Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

HACKTOOL VIRUS FOUND NEED HELP [RESOLVED]

Started by floss001 , Jul 28 2008 04:25 PM

  • This topic is locked This topic is locked

#31
floss001
Posted 04 September 2008 - 02:45 PM

floss001

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Hi

defrag took nearly 6 hours to complete. Chkdsk took about 3 hours yesterday. The mouse appears eratic and often becomes invisible despite updating drivers. Boot up takes 2 mins 26 secs and then icons don't always appear straight away. Even once icons appear programs are slow to open. Once everything is up and running then things can be OK and work quickly but then some internet browsers will freeze. Closing down open browsers can also be difficult and need to use task manager.
  • 0

Advertisements

#32
Essexboy
Posted 04 September 2008 - 03:18 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets have a look at what is running and how much RAM do you have on your system ?

Download OTViewIt to your desktop.
  • Close all windows and double click OTViewIt
  • Place a tick in the Scan all Users box
  • Click Run Scan and let the program run uninterrupted
  • On completion it will produce two logs on the Desktop, post the OTViewIt.txt and Extras.txt logs in your next post.

  • 0

#33
floss001
Posted 04 September 2008 - 03:33 PM

floss001

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
OTViewIt logfile created on: 09/04/2008 22:23:46 - Run 1
OTViewIt by OldTimer - Version 1.0.1.8 Folder = C:\Documents and Settings\Nij Vyas\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: MM/dd/yyyy

1023.22 Mb Total Physical Memory | 648.64 Mb Available Physical Memory | 63.39% Memory free
2.40 Gb Paging File | 2.15 Gb Available in Paging File | 89.45% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 56.78 Gb Free Space | 76.19% Space Free | Partition Type: NTFS
Drive D: | 298.09 Gb Total Space | 230.00 Gb Free Space | 77.16% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: NIJ-1AB4062F538
Current User Name: Nij Vyas
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Whitelist: On

===== Processes - Non-Microsoft Only =====

[06/24/2008 10:34 PM | 01,245,064 | ---- | M] () - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
[11/02/2007 01:10 PM | 00,071,168 | ---- | M] () - C:\WINDOWS\system32\LxrJD31s.exe
[01/31/2005 09:45 AM | 00,049,152 | ---- | M] (Ulead Systems, Inc.) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
[02/17/2006 12:19 PM | 00,139,264 | ---- | M] (OTi) - C:\WINDOWS\system32\UStorSrv.exe
[08/20/2008 03:23 PM | 00,652,528 | ---- | M] (eBay Inc.) - C:\Program Files\eBay\eBay Toolbar2\eBayTBDaemon.exe
[09/15/2004 12:37 AM | 02,256,896 | ---- | M] (GIANT Company Software inc.) - C:\Program Files\GIANT Company Software\Spam Inspector\siMain.exe
[08/03/2004 09:07 AM | 00,806,912 | ---- | M] (GIANT Company Software) - C:\Program Files\GIANT Company Software\Spam Inspector\siSpamFilterEngine.exe
[03/10/2002 09:31 PM | 01,560,576 | ---- | M] (Smokin' Software) - C:\Program Files\Password Manager\Password.exe

===== Win32 Services - Non-Microsoft Only =====

(FLEXnet Licensing Service) FLEXnet Licensing Service [On_Demand | Stopped]
[03/03/2008 08:04 PM | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

(LxrJD31s) Lexar JD31 [Auto | Running]
[11/02/2007 01:10 PM | 00,071,168 | ---- | M] () - C:\WINDOWS\system32\LxrJD31s.exe

(Symantec Core LC) Symantec Core LC [Auto | Running]
[06/24/2008 10:34 PM | 01,245,064 | ---- | M] () - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

(Symantec RemoteAssist) Symantec RemoteAssist [On_Demand | Stopped]
File not found - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe

(UleadBurningHelper) Ulead Burning Helper [Auto | Running]
[01/31/2005 09:45 AM | 00,049,152 | ---- | M] (Ulead Systems, Inc.) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

(UStorage Server Service) UStorage Server Service [Auto | Running]
[02/17/2006 12:19 PM | 00,139,264 | ---- | M] (OTi) - C:\WINDOWS\system32\UStorSrv.exe

===== Driver Services - Non-Microsoft Only =====

(GMSIPCI) GMSIPCI [On_Demand | Stopped]
File not found - E:\INSTALL\GMSIPCI.SYS

(k750bus) Sony Ericsson 750 driver (WDM) [On_Demand | Stopped]
[02/11/2005 11:19 AM | 00,055,216 | ---- | M] (MCCI) - C:\WINDOWS\system32\drivers\k750bus.sys

(LxrJD31d) LxrJD31d [Auto | Running]
[11/02/2007 01:10 PM | 00,069,824 | ---- | M] () - C:\WINDOWS\system32\drivers\LxrJD31d.sys

(RTL8023xp) Realtek 10/100/1000 PCI NIC Family NDIS XP Driver [On_Demand | Running]
[12/14/2006 09:44 AM | 00,085,120 | R--- | M] (Realtek Semiconductor Corporation ) - C:\WINDOWS\system32\drivers\Rtnicxp.sys

(s116bus) Sony Ericsson Device 116 driver (WDM) [On_Demand | Stopped]
[04/03/2007 01:57 PM | 00,083,336 | ---- | M] (MCCI Corporation) - C:\WINDOWS\system32\drivers\s116bus.sys

(s616bus) Sony Ericsson Device 616 driver (WDM) [On_Demand | Stopped]
[04/03/2007 01:59 PM | 00,083,208 | ---- | M] (MCCI Corporation) - C:\WINDOWS\system32\drivers\s616bus.sys

(s616mdfl) Sony Ericsson Device 616 USB WMC Modem Filter [On_Demand | Stopped]
[04/03/2007 01:59 PM | 00,015,112 | ---- | M] (MCCI Corporation) - C:\WINDOWS\system32\drivers\s616mdfl.sys

(s616mdm) Sony Ericsson Device 616 USB WMC Modem Driver [On_Demand | Stopped]
[04/03/2007 01:59 PM | 00,108,680 | ---- | M] (MCCI Corporation) - C:\WINDOWS\system32\drivers\s616mdm.sys

(s616mgmt) Sony Ericsson Device 616 USB WMC Device Management Drivers (WDM) [On_Demand | Stopped]
[04/03/2007 01:59 PM | 00,100,360 | ---- | M] (MCCI Corporation) - C:\WINDOWS\system32\drivers\s616mgmt.sys

(s616nd5) Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (NDIS) [On_Demand | Stopped]
[04/03/2007 01:59 PM | 00,023,176 | ---- | M] (MCCI Corporation) - C:\WINDOWS\system32\drivers\s616nd5.sys

(s616obex) Sony Ericsson Device 616 USB WMC OBEX Interface [On_Demand | Stopped]
[04/03/2007 01:59 PM | 00,098,568 | ---- | M] (MCCI Corporation) - C:\WINDOWS\system32\drivers\s616obex.sys

(s616unic) Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (WDM) [On_Demand | Stopped]
[04/03/2007 01:59 PM | 00,099,080 | ---- | M] (MCCI Corporation) - C:\WINDOWS\system32\drivers\s616unic.sys

(SASDIFSV) SASDIFSV [System | Running]
[08/19/2008 11:34 PM | 00,008,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) - C:\Program Files\SUPERAntiSpyware\sasdifsv.sys

(SASENUM) SASENUM [On_Demand | Stopped]
[08/19/2008 11:34 PM | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) - C:\Program Files\SUPERAntiSpyware\SASENUM.SYS

(SASKUTIL) SASKUTIL [System | Running]
[08/19/2008 11:34 PM | 00,055,024 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) - C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

(sptd) sptd [Boot | Running]
[06/04/2008 01:00 PM | 00,717,296 | ---- | M] () - C:\WINDOWS\system32\drivers\sptd.sys

(symsnap) Symantec Volume Snap Shot Driver [Boot | Stopped]
File not found - C:\WINDOWS\system32\DRIVERS\symsnap.sys

========== Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccApp" = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [01/26/2008 02:47 AM | 00,051,048 | ---- | M] (Symantec Corporation)
"NvCplDaemon" = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [04/19/2007 05:26 AM | 07,700,480 | ---- | M] (NVIDIA Corporation)
"osCheck" = "C:\Program Files\Norton AntiVirus\osCheck.exe" [02/07/2008 07:49 AM | 00,718,704 | ---- | M] (Symantec Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" =
"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" =
"run" = Reg Error: Value run does not exist or could not be read.

[HKEY_USERS\S-1-5-21-2025429265-884357618-839522115-1003\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"load" = Reg Error: Value load does not exist or could not be read.
"run" = Reg Error: Value run does not exist or could not be read.

========== Startup Folders ==========

[All Users Startup Folder - C:\Documents and Settings\All Users\Start Menu\Programs\Startup]

[Default User Startup Folder - C:\Documents and Settings\Default User\Start Menu\Programs\Startup]

[Nij Vyas Startup Folder - C:\Documents and Settings\Nij Vyas\Start Menu\Programs\Startup]

========== BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
HKLM CLSID: (Adobe PDF Reader Link Helper) - [10/23/2006 12:08 AM | 00,062,080 | ---- | M] (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22D8E815-4A5E-4DFB-845E-AAB64207F5BD}]
HKLM CLSID: (eBay Toolbar Helper) - [08/20/2008 03:23 PM | 00,562,416 | ---- | M] (eBay Inc.) C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
HKLM CLSID: (RealPlayer Download and Record Plugin for Internet Explorer) - [07/30/2008 11:48 PM | 00,308,856 | ---- | M] (RealPlayer) C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
HKLM CLSID: (EWPBrowseObject Class) - [06/09/2006 02:37 PM | 00,034,304 | ---- | M] () C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
HKLM CLSID: (Symantec Intrusion Prevention) - [09/03/2008 08:14 AM | 00,116,088 | ---- | M] (Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
HKLM CLSID: (SSVHelper Class) - [06/10/2008 04:27 AM | 00,509,328 | ---- | M] (Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

========== Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{327C2873-E90D-4c37-AA9D-10AC9BABA46C}"
HKLM CLSID: (Easy-WebPrint) - [06/09/2006 02:39 PM | 00,552,960 | ---- | M] () C:\Program Files\Canon\Easy-WebPrint\Toolband.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{92085AD4-F48A-450D-BD93-B28CC7DF67CE}"
HKLM CLSID: (eBay Toolbar) - [08/20/2008 03:23 PM | 00,562,416 | ---- | M] (eBay Inc.) C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"SITEguard"
HKLM CLSID: (Reg Error: Key does not exist or could not be opened.) - File not found Reg Error: Key does not exist or could not be opened.

========== AppInit_Dlls ==========

========== Shell Execute Hooks ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" =
HKLM CLSID: (SABShellExecuteHook Class) - [05/13/2008 10:13 AM | 00,077,824 | ---- | M] (SuperAdBlocker.com) C:\Program Files\SUPERAntiSpyware\SASSEH.DLL

========== HKLM Security Providers ==========

========== HKLM Winlogon Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell]
= Explorer.exe
>Explorer.exe - [04/14/2008 01:12 AM | 01,033,728 | ---- | M] (Microsoft Corporation) C:\WINDOWS\explorer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit]
= C:\WINDOWS\system32\userinit.exe,
>C:\WINDOWS\system32\userinit.exe - [04/14/2008 01:12 AM | 00,026,112 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\userinit.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UIHost]
= logonui.exe
>logonui.exe - [04/14/2008 01:12 AM | 00,514,560 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\logonui.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet]
= rundll32 shell32,Control_RunDLL "sysdm.cpl"
>rundll32 shell32 - [04/14/2008 01:12 AM | 08,461,312 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
>Control_RunDLL "sysdm.cpl" - [04/14/2008 01:12 AM | 00,300,544 | ---- | M] (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl

========== User's Winlogon Settings ==========

========== Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
"DllName" = C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [07/23/2008 04:28 PM | 00,352,256 | ---- | M] (SUPERAntiSpyware.com)

========== Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveAutoRun" = 67108863
"NoDriveTypeAutoRun" = 255
"NoDrives" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"legalnoticetext" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1
"DisableRegistryTools" = 0
"HideLegacyLogonScripts" = 0
"HideLogoffScripts" = 0
"RunLogonScriptSync" = 1
"RunStartupScriptSync" = 0
"HideStartupScripts" = 0

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145
"NoDrives" = 0

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"HideLegacyLogonScripts" = 0
"HideLogoffScripts" = 0
"RunLogonScriptSync" = 1
"RunStartupScriptSync" = 0
"HideStartupScripts" = 0
"disableregistrytools" = 0

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run]

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
Unable to open key or key not present!


[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
Unable to open key or key not present!


[HKEY_USERS\S-1-5-21-2025429265-884357618-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun" = 145
"NoDrives" = 0

[HKEY_USERS\S-1-5-21-2025429265-884357618-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\run]

[HKEY_USERS\S-1-5-21-2025429265-884357618-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"HideLegacyLogonScripts" = 0
"HideLogoffScripts" = 0
"RunLogonScriptSync" = 1
"RunStartupScriptSync" = 0
"HideStartupScripts" = 0
"disableregistrytools" = 0

========== Lsa Authentication Packages ==========

========== Lsa Security Packages ==========

========== Desktop Components ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"FriendlyName" = "My Current Home Page"
"Source" = "About:Home"
"SubscribedURL" = "About:Home"

========== Safeboot Options ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot]
"AlternateShell" = cmd.exe

========== Disabled MsConfig Items ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\ExpandFrom]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\ExpandTo]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state]
"system.ini" = 0
"win.ini" = 0
"bootini" = 0
"services" = 0
"startup" = 0

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[10/18/2007 11:42 PM | 00,000,000 | ---- | M] () C:\AUTOEXEC.BAT [ NTFS ]

========== MountPoints2 ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08eb6390-852e-11dc-a69f-0019db6c4d60}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1a24bb51-7dcc-11dc-862e-db25f8843eb1}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{21668145-cdcf-11dc-a7b4-0019db6c4d60}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{41c105f8-d974-11dc-a7cf-0019db6c4d60}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4a21760c-86dc-11dc-8bf5-0019db6c4d60}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{53df8bb4-8915-11dc-97c5-0019db6c4d60}\Shell]
"" = None

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{58de3132-8a22-11dc-90d7-0019db6c4d60}\Shell]
"" = None

========== DNS Name Servers ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{218F41A3-3B78-472E-8F92-85934DE51EBE}]
Servers: | Description: Sony Ericsson Device 616 USB Ethernet Emulation (NDIS 5)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{22673BC1-AC39-447D-B9E9-5FD3E9633C2A}]
Servers: | Description: 1394 Net Adapter

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{58180F86-696A-417A-B352-86BA571BB2A9}]
Servers: | Description: Realtek RTL8169/8110 Family Gigabit Ethernet NIC

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\{ADE17E5B-1BC4-4A30-BC0D-419FFCB17532}]
Servers: | Description:

========== Hosts File ==========

HOSTS File = (27 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost



========== Files/Folders - Created Within 30 days ==========

[08/26/2008 03:58 PM | ---D | C] - C:\fsaua.data
[09/03/2008 08:35 AM | -HSD | C] - C:\Config.Msi
[08/26/2008 06:40 PM | 00,000,717 | ---- | C] () - C:\WINDOWS\System32\dllcache\cloapp.gif
[08/26/2008 06:40 PM | 00,000,760 | ---- | C] () - C:\WINDOWS\System32\dllcache\cloapph.gif
[08/26/2008 06:40 PM | 00,000,772 | ---- | C] () - C:\WINDOWS\System32\dllcache\cntd.gif
[08/26/2008 06:40 PM | 00,000,773 | ---- | C] () - C:\WINDOWS\System32\dllcache\cnt.gif
[08/26/2008 06:40 PM | 00,000,773 | ---- | C] () - C:\WINDOWS\System32\dllcache\cnth.gif
[08/26/2008 06:40 PM | 00,000,999 | ---- | C] () - C:\WINDOWS\System32\dllcache\bktrh.gif
[08/26/2008 06:40 PM | 00,184,959 | ---- | C] () - C:\WINDOWS\System32\dllcache\compact.wmz
[08/26/2008 06:41 PM | 00,005,971 | ---- | C] () - C:\WINDOWS\System32\dllcache\events.js
[08/26/2008 06:41 PM | 00,006,878 | ---- | C] () - C:\WINDOWS\System32\dllcache\controls.js
[08/26/2008 06:41 PM | 00,008,298 | ---- | C] () - C:\WINDOWS\System32\dllcache\contents.htm
[08/26/2008 06:41 PM | 00,009,585 | ---- | C] () - C:\WINDOWS\System32\dllcache\controls.css
[08/26/2008 06:41 PM | 00,381,425 | ---- | C] () - C:\WINDOWS\System32\dllcache\copycd.wmv
[08/26/2008 06:42 PM | 00,094,208 | ---- | C] () - C:\WINDOWS\System32\dllcache\fpencode.dll
[08/26/2008 06:43 PM | 00,000,974 | ---- | C] () - C:\WINDOWS\System32\dllcache\pid.inf
[08/26/2008 06:43 PM | 00,627,200 | ---- | C] (Корпорация Майкрософт) - C:\WINDOWS\System32\dllcache\sprc0419.dll
[08/26/2008 06:44 PM | 00,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) - C:\WINDOWS\System32\dllcache\l3codeca.acm
[08/26/2008 06:45 PM | 00,457,607 | ---- | C] () - C:\WINDOWS\System32\dllcache\mdlib.wmv
[08/26/2008 06:46 PM | 00,001,885 | ---- | C] () - C:\WINDOWS\System32\dllcache\mplayer2.cnt
[08/26/2008 06:46 PM | 00,002,545 | ---- | C] () - C:\WINDOWS\System32\dllcache\mplogo.gif
[08/26/2008 06:46 PM | 00,002,778 | ---- | C] () - C:\WINDOWS\System32\dllcache\mplogoh.gif
[08/26/2008 06:46 PM | 00,018,286 | ---- | C] () - C:\WINDOWS\System32\dllcache\mplayer2.inf
[08/26/2008 06:46 PM | 00,097,117 | ---- | C] () - C:\WINDOWS\System32\dllcache\mplayer2.hlp
[08/26/2008 06:48 PM | 00,000,403 | ---- | C] () - C:\WINDOWS\System32\dllcache\npdrmv2.zip
[08/26/2008 06:48 PM | 00,022,060 | ---- | C] () - C:\WINDOWS\System32\dllcache\npds.zip
[08/26/2008 06:49 PM | 00,000,733 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst15.wpl
[08/26/2008 06:49 PM | 00,000,775 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst14.wpl
[08/26/2008 06:49 PM | 00,000,783 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst13.wpl
[08/26/2008 06:49 PM | 00,000,784 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst9.wpl
[08/26/2008 06:49 PM | 00,000,787 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst10.wpl
[08/26/2008 06:49 PM | 00,000,789 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst11.wpl
[08/26/2008 06:49 PM | 00,001,036 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst8.wpl
[08/26/2008 06:49 PM | 00,001,046 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst7.wpl
[08/26/2008 06:49 PM | 00,001,049 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst2.wpl
[08/26/2008 06:49 PM | 00,001,250 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst1.wpl
[08/26/2008 06:49 PM | 00,001,448 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst4.wpl
[08/26/2008 06:49 PM | 00,001,451 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst12.wpl
[08/26/2008 06:49 PM | 00,001,474 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst3.wpl
[08/26/2008 06:49 PM | 00,001,477 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst5.wpl
[08/26/2008 06:49 PM | 00,001,477 | ---- | C] () - C:\WINDOWS\System32\dllcache\plylst6.wpl
[08/26/2008 06:49 PM | 00,077,307 | ---- | C] () - C:\WINDOWS\System32\dllcache\plyr_err.chm
[08/26/2008 06:49 PM | 00,375,519 | ---- | C] () - C:\WINDOWS\System32\dllcache\nuskin.wmv
[08/26/2008 06:50 PM | 00,000,908 | ---- | C] () - C:\WINDOWS\System32\dllcache\skins.inf
[08/26/2008 06:50 PM | 00,029,184 | ---- | C] (Ricoh Co., Ltd.) - C:\WINDOWS\System32\dllcache\rw330ext.dll
[08/26/2008 06:50 PM | 00,066,725 | ---- | C] () - C:\WINDOWS\System32\dllcache\revert.wmz
[08/26/2008 06:50 PM | 00,086,016 | ---- | C] (Sipro Lab Telecom Inc.) - C:\WINDOWS\System32\dllcache\sl_anet.acm
[08/26/2008 06:50 PM | 00,572,557 | ---- | C] () - C:\WINDOWS\System32\dllcache\rtuner.wmv
[08/26/2008 06:51 PM | 00,001,148 | ---- | C] () - C:\WINDOWS\System32\dllcache\snd.htm
[08/26/2008 06:51 PM | 00,001,367 | ---- | C] () - C:\WINDOWS\System32\dllcache\taoffh.gif
[08/26/2008 06:51 PM | 00,001,380 | ---- | C] () - C:\WINDOWS\System32\dllcache\taoff.gif
[08/26/2008 06:51 PM | 00,001,380 | ---- | C] () - C:\WINDOWS\System32\dllcache\taonh.gif
[08/26/2008 06:51 PM | 00,001,398 | ---- | C] () - C:\WINDOWS\System32\dllcache\taon.gif
[08/26/2008 06:52 PM | 00,002,371 | ---- | C] () - C:\WINDOWS\System32\dllcache\tpauseh.gif
[08/26/2008 06:52 PM | 00,002,375 | ---- | C] () - C:\WINDOWS\System32\dllcache\tplayh.gif
[08/26/2008 06:52 PM | 00,002,450 | ---- | C] () - C:\WINDOWS\System32\dllcache\tpause.gif
[08/26/2008 06:52 PM | 00,002,469 | ---- | C] () - C:\WINDOWS\System32\dllcache\tplay.gif
[08/26/2008 06:52 PM | 00,003,187 | ---- | C] () - C:\WINDOWS\System32\dllcache\tour.js
[08/26/2008 06:52 PM | 00,005,290 | ---- | C] () - C:\WINDOWS\System32\dllcache\vidsamp.gif
[08/26/2008 06:52 PM | 00,017,489 | ---- | C] () - C:\WINDOWS\System32\dllcache\videobg.gif
[08/26/2008 06:52 PM | 00,023,829 | ---- | C] () - C:\WINDOWS\System32\dllcache\tourbg.gif
[08/26/2008 06:52 PM | 00,300,969 | ---- | C] () - C:\WINDOWS\System32\dllcache\viz.wmv
[08/26/2008 06:53 PM | 00,000,420 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmploc.js
[08/26/2008 06:53 PM | 00,000,855 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpocm.inf
[08/26/2008 06:53 PM | 00,001,771 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmptour.css
[08/26/2008 06:53 PM | 00,002,477 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm5.gif
[08/26/2008 06:53 PM | 00,004,193 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm8.gif
[08/26/2008 06:53 PM | 00,005,789 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm1.gif
[08/26/2008 06:53 PM | 00,006,060 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm6.gif
[08/26/2008 06:53 PM | 00,006,241 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm3.gif
[08/26/2008 06:53 PM | 00,006,769 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmfsdk.inf
[08/26/2008 06:53 PM | 00,007,369 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm4.gif
[08/26/2008 06:53 PM | 00,007,636 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm2.gif
[08/26/2008 06:53 PM | 00,007,892 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm9.gif
[08/26/2008 06:53 PM | 00,008,677 | ---- | C] () - C:\WINDOWS\System32\dllcache\wm7.gif
[08/26/2008 06:53 PM | 00,010,457 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmptour.hta
[08/26/2008 06:53 PM | 00,017,272 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmdm.inf
[08/26/2008 06:53 PM | 00,023,195 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmplay.chm
[08/26/2008 06:53 PM | 00,029,070 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmp.inf
[08/26/2008 06:53 PM | 00,067,374 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmplayer.adm
[08/26/2008 06:53 PM | 00,086,180 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud2.wav
[08/26/2008 06:53 PM | 00,086,180 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud4.wav
[08/26/2008 06:53 PM | 00,086,196 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud5.wav
[08/26/2008 06:53 PM | 00,172,196 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud3.wav
[08/26/2008 06:53 PM | 00,172,196 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud8.wav
[08/26/2008 06:53 PM | 00,172,196 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud9.wav
[08/26/2008 06:53 PM | 00,343,204 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud6.wav
[08/26/2008 06:53 PM | 00,343,204 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud7.wav
[08/26/2008 06:53 PM | 00,354,468 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmpaud1.wav
[08/26/2008 06:53 PM | 00,613,334 | ---- | C] () - C:\WINDOWS\System32\dllcache\wmplayer.chm
[09/02/2008 08:11 PM | 00,010,880 | ---- | C] (Aureal, Inc.) - C:\WINDOWS\System32\dllcache\admjoy.sys
[09/02/2008 08:11 PM | 00,020,160 | ---- | C] (ADMtek Incorporated) - C:\WINDOWS\System32\dllcache\adm8511.sys
[09/02/2008 08:11 PM | 00,061,440 | ---- | C] (Color Flatbed Scanner) - C:\WINDOWS\System32\dllcache\acerscad.dll
[09/02/2008 08:11 PM | 00,084,480 | ---- | C] (VIA Technologies, Inc.) - C:\WINDOWS\System32\dllcache\ac97via.sys
[09/02/2008 08:11 PM | 00,098,304 | ---- | C] (Aureal Semiconductor) - C:\WINDOWS\System32\dllcache\a3d.dll
[09/02/2008 08:11 PM | 00,148,352 | ---- | C] (3dfx Interactive, Inc.) - C:\WINDOWS\System32\dllcache\3dfxvsm.sys
[09/02/2008 08:11 PM | 00,297,728 | ---- | C] (Silicon Integrated Systems Corp.) - C:\WINDOWS\System32\dllcache\ac97sis.sys
[09/02/2008 08:11 PM | 00,462,848 | ---- | C] (Aureal Inc.) - C:\WINDOWS\System32\dllcache\a3dapi.dll
[09/02/2008 08:11 PM | 00,553,984 | ---- | C] (Aureal, Inc.) - C:\WINDOWS\System32\dllcache\adm8820.sys
[09/02/2008 08:11 PM | 00,584,448 | ---- | C] (Aureal, Inc.) - C:\WINDOWS\System32\dllcache\adm8810.sys
[09/02/2008 08:11 PM | 00,689,216 | ---- | C] (3dfx Interactive, Inc.) - C:\WINDOWS\System32\dllcache\3dfxvs.dll
[09/02/2008 08:11 PM | 00,747,392 | ---- | C] (Aureal, Inc.) - C:\WINDOWS\System32\dllcache\adm8830.sys
[09/02/2008 08:11 PM | 00,762,780 | ---- | C] (3Com, Inc.) - C:\WINDOWS\System32\dllcache\3cwmcru.sys
[09/02/2008 08:12 PM | 00,009,472 | ---- | C] () - C:\WINDOWS\System32\dllcache\ativmdcd.sys
[09/02/2008 08:12 PM | 00,010,240 | ---- | C] () - C:\WINDOWS\System32\dllcache\atipcxxx.sys
[09/02/2008 08:12 PM | 00,016,969 | ---- | C] (AmbiCom, Inc.) - C:\WINDOWS\System32\dllcache\amb8002.sys
[09/02/2008 08:12 PM | 00,017,152 | ---- | C] () - C:\WINDOWS\System32\dllcache\atitunep.sys
[09/02/2008 08:12 PM | 00,017,152 | ---- | C] () - C:\WINDOWS\System32\dllcache\atitvsnd.sys
[09/02/2008 08:12 PM | 00,019,456 | ---- | C] () - C:\WINDOWS\System32\dllcache\ativttxx.sys
[09/02/2008 08:12 PM | 00,023,552 | ---- | C] () - C:\WINDOWS\System32\dllcache\atixbar.sys
[09/02/2008 08:12 PM | 00,026,624 | ---- | C] () - C:\WINDOWS\System32\dllcache\ativxbar.sys
[09/02/2008 08:12 PM | 00,026,880 | ---- | C] () - C:\WINDOWS\System32\dllcache\atirtsnd.sys
[09/02/2008 08:12 PM | 00,036,128 | ---- | C] (3Dfx Interactive, Inc.) - C:\WINDOWS\System32\dllcache\banshee.sys
[09/02/2008 08:12 PM | 00,036,992 | ---- | C] (Aztech Systems Ltd) - C:\WINDOWS\System32\dllcache\aztw2320.sys
[09/02/2008 08:12 PM | 00,037,568 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\avmwan.sys
[09/02/2008 08:12 PM | 00,046,112 | ---- | C] (Adaptec, Inc ) - C:\WINDOWS\System32\dllcache\adptsf50.sys
[09/02/2008 08:12 PM | 00,046,464 | ---- | C] () - C:\WINDOWS\System32\dllcache\atibt829.sys
[09/02/2008 08:12 PM | 00,049,920 | ---- | C] () - C:\WINDOWS\System32\dllcache\atirtcap.sys
[09/02/2008 08:12 PM | 00,077,568 | ---- | C] (ATI Technologies, Inc.) - C:\WINDOWS\System32\dllcache\ati.sys
[09/02/2008 08:12 PM | 00,087,552 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\avmcoxp.dll
[09/02/2008 08:12 PM | 00,089,952 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\b1cbase.sys
[09/02/2008 08:12 PM | 00,097,354 | ---- | C] (Bay Networks, Inc.) - C:\WINDOWS\System32\dllcache\aspndis3.sys
[09/02/2008 08:12 PM | 00,144,384 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\avmenum.dll
[09/02/2008 08:12 PM | 00,342,336 | ---- | C] (3Dfx Interactive, Inc.) - C:\WINDOWS\System32\dllcache\banshee.dll
[09/02/2008 08:12 PM | 00,871,388 | ---- | C] (BCM) - C:\WINDOWS\System32\dllcache\bcmdm.sys
[09/02/2008 08:13 PM | 00,002,944 | ---- | C] (Brother Industries Ltd.) - C:\WINDOWS\System32\dllcache\brfilt.sys
[09/02/2008 08:13 PM | 00,003,168 | ---- | C] (Brother Industries Ltd.) - C:\WINDOWS\System32\dllcache\brparimg.sys
[09/02/2008 08:13 PM | 00,003,968 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brfiltup.sys
[09/02/2008 08:13 PM | 00,005,120 | ---- | C] (Brother Industries,Ltd.) - C:\WINDOWS\System32\dllcache\brscnrsm.dll
[09/02/2008 08:13 PM | 00,009,728 | ---- | C] (Brother Industries Ltd.) - C:\WINDOWS\System32\dllcache\brcoinst.dll
[09/02/2008 08:13 PM | 00,009,728 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brserif.dll
[09/02/2008 08:13 PM | 00,010,368 | ---- | C] (Brother Industries Ltd.) - C:\WINDOWS\System32\dllcache\brusbscn.sys
[09/02/2008 08:13 PM | 00,011,008 | ---- | C] (Brother Industries Ltd.) - C:\WINDOWS\System32\dllcache\brusbmdm.sys
[09/02/2008 08:13 PM | 00,012,160 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brfiltlo.sys
[09/02/2008 08:13 PM | 00,012,800 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brevif.dll
[09/02/2008 08:13 PM | 00,015,360 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brmfbidi.dll
[09/02/2008 08:13 PM | 00,019,456 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brbidiif.dll
[09/02/2008 08:13 PM | 00,029,696 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brmflpt.dll
[09/02/2008 08:13 PM | 00,031,529 | ---- | C] (BreezeCOM) - C:\WINDOWS\System32\dllcache\brzwlan.sys
[09/02/2008 08:13 PM | 00,032,256 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brmfrsmg.exe
[09/02/2008 08:13 PM | 00,032,256 | ---- | C] (Eicon Technology Corporation) - C:\WINDOWS\System32\dllcache\diapi2NT.dll
[09/02/2008 08:13 PM | 00,037,916 | ---- | C] (Fast Ethernet Controller Provider) - C:\WINDOWS\System32\dllcache\cb102.sys
[09/02/2008 08:13 PM | 00,039,552 | ---- | C] (Brother Industries Ltd.) - C:\WINDOWS\System32\dllcache\brparwdm.sys
[09/02/2008 08:13 PM | 00,041,472 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\brmfusb.dll
[09/02/2008 08:13 PM | 00,054,528 | ---- | C] (Philips Semiconductors GmbH) - C:\WINDOWS\System32\dllcache\cap7146.sys
[09/02/2008 08:13 PM | 00,060,416 | ---- | C] (Brother Industries Ltd.) - C:\WINDOWS\System32\dllcache\brserwdm.sys
[09/02/2008 08:13 PM | 00,164,923 | ---- | C] (Eicon Technology) - C:\WINDOWS\System32\dllcache\diapi2.sys
[09/02/2008 08:14 PM | 00,020,736 | ---- | C] (OMNIKEY AG) - C:\WINDOWS\System32\dllcache\cmbp0wdm.sys
[09/02/2008 08:14 PM | 00,021,530 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\ce2n5.sys
[09/02/2008 08:14 PM | 00,021,533 | ---- | C] (Compaq Computer Corporation) - C:\WINDOWS\System32\dllcache\cpqndis5.sys
[09/02/2008 08:14 PM | 00,022,044 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\cem28n5.sys
[09/02/2008 08:14 PM | 00,022,044 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\cem33n5.sys
[09/02/2008 08:14 PM | 00,027,164 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\ce3n5.sys
[09/02/2008 08:14 PM | 00,039,680 | ---- | C] (Silicom Ltd.) - C:\WINDOWS\System32\dllcache\cb325.sys
[09/02/2008 08:14 PM | 00,046,108 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\cben5.sys
[09/02/2008 08:14 PM | 00,049,182 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\cem56n5.sys
[09/02/2008 08:14 PM | 00,173,568 | ---- | C] () - C:\WINDOWS\System32\dllcache\chtskf.dll
[09/02/2008 08:14 PM | 00,272,640 | ---- | C] (RAVISENT Technologies Inc.) - C:\WINDOWS\System32\dllcache\cinemclc.sys
[09/02/2008 08:14 PM | 00,714,698 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\cbmdmkxx.sys
[09/02/2008 08:14 PM | 00,980,034 | ---- | C] (Xircom) - C:\WINDOWS\System32\dllcache\cicap.sys
[09/02/2008 08:15 PM | 00,003,072 | ---- | C] (Crystal Semiconductor Corp.) - C:\WINDOWS\System32\dllcache\cwbase.sys
[09/02/2008 08:15 PM | 00,003,072 | ---- | C] (Crystal Semiconductor Corp.) - C:\WINDOWS\System32\dllcache\cwbmidi.sys
[09/02/2008 08:15 PM | 00,003,584 | ---- | C] (Crystal Semiconductor Corp.) - C:\WINDOWS\System32\dllcache\cwcosnt5.sys
[09/02/2008 08:15 PM | 00,020,928 | ---- | C] (Digital Networks, LLC) - C:\WINDOWS\System32\dllcache\defpa.sys
[09/02/2008 08:15 PM | 00,024,648 | ---- | C] (D-Link) - C:\WINDOWS\System32\dllcache\dfe650.sys
[09/02/2008 08:15 PM | 00,024,649 | ---- | C] (D-Link) - C:\WINDOWS\System32\dllcache\dfe650d.sys
[09/02/2008 08:15 PM | 00,048,640 | ---- | C] (Crystal Semiconductor Corp.) - C:\WINDOWS\System32\dllcache\cwrwdm.sys
[09/02/2008 08:15 PM | 00,060,970 | ---- | C] (Compaq Computer Corp.) - C:\WINDOWS\System32\dllcache\cpqtrnd5.sys
[09/02/2008 08:15 PM | 00,072,832 | ---- | C] (Crystal Semiconductor Corp.) - C:\WINDOWS\System32\dllcache\cwbwdm.sys
[09/02/2008 08:15 PM | 00,093,952 | ---- | C] (Crystal Semiconductor Corp.) - C:\WINDOWS\System32\dllcache\cwcwdm.sys
[09/02/2008 08:15 PM | 00,111,872 | ---- | C] (Crystal Semiconductor Corp.) - C:\WINDOWS\System32\dllcache\cwcspud.sys
[09/02/2008 08:15 PM | 00,216,064 | ---- | C] (COMPAQ Inc.) - C:\WINDOWS\System32\dllcache\cpscan.dll
[09/02/2008 08:15 PM | 00,249,856 | ---- | C] (Comtrol® Corporation) - C:\WINDOWS\System32\dllcache\ctmasetp.dll
[09/02/2008 08:16 PM | 00,006,216 | ---- | C] () - C:\WINDOWS\System32\dllcache\divaci.dll
[09/02/2008 08:16 PM | 00,006,729 | ---- | C] (Eicon Technology) - C:\WINDOWS\System32\dllcache\disrvci.dll
[09/02/2008 08:16 PM | 00,026,698 | ---- | C] (D-Link Corporation) - C:\WINDOWS\System32\dllcache\dlh5xnd5.sys
[09/02/2008 08:16 PM | 00,028,062 | ---- | C] (National Semiconductor Coproration) - C:\WINDOWS\System32\dllcache\dp83820.sys
[09/02/2008 08:16 PM | 00,029,696 | ---- | C] (CNet Technology, Inc. ) - C:\WINDOWS\System32\dllcache\dm9pci5.sys
[09/02/2008 08:16 PM | 00,029,768 | ---- | C] () - C:\WINDOWS\System32\dllcache\divasu.dll
[09/02/2008 08:16 PM | 00,031,305 | ---- | C] (Eicon Technology) - C:\WINDOWS\System32\dllcache\disrvpp.dll
[09/02/2008 08:16 PM | 00,037,962 | ---- | C] () - C:\WINDOWS\System32\dllcache\divaprop.dll
[09/02/2008 08:16 PM | 00,038,985 | ---- | C] (Eicon Technology) - C:\WINDOWS\System32\dllcache\disrvsu.dll
[09/02/2008 08:16 PM | 00,091,305 | ---- | C] (Eicon Technology) - C:\WINDOWS\System32\dllcache\dimaint.sys
[09/02/2008 08:16 PM | 00,236,060 | ---- | C] (Eicon Technology) - C:\WINDOWS\System32\dllcache\ditrace.exe
[09/02/2008 08:16 PM | 00,334,208 | ---- | C] (Yamaha Corp.) - C:\WINDOWS\System32\dllcache\ds1wdm.sys
[09/02/2008 08:16 PM | 00,952,007 | ---- | C] (Eicon Technology) - C:\WINDOWS\System32\dllcache\diwan.sys
[09/02/2008 08:17 PM | 00,072,192 | ---- | C] (ESS Technology Inc.) - C:\WINDOWS\System32\dllcache\es1969.sys
[09/02/2008 08:18 PM | 00,011,850 | ---- | C] (FUJITSU LIMITED) - C:\WINDOWS\System32\dllcache\f3ab18xj.sys
[09/02/2008 08:18 PM | 00,012,362 | ---- | C] (FUJITSU LIMITED) - C:\WINDOWS\System32\dllcache\f3ab18xi.sys
[09/02/2008 08:18 PM | 00,024,618 | ---- | C] (NETGEAR) - C:\WINDOWS\System32\dllcache\fa410nd5.sys
[09/02/2008 08:18 PM | 00,027,165 | ---- | C] (VIA Technologies, Inc. ) - C:\WINDOWS\System32\dllcache\fetnd5.sys
[09/02/2008 08:18 PM | 00,031,744 | ---- | C] (SEIKO EPSON CORP.) - C:\WINDOWS\System32\dllcache\esucmd.dll
[09/02/2008 08:18 PM | 00,034,173 | ---- | C] (Marconi Communications, Inc.) - C:\WINDOWS\System32\dllcache\forehe.sys
[09/02/2008 08:18 PM | 00,034,816 | ---- | C] (SEIKO EPSON CORP.) - C:\WINDOWS\System32\dllcache\esuimg.dll
[09/02/2008 08:18 PM | 00,043,008 | ---- | C] (SEIKO EPSON CORP.) - C:\WINDOWS\System32\dllcache\esucm.dll
[09/02/2008 08:18 PM | 00,045,056 | ---- | C] (SEIKO EPSON CORP.) - C:\WINDOWS\System32\dllcache\esunid.dll
[09/02/2008 08:18 PM | 00,045,568 | ---- | C] (SEIKO EPSON CORP.) - C:\WINDOWS\System32\dllcache\esuni.dll
[09/02/2008 08:18 PM | 00,045,568 | ---- | C] (SEIKO EPSON CORP.) - C:\WINDOWS\System32\dllcache\esunib.dll
[09/02/2008 08:18 PM | 00,057,856 | ---- | C] (SEIKO EPSON CORP.) - C:\WINDOWS\System32\dllcache\esuimgd.dll
[09/02/2008 08:18 PM | 00,441,728 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\fpcmbase.sys
[09/02/2008 08:18 PM | 00,442,240 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\fpnpbase.sys
[09/02/2008 08:18 PM | 00,444,416 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\fpcibase.sys
[09/02/2008 08:18 PM | 00,455,296 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\fusbbase.sys
[09/02/2008 08:18 PM | 00,455,680 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\fus2base.sys
[09/02/2008 08:19 PM | 00,017,408 | ---- | C] (Gemplus) - C:\WINDOWS\System32\dllcache\gpr400.sys
[09/02/2008 08:19 PM | 00,028,288 | ---- | C] (Gemplus) - C:\WINDOWS\System32\dllcache\grserial.sys
[09/02/2008 08:19 PM | 00,082,304 | ---- | C] (Gemplus) - C:\WINDOWS\System32\dllcache\grclass.sys
[09/02/2008 08:19 PM | 00,083,968 | ---- | C] () - C:\WINDOWS\System32\dllcache\hpgt21.dll
[09/02/2008 08:19 PM | 00,089,088 | ---- | C] () - C:\WINDOWS\System32\dllcache\hpgt33.dll
[09/02/2008 08:19 PM | 00,101,376 | ---- | C] () - C:\WINDOWS\System32\dllcache\hpgt34.dll
[09/02/2008 08:19 PM | 00,108,827 | ---- | C] () - C:\WINDOWS\System32\dllcache\hanja.lex
[09/02/2008 08:19 PM | 00,126,976 | ---- | C] (Hewlett Packard) - C:\WINDOWS\System32\dllcache\hpgt34tk.dll
[09/02/2008 08:19 PM | 00,454,912 | ---- | C] (AVM GmbH) - C:\WINDOWS\System32\dllcache\fxusbase.sys
[09/02/2008 08:20 PM | 00,068,608 | ---- | C] (Avisioin) - C:\WINDOWS\System32\dllcache\hpgt53tk.dll
[09/02/2008 08:20 PM | 00,093,696 | ---- | C] () - C:\WINDOWS\System32\dllcache\hpgt42.dll
[09/02/2008 08:20 PM | 00,165,888 | ---- | C] () - C:\WINDOWS\System32\dllcache\hpgt53.dll
[09/02/2008 08:21 PM | 13,463,552 | ---- | C] () - C:\WINDOWS\System32\dllcache\hwxjpn.dll
[09/02/2008 08:24 PM | 00,059,392 | ---- | C] () - C:\WINDOWS\System32\dllcache\imscinst.exe
[09/02/2008 08:24 PM | 00,134,339 | ---- | C] () - C:\WINDOWS\System32\dllcache\imekr.lex
[09/02/2008 08:24 PM | 00,196,665 | ---- | C] () - C:\WINDOWS\System32\dllcache\imjpinst.exe
[09/02/2008 08:24 PM | 00,372,824 | ---- | C] (Xircom) - C:\WINDOWS\System32\dllcache\iconf32.dll
[09/02/2008 08:25 PM | 00,023,552 | ---- | C] (MKNet Corporation) - C:\WINDOWS\System32\dllcache\irmk7.sys
[09/02/2008 08:25 PM | 00,038,784 | ---- | C] (Perle Systems Ltd. ) - C:\WINDOWS\System32\dllcache\io8.sys
[09/02/2008 08:25 PM | 00,045,632 | ---- | C] (Interphase ® Corporation a Windows ® 2000 DDK Driver Provider) - C:\WINDOWS\System32\dllcache\ip5515.sys
[09/02/2008 08:25 PM | 00,090,200 | ---- | C] (Perle Systems Ltd. ) - C:\WINDOWS\System32\dllcache\io8ports.dll
[09/02/2008 08:26 PM | 00,015,744 | ---- | C] (Litronic Industries) - C:\WINDOWS\System32\dllcache\lit220p.sys
[09/02/2008 08:26 PM | 00,019,016 | ---- | C] (Kingston Technology Company ) - C:\WINDOWS\System32\dllcache\ktc111.sys
[09/02/2008 08:26 PM | 00,020,573 | ---- | C] (The Linksts Group ) - C:\WINDOWS\System32\dllcache\lne100.sys
[09/02/2008 08:26 PM | 00,020,864 | ---- | C] (Logitech Inc.) - C:\WINDOWS\System32\dllcache\lwadihid.sys
[09/02/2008 08:26 PM | 00,022,848 | ---- | C] (Logitech Inc.) - C:\WINDOWS\System32\dllcache\lwusbhid.sys
[09/02/2008 08:26 PM | 00,025,065 | ---- | C] (D-Link) - C:\WINDOWS\System32\dllcache\lmndis3.sys
[09/02/2008 08:26 PM | 00,026,442 | ---- | C] (SMSC) - C:\WINDOWS\System32\dllcache\lanepic5.sys
[09/02/2008 08:26 PM | 00,034,688 | ---- | C] (Toshiba Corp.) - C:\WINDOWS\System32\dllcache\lbrtfdc.sys
[09/02/2008 08:26 PM | 00,070,730 | ---- | C] (Linksys Group, Inc.) - C:\WINDOWS\System32\dllcache\lne100tx.sys
[09/02/2008 08:26 PM | 00,420,992 | ---- | C] (LT) - C:\WINDOWS\System32\dllcache\ltmdmntt.sys
[09/02/2008 08:26 PM | 00,576,746 | ---- | C] (LT) - C:\WINDOWS\System32\dllcache\ltmdmntl.sys
[09/02/2008 08:26 PM | 00,606,684 | ---- | C] (LT) - C:\WINDOWS\System32\dllcache\ltmdmnt.sys
[09/02/2008 08:26 PM | 00,727,786 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\ltck000c.sys
[09/02/2008 08:26 PM | 00,797,500 | ---- | C] (LT) - C:\WINDOWS\System32\dllcache\ltsmt.sys
[09/02/2008 08:26 PM | 00,802,683 | ---- | C] (Lucent Technologies) - C:\WINDOWS\System32\dllcache\ltsm.sys
[09/02/2008 08:26 PM | 01,158,818 | ---- | C] () - C:\WINDOWS\System32\dllcache\korwbrkr.lex
[09/02/2008 08:27 PM | 00,164,586 | ---- | C] (Madge Networks Ltd) - C:\WINDOWS\System32\dllcache\mdgndis5.sys
[09/02/2008 08:28 PM | 00,017,280 | ---- | C] (American Megatrends Inc.) - C:\WINDOWS\System32\dllcache\mraid35x.sys
[09/02/2008 08:28 PM | 00,056,832 | ---- | C] () - C:\WINDOWS\System32\dllcache\msdvbnp.ax
[09/02/2008 08:29 PM | 00,007,168 | ---- | C] (Moxa Technologies Co., Ltd) - C:\WINDOWS\System32\dllcache\mxport.dll
[09/02/2008 08:29 PM | 00,019,968 | ---- | C] (Macronix International Co., Ltd. ) - C:\WINDOWS\System32\dllcache\mxnic.sys
[09/02/2008 08:29 PM | 00,019,968 | ---- | C] (Moxa Technologies Co., Ltd) - C:\WINDOWS\System32\dllcache\mxicfg.dll
[09/02/2008 08:29 PM | 00,021,888 | ---- | C] (Moxa Technologies Co., Ltd.) - C:\WINDOWS\System32\dllcache\mxcard.sys
[09/02/2008 08:29 PM | 00,035,392 | ---- | C] (Number Nine Visual Technology Corp.) - C:\WINDOWS\System32\dllcache\n9i128.dll
[09/02/2008 08:29 PM | 00,052,255 | ---- | C] (Compaq Computer Corporation) - C:\WINDOWS\System32\dllcache\n1000nt5.sys
[09/02/2008 08:29 PM | 00,075,520 | ---- | C] (Moxa Technologies Co., Ltd.) - C:\WINDOWS\System32\dllcache\mxport.sys
[09/02/2008 08:29 PM | 00,103,296 | ---- | C] (Matrox Graphics Inc) - C:\WINDOWS\System32\dllcache\mtxvideo.sys
[09/02/2008 08:29 PM | 00,128,000 | ---- | C] (Compaq Computer Corporation) - C:\WINDOWS\System32\dllcache\n100325.sys
[09/02/2008 08:30 PM | 00,013,664 | ---- | C] (Number Nine Visual Technology Corp.) - C:\WINDOWS\System32\dllcache\n9i128.sys
[09/02/2008 08:30 PM | 00,027,936 | ---- | C] (Number Nine Visual Technology Corp.) - C:\WINDOWS\System32\dllcache\n9i3d.sys
[09/02/2008 08:30 PM | 00,032,840 | ---- | C] (NETGEAR Corporation.) - C:\WINDOWS\System32\dllcache\ngrpci.sys
[09/02/2008 08:30 PM | 00,033,088 | ---- | C] (Number Nine Visual Technology Corp.) - C:\WINDOWS\System32\dllcache\n9i128v2.sys
[09/02/2008 08:30 PM | 00,039,264 | ---- | C] (NeoMagic Corporation) - C:\WINDOWS\System32\dllcache\neo20xx.sys
[09/02/2008 08:30 PM | 00,059,104 | ---- | C] (Number Nine Visual Technology Corp.) - C:\WINDOWS\System32\dllcache\n9i128v2.dll
[09/02/2008 08:30 PM | 00,060,480 | ---- | C] (NeoMagic Corporation) - C:\WINDOWS\System32\dllcache\neo20xx.dll
[09/02/2008 08:30 PM | 00,065,278 | ---- | C] (Compaq Computer Corporation) - C:\WINDOWS\System32\dllcache\netflx3.sys
[09/02/2008 08:30 PM | 00,087,040 | ---- | C] (NeoMagic Corporation) - C:\WINDOWS\System32\dllcache\nm6wdm.sys
[09/02/2008 08:30 PM | 00,091,488 | ---- | C] (Number Nine Visual Technology Corp.) - C:\WINDOWS\System32\dllcache\n9i3disp.dll
[09/02/2008 08:30 PM | 00,126,080 | ---- | C] (NeoMagic Corporation) - C:\WINDOWS\System32\dllcache\nm5a2wdm.sys
[09/02/2008 08:30 PM | 00,132,695 | ---- | C] (802.11b) - C:\WINDOWS\System32\dllcache\netwlan5.sys
[09/02/2008 08:31 PM | 00,051,552 | ---- | C] (Kensington Technology Group) - C:\WINDOWS\System32\dllcache\ntgrip.sys
[09/02/2008 08:32 PM | 00,027,209 | ---- | C] (Ositech Communications, Inc.) - C:\WINDOWS\System32\dllcache\otc06x5.sys
[09/02/2008 08:32 PM | 00,043,689 | ---- | C] (Ositech Communications, Inc.) - C:\WINDOWS\System32\dllcache\otceth5.sys
[09/02/2008 08:32 PM | 00,054,186 | ---- | C] (Ositech Communications, Inc.) - C:\WINDOWS\System32\dllcache\otcsercb.sys
[09/02/2008 08:32 PM | 00,054,528 | ---- | C] (Yamaha Corp.) - C:\WINDOWS\System32\dllcache\opl3sax.sys
[09/02/2008 08:33 PM | 00,026,153 | ---- | C] (Linksys) - C:\WINDOWS\System32\dllcache\pcmlm56.sys
[09/02/2008 08:33 PM | 00,027,904 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) - C:\WINDOWS\System32\dllcache\perm2.sys
[09/02/2008 08:33 PM | 00,028,032 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) - C:\WINDOWS\System32\dllcache\perm3.sys
[09/02/2008 08:33 PM | 00,029,502 | ---- | C] (Marconi Communications, Inc.) - C:\WINDOWS\System32\dllcache\pca200e.sys
[09/02/2008 08:33 PM | 00,029,769 | ---- | C] (AMD Inc.) - C:\WINDOWS\System32\dllcache\pcntn5m.sys
[09/02/2008 08:33 PM | 00,030,282 | ---- | C] (AMD Inc.) - C:\WINDOWS\System32\dllcache\pcntn5hl.sys
[09/02/2008 08:33 PM | 00,030,495 | ---- | C] (Linksys) - C:\WINDOWS\System32\dllcache\pc100nds.sys
[09/02/2008 08:33 PM | 00,035,328 | ---- | C] (AMD Inc.) - C:\WINDOWS\System32\dllcache\pcntpci5.sys
[09/02/2008 08:33 PM | 00,086,016 | ---- | C] (PCtel, Inc.) - C:\WINDOWS\System32\dllcache\pctspk.exe
[09/02/2008 08:33 PM | 00,169,984 | ---- | C] (Cisco Systems) - C:\WINDOWS\System32\dllcache\pcx500.sys
[09/02/2008 08:33 PM | 00,175,104 | ---- | C] () - C:\WINDOWS\System32\dllcache\pintlcsa.dll
[09/02/2008 08:33 PM | 00,211,584 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) - C:\WINDOWS\System32\dllcache\perm2dll.dll
[09/02/2008 08:33 PM | 00,259,328 | ---- | C] (Microsoft Corp., 3Dlabs Inc. Ltd.) - C:\WINDOWS\System32\dllcache\perm3dd.dll
[09/02/2008 08:34 PM | 00,016,128 | ---- | C] (SCM Microsystems, Inc.) - C:\WINDOWS\System32\dllcache\pscr.sys
[09/02/2008 08:34 PM | 00,033,280 | ---- | C] () - C:\WINDOWS\System32\dllcache\psisrndr.ax
[09/02/2008 08:34 PM | 00,112,574 | ---- | C] (PCTEL, INC.) - C:\WINDOWS\System32\dllcache\ptserlp.sys
[09/02/2008 08:34 PM | 00,128,286 | ---- | C] (PCTEL, INC.) - C:\WINDOWS\System32\dllcache\ptserli.sys
[09/02/2008 08:34 PM | 00,130,942 | ---- | C] (PCTEL, INC.) - C:\WINDOWS\System32\dllcache\ptserlv.sys
[09/02/2008 08:34 PM | 00,363,520 | ---- | C] () - C:\WINDOWS\System32\dllcache\psisdecd.dll
[09/02/2008 08:35 PM | 00,009,216 | ---- | C] (Brother Industries, Ltd.) - C:\WINDOWS\System32\dllcache\rsmgrstr.dll
[09/02/2008 08:35 PM | 00,019,017 | ---- | C] (Realtek Semiconductor Corporation) - C:\WINDOWS\System32\dllcache\rtl8029.sys
[09/02/2008 08:35 PM | 00,020,992 | ---- | C] (Realtek Semiconductor Corporation) - C:\WINDOWS\System32\dllcache\rtl8139.sys
[09/02/2008 08:35 PM | 00,027,648 | ---- | C] (Ricoh Co., Ltd.) - C:\WINDOWS\System32\dllcache\rw430ext.dll
[09/02/2008 08:35 PM | 00,029,696 | ---- | C] (Ricoh Co., Ltd.) - C:\WINDOWS\System32\dllcache\rw450ext.dll
[09/02/2008 08:35 PM | 00,037,563 | ---- | C] (RadioLAN) - C:\WINDOWS\System32\dllcache\rlnet5.sys
[09/02/2008 08:35 PM | 00,079,104 | ---- | C] (Comtrol Corporation) - C:\WINDOWS\System32\dllcache\rocket.sys
[09/02/2008 08:35 PM | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) - C:\WINDOWS\System32\dllcache\rwia001.dll
[09/02/2008 08:35 PM | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) - C:\WINDOWS\System32\dllcache\rwia330.dll
[09/02/2008 08:35 PM | 00,079,872 | ---- | C] (Ricoh Co., Ltd.) - C:\WINDOWS\System32\dllcache\rwia430.dll
[09/02/2008 08:35 PM | 00,082,432 | ---- | C] (Ricoh Co., Ltd.) - C:\WINDOWS\System32\dllcache\rwia450.dll
[09/02/2008 08:35 PM | 00,086,097 | ---- | C] (Xircom) - C:\WINDOWS\System32\dllcache\reslog32.dll
[09/02/2008 08:35 PM | 00,714,762 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\r2mdmkxx.sys
[09/02/2008 08:35 PM | 00,899,146 | ---- | C] (Xircom, Inc.) - C:\WINDOWS\System32\dllcache\r2mdkxga.sys
[09/02/2008 08:36 PM | 00,017,280 | ---- | C] (SCM Microsystems) - C:\WINDOWS\System32\dllcache\scr111.sys
[09/02/2008 08:36 PM | 00,023,936 | ---- | C] (OMNIKEY AG) - C:\WINDOWS\System32\dllcache\sccmn50m.sys
[09/02/2008 08:36 PM | 00,023,936 | ---- | C] (OMNIKEY AG) - C:\WINDOWS\System32\dllcache\sccmusbm.sys
[09/02/2008 08:36 PM | 00,041,216 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3mt3d.sys
[09/02/2008 08:36 PM | 00,061,504 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3sav3dm.sys
[09/02/2008 08:36 PM | 00,062,496 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3mtrio.dll
[09/02/2008 08:36 PM | 00,077,824 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3sav4m.sys
[09/02/2008 08:36 PM | 00,166,720 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3m.sys
[09/02/2008 08:36 PM | 00,179,264 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3sav3d.dll
[09/02/2008 08:36 PM | 00,182,272 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3mt3d.dll
[09/02/2008 08:36 PM | 00,198,400 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3sav4.dll
[09/02/2008 08:36 PM | 00,210,496 | ---- | C] (S3 Incorporated) - C:\WINDOWS\System32\dllcache\s3mvirge.dll
[09/02/2008 08:37 PM | 00,018,400 | ---- | C] (Micro Systemation) - C:\WINDOWS\System32\dllcache\sgsmld.sys
[09/02/2008 08:37 PM | 00,098,080 | ---- | C] (Trident Microsystems Inc.) - C:\WINDOWS\System32\
  • 0

#34
Essexboy
Posted 05 September 2008 - 12:18 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Your RAM should be sufficient and I can see no sign of malware in that partial report. Could you post the Extras.txt so that I can see the warnings
  • 0

#35
floss001
Posted 05 September 2008 - 03:08 PM

floss001

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
OTViewIt Extras logfile created on: 09/04/2008 22:23:46 - Run 1
OTViewIt by OldTimer - Version 1.0.1.8 Folder = C:\Documents and Settings\Nij Vyas\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: MM/dd/yyyy

1023.22 Mb Total Physical Memory | 648.64 Mb Available Physical Memory | 63.39% Memory free
2.40 Gb Paging File | 2.15 Gb Available in Paging File | 89.45% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 56.78 Gb Free Space | 76.19% Space Free | Partition Type: NTFS
Drive D: | 298.09 Gb Total Space | 230.00 Gb Free Space | 77.16% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[04/13/2008 07:53 PM | 00,558,080 | ---- | M] (Microsoft Corporation)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[04/14/2008 01:12 AM | 00,141,312 | ---- | M] (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour
[02/28/2006 01:42 PM | 00,229,376 | ---- | M] (Apple Computer, Inc.)

"C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA
[05/13/2008 09:00 PM | 00,289,088 | ---- | M] (BitTorrent, Inc.)

"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
[04/29/2008 06:51 PM | 00,587,568 | ---- | M] ()

"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
[04/14/2008 01:12 AM | 01,695,232 | ---- | M] (Microsoft Corporation)

"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[04/13/2008 07:53 PM | 00,558,080 | ---- | M] (Microsoft Corporation)

"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[04/14/2008 01:12 AM | 00,141,312 | ---- | M] (Microsoft Corporation)

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] - "%1" %*
.cmd [@ = cmdfile] - "%1" %*
.com [@ = comfile] - "%1" %*
.exe [@ = exefile] - "%1" %*
.pif [@ = piffile] - "%1" %*
.scr [@ = scrfile] - "%1" %*

========== Winsock2 Catalogs ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\]
NameSpace_Catalog5\Catalog_Entries\000000000004 [mdnsNSP] - [02/28/2006 01:42 PM | 00,094,208 | ---- | M] (Apple Computer, Inc.) C:\Program Files\Bonjour\mdnsNSP.dll

========== HKEY_LOCAL_MACHINE Protocol Defaults ==========


========== HKEY_CURRENT_USER Protocol Defaults ==========


========== HKEY_USERS Protocol Defaults ==========


========== HKEY_USERS Protocol Defaults ==========


========== HKEY_USERS Protocol Defaults ==========


========== HKEY_USERS Protocol Defaults ==========


========== HKEY_USERS Protocol Defaults ==========


========== Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]
msdaipp: [HKLM - No CLSID value]

========== Protocol Filters ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{01B6480D-3937-4E82-AB2C-8E4C591BEFE5}" = Broadband Help
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}" = MSXML 6.0 Parser (KB933579)
"{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}" = Security Update for CAPICOM (KB931906)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300" = Canon iP4300
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.4.2
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 3.209.00
"{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework
"{3248F0A8-6813-11D6-A77B-00B0D0150160}" = J2SE Runtime Environment 5.0 Update 16
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{34EEB1F5-E939-40A1-A6BA-957282A4B2C8}" = Norton AntiVirus Help
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3DB5FD00-BB93-4AF3-B925-77DAA0E4E2F4}" = eBay Toolbar
"{419CF344-3D94-4DAD-99C8-EA7B00E5EA8B}" = Acronis True Image Home
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4D400407-6332-4101-8C78-506C85813506}" = Sony Ericsson OCS
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5490882C-6961-11D5-BAE5-00E0188E010B}" = FUJIFILM USB Driver
"{62120008-8E1E-4807-860D-A8B48F8552DB}" = Norton Protection Center
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{6846389C-BAC0-4374-808E-B120F86AF5D7}" = Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
"{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6C117F31-28A8-4477-BE91-64AC0A2204AD}" = Microsoft IntelliPoint 6.01
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{71CB22AE-8D40-41DD-925F-A5C186540FEB}" = SymNet
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}" = Norton AntiVirus
"{7AA828F3-BD67-495E-9742-BD9C3F196E78}" = PC Suite
"{7B426478-8C15-4003-9CFA-CF0EFF590A52}" = Spam Inspector
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8704D51E-25B7-4F23-81E7-AA4F54790220}" = Microsoft AutoRoute v11.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{900A92BA-19EF-4A34-86CF-7B6C85BDD971}" = VC_MergeModuleToMSI
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{934E9442-D305-4ACF-AD87-A6C11D677CB9}" = ImageMixer VCD2 for FinePix
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A0E2CD91-BC77-411F-BD5D-5ABCA8C7C5B8}" = Sony Ericsson Mobile Phone Monitor
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4FEA924-630D-11D4-B78E-005004566E4D}" = ViewSonic Monitor Drivers
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C04E32E0-0416-434D-AFB9-6969D703A9EF}" = MSXML 4.0 SP2 (KB936181)
"{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}" = TuneUp Utilities 2007
"{CA9AC6A3-4A75-4879-9775-F7138B653A73}" = Windows Media Player Add-in for Microsoft FrontPage
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D680C913-5955-469D-9D88-C1940F7506D6}" = RAW FILE CONVERTER LE
"{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component
"{D75915D3-6CFF-445F-A346-18ED6EF2F618}" = Microsoft IntelliType Pro 6.01
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E03EE3F8-F081-4EF5-BE18-CC849459B070}" = Sony Ericsson Capability Manager
"{E188D820-1218-4E28-8BCA-91134C3664C2}" = Ulead VideoStudio 10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe ActiveShare" = Adobe ActiveShare 1.2
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Argentum Backup_is1" = Argentum Backup
"Audacity_is1" = Audacity 1.2.6
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"Easy-WebPrint" = Easy-WebPrint
"Handy Recovery 3.0" = Handy Recovery 3.0
"HijackThis" = HijackThis 2.0.2
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{69640730-B830-4C24-BB5C-222DA1260548}" = Turbo Lister 2
"JDSecure" = JD Secure 3.1
"Kazoo Player" = Kazoo Player
"KB888111WXPSP2" = High Definition Audio Driver Package - KB888111
"KB891122" = Windows Media Format SDK Hotfix - KB891122
"KB909520" = Microsoft Base Smart Card Cryptographic Service Provider Package
"KB929399" = Hotfix for Windows Media Format 11 SDK (KB929399)
"KB931906" = Security Update for CAPICOM (KB931906)
"KB932471.T301_380ToU433_380" = Hotfix for Microsoft .NET Framework 3.0 (KB932471)
"KB936782_WMP11" = Security Update for Windows Media Player 11 (KB936782)
"KB939683" = Hotfix for Windows Media Player 11 (KB939683)
"KB941569" = Security Update for Windows XP (KB941569)
"KB946648" = Security Update for Windows XP (KB946648)
"KB950759" = Security Update for Windows XP (KB950759)
"KB950760" = Security Update for Windows XP (KB950760)
"KB950762" = Security Update for Windows XP (KB950762)
"KB950974" = Security Update for Windows XP (KB950974)
"KB951066" = Security Update for Windows XP (KB951066)
"KB951072-v2" = Update for Windows XP (KB951072-v2)
"KB951376" = Security Update for Windows XP (KB951376)
"KB951376-v2" = Security Update for Windows XP (KB951376-v2)
"KB951698" = Security Update for Windows XP (KB951698)
"KB951748" = Security Update for Windows XP (KB951748)
"KB951978" = Update for Windows XP (KB951978)
"KB952287" = Hotfix for Windows XP (KB952287)
"KB952954" = Security Update for Windows XP (KB952954)
"KB953838" = Security Update for Windows XP (KB953838)
"KB953839" = Security Update for Windows XP (KB953839)
"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15
"M928366" = Microsoft .NET Framework 1.1 Hotfix (KB928366)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MVApplication1" = SureThing CD Labeler Deluxe 4
"Nero - Burning Rom!UninstallKey" = Ahead Nero - Burning Rom
"NVIDIA Drivers" = NVIDIA Drivers
"Password_Manager_1.10" = Password Manager 1.30
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"RealPlayer 6.0" = RealPlayer
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.5.2.20
"SpywareBlaster_is1" = SpywareBlaster 4.1
"SymSetup.{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}" = Norton AntiVirus (Symantec Corporation)
"Terrapin FTP" = Terrapin FTP
"TomTom HOME" = TomTom HOME
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA

========== HKEY_USERS Uninstall List ==========


========== HKEY_USERS Uninstall List ==========


========== HKEY_USERS Uninstall List ==========


========== HKEY_USERS Uninstall List ==========


========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2025429265-884357618-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA

========== Last 10 Event Log Errors ==========


[ Application Events ]
Error - 09/03/2008 07:28:42 - Computer Name = NIJ-1AB4062F538 - User Name = User SID not found - Source = Application Hang
Description = Hanging application iexplore.exe, version 6.0.2900.5512, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 09/03/2008 10:23:05 - Computer Name = NIJ-1AB4062F538 - User Name = User SID not found - Source = Application Hang
Description = Hanging application OUTLOOK.EXE, version 11.0.8217.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 09/03/2008 10:24:40 - Computer Name = NIJ-1AB4062F538 - User Name = User SID not found - Source = Microsoft Office 11
Description = Accepted Safe Mode action : Microsoft Office Outlook.

Error - 09/04/2008 07:24:39 - Computer Name = NIJ-1AB4062F538 - User Name = User SID not found - Source = Application Hang
Description = Hanging application nero.exe, version 5.5.10.56, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 09/04/2008 07:25:05 - Computer Name = NIJ-1AB4062F538 - User Name = User SID not found - Source = Application Hang
Description = Hanging application nero.exe, version 5.5.10.56, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 09/04/2008 07:36:53 - Computer Name = NIJ-1AB4062F538 - User Name = User SID not found - Source = Application Hang
Description = Hanging application OUTLOOK.EXE, version 11.0.8217.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 09/04/2008 07:40:11 - Computer Name = NIJ-1AB4062F538 - User Name = User SID not found - Source = Application Error
Description = Faulting application eu_.exe, version 0.0.0.0, faulting module , version
0.0.0.0, fault address 0x00000000.

Error - 09/04/2008 07:40:11 - Computer Name = NIJ-1AB4062F538 - User Name = User SID not found - Source = Application Error
Description = Faulting application fu_.exe, version 0.0.0.0, faulting module , version
0.0.0.0, fault address 0x00000000.

Error - 09/04/2008 07:40:32 - Computer Name = NIJ-1AB4062F538 - User Name = User SID not found - Source = Application Error
Description = Faulting application au_.exe, version 0.0.0.0, faulting module , version
0.0.0.0, fault address 0x00000000.

Error - 09/04/2008 07:40:52 - Computer Name = NIJ-1AB4062F538 - User Name = User SID not found - Source = Application Error
Description = Faulting application du_.exe, version 0.0.0.0, faulting module , version
0.0.0.0, fault address 0x00000000.


[ Security Events ]

[ System Events ]
Error - 08/07/2008 22:26:29 - Computer Name = NIJ-1AB4062F538 - User Name = NT AUTHORITY\NETWORK SERVICE - Source = DCOM
Description = The server {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} did not register
with DCOM within the required timeout.

Error - 08/24/2008 09:44:19 - Computer Name = NIJ-1AB4062F538 - User Name = User SID not found - Source = Service Control Manager
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the NVSvc service.

Error - 08/26/2008 14:14:00 - Computer Name = NIJ-1AB4062F538 - User Name = User SID not found - Source = Service Control Manager
Description = The following boot-start or system-start driver(s) failed to load:
eeCtrl Fips i8042prt intelppm SPBBCDrv SRTSPX SYMTDI

Error - 09/01/2008 17:37:06 - Computer Name = NIJ-1AB4062F538 - User Name = User SID not found - Source = Service Control Manager
Description = Timeout (30000 milliseconds) waiting for the Application Layer Gateway
Service service to connect.

Error - 09/01/2008 17:37:13 - Computer Name = NIJ-1AB4062F538 - User Name = User SID not found - Source = Service Control Manager
Description = The Application Layer Gateway Service service failed to start due
to the following error: %%1053

Error - 09/02/2008 11:10:47 - Computer Name = NIJ-1AB4062F538 - User Name = User SID not found - Source = Application Popup
Description = There was error [DATABASE OPEN FAILED] processing the driver database.

Error - 09/02/2008 15:50:14 - Computer Name = NIJ-1AB4062F538 - User Name = User SID not found - Source = atapi
Description = The driver has detected a device with old or out-of-date firmware.
The device will not be used.

Error - 09/02/2008 21:20:26 - Computer Name = NIJ-1AB4062F538 - User Name = NIJ-1AB4062F538\Nij Vyas - Source = DCOM
Description = The server {00020906-0000-0000-C000-000000000046} did not register
with DCOM within the required timeout.

Error - 09/02/2008 21:32:33 - Computer Name = NIJ-1AB4062F538 - User Name = User SID not found - Source = Service Control Manager
Description = The SYMTDI service failed to start due to the following error: %%31

Error - 09/03/2008 14:59:43 - Computer Name = NIJ-1AB4062F538 - User Name = User SID not found - Source = Service Control Manager
Description = The UStorage Server Service service hung on starting.


< End of report >
  • 0

#36
Essexboy
Posted 05 September 2008 - 04:02 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Please download and run Prevx CSI once it has run take note of any files that it will not clean and post them here
  • 0

#37
floss001
Posted 05 September 2008 - 04:09 PM

floss001

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Hi

ran scan and it was clean.
  • 0

#38
Essexboy
Posted 05 September 2008 - 04:20 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Intriguing as these are normally associated with Hotbar

Error - 09/04/2008 07:40:11 - Computer Name = NIJ-1AB4062F538 - User Name = User SID not found - Source = Application Error
Description = Faulting application eu_.exe, version 0.0.0.0, faulting module , version
0.0.0.0, fault address 0x00000000.

Error - 09/04/2008 07:40:11 - Computer Name = NIJ-1AB4062F538 - User Name = User SID not found - Source = Application Error
Description = Faulting application fu_.exe, version 0.0.0.0, faulting module , version
0.0.0.0, fault address 0x00000000.

Error - 09/04/2008 07:40:32 - Computer Name = NIJ-1AB4062F538 - User Name = User SID not found - Source = Application Error
Description = Faulting application au_.exe, version 0.0.0.0, faulting module , version
0.0.0.0, fault address 0x00000000.

Error - 09/04/2008 07:40:52 - Computer Name = NIJ-1AB4062F538 - User Name = User SID not found - Source = Application Error
Description = Faulting application du_.exe, version 0.0.0.0, faulting module , version
0.0.0.0, fault address 0x00000000.

Which Prevx would definitely have found and I would certainly seen an indication of :)

As it stands at the moment I can see no malware. But to be totally sure

Please Download Avast Rootkit Cleaner to your desktop

Close all running programmes

Run the ASWAR file and select Scan Now


On completion of the scan you will then have this screen up


Now close the programme and on the desktop will be a text file called ASWAR please post that. Do not fix anything yet

The programme will take from 3 to 5 minutes to run.
  • 0

#39
floss001
Posted 06 September 2008 - 02:44 AM

floss001

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Hi -don't know whether it is important but when the personal settings load the windows music appears crackly and slow


avast! Antirootkit, version 0.9.6
Scan started: 06 September 2008 09:25:51


Scan finished: 06 September 2008 09:26:07
Hidden files found: 0
Hidden registry items found: 0
Hidden processes found: 0
Hidden services found: 0
Hidden boot sectors found: 0


----------


avast! Antirootkit, version 0.9.6
Scan started: 06 September 2008 09:27:47


Scan finished: 06 September 2008 09:40:43
Hidden files found: 0
Hidden registry items found: 0
Hidden processes found: 0
Hidden services found: 0
Hidden boot sectors found: 0


----------
  • 0

#40
Essexboy
Posted 06 September 2008 - 04:45 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
All I can conclude from this is that there is no apparent malware present on your system. So your problems are probably hardware/software related. My knowledge in these areas is limited, so I would recommend you post in the XP section for assistance stating you are malware free and referencing this thread
  • 0

Advertisements

#41
floss001
Posted 06 September 2008 - 07:51 AM

floss001

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Hi

I did post in the xp section and it was referenced back to you.
  • 0

#42
Essexboy
Posted 06 September 2008 - 08:01 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I think that was because you attached a hijackthis log to it. Logs like that are not allowed outside the malware forum. Sorry I can not be of more help

EDIT I see you have posted I will now close this thread
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP