[Closed] Waiting for About : Blank, Pages load very slow

Welcome to your place for tech questions! ( Log In or Join today ) Get answers from experts today. (it's 100% free) Virus removal forum

What the Tech > Spyware / Malware / Virus Removal > Virus, Spyware & Malware Removal

2 Pages

1 2 >

[Closed] Waiting for About : Blank, Pages load very slow

Options

mojomojo View Member Profile	Mar 2 2010, 05:44 PM Post #1
New Member Group: Authentic Member Posts: 9 Joined: 2-March 10 Member No.: 91,128 Operating System: Windows XP PRO SP3	Recently I realize my pages load very, very slowly, clicking on links seem to need to click twice...clicking it the first time seems like nothing happening. On the bottom left hand corner of the status bar, I frequently see ( waiting about : Blank ), then it would have another stuff like ( downloading from adyieldmanager, adserver, etc. ), everything flashes by very quick on the lower left hand corner when pages load. Tried scanning computer with Malware and Symantec Antivirus and it doesn't find anything, but I suspect there is something because before pages load a lot faster. I am using IE8 and also tried Firefox, both has the same About : Blank on the lower left hand corner. Can someone please help. Thanks in advance.

ken545 View Member Profile	Mar 4 2010, 04:15 PM Post #2
Forum God Group: Classroom Teacher Posts: 18,751 Joined: 3-December 04 From: Stamford, Connecticut Member No.: 19,436 Operating System: Win 7 Ultimate Win Xp Home SP3	Backup Your Registry with ERUNT: Download erunt.zip to your Desktop from here: http://aumha.org/downloads/erunt.zip Right-click erunt.zip, select Extract All... and follow the prompts to extract ERUNT to a new folder on your Desktop Inside the new folder, double-click ERUNT.exe to start the program OK all the prompts to back up your registry to the default location. Note: to restore your registry, go to the backup folder and start ERDNT.exe Please download RootRepeal from one of these locations and save it to your desktop Here Here Here Open on your desktop. Click the tab. Click the button. Check just these boxes: Push Ok Check the box for your main system drive (Usually C:, and press Ok. Allow RootRepeal to run a scan of your system. This may take some time. Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your post. Download random's system information tool (RSIT) by random/random from here and save it to your desktop. Double click on RSIT.exe to run RSIT. Click Continue at the disclaimer screen. Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

mojomojo View Member Profile	Mar 8 2010, 02:02 AM Post #3
New Member Group: Authentic Member Posts: 9 Joined: 2-March 10 Member No.: 91,128 Operating System: Windows XP PRO SP3	Hi, here are the reports, thanks in advance. ROOTREPEAL © AD, 2007-2009 ================================================== Scan Start Time: 2010/03/07 23:56 Program Version: Version 1.3.5.0 Windows Version: Windows XP SP3 ================================================== Drivers ------------------- Name: dump_iastor.sys Image Path: C:\WINDOWS\System32\Drivers\dump_iastor.sys Address: 0x9ABA4000 Size: 851968 File Visible: No Signed: - Status: - Name: rootrepeal.sys Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys Address: 0x95D88000 Size: 49152 File Visible: No Signed: - Status: - SSDT ------------------- #: 012 Function Name: NtAlertResumeThread Status: Hooked by "<unknown>" at address 0x890e6098 #: 013 Function Name: NtAlertThread Status: Hooked by "<unknown>" at address 0x88c307f0 #: 017 Function Name: NtAllocateVirtualMemory Status: Hooked by "<unknown>" at address 0x893979d8 #: 031 Function Name: NtConnectPort Status: Hooked by "<unknown>" at address 0x89383df0 #: 043 Function Name: NtCreateMutant Status: Hooked by "<unknown>" at address 0x890c7aa8 #: 053 Function Name: NtCreateThread Status: Hooked by "<unknown>" at address 0x89364248 #: 065 Function Name: NtDeleteValueKey Status: Hooked by "C:\Program Files\Symantec\SYMEVENT.SYS" at address 0x9eb99350 #: 083 Function Name: NtFreeVirtualMemory Status: Hooked by "<unknown>" at address 0x892e2008 #: 089 Function Name: NtImpersonateAnonymousToken Status: Hooked by "<unknown>" at address 0x890c4b98 #: 091 Function Name: NtImpersonateThread Status: Hooked by "<unknown>" at address 0x8933a1c0 #: 108 Function Name: NtMapViewOfSection Status: Hooked by "<unknown>" at address 0x89340160 #: 114 Function Name: NtOpenEvent Status: Hooked by "<unknown>" at address 0x890dd3f0 #: 123 Function Name: NtOpenProcessToken Status: Hooked by "<unknown>" at address 0x892e68a0 #: 129 Function Name: NtOpenThreadToken Status: Hooked by "<unknown>" at address 0x892fa9e8 #: 177 Function Name: NtQueryValueKey Status: Hooked by "<unknown>" at address 0x893943e8 #: 206 Function Name: NtResumeThread Status: Hooked by "<unknown>" at address 0x89e29d28 #: 213 Function Name: NtSetContextThread Status: Hooked by "<unknown>" at address 0x891bd790 #: 228 Function Name: NtSetInformationProcess Status: Hooked by "<unknown>" at address 0x89372098 #: 229 Function Name: NtSetInformationThread Status: Hooked by "<unknown>" at address 0x890ed3b8 #: 247 Function Name: NtSetValueKey Status: Hooked by "C:\Program Files\Symantec\SYMEVENT.SYS" at address 0x9eb99580 #: 253 Function Name: NtSuspendProcess Status: Hooked by "<unknown>" at address 0x890eb6d0 #: 254 Function Name: NtSuspendThread Status: Hooked by "<unknown>" at address 0x891472b8 #: 257 Function Name: NtTerminateProcess Status: Hooked by "<unknown>" at address 0x89243510 #: 258 Function Name: NtTerminateThread Status: Hooked by "<unknown>" at address 0x890bd958 #: 267 Function Name: NtUnmapViewOfSection Status: Hooked by "<unknown>" at address 0x89388678 #: 277 Function Name: NtWriteVirtualMemory Status: Hooked by "<unknown>" at address 0x893973a0 ==EOF== info.txt logfile of random's system information tool 1.06 2010-03-07 23:58:26 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Acrobat 7.0 Professional-->msiexec /I {AC76BA86-1033-0000-7760-000000000002} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe AIM 7-->C:\Program Files\AIM\uninst.exe ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean Belkin 54Mbps Wireless Network Adapter-->C:\Program Files\InstallShield Installation Information\{F3759A9F-7AFA-4FB4-8DF1-53F26B979DEE}\setup.exe -runfromtemp -l0x0009 -removeonly ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe" High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" Hotfix for Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe" HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat HP Officejet Pro All-In-One Series-->C:\Program Files\HP\Digital Imaging\{7729A02E-D1AD-4830-8FC5-11853500D90D}\setup\hpzscr01.exe -datfile hpwscr05.dat HP Photosmart Essential-->MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F} HP Software Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E} HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat Intel® PRO Network Connections Drivers-->Prounstl.exe LiveUpdate 3.1 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U Macromedia Dreamweaver 8-->MsiExec.exe /I{0837A661-FEC3-48B3-876C-91E7D32048A9} Macromedia Extension Manager-->MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Mozilla Firefox (3.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MPM-->MsiExec.exe /X{D48AD533-BAD5-469B-A9AA-272C6D80E70B} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} OCR Software by I.R.I.S 7.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat Quicken 2010-->MsiExec.exe /X{CCF6F57B-F6B4-4508-BF45-63AAC9DE416A} Real Alternative 1.9.0-->"C:\Program Files\Real Alternative\unins000.exe" Roxio Activation Module-->MsiExec.exe /I{07159635-9DFE-4105-BFC0-2817DB540C68} Roxio Creator Audio-->MsiExec.exe /I{83FFCFC7-88C6-41C6-8752-958A45325C82} Roxio Creator Copy-->MsiExec.exe /I{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048} Roxio Creator Data-->MsiExec.exe /I{0D397393-9B50-4C52-84D5-77E344289F87} Roxio Creator DE-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C} Roxio Creator Tools-->MsiExec.exe /I{0394CDC8-FABD-4ED8-B104-03393876DFDF} Roxio Drag-to-Disc-->MsiExec.exe /I{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668} Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E} Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe" Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Security Update for Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe" Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe" Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe" Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Sonic CinePlayer Decoder Pack-->MsiExec.exe /I{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B} SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x9 -removeonly Symantec AntiVirus-->MsiExec.exe /I{33CFCF98-F8D6-4549-B469-6F4295676D83} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe" Update for Windows Internet Explorer 8 (KB978506)-->"C:\WINDOWS\ie8updates\KB978506-IE8\spuninst\spuninst.exe" Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Update for Windows XP (KB978207)-->"C:\WINDOWS\$NtUninstallKB978207$\spuninst\spuninst.exe" Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" ======Hosts File====== 192.168.0.167 HP001E0BF69F8D ======Security center information====== AV: Symantec AntiVirus Corporate Edition ======System event log====== Computer Name: PRE Event Code: 1003 Message: Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001150C18AA4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. Record Number: 514 Source Name: Dhcp Time Written: 20100207234616.000000-480 Event Type: warning User: Computer Name: PRE Event Code: 27 Message: Intel® 82566DM-2 Gigabit Network Connection Link has been disconnected. Record Number: 495 Source Name: e1express Time Written: 20100207234153.000000-480 Event Type: warning User: Computer Name: PRE Event Code: 20 Message: Printer Driver Samsung ML-1740 Series for Windows NT x86 Version-3 was added or updated. Files:- ssgb6.DLL, ssgb6ui.DLL, ssgb6.DLL, ssgb6SU.DLL, ssgb6UM.DLL, ssgb6en.DAT, ssgb6en.HLP, ssgb6en.HIN, ssgb6kr.DAT, ssgb6kr.HLP, ssgb6kr.HIN, ssgb6ct.DAT, ssgb6ct.HLP, ssgb6ct.HIN, ssgb6fn.DAT, ssgb6fn.HLP, ssgb6fn.HIN, ssgb6gr.DAT, ssgb6gr.HLP, ssgb6gr.HIN, ssgb6ru.DAT, ssgb6ru.HLP, ssgb6ru.HIN, ssgb6sp.DAT, ssgb6sp.HLP, ssgb6sp.HIN, ssgb6cp.DAT, ssgb6cp.HLP, ssgb6cp.HIN, ssgb6dt.DAT, ssgb6dt.HLP, ssgb6dt.HIN, ssgb6nr.DAT, ssgb6nr.HLP, ssgb6nr.HIN, ssgb6it.DAT, ssgb6it.HLP, ssgb6it.HIN, ssgb6pt.DAT, ssgb6pt.HLP, ssgb6pt.HIN, ssgb6sw.DAT, ssgb6sw.HLP, ssgb6sw.HIN, ssgb6dn.DAT, ssgb6dn.HLp, ssgb6dn.HIN, ssgb6fi.DAT, ssgb6fi.HLP, ssgb6fi.HIN, ssgb6hu.DAT, ssgb6hu.HLP, ssgb6hu.HIN, ssgb6po.DAT, ssgb6po.HLP, ssgb6po.HIN, ssgb6.VER. Record Number: 403 Source Name: Print Time Written: 20100207233203.000000-480 Event Type: warning User: NT AUTHORITY\SYSTEM Computer Name: PRE Event Code: 20 Message: Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 7 for Windows XP. Record Number: 369 Source Name: Windows Update Agent Time Written: 20100207232742.000000-480 Event Type: error User: Computer Name: PRE Event Code: 20 Message: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 8 for Windows XP. Record Number: 298 Source Name: Windows Update Agent Time Written: 20100207232322.000000-480 Event Type: error User: =====Application event log===== Computer Name: PRE Event Code: 1517 Message: Windows saved user PRE\jzeng registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account. Record Number: 835 Source Name: Userenv Time Written: 20100211193532.000000-480 Event Type: warning User: NT AUTHORITY\SYSTEM Computer Name: PRE Event Code: 1517 Message: Windows saved user PRE\jzeng registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account. Record Number: 826 Source Name: Userenv Time Written: 20100211192540.000000-480 Event Type: warning User: NT AUTHORITY\SYSTEM Computer Name: PRE Event Code: 1004 Message: Faulting application svchost.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x00dc5759. Record Number: 662 Source Name: Application Error Time Written: 20100210100526.000000-480 Event Type: error User: Computer Name: PRE Event Code: 1004 Message: Faulting application svchost.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x00dc5759. Record Number: 661 Source Name: Application Error Time Written: 20100210100519.000000-480 Event Type: error User: Computer Name: PRE Event Code: 1000 Message: Faulting application svchost.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x00dc5759. Record Number: 418 Source Name: Application Error Time Written: 20100209104700.000000-480 Event Type: error User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel "PROCESSOR_REVISION"=0f0b "NUMBER_OF_PROCESSORS"=4 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\ -----------------EOF----------------- Logfile of random's system information tool 1.06 (written by random/random) Run by jzeng at 2010-03-07 23:58:22 Microsoft Windows XP Professional Service Pack 3 System drive C: has 229 GB (96%) free of 238 GB Total RAM: 2014 MB (67% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:58:24 PM, on 3/7/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\Program Files\AIM\aim.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\jzeng\Desktop\whatthetech\RSIT.exe C:\Program Files\Trend Micro\HijackThis\jzeng.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [F5D7050v3] C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKCU\..\Run: [Aim] "C:\Program Files\AIM\aim.exe" /d locale=en-US O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- End of file - 5987 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280] Locked [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-06-22 1044480] "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-03 208952] "MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-03 59392] "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168] "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168] "F5D7050v3"=C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe [2007-10-30 1654784] "Acrobat Assistant 7.0"=C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2004-12-14 483328] ""= [] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152] "ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-07-19 52896] "vptray"=C:\PROGRA~1\SYMANT~1\VPTray.exe [2006-09-27 125168] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Aim"=C:\Program Files\AIM\aim.exe [2009-12-01 3951976] "ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-09-11 218032] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] C:\Documents and Settings\All Users\Start Menu\Programs\Startup Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2009-05-16 155648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon] C:\WINDOWS\system32\NavLogon.dll [2006-09-27 43760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=255 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000" "C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe::Enabled:AIM" "D:\setup\HPZNET01.EXE"="D:\setup\HPZNET01.EXE::Enabled:hpznet01.exe" "D:\setup\HPONICIFS01.EXE"="D:\setup\HPONICIFS01.EXE::Enabled:hponicifs01.exe" "C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe::Enabled:Spooler SubSystem App" "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe::Enabled:hpqtra08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe::Enabled:hpqste08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe::Enabled:hpofxm08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe::Enabled:hposfx08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe::Enabled:hposid01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe::Enabled:hpqscnvw.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe::Enabled:hpqkygrp.exe" "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe::Enabled:hpzwiz01.exe" "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe::Enabled:hpqphunl.exe" "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe::Enabled:hpqdia.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe::Enabled:hpqnrs08.exe" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" ======File associations====== .js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" ======List of files/folders created in the last 1 months====== 2010-03-07 23:58:22 ----D---- C:\rsit 2010-03-07 23:56:42 ----A---- C:\RootRepeal report 03-07-10 (23-56-42).txt 2010-03-07 23:55:58 ----A---- C:\RootRepeal report 03-07-10 (23-55-58).txt 2010-03-01 23:12:00 ----D---- C:\Documents and Settings\jzeng\Application Data\Malwarebytes 2010-03-01 23:11:56 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-03-01 23:11:55 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-03-01 23:10:12 ----D---- C:\WINDOWS\ERDNT 2010-03-01 23:09:14 ----D---- C:\Program Files\ERUNT 2010-02-23 23:43:27 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$ 2010-02-18 22:30:18 ----D---- C:\Program Files\Trend Micro 2010-02-15 23:14:32 ----D---- C:\Documents and Settings\All Users\Application Data\NOS 2010-02-15 17:12:42 ----A---- C:\WINDOWS\system32\ptpusb.dll 2010-02-15 17:12:41 ----A---- C:\WINDOWS\system32\ptpusd.dll 2010-02-11 19:16:51 ----D---- C:\WINDOWS\ie8updates 2010-02-11 19:16:33 ----D---- C:\WINDOWS\WBEM 2010-02-11 19:16:20 ----HDC---- C:\WINDOWS\ie8 2010-02-11 00:10:11 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$ 2010-02-11 00:10:08 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$ 2010-02-11 00:10:04 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$ 2010-02-11 00:09:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$ 2010-02-11 00:09:56 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$ 2010-02-11 00:09:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$ 2010-02-11 00:09:46 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$ 2010-02-11 00:09:41 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$ 2010-02-11 00:09:33 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$ 2010-02-10 22:35:47 ----A---- C:\WINDOWS\vpc32.INI 2010-02-10 22:31:42 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL 2010-02-10 22:31:26 ----A---- C:\WINDOWS\system32\capicom.dll 2010-02-10 22:31:25 ----D---- C:\Program Files\Symantec 2010-02-10 22:31:19 ----D---- C:\Program Files\Symantec AntiVirus 2010-02-10 22:31:19 ----D---- C:\Program Files\Common Files\Symantec Shared 2010-02-10 22:31:19 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec 2010-02-09 00:12:05 ----D---- C:\Program Files\MSXML 4.0 2010-02-09 00:10:29 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$ 2010-02-09 00:05:04 ----D---- C:\WINDOWS\system32\XPSViewer 2010-02-09 00:05:01 ----D---- C:\Program Files\MSBuild 2010-02-09 00:04:55 ----D---- C:\Program Files\Reference Assemblies 2010-02-09 00:04:40 ----N---- C:\WINDOWS\system32\xpssvcs.dll 2010-02-09 00:04:40 ----N---- C:\WINDOWS\system32\xpsshhdr.dll 2010-02-09 00:04:40 ----N---- C:\WINDOWS\system32\prntvpt.dll 2010-02-09 00:04:39 ----D---- C:\bbd1254a65b9d9e6a093f6dc 2010-02-08 17:37:45 ----D---- C:\Documents and Settings\jzeng\Application Data\HP 2010-02-08 17:35:58 ----D---- C:\Documents and Settings\All Users\Application Data\HP 2010-02-08 17:33:46 ----D---- C:\Program Files\Common Files\HP 2010-02-08 17:33:08 ----D---- C:\Program Files\Hewlett-Packard 2010-02-08 17:33:08 ----D---- C:\Program Files\Common Files\Hewlett-Packard 2010-02-08 17:32:27 ----RA---- C:\WINDOWS\system32\HPZc3212.dll 2010-02-08 17:32:27 ----RA---- C:\WINDOWS\system32\hpwwiax1.dll 2010-02-08 17:32:27 ----RA---- C:\WINDOWS\system32\hpwtiop1.dll 2010-02-08 17:32:27 ----RA---- C:\WINDOWS\system32\hpovst09.dll 2010-02-08 17:32:11 ----RA---- C:\WINDOWS\system32\hpzids01.dll 2010-02-08 17:32:11 ----A---- C:\WINDOWS\system32\hpz3l4sa.dll 2010-02-08 17:32:02 ----A---- C:\WINDOWS\system32\AddPort.ini 2010-02-08 17:31:01 ----A---- C:\WINDOWS\hpntwksetup.ini 2010-02-08 17:30:44 ----D---- C:\TEMP 2010-02-08 17:29:36 ----D---- C:\WINDOWS\carrier 2010-02-08 17:29:22 ----HD---- C:\Config.Msi 2010-02-08 17:29:12 ----D---- C:\Program Files\HP 2010-02-08 17:25:28 ----D---- C:\Documents and Settings\All Users\Application Data\Uninstall 2010-02-08 17:24:57 ----A---- C:\WINDOWS\wininit.ini 2010-02-08 17:24:51 ----D---- C:\Program Files\Common Files\SureThing Shared 2010-02-08 17:24:32 ----D---- C:\Documents and Settings\All Users\Application Data\Sonic 2010-02-08 17:24:28 ----D---- C:\Program Files\Common Files\Sonic Shared 2010-02-08 17:24:10 ----D---- C:\Program Files\Common Files\Roxio Shared 2010-02-08 17:24:07 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield 2010-02-08 17:24:06 ----D---- C:\Program Files\Roxio 2010-02-08 17:22:13 ----D---- C:\Program Files\Common Files\Config 2010-02-08 17:22:10 ----D---- C:\Program Files\Common Files\Inet 2010-02-08 17:17:16 ----A---- C:\WINDOWS\system32\cdintf400.dll 2010-02-08 17:17:01 ----D---- C:\Program Files\Common Files\Intuit 2010-02-08 17:16:54 ----D---- C:\Program Files\Quicken 2010-02-08 17:16:54 ----D---- C:\Documents and Settings\jzeng\Application Data\Intuit 2010-02-08 17:16:47 ----A---- C:\WINDOWS\QUICKEN.INI 2010-02-08 17:15:14 ----D---- C:\Documents and Settings\All Users\Application Data\Intuit 2010-02-08 10:54:37 ----D---- C:\Documents and Settings\jzeng\Application Data\acccore 2010-02-08 10:54:31 ----D---- C:\Documents and Settings\All Users\Application Data\AIM 2010-02-08 10:54:29 ----D---- C:\Program Files\Common Files\AOL 2010-02-08 10:54:29 ----D---- C:\Program Files\AIM 2010-02-08 10:52:25 ----D---- C:\Documents and Settings\jzeng\Application Data\Mozilla 2010-02-08 10:52:19 ----D---- C:\Program Files\Mozilla Firefox ======List of files/folders modified in the last 1 months====== 2010-03-07 23:56:12 ----D---- C:\WINDOWS\system32\drivers 2010-03-07 23:46:28 ----D---- C:\WINDOWS\Temp 2010-03-07 23:01:13 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-03-07 00:39:50 ----D---- C:\WINDOWS\system32\CatRoot2 2010-03-04 10:49:40 ----D---- C:\WINDOWS\Prefetch 2010-03-02 00:06:09 ----SHD---- C:\WINDOWS\CSC 2010-03-01 23:11:55 ----RD---- C:\Program Files 2010-03-01 23:10:12 ----D---- C:\WINDOWS 2010-03-01 23:06:50 ----D---- C:\WINDOWS\system32 2010-02-25 00:34:06 ----SD---- C:\Documents and Settings\jzeng\Application Data\Microsoft 2010-02-24 17:50:57 ----HD---- C:\WINDOWS\inf 2010-02-23 23:43:37 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-02-23 23:43:34 ----HD---- C:\WINDOWS\$hf_mig$ 2010-02-23 23:43:32 ----A---- C:\WINDOWS\imsins.BAK 2010-02-18 22:17:25 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-02-15 23:12:41 ----D---- C:\Documents and Settings\jzeng\Application Data\Adobe 2010-02-11 19:18:59 ----D---- C:\WINDOWS\Help 2010-02-11 19:18:59 ----D---- C:\Program Files\Internet Explorer 2010-02-11 19:16:36 ----D---- C:\WINDOWS\system32\config 2010-02-11 19:16:33 ----D---- C:\WINDOWS\system32\en-us 2010-02-11 19:16:30 ----D---- C:\WINDOWS\Media 2010-02-10 22:32:09 ----SHD---- C:\WINDOWS\Installer 2010-02-10 22:31:20 ----D---- C:\Program Files\Common Files\Microsoft Shared 2010-02-10 22:31:19 ----D---- C:\Program Files\Common Files 2010-02-10 10:05:45 ----SHD---- C:\System Volume Information 2010-02-10 10:05:45 ----D---- C:\WINDOWS\system32\Restore 2010-02-09 11:23:41 ----D---- C:\WINDOWS\Microsoft.NET 2010-02-09 11:23:40 ----RSD---- C:\WINDOWS\assembly 2010-02-09 00:12:08 ----D---- C:\WINDOWS\WinSxS 2010-02-09 00:11:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-02-09 00:10:42 ----D---- C:\WINDOWS\system32\CatRoot 2010-02-09 00:04:59 ----RSD---- C:\WINDOWS\Fonts 2010-02-09 00:04:50 ----D---- C:\WINDOWS\system32\spool 2010-02-08 19:19:11 ----A---- C:\WINDOWS\ODBC.INI 2010-02-08 17:43:09 ----SHD---- C:\RECYCLER 2010-02-08 17:37:30 ----A---- C:\WINDOWS\win.ini 2010-02-08 17:37:15 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2010-02-08 17:33:10 ----D---- C:\WINDOWS\twain_32 2010-02-08 17:24:07 ----D---- C:\Documents and Settings\jzeng\Application Data\InstallShield 2010-02-08 17:24:06 ----D---- C:\Program Files\Common Files\InstallShield 2010-02-08 17:17:22 ----HD---- C:\Program Files\InstallShield Installation Information 2010-02-08 17:13:42 ----D---- C:\WINDOWS\system32\ReinstallBackups 2010-02-08 10:57:55 ----D---- C:\Documents and Settings ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2007-07-23 30064] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [] R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352] R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592] R1 SAVRT;SAVRT; \??\C:\Program Files\Symantec AntiVirus\savrt.sys [] R1 SAVRTPEL;SAVRTPEL; \??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys [] R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [] R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2006-08-07 195776] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-02-07 20747] R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\Drivers\DLABMFSM.SYS [2007-07-23 37360] R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\Drivers\DLABOIOM.SYS [2007-07-23 32848] R2 DLADResM;DLADResM; C:\WINDOWS\System32\Drivers\DLADResM.SYS [2007-07-23 9104] R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\Drivers\DLAIFS_M.SYS [2007-07-23 108752] R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\Drivers\DLAOPIOM.SYS [2007-07-23 27216] R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\Drivers\DLAPoolM.SYS [2007-07-23 16304] R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\Drivers\DLAUDF_M.SYS [2007-07-23 98448] R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\Drivers\DLAUDFAM.SYS [2007-07-23 93552] R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2007-07-23 52000] R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2009-05-18 339456] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-05-16 4069888] R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-04-13 254872] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [] R3 GTNDIS5;GTNDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\Belkin\F5D705~1\GTNDIS5.SYS [] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-03 12160] R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20100305.004\naveng.sys [] R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20100305.004\navex15.sys [] R3 RT73;Belkin Wireless 54G USB Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2007-10-02 451968] R3 StillCam;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-17 6784] R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS [] R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2006-08-07 24768] R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73472] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-05-16 602112] R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2006-07-19 192160] R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2006-07-19 169632] R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2006-09-27 31472] R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336] R2 SPBBCSvc;Symantec SPBBCSvc; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe [2006-04-11 1160848] R2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2006-09-27 1813232] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-02-07 69632] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-09-02 2528960] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2006-09-27 116464] S3 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [2006-08-07 214720] S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-07-11 69632] S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------

ken545 View Member Profile	Mar 8 2010, 03:38 AM Post #4
Forum God Group: Classroom Teacher Posts: 18,751 Joined: 3-December 04 From: Stamford, Connecticut Member No.: 19,436 Operating System: Win 7 Ultimate Win Xp Home SP3	I am looking at a possible problem, this next scan will tell Download OTL to your desktop. Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted. When the window appears, underneath Output at the top change it to Minimal Output. Check the boxes beside LOP Check and Purity Check. Under the Custom Scan box paste this in netsvcs %SYSTEMDRIVE%\.exe /md5start eventlog.dll scecli.dll netlogon.dll cngaudit.dll sceclt.dll ntelogon.dll logevent.dll iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys nvrd32.sys symmpi.sys adp3132.sys mv61xx.sys /md5stop %systemroot%\. /mp /s %systemroot%\system32\.dll /lockedfiles %systemroot%\Tasks\.job /lockedfiles %systemroot%\system32\drivers\.sys /lockedfiles %systemroot%\System32\config\.sav Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long. When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically. Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

mojomojo View Member Profile	Mar 8 2010, 07:43 PM Post #5
New Member Group: Authentic Member Posts: 9 Joined: 2-March 10 Member No.: 91,128 Operating System: Windows XP PRO SP3	Hi, here are the logs and I will post each in separate posts. Thanks again for your valuable time. OTL.Txt OTL logfile created on: 3/8/2010 5:36:27 PM - Run 2 OTL by OldTimer - Version 3.1.35.0 Folder = C:\Documents and Settings\jzeng\Desktop\whatthetech Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000409 \| Country: United States \| Language: ENU \| Date Format: M/d/yyyy 2.00 Gb Total Physical Memory \| 1.00 Gb Available Physical Memory \| 69.00% Memory free 4.00 Gb Paging File \| 3.00 Gb Available in Paging File \| 90.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 232.63 Gb Total Space \| 224.10 Gb Free Space \| 96.33% Space Free \| Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PRE Current User Name: jzeng Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\jzeng\Desktop\whatthetech\OTL.exe (OldTimer Tools) PRC - C:\Program Files\AIM\aim.exe (AOL LLC) PRC - C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe (Belkin) PRC - C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation) PRC - C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation) PRC - C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation) PRC - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) PRC - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation) PRC - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation) PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) PRC - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation) PRC - C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe (Adobe Systems Inc.) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\jzeng\Desktop\whatthetech\OTL.exe (OldTimer Tools) ========== Win32 Services (SafeList) ========== SRV - (SavRoam) -- C:\Program Files\Symantec AntiVirus\SavRoam.exe (symantec) SRV - (Symantec AntiVirus) -- C:\Program Files\Symantec AntiVirus\Rtvscan.exe (Symantec Corporation) SRV - (DefWatch) -- C:\Program Files\Symantec AntiVirus\DefWatch.exe (Symantec Corporation) SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE (Symantec Corporation) SRV - (SNDSrvc) -- C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (Symantec Corporation) SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe (Symantec Corporation) SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe (Symantec Corporation) SRV - (SPBBCSvc) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (Symantec Corporation) ========== Driver Services (SafeList) ========== DRV - (NAVEX15) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100305.004\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20100305.004\NAVENG.SYS (Symantec Corporation) DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (ADIHdAudAddService) -- C:\WINDOWS\system32\drivers\ADIHdAud.sys (Analog Devices, Inc.) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (iastor) -- C:\WINDOWS\system32\drivers\iastor.sys (Intel Corporation) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider) DRV - (RT73) -- C:\WINDOWS\system32\drivers\rt73.sys (Ralink Technology, Corp.) DRV - (DLADResM) -- C:\WINDOWS\system32\drivers\DLADResM.SYS (Roxio) DRV - (DLABMFSM) -- C:\WINDOWS\system32\drivers\DLABMFSM.SYS (Roxio) DRV - (DLAUDF_M) -- C:\WINDOWS\system32\drivers\DLAUDF_M.SYS (Roxio) DRV - (DLAUDFAM) -- C:\WINDOWS\system32\drivers\DLAUDFAM.SYS (Roxio) DRV - (DLAOPIOM) -- C:\WINDOWS\system32\drivers\DLAOPIOM.SYS (Roxio) DRV - (DLABOIOM) -- C:\WINDOWS\system32\drivers\DLABOIOM.SYS (Roxio) DRV - (DLAPoolM) -- C:\WINDOWS\system32\drivers\DLAPoolM.SYS (Roxio) DRV - (DLAIFS_M) -- C:\WINDOWS\system32\drivers\DLAIFS_M.SYS (Roxio) DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions) DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio) DRV - (DLACDBHM) -- C:\WINDOWS\System32\Drivers\DLACDBHM.SYS (Roxio) DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Roxio) DRV - (e1express) Intel® -- C:\WINDOWS\system32\drivers\e1e5132.sys (Intel Corporation) DRV - (SymEvent) -- C:\Program Files\Symantec\SYMEVENT.SYS (Symantec Corporation) DRV - (SAVRT) -- C:\Program Files\Symantec AntiVirus\savrt.sys (Symantec Corporation) DRV - (SAVRTPEL) -- C:\Program Files\Symantec AntiVirus\Savrtpel.sys (Symantec Corporation) DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS (Symantec Corporation) DRV - (SYMREDRV) -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS (Symantec Corporation) DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation) DRV - (GTNDIS5) -- C:\Program Files\Belkin\F5D7050v3\GTNDIS5.sys (Printing Communications Assoc., Inc. (PCAUSA)) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EE EC 7E 45 93 AB CA 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.google.com" FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/08 10:52:25 \| 000,000,000 \| ---D \| M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/15 23:14:32 \| 000,000,000 \| ---D \| M] [2010/02/08 10:52:28 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\jzeng\Application Data\Mozilla\Extensions [2010/02/10 17:10:20 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\jzeng\Application Data\Mozilla\Firefox\Profiles\6zoft6cs.default\extensions [2010/02/08 10:52:19 \| 000,000,000 \| ---D \| M] -- C:\Program Files\Mozilla Firefox\extensions O1 HOSTS File: ([2010/02/08 17:32:33 \| 000,000,764 \| ---- \| M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 192.168.0.167 HP001E0BF69F8D O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\ShellBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation) O4 - HKLM..\Run: [F5D7050v3] C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe (Belkin) O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation) O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe () O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation) O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.) O4 - HKLM..\Run: [vptray] C:\Program Files\Symantec AntiVirus\VPTray.exe (Symantec Corporation) O4 - HKCU..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL LLC) O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\NavLogon: DllName - C:\WINDOWS\system32\NavLogon.dll - C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation) O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010/02/07 20:23:32 \| 000,000,000 \| ---- \| M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk ) - File not found O35 - HKLM\..comfile [open] -- "%1" % O35 - HKLM\..exefile [open] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2010/02/07 12:03:58 \| 000,000,000 \| ---D \| M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found ========== Files/Folders - Created Within 30 Days ========== [2010/03/07 23:58:22 \| 000,000,000 \| ---D \| C] -- C:\rsit [2010/03/07 23:52:32 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Desktop\whatthetech [2010/03/02 00:09:35 \| 000,551,424 \| ---- \| C] (OldTimer Tools) -- C:\Documents and Settings\jzeng\Desktop\OTL.exe [2010/03/01 23:57:42 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Desktop\gmer [2010/03/01 23:12:00 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Application Data\Malwarebytes [2010/03/01 23:11:57 \| 000,038,224 \| ---- \| C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/03/01 23:11:56 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes [2010/03/01 23:11:55 \| 000,019,160 \| ---- \| C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/03/01 23:11:55 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/03/01 23:11:00 \| 005,115,840 \| ---- \| C] (Malwarebytes Corporation ) -- C:\Documents and Settings\jzeng\Desktop\mbam-setup.exe [2010/03/01 23:10:12 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\ERDNT [2010/03/01 23:09:14 \| 000,000,000 \| ---D \| C] -- C:\Program Files\ERUNT [2010/03/01 23:09:00 \| 000,791,393 \| ---- \| C] (Lars Hederer ) -- C:\Documents and Settings\jzeng\Desktop\erunt_setup.exe [2010/03/01 23:06:34 \| 000,444,416 \| ---- \| C] (OldTimer Tools) -- C:\Documents and Settings\jzeng\Desktop\TFC.exe [2010/02/21 01:09:22 \| 000,000,000 \| --SD \| M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [2010/02/18 22:30:18 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Trend Micro [2010/02/18 22:29:19 \| 000,812,344 \| ---- \| C] (Trend Micro Inc.) -- C:\Documents and Settings\jzeng\Desktop\HJTInstall.exe [2010/02/15 23:14:32 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\NOS [2010/02/15 17:12:42 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusb.dll [2010/02/15 17:12:41 \| 000,159,232 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\ptpusd.dll [2010/02/11 19:25:21 \| 000,000,000 \| -HSD \| C] -- C:\Documents and Settings\jzeng\IECompatCache [2010/02/11 19:21:11 \| 000,000,000 \| -HSD \| C] -- C:\Documents and Settings\jzeng\PrivacIE [2010/02/11 19:20:41 \| 000,000,000 \| -HSD \| C] -- C:\Documents and Settings\jzeng\IETldCache [2010/02/11 19:16:51 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\ie8updates [2010/02/11 19:16:43 \| 011,070,464 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2010/02/11 19:16:43 \| 001,985,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2010/02/11 19:16:43 \| 000,594,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2010/02/11 19:16:43 \| 000,055,296 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2010/02/11 19:16:33 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\WBEM [2010/02/11 19:16:20 \| 000,000,000 \| -H-D \| C] -- C:\WINDOWS\ie8 [2010/02/10 22:32:09 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Local Settings\Application Data\Symantec [2010/02/10 22:31:42 \| 000,109,744 \| ---- \| C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS [2010/02/10 22:31:42 \| 000,048,816 \| ---- \| C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL [2010/02/10 22:31:26 \| 000,466,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\capicom.dll [2010/02/10 22:31:25 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Symantec [2010/02/10 22:31:19 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Symantec Shared [2010/02/10 22:31:19 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Symantec AntiVirus [2010/02/10 22:31:19 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Symantec [2010/02/09 00:12:05 \| 000,000,000 \| ---D \| C] -- C:\Program Files\MSXML 4.0 [2010/02/09 00:05:04 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\XPSViewer [2010/02/09 00:05:01 \| 000,000,000 \| ---D \| C] -- C:\Program Files\MSBuild [2010/02/09 00:04:55 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Reference Assemblies [2010/02/09 00:04:40 \| 001,676,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll [2010/02/09 00:04:40 \| 001,676,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll [2010/02/09 00:04:40 \| 000,597,504 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe [2010/02/09 00:04:40 \| 000,575,488 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll [2010/02/09 00:04:40 \| 000,117,760 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll [2010/02/09 00:04:40 \| 000,089,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll [2010/02/09 00:04:39 \| 000,000,000 \| ---D \| C] -- C:\bbd1254a65b9d9e6a093f6dc [2010/02/08 17:37:45 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Application Data\HP [2010/02/08 17:35:58 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\HP [2010/02/08 17:33:46 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\HP [2010/02/08 17:33:08 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Hewlett-Packard [2010/02/08 17:33:08 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Hewlett-Packard [2010/02/08 17:32:27 \| 000,876,544 \| R--- \| C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpwwiax1.dll [2010/02/08 17:32:27 \| 000,835,072 \| R--- \| C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpwtiop1.dll [2010/02/08 17:32:27 \| 000,286,720 \| R--- \| C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\HPZc3212.dll [2010/02/08 17:32:27 \| 000,258,122 \| R--- \| C] (Hewlett-Packard Co.) -- C:\WINDOWS\System32\hpovst09.dll [2010/02/08 17:32:25 \| 000,006,784 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\serscan.sys [2010/02/08 17:32:11 \| 000,038,400 \| ---- \| C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpz3l4sa.dll [2010/02/08 17:30:44 \| 000,000,000 \| ---D \| C] -- C:\TEMP [2010/02/08 17:29:36 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\carrier [2010/02/08 17:29:26 \| 000,015,104 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbscan.sys [2010/02/08 17:29:22 \| 000,000,000 \| -H-D \| C] -- C:\Config.Msi [2010/02/08 17:29:12 \| 000,000,000 \| ---D \| C] -- C:\Program Files\HP [2010/02/08 17:25:28 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Uninstall [2010/02/08 17:24:57 \| 000,108,752 \| ---- \| C] (Roxio) -- C:\WINDOWS\System32\drivers\DLAIFS_M.SYS [2010/02/08 17:24:57 \| 000,099,808 \| ---- \| C] (Sonic Solutions) -- C:\WINDOWS\System32\drivers\DRVMCDB.SYS [2010/02/08 17:24:57 \| 000,098,448 \| ---- \| C] (Roxio) -- C:\WINDOWS\System32\drivers\DLAUDF_M.SYS [2010/02/08 17:24:57 \| 000,093,552 \| ---- \| C] (Roxio) -- C:\WINDOWS\System32\drivers\DLAUDFAM.SYS [2010/02/08 17:24:57 \| 000,052,000 \| ---- \| C] (Roxio) -- C:\WINDOWS\System32\drivers\DRVNDDM.SYS [2010/02/08 17:24:57 \| 000,037,360 \| ---- \| C] (Roxio) -- C:\WINDOWS\System32\drivers\DLABMFSM.SYS [2010/02/08 17:24:57 \| 000,032,848 \| ---- \| C] (Roxio) -- C:\WINDOWS\System32\drivers\DLABOIOM.SYS [2010/02/08 17:24:57 \| 000,030,064 \| ---- \| C] (Roxio) -- C:\WINDOWS\System32\drivers\DLARTL_M.SYS [2010/02/08 17:24:57 \| 000,027,216 \| ---- \| C] (Roxio) -- C:\WINDOWS\System32\drivers\DLAOPIOM.SYS [2010/02/08 17:24:57 \| 000,016,304 \| ---- \| C] (Roxio) -- C:\WINDOWS\System32\drivers\DLAPoolM.SYS [2010/02/08 17:24:57 \| 000,014,576 \| ---- \| C] (Roxio) -- C:\WINDOWS\System32\drivers\DLACDBHM.SYS [2010/02/08 17:24:57 \| 000,009,104 \| ---- \| C] (Roxio) -- C:\WINDOWS\System32\drivers\DLADResM.SYS [2010/02/08 17:24:51 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\SureThing Shared [2010/02/08 17:24:32 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Sonic [2010/02/08 17:24:28 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Sonic Shared [2010/02/08 17:24:10 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Roxio Shared [2010/02/08 17:24:07 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\InstallShield [2010/02/08 17:24:06 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Roxio [2010/02/08 17:22:13 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Config [2010/02/08 17:22:10 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Inet [2010/02/08 17:17:16 \| 004,199,784 \| ---- \| C] (Amyuni Technologies http://www.amyuni.com) -- C:\WINDOWS\System32\cdintf400.dll [2010/02/08 17:17:01 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Intuit [2010/02/08 17:16:54 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Quicken [2010/02/08 17:16:54 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Application Data\Intuit [2010/02/08 17:15:14 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Intuit [2010/02/08 10:54:37 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Local Settings\Application Data\AIM [2010/02/08 10:54:37 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Application Data\acccore [2010/02/08 10:54:36 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Local Settings\Application Data\AOL [2010/02/08 10:54:31 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\AIM [2010/02/08 10:54:29 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\AOL [2010/02/08 10:54:29 \| 000,000,000 \| ---D \| C] -- C:\Program Files\AIM [2010/02/08 10:52:38 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\My Documents\Downloads [2010/02/08 10:52:25 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Local Settings\Application Data\Mozilla [2010/02/08 10:52:25 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Application Data\Mozilla [2010/02/08 10:52:19 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Mozilla Firefox [2010/02/07 23:38:50 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Local Settings\Application Data\ApplicationHistory [2010/02/07 23:32:55 \| 000,016,928 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2010/02/07 23:32:47 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Windows Media Connect 2 [2010/02/07 23:32:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\drivers\UMDF [2010/02/07 23:32:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\LogFiles [2010/02/07 23:31:26 \| 000,000,000 \| R-SD \| C] -- C:\WINDOWS\assembly [2010/02/07 23:31:26 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\URTTemp [2010/02/07 23:31:26 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Microsoft.NET [2010/02/07 23:10:28 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2010/02/07 23:10:23 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Prefetch [2010/02/07 23:07:28 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\en-us [2010/02/07 23:07:27 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\scripting [2010/02/07 23:07:27 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\l2schemas [2010/02/07 23:07:27 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\en [2010/02/07 23:07:27 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\bits [2010/02/07 23:06:38 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\ServicePackFiles [2010/02/07 23:05:46 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\network diagnostic [2010/02/07 23:05:16 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\ReinstallBackups [2010/02/07 23:04:09 \| 000,000,000 \| -H-D \| C] -- C:\WINDOWS\$NtServicePackUninstall$ [2010/02/07 23:03:25 \| 000,272,128 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys [2010/02/07 23:03:07 \| 000,471,552 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll [2010/02/07 23:02:32 \| 000,119,808 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll [2010/02/07 23:02:32 \| 000,081,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll [2010/02/07 23:02:30 \| 002,145,280 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2010/02/07 23:02:30 \| 000,730,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll [2010/02/07 23:02:29 \| 002,189,184 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe [2010/02/07 23:02:29 \| 002,023,936 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2010/02/07 23:01:32 \| 000,025,471 \| ---- \| C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys [2010/02/07 23:01:32 \| 000,022,271 \| ---- \| C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys [2010/02/07 23:01:32 \| 000,011,935 \| ---- \| C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys [2010/02/07 23:01:32 \| 000,011,871 \| ---- \| C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys [2010/02/07 23:01:32 \| 000,011,807 \| ---- \| C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys [2010/02/07 23:01:32 \| 000,011,295 \| ---- \| C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys [2010/02/07 23:01:30 \| 001,897,408 \| ---- \| C] (NVIDIA Corporation) -- C:\WINDOWS\System32\drivers\nv4_mini.sys [2010/02/07 23:01:30 \| 001,309,184 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys [2010/02/07 23:01:30 \| 000,452,736 \| ---- \| C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys [2010/02/07 23:01:30 \| 000,404,990 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys [2010/02/07 23:01:30 \| 000,180,360 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys [2010/02/07 23:01:30 \| 000,166,912 \| ---- \| C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys [2010/02/07 23:01:30 \| 000,129,535 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys [2010/02/07 23:01:30 \| 000,126,686 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys [2010/02/07 23:01:30 \| 000,095,424 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys [2010/02/07 23:01:30 \| 000,013,776 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys [2010/02/07 23:01:30 \| 000,013,240 \| ---- \| C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys [2010/02/07 23:01:05 \| 004,069,888 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys [2010/02/07 23:01:05 \| 004,069,888 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mtag.sys [2010/02/07 23:01:05 \| 000,327,040 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys [2010/02/07 23:01:05 \| 000,104,960 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys [2010/02/07 23:01:05 \| 000,073,216 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys [2010/02/07 23:01:05 \| 000,063,663 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys [2010/02/07 23:01:05 \| 000,063,488 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys [2010/02/07 23:01:05 \| 000,057,856 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys [2010/02/07 23:01:05 \| 000,056,623 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys [2010/02/07 23:01:05 \| 000,052,224 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys [2010/02/07 23:01:05 \| 000,036,463 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys [2010/02/07 23:01:05 \| 000,034,735 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys [2010/02/07 23:01:05 \| 000,031,744 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys [2010/02/07 23:01:05 \| 000,030,671 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys [2010/02/07 23:01:05 \| 000,029,455 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys [2010/02/07 23:01:05 \| 000,028,672 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys [2010/02/07 23:01:05 \| 000,026,367 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys [2010/02/07 23:01:05 \| 000,021,343 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys [2010/02/07 23:01:05 \| 000,014,336 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys [2010/02/07 23:01:05 \| 000,013,824 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys [2010/02/07 23:01:05 \| 000,013,824 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys [2010/02/07 23:01:05 \| 000,012,047 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys [2010/02/07 23:01:05 \| 000,011,615 \| ---- \| C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys [2010/02/07 22:59:40 \| 000,203,136 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys [2010/02/07 22:59:39 \| 000,455,424 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2010/02/07 22:59:38 \| 000,353,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys [2010/02/07 22:59:36 \| 000,331,776 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll [2010/02/07 22:59:31 \| 000,691,712 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll [2010/02/07 22:56:06 \| 001,172,480 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll [2010/02/07 22:56:06 \| 000,337,408 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll [2010/02/07 22:56:03 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2010/02/07 22:54:27 \| 000,000,000 \| -HSD \| C] -- C:\WINDOWS\CSC [2010/02/07 22:53:53 \| 000,026,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe [2010/02/07 22:53:53 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\PreInstall [2010/02/07 22:53:43 \| 000,000,000 \| -H-D \| C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ [2010/02/07 22:52:36 \| 000,000,000 \| -HSD \| C] -- C:\Documents and Settings\jzeng\UserData [2010/02/07 22:52:25 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\SoftwareDistribution [2010/02/07 21:21:29 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Adobe Systems [2010/02/07 21:21:25 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Local Settings\Application Data\Adobe [2010/02/07 21:21:25 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Application Data\Adobe [2010/02/07 21:21:23 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Adobe Systems Shared [2010/02/07 21:20:57 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Adobe [2010/02/07 21:20:43 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Adobe [2010/02/07 21:20:40 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Documents\Adobe PDF [2010/02/07 21:20:32 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Adobe [2010/02/07 21:19:22 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Application Data\Macromedia [2010/02/07 21:18:35 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Desktop\mediaplayer [2010/02/07 21:18:23 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Macromedia [2010/02/07 21:18:16 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Macromedia [2010/02/07 21:18:16 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Macromedia [2010/02/07 21:17:55 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Downloaded Installations [2010/02/07 21:15:44 \| 000,017,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll [2010/02/07 21:15:17 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Microsoft.NET [2010/02/07 21:15:14 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Microsoft ActiveSync [2010/02/07 21:14:59 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\DESIGNER [2010/02/07 21:14:51 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\SHELLNEW [2010/02/07 21:14:49 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Microsoft Office [2010/02/07 21:14:23 \| 000,000,000 \| RH-D \| C] -- C:\MSOCache [2010/02/07 21:14:14 \| 000,000,000 \| -HSD \| C] -- C:\RECYCLER [2010/02/07 21:13:47 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Application Data\Media Player Classic [2010/02/07 21:13:36 \| 000,499,712 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp71.dll [2010/02/07 21:13:36 \| 000,348,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr71.dll [2010/02/07 21:13:36 \| 000,278,528 \| ---- \| C] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll [2010/02/07 21:13:36 \| 000,185,920 \| ---- \| C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll [2010/02/07 21:13:36 \| 000,006,656 \| ---- \| C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll [2010/02/07 21:13:36 \| 000,005,632 \| ---- \| C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll [2010/02/07 21:13:35 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Real Alternative [2010/02/07 21:13:35 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Local Settings\Application Data\Real [2010/02/07 21:13:35 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Application Data\Real [2010/02/07 21:13:35 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\Real [2010/02/07 21:13:16 \| 000,451,968 \| ---- \| C] (Ralink Technology, Corp.) -- C:\WINDOWS\System32\drivers\rt73.sys [2010/02/07 21:13:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\DRVSTORE [2010/02/07 21:13:12 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Belkin [2010/02/07 21:13:10 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Application Data\InstallShield [2010/02/07 21:13:00 \| 006,560,523 \| ---- \| C] ( ) -- C:\Documents and Settings\jzeng\Desktop\realalt190.exe [2010/02/07 21:11:43 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Desktop\belkinusbdriver [2010/02/07 21:07:11 \| 001,677,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll [2010/02/07 21:07:11 \| 001,677,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\chsbrkr.dll [2010/02/07 21:07:11 \| 000,838,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll [2010/02/07 21:07:11 \| 000,838,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\chtbrkr.dll [2010/02/07 21:07:10 \| 001,875,968 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msir3jp.lex [2010/02/07 21:07:10 \| 001,875,968 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex [2010/02/07 21:07:10 \| 000,098,304 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msir3jp.dll [2010/02/07 21:07:10 \| 000,098,304 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll [2010/02/07 21:07:10 \| 000,070,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\korwbrkr.dll [2010/02/07 21:07:10 \| 000,070,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll [2010/02/07 21:07:07 \| 010,096,640 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll [2010/02/07 21:07:01 \| 000,218,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_g18030.dll [2010/02/07 21:07:01 \| 000,072,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wingb.ime [2010/02/07 21:07:01 \| 000,072,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime [2010/02/07 21:07:00 \| 000,014,336 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll [2010/02/07 21:07:00 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101a.dll [2010/02/07 21:07:00 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll [2010/02/07 21:06:59 \| 010,129,408 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll [2010/02/07 21:06:58 \| 000,059,904 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe [2010/02/07 21:06:58 \| 000,044,032 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe [2010/02/07 21:06:58 \| 000,036,864 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll [2010/02/07 21:06:54 \| 000,311,359 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe [2010/02/07 21:06:54 \| 000,102,463 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll [2010/02/07 21:06:54 \| 000,036,927 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll [2010/02/07 21:06:54 \| 000,009,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnecAT.dll [2010/02/07 21:06:54 \| 000,009,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll [2010/02/07 21:06:54 \| 000,007,680 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnecNT.dll [2010/02/07 21:06:54 \| 000,007,680 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll [2010/02/07 21:06:54 \| 000,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnec95.dll [2010/02/07 21:06:54 \| 000,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll [2010/02/07 21:06:54 \| 000,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdibm02.dll [2010/02/07 21:06:54 \| 000,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\f3ahvoas.dll [2010/02/07 21:06:54 \| 000,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlk41a.dll [2010/02/07 21:06:54 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlk41j.dll [2010/02/07 21:06:54 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdax2.dll [2010/02/07 21:06:54 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106n.dll [2010/02/07 21:06:54 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101.dll [2010/02/07 21:06:53 \| 000,471,102 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll [2010/02/07 21:06:53 \| 000,315,455 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll [2010/02/07 21:06:53 \| 000,229,439 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll [2010/02/07 21:06:53 \| 000,143,422 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll [2010/02/07 21:06:45 \| 000,057,398 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe [2010/02/07 21:06:45 \| 000,045,109 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe [2010/02/07 21:06:42 \| 000,480,256 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe [2010/02/07 21:06:42 \| 000,198,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll [2010/02/07 21:06:42 \| 000,097,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll [2010/02/07 21:06:42 \| 000,056,320 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll [2010/02/07 21:06:42 \| 000,021,504 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime [2010/02/07 21:06:42 \| 000,021,504 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\cintlgnt.ime [2010/02/07 21:06:42 \| 000,015,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll [2010/02/07 21:06:42 \| 000,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll [2010/02/07 21:06:42 \| 000,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_is2022.dll [2010/02/07 21:06:41 \| 000,571,392 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\tintlgnt.ime [2010/02/07 21:06:41 \| 000,571,392 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime [2010/02/07 21:06:41 \| 000,455,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe [2010/02/07 21:06:41 \| 000,079,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\winar30.ime [2010/02/07 21:06:41 \| 000,079,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime [2010/02/07 21:06:41 \| 000,079,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\phon.ime [2010/02/07 21:06:41 \| 000,079,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime [2010/02/07 21:06:41 \| 000,078,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime [2010/02/07 21:06:41 \| 000,078,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dayi.ime [2010/02/07 21:06:41 \| 000,078,336 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime [2010/02/07 21:06:41 \| 000,078,336 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\chajei.ime [2010/02/07 21:06:41 \| 000,077,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\quick.ime [2010/02/07 21:06:41 \| 000,077,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime [2010/02/07 21:06:41 \| 000,076,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\uniime.dll [2010/02/07 21:06:41 \| 000,076,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll [2010/02/07 21:06:41 \| 000,065,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\winime.ime [2010/02/07 21:06:41 \| 000,065,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime [2010/02/07 21:06:41 \| 000,065,024 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\unicdime.ime [2010/02/07 21:06:41 \| 000,065,024 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime [2010/02/07 21:06:41 \| 000,044,032 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe [2010/02/07 21:06:41 \| 000,026,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\romanime.ime [2010/02/07 21:06:41 \| 000,026,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime [2010/02/07 21:06:41 \| 000,011,776 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\miniime.tpl [2010/02/07 21:06:41 \| 000,010,240 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll [2010/02/07 21:06:40 \| 000,053,760 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll [2010/02/07 21:06:40 \| 000,015,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll [2010/02/07 21:06:38 \| 000,482,304 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\pintlgnt.ime [2010/02/07 21:06:38 \| 000,482,304 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime [2010/02/07 21:06:38 \| 000,156,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\winzm.ime [2010/02/07 21:06:38 \| 000,156,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime [2010/02/07 21:06:38 \| 000,156,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\winsp.ime [2010/02/07 21:06:38 \| 000,156,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime [2010/02/07 21:06:38 \| 000,156,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\winpy.ime [2010/02/07 21:06:38 \| 000,156,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime [2010/02/07 21:06:38 \| 000,106,496 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll [2010/02/07 21:06:38 \| 000,094,720 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime [2010/02/07 21:06:38 \| 000,086,016 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll [2010/02/07 21:06:38 \| 000,070,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe [2010/02/07 21:06:38 \| 000,067,584 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll [2010/02/07 21:06:37 \| 000,811,064 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\imjp81k.dll [2010/02/07 21:06:37 \| 000,811,064 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll [2010/02/07 21:06:37 \| 000,426,041 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll [2010/02/07 21:06:37 \| 000,340,023 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\imjp81.ime [2010/02/07 21:06:37 \| 000,340,023 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime [2010/02/07 21:06:37 \| 000,307,257 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe [2010/02/07 21:06:37 \| 000,274,489 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll [2010/02/07 21:06:37 \| 000,262,200 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe [2010/02/07 21:06:37 \| 000,233,527 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe [2010/02/07 21:06:37 \| 000,208,952 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe [2010/02/07 21:06:37 \| 000,155,705 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe [2010/02/07 21:06:37 \| 000,102,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll [2010/02/07 21:06:37 \| 000,086,073 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll [2010/02/07 21:06:37 \| 000,081,976 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll [2010/02/07 21:06:36 \| 000,716,856 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll [2010/02/07 21:06:36 \| 000,368,696 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll [2010/02/07 21:06:36 \| 000,057,399 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe [2010/02/07 21:06:36 \| 000,008,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdjpn.dll [2010/02/07 21:06:36 \| 000,008,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdjpn.dll [2010/02/07 21:06:36 \| 000,008,192 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkor.dll [2010/02/07 21:06:36 \| 000,008,192 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkor.dll [2010/02/07 21:06:36 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd106.dll [2010/02/07 21:06:36 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101c.dll [2010/02/07 21:06:36 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101c.dll [2010/02/07 21:06:36 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd103.dll [2010/02/07 21:06:36 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd103.dll [2010/02/07 21:06:34 \| 000,185,344 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\Thawbrkr.dll [2010/02/07 21:06:34 \| 000,185,344 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll [2010/02/07 21:06:34 \| 000,006,144 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinpun.dll [2010/02/07 21:06:34 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll [2010/02/07 21:06:34 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101b.dll [2010/02/07 21:06:34 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101b.dll [2010/02/07 21:06:34 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdintel.dll [2010/02/07 21:06:34 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdintam.dll [2010/02/07 21:06:34 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmar.dll [2010/02/07 21:06:34 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinkan.dll [2010/02/07 21:06:34 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinhin.dll [2010/02/07 21:06:34 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinguj.dll [2010/02/07 21:06:34 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdindev.dll [2010/02/07 21:06:34 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll [2010/02/07 21:06:34 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll [2010/02/07 21:06:34 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll [2010/02/07 21:06:34 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll [2010/02/07 21:06:34 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll [2010/02/07 21:06:34 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll [2010/02/07 21:06:34 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll [2010/02/07 21:06:34 \| 000,005,120 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgeo.dll [2010/02/07 21:06:34 \| 000,005,120 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdarmw.dll [2010/02/07 21:06:34 \| 000,005,120 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdarme.dll [2010/02/07 21:06:34 \| 000,005,120 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll [2010/02/07 21:06:34 \| 000,005,120 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll [2010/02/07 21:06:34 \| 000,005,120 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll [2010/02/07 21:06:33 \| 000,010,752 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll [2010/02/07 21:06:33 \| 000,010,752 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_iscii.dll [2010/02/07 21:06:33 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdvntc.dll [2010/02/07 21:06:33 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll [2010/02/07 21:06:32 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsyr2.dll [2010/02/07 21:06:32 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsyr1.dll [2010/02/07 21:06:32 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll [2010/02/07 21:06:32 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll [2010/02/07 21:06:31 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdurdu.dll [2010/02/07 21:06:31 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfa.dll [2010/02/07 21:06:31 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbddiv2.dll [2010/02/07 21:06:31 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbddiv1.dll [2010/02/07 21:06:31 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbda3.dll [2010/02/07 21:06:31 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbda2.dll [2010/02/07 21:06:31 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbda1.dll [2010/02/07 21:06:31 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdusa.dll [2010/02/07 21:06:31 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll [2010/02/07 21:06:31 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll [2010/02/07 21:06:31 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll [2010/02/07 21:06:31 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll [2010/02/07 21:06:31 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll [2010/02/07 21:06:31 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll [2010/02/07 21:06:31 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll [2010/02/07 21:06:31 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll [2010/02/07 21:06:29 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdheb.dll [2010/02/07 21:06:29 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll [2010/02/07 21:06:27 \| 000,006,144 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth3.dll [2010/02/07 21:06:27 \| 000,006,144 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth2.dll [2010/02/07 21:06:27 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll [2010/02/07 21:06:27 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll [2010/02/07 21:06:27 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth1.dll [2010/02/07 21:06:27 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdth0.dll [2010/02/07 21:06:27 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll [2010/02/07 21:06:27 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll [2010/02/07 21:06:26 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\ftlx041e.dll [2010/02/07 21:06:26 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll [2010/02/07 21:06:18 \| 000,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll [2010/02/07 21:06:17 \| 000,129,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax [2010/02/07 21:06:17 \| 000,060,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys [2010/02/07 21:06:16 \| 000,049,152 \| ---- \| C] (Analog Devices Inc.) -- C:\WINDOWS\System32\DSndUp.exe [2010/02/07 21:06:16 \| 000,000,000 \| -H-D \| C] -- C:\Program Files\InstallShield Installation Information [2010/02/07 21:06:16 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Analog Devices [2010/02/07 21:04:59 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\InstallShield [2010/02/07 21:04:58 \| 000,339,456 \| ---- \| C] (Analog Devices, Inc.) -- C:\WINDOWS\System32\drivers\ADIHdAud.sys [2010/02/07 21:04:58 \| 000,031,232 \| ---- \| C] (Analog Devices, Inc.) -- C:\WINDOWS\System32\PostProc.dll [2010/02/07 21:04:42 \| 000,254,872 \| ---- \| C] (Intel Corporation) -- C:\WINDOWS\System32\drivers\e1e5132.sys [2010/02/07 21:04:42 \| 000,179,048 \| ---- \| C] (Intel Corporation) -- C:\WINDOWS\System32\e1000msg.dll [2010/02/07 21:04:42 \| 000,154,496 \| ---- \| C] (Intel Corporation) -- C:\WINDOWS\System32\Prounstl.exe [2010/02/07 21:04:42 \| 000,066,424 \| ---- \| C] (Intel Corporation) -- C:\WINDOWS\System32\NicEtCoE.dll [2010/02/07 21:04:42 \| 000,062,840 \| ---- \| C] (Intel Corporation) -- C:\WINDOWS\System32\NicInstE.dll [2010/02/07 21:04:42 \| 000,028,536 \| ---- \| C] (Intel Corporation) -- C:\WINDOWS\System32\NicCo.dll [2010/02/07 21:04:26 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Desktop\delldrivers [2010/02/07 20:26:21 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Application Data\Identities [2010/02/07 20:26:20 \| 000,000,000 \| -H-D \| C] -- C:\Program Files\Uninstall Information [2010/02/07 20:26:18 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\jzeng\My Documents\My Pictures [2010/02/07 20:26:18 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\jzeng\My Documents\My Music [2010/02/07 20:26:17 \| 000,000,000 \| --SD \| C] -- C:\Documents and Settings\jzeng\Application Data\Microsoft [2010/02/07 20:26:17 \| 000,000,000 \| RH-D \| C] -- C:\Documents and Settings\jzeng\SendTo [2010/02/07 20:26:17 \| 000,000,000 \| RH-D \| C] -- C:\Documents and Settings\jzeng\Recent [2010/02/07 20:26:17 \| 000,000,000 \| RH-D \| C] -- C:\Documents and Settings\jzeng\Application Data [2010/02/07 20:26:17 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\jzeng\Start Menu [2010/02/07 20:26:17 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\jzeng\My Documents [2010/02/07 20:26:17 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\jzeng\Favorites [2010/02/07 20:26:17 \| 000,000,000 \| -HSD \| C] -- C:\Documents and Settings\jzeng\Cookies [2010/02/07 20:26:17 \| 000,000,000 \| -H-D \| C] -- C:\Documents and Settings\jzeng\Templates [2010/02/07 20:26:17 \| 000,000,000 \| -H-D \| C] -- C:\Documents and Settings\jzeng\PrintHood [2010/02/07 20:26:17 \| 000,000,000 \| -H-D \| C] -- C:\Documents and Settings\jzeng\NetHood [2010/02/07 20:26:17 \| 000,000,000 \| -H-D \| C] -- C:\Documents and Settings\jzeng\Local Settings [2010/02/07 20:26:17 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Local Settings\Application Data\Microsoft [2010/02/07 20:26:17 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\jzeng\Desktop [2010/02/07 20:25:47 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\SoftwareDistribution [2010/02/07 20:25:45 \| 000,000,000 \| --SD \| C] -- C:\WINDOWS\System32\Microsoft [2010/02/07 20:25:34 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2010/02/07 20:24:51 \| 000,041,600 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll [2010/02/07 20:24:51 \| 000,031,232 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys [2010/02/07 20:24:50 \| 000,073,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll [2010/02/07 20:24:50 \| 000,048,256 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll [2010/02/07 20:24:50 \| 000,009,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll [2010/02/07 20:24:50 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll [2010/02/07 20:24:50 \| 000,004,608 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll [2010/02/07 20:24:48 \| 000,014,336 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe [2010/02/07 20:24:47 \| 000,021,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys [2010/02/07 20:24:47 \| 000,019,464 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys [2010/02/07 20:24:47 \| 000,013,192 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys [2010/02/07 20:24:46 \| 000,101,376 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll [2010/02/07 20:24:46 \| 000,016,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll [2010/02/07 20:24:45 \| 000,010,240 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll [2010/02/07 20:24:45 \| 000,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll [2010/02/07 20:24:44 \| 000,031,744 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll [2010/02/07 20:24:44 \| 000,031,744 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll [2010/02/07 20:24:44 \| 000,015,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll [2010/02/07 20:24:44 \| 000,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll [2010/02/07 20:24:44 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll [2010/02/07 20:24:44 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll [2010/02/07 20:24:43 \| 000,038,912 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll [2010/02/07 20:24:43 \| 000,030,208 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll [2010/02/07 20:24:43 \| 000,030,208 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll [2010/02/07 20:24:43 \| 000,029,184 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll [2010/02/07 20:24:43 \| 000,026,624 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll [2010/02/07 20:24:43 \| 000,026,624 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll [2010/02/07 20:24:43 \| 000,026,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll [2010/02/07 20:24:43 \| 000,026,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll [2010/02/07 20:24:43 \| 000,026,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll [2010/02/07 20:24:43 \| 000,026,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll [2010/02/07 20:24:43 \| 000,025,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll [2010/02/07 20:24:43 \| 000,018,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll [2010/02/07 20:24:42 \| 000,057,856 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll [2010/02/07 20:24:42 \| 000,026,112 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll [2010/02/07 20:24:41 \| 000,079,872 \| ---- \| C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll [2010/02/07 20:24:41 \| 000,079,872 \| ---- \| C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll [2010/02/07 20:24:40 \| 000,023,040 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe [2010/02/07 20:24:40 \| 000,014,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe [2010/02/07 20:24:39 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe [2010/02/07 20:24:39 \| 000,009,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe [2010/02/07 20:24:38 \| 000,131,584 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll [2010/02/07 20:24:38 \| 000,011,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll [2010/02/07 20:24:38 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll [2010/02/07 20:24:37 \| 000,031,744 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll [2010/02/07 20:24:37 \| 000,020,992 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll [2010/02/07 20:24:36 \| 000,038,912 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll [2010/02/07 20:24:35 \| 000,053,248 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll [2010/02/07 20:24:30 \| 000,092,416 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys [2010/02/07 20:24:30 \| 000,092,032 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll [2010/02/07 20:24:30 \| 000,026,624 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll [2010/02/07 20:24:29 \| 000,065,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll [2010/02/07 20:24:29 \| 000,022,016 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll [2010/02/07 20:24:26 \| 000,018,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll [2010/02/07 20:24:25 \| 000,009,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll [2010/02/07 20:24:25 \| 000,008,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll [2010/02/07 20:24:25 \| 000,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll [2010/02/07 20:24:23 \| 000,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe [2010/02/07 20:24:23 \| 000,003,584 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll [2010/02/07 20:24:22 \| 000,060,928 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll [2010/02/07 20:24:22 \| 000,019,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll [2010/02/07 20:24:16 \| 000,031,744 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll [2010/02/07 20:24:16 \| 000,011,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe [2010/02/07 20:24:15 \| 000,132,608 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll [2010/02/07 20:24:15 \| 000,111,104 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll [2010/02/07 20:24:15 \| 000,007,680 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll [2010/02/07 20:24:14 \| 000,043,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll [2010/02/07 20:24:14 \| 000,014,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe [2010/02/07 20:24:13 \| 000,514,587 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll [2010/02/07 20:24:13 \| 000,057,856 \| ---- \| C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll [2010/02/07 20:24:13 \| 000,045,056 \| ---- \| C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll [2010/02/07 20:24:13 \| 000,031,744 \| ---- \| C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll [2010/02/07 20:24:13 \| 000,025,856 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys [2010/02/07 20:24:10 \| 000,056,320 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe [2010/02/07 20:24:10 \| 000,033,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll [2010/02/07 20:24:10 \| 000,020,480 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll [2010/02/07 20:24:10 \| 000,018,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe [2010/02/07 20:24:08 \| 000,015,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe [2010/02/07 20:24:08 \| 000,014,336 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe [2010/02/07 20:24:08 \| 000,013,312 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe [2010/02/07 20:24:08 \| 000,009,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe [2010/02/07 20:24:07 \| 000,054,528 \| ---- \| C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2010/02/07 20:24:03 \| 000,045,568 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll [2010/02/07 20:24:03 \| 000,029,184 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll [2010/02/07 20:24:03 \| 000,010,240 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll [2010/02/07 20:24:03 \| 000,009,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll [2010/02/07 20:24:02 \| 000,045,056 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll [2010/02/07 20:24:01 \| 000,049,664 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll [2010/02/07 20:24:01 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll [2010/02/07 20:24:01 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll [2010/02/07 20:23:59 \| 000,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll [2010/02/07 20:23:56 \| 000,169,984 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll [2010/02/07 20:23:56 \| 000,019,968 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll [2010/02/07 20:23:56 \| 000,007,680 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe [2010/02/07 20:23:56 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll [2010/02/07 20:23:55 \| 000,014,336 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe [2010/02/07 20:23:55 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll [2010/02/07 20:23:53 \| 000,094,720 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx [2010/02/07 20:23:51 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\xircom [2010/02/07 20:23:51 \| 000,000,000 \| ---D \| C] -- C:\Program Files\xerox [2010/02/07 20:23:51 \| 000,000,000 \| ---D \| C] -- C:\Program Files\microsoft frontpage [2010/02/07 20:23:44 \| 000,000,000 \| ---D \| C] -- C:\DELL [2010/02/07 20:23:37 \| 000,000,000 \| -H-D \| C] -- C:\WINDOWS\$hf_mig$ [2010/02/07 20:23:36 \| 000,689,152 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll [2010/02/07 20:23:30 \| 000,000,000 \| --SD \| M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft [2010/02/07 20:23:25 \| 000,112,128 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll [2010/02/07 20:23:00 \| 000,000,000 \| -HSD \| C] -- C:\Documents and Settings\All Users\DRM [2010/02/07 20:22:55 \| 000,000,000 \| --SD \| C] -- C:\WINDOWS\Downloaded Program Files [2010/02/07 20:22:55 \| 000,000,000 \| R--D \| C] -- C:\WINDOWS\Offline Web Pages [2010/02/07 20:22:49 \| 000,000,000 \| -H-D \| C] -- C:\Program Files\WindowsUpdate [2010/02/07 20:22:40 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\DirectX [2010/02/07 20:22:25 \| 000,035,328 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe [2010/02/07 20:22:25 \| 000,011,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll [2010/02/07 20:22:25 \| 000,011,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll [2010/02/07 20:22:24 \| 000,099,840 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe [2010/02/07 20:22:24 \| 000,021,504 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll [2010/02/07 20:22:24 \| 000,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll [2010/02/07 20:22:17 \| 000,047,104 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe [2010/02/07 20:22:17 \| 000,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll [2010/02/07 20:22:17 \| 000,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll [2010/02/07 20:22:16 \| 000,064,512 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll [2010/02/07 20:22:16 \| 000,064,512 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll [2010/02/07 20:22:16 \| 000,039,936 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe [2010/02/07 20:22:16 \| 000,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe [2010/02/07 20:22:16 \| 000,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe [2010/02/07 20:22:15 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Services [2010/02/07 20:22:13 \| 000,073,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe [2010/02/07 20:22:13 \| 000,061,440 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll [2010/02/07 20:22:13 \| 000,040,960 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll [2010/02/07 20:22:13 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe [2010/02/07 20:22:13 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll [2010/02/07 20:22:13 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll [2010/02/07 20:22:13 \| 000,000,000 \| --SD \| C] -- C:\WINDOWS\Tasks [2010/02/07 20:22:12 \| 000,235,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll [2010/02/07 20:22:12 \| 000,093,184 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx [2010/02/07 20:22:12 \| 000,025,088 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll [2010/02/07 20:22:12 \| 000,023,552 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll [2010/02/07 20:22:12 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\MSSoap [2010/02/07 20:22:09 \| 000,096,256 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll [2010/02/07 20:22:09 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\srchasst [2010/02/07 20:22:09 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\Macromed [2010/02/07 20:22:08 \| 001,669,120 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe [2010/02/07 20:22:08 \| 000,786,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe [2010/02/07 20:22:08 \| 000,243,712 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll [2010/02/07 20:22:08 \| 000,221,184 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll [2010/02/07 20:22:08 \| 000,064,000 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe [2010/02/07 20:22:08 \| 000,033,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll [2010/02/07 20:22:07 \| 001,929,952 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll [2010/02/07 20:22:07 \| 000,364,544 \| ---- \| C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll [2010/02/07 20:22:07 \| 000,327,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll [2010/02/07 20:22:07 \| 000,327,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll [2010/02/07 20:22:07 \| 000,226,816 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll [2010/02/07 20:22:07 \| 000,209,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll [2010/02/07 20:22:07 \| 000,183,296 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll [2010/02/07 20:22:07 \| 000,010,240 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll [2010/02/07 20:22:07 \| 000,004,639 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe [2010/02/07 20:22:06 \| 000,575,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll [2010/02/07 20:22:06 \| 000,575,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll [2010/02/07 20:22:06 \| 000,217,816 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl [2010/02/07 20:22:06 \| 000,165,888 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe [2010/02/07 20:22:06 \| 000,053,472 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe [2010/02/07 20:22:06 \| 000,035,552 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll [2010/02/07 20:22:06 \| 000,035,552 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll [2010/02/07 20:22:06 \| 000,018,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll [2010/02/07 20:22:06 \| 000,008,192 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll [2010/02/07 20:22:06 \| 000,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll [2010/02/07 20:22:04 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Movie Maker [2010/02/07 20:22:00 \| 000,045,568 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll [2010/02/07 20:22:00 \| 000,043,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll [2010/02/07 20:22:00 \| 000,043,520 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll [2010/02/07 20:22:00 \| 000,029,696 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll [2010/02/07 20:21:58 \| 000,023,040 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe [2010/02/07 20:21:57 \| 000,239,104 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll [2010/02/07 20:21:57 \| 000,081,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll [2010/02/07 20:21:57 \| 000,034,560 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll [2010/02/07 20:21:57 \| 000,032,768 \| ---- \| C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll [2010/02/07 20:21:57 \| 000,028,672 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll [2010/02/07 20:21:57 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\Restore [2010/02/07 20:21:56 \| 000,069,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll [2010/02/07 20:21:54 \| 000,252,928 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll [2010/02/07 20:21:54 \| 000,105,984 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll [2010/02/07 20:21:54 \| 000,000,000 \| ---D \| C] -- C:\Program Files\NetMeeting [2010/02/07 20:21:53 \| 000,048,128 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll [2010/02/07 20:21:52 \| 000,081,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll [2010/02/07 20:21:52 \| 000,073,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll [2010/02/07 20:21:52 \| 000,065,536 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll [2010/02/07 20:21:52 \| 000,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe [2010/02/07 20:21:52 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Outlook Express [2010/02/07 20:21:51 \| 000,274,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll [2010/02/07 20:21:48 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\System [2010/02/07 20:21:47 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Internet Explorer [2010/02/07 20:21:46 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\All Users\Documents\My Pictures [2010/02/07 20:21:34 \| 000,000,000 \| ---D \| C] -- C:\Program Files\ComPlus Applications [2010/02/07 20:21:32 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Registration [2010/02/07 20:21:31 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Online Services [2010/02/07 20:21:30 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\All Users\Documents\My Music [2010/02/07 20:21:30 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Windows Media Player [2010/02/07 20:21:29 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Messenger [2010/02/07 20:21:28 \| 001,817,687 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll [2010/02/07 20:21:28 \| 000,780,885 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll [2010/02/07 20:21:28 \| 000,753,236 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll [2010/02/07 20:21:28 \| 000,082,501 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll [2010/02/07 20:21:28 \| 000,048,706 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll [2010/02/07 20:21:28 \| 000,042,577 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe [2010/02/07 20:21:28 \| 000,042,575 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe [2010/02/07 20:21:28 \| 000,042,574 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe [2010/02/07 20:21:28 \| 000,040,515 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll [2010/02/07 20:21:27 \| 002,178,131 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll [2010/02/07 20:21:27 \| 001,175,635 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll [2010/02/07 20:21:27 \| 001,039,955 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll [2010/02/07 20:21:27 \| 000,066,113 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll [2010/02/07 20:21:27 \| 000,057,409 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll [2010/02/07 20:21:27 \| 000,042,573 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe [2010/02/07 20:21:27 \| 000,042,573 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe [2010/02/07 20:21:27 \| 000,041,029 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll [2010/02/07 20:21:27 \| 000,032,339 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll [2010/02/07 20:21:27 \| 000,013,894 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll [2010/02/07 20:21:27 \| 000,004,677 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll [2010/02/07 20:21:26 \| 000,217,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll [2010/02/07 20:21:26 \| 000,113,222 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll [2010/02/07 20:21:26 \| 000,036,937 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe [2010/02/07 20:21:26 \| 000,029,760 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll [2010/02/07 20:21:26 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe [2010/02/07 20:21:26 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe [2010/02/07 20:21:26 \| 000,000,000 \| ---D \| C] -- C:\Program Files\MSN Gaming Zone [2010/02/07 20:21:19 \| 000,227,840 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll [2010/02/07 20:21:19 \| 000,227,840 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll [2010/02/07 20:21:19 \| 000,138,752 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe [2010/02/07 20:21:19 \| 000,138,752 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe [2010/02/07 20:21:19 \| 000,073,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll [2010/02/07 20:21:19 \| 000,073,216 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll [2010/02/07 20:21:19 \| 000,044,544 \| ---- \| C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll [2010/02/07 20:21:19 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll [2010/02/07 20:21:19 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll [2010/02/07 20:21:19 \| 000,013,312 \| ---- \| C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll [2010/02/07 20:21:18 \| 000,035,328 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe [2010/02/07 20:21:18 \| 000,035,328 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe [2010/02/07 20:21:13 \| 000,605,696 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll [2010/02/07 20:21:13 \| 000,605,696 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll [2010/02/07 20:21:13 \| 000,080,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe [2010/02/07 20:21:13 \| 000,080,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe [2010/02/07 20:21:12 \| 000,126,976 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe [2010/02/07 20:21:12 \| 000,126,976 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe [2010/02/07 20:21:12 \| 000,119,808 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe [2010/02/07 20:21:12 \| 000,119,808 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe [2010/02/07 20:21:12 \| 000,114,688 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe [2010/02/07 20:21:12 \| 000,114,688 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe [2010/02/07 20:21:12 \| 000,056,832 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe [2010/02/07 20:21:12 \| 000,056,832 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe [2010/02/07 20:21:12 \| 000,055,296 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe [2010/02/07 20:21:12 \| 000,055,296 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe [2010/02/07 20:21:11 \| 000,033,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe [2010/02/07 20:21:11 \| 000,033,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe [2010/02/07 20:21:11 \| 000,022,016 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe [2010/02/07 20:21:11 \| 000,022,016 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe [2010/02/07 20:21:11 \| 000,020,992 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe [2010/02/07 20:21:11 \| 000,020,992 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe [2010/02/07 20:21:11 \| 000,016,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe [2010/02/07 20:21:11 \| 000,016,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe [2010/02/07 20:21:11 \| 000,016,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe [2010/02/07 20:21:11 \| 000,016,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe [2010/02/07 20:21:11 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe [2010/02/07 20:21:11 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe [2010/02/07 20:21:11 \| 000,015,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe [2010/02/07 20:21:11 \| 000,015,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe [2010/02/07 20:21:11 \| 000,015,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe [2010/02/07 20:21:11 \| 000,015,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe [2010/02/07 20:21:11 \| 000,014,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe [2010/02/07 20:21:11 \| 000,014,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe [2010/02/07 20:21:11 \| 000,014,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe [2010/02/07 20:21:11 \| 000,014,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe [2010/02/07 20:21:11 \| 000,014,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe [2010/02/07 20:21:11 \| 000,014,848 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe [2010/02/07 20:21:11 \| 000,009,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe [2010/02/07 20:21:11 \| 000,009,728 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe [2010/02/07 20:21:11 \| 000,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll [2010/02/07 20:21:11 \| 000,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll [2010/02/07 20:21:10 \| 000,034,304 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll [2010/02/07 20:21:10 \| 000,030,720 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll [2010/02/07 20:21:10 \| 000,019,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb [2010/02/07 20:21:10 \| 000,015,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll [2010/02/07 20:21:10 \| 000,015,872 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll [2010/02/07 20:21:10 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe [2010/02/07 20:21:10 \| 000,004,096 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll [2010/02/07 20:21:09 \| 000,167,424 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll [2010/02/07 20:21:09 \| 000,097,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll [2010/02/07 20:21:09 \| 000,059,392 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll [2010/02/07 20:21:09 \| 000,045,568 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll [2010/02/07 20:21:09 \| 000,028,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll [2010/02/07 20:21:06 \| 000,273,920 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll [2010/02/07 20:21:06 \| 000,116,224 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll [2010/02/07 20:21:06 \| 000,075,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll [2010/02/07 20:21:06 \| 000,061,952 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll [2010/02/07 20:21:06 \| 000,061,440 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll [2010/02/07 20:21:06 \| 000,059,904 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb [2010/02/07 20:21:06 \| 000,059,904 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll [2010/02/07 20:21:06 \| 000,052,224 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll [2010/02/07 20:21:06 \| 000,040,960 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll [2010/02/07 20:21:06 \| 000,031,232 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb [2010/02/07 20:21:06 \| 000,016,896 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe [2010/02/07 20:21:06 \| 000,016,384 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll [2010/02/07 20:21:06 \| 000,013,312 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe [2010/02/07 20:21:06 \| 000,012,288 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll [2010/02/07 20:21:05 \| 000,120,320 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll [2010/02/07 20:21:05 \| 000,053,248 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll [2010/02/07 20:20:59 \| 000,000,000 \| ---D \| C] -- C:\Program Files\MSN [2010/02/07 20:20:58 \| 000,347,136 \| ---- \| C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll [2010/02/07 20:20:58 \| 000,184,320 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe [2010/02/07 20:20:58 \| 000,131,584 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe [2010/02/07 20:20:58 \| 000,123,392 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe [2010/02/07 20:20:58 \| 000,123,392 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe [2010/02/07 20:20:58 \| 000,068,608 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl [2010/02/07 20:20:58 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Windows NT [2010/02/07 20:20:57 \| 000,538,624 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe [2010/02/07 20:20:57 \| 000,343,040 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe [2010/02/07 20:20:57 \| 000,102,912 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe [2010/02/07 20:20:57 \| 000,093,696 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll [2010/02/07 20:20:56 \| 002,066,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll [2010/02/07 20:20:56 \| 000,407,552 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstsc.exe [2010/02/07 20:20:56 \| 000,147,968 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll [2010/02/07 20:20:56 \| 000,087,176 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll [2010/02/07 20:20:56 \| 000,067,072 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe [2010/02/07 20:20:56 \| 000,062,976 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe [2010/02/07 20:20:56 \| 000,044,544 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe [2010/02/07 20:20:56 \| 000,044,544 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscupgrd.exe [2010/02/07 20:20:56 \| 000,019,968 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll [2010/02/07 20:20:56 \| 000,019,968 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe [2010/02/07 20:20:56 \| 000,013,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe [2010/02/07 20:20:55 \| 000,956,928 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll [2010/02/07 20:20:55 \| 000,428,032 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll [2010/02/07 20:20:55 \| 000,161,792 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll [2010/02/07 20:20:55 \| 000,091,648 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll [2010/02/07 20:20:55 \| 000,038,912 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll [2010/02/07 20:20:55 \| 000,011,776 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll [2010/02/07 20:20:55 \| 000,011,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll [2010/02/07 20:20:55 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\MsDtc [2010/02/07 20:20:54 \| 000,625,664 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll [2010/02/07 20:20:54 \| 000,110,592 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll [2010/02/07 20:20:54 \| 000,085,504 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll [2010/02/07 20:20:54 \| 000,060,416 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll [2010/02/07 20:20:54 \| 000,058,880 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll [2010/02/07 20:20:54 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\Com [2010/02/07 20:20:53 \| 001,267,200 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll [2010/02/07 20:20:53 \| 000,539,648 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll [2010/02/07 20:20:53 \| 000,226,304 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll [2010/02/07 20:20:47 \| 000,185,344 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll [2010/02/07 20:20:47 \| 000,058,880 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll [2010/02/07 20:20:47 \| 000,056,320 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll [2010/02/07 20:20:47 \| 000,017,408 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll [2010/02/07 20:20:44 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\All Users\Documents\My Videos [2010/02/07 12:09:26 \| 000,074,240 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll [2010/02/07 12:08:58 \| 000,000,000 \| -HSD \| C] -- C:\WINDOWS\Installer [2010/02/07 12:08:58 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\ODBC [2010/02/07 12:08:57 \| 000,077,824 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll [2010/02/07 12:08:57 \| 000,061,440 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll [2010/02/07 12:08:56 \| 000,774,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll [2010/02/07 12:08:56 \| 000,036,864 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe [2010/02/07 12:08:56 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\SpeechEngines [2010/02/07 12:08:55 \| 000,000,000 \| R--D \| C] -- C:\Program Files [2010/02/07 12:08:55 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Microsoft Shared [2010/02/07 12:08:55 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files [2010/02/07 12:08:53 \| 000,006,144 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll [2010/02/07 12:08:53 \| 000,006,144 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll [2010/02/07 12:08:53 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll [2010/02/07 12:08:53 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll [2010/02/07 12:08:53 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll [2010/02/07 12:08:53 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll [2010/02/07 12:08:52 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll [2010/02/07 12:08:52 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll [2010/02/07 12:08:52 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll [2010/02/07 12:08:52 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll [2010/02/07 12:08:52 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll [2010/02/07 12:08:52 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll [2010/02/07 12:08:52 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll [2010/02/07 12:08:52 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll [2010/02/07 12:08:52 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll [2010/02/07 12:08:52 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll [2010/02/07 12:08:52 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll [2010/02/07 12:08:52 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll [2010/02/07 12:08:52 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll [2010/02/07 12:08:52 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll [2010/02/07 12:08:52 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll [2010/02/07 12:08:52 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll [2010/02/07 12:08:52 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll [2010/02/07 12:08:52 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll [2010/02/07 12:08:52 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll [2010/02/07 12:08:52 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll [2010/02/07 12:08:51 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll [2010/02/07 12:08:51 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll [2010/02/07 12:08:51 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll [2010/02/07 12:08:51 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll [2010/02/07 12:08:50 \| 000,008,192 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll [2010/02/07 12:08:50 \| 000,008,192 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll [2010/02/07 12:08:50 \| 000,006,656 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll [2010/02/07 12:08:50 \| 000,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll [2010/02/07 12:08:50 \| 000,006,144 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll [2010/02/07 12:08:50 \| 000,006,144 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll [2010/02/07 12:08:50 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll [2010/02/07 12:08:50 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll [2010/02/07 12:08:50 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll [2010/02/07 12:08:50 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll [2010/02/07 12:08:50 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll [2010/02/07 12:08:50 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll [2010/02/07 12:08:50 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll [2010/02/07 12:08:50 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll [2010/02/07 12:08:49 \| 000,006,144 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll [2010/02/07 12:08:49 \| 000,006,144 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll [2010/02/07 12:08:49 \| 000,006,144 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll [2010/02/07 12:08:49 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll [2010/02/07 12:08:49 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll [2010/02/07 12:08:49 \| 000,006,144 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll [2010/02/07 12:08:49 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll [2010/02/07 12:08:49 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll [2010/02/07 12:08:49 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll [2010/02/07 12:08:49 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll [2010/02/07 12:08:47 \| 000,007,168 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll [2010/02/07 12:08:47 \| 000,007,168 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll [2010/02/07 12:08:47 \| 000,006,656 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll [2010/02/07 12:08:47 \| 000,006,656 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll [2010/02/07 12:08:47 \| 000,006,656 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll [2010/02/07 12:08:47 \| 000,006,656 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll [2010/02/07 12:08:47 \| 000,006,656 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll [2010/02/07 12:08:47 \| 000,006,656 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll [2010/02/07 12:08:47 \| 000,006,656 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll [2010/02/07 12:08:47 \| 000,006,656 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll [2010/02/07 12:08:47 \| 000,006,656 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL [2010/02/07 12:08:47 \| 000,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll [2010/02/07 12:08:47 \| 000,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll [2010/02/07 12:08:47 \| 000,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll [2010/02/07 12:08:47 \| 000,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll [2010/02/07 12:08:47 \| 000,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll [2010/02/07 12:08:47 \| 000,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll [2010/02/07 12:08:47 \| 000,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll [2010/02/07 12:08:47 \| 000,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll [2010/02/07 12:08:47 \| 000,006,656 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll [2010/02/07 12:08:47 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll [2010/02/07 12:08:47 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll [2010/02/07 12:08:47 \| 000,005,632 \| R--- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll [2010/02/07 12:08:47 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll [2010/02/07 12:08:47 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll [2010/02/07 12:08:47 \| 000,005,632 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll [2010/02/07 12:08:45 \| 000,176,157 \| ---- \| C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll [2010/02/07 12:08:45 \| 000,176,157 \| ---- \| C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll [2010/02/07 12:08:45 \| 000,103,424 \| ---- \| C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll [2010/02/07 12:08:45 \| 000,103,424 \| ---- \| C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll [2010/02/07 12:08:45 \| 000,085,020 \| ---- \| C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll [2010/02/07 12:08:45 \| 000,085,020 \| ---- \| C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll [2010/02/07 12:08:45 \| 000,024,661 \| ---- \| C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll [2010/02/07 12:08:45 \| 000,024,661 \| ---- \| C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll [2010/02/07 12:08:45 \| 000,013,312 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll [2010/02/07 12:08:45 \| 000,013,312 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll [2010/02/07 12:08:44 \| 000,126,912 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL [2010/02/07 12:08:44 \| 000,082,944 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL [2010/02/07 12:08:44 \| 000,024,064 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL [2010/02/07 12:08:44 \| 000,019,200 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL [2010/02/07 12:08:44 \| 000,013,600 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV [2010/02/07 12:08:44 \| 000,009,008 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL [2010/02/07 12:08:44 \| 000,005,120 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL [2010/02/07 12:08:44 \| 000,004,048 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV [2010/02/07 12:08:44 \| 000,003,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV [2010/02/07 12:08:44 \| 000,002,176 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV [2010/02/07 12:08:44 \| 000,002,032 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV [2010/02/07 12:08:44 \| 000,001,744 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV [2010/02/07 12:08:44 \| 000,001,152 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK [2010/02/07 12:08:43 \| 000,109,456 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL [2010/02/07 12:08:43 \| 000,073,376 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV [2010/02/07 12:08:43 \| 000,069,584 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL [2010/02/07 12:08:43 \| 000,032,816 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL [2010/02/07 12:08:43 \| 000,028,160 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV [2010/02/07 12:08:43 \| 000,025,264 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV [2010/02/07 12:08:43 \| 000,015,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE [2010/02/07 12:08:43 \| 000,015,360 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe [2010/02/07 12:08:43 \| 000,009,936 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL [2010/02/07 12:08:43 \| 000,002,000 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV [2010/02/07 12:08:42 \| 000,146,432 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv [2010/02/07 12:08:42 \| 000,068,768 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System\MMSYSTEM.DLL [2010/02/07 12:08:42 \| 000,008,704 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll [2010/02/07 12:08:41 \| 000,074,752 \| ---- \| C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll [2010/02/07 12:08:39 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\All Users\Start Menu [2010/02/07 12:08:39 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\All Users\Documents [2010/02/07 12:08:39 \| 000,000,000 \| -H-D \| C] -- C:\Documents and Settings\All Users\Templates [2010/02/07 12:08:39 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Favorites [2010/02/07 12:08:39 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Desktop [2010/02/07 12:08:31 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\CatRoot2 [2010/02/07 12:08:31 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\CatRoot [2010/02/07 12:08:26 \| 000,000,000 \| --SD \| C] -- C:\Documents and Settings\All Users\Application Data\Microsoft [2010/02/07 12:08:26 \| 000,000,000 \| RH-D \| C] -- C:\Documents and Settings\All Users\Application Data [2010/02/07 12:08:09 \| 000,000,000 \| -HSD \| C] -- C:\System Volume Information [2010/02/07 12:08:09 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings [2010/02/07 12:03:15 \| 000,000,000 \| R-SD \| C] -- C:\WINDOWS\Fonts [2010/02/07 12:03:15 \| 000,000,000 \| RHSD \| C] -- C:\WINDOWS\System32\dllcache [2010/02/07 12:03:15 \| 000,000,000 \| R--D \| C] -- C:\WINDOWS\Web [2010/02/07 12:03:15 \| 000,000,000 \| -H-D \| C] -- C:\WINDOWS\inf [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\WinSxS [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\wins [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\wbem [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\usmt [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\twain_32 [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Temp [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\system32 [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\system [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\spool [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\ShellExt [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\Setup [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\security [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Resources [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\repair [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\ras [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Provisioning [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\PeerNet [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\pchealth [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\oobe [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\npp [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\mui [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\mui [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\msapps [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\msagent [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Media [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\java [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\inetsrv [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\IME [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\ime [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\icsxml [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\ias [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Help [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\export [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\drivers\etc [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\ehome [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\drivers [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Driver Cache [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\drivers\disdn [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\dhcp [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\dell [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Debug [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Cursors [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Connection Wizard [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\config [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Config [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\AppPatch [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\addins [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\3com_dmi [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\3076 [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\2052 [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1054 [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1042 [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1041 [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1037 [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1033 [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1031 [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1028 [2010/02/07 12:03:15 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\System32\1025 ========== Files - Modified Within 30 Days ========== [2010/03/08 17:31:24 \| 000,002,335 \| ---- \| M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk [2010/03/08 17:31:22 \| 000,002,206 \| ---- \| M] () -- C:\WINDOWS\System32\wpa.dbl [2010/03/08 17:17:40 \| 000,000,006 \| -H-- \| M] () -- C:\WINDOWS\tasks\SA.DAT [2010/03/08 17:17:38 \| 000,002,048 \| --S- \| M] () -- C:\WINDOWS\bootstat.dat [2010/03/08 00:17:19 \| 001,835,008 \| -H-- \| M] () -- C:\Documents and Settings\jzeng\NTUSER.DAT [2010/03/08 00:17:18 \| 000,000,178 \| -HS- \| M] () -- C:\Documents and Settings\jzeng\ntuser.ini [2010/03/08 00:17:11 \| 005,878,442 \| -H-- \| M] () -- C:\Documents and Settings\jzeng\Local Settings\Application Data\IconCache.db [2010/03/02 00:09:39 \| 000,551,424 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\jzeng\Desktop\OTL.exe [2010/03/01 23:57:29 \| 000,284,915 \| ---- \| M] () -- C:\Documents and Settings\jzeng\Desktop\gmer.zip [2010/03/01 23:11:59 \| 000,000,696 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010/03/01 23:11:00 \| 005,115,840 \| ---- \| M] (Malwarebytes Corporation ) -- C:\Documents and Settings\jzeng\Desktop\mbam-setup.exe [2010/03/01 23:09:14 \| 000,000,611 \| ---- \| M] () -- C:\Documents and Settings\jzeng\Desktop\NTREGOPT.lnk [2010/03/01 23:09:14 \| 000,000,592 \| ---- \| M] () -- C:\Documents and Settings\jzeng\Desktop\ERUNT.lnk [2010/03/01 23:09:03 \| 000,791,393 \| ---- \| M] (Lars Hederer ) -- C:\Documents and Settings\jzeng\Desktop\erunt_setup.exe [2010/03/01 23:06:40 \| 000,444,416 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\jzeng\Desktop\TFC.exe [2010/03/01 22:36:30 \| 000,001,734 \| ---- \| M] () -- C:\Documents and Settings\jzeng\Desktop\HijackThis.lnk [2010/02/23 23:43:32 \| 000,001,374 \| ---- \| M] () -- C:\WINDOWS\imsins.BAK [2010/02/18 22:29:22 \| 000,812,344 \| ---- \| M] (Trend Micro Inc.) -- C:\Documents and Settings\jzeng\Desktop\HJTInstall.exe [2010/02/11 19:27:00 \| 000,000,104 \| ---- \| M] () -- C:\Documents and Settings\jzeng\Desktop\Shortcut to Internet.lnk [2010/02/10 22:35:47 \| 000,000,000 \| ---- \| M] () -- C:\WINDOWS\vpc32.INI [2010/02/10 22:27:37 \| 000,064,848 \| ---- \| M] () -- C:\Documents and Settings\jzeng\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2010/02/09 00:11:58 \| 000,501,230 \| ---- \| M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/02/09 00:11:58 \| 000,441,124 \| ---- \| M] () -- C:\WINDOWS\System32\perfh009.dat [2010/02/09 00:11:58 \| 000,071,060 \| ---- \| M] () -- C:\WINDOWS\System32\perfc009.dat [2010/02/09 00:07:29 \| 000,259,840 \| ---- \| M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/02/08 19:19:11 \| 000,000,376 \| ---- \| M] () -- C:\WINDOWS\ODBC.INI [2010/02/08 17:37:55 \| 000,142,066 \| ---- \| M] () -- C:\WINDOWS\hpwins05.dat [2010/02/08 17:37:30 \| 000,000,658 \| ---- \| M] () -- C:\WINDOWS\win.ini [2010/02/08 17:34:52 \| 000,000,232 \| ---- \| M] () -- C:\WINDOWS\wininit.ini [2010/02/08 17:33:33 \| 000,001,808 \| ---- \| M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2010/02/08 17:32:33 \| 000,000,764 \| ---- \| M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010/02/08 17:32:02 \| 000,000,158 \| ---- \| M] () -- C:\WINDOWS\System32\AddPort.ini [2010/02/08 17:31:56 \| 000,000,828 \| ---- \| M] () -- C:\WINDOWS\hpntwksetup.ini [2010/02/08 17:24:31 \| 000,001,923 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Roxio Creator Home.lnk [2010/02/08 17:17:15 \| 000,001,565 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Quicken Home & Business 2010.lnk [2010/02/08 17:17:13 \| 000,000,120 \| ---- \| M] () -- C:\WINDOWS\QUICKEN.INI [2010/02/08 10:54:36 \| 000,000,456 \| -H-- \| M] () -- C:\IPH.PH [2010/02/08 10:54:31 \| 000,001,574 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\AIM.lnk [2010/02/08 10:52:26 \| 000,000,000 \| ---- \| M] () -- C:\WINDOWS\nsreg.dat [2010/02/08 10:52:21 \| 000,001,602 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2010/02/07 23:33:03 \| 000,000,000 \| ---- \| M] () -- C:\WINDOWS\ativpsrm.bin [2010/02/07 23:32:51 \| 000,023,392 \| ---- \| M] () -- C:\WINDOWS\System32\nscompat.tlb [2010/02/07 23:32:51 \| 000,016,832 \| ---- \| M] () -- C:\WINDOWS\System32\amcompat.tlb [2010/02/07 23:32:17 \| 000,000,000 \| -H-- \| M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2010/02/07 23:10:50 \| 000,316,640 \| ---- \| M] () -- C:\WINDOWS\WMSysPr9.prx [2010/02/07 23:05:39 \| 000,250,048 \| RHS- \| M] () -- C:\ntldr [2010/02/07 21:20:58 \| 000,001,734 \| ---- \| M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Acrobat 7.0 Professional.lnk [2010/02/07 20:26:55 \| 000,000,104 \| ---- \| M] () -- C:\Documents and Settings\jzeng\Desktop\My Computer.lnk [2010/02/07 20:25:36 \| 000,008,192 \| ---- \| M] () -- C:\WINDOWS\REGLOCS.OLD [2010/02/07 20:25:03 \| 000,000,261 \| ---- \| M] () -- C:\WINDOWS\System32\$winnt$.inf [2010/02/07 20:23:32 \| 000,002,577 \| ---- \| M] () -- C:\WINDOWS\System32\CONFIG.NT [2010/02/07 20:23:32 \| 000,000,000 \| RHS- \| M] () -- C:\MSDOS.SYS [2010/02/07 20:23:32 \| 000,000,000 \| RHS- \| M] () -- C:\IO.SYS [2010/02/07 20:23:32 \| 000,000,000 \| ---- \| M] () -- C:\WINDOWS\control.ini [2010/02/07 20:23:32 \| 000,000,000 \| ---- \| M] () -- C:\CONFIG.SYS [2010/02/07 20:23:32 \| 000,000,000 \| ---- \| M] () -- C:\AUTOEXEC.BAT [2010/02/07 20:23:25 \| 000,004,161 \| ---- \| M] () -- C:\WINDOWS\ODBCINST.INI [2010/02/07 20:22:55 \| 000,000,488 \| RH-- \| M] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2010/02/07 20:22:55 \| 000,000,488 \| RH-- \| M] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010/02/07 20:22:52 \| 000,000,749 \| RH-- \| M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010/02/07 20:22:52 \| 000,000,749 \| RH-- \| M] () -- C:\WINDOWS\WindowsShell.Manifest [2010/02/07 20:22:52 \| 000,000,749 \| RH-- \| M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010/02/07 20:22:52 \| 000,000,749 \| RH-- \| M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010/02/07 20:22:52 \| 000,000,749 \| RH-- \| M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010/02/07 20:22:52 \| 000,000,749 \| RH-- \| M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010/02/07 20:21:35 \| 000,021,640 \| ---- \| M] () -- C:\WINDOWS\System32\emptyregdb.dat [2010/02/07 20:21:33 \| 000,000,037 \| ---- \| M] () -- C:\WINDOWS\vbaddin.ini [2010/02/07 20:21:33 \| 000,000,036 \| ---- \| M] () -- C:\WINDOWS\vb.ini [2010/02/07 20:20:37 \| 000,000,211 \| -HS- \| M] () -- C:\boot.ini [2010/02/07 12:08:55 \| 000,000,231 \| ---- \| M] () -- C:\WINDOWS\system.ini ========== Files Created - No Company Name ========== [2010/03/01 23:57:25 \| 000,284,915 \| ---- \| C] () -- C:\Documents and Settings\jzeng\Desktop\gmer.zip [2010/03/01 23:11:59 \| 000,000,696 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2010/03/01 23:09:14 \| 000,000,611 \| ---- \| C] () -- C:\Documents and Settings\jzeng\Desktop\NTREGOPT.lnk [2010/03/01 23:09:14 \| 000,000,592 \| ---- \| C] () -- C:\Documents and Settings\jzeng\Desktop\ERUNT.lnk [2010/03/01 22:36:30 \| 000,001,734 \| ---- \| C] () -- C:\Documents and Settings\jzeng\Desktop\HijackThis.lnk [2010/02/11 19:27:00 \| 000,000,104 \| ---- \| C] () -- C:\Documents and Settings\jzeng\Desktop\Shortcut to Internet.lnk [2010/02/10 22:35:47 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\vpc32.INI [2010/02/08 17:33:33 \| 000,001,808 \| ---- \| C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2010/02/08 17:32:11 \| 000,077,824 \| R--- \| C] () -- C:\WINDOWS\System32\hpzids01.dll [2010/02/08 17:32:02 \| 000,000,158 \| ---- \| C] () -- C:\WINDOWS\System32\AddPort.ini [2010/02/08 17:31:01 \| 000,000,828 \| ---- \| C] () -- C:\WINDOWS\hpntwksetup.ini [2010/02/08 17:27:13 \| 000,001,121 \| ---- \| C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log [2010/02/08 17:27:12 \| 000,142,066 \| ---- \| C] () -- C:\WINDOWS\hpwins05.dat [2010/02/08 17:24:57 \| 000,001,109 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\PConfig.DCF [2010/02/08 17:24:57 \| 000,000,232 \| ---- \| C] () -- C:\WINDOWS\wininit.ini [2010/02/08 17:24:31 \| 000,001,923 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\Roxio Creator Home.lnk [2010/02/08 17:17:15 \| 000,001,565 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\Quicken Home & Business 2010.lnk [2010/02/08 17:16:47 \| 000,000,120 \| ---- \| C] () -- C:\WINDOWS\QUICKEN.INI [2010/02/08 10:54:31 \| 000,001,574 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\AIM.lnk [2010/02/08 10:54:19 \| 000,000,456 \| -H-- \| C] () -- C:\IPH.PH [2010/02/08 10:52:26 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\nsreg.dat [2010/02/08 10:52:21 \| 000,001,602 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2010/02/07 23:33:03 \| 000,000,000 \| ---- \| C] () -- C:\WINDOWS\ativpsrm.bin [2010/02/07 23:32:17 \| 000,000,000 \| -H-- \| C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf [2010/02/07 23:01:32 \| 000,613,334 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm [2010/02/07 23:01:32 \| 000,354,468 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav [2010/02/07 23:01:32 \| 000,343,204 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav [2010/02/07 23:01:32 \| 000,343,204 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav [2010/02/07 23:01:32 \| 000,172,196 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav [2010/02/07 23:01:32 \| 000,172,196 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav [2010/02/07 23:01:32 \| 000,172,196 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav [2010/02/07 23:01:32 \| 000,086,196 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav [2010/02/07 23:01:32 \| 000,086,180 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav [2010/02/07 23:01:32 \| 000,086,180 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav [2010/02/07 23:01:32 \| 000,069,612 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm [2010/02/07 23:01:32 \| 000,023,195 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm [2010/02/07 23:01:32 \| 000,017,272 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf [2010/02/07 23:01:32 \| 000,010,457 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta [2010/02/07 23:01:32 \| 000,008,677 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wm7.gif [2010/02/07 23:01:32 \| 000,007,892 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wm9.gif [2010/02/07 23:01:32 \| 000,007,636 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wm2.gif [2010/02/07 23:01:32 \| 000,007,369 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wm4.gif [2010/02/07 23:01:32 \| 000,006,769 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf [2010/02/07 23:01:32 \| 000,006,241 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wm3.gif [2010/02/07 23:01:32 \| 000,006,060 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wm6.gif [2010/02/07 23:01:32 \| 000,005,789 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wm1.gif [2010/02/07 23:01:32 \| 000,004,193 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wm8.gif [2010/02/07 23:01:32 \| 000,002,477 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wm5.gif [2010/02/07 23:01:32 \| 000,001,771 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wmptour.css [2010/02/07 23:01:32 \| 000,000,855 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf [2010/02/07 23:01:32 \| 000,000,420 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wmploc.js [2010/02/07 23:01:31 \| 000,300,969 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\viz.wmv [2010/02/07 23:01:31 \| 000,017,489 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\videobg.gif [2010/02/07 23:01:31 \| 000,005,290 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif [2010/02/07 23:01:31 \| 000,002,375 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif [2010/02/07 23:01:30 \| 000,572,557 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv [2010/02/07 23:01:30 \| 000,375,519 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv [2010/02/07 23:01:30 \| 000,077,307 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm [2010/02/07 23:01:30 \| 000,067,866 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\netwlan5.img [2010/02/07 23:01:30 \| 000,023,829 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif [2010/02/07 23:01:30 \| 000,022,060 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\npds.zip [2010/02/07 23:01:30 \| 000,003,187 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\tour.js [2010/02/07 23:01:30 \| 000,002,469 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\tplay.gif [2010/02/07 23:01:30 \| 000,002,450 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\tpause.gif [2010/02/07 23:01:30 \| 000,002,371 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif [2010/02/07 23:01:30 \| 000,001,398 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\taon.gif [2010/02/07 23:01:30 \| 000,001,380 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\taonh.gif [2010/02/07 23:01:30 \| 000,001,380 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\taoff.gif [2010/02/07 23:01:30 \| 000,001,367 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif [2010/02/07 23:01:30 \| 000,001,148 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\snd.htm [2010/02/07 23:01:30 \| 000,000,908 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\skins.inf [2010/02/07 23:01:30 \| 000,000,403 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip [2010/02/07 23:01:29 \| 000,457,607 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv [2010/02/07 23:01:29 \| 000,097,117 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\mplayer2.hlp [2010/02/07 23:01:29 \| 000,018,286 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf [2010/02/07 23:01:29 \| 000,002,778 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif [2010/02/07 23:01:29 \| 000,002,545 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif [2010/02/07 23:01:29 \| 000,001,885 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\mplayer2.cnt [2010/02/07 23:01:27 \| 000,005,971 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\events.js [2010/02/07 23:01:26 \| 000,381,425 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv [2010/02/07 23:01:26 \| 000,129,045 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty [2010/02/07 23:01:26 \| 000,009,585 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\controls.css [2010/02/07 23:01:26 \| 000,008,298 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\contents.htm [2010/02/07 23:01:26 \| 000,006,878 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\controls.js [2010/02/07 23:01:26 \| 000,000,773 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\cnth.gif [2010/02/07 23:01:26 \| 000,000,773 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\cnt.gif [2010/02/07 23:01:26 \| 000,000,772 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\cntd.gif [2010/02/07 23:01:26 \| 000,000,760 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif [2010/02/07 23:01:26 \| 000,000,717 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif [2010/02/07 23:01:25 \| 000,000,999 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif [2010/02/07 23:01:05 \| 000,064,352 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod [2010/02/07 21:20:58 \| 000,002,335 \| ---- \| C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk [2010/02/07 21:20:58 \| 000,001,734 \| ---- \| C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Acrobat 7.0 Professional.lnk [2010/02/07 21:15:47 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\ODBC.INI [2010/02/07 21:13:15 \| 000,200,704 \| ---- \| C] () -- C:\WINDOWS\System32\UpdateDriver.exe [2010/02/07 21:13:14 \| 000,005,224 \| ---- \| C] () -- C:\WINDOWS\System32\ucuiinfo.ini [2010/02/07 21:07:10 \| 001,158,818 \| ---- \| C] () -- C:\WINDOWS\System32\korwbrkr.lex [2010/02/07 21:07:10 \| 001,158,818 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2010/02/07 21:07:10 \| 000,002,060 \| ---- \| C] () -- C:\WINDOWS\System32\noise.jpn [2010/02/07 21:07:10 \| 000,001,486 \| ---- \| C] () -- C:\WINDOWS\System32\noise.kor [2010/02/07 21:07:05 \| 000,211,938 \| ---- \| C] () -- C:\WINDOWS\System32\lcphrase.tbl [2010/02/07 21:07:05 \| 000,146,126 \| ---- \| C] () -- C:\WINDOWS\System32\array30.tab [2010/02/07 21:07:05 \| 000,116,285 \| ---- \| C] () -- C:\WINDOWS\System32\msdayi.tbl [2010/02/07 21:07:05 \| 000,110,566 \| ---- \| C] () -- C:\WINDOWS\System32\arphr.tbl [2010/02/07 21:07:05 \| 000,044,370 \| ---- \| C] () -- C:\WINDOWS\System32\acode.tbl [2010/02/07 21:07:05 \| 000,044,370 \| ---- \| C] () -- C:\WINDOWS\System32\a234.tbl [2010/02/07 21:07:05 \| 000,043,242 \| ---- \| C] () -- C:\WINDOWS\System32\phoncode.tbl [2010/02/07 21:07:05 \| 000,024,114 \| ---- \| C] () -- C:\WINDOWS\System32\lcptr.tbl [2010/02/07 21:07:05 \| 000,018,600 \| ---- \| C] () -- C:\WINDOWS\System32\arrayhw.tab [2010/02/07 21:07:05 \| 000,016,312 \| ---- \| C] () -- C:\WINDOWS\System32\arptr.tbl [2010/02/07 21:07:05 \| 000,004,071 \| ---- \| C] () -- C:\WINDOWS\System32\phon.tbl [2010/02/07 21:07:05 \| 000,002,714 \| ---- \| C] () -- C:\WINDOWS\System32\phonptr.tbl [2010/02/07 21:07:05 \| 000,001,460 \| ---- \| C] () -- C:\WINDOWS\System32\a15.tbl [2010/02/07 21:07:05 \| 000,000,700 \| ---- \| C] () -- C:\WINDOWS\System32\dayiptr.tbl [2010/02/07 21:07:05 \| 000,000,520 \| ---- \| C] () -- C:\WINDOWS\System32\dayiphr.tbl [2010/02/07 21:07:04 \| 000,195,618 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls [2010/02/07 21:07:04 \| 000,195,618 \| ---- \| C] () -- C:\WINDOWS\System32\c_10002.nls [2010/02/07 21:07:04 \| 000,082,172 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls [2010/02/07 21:07:04 \| 000,082,172 \| ---- \| C] () -- C:\WINDOWS\System32\bopomofo.nls [2010/02/07 21:07:04 \| 000,066,728 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\big5.nls [2010/02/07 21:07:04 \| 000,066,728 \| ---- \| C] () -- C:\WINDOWS\System32\big5.nls [2010/02/07 21:07:04 \| 000,016,254 \| ---- \| C] () -- C:\WINDOWS\System32\PINTLPAE.HLP [2010/02/07 21:07:04 \| 000,014,821 \| ---- \| C] () -- C:\WINDOWS\System32\PINTLPAD.HLP [2010/02/07 21:07:01 \| 001,783,864 \| ---- \| C] () -- C:\WINDOWS\System32\WINPY.MB [2010/02/07 21:07:01 \| 001,564,868 \| ---- \| C] () -- C:\WINDOWS\System32\WINSP.MB [2010/02/07 21:07:01 \| 001,223,500 \| ---- \| C] () -- C:\WINDOWS\System32\WINZM.MB [2010/02/07 21:07:01 \| 000,083,748 \| ---- \| C] () -- C:\WINDOWS\System32\prcp.nls [2010/02/07 21:07:01 \| 000,083,748 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\prcp.nls [2010/02/07 21:07:01 \| 000,083,748 \| ---- \| C] () -- C:\WINDOWS\System32\prc.nls [2010/02/07 21:07:01 \| 000,083,748 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\prc.nls [2010/02/07 21:07:00 \| 000,173,602 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls [2010/02/07 21:07:00 \| 000,173,602 \| ---- \| C] () -- C:\WINDOWS\System32\c_10008.nls [2010/02/07 21:06:59 \| 000,134,339 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\imekr.lex [2010/02/07 21:06:58 \| 000,108,827 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\hanja.lex [2010/02/07 21:06:55 \| 000,189,986 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls [2010/02/07 21:06:55 \| 000,189,986 \| ---- \| C] () -- C:\WINDOWS\System32\c_1361.nls [2010/02/07 21:06:55 \| 000,177,698 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls [2010/02/07 21:06:55 \| 000,177,698 \| ---- \| C] () -- C:\WINDOWS\System32\c_10003.nls [2010/02/07 21:06:55 \| 000,047,066 \| ---- \| C] () -- C:\WINDOWS\System32\ksc.nls [2010/02/07 21:06:55 \| 000,047,066 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\ksc.nls [2010/02/07 21:06:52 \| 013,463,552 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2010/02/07 21:06:42 \| 000,180,770 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls [2010/02/07 21:06:42 \| 000,180,770 \| ---- \| C] () -- C:\WINDOWS\System32\c_20932.nls [2010/02/07 21:06:42 \| 000,180,258 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls [2010/02/07 21:06:42 \| 000,180,258 \| ---- \| C] () -- C:\WINDOWS\System32\c_20000.nls [2010/02/07 21:06:42 \| 000,177,698 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls [2010/02/07 21:06:42 \| 000,177,698 \| ---- \| C] () -- C:\WINDOWS\System32\c_20949.nls [2010/02/07 21:06:42 \| 000,173,602 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls [2010/02/07 21:06:42 \| 000,173,602 \| ---- \| C] () -- C:\WINDOWS\System32\c_20936.nls [2010/02/07 21:06:42 \| 000,173,568 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2010/02/07 21:06:42 \| 000,162,850 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls [2010/02/07 21:06:42 \| 000,162,850 \| ---- \| C] () -- C:\WINDOWS\System32\c_10001.nls [2010/02/07 21:06:42 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls [2010/02/07 21:06:42 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_21027.nls [2010/02/07 21:06:42 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls [2010/02/07 21:06:42 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_20290.nls [2010/02/07 21:06:42 \| 000,028,288 \| ---- \| C] () -- C:\WINDOWS\System32\xjis.nls [2010/02/07 21:06:42 \| 000,028,288 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\xjis.nls [2010/02/07 21:06:40 \| 000,175,104 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll [2010/02/07 21:06:38 \| 000,059,392 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2010/02/07 21:06:37 \| 000,196,665 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2010/02/07 21:06:31 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_864.nls [2010/02/07 21:06:31 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\c_864.nls [2010/02/07 21:06:31 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_720.nls [2010/02/07 21:06:31 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\c_720.nls [2010/02/07 21:06:31 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_708.nls [2010/02/07 21:06:31 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_708.nls [2010/02/07 21:06:31 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls [2010/02/07 21:06:31 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\C_28596.NLS [2010/02/07 21:06:31 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls [2010/02/07 21:06:31 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10004.nls [2010/02/07 21:06:29 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_862.nls [2010/02/07 21:06:29 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\c_862.nls [2010/02/07 21:06:29 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls [2010/02/07 21:06:29 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10005.nls [2010/02/07 21:06:27 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls [2010/02/07 21:06:27 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10021.nls [2010/02/07 21:04:45 \| 000,001,904 \| ---- \| C] () -- C:\WINDOWS\System32\SetupBD.din [2010/02/07 21:04:42 \| 000,002,889 \| ---- \| C] () -- C:\WINDOWS\System32\e1e5132.din [2010/02/07 20:26:55 \| 000,000,104 \| ---- \| C] () -- C:\Documents and Settings\jzeng\Desktop\My Computer.lnk [2010/02/07 20:26:17 \| 001,835,008 \| -H-- \| C] () -- C:\Documents and Settings\jzeng\NTUSER.DAT [2010/02/07 20:26:17 \| 000,000,178 \| -HS- \| C] () -- C:\Documents and Settings\jzeng\ntuser.ini [2010/02/07 20:25:36 \| 000,008,192 \| ---- \| C] () -- C:\WINDOWS\REGLOCS.OLD [2010/02/07 20:25:00 \| 000,002,048 \| --S- \| C] () -- C:\WINDOWS\bootstat.dat [2010/02/07 20:24:07 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_858.nls [2010/02/07 20:24:07 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_870.nls [2010/02/07 20:24:06 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls [2010/02/07 20:24:06 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls [2010/02/07 20:24:06 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls [2010/02/07 20:24:06 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls [2010/02/07 20:24:06 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls [2010/02/07 20:24:06 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls [2010/02/07 20:24:06 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls [2010/02/07 20:24:06 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls [2010/02/07 20:24:06 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls [2010/02/07 20:24:06 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls [2010/02/07 20:24:05 \| 000,187,938 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls [2010/02/07 20:24:05 \| 000,186,402 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls [2010/02/07 20:24:05 \| 000,185,378 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls [2010/02/07 20:24:05 \| 000,180,258 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls [2010/02/07 20:24:05 \| 000,173,602 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls [2010/02/07 20:24:05 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls [2010/02/07 20:24:05 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls [2010/02/07 20:24:05 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls [2010/02/07 20:24:05 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls [2010/02/07 20:24:05 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls [2010/02/07 20:24:05 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls [2010/02/07 20:24:05 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls [2010/02/07 20:24:05 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls [2010/02/07 20:24:05 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls [2010/02/07 20:24:05 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls [2010/02/07 20:24:05 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls [2010/02/07 20:24:05 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls [2010/02/07 20:24:04 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls [2010/02/07 20:24:04 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls [2010/02/07 20:24:04 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls [2010/02/07 20:24:04 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls [2010/02/07 20:24:04 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls [2010/02/07 20:24:04 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls [2010/02/07 20:24:04 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls [2010/02/07 20:24:04 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls [2010/02/07 20:24:04 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls [2010/02/07 20:24:04 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls [2010/02/07 20:23:32 \| 000,002,577 \| ---- \| C] () -- C:\WINDOWS\System32\CONFIG.NT [2010/02/07 20:23:32 \| 000,000,000 \| RHS- \| C] () -- C:\MSDOS.SYS [2010/02/07 20:23:32 \| 000,000,000 \| RHS- \| C] () -- C:\IO.SYS [2010/02/07 20:23:32 \| 000,000,000 \| ---- \| C] () -- C:\CONFIG.SYS [2010/02/07 20:23:32 \| 000,000,000 \| ---- \| C] () -- C:\AUTOEXEC.BAT [2010/02/07 20:23:30 \| 000,023,392 \| ---- \| C] () -- C:\WINDOWS\System32\nscompat.tlb [2010/02/07 20:23:30 \| 000,016,832 \| ---- \| C] () -- C:\WINDOWS\System32\amcompat.tlb [2010/02/07 20:23:29 \| 000,316,640 \| ---- \| C] () -- C:\WINDOWS\WMSysPr9.prx [2010/02/07 20:22:55 \| 000,000,488 \| RH-- \| C] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2010/02/07 20:22:55 \| 000,000,488 \| RH-- \| C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010/02/07 20:22:52 \| 000,000,749 \| RH-- \| C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010/02/07 20:22:52 \| 000,000,749 \| RH-- \| C] () -- C:\WINDOWS\WindowsShell.Manifest [2010/02/07 20:22:52 \| 000,000,749 \| RH-- \| C] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010/02/07 20:22:52 \| 000,000,749 \| RH-- \| C] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010/02/07 20:22:52 \| 000,000,749 \| RH-- \| C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010/02/07 20:22:52 \| 000,000,749 \| RH-- \| C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010/02/07 20:22:45 \| 004,399,505 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex [2010/02/07 20:22:23 \| 000,048,680 \| -HS- \| C] () -- C:\WINDOWS\winnt256.bmp [2010/02/07 20:22:23 \| 000,048,680 \| -HS- \| C] () -- C:\WINDOWS\winnt.bmp [2010/02/07 20:22:17 \| 000,000,984 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf [2010/02/07 20:21:35 \| 000,021,640 \| ---- \| C] () -- C:\WINDOWS\System32\emptyregdb.dat [2010/02/07 20:21:14 \| 000,065,978 \| ---- \| C] () -- C:\WINDOWS\Soap Bubbles.bmp [2010/02/07 20:21:14 \| 000,065,954 \| ---- \| C] () -- C:\WINDOWS\Prairie Wind.bmp [2010/02/07 20:21:14 \| 000,065,832 \| ---- \| C] () -- C:\WINDOWS\Santa Fe Stucco.bmp [2010/02/07 20:21:14 \| 000,026,680 \| ---- \| C] () -- C:\WINDOWS\River Sumida.bmp [2010/02/07 20:21:14 \| 000,026,582 \| ---- \| C] () -- C:\WINDOWS\Greenstone.bmp [2010/02/07 20:21:14 \| 000,017,362 \| ---- \| C] () -- C:\WINDOWS\Rhododendron.bmp [2010/02/07 20:21:14 \| 000,017,336 \| ---- \| C] () -- C:\WINDOWS\Gone Fishing.bmp [2010/02/07 20:21:14 \| 000,017,062 \| ---- \| C] () -- C:\WINDOWS\Coffee Bean.bmp [2010/02/07 20:21:14 \| 000,016,730 \| ---- \| C] () -- C:\WINDOWS\FeatherTexture.bmp [2010/02/07 20:21:14 \| 000,009,522 \| ---- \| C] () -- C:\WINDOWS\Zapotec.bmp [2010/02/07 20:21:14 \| 000,001,272 \| ---- \| C] () -- C:\WINDOWS\Blue Lace 16.bmp [2010/02/07 20:21:13 \| 000,093,702 \| ---- \| C] () -- C:\WINDOWS\System32\subrange.uce [2010/02/07 20:21:13 \| 000,060,458 \| ---- \| C] () -- C:\WINDOWS\System32\ideograf.uce [2010/02/07 20:21:13 \| 000,024,006 \| ---- \| C] () -- C:\WINDOWS\System32\gb2312.uce [2010/02/07 20:21:13 \| 000,022,984 \| ---- \| C] () -- C:\WINDOWS\System32\bopomofo.uce [2010/02/07 20:21:13 \| 000,016,740 \| ---- \| C] () -- C:\WINDOWS\System32\shiftjis.uce [2010/02/07 20:21:13 \| 000,012,876 \| ---- \| C] () -- C:\WINDOWS\System32\korean.uce [2010/02/07 20:21:13 \| 000,008,484 \| ---- \| C] () -- C:\WINDOWS\System32\kanji_2.uce [2010/02/07 20:21:13 \| 000,006,948 \| ---- \| C] () -- C:\WINDOWS\System32\kanji_1.uce [2010/02/07 20:21:11 \| 000,003,286 \| ---- \| C] () -- C:\WINDOWS\System32\tslabels.h [2010/02/07 20:21:11 \| 000,001,161 \| ---- \| C] () -- C:\WINDOWS\System32\usrlogon.cmd [2010/02/07 20:21:10 \| 000,000,768 \| ---- \| C] () -- C:\WINDOWS\System32\msdtcprf.h [2010/02/07 20:21:05 \| 000,063,488 \| ---- \| C] () -- C:\WINDOWS\System32\wmimgmt.msc [2010/02/07 12:09:00 \| 000,001,374 \| ---- \| C] () -- C:\WINDOWS\imsins.BAK [2010/02/07 12:08:56 \| 001,685,606 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\sam.spd [2010/02/07 12:08:56 \| 000,643,717 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa [2010/02/07 12:08:56 \| 000,605,050 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa [2010/02/07 12:08:56 \| 000,000,888 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\sam.sdf [2010/02/07 12:08:55 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls [2010/02/07 12:08:55 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_28603.nls [2010/02/07 12:08:53 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_857.nls [2010/02/07 12:08:53 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\c_857.nls [2010/02/07 12:08:53 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls [2010/02/07 12:08:53 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_28599.nls [2010/02/07 12:08:53 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls [2010/02/07 12:08:53 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10081.nls [2010/02/07 12:08:51 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls [2010/02/07 12:08:51 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\C_28595.NLS [2010/02/07 12:08:51 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls [2010/02/07 12:08:51 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10017.nls [2010/02/07 12:08:51 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls [2010/02/07 12:08:51 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10007.nls [2010/02/07 12:08:50 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_869.nls [2010/02/07 12:08:50 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\c_869.nls [2010/02/07 12:08:50 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_737.nls [2010/02/07 12:08:50 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\c_737.nls [2010/02/07 12:08:50 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_875.nls [2010/02/07 12:08:50 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_875.nls [2010/02/07 12:08:50 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls [2010/02/07 12:08:50 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\C_28597.NLS [2010/02/07 12:08:50 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls [2010/02/07 12:08:50 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10006.nls [2010/02/07 12:08:48 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_866.nls [2010/02/07 12:08:48 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\c_866.nls [2010/02/07 12:08:48 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_855.nls [2010/02/07 12:08:48 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\c_855.nls [2010/02/07 12:08:48 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls [2010/02/07 12:08:48 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\C_28594.NLS [2010/02/07 12:08:47 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_852.nls [2010/02/07 12:08:47 \| 000,066,594 \| ---- \| C] () -- C:\WINDOWS\System32\c_852.nls [2010/02/07 12:08:47 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls [2010/02/07 12:08:47 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10082.nls [2010/02/07 12:08:47 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls [2010/02/07 12:08:47 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10029.nls [2010/02/07 12:08:47 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls [2010/02/07 12:08:47 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_10010.nls [2010/02/07 12:08:45 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls [2010/02/07 12:08:45 \| 000,066,082 \| ---- \| C] () -- C:\WINDOWS\System32\c_20127.nls [2010/02/07 12:08:43 \| 000,001,688 \| ---- \| C] () -- C:\WINDOWS\System32\AUTOEXEC.NT [2010/02/07 12:08:38 \| 001,042,903 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT [2010/02/07 12:08:38 \| 000,797,189 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2010/02/07 12:08:38 \| 000,399,645 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2010/02/07 12:08:38 \| 000,037,484 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2010/02/07 12:08:38 \| 000,013,472 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2010/02/07 12:08:38 \| 000,008,574 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2010/02/07 12:08:38 \| 000,007,710 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2010/02/07 12:08:38 \| 000,007,334 \| ---- \| C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat [2010/02/07 12:08:08 \| 000,259,840 \| ---- \| C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/02/07 12:07:27 \| 000,000,211 \| -HS- \| C] () -- C:\boot.ini [2010/02/07 12:07:26 \| 000,000,261 \| ---- \| C] () -- C:\WINDOWS\System32\$winnt$.inf [2003/01/07 15:05:08 \| 000,002,695 \| ---- \| C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2001/07/07 03:00:00 \| 000,003,399 \| ---- \| C] () -- C:\WINDOWS\System32\hptcpmon.ini ========== LOP Check ========== [2010/02/08 10:54:31 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\AIM [2010/02/08 17:25:28 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\All Users\Application Data\Uninstall [2010/02/08 10:54:37 \| 000,000,000 \| ---D \| M] -- C:\Documents and Settings\jzeng\Application Data\acccore ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\.exe > < MD5 for: AGP440.SYS > [2004/08/03 21:00:00 \| 018,738,937 \| ---- \| M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2010/02/07 23:04:07 \| 023,852,652 \| ---- \| M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2010/02/07 23:04:07 \| 023,852,652 \| ---- \| M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008/04/13 10:36:38 \| 000,042,368 \| ---- \| M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008/04/13 10:36:38 \| 000,042,368 \| ---- \| M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys < MD5 for: ATAPI.SYS > [2004/08/03 21:00:00 \| 018,738,937 \| ---- \| M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2010/02/07 23:04:07 \| 023,852,652 \| ---- \| M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2010/02/07 23:04:07 \| 023,852,652 \| ---- \| M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008/04/13 10:40:30 \| 000,096,512 \| ---- \| M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008/04/13 10:40:30 \| 000,096,512 \| ---- \| M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004/08/03 21:00:00 \| 000,095,360 \| ---- \| M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys < MD5 for: EVENTLOG.DLL > [2008/04/13 16:11:53 \| 000,056,320 \| ---- \| M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008/04/13 16:11:53 \| 000,056,320 \| ---- \| M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll [2004/08/03 21:00:00 \| 000,055,808 \| ---- \| M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll < MD5 for: IASTOR.SYS > [2008/05/07 14:40:02 \| 000,317,976 \| ---- \| M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\WINDOWS\dell\iastor\iastor.sys [2008/05/07 14:40:02 \| 000,317,976 \| ---- \| M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\WINDOWS\system32\drivers\iaStor.sys < MD5 for: NETLOGON.DLL > [2008/04/13 16:12:01 \| 000,407,040 \| ---- \| M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008/04/13 16:12:01 \| 000,407,040 \| ---- \| M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll [2004/08/03 21:00:00 \| 000,407,040 \| ---- \| M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll < MD5 for: NVGTS.SYS > [2008/01/21 11:15:22 \| 000,102,400 \| ---- \| M] (NVIDIA Corporation) MD5=A0B3F3A5049931657164F0FFCF0B208E -- C:\WINDOWS\dell\nvraid\nvgts.sys < MD5 for: NVRD32.SYS > [2008/01/21 11:15:22 \| 000,128,000 \| ---- \| M] (NVIDIA Corporation) MD5=C9128FE14E5C1E55710781B5C276F2ED -- C:\WINDOWS\dell\nvraid\nvrd32.sys < MD5 for: SCECLI.DLL > [2004/08/03 21:00:00 \| 000,180,224 \| ---- \| M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [2008/04/13 16:12:05 \| 000,181,248 \| ---- \| M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008/04/13 16:12:05 \| 000,181,248 \| ---- \| M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll < MD5 for: SYMMPI.SYS > [2007/02/09 22:06:00 \| 000,100,096 \| ---- \| M] (LSI Logic) MD5=A42F863305943869BA00A613C8EE8C7E -- C:\WINDOWS\dell\symmpi\symmpi.sys < %systemroot%\. /mp /s > < %systemroot%\system32\.dll /lockedfiles > < %systemroot%\Tasks\.job /lockedfiles > < %systemroot%\system32\drivers\.sys /lockedfiles > < %systemroot%\System32\config\.sav > [2010/02/07 12:07:27 \| 000,094,208 \| ---- \| M] () -- C:\WINDOWS\system32\config\default.sav [2010/02/07 12:07:27 \| 000,659,456 \| ---- \| M] () -- C:\WINDOWS\system32\config\software.sav [2010/02/07 12:07:27 \| 000,909,312 \| ---- \| M] () -- C:\WINDOWS\system32\config\system.sav < End of report >

ken545 View Member Profile	Mar 8 2010, 07:53 PM Post #6
Forum God Group: Classroom Teacher Posts: 18,751 Joined: 3-December 04 From: Stamford, Connecticut Member No.: 19,436 Operating System: Win 7 Ultimate Win Xp Home SP3	OTL is a pretty extensive log to look over, in the meantime do this while I am looking over your log Please download ATF Cleaner by Atribune to your desktop. Double-click ATF-Cleaner.exe to run the program. Under Main choose: Select All Click the Empty Selected button. Your system may start up slower after running ATF Cleaner, this is expected but will be back to normal after the first or second boot up Please note: If you use online banking or are registered online with any other organizations, ensure you have memorized password and other personal information as removing cookies will temporarily disable the auto-login facility. Please download Malwarebytes from Here or Here Double-click mbam-setup.exe and follow the prompts to install the program. At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. If an update is found, it will download and install the latest version. Once the program has loaded, select Perform quick scan, then click Scan. When the scan is complete, click OK, then Show Results to view the results. Be sure that everything is checked, and click Remove Selected . When completed, a log will open in Notepad. Please save it to a convenient location and post the results. Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot. Post the report and also a new HJT log please

mojomojo View Member Profile	Mar 8 2010, 07:59 PM Post #7
New Member Group: Authentic Member Posts: 9 Joined: 2-March 10 Member No.: 91,128 Operating System: Windows XP PRO SP3	Ken, the Extras.Txt did not pop up and I tried to look for it but cannot find it. I knew I should of mentioned this but I'm not sure will it affect it. Before coming to whatthetech, I followed some similar steps on another forum and got both the OTL.Txt and Extras.Txt file created on 03/02/10, but the OTL was version 3.1.32.0 and I notice the one you asked to download is version 3.1.35.0 The other forum did not have any reply to my issue so that's why I'm here. So would it help if I post the other Extras.Txt log I have or can you direct me on how to find the Extras.Txt log that should have been created today? Also, should I still go ahead and run the ATF cleaner? Thanks.

mojomojo View Member Profile	Mar 9 2010, 01:39 AM Post #8
New Member Group: Authentic Member Posts: 9 Joined: 2-March 10 Member No.: 91,128 Operating System: Windows XP PRO SP3	Per your latest instructions, here are the logs: Malwarebytes' Anti-Malware 1.44 Database version: 3839 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 3/8/2010 11:28:34 PM mbam-log-2010-03-08 (23-28-34).txt Scan type: Quick Scan Objects scanned: 124555 Time elapsed: 2 minute(s), 36 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) HJT log.txt Logfile of random's system information tool 1.06 (written by random/random) Run by jzeng at 2010-03-08 23:38:02 Microsoft Windows XP Professional Service Pack 3 System drive C: has 229 GB (96%) free of 238 GB Total RAM: 2014 MB (65% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:38:03 PM, on 3/8/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\Program Files\AIM\aim.exe C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Documents and Settings\jzeng\Desktop\whatthetech\RSIT.exe C:\Program Files\Trend Micro\HijackThis\jzeng.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [F5D7050v3] C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [Aim] "C:\Program Files\AIM\aim.exe" /d locale=en-US O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- End of file - 6063 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14 225280] Locked [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-06-22 1044480] "IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-03 208952] "MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-03 59392] "PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168] "PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-03 455168] "F5D7050v3"=C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe [2007-10-30 1654784] "Acrobat Assistant 7.0"=C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2004-12-14 483328] ""= [] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152] "ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-07-19 52896] "vptray"=C:\PROGRA~1\SYMANT~1\VPTray.exe [2006-09-27 125168] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-01-07 429392] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Aim"=C:\Program Files\AIM\aim.exe [2009-12-01 3951976] "ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-09-11 218032] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] C:\Documents and Settings\All Users\Start Menu\Programs\Startup Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll [2009-05-16 155648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon] C:\WINDOWS\system32\NavLogon.dll [2006-09-27 43760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=255 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000" "C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe::Enabled:AIM" "D:\setup\HPZNET01.EXE"="D:\setup\HPZNET01.EXE::Enabled:hpznet01.exe" "D:\setup\HPONICIFS01.EXE"="D:\setup\HPONICIFS01.EXE::Enabled:hponicifs01.exe" "C:\WINDOWS\system32\spoolsv.exe"="C:\WINDOWS\system32\spoolsv.exe::Enabled:Spooler SubSystem App" "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe::Enabled:hpqtra08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe::Enabled:hpqste08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe::Enabled:hpofxm08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe::Enabled:hposfx08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe::Enabled:hposid01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe::Enabled:hpqscnvw.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe::Enabled:hpqkygrp.exe" "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe::Enabled:hpzwiz01.exe" "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe::Enabled:hpqphunl.exe" "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe::Enabled:hpqdia.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe::Enabled:hpqnrs08.exe" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" ======File associations====== .js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" ======List of files/folders created in the last 1 months====== 2010-03-07 23:58:22 ----D---- C:\rsit 2010-03-07 23:56:42 ----A---- C:\RootRepeal report 03-07-10 (23-56-42).txt 2010-03-07 23:55:58 ----A---- C:\RootRepeal report 03-07-10 (23-55-58).txt 2010-03-01 23:12:00 ----D---- C:\Documents and Settings\jzeng\Application Data\Malwarebytes 2010-03-01 23:11:56 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-03-01 23:11:55 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-03-01 23:10:12 ----D---- C:\WINDOWS\ERDNT 2010-03-01 23:09:14 ----D---- C:\Program Files\ERUNT 2010-02-23 23:43:27 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$ 2010-02-18 22:30:18 ----D---- C:\Program Files\Trend Micro 2010-02-15 23:14:32 ----D---- C:\Documents and Settings\All Users\Application Data\NOS 2010-02-15 17:12:42 ----A---- C:\WINDOWS\system32\ptpusb.dll 2010-02-15 17:12:41 ----A---- C:\WINDOWS\system32\ptpusd.dll 2010-02-11 19:16:51 ----D---- C:\WINDOWS\ie8updates 2010-02-11 19:16:33 ----D---- C:\WINDOWS\WBEM 2010-02-11 19:16:20 ----HDC---- C:\WINDOWS\ie8 2010-02-11 00:10:11 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$ 2010-02-11 00:10:08 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$ 2010-02-11 00:10:04 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$ 2010-02-11 00:09:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$ 2010-02-11 00:09:56 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$ 2010-02-11 00:09:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$ 2010-02-11 00:09:46 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$ 2010-02-11 00:09:41 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$ 2010-02-11 00:09:33 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$ 2010-02-10 22:35:47 ----A---- C:\WINDOWS\vpc32.INI 2010-02-10 22:31:42 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL 2010-02-10 22:31:26 ----A---- C:\WINDOWS\system32\capicom.dll 2010-02-10 22:31:25 ----D---- C:\Program Files\Symantec 2010-02-10 22:31:19 ----D---- C:\Program Files\Symantec AntiVirus 2010-02-10 22:31:19 ----D---- C:\Program Files\Common Files\Symantec Shared 2010-02-10 22:31:19 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec 2010-02-09 00:12:05 ----D---- C:\Program Files\MSXML 4.0 2010-02-09 00:10:29 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$ 2010-02-09 00:05:04 ----D---- C:\WINDOWS\system32\XPSViewer 2010-02-09 00:05:01 ----D---- C:\Program Files\MSBuild 2010-02-09 00:04:55 ----D---- C:\Program Files\Reference Assemblies 2010-02-09 00:04:40 ----N---- C:\WINDOWS\system32\xpssvcs.dll 2010-02-09 00:04:40 ----N---- C:\WINDOWS\system32\xpsshhdr.dll 2010-02-09 00:04:40 ----N---- C:\WINDOWS\system32\prntvpt.dll 2010-02-09 00:04:39 ----D---- C:\bbd1254a65b9d9e6a093f6dc ======List of files/folders modified in the last 1 months====== 2010-03-08 23:24:33 ----D---- C:\WINDOWS\Prefetch 2010-03-08 23:24:29 ----D---- C:\WINDOWS\system32\drivers 2010-03-08 23:21:30 ----D---- C:\WINDOWS\Temp 2010-03-08 00:17:19 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-03-07 00:39:50 ----D---- C:\WINDOWS\system32\CatRoot2 2010-03-02 00:06:09 ----SHD---- C:\WINDOWS\CSC 2010-03-01 23:11:55 ----RD---- C:\Program Files 2010-03-01 23:10:12 ----D---- C:\WINDOWS 2010-03-01 23:06:50 ----D---- C:\WINDOWS\system32 2010-02-25 00:34:06 ----SD---- C:\Documents and Settings\jzeng\Application Data\Microsoft 2010-02-24 17:50:57 ----HD---- C:\WINDOWS\inf 2010-02-23 23:43:37 ----RSHDC---- C:\WINDOWS\system32\dllcache 2010-02-23 23:43:34 ----HD---- C:\WINDOWS\$hf_mig$ 2010-02-23 23:43:32 ----A---- C:\WINDOWS\imsins.BAK 2010-02-18 22:17:25 ----SD---- C:\WINDOWS\Downloaded Program Files 2010-02-15 23:12:41 ----D---- C:\Documents and Settings\jzeng\Application Data\Adobe 2010-02-11 19:18:59 ----D---- C:\WINDOWS\Help 2010-02-11 19:18:59 ----D---- C:\Program Files\Internet Explorer 2010-02-11 19:16:36 ----D---- C:\WINDOWS\system32\config 2010-02-11 19:16:33 ----D---- C:\WINDOWS\system32\en-us 2010-02-11 19:16:30 ----D---- C:\WINDOWS\Media 2010-02-10 22:32:09 ----SHD---- C:\WINDOWS\Installer 2010-02-10 22:32:07 ----HD---- C:\Config.Msi 2010-02-10 22:31:20 ----D---- C:\Program Files\Common Files\Microsoft Shared 2010-02-10 22:31:19 ----D---- C:\Program Files\Common Files 2010-02-10 22:27:36 ----D---- C:\Documents and Settings\jzeng\Application Data\HP 2010-02-10 10:05:45 ----SHD---- C:\System Volume Information 2010-02-10 10:05:45 ----D---- C:\WINDOWS\system32\Restore 2010-02-09 11:23:41 ----D---- C:\WINDOWS\Microsoft.NET 2010-02-09 11:23:40 ----RSD---- C:\WINDOWS\assembly 2010-02-09 00:12:08 ----D---- C:\WINDOWS\WinSxS 2010-02-09 00:11:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-02-09 00:10:42 ----D---- C:\WINDOWS\system32\CatRoot 2010-02-09 00:04:59 ----RSD---- C:\WINDOWS\Fonts 2010-02-09 00:04:50 ----D---- C:\WINDOWS\system32\spool ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2007-07-23 30064] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [] R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352] R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592] R1 SAVRT;SAVRT; \??\C:\Program Files\Symantec AntiVirus\savrt.sys [] R1 SAVRTPEL;SAVRTPEL; \??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys [] R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [] R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2006-08-07 195776] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-02-07 20747] R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\Drivers\DLABMFSM.SYS [2007-07-23 37360] R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\Drivers\DLABOIOM.SYS [2007-07-23 32848] R2 DLADResM;DLADResM; C:\WINDOWS\System32\Drivers\DLADResM.SYS [2007-07-23 9104] R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\Drivers\DLAIFS_M.SYS [2007-07-23 108752] R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\Drivers\DLAOPIOM.SYS [2007-07-23 27216] R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\Drivers\DLAPoolM.SYS [2007-07-23 16304] R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\Drivers\DLAUDF_M.SYS [2007-07-23 98448] R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\Drivers\DLAUDFAM.SYS [2007-07-23 93552] R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2007-07-23 52000] R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2009-05-18 339456] R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-05-16 4069888] R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-04-13 254872] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [] R3 GTNDIS5;GTNDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\Belkin\F5D705~1\GTNDIS5.SYS [] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-03 12160] R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20100305.004\naveng.sys [] R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20100305.004\navex15.sys [] R3 RT73;Belkin Wireless 54G USB Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2007-10-02 451968] R3 StillCam;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-17 6784] R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS [] R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2006-08-07 24768] R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73472] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-05-16 602112] R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2006-07-19 192160] R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2006-07-19 169632] R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2006-09-27 31472] R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336] R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336] R2 SPBBCSvc;Symantec SPBBCSvc; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe [2006-04-11 1160848] R2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2006-09-27 1813232] S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-02-07 69632] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-09-02 2528960] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2006-09-27 116464] S3 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [2006-08-07 214720] S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-07-11 69632] S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF----------------- info.txt info.txt logfile of random's system information tool 1.06 2010-03-08 23:38:04 ======Uninstall list====== -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Acrobat 7.0 Professional-->msiexec /I {AC76BA86-1033-0000-7760-000000000002} Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe AIM 7-->C:\Program Files\AIM\uninst.exe ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean Belkin 54Mbps Wireless Network Adapter-->C:\Program Files\InstallShield Installation Information\{F3759A9F-7AFA-4FB4-8DF1-53F26B979DEE}\setup.exe -runfromtemp -l0x0009 -removeonly ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe" High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" Hotfix for Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe" HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat HP Officejet Pro All-In-One Series-->C:\Program Files\HP\Digital Imaging\{7729A02E-D1AD-4830-8FC5-11853500D90D}\setup\hpzscr01.exe -datfile hpwscr05.dat HP Photosmart Essential-->MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F} HP Software Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E} HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat Intel® PRO Network Connections Drivers-->Prounstl.exe LiveUpdate 3.1 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U Macromedia Dreamweaver 8-->MsiExec.exe /I{0837A661-FEC3-48B3-876C-91E7D32048A9} Macromedia Extension Manager-->MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Mozilla Firefox (3.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MPM-->MsiExec.exe /X{D48AD533-BAD5-469B-A9AA-272C6D80E70B} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} OCR Software by I.R.I.S 7.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat Quicken 2010-->MsiExec.exe /X{CCF6F57B-F6B4-4508-BF45-63AAC9DE416A} Real Alternative 1.9.0-->"C:\Program Files\Real Alternative\unins000.exe" Roxio Activation Module-->MsiExec.exe /I{07159635-9DFE-4105-BFC0-2817DB540C68} Roxio Creator Audio-->MsiExec.exe /I{83FFCFC7-88C6-41C6-8752-958A45325C82} Roxio Creator Copy-->MsiExec.exe /I{619CDD8A-14B6-43A1-AB6C-0F4EE48CE048} Roxio Creator Data-->MsiExec.exe /I{0D397393-9B50-4C52-84D5-77E344289F87} Roxio Creator DE-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C} Roxio Creator Tools-->MsiExec.exe /I{0394CDC8-FABD-4ED8-B104-03393876DFDF} Roxio Drag-to-Disc-->MsiExec.exe /I{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668} Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E} Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe" Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Security Update for Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe" Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe" Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe" Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Sonic CinePlayer Decoder Pack-->MsiExec.exe /I{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B} SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe" -l0x9 -removeonly Symantec AntiVirus-->MsiExec.exe /I{33CFCF98-F8D6-4549-B469-6F4295676D83} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe" Update for Windows Internet Explorer 8 (KB978506)-->"C:\WINDOWS\ie8updates\KB978506-IE8\spuninst\spuninst.exe" Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Update for Windows XP (KB978207)-->"C:\WINDOWS\$NtUninstallKB978207$\spuninst\spuninst.exe" Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" ======Hosts File====== 192.168.0.167 HP001E0BF69F8D ======Security center information====== AV: Symantec AntiVirus Corporate Edition ======System event log====== Computer Name: PRE Event Code: 1003 Message: Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001150C18AA4. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. Record Number: 514 Source Name: Dhcp Time Written: 20100207234616.000000-480 Event Type: warning User: Computer Name: PRE Event Code: 27 Message: Intel® 82566DM-2 Gigabit Network Connection Link has been disconnected. Record Number: 495 Source Name: e1express Time Written: 20100207234153.000000-480 Event Type: warning User: Computer Name: PRE Event Code: 20 Message: Printer Driver Samsung ML-1740 Series for Windows NT x86 Version-3 was added or updated. Files:- ssgb6.DLL, ssgb6ui.DLL, ssgb6.DLL, ssgb6SU.DLL, ssgb6UM.DLL, ssgb6en.DAT, ssgb6en.HLP, ssgb6en.HIN, ssgb6kr.DAT, ssgb6kr.HLP, ssgb6kr.HIN, ssgb6ct.DAT, ssgb6ct.HLP, ssgb6ct.HIN, ssgb6fn.DAT, ssgb6fn.HLP, ssgb6fn.HIN, ssgb6gr.DAT, ssgb6gr.HLP, ssgb6gr.HIN, ssgb6ru.DAT, ssgb6ru.HLP, ssgb6ru.HIN, ssgb6sp.DAT, ssgb6sp.HLP, ssgb6sp.HIN, ssgb6cp.DAT, ssgb6cp.HLP, ssgb6cp.HIN, ssgb6dt.DAT, ssgb6dt.HLP, ssgb6dt.HIN, ssgb6nr.DAT, ssgb6nr.HLP, ssgb6nr.HIN, ssgb6it.DAT, ssgb6it.HLP, ssgb6it.HIN, ssgb6pt.DAT, ssgb6pt.HLP, ssgb6pt.HIN, ssgb6sw.DAT, ssgb6sw.HLP, ssgb6sw.HIN, ssgb6dn.DAT, ssgb6dn.HLp, ssgb6dn.HIN, ssgb6fi.DAT, ssgb6fi.HLP, ssgb6fi.HIN, ssgb6hu.DAT, ssgb6hu.HLP, ssgb6hu.HIN, ssgb6po.DAT, ssgb6po.HLP, ssgb6po.HIN, ssgb6.VER. Record Number: 403 Source Name: Print Time Written: 20100207233203.000000-480 Event Type: warning User: NT AUTHORITY\SYSTEM Computer Name: PRE Event Code: 20 Message: Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 7 for Windows XP. Record Number: 369 Source Name: Windows Update Agent Time Written: 20100207232742.000000-480 Event Type: error User: Computer Name: PRE Event Code: 20 Message: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 8 for Windows XP. Record Number: 298 Source Name: Windows Update Agent Time Written: 20100207232322.000000-480 Event Type: error User: =====Application event log===== Computer Name: PRE Event Code: 1517 Message: Windows saved user PRE\jzeng registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account. Record Number: 835 Source Name: Userenv Time Written: 20100211193532.000000-480 Event Type: warning User: NT AUTHORITY\SYSTEM Computer Name: PRE Event Code: 1517 Message: Windows saved user PRE\jzeng registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account. Record Number: 826 Source Name: Userenv Time Written: 20100211192540.000000-480 Event Type: warning User: NT AUTHORITY\SYSTEM Computer Name: PRE Event Code: 1004 Message: Faulting application svchost.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x00dc5759. Record Number: 662 Source Name: Application Error Time Written: 20100210100526.000000-480 Event Type: error User: Computer Name: PRE Event Code: 1004 Message: Faulting application svchost.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x00dc5759. Record Number: 661 Source Name: Application Error Time Written: 20100210100519.000000-480 Event Type: error User: Computer Name: PRE Event Code: 1000 Message: Faulting application svchost.exe, version 5.1.2600.5512, faulting module unknown, version 0.0.0.0, fault address 0x00dc5759. Record Number: 418 Source Name: Application Error Time Written: 20100209104700.000000-480 Event Type: error User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel "PROCESSOR_REVISION"=0f0b "NUMBER_OF_PROCESSORS"=4 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\ -----------------EOF-----------------

ken545 View Member Profile	Mar 9 2010, 06:47 AM Post #9
Forum God Group: Classroom Teacher Posts: 18,751 Joined: 3-December 04 From: Stamford, Connecticut Member No.: 19,436 Operating System: Win 7 Ultimate Win Xp Home SP3	Hi, I am not looking at anything bad on your system, lets run a free online virus scanner. Please run this free online virus scanner from ESET Note: You will need to use Internet explorer for this scan Tick the box next to YES, I accept the Terms of Use. Click Start When asked, allow the activex control to install Click Start Make sure that the option Remove found threats is ticked, and the option Scan unwanted applications is checked Click Scan Wait for the scan to finish Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt Copy and paste that log as a reply to this topic

mojomojo View Member Profile	Mar 9 2010, 11:46 AM Post #10
New Member Group: Authentic Member Posts: 9 Joined: 2-March 10 Member No.: 91,128 Operating System: Windows XP PRO SP3	ESET LOG Thanks. ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=84aaa80ef2cc9041a47bd39fb49b2a47 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2010-03-09 05:44:42 # local_time=2010-03-09 09:44:42 (-0800, Pacific Standard Time) # country="United States" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=512 16777215 100 0 676945 676945 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=40022 # found=0 # cleaned=0 # scan_time=719

ken545 View Member Profile	Mar 9 2010, 12:07 PM Post #11
Forum God Group: Classroom Teacher Posts: 18,751 Joined: 3-December 04 From: Stamford, Connecticut Member No.: 19,436 Operating System: Win 7 Ultimate Win Xp Home SP3	Do you feel things are back to normal ?

mojomojo View Member Profile	Mar 9 2010, 12:45 PM Post #12
New Member Group: Authentic Member Posts: 9 Joined: 2-March 10 Member No.: 91,128 Operating System: Windows XP PRO SP3	Ken, initially pages do load faster, just like it normally should be and the WAITING FOR : ABOUT BLANK message doesn't flash by on the bottom left corner of the status bar.......but after 10 to 15mins of browsing the web, the pages start to load slow again and once again, I see the WAITING FOR : ABOUT BLANK, a blank page never shows or it may flash by so quickly I can't really see it. Also, as it pauses for a second or two WAITING FOR : ABOUT BLANK, then it also shows loading or downloading from Adyieldmanager.com, or Adserver, etc. I have a funny feeling there's something about this Adyieldmanager thing, do you know what is that and how I can remove it, or what other problem do you think it is? Thanks a million.

ken545 View Member Profile	Mar 9 2010, 02:15 PM Post #13
Forum God Group: Classroom Teacher Posts: 18,751 Joined: 3-December 04 From: Stamford, Connecticut Member No.: 19,436 Operating System: Win 7 Ultimate Win Xp Home SP3	Adyieldmanager.com and Adserver are just tracking cookies. Open Internet Explorer and go to Tools >Internet Options>General Page and under Browsing History, delete it all Then go to the Privacy Tab > Sites > Block and add these in admonitor.com admonitor.net yieldmanager.com OK you way out

mojomojo View Member Profile	Mar 9 2010, 09:38 PM Post #14
New Member Group: Authentic Member Posts: 9 Joined: 2-March 10 Member No.: 91,128 Operating System: Windows XP PRO SP3	Ken, I have added those sites to the block list and yet it still shows that it is loading something. Previous browsing experience never shows these signs, but now it seems like all the computers I use daily have the effects of waiting for about : blank, adyield, and etc, I sure don't know is it because of that that's why pages seem to load so slow or perhaps something else. I appreciate your time and efforts in assisting me with this issue, and if there's any other suggestion, please advise. Thanks again.

ken545 View Member Profile	Mar 10 2010, 03:12 AM Post #15
Forum God Group: Classroom Teacher Posts: 18,751 Joined: 3-December 04 From: Stamford, Connecticut Member No.: 19,436 Operating System: Win 7 Ultimate Win Xp Home SP3	When you open IE and you see what its trying to load on the bottom left, if those sites where added to the block list then they are trying to load but most likely are not successful. A lot of pages you surf to go out to other servers that may host something for that webpage, seeing other things trying to load on the bottom left is not necessarily bad. Open IE and go to Tools > Internet Options > Advanced Tab > Reset Internet Explorer Setting > Reset .....this will take about 30 seconds, when its done close IE and the reopen it and see if that fixed anything

« Next Oldest · Virus, Spyware & Malware Removal · Next Newest »

2 Pages

1 2 >

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Topic Title	Replies	Topic Starter	Views	Last Action
Virus, Spyware & Malware Removal Computer slow down and no net	0	ethycs	2,666	22nd August 2006 - 07:25 PM Last post by: ethycs
Virus, Spyware & Malware Removal Persistant About:blank & Sp Problem 12	17	NickArnold	4,466	26th March 2005 - 08:47 PM Last post by: LDTate
Virus, Spyware & Malware Removal No Yahoo Pages Load-none 12	27	-Slimdan-	4,503	22nd December 2003 - 12:10 AM Last post by: cnm
Virus, Spyware & Malware Removal Linklist.cc,about:blank	5	Cosmic Charlie	1,490	11th April 2004 - 04:57 PM Last post by: Daemon
Virus, Spyware & Malware Removal About:blank Hijack - Please Help!	14	melvindog	2,572	8th May 2004 - 11:01 AM Last post by: Daemon