32.dll
[1999/01/22 14:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL

========== Custom Scans ==========


< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/06/10 13:28:42 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/04/09 14:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2008/07/06 06:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2007/12/17 21:16:12 | 000,001,610 | -H-- | M] () -- C:\Documents and Settings\Roz Werner\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2008/09/24 18:36:49 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2005/05/14 19:50:29 | 000,000,177 | -HS- | M] () -- C:\Documents and Settings\Roz Werner\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2005/05/14 15:42:44 | 000,000,079 | ---- | M] () -- C:\DOCUME~1\ROZWER~1\APPLIC~1\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >
[2007/12/03 21:52:56 | 063,839,744 | ---- | M] () -- C:\Program Files\Common Files\TaxWise Workstation.msi

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2011/05/04 20:35:52 | 000,107,480 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2011/05/04 20:35:53 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2011/05/04 20:35:59 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2011/05/04 20:36:01 | 000,246,744 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2005/05/14 19:50:29 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Roz Werner\Favorites\Desktop.ini


devls9330

Newbie Surfer
Newbie Surfer

Posts : 7
Joined : 2011-05-09
Operating System : Windows XP

View user profile

Back to top Go down

Re: Severe computer problems

Post by devls9330 on Mon 09 May 2011, 3:48 pm

Part 3:

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.exe /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2011/05/03 17:47:53 | 000,048,640 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\4e722e7f79dfd3eb.sys
[2004/08/03 22:41:38 | 001,309,184 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mtlstrm.sys
[2004/08/03 22:29:38 | 000,452,736 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mtxparhm.sys
[2008/04/13 15:17:05 | 000,105,344 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mup.sys
[2008/04/13 14:43:55 | 000,012,672 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\mutohpen.sys
[2008/04/13 15:20:37 | 000,182,656 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ndis.sys
[2008/04/13 14:57:27 | 000,010,112 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ndistapi.sys
[2008/04/13 14:55:58 | 000,014,592 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ndisuio.sys
[2008/04/13 15:20:42 | 000,091,520 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ndiswan.sys
[2010/11/02 11:17:02 | 000,040,960 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ndproxy.sys
[2008/04/13 14:56:02 | 000,034,688 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\netbios.sys
[2008/04/13 15:21:00 | 000,162,816 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\netbt.sys
[2002/02/20 02:34:18 | 000,072,576 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\netusbxp.sys
[2008/04/13 14:51:25 | 000,061,824 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nic1394.sys
[2004/08/12 09:57:07 | 000,012,032 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nikedrv.sys
[2008/04/13 14:53:09 | 000,040,320 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nmnt.sys
[2008/04/13 14:32:39 | 000,030,848 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\npfs.sys
[2008/04/13 15:15:53 | 000,574,976 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004/08/03 22:41:40 | 000,180,360 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ntmtlfax.sys
[2009/05/09 02:14:20 | 000,014,736 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nuidfltr.sys
[2004/08/12 10:02:43 | 000,002,944 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\null.sys
[2004/08/03 22:29:56 | 001,897,408 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nv4_mini.sys
[2004/08/12 10:02:46 | 000,012,416 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nwlnkflt.sys
[2004/08/12 10:02:46 | 000,032,512 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys
[2008/04/13 14:56:06 | 000,088,320 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nwlnkipx.sys
[2004/08/12 10:02:46 | 000,063,232 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nwlnknb.sys
[2004/08/12 10:02:46 | 000,055,936 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\nwlnkspx.sys
[2001/08/22 08:42:58 | 000,013,632 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\omci.sys
[2004/08/12 10:03:03 | 000,003,456 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\oprghdlr.sys
[2008/04/13 14:31:31 | 000,042,752 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\p3.sys
[2008/04/13 14:40:10 | 000,080,128 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\parport.sys
[2008/04/13 14:40:49 | 000,019,712 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\partmgr.sys
[2004/08/12 10:03:11 | 000,006,784 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\parvdm.sys
[2008/04/13 14:36:44 | 000,068,224 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\pci.sys
[2004/08/12 10:03:13 | 000,003,328 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\pciide.sys
[2008/04/13 14:40:29 | 000,024,960 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\pciidex.sys
[2008/04/13 14:36:43 | 000,120,192 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\pcmcia.sys
[2008/04/13 15:19:41 | 000,146,048 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\portcls.sys
[2008/04/13 14:31:30 | 000,035,840 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\processr.sys
[2008/04/13 14:56:38 | 000,069,120 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\psched.sys
[2004/08/12 10:03:49 | 000,017,792 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ptilink.sys
[2004/08/12 10:04:00 | 000,008,832 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rasacd.sys
[2008/04/13 15:19:43 | 000,051,328 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rasl2tp.sys
[2008/04/13 14:57:32 | 000,041,472 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\raspppoe.sys
[2008/04/13 15:19:48 | 000,048,384 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\raspptp.sys
[2004/08/12 10:04:04 | 000,016,512 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\raspti.sys
[2004/08/12 10:04:06 | 000,034,432 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rawwan.sys
[2008/04/13 15:28:39 | 000,175,744 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rdbss.sys
[2004/08/12 10:04:08 | 000,004,224 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rdpcdd.sys
[2008/04/13 14:32:51 | 000,196,224 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rdpdr.sys
[2008/04/13 20:13:22 | 000,139,656 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rdpwd.sys
[2004/08/03 22:41:40 | 000,013,776 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\recagent.sys
[2008/04/13 14:40:27 | 000,057,600 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\redbook.sys
[2008/04/13 14:46:32 | 000,059,136 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rfcomm.sys
[2004/08/12 09:57:07 | 000,012,032 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rio8drv.sys
[2004/08/12 09:57:07 | 000,012,032 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\riodrv.sys
[2008/05/08 10:02:52 | 000,203,136 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rmcast.sys
[2008/04/13 14:56:49 | 000,030,592 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rndismp.sys
[2008/04/13 14:56:49 | 000,030,592 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rndismpx.sys
[2004/08/12 10:04:24 | 000,005,888 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rootmdm.sys
[2005/11/23 16:51:38 | 000,245,248 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rt73.sys
[2004/08/03 22:29:52 | 000,166,912 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\s3gnbm.sys
[2008/04/13 14:40:30 | 000,096,384 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\scsiport.sys
[2008/04/13 14:36:44 | 000,079,232 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sdbus.sys
[2007/11/13 06:25:53 | 000,020,480 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\secdrv.sys
[2004/09/17 09:02:54 | 000,732,928 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\senfilt.sys
[2008/04/13 14:40:12 | 000,015,744 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\serenum.sys
[2008/04/13 15:15:45 | 000,064,512 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\serial.sys
[2008/04/13 14:40:47 | 000,011,904 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sffdisk.sys
[2008/04/13 14:40:48 | 000,010,240 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sffp_mmc.sys
[2008/04/13 14:40:47 | 000,011,008 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sffp_sd.sys
[2008/04/13 14:40:48 | 000,011,392 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sfloppy.sys
[2008/04/13 14:36:39 | 000,040,960 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sisagp.sys
[2004/08/03 22:41:42 | 000,129,535 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\slnt7554.sys
[2004/08/03 22:41:44 | 000,404,990 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\slntamr.sys
[2004/08/03 22:41:46 | 000,095,424 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\slnthal.sys
[2004/08/03 22:41:46 | 000,013,240 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\slwdmsup.sys
[2008/04/13 14:36:34 | 000,005,888 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\smbali.sys
[2004/08/12 10:05:45 | 000,014,592 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\smclib.sys
[2005/03/22 11:08:40 | 000,260,224 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\smwdm.sys
[2008/04/13 14:46:07 | 000,025,344 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sonydcam.sys
[2008/04/13 14:45:07 | 000,006,272 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\splitter.sys
[2008/04/13 14:36:52 | 000,073,472 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sr.sys
[2011/02/17 09:18:03 | 000,357,888 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\srv.sys
[2008/04/13 14:45:15 | 000,049,408 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\stream.sys
[2008/04/13 14:39:53 | 000,004,352 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\swenum.sys
[2008/04/13 14:45:09 | 000,056,576 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\swmidi.sys
[2008/04/13 15:15:55 | 000,060,800 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sysaudio.sys
[2008/04/13 14:40:50 | 000,014,976 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tape.sys
[2008/06/20 07:51:12 | 000,361,600 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2010/02/11 08:02:15 | 000,226,880 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tcpip6.sys
[2008/04/13 15:00:05 | 000,019,072 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tdi.sys
[2008/04/13 20:13:20 | 000,012,040 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tdpipe.sys
[2008/04/13 20:13:21 | 000,021,896 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tdtcp.sys
[2008/04/13 20:13:20 | 000,040,840 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\termdd.sys
[2004/08/12 09:57:07 | 000,051,712 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tosdvd.sys
[2004/08/12 09:57:07 | 000,021,376 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tsbvcap.sys
[2008/04/13 14:56:01 | 000,012,288 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\tunmp.sys
[2008/04/13 14:36:40 | 000,044,672 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\uagp35.sys
[2008/04/13 14:32:36 | 000,066,048 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\udfs.sys
[2008/04/13 14:39:46 | 000,384,768 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\update.sys
[2008/04/13 14:56:49 | 000,012,800 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usb8023.sys
[2008/04/13 14:56:49 | 000,012,800 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usb8023x.sys
[2008/04/13 14:45:12 | 000,060,032 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbaudio.sys
[2008/04/13 14:45:40 | 000,025,600 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbcamd.sys
[2008/04/13 14:45:41 | 000,025,728 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbcamd2.sys
[2008/04/13 14:45:39 | 000,032,128 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbccgp.sys
[2004/08/12 10:08:03 | 000,004,736 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbd.sys
[2008/04/13 14:45:35 | 000,030,208 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbehci.sys
[2008/04/13 14:45:37 | 000,059,520 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbhub.sys
[2008/04/13 14:45:43 | 000,015,872 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbintel.sys
[2008/04/13 14:45:36 | 000,143,872 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbport.sys
[2008/04/13 14:47:37 | 000,025,856 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbprint.sys
[2008/04/13 14:45:34 | 000,015,104 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbscan.sys
[2008/04/13 14:45:38 | 000,026,368 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbstor.sys
[2008/04/13 14:45:35 | 000,020,608 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbuhci.sys
[2008/04/13 14:46:20 | 000,121,984 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\usbvideo.sys
[2004/08/12 09:57:07 | 000,058,112 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\vdmindvd.sys
[2008/04/13 14:44:40 | 000,020,992 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\vga.sys
[2008/04/13 14:36:40 | 000,042,240 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\viaagp.sys
[2008/04/13 14:44:40 | 000,081,664 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\videoprt.sys
[2003/08/05 03:07:00 | 000,107,648 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\vnetusbl.sys
[2008/04/13 14:41:01 | 000,052,352 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\volsnap.sys
[2008/04/13 14:43:55 | 000,014,208 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wacompen.sys
[2004/08/03 22:29:38 | 000,012,415 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wadv01nt.sys
[2004/08/03 22:29:38 | 000,012,127 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wadv02nt.sys
[2004/08/03 22:29:38 | 000,011,775 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wadv05nt.sys
[2004/08/03 22:29:40 | 000,011,807 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wadv07nt.sys
[2004/08/03 22:29:40 | 000,011,295 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wadv08nt.sys
[2004/08/03 22:29:42 | 000,011,871 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wadv09nt.sys
[2004/08/03 22:29:42 | 000,011,935 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wadv11nt.sys
[2008/04/13 14:57:21 | 000,034,560 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wanarp.sys
[2004/08/03 22:29:42 | 000,029,311 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\watv01nt.sys
[2004/08/03 22:29:44 | 000,019,551 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\watv02nt.sys
[2004/08/03 22:29:44 | 000,033,599 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\watv04nt.sys
[2004/08/03 22:29:46 | 000,022,271 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\watv06nt.sys
[2004/08/03 22:29:46 | 000,025,471 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\watv10nt.sys
[2004/08/03 22:29:46 | 000,023,615 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wch7xxnt.sys
[2006/11/02 07:22:54 | 000,492,000 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wdf01000.sys
[2006/11/02 07:22:52 | 000,032,224 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wdfldr.sys
[2008/04/13 15:17:18 | 000,083,072 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wdmaud.sys
[2004/06/04 16:12:10 | 000,379,488 | R--- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wg111nd5.sys
[2006/11/02 07:00:08 | 000,039,368 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\winusb.sys
[2004/08/12 10:09:54 | 000,004,352 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wmilib.sys
[2004/09/22 18:46:38 | 000,018,944 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wpdusb.sys
[2004/08/12 10:10:27 | 000,012,032 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
[2004/08/03 22:29:48 | 000,012,063 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wsiintxx.sys
[2004/08/03 22:29:50 | 000,019,455 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\wvchntxx.sys

< %systemroot%\System32\config\*.sav >
[2006/06/10 09:15:31 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2006/05/29 21:41:38 | 000,262,144 | ---- | M] () -- C:\WINDOWS\system32\config\security.sav
[2006/06/10 09:15:31 | 017,563,648 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2006/06/10 09:15:31 | 004,980,736 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.sys >
[2004/08/12 09:55:47 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2005/02/01 19:18:38 | 000,017,992 | ---- | M] () -- C:\WINDOWS\system32\bcm42rly.sys
[2004/08/12 09:56:34 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2003/09/25 23:15:32 | 000,015,872 | ---- | M] () -- C:\WINDOWS\system32\GTNDIS5.sys
[2004/08/12 09:57:44 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2004/08/12 09:58:39 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2004/08/12 09:58:39 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2004/08/12 10:02:34 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2004/08/12 10:02:34 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2004/08/12 10:02:34 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2004/08/12 10:02:34 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2004/08/12 10:02:35 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2004/08/12 10:02:36 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2004/08/12 10:02:37 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2004/08/12 10:02:37 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2004/08/12 10:02:37 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2004/08/12 10:02:37 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2008/04/13 14:44:59 | 000,017,664 | ---- | M] () -- C:\WINDOWS\system32\watchdog.sys
[2011/03/03 09:21:11 | 001,857,920 | ---- | M] () -- C:\WINDOWS\system32\win32k.sys
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.dll >
[2008/04/13 20:11:48 | 000,004,255 | ---- | M] () -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2008/04/13 20:11:48 | 000,003,967 | ---- | M] () -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2008/04/13 20:11:48 | 000,003,615 | ---- | M] () -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2008/04/13 20:11:48 | 000,003,647 | ---- | M] () -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2008/04/13 20:11:48 | 000,003,135 | ---- | M] () -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2008/04/13 20:11:48 | 000,003,711 | ---- | M] () -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2008/04/13 20:11:48 | 000,003,775 | ---- | M] () -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2008/04/13 20:11:50 | 000,021,183 | ---- | M] () -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2008/04/13 20:11:50 | 000,011,359 | ---- | M] () -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2008/04/13 20:11:50 | 000,025,471 | ---- | M] () -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2008/04/13 20:11:50 | 000,014,143 | ---- | M] () -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2008/04/13 20:11:50 | 000,017,279 | ---- | M] () -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2008/04/13 20:11:50 | 000,015,423 | ---- | M] () -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2008/04/13 21:11:54 | 000,021,504 | ---- | M] () -- C:\WINDOWS\system32\drivers\hidserv.dll
[2008/04/13 20:12:05 | 000,003,901 | ---- | M] () -- C:\WINDOWS\system32\drivers\siint5.dll
[2008/04/13 20:12:08 | 000,011,325 | ---- | M] () -- C:\WINDOWS\system32\drivers\vchnt5.dll

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2008/07/06 08:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/04/09 14:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll

< %SYSTEMDRIVE%\*.* >
[2005/05/14 15:36:34 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2006/06/10 13:24:27 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2005/05/14 15:36:34 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/05/04 21:40:14 | 001,228,854 | ---- | M] () -- C:\fsqwr.bmp
[2005/05/14 15:36:34 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2005/05/14 15:36:34 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/12 10:02:33 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/09/24 18:19:45 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/05/09 00:02:06 | 603,979,776 | -HS- | M] () -- C:\pagefile.sys

< %PROGRAMFILES%\*. >
[2009/07/02 08:53:38 | 000,000,000 | ---D | M] -- C:\Program Files\ABBYY FineReader 5.0 Sprint
[2009/02/01 11:13:39 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2009/04/18 10:21:11 | 000,000,000 | ---D | M] -- C:\Program Files\Advanced Searchbar
[2005/05/14 20:58:56 | 000,000,000 | ---D | M] -- C:\Program Files\Ahead
[2006/06/16 07:31:55 | 000,000,000 | ---D | M] -- C:\Program Files\Analog Devices
[2005/05/16 17:48:15 | 000,000,000 | ---D | M] -- C:\Program Files\AOD
[2011/03/22 03:01:29 | 000,000,000 | ---D | M] -- C:\Program Files\Ask.com
[2007/12/17 20:33:00 | 000,000,000 | ---D | M] -- C:\Program Files\Business Objects
[2006/02/04 15:55:30 | 000,000,000 | ---D | M] -- C:\Program Files\Citrix
[2011/01/27 03:50:31 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2005/05/14 15:33:22 | 000,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications
[2006/06/16 06:48:18 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2006/12/13 09:31:22 | 000,000,000 | ---D | M] -- C:\Program Files\Crystal Decisions
[2006/09/20 16:11:35 | 000,000,000 | ---D | M] -- C:\Program Files\DATALINK
[2010/02/25 18:36:24 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2005/10/08 11:04:10 | 000,000,000 | ---D | M] -- C:\Program Files\HighMAT CD Writing Wizard
[2010/03/01 14:21:00 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2011/04/14 00:48:23 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/03/01 14:14:35 | 000,000,000 | ---D | M] -- C:\Program Files\Intuit
[2008/09/24 17:40:15 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2005/05/14 17:10:04 | 000,000,000 | ---D | M] -- C:\Program Files\Java Web Start
[2011/01/13 01:26:16 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/08/29 21:18:20 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee Security Scan
[2008/09/24 18:53:08 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2009/09/02 07:30:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2007/01/26 20:40:18 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2005/05/19 10:06:42 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft AntiSpyware
[2007/05/09 20:24:55 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2005/05/15 06:43:34 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2007/12/15 17:05:52 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2007/01/26 20:38:50 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2007/01/28 10:20:57 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2007/01/26 20:37:58 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/08/12 03:04:17 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2011/05/08 23:50:19 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2010/03/01 14:27:38 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Thunderbird
[2009/08/16 10:04:00 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2007/12/15 17:05:38 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2008/09/24 18:34:24 | 000,000,000 | ---D | M] -- C:\Program Files\msn
[2005/05/14 15:32:25 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2007/01/19 09:19:47 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2008/09/24 18:26:04 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2005/05/14 17:07:51 | 000,000,000 | ---D | M] -- C:\Program Files\Netscape
[2011/01/27 03:50:21 | 000,000,000 | ---D | M] -- C:\Program Files\Norton Security Scan
[2011/04/16 23:42:43 | 000,000,000 | ---D | M] -- C:\Program Files\NortonInstaller
[2005/05/14 15:56:26 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/12/16 04:02:37 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2005/05/14 17:10:26 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2009/08/16 10:03:26 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2005/05/15 07:09:28 | 000,000,000 | ---D | M] -- C:\Program Files\Setup downloaded pgms
[2005/05/14 15:42:27 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2005/05/14 17:10:34 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2011/01/13 01:22:13 | 000,000,000 | ---D | M] -- C:\Program Files\vShare
[2005/05/14 17:10:40 | 000,000,000 | ---D | M] -- C:\Program Files\Winamp
[2008/09/24 18:25:52 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/09/24 18:25:50 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2005/05/14 22:17:57 | 000,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate
[2005/05/14 15:36:43 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2011/01/09 23:21:47 | 000,000,000 | ---D | M] -- C:\Program Files\Xvid
[2005/08/08 19:22:12 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!

< %appdata%\*.* >
[2005/08/08 19:22:14 | 000,001,212 | ---- | M] () -- C:\Documents and Settings\Roz Werner\Application Data\AdobeDLM.log
[2005/05/14 11:06:02 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Roz Werner\Application Data\desktop.ini
[2005/08/08 19:22:14 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Roz Werner\Application Data\dm.ini


< MD5 for: AGP440.SYS >
[2004/08/12 10:06:15 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/09/24 18:11:44 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/09/24 18:11:44 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 14:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/12 10:06:15 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/09/24 18:11:44 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/09/24 18:11:44 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 14:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/12 09:55:51 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/12 10:06:15 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2008/09/24 18:11:44 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2008/09/24 18:11:44 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/12 09:56:54 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 14:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 20:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/12 09:57:17 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: IASTOR.SYS >
[2004/08/12 10:11:50 | 000,467,200 | ---- | M] (Intel Corporation) MD5=F26BFD48B1C314E0F23BF77ACFA75940 -- C:\WINDOWS\dell\iastor\iastor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 20:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/12 10:02:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: SCECLI.DLL >
[2004/08/12 10:04:44 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 20:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: USBSTOR.SYS >
[2004/08/12 10:06:15 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbstor.sys
[2008/09/24 18:11:44 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:usbstor.sys
[2008/09/24 18:11:44 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:usbstor.sys
[2004/08/12 10:08:05 | 000,026,496 | ---- | M] (Microsoft Corporation) MD5=6CD7B22193718F1D17A47A1CD6D37E75 -- C:\WINDOWS\$NtServicePackUninstall$\usbstor.sys
[2008/04/13 14:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\ServicePackFiles\i386\usbstor.sys
[2008/04/13 14:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) MD5=A32426D9B14A089EAA1D922E0C5801A9 -- C:\WINDOWS\system32\drivers\usbstor.sys

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-04-27 07:02:29

< End of report >

OTL Extras logfile created on: 5/9/2011 12:31:10 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\DOCUME~1\ROZWER~1\MYDOCU~1\DOWNLO~1
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

510.00 Mb Total Physical Memory | 371.00 Mb Available Physical Memory | 73.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 92.00% Paging File free
Paging file location(s): c:\pagefile.sys 576 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\PROGRA~1
Drive C: | 149.04 Gb Total Space | 133.25 Gb Free Space | 89.41% Space Free | Partition Type: NTFS

Computer Name: WIZARDOFROZ | User Name: Roz Werner | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\Winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirstRunDisabled" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Documents and Settings\Roz Werner\Desktop\FrostWire\FrostWire.exe" = C:\Documents and Settings\Roz Werner\Desktop\FrostWire\FrostWire.exe:*:Enabled:FrostWire


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{1DF3D393-2167-40B5-B9FA-EABFF7CFAA76}" = Brother HL-2140
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{736550DC-6C0D-41B2-8C74-57FE57F8346C}" = TaxWise 2006
"{764D06D8-D8DE-411E-A1C8-D9E9380F8A84}" = Microsoft Works 7.0
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7CF31609-270B-11D6-9445-000102308676}" = Java 2 Runtime Environment, SE v1.4.0_01
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CE26F10F-C80F-4377-908B-1B7882AE2CE3}" = Crystal Reports Basic Runtime for Visual Studio 2008
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint
"{D78653C3-A8FF-415F-92E6-D774E634FF2D}" = Dell ResourceCD
"{E2F06576-226D-4F4E-B162-0583509760BA}" = TaxWise Workstation
"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F413B69D-4AD6-42AB-AEA5-0548989FAD50}" = Norton 360
"{F7558F8A-1448-482F-9919-1F96B0234727}" = TaxWise Workstation
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FDC634DB-D711-434A-9224-1961ABF62D6D}" = TaxWise 2006 WorkStation
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AdobeESD" = Adobe Download Manager 2.0 (Remove Only)
"Advanced Searchbar for Windows" = Advanced Searchbar for Windows
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Java Web Start" = Java Web Start
"LimeWire" = LimeWire 5.5.16
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Move Networks Player_is1" = Move Networks Player for Internet Explorer
"Mozilla Firefox (3.6.17)" = Mozilla Firefox (3.6.17)
"NeroMultiInstaller!UninstallKey" = Nero Suite
"Netscape (7.2)" = Netscape (7.2)
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NSS" = Norton Security Scan
"RealPlayer 6.0" = RealPlayer Basic
"ST6UNST #1" = Tax Relief 1040 2000
"ViewpointMediaPlayer" = Viewpoint Media Player (Remove Only)
"vShare" = vShare Plugin
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WETCable" = Windows Easy Transfer
"Winamp" = Winamp (remove only)
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"winusb0100" = Microsoft WinUsb 1.0
"Xvid_is1" = Xvid 1.2.1 final uninstall
"Yahoo! Companion" = Yahoo! Toolbar

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/9/2011 3:39:54 PM | Computer Name = WIZARDOFROZ | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: The specified server cannot perform the requested operation.

Error - 4/9/2011 3:43:24 PM | Computer Name = WIZARDOFROZ | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: This operation returned because the timeout period expired.

Error - 4/14/2011 12:51:42 AM | Computer Name = WIZARDOFROZ | Source = Ci | ID = 4118
Description = A content scan could not be completed on 2.0.0.0__b03f5f7f11d50a3a.

Error - 4/21/2011 12:48:39 AM | Computer Name = WIZARDOFROZ | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.4095, faulting
module ntdll.dll, version 5.1.2600.6055, fault address 0x0000100b.

Error - 4/30/2011 1:48:52 PM | Computer Name = WIZARDOFROZ | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.17096, faulting
module limewi~3.dll, version 6.0.0.1000, fault address 0x0005d58d.

Error - 4/30/2011 1:49:51 PM | Computer Name = WIZARDOFROZ | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.17096, faulting
module limewi~3.dll, version 6.0.0.1000, fault address 0x0005d58d.

Error - 4/30/2011 1:52:21 PM | Computer Name = WIZARDOFROZ | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.17096, faulting
module limewi~3.dll, version 6.0.0.1000, fault address 0x0005d58d.

Error - 5/3/2011 1:26:50 AM | Computer Name = WIZARDOFROZ | Source = Application Hang | ID = 1002
Description = Hanging application POWERPNT.EXE, version 11.0.8334.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 5/3/2011 6:27:57 PM | Computer Name = WIZARDOFROZ | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.17096, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 5/3/2011 6:28:51 PM | Computer Name = WIZARDOFROZ | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 7.0.6000.17096, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

[ System Events ]
Error - 5/8/2011 11:39:09 PM | Computer Name = WIZARDOFROZ | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 5/8/2011 11:46:28 PM | Computer Name = WIZARDOFROZ | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 5/8/2011 11:49:13 PM | Computer Name = WIZARDOFROZ | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 5/8/2011 11:55:39 PM | Computer Name = WIZARDOFROZ | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 5/8/2011 11:59:20 PM | Computer Name = WIZARDOFROZ | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 5/9/2011 12:03:17 AM | Computer Name = WIZARDOFROZ | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service EventSystem
with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 5/9/2011 12:04:00 AM | Computer Name = WIZARDOFROZ | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
eeCtrl Fips intelppm OMCI

Error - 5/9/2011 12:10:51 AM | Computer Name = WIZARDOFROZ | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 5/9/2011 12:22:07 AM | Computer Name = WIZARDOFROZ | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 5/9/2011 12:26:44 AM | Computer Name = WIZARDOFROZ | Source = DCOM | ID = 10005
Description = DCOM got error "%1084" attempting to start the service StiSvc with
arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}


< End of report >

devls9330

Newbie Surfer
Newbie Surfer

Posts : 7
Joined : 2011-05-09
Operating System : Windows XP

View user profile

Back to top Go down

Re: Severe computer problems

Post by Belahzur on Tue 10 May 2011, 6:37 am

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


Post the contents of the MBAM Log.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

mbam log

Post by devls9330 on Tue 10 May 2011, 3:59 pm

Malwarebytes' Anti-Malware 1.50.1.1100
[You must be registered and logged in to see this link.]

Database version: 6543

Windows 5.1.2600 Service Pack 3 (Safe Mode)
Internet Explorer 7.0.5730.11

5/10/2011 12:56:03 AM
mbam-log-2011-05-10 (00-56-03).txt

Scan type: Quick scan
Objects scanned: 158560
Time elapsed: 4 minute(s), 9 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

devls9330

Newbie Surfer
Newbie Surfer

Posts : 7
Joined : 2011-05-09
Operating System : Windows XP

View user profile

Back to top Go down

Re: Severe computer problems

Post by Belahzur on Wed 11 May 2011, 1:45 am

Hello.

  • Download combofix from here
    Link 1

    1. If you are using Firefox, make sure that your download settings are as follows:

    * Tools->Options->Main tab
    * Set to "Always ask me where to Save the files".

    2. During the download, rename Combofix to Combo-Fix as follows:





    3. It is important you rename Combofix during the download, but not after.
    4. Please do not rename Combofix to other names, but only to the one indicated.
    5. Close any open browsers.
    6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

  • We need to disable your local AV (Anti-virus) before running Combofix.
  • See HERE for how to disable your AV.
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • ComboFix will check to see if the Microsoft Windows Recovery Console is installed.
    ***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.


  • The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.



  • Allow ComboFix to download the Recovery Console.
  • Accept the End-User License Agreement.
  • The Recovery Console will be installed.
  • You will then get this next prompt that asks if you want to continue the malware scan, select yes



  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

ComboFix Log

Post by devls9330 on Wed 11 May 2011, 9:40 am

ComboFix 11-05-09.04 - Roz Werner 05/10/2011 18:23:18.1.1 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.246 [GMT -4:00]
Running from: c:\documents and settings\Roz Werner\Desktop\Combo-Fix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\iJ01803PiKeO01803
c:\documents and settings\All Users\Application Data\iJ01803PiKeO01803\iJ01803PiKeO01803
c:\documents and settings\All Users\Application Data\iJ01803PiKeO01803\iJ01803PiKeO01803.exe
c:\windows\ST6UNST.000
c:\windows\system32\drivers\4e722e7f79dfd3eb.sys
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_4e722e7f79dfd3eb
-------\Service_4e722e7f79dfd3eb
.
.
((((((((((((((((((((((((( Files Created from 2011-04-10 to 2011-05-10 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-07 05:33 . 2005-05-14 19:33 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:45 . 2004-08-12 14:08 434176 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21 . 2004-08-12 14:09 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-17 19:00 . 2004-08-12 14:09 832512 ----a-w- c:\windows\system32\wininet.dll
2011-02-17 19:00 . 2009-02-20 18:09 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-02-17 19:00 . 2004-08-12 13:58 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2011-02-17 19:00 . 2004-08-12 13:56 17408 ----a-w- c:\windows\system32\corpol.dll
2011-02-17 13:18 . 2004-08-12 14:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2004-08-12 14:06 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:32 . 2009-04-18 14:09 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-17 11:44 . 2009-02-20 10:21 389120 ----a-w- c:\windows\system32\html.iec
2011-02-15 12:56 . 2004-08-12 13:55 290432 ----a-w- c:\windows\system32\atmfd.dll
2007-12-04 01:52 . 2006-12-13 13:30 63839744 ----a-w- c:\program files\Common Files\TaxWise Workstation.msi
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-02-01 23:17 1487240 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-02-01 1487240]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcctMgr
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GhostStartTrayApp
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSC_UserPrompt
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
c:\windows\system32\dumprep 0 -u [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Mozilla Quick Launch]
2004-08-04 20:41 526224 ----a-w- c:\program files\Netscape\Netscape\Netscp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 15:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
2005-05-14 21:10 26112 ----a-w- c:\program files\Real\RealPlayer\realplay.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2002-04-26 17:53 12288 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
S3 CFcatchme;CFcatchme;\??\c:\combo-fix\CFcatchme.sys --> c:\combo-fix\CFcatchme.sys [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [1/13/2011 1:26 AM 38224]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [1/15/2010 8:49 AM 227232]
S3 USBNET;Instant Wireless USB Network Adapter ver.2.6 Driver;c:\windows\system32\drivers\vnetusbl.sys [5/19/2005 1:53 PM 107648]
S3 USBNET_XP;Instant Wireless XP USB Network Adapter ver.2.6 Driver;c:\windows\system32\drivers\netusbxp.sys [5/14/2005 3:53 PM 72576]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - eeCtrl
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-06 c:\windows\Tasks\Norton Security Scan for Administrator.job
- c:\progra~1\NORTON~2\Engine\300~1.103\Nss.exe [2011-01-27 01:15]
.
2011-05-06 c:\windows\Tasks\Norton Security Scan for Roz Werner.job
- c:\progra~1\NORTON~2\Engine\300~1.103\Nss.exe [2011-01-27 01:15]
.
2011-05-07 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-02-01 23:17]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uSearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride =
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Roz Werner\Application Data\Mozilla\Firefox\Profiles\kk0mw2zi.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: keyword.URL - [You must be registered and logged in to see this link.]
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: LimeWire Toolbar: [You must be registered and logged in to see this link.] - %profile%\extensions\toolbar@ask.com
FF - Ext: vShare: vshareus@toolbar - %profile%\extensions\vshareus@toolbar
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-RoboForm - c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
AddRemove-LimeWire - c:\program files\LimeWire\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2011-05-10 18:30
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(1200)
c:\windows\system32\WININET.dll
c:\windows\system32\IEFRAME.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2011-05-10 18:37:11 - machine was rebooted
ComboFix-quarantined-files.txt 2011-05-10 22:37
.
Pre-Run: 142,971,842,560 bytes free
Post-Run: 142,908,321,792 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /noexecute=optin
.
- - End Of File - - BCEAAF534D450FB24A824CF58ACC7CE3

devls9330

Newbie Surfer
Newbie Surfer

Posts : 7
Joined : 2011-05-09
Operating System : Windows XP

View user profile

Back to top Go down

Re: Severe computer problems

Post by Belahzur on Wed 11 May 2011, 10:20 am

Hello.

I see that you are running Limewire.
P2P(Peer to peer) applications are designed to help you easily share and distribute files between you and a group of people. But they can also be used to distribute malware, and thus are not considered safe.
The removal of these programs is optional, but highly recommended.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

    Adobe Reader 9.2
    Ask Toolbar
    Java(TM) SE Runtime Environment 6 Update 1
    Java(TM) 6 Update 3
    Java(TM) 6 Update 5
    Java(TM) 6 Update 7
    Java 2 Runtime Environment, SE v1.4.0_01
    LimeWire 5.5.16
    Viewpoint Media Player (Remove Only)

Run ESET Online Scan
Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Severe computer problems

Post by devls9330 on Sat 14 May 2011, 11:35 am

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=7.00.6000.17096 (vista_gdr.110211-1830)
# OnlineScanner.ocx=1.0.0.6427
# api_version=3.0.2
# EOSSerial=76603bf30402b549b9d33c5e2dd2a4a1
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-05-14 12:14:00
# local_time=2011-05-13 08:14:00 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=50607
# found=6
# cleaned=6
# scan_time=1956
C:\Documents and Settings\Roz Werner\Application Data\vShare\cache\65dd8c423d2427b4.fb Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Roz Werner\Application Data\vShare\cache\65dd8c423d2427b4__exp__1294967877 Win32/Adware.SpywareProtect2009 application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Setup downloaded pgms\registryfix.exe a variant of Win32/Adware.ErrorClean application (deleted - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{399D0C56-6C0F-4818-913C-3FC24C491F76}\RP694\A0158523.exe a variant of Win32/Kryptik.NJA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{399D0C56-6C0F-4818-913C-3FC24C491F76}\RP705\A0159364.exe a variant of Win32/Adware.ErrorClean application (deleted - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\Windows Update Setup Files\include.EXE probably a variant of Win32/Adware.Toolbar.Eztracks application (deleted - quarantined) 00000000000000000000000000000000 C

devls9330

Newbie Surfer
Newbie Surfer

Posts : 7
Joined : 2011-05-09
Operating System : Windows XP

View user profile

Back to top Go down

Re: Severe computer problems

Post by Belahzur on Sun 15 May 2011, 2:47 am

Hello.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

    Adobe Reader 9.2
    Ask Toolbar
    Java 2 Runtime Environment, SE v1.4.0_01
    Java(TM) SE Runtime Environment 6 Update 1
    Java(TM) 6 Update 3
    Java(TM) 6 Update 5
    Java(TM) 6 Update 7
    LimeWire 5.5.16
    Viewpoint Media Player (Remove Only)

Updating Java:

  • Download the latest version of Java SE Runtime Environment (JRE) 6 Update 25.
  • Click the "Download JRE" button to the right.
  • In the Window that opens, select your platform, check the "agree" box, and click Continue.
  • Click on the link to download Windows Offline Installation and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Then from your desktop double-click on jre-6u25-windows-i586.exe that you downloaded to install the newest version.

Please download Firefox 4.0.1 and install it. It will install over version 3.6.13 you currently have installed, so you won't lose any bookmarked websites.

Then download and install Adobe Reader X

How is the machine running now?


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: Severe computer problems

Post by Sponsored content Today at 6:08 pm


Sponsored content


Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum